src: Made CryptState an abstract class, in order to support multiple crypto types in the future. Moved all crypto-related files into src/crypto.

9 files changed, 46 insertions, 36 deletions

diff --git a/src/tests/Benchmark.cpp b/src/tests/Benchmark.cpp
index 7a5413db8..95495a5af 100644
--- a/src/tests/Benchmark.cpp
+++ b/src/tests/Benchmark.cpp
@@ -24,7 +24,7 @@
 #include "PacketDataStream.h"
 #include "Timer.h"
 #include "Message.h"
-#include "CryptState.h"
+#include "crypto/CryptState.h"
 #include "Mumble.pb.h"
 
 class Client : public QThread {
@@ -34,7 +34,7 @@ class Client : public QThread {
 		bool sender;
 		struct sockaddr_in srv;
 		unsigned int uiSession;
-		CryptState crypt;
+		CryptStateOCB2 crypt;
 		int rcvd;
 		int socket;
 		int seq;
@@ -220,16 +220,16 @@ void Client::readyRead() {
 							const std::string &client_nonce = msg.client_nonce();
 							const std::string &server_nonce = msg.server_nonce();
 							if (key.size() == AES_BLOCK_SIZE && client_nonce.size() == AES_BLOCK_SIZE && server_nonce.size() == AES_BLOCK_SIZE)
-								crypt.setKey(reinterpret_cast<const unsigned char *>(key.data()), reinterpret_cast<const unsigned char *>(client_nonce.data()), reinterpret_cast<const unsigned char *>(server_nonce.data()));
+								crypt.setKey(key, client_nonce, server_nonce);
 						} else if (msg.has_server_nonce()) {
 							const std::string &server_nonce = msg.server_nonce();
 							if (server_nonce.size() == AES_BLOCK_SIZE) {
 								crypt.uiResync++;
-								memcpy(crypt.decrypt_iv, server_nonce.data(), AES_BLOCK_SIZE);
+								crypt.setDecryptIV(server_nonce);
 							}
 						} else {
 							MumbleProto::CryptSetup mpcs;
-							mpcs.set_client_nonce(std::string(reinterpret_cast<const char *>(crypt.encrypt_iv), AES_BLOCK_SIZE));
+							mpcs.set_client_nonce(crypt.getEncryptIV());
 							sendMessage(mpcs, MessageHandler::CryptSetup);
 						}
 						break;
diff --git a/src/tests/Benchmark.pro b/src/tests/Benchmark.pro
index 5d1cf4fed..30a3376ee 100644
--- a/src/tests/Benchmark.pro
+++ b/src/tests/Benchmark.pro
@@ -6,8 +6,8 @@ CONFIG -= app_bundle
 QT *= network xml
 LANGUAGE = C++
 TARGET = Benchmark
-SOURCES *= Benchmark.cpp Timer.cpp CryptState.cpp
-HEADERS *= Timer.h CryptState.h
+SOURCES *= Benchmark.cpp Timer.cpp crypto/CryptStateOCB2.cpp
+HEADERS *= Timer.h crypto/CryptState.h crypto/CryptStateOCB2.h
 VPATH *= ..
 INCLUDEPATH *= .. ../murmur ../mumble
 !win32 {
diff --git a/src/tests/TestCrypt/TestCrypt.cpp b/src/tests/TestCrypt/TestCrypt.cpp
index 1b621967f..1021f8aec 100644
--- a/src/tests/TestCrypt/TestCrypt.cpp
+++ b/src/tests/TestCrypt/TestCrypt.cpp
@@ -6,9 +6,10 @@
 #include <QtCore>
 #include <QtTest>
 
+#include <string>
 #include "SSL.h"
 #include "Timer.h"
-#include "CryptState.h"
+#include "crypto/CryptStateOCB2.h"
 #include "Utils.h"
 
 class TestCrypt : public QObject {
@@ -33,13 +34,14 @@ void TestCrypt::cleanupTestCase() {
 }
 
 void TestCrypt::reverserecovery() {
-	CryptState enc, dec;
+	CryptStateOCB2 enc, dec;
 	enc.genKey();
 
