├── .gitignore ├── Connector ├── Connector.swift ├── DirectConnector.swift ├── ProxyConnector.swift ├── Socks5Connector.swift └── TCPSSConnector.swift ├── ENV └── SFEnv.swift ├── EngineTest.swift ├── HTTP └── HTTPHeader.swift ├── LICENSE ├── README.md ├── SSencrypt-Bridging-Header.h ├── SSencrypt ├── Encrypt.swift └── SFEncrypt.swift ├── TCP_UDP ├── DNSCache.swift ├── DNSPacket.swift ├── DNSServer.swift ├── IPv4Packet.swift ├── SFDNSForwarder.swift ├── SFDNSManager.swift ├── SFUDPForwarder.swift ├── SFUDPProxyForwarder.swift ├── TCPPacket.swift └── UDPPacket.swift ├── include ├── net │ ├── if_types.h │ ├── radix.h │ └── route.h ├── netstat.h ├── sodium.h └── sodium │ ├── core.h │ ├── crypto_aead_aes256gcm.h │ ├── crypto_aead_chacha20poly1305.h │ ├── crypto_auth.h │ ├── crypto_auth_hmacsha256.h │ ├── crypto_auth_hmacsha512.h │ ├── crypto_auth_hmacsha512256.h │ ├── crypto_box.h │ ├── crypto_box_curve25519xsalsa20poly1305.h │ ├── crypto_core_hsalsa20.h │ ├── crypto_core_salsa20.h │ ├── crypto_core_salsa2012.h │ ├── crypto_core_salsa208.h │ ├── crypto_generichash.h │ ├── crypto_generichash_blake2b.h │ ├── crypto_hash.h │ ├── crypto_hash_sha256.h │ ├── crypto_hash_sha512.h │ ├── crypto_int32.h │ ├── crypto_int64.h │ ├── crypto_onetimeauth.h │ ├── crypto_onetimeauth_poly1305.h │ ├── crypto_pwhash_scryptsalsa208sha256.h │ ├── crypto_scalarmult.h │ ├── crypto_scalarmult_curve25519.h │ ├── crypto_secretbox.h │ ├── crypto_secretbox_xsalsa20poly1305.h │ ├── crypto_shorthash.h │ ├── crypto_shorthash_siphash24.h │ ├── crypto_sign.h │ ├── crypto_sign_ed25519.h │ ├── crypto_sign_edwards25519sha512batch.h │ ├── crypto_stream.h │ ├── crypto_stream_aes128ctr.h │ ├── crypto_stream_chacha20.h │ ├── crypto_stream_salsa20.h │ ├── crypto_stream_salsa2012.h │ ├── crypto_stream_salsa208.h │ ├── crypto_stream_xsalsa20.h │ ├── crypto_uint16.h │ ├── crypto_uint32.h │ ├── crypto_uint64.h │ ├── crypto_uint8.h │ ├── crypto_verify_16.h │ ├── crypto_verify_32.h │ ├── crypto_verify_64.h │ ├── export.h │ ├── randombytes.h │ ├── randombytes_nativeclient.h │ ├── randombytes_salsa20_random.h │ ├── randombytes_sysrandom.h │ ├── runtime.h │ ├── utils.h │ └── version.h ├── lib └── libsodium.a └── route.c /.gitignore: -------------------------------------------------------------------------------- 1 | # Xcode 2 | # 3 | # gitignore contributors: remember to update Global/Xcode.gitignore, Objective-C.gitignore & Swift.gitignore 4 | 5 | ## Build generated 6 | build/ 7 | DerivedData/ 8 | 9 | ## Various settings 10 | *.pbxuser 11 | !default.pbxuser 12 | *.mode1v3 13 | !default.mode1v3 14 | *.mode2v3 15 | !default.mode2v3 16 | *.perspectivev3 17 | !default.perspectivev3 18 | xcuserdata/ 19 | 20 | ## Other 21 | *.moved-aside 22 | *.xcuserstate 23 | 24 | ## Obj-C/Swift specific 25 | *.hmap 26 | *.ipa 27 | *.dSYM.zip 28 | *.dSYM 29 | 30 | ## Playgrounds 31 | timeline.xctimeline 32 | playground.xcworkspace 33 | 34 | # Swift Package Manager 35 | # 36 | # Add this line if you want to avoid checking in source code from Swift Package Manager dependencies. 37 | # Packages/ 38 | .build/ 39 | 40 | # CocoaPods 41 | # 42 | # We recommend against adding the Pods directory to your .gitignore. However 43 | # you should judge for yourself, the pros and cons are mentioned at: 44 | # https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control 45 | # 46 | # Pods/ 47 | 48 | # Carthage 49 | # 50 | # Add this line if you want to avoid checking in source code from Carthage dependencies. 