TeaSpeakLibrary/src/protocol/CryptHandler.h

#pragma once

#include <array>
#include <string>
#include "Packet.h"
#include <tomcrypt.h>
#undef byte /* the macro byte gets defined by tomcrypt_macros. We have to undefine it */

namespace ts::connection {
    class CryptHandler {
        public:
            typedef std::array<uint8_t, 16> key_t;
            typedef std::array<uint8_t, 16> nonce_t;
            CryptHandler();
            ~CryptHandler();

            void reset();

            //TeamSpeak old
            bool setupSharedSecret(const std::string& /* alpha */, const std::string& /* beta */, ecc_key* /* remote_public_key */, ecc_key* /* own_private_key */, std::string &/* error */);
            bool setupSharedSecret(const std::string& /* alpha */, const std::string& /* beta */, const std::string& /* shared_key */, std::string &/* error */);

            //TeamSpeak new
            bool setupSharedSecretNew(const std::string& alpha, const std::string& beta, const char privateKey[32], const char publicKey[32]);

            bool encrypt(
                    const void* /* header */, size_t /* header length */,
                    void* /* payload */, size_t /* payload length */,
                    void* /* mac */, /* mac must be 8 bytes long! */
                    const key_t& /* key */, const nonce_t& /* nonce */,
                    std::string& /* error */);

            bool decrypt(
                    const void* /* header */, size_t /* header length */,
                    void* /* payload */, size_t /* payload length */,
                    const void* /* mac */, /* mac must be 8 bytes long! */
                    const key_t& /* key */, const nonce_t& /* nonce */,
                    std::string& /* error */) const;

            bool generate_key_nonce(bool /* to server */, uint8_t /* packet type */, uint16_t /* packet id */, uint16_t /* generation */, key_t& /* key */, nonce_t& /* nonce */);
            bool verify_encryption(const pipes::buffer_view& /* data */, uint16_t /* packet id */, uint16_t /* generation */);

            inline void write_default_mac(void* buffer) {
                memcpy(buffer, this->current_mac, 8);
            }

            [[nodiscard]] inline bool encryption_initialized() const { return !this->encryption_initialized_; }

            static constexpr key_t kDefaultKey{'c', ':', '\\', 'w', 'i', 'n', 'd', 'o', 'w', 's', '\\', 's', 'y', 's', 't', 'e'}; //c:\windows\syste
            static constexpr nonce_t kDefaultNonce{'m', '\\', 'f', 'i', 'r', 'e', 'w', 'a', 'l', 'l', '3', '2', '.', 'c', 'p', 'l'}; //m\firewall32.cpl
        private:
            static constexpr char default_mac[8] = {'T', 'S', '3', 'I', 'N', 'I', 'T', '1'}; //TS3INIT1

            struct KeyCache {
                uint16_t generation = 0xFFEF;
                union {
                    struct {
                        uint8_t key[16];
                        uint8_t nonce[16];
                    };
                    uint8_t key_nonce[32];
                };
            };

            bool encryption_initialized_{false};
            int cipher_code{-1};

            /* for the old protocol SHA1 length for the new 64 bytes */
            uint8_t iv_struct[64];
            uint8_t iv_struct_length{0};

            uint8_t current_mac[8]{};

            std::mutex cache_key_lock{};
            std::array<KeyCache, protocol::PACKET_MAX> cache_key_client{};
            std::array<KeyCache, protocol::PACKET_MAX> cache_key_server{};

            static_assert(sizeof(current_mac) == sizeof(default_mac), "invalid mac");
            static_assert(sizeof(iv_struct) == 64, "invalid iv struct");
    };
}
Initial commit 2019-06-26 22:11:22 +02:00			`#pragma once`