 	// For our testcase, we're going to FORCE iv
-	memset(enc.encrypt_iv, 0x55, AES_BLOCK_SIZE);
-
-	dec.setKey(enc.raw_key, enc.decrypt_iv, enc.encrypt_iv);
+	char encrypt_iv[AES_BLOCK_SIZE];
+	memset(encrypt_iv, 0x55, AES_BLOCK_SIZE);
+	enc.setEncryptIV(std::string(reinterpret_cast<const char*>(encrypt_iv), AES_BLOCK_SIZE));
+	dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV());
 
 	unsigned char secret[10] = "abcdefghi";
 	unsigned char crypted[512][14];
@@ -89,13 +91,14 @@ void TestCrypt::reverserecovery() {
 }
 
 void TestCrypt::ivrecovery() {
-	CryptState enc, dec;
+	CryptStateOCB2 enc, dec;
 	enc.genKey();
 
 	// For our testcase, we're going to FORCE iv
-	memset(enc.encrypt_iv, 0x55, AES_BLOCK_SIZE);
-
-	dec.setKey(enc.raw_key, enc.decrypt_iv, enc.encrypt_iv);
+	char encrypt_iv[AES_BLOCK_SIZE];
+	memset(encrypt_iv, 0x55, AES_BLOCK_SIZE);
+	enc.setEncryptIV(std::string(reinterpret_cast<const char*>(encrypt_iv), AES_BLOCK_SIZE));
+	dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV());
 
 	unsigned char secret[10] = "abcdefghi";
 	unsigned char crypted[14];
@@ -126,7 +129,7 @@ void TestCrypt::ivrecovery() {
 		QCOMPARE(dec.uiLost, 14U);
 	}
 
-	QVERIFY(memcmp(enc.encrypt_iv, dec.decrypt_iv, AES_BLOCK_SIZE)==0);
+	QVERIFY(enc.getEncryptIV() == dec.getDecryptIV());
 
 	// Wrap too far
 	for (int i=0;i<257;i++)
@@ -135,7 +138,7 @@ void TestCrypt::ivrecovery() {
 	QVERIFY(! dec.decrypt(crypted, decr, 14));
 
 	// Sync it
-	dec.setDecryptIV(enc.encrypt_iv);
+	dec.setDecryptIV(enc.getEncryptIV());
 	enc.encrypt(secret, crypted, 10);
 
 	QVERIFY(dec.decrypt(crypted, decr, 14));
@@ -145,8 +148,9 @@ void TestCrypt::testvectors() {
 	// Test vectors are from draft-krovetz-ocb-00.txt
 	const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
 
-	CryptState cs;
-	cs.setKey(rawkey, rawkey, rawkey);
+	CryptStateOCB2 cs;
+	std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE);
+	cs.setKey(rawkey_str, rawkey_str, rawkey_str);
 
 	unsigned char tag[16];
 	QVERIFY(cs.ocb_encrypt(NULL, NULL, 0, rawkey, tag));
@@ -176,8 +180,10 @@ void TestCrypt::authcrypt() {
 	for (int len=0;len<128;len++) {
 		const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
 		const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00};
-		CryptState cs;
-		cs.setKey(rawkey, nonce, nonce);
+		std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE);
+		std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE);
+		CryptStateOCB2 cs;
+		cs.setKey(rawkey_str, nonce_str, nonce_str);
 
 		STACKVAR(unsigned char, src, len);
 		for (int i=0;i<len;i++)
@@ -203,8 +209,10 @@ void TestCrypt::authcrypt() {
 void TestCrypt::xexstarAttack() {
 	const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
 	const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00};
-	CryptState cs;
-	cs.setKey(rawkey, nonce, nonce);
+	std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE);
+	std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE);
+	CryptStateOCB2 cs;
+	cs.setKey(rawkey_str, nonce_str, nonce_str);
 
 	STACKVAR(unsigned char, src, 2 * AES_BLOCK_SIZE);
 	// Set first block to `len(secondBlock)`
@@ -240,8 +248,10 @@ void TestCrypt::xexstarAttack() {
 void TestCrypt::tamper() {
 	const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};
 	const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00};
-	CryptState cs;
-	cs.setKey(rawkey, nonce, nonce);
+	std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE);
+	std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE);
+	CryptStateOCB2 cs;
+	cs.setKey(rawkey_str, nonce_str, nonce_str);
 
 	const unsigned char msg[] = "It was a funky funky town!";
 	int len = sizeof(msg);
diff --git a/src/tests/TestCrypt/TestCrypt.pro b/src/tests/TestCrypt/TestCrypt.pro
index 83ea84f6e..6535e4b19 100644
--- a/src/tests/TestCrypt/TestCrypt.pro
+++ b/src/tests/TestCrypt/TestCrypt.pro
@@ -8,7 +8,7 @@ include(../test.pri)
 QT *= network
 