51 | # Carthage/Checkouts 52 | 53 | Carthage/Build 54 | 55 | # fastlane 56 | # 57 | # It is recommended to not store the screenshots in the git repo. Instead, use fastlane to re-generate the 58 | # screenshots whenever they are needed. 59 | # For more information about the recommended setup visit: 60 | # https://github.com/fastlane/fastlane/blob/master/fastlane/docs/Gitignore.md 61 | 62 | fastlane/report.xml 63 | fastlane/Preview.html 64 | fastlane/screenshots 65 | fastlane/test_output 66 | -------------------------------------------------------------------------------- /Connector/Connector.swift: -------------------------------------------------------------------------------- 1 | // 2 | // Connector.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | 35 | 36 | let GCDMutilSocketQueue = false //理论没问题,就是内存受不了 37 | var SFConnectorID:Int = 0 38 | @objc public protocol ConnectorDelegate{ 39 | 40 | func connector(connector:Connector , didReadData data:NSData ,withTag tag:Int64) ->Void 41 | func connectorDidDisconnect(connector:Connector ,withError:NSError) 42 | func connector(connector:Connector , didWriteDataWithTag tag:Int64) ->Void 43 | func connectorDidSetupFailed(connector:Connector, withError:NSError) 44 | func connectorDidBecomeAvailable(connector:Connector) 45 | func connector(connector:Connector,shouldTimeoutReadWithTag tag: Int, elapsed: NSTimeInterval, bytesDone length: UInt) -> NSTimeInterval 46 | } 47 | public class Connector:NSObject,GCDAsyncSocketDelegate { 48 | weak var delegate:ConnectorDelegate? 49 | var mode:SFConnectionMode = .TCP 50 | var targetHost:String = "" 51 | var targetPort:UInt16 = 0 52 | var remoteIPaddress:String = "" 53 | var socket:GCDAsyncSocket? 54 | var socks_reading = false 55 | var socks_writing = false 56 | var socket_Queue:dispatch_queue_t? 57 | var connectTime:Int = 0 58 | //weak var manager:ConnectorDispatchQueueProvider? 59 | var initialized:Bool? 60 | var retry:Int? 61 | func interfaceAddr() ->String?{ 62 | if let socket = socket { 63 | let ipaddress = socket.localHost 64 | return ipaddress 65 | 66 | } 67 | return nil 68 | } 69 | var shoudClose = false 70 | var policy:SFPolicy = .Direct 71 | 72 | var cID:Int = 0 73 | var cIDString = "" 74 | var isConnected:Bool = false 75 | var isDisconnected:Bool = true 76 | func socketQueue () -> dispatch_queue_t?{ 77 | //return dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT,0) 78 | if GCDMutilSocketQueue { 79 | if socket_Queue == nil { 80 | socket_Queue = dispatch_queue_create("com.yarshure.socketqueue_\(self.cID)", DISPATCH_QUEUE_SERIAL) 81 | } 82 | return socket_Queue! 83 | }else { 84 | let q = SFTCPConnectionManager.shared().dispatchQueue 85 | //guard let m = manager else {fatalError()} 86 | return q//m.socketQueue() 87 | } 88 | //return nil 89 | } 90 | public override init() { 91 | SFConnectorID += 1 92 | cID = SFConnectorID 93 | super.init() 94 | } 95 | public init(policy:String){ 96 | 97 | SFConnectorID += 1 98 | 99 | cID = SFConnectorID 100 | super.init() 101 | } 102 | func cIDFunc(){ 103 | cIDString = "[" + objectClassString(self) + "-\(cID)" + "]" //self.classSFName() 104 | } 105 | func socketDead() ->Bool { 106 | if socket != nil { 107 | return false 108 | } 109 | return true 110 | } 111 | deinit{ 112 | 113 | //dispatch_release(socket_Queue!) 114 | if delegate != nil { 115 | delegate = nil 116 | } 117 | if let s = socket { 118 | s.synchronouslySetDelegate(nil) 119 | //socket = nil 120 | // if !isDisconnected { 121 | // if s.isDisconnected { 122 | // s.disconnect() 123 | // } 124 | // } 125 | 126 | AxLogger.log("\(cIDString) deinit socket not nil",level: .Debug) 127 | } 128 | // if let s = socket { 129 | // s.delegate = nil 130 | // if isDisconnected() { 131 | // //AxLogger.log("socket shoud disconnect",level: .Debug) 132 | // 133 | // //socket = nil 134 | // }else if isConnected() { 135 | // s.disconnect() 136 | // //s.disconnectAfterReadingAndWriting() 137 | // //socket = nil 138 | // 139 | // } 140 | // } 141 | //AxLogger.log("[Connector-\(cID)] deinit",level: .Debug) 142 | 143 | } 144 | // static func connectorWithSelectorPolicy(selectorPolicy:SFPolicy ,targetHostname hostname:String, targetPort port:UInt16) ->Connector{ 145 | // 146 | // 147 | // let c:Connector = Connector(p: selectorPolicy) 148 | // //c.manager = man 149 | // c.targetHost = hostname 150 | // c.targetPort = port 151 | // 152 | // return c 153 | // } 154 | 155 | public func disconnectWithError(error:NSError){ 156 | 157 | 158 | 159 | // let q = SFTCPConnectionManager.shared().socketQueue 160 | // dispatch_sync(q) { [weak self] in 161 | // if let strongSelf = self { 162 | // } 163 | // 164 | // } 165 | AxLogger.log("\(targetHost)\(targetPort) closing",level: .Verbose) 166 | shoudClose = true 167 | 168 | if let s = socket { 169 | //s.synchronouslySetDelegate(nil) 170 | //如果有callback 怎么办? 171 | 172 | if isDisconnected { 173 | //AxLogger.log("socket shoud disconnect",level: .Debug) 174 | //s.disconnect() 175 | isDisconnected = true 176 | //socket = nil 177 | AxLogger.log("\(cIDString) isDisconnected Connector: disconnectWithError " + error.localizedDescription,level: .Verbose) 178 | }else if isConnected { 179 | AxLogger.log("\(cIDString) isConnected Connector: disconnectWithError " + error.description,level: .Verbose) 180 | s.disconnect() 181 | //socket = nil 182 | 183 | } 184 | } 185 | 186 | 187 | // 188 | // if isConnected() { 189 | // if let s = socket { 190 | // s.delegate = nil 191 | // s.disconnect() 192 | // socket = nil 193 | // } 194 | // 195 | // }else { 196 | // socket?.disconnect() 197 | // if let delegate = delegate { 198 | // //delegate.connectorDidDisconnect(self, withError: error) 199 | // } 200 | // } 201 | 202 | // 203 | // if let delegate = delegate { 204 | // delegate.connectorDidDisconnect(self, withError: error) 205 | // self.delegate = nil 206 | // self.manager = nil 207 | // } 208 | // 209 | } 210 | public func socketDidDisconnect(sock: GCDAsyncSocket, withError err: NSError?){ 211 | var e:NSError 212 | if let _ = err { 213 | e = NSError(domain:errDomain , code: err!.code,userInfo: err!.userInfo) 214 | }else{ 215 | e = NSError(domain:errDomain , code: 0,userInfo: ["info":"debug"]) 216 | } 217 | isDisconnected = true 218 | 219 | 220 | AxLogger.log("\(cIDString) socket closed:\((e.localizedDescription)) \(targetHost):\(targetPort)",level: .Warning) 221 | 222 | if let d = delegate{ 223 | 224 | d.connectorDidDisconnect(self, withError: e) 225 | //socket = nil 226 | } 227 | } 228 | public func writeData(d:NSData, timeout:Double, tag:Int64){ 229 | // 230 | 231 | // if targetPort == 80 { 232 | // let debug = NSString.init(data: d, encoding: NSUTF8StringEncoding) as! String 233 | // //AxLogger.log("\(cIDString) writeData \(debug)",level: .Debug) 234 | // } 235 | if isConnected == true { 236 | socks_writing = true 237 | socket?.writeData(d, withTimeout: timeout, tag: Int(tag)) 238 | 239 | } 240 | 241 | } 242 | public func socket(sock: GCDAsyncSocket, didWriteDataWithTag tag: Int){ 243 | socks_writing = false 244 | } 245 | public func socket(sock: GCDAsyncSocket, didReadData data: NSData, withTag tag: Int) { 246 | 247 | } 248 | public func start(){ 249 | 250 | } 251 | public func readDataWithTimeout(timeout :Double ,length:UInt, tag :CLong){ 252 | // guard let buffer = self.receivedData else{ 253 | // //AxLogger.log("read error withtag \(tag) \(length)") 254 | // return; 255 | // } 256 | // 257 | //socket?.readDataToLength(length: length , timeout : timeout, tag: tag) 258 | // socket?.readDataToLength(UInt( length), withTimeout: timeout, tag: CLong(tag)) 259 | // if receivedData.length > 0 { 260 | // receivedData = NSMutableData.init(length: BUF_SIZE)! 261 | // } 262 | // if let tempBuffer = NSMutableData.init(capacity: BUF_SIZE){ 263 | // socket?.readDataWithTimeout(timeout, buffer: tempBuffer, bufferOffset: 0, maxLength: UInt(length) , tag: tag) 264 | // }else { 265 | // fatalError() 266 | // } 267 | 268 | // socket?.readDataWithTimeout(timeout, buffer: receivedData, bufferOffset: 0, maxLength: UInt(length) , tag: tag) 269 | //DLog("will read %d host:%@:%d",tag,targetHost,targetPort) 270 | socket?.readDataWithTimeout(timeout, buffer: nil, bufferOffset: 0, maxLength: length , tag: tag) 271 | //socket?.readDataWithTimeou 272 | 273 | } 274 | 275 | public func socket(sock: GCDAsyncSocket, didConnectToHost host: String, port: UInt16){ 276 | 277 | //AxLogger.log("\(cIDString) \(targetHost):\(targetPort) didConnectToHost \(host) and port \(port)",level:.Info) 278 | isConnected = true 279 | sock.userData = cIDString 280 | remoteIPaddress = host 281 | if let delegate = delegate { 282 | delegate.connectorDidBecomeAvailable(self) 283 | } 284 | 285 | } 286 | // public func socket(sock: GCDAsyncSocket!, didReadPartialDataOfLength partialLength: UInt, tag: Int){ 287 | // //AxLogger.log("\(cIDString) didReadPartialDataOfLength",level:.Error) 288 | // if let delegate = delegate { 289 | // delegate.connector(self, didReadData: self.receivedData, withTag: Int64( tag)) 290 | // } 291 | // } 292 | public func readDataToLength(length: UInt, withTimeout timeout: NSTimeInterval, tag: Int){ 293 | socket?.readDataToLength(length, withTimeout: timeout, tag: tag) 294 | } 295 | public func socket(sock: GCDAsyncSocket, shouldTimeoutReadWithTag tag: Int, elapsed: NSTimeInterval, bytesDone length: UInt) -> NSTimeInterval{ 296 | //AxLogger.log("\(cIDString) shouldTimeoutReadWithTag \(elapsed) \(length) tag:\(tag)", level:.Warning) 297 | 298 | if let d = delegate { 299 | return d.connector(self, shouldTimeoutReadWithTag: tag, elapsed: elapsed, bytesDone: length) 300 | } 301 | 302 | return 0.0 303 | } 304 | public func socket(sock: GCDAsyncSocket, shouldTimeoutWriteWithTag tag: Int, elapsed: NSTimeInterval, bytesDone length: UInt) -> NSTimeInterval{ 305 | //AxLogger.log("\(cIDString) shouldTimeoutWriteWithTag \(elapsed) \(length)", level:.Warning) 306 | // if elapsed > TCP_TimeOut { 307 | // return 0 308 | // } 309 | return AsyncSocketWriteTimeOut 310 | } 311 | 312 | } 313 | 314 | -------------------------------------------------------------------------------- /Connector/DirectConnector.swift: -------------------------------------------------------------------------------- 1 | // 2 | // DirectConnector.swift 3 | // Surf 4 | //Copyright (c) 2016, networkextension 5 | //All rights reserved. 6 | // 7 | //Redistribution and use in source and binary forms, with or without 8 | //modification, are permitted provided that the following conditions are met: 9 | // 10 | //* Redistributions of source code must retain the above copyright notice, this 11 | //list of conditions and the following disclaimer. 12 | // 13 | //* Redistributions in binary form must reproduce the above copyright notice, 14 | //this list of conditions and the following disclaimer in the documentation 15 | //and/or other materials provided with the distribution. 16 | // 17 | //* Neither the name of SSencrypt nor the names of its 18 | //contributors may be used to endorse or promote products derived from 19 | //this software without specific prior written permission. 20 | // 21 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 22 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 24 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 25 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 27 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 28 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 30 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 | 32 | import Foundation 33 | 34 | 35 | public class DirectConnector:Connector{ 36 | var interfaceName:String? 37 | 38 | //var ipAddress:String? 39 | 40 | public override func socket(sock: GCDAsyncSocket, didReadData data: NSData, withTag tag: Int) { 41 | 42 | //receivedData = data 43 | if data.length > 0 { 44 | // if targetPort == 80 { 45 | // let debug = NSString.init(data: data, encoding: NSUTF8StringEncoding) 46 | // if debug != nil { 47 | // //AxLogger.log("readData \(debug)") 48 | // } 49 | // 50 | // } 51 | if let d = delegate { 52 | //AxLogger.log("\(cIDString) didReadData \(data.length) \(tag)",level: .Debug) 53 | d.connector(self, didReadData: data, withTag: Int64(tag)) 54 | } 55 | 56 | } 57 | 58 | 59 | } 60 | 61 | public override func socket(sock: GCDAsyncSocket, didWriteDataWithTag tag: Int){ 62 | socks_writing = false 63 | //AxLogger.log("\(cIDString) didWriteDataWithTag \(tag)", level: .Debug) 64 | if let d = delegate { 65 | d.connector(self, didWriteDataWithTag: Int64(tag)) 66 | } 67 | 68 | 69 | } 70 | 71 | public func beginRead(){ 72 | 73 | socket?.readDataWithTimeout(socketReadTimeout, tag: 0) 74 | } 75 | // public override func readDataWithTimeout(timeout :Double ,length:UInt32, tag :CLong){ 76 | // // guard let buffer = self.receivedData else{ 77 | // // //AxLogger.log("read error withtag \(tag) \(length)") 78 | // // return; 79 | // // } 80 | // // 81 | // //socket?.readDataToLength(length: length , timeout : timeout, tag: tag) 82 | // // socket?.readDataToLength(UInt( length), withTimeout: timeout, tag: CLong(tag)) 83 | // socket?.readDataWithTimeout(timeout, buffer: nil, bufferOffset: 0, maxLength: UInt(length) , tag: tag) 84 | // 85 | // } 86 | public func socket(sock: GCDAsyncSocket!, didWritePartialDataOfLength partialLength: UInt, tag: Int){ 87 | //AxLogger.log("\(cIDString) didWritePartialDataOfLength \(partialLength) \(tag)",level:.Trace) 88 | } 89 | // public func socket(sock: GCDAsyncSocket!, shouldTimeoutReadWithTag tag: Int, elapsed: NSTimeInterval, bytesDone length: UInt) -> NSTimeInterval{ 90 | // //AxLogger.log("\(cIDString) shouldTimeoutReadWithTag ") 91 | // return 3 92 | // } 93 | // public func socket(sock: GCDAsyncSocket!, shouldTimeoutWriteWithTag tag: Int, elapsed: NSTimeInterval, bytesDone length: UInt) -> NSTimeInterval{ 94 | // //AxLogger.log("\(cIDString) shouldTimeoutWriteWithTag ") 95 | // return 0.1 96 | // } 97 | public func socketDidCloseReadStream(sock: GCDAsyncSocket!){ 98 | 99 | let e = NSError(domain:errDomain , code: 0,userInfo:["reason":"socketDidCloseReadStream"]) 100 | //AxLogger.log("\(cIDString) socketDidCloseReadStream \(e)",level:.Error) 101 | isDisconnected = true 102 | if let d = delegate { 103 | //socket = nil 104 | d.connectorDidDisconnect(self, withError: e) 105 | } 106 | 107 | } 108 | public override func socketDidDisconnect(sock: GCDAsyncSocket, withError err: NSError!){ 109 | //AxLogger.log("\(cIDString) socketDidDisconnect,err: \(err)",level:.Error) 110 | isDisconnected = true 111 | var e:NSError 112 | if let _ = err { 113 | e = NSError(domain:errDomain , code: err.code,userInfo: err.userInfo) 114 | }else{ 115 | e = NSError(domain:errDomain , code: 0,userInfo: ["info":"socketDidDisconnect"]) 116 | } 117 | if let d = delegate { 118 | //socket = nil 119 | d.connectorDidDisconnect(self, withError: e) 120 | } 121 | 122 | 123 | } 124 | public override func start() { 125 | let q = SFTCPConnectionManager.shared().dispatchQueue 126 | socket = GCDAsyncSocket.init(delegate: self, delegateQueue: q, socketQueue: self.socketQueue()) 127 | guard let s = socket else{ 128 | return 129 | } 130 | s.userData = cIDString 131 | let message = String.init(format: "URL:%@:%d connect", targetHost, targetPort) 132 | 133 | AxLogger.log("\(cIDString) connectToHost now \(message)",level:.Debug) 134 | do { 135 | 136 | try s.connectToHost(targetHost, onPort: UInt16(targetPort)) 137 | 138 | } catch { 139 | //AxLogger.log("\(cIDString) connectToHost error",level:.Error) 140 | let e = NSError(domain:errDomain , code: -1, userInfo: ["reason": "connectToHost error"]) 141 | if let d = delegate { 142 | d.connectorDidSetupFailed(self, withError: e) 143 | } 144 | let message = String.init(format: "URL:%@:%d connect failure %@", targetHost, targetPort,e.description) 145 | AxLogger.log(message,level:.Debug) 146 | } 147 | //AxLogger.log("\(cIDString) connectToHost \(targetHost) \(targetPort)",level:.Info) 148 | return 149 | } 150 | 151 | 152 | 153 | static func connectorWithSelectorPolicy(selectorPolicy:SFPolicy ,targetHostname hostname:String, targetPort port:UInt16) ->DirectConnector{ 154 | let c:DirectConnector = DirectConnector(policy: "Direct") 155 | //c.manager = man 156 | c.cIDFunc() 157 | c.targetHost = hostname 158 | c.targetPort = port 159 | //c.start() 160 | c.cIDFunc() 161 | return c 162 | } 163 | //public func 164 | } 165 | 166 | 167 | -------------------------------------------------------------------------------- /Connector/ProxyConnector.swift: -------------------------------------------------------------------------------- 1 | // 2 | // ProxyConnector.