crypto.c

   1 // TODO key loading, generating, saving
   2 #include "quakedef.h"
   3 #include "crypto.h"
   4
   5 #include <openssl/bn.h>
   6 #include <openssl/aes.h>
   7 #include <openssl/rsa.h>
   8 #include <openssl/dh.h>
   9 #include <openssl/pem.h>
  10
  11 typedef struct
  12 {
  13         DH *dh;
  14         AES_KEY *aes;
  15         RSA *my_private;
  16         RSA *other_public;
  17 }
  18 crypto_data_t;
  19
  20 static void crypto_rsaaes_clear(crypto_t *crypto)
  21 {
  22         crypto_data_t *cd = crypto->data;
  23         if(crypto->active)
  24         {
  25                 if(cd->dh)
  26                         DH_Free(cd->dh);
  27                 if(cd->aes)
  28                         AES_Free(cd->aes);
  29                 if(cd->my_private)
  30                         RSA_Free(cd->my_private);
  31                 if(cd->other_public)
  32                         RSA_Free(cd->other_public);
  33         }
  34         memset(crypto, 0, sizeof(*crypto));
  35 }
  36
  37 // SERVER SIDE:
  38 void crypto_rsaaes_initwithclientkey(crypto_t *crypto, const char *data)
  39 {
  40         crypto_rsaaes_clear(crypto);
  41         // initialize my own key
  42         crypto->my_private = ...; // TODO
  43         // read other_public
  44         crypto->other_public = RSA_new();
  45         BN_hex2bn(&crypto->other_public->n, data);
  46         BN_hex2bn(&crypto->other_public->e, "10001"); // 65537 (RSA standard pubkey)
  47         // initialize DH
  48         crypto->dh = DH_generate_parameters(512, 2, NULL, NULL); // TODO cache this
  49         DH_generate_key(crypto->dh);
  50 }
  51
  52 size_t crypto_rsaaes_buildserverkey(crypto_t *crypto, void *data, size_t len)
  53 {
  54
  55         // generate reply with my_private's pubkey, DH parameters, and the my DH public key encrypted to other_public
  56         return 0;
  57 }
  58
  59 // CLIENT SIDE:
  60 void crypto_rsaaes_handleserverkey(crypto_t *crypto, const void *data, size_t len)
  61 {
  62         // read other_public
  63         // read and decrypt DH data
  64 }
  65
  66 size_t crypto_rsaaes_buildclientkey(crypto_t *crypto, void *data, size_t len)
  67 {
  68         // generate DH public and private data
  69         // encrypt DH public data and generate reply with it
  70         // finish DH data
  71         return 0;
  72 }
  73
  74 // SERVER SIDE:
  75 void crypto_rsaaes_handleclientkey(crypto_t *crypto, const void *data, size_t len)
  76 {
  77         // read and decrypt DH data
  78         // finish DH data
  79 }
  80
  81 // BOTH:
  82 const void *crypto_encryptpacket(crypto_t *crypto, const void *data_src, size_t len_src, void *data_dst, size_t *len_dst, size_t len)
  83 {
  84         // if crypto active, encrypt with AES
  85         // else, send as is
  86         *len_dst = len_src;
  87         return data_src;
  88 }
  89
  90 const void *crypto_decryptpacket(crypto_t *crypto, const void *data_src, size_t len_src, void *data_dst, size_t *len_dst, size_t len)
  91 {
  92         // if crypto active, decrypt with AES
  93         // else, send as is
  94         *len_dst = len_src;
  95         return data_src;
  96 }
  97
  98 const char *crypto_rsaaes_pubkey = "";
  99
 100 // TODO key loading, generating, saving