 TARGET = TestCrypt
-HEADERS *= SSL.h SSLLocks.h Timer.h CryptState.h
-SOURCES *= SSL.cpp SSLLocks.cpp TestCrypt.cpp CryptState.cpp Timer.cpp
+HEADERS *= SSL.h SSLLocks.h Timer.h crypto/CryptState.h crypto/CryptStateOCB2.h
+SOURCES *= SSL.cpp SSLLocks.cpp TestCrypt.cpp crypto/CryptStateOCB2.cpp Timer.cpp
 
 win32:LIBS *= -lws2_32
diff --git a/src/tests/TestCryptographicHash/TestCryptographicHash.cpp b/src/tests/TestCryptographicHash/TestCryptographicHash.cpp
index 653a9b72a..90be99485 100644
--- a/src/tests/TestCryptographicHash/TestCryptographicHash.cpp
+++ b/src/tests/TestCryptographicHash/TestCryptographicHash.cpp
@@ -9,7 +9,7 @@
 
 #include "SSL.h"
 
-#include "CryptographicHash.h"
+#include "crypto/CryptographicHash.h"
 
 class TestCryptographicHash : public QObject {
 		Q_OBJECT
diff --git a/src/tests/TestCryptographicHash/TestCryptographicHash.pro b/src/tests/TestCryptographicHash/TestCryptographicHash.pro
index bda9506dc..dc5b256c8 100644
--- a/src/tests/TestCryptographicHash/TestCryptographicHash.pro
+++ b/src/tests/TestCryptographicHash/TestCryptographicHash.pro
@@ -8,5 +8,5 @@ include(../test.pri)
 QT += network
 
 TARGET = TestCryptographicHash
-SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicHash.cpp CryptographicHash.cpp
-HEADERS *= SSL.h SSLLocks.h CryptographicHash.h
+SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicHash.cpp crypto/CryptographicHash.cpp
+HEADERS *= SSL.h SSLLocks.h crypto/CryptographicHash.h
diff --git a/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp b/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp
index be9d04fa5..ee1a2edd7 100644
--- a/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp
+++ b/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp
@@ -8,7 +8,7 @@
 
 #include "SSL.h"
 
-#include "CryptographicRandom.h"
+#include "crypto/CryptographicRandom.h"
 
 #include <stdint.h>
 #include <stdlib.h>
diff --git a/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro b/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro
index 5d04255f0..c6625f3f9 100644
--- a/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro
+++ b/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro
@@ -8,8 +8,8 @@ include(../test.pri)
 QT += network
 
 TARGET = TestCryptographicRandom
-SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicRandom.cpp CryptographicRandom.cpp arc4random_uniform.cpp
-HEADERS *= SSL.h SSLLocks.h CryptographicHash.h
+SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicRandom.cpp crypto/CryptographicRandom.cpp arc4random_uniform.cpp
+HEADERS *= SSL.h SSLLocks.h crypto/CryptographicHash.h
 
 VPATH *= ../../../3rdparty/arc4random-src
 INCLUDEPATH *= ../../../3rdparty/arc4random-src
diff --git a/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro b/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro
index 3bb6df3cd..77a30e92c 100644
--- a/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro
+++ b/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro
@@ -8,8 +8,8 @@ include(../test.pri)
 QT += network
 
 TARGET = TestPasswordGenerator
-SOURCES *= SSL.cpp SSLLocks.cpp TestPasswordGenerator.cpp PasswordGenerator.cpp CryptographicRandom.cpp arc4random_uniform.cpp
-HEADERS *= SSL.h SSLLocks.h PasswordGenerator.h CryptographicHash.h
+SOURCES *= SSL.cpp SSLLocks.cpp TestPasswordGenerator.cpp PasswordGenerator.cpp crypto/CryptographicRandom.cpp arc4random_uniform.cpp
+HEADERS *= SSL.h SSLLocks.h PasswordGenerator.h crypto/CryptographicHash.h
 
 VPATH *= ../../../3rdparty/arc4random-src
 INCLUDEPATH *=  ../../../3rdparty/arc4random-src