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | public class ProxyConnector: Connector { 35 | var proxy:SFProxy 36 | var tlsSupport:Bool = false 37 | #if os(iOS) 38 | let acceptableCipherSuites = [ 39 | 40 | NSNumber(unsignedShort: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256), 41 | NSNumber(unsignedShort: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA), 42 | NSNumber(unsignedShort: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), 43 | NSNumber(unsignedShort: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA), 44 | NSNumber(unsignedShort: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA), 45 | NSNumber(unsignedShort: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256), 46 | NSNumber(unsignedShort: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 47 | 48 | 49 | ] 50 | #else 51 | let acceptableCipherSuites = [ 52 | NSNumber(unsignedInt: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256), 53 | NSNumber(unsignedInt: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA), 54 | NSNumber(unsignedInt: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), 55 | NSNumber(unsignedInt: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA), 56 | NSNumber(unsignedInt: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA), 57 | NSNumber(unsignedInt: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256), 58 | NSNumber(unsignedInt: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA) 59 | 60 | ] 61 | #endif 62 | var pFrontAddress:String = "" 63 | var pFrontPort:UInt16 = 0 64 | init(spolicy: SFPolicy,p:SFProxy) { 65 | proxy = p 66 | 67 | super.init() 68 | self.policy = spolicy 69 | cIDFunc() 70 | } 71 | func startTLS(){ 72 | 73 | 74 | // NSMutableDictionary *sslSettings = [[NSMutableDictionary alloc] init]; 75 | // NSData *pkcs12data = [[NSData alloc] initWithContentsOfFile:[[NSBundle mainBundle] pathForResource:@"client" ofType:@"bks"]]; 76 | // CFDataRef inPKCS12Data = (CFDataRef)CFBridgingRetain(pkcs12data); 77 | // CFStringRef password = CFSTR("YOUR PASSWORD"); 78 | // const void *keys[] = { kSecImportExportPassphrase }; 79 | // const void *values[] = { password }; 80 | // CFDictionaryRef options = CFDictionaryCreate(NULL, keys, values, 1, NULL, NULL); 81 | // 82 | // CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL); 83 | // 84 | // OSStatus securityError = SecPKCS12Import(inPKCS12Data, options, &items); 85 | // CFRelease(options); 86 | // CFRelease(password); 87 | // 88 | // if(securityError == errSecSuccess) 89 | // NSLog(@"Success opening p12 certificate."); 90 | // 91 | // CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0); 92 | // SecIdentityRef myIdent = (SecIdentityRef)CFDictionaryGetValue(identityDict, 93 | // kSecImportItemIdentity); 94 | // 95 | // SecIdentityRef certArray[1] = { myIdent }; 96 | // CFArrayRef myCerts = CFArrayCreate(NULL, (void *)certArray, 1, NULL); 97 | // 98 | // [sslSettings setObject:(id)CFBridgingRelease(myCerts) forKey:(NSString *)kCFStreamSSLCertificates]; 99 | // [sslSettings setObject:NSStreamSocketSecurityLevelNegotiatedSSL forKey:(NSString *)kCFStreamSSLLevel]; 100 | // [sslSettings setObject:(id)kCFBooleanTrue forKey:(NSString *)kCFStreamSSLAllowsAnyRoot]; 101 | // [sslSettings setObject:@"CONNECTION ADDRESS" forKey:(NSString *)kCFStreamSSLPeerName]; 102 | // [sock startTLS:sslSettings]; 103 | let sslSettings:[String : NSNumber] = [:] 104 | 105 | 106 | socket?.startTLS(sslSettings) 107 | } 108 | internal func socket(sock: GCDAsyncSocket!