			`#include <array>`
			`#include <string>`
			`#include "Packet.h"`
Fixed warnings related to libtomcrypt's byte definition 2019-07-02 02:13:42 +02:00			`#include <tomcrypt.h>`
			`#undef byte /* the macro byte gets defined by tomcrypt_macros. We have to undefine it */`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`namespace ts::connection {`
			`class CryptHandler {`
			`public:`
			`typedef std::array<uint8_t, 16> key_t;`
			`typedef std::array<uint8_t, 16> nonce_t;`
			`CryptHandler();`
			`~CryptHandler();`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`void reset();`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`//TeamSpeak old`
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`bool setupSharedSecret(const std::string& /* alpha /, const std::string& / beta /, ecc_key /* remote_public_key /, ecc_key /* own_private_key /, std::string &/ error */);`
			`bool setupSharedSecret(const std::string& /* alpha /, const std::string& / beta /, const std::string& / shared_key /, std::string &/ error */);`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`//TeamSpeak new`
			`bool setupSharedSecretNew(const std::string& alpha, const std::string& beta, const char privateKey[32], const char publicKey[32]);`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`bool encrypt(`
			`const void* /* header /, size_t / header length */,`
			`void* /* payload /, size_t / payload length */,`
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`void* /* mac /, / mac must be 8 bytes long! */`
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`const key_t& /* key /, const nonce_t& / nonce */,`
			`std::string& /* error */);`
A lot of updates 2020-01-27 02:21:39 +01:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`bool decrypt(`
			`const void* /* header /, size_t / header length */,`
			`void* /* payload /, size_t / payload length */,`
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`const void* /* mac /, / mac must be 8 bytes long! */`
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`const key_t& /* key /, const nonce_t& / nonce */,`
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`std::string& /* error */) const;`
A lot of updates 2020-01-27 02:21:39 +01:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`bool generate_key_nonce(bool /* to server /, uint8_t / packet type /, uint16_t / packet id /, uint16_t / generation /, key_t& / key /, nonce_t& / nonce */);`
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`bool verify_encryption(const pipes::buffer_view& /* data /, uint16_t / packet id /, uint16_t / generation */);`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`inline void write_default_mac(void* buffer) {`
			`memcpy(buffer, this->current_mac, 8);`
			`}`
Initial commit 2019-06-26 22:11:22 +02:00
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`[[nodiscard]] inline bool encryption_initialized() const { return !this->encryption_initialized_; }`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`static constexpr key_t kDefaultKey{'c', ':', '\\', 'w', 'i', 'n', 'd', 'o', 'w', 's', '\\', 's', 'y', 's', 't', 'e'}; //c:\windows\syste`
			`static constexpr nonce_t kDefaultNonce{'m', '\\', 'f', 'i', 'r', 'e', 'w', 'a', 'l', 'l', '3', '2', '.', 'c', 'p', 'l'}; //m\firewall32.cpl`
			`private:`
			`static constexpr char default_mac[8] = {'T', 'S', '3', 'I', 'N', 'I', 'T', '1'}; //TS3INIT1`
Initial commit 2019-06-26 22:11:22 +02:00
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`struct KeyCache {`
			`uint16_t generation = 0xFFEF;`
			`union {`
			`struct {`
			`uint8_t key[16];`
			`uint8_t nonce[16];`
			`};`
			`uint8_t key_nonce[32];`
			`};`
			`};`
Initial commit 2019-06-26 22:11:22 +02:00
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`bool encryption_initialized_{false};`
			`int cipher_code{-1};`
Initial commit 2019-06-26 22:11:22 +02:00
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00			`/* for the old protocol SHA1 length for the new 64 bytes */`
			`uint8_t iv_struct[64];`
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`uint8_t iv_struct_length{0};`
Initial commit 2019-06-26 22:11:22 +02:00
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`uint8_t current_mac[8]{};`
Initial commit 2019-06-26 22:11:22 +02:00
Some smaller changes and code cleanups 2021-02-05 17:20:38 +01:00			`std::mutex cache_key_lock{};`
			`std::array<KeyCache, protocol::PACKET_MAX> cache_key_client{};`
			`std::array<KeyCache, protocol::PACKET_MAX> cache_key_server{};`
reworked the voice client connection part 1 2020-07-29 19:05:35 +02:00
			`static_assert(sizeof(current_mac) == sizeof(default_mac), "invalid mac");`
			`static_assert(sizeof(iv_struct) == 64, "invalid iv struct");`
			`};`
Initial commit 2019-06-26 22:11:22 +02:00			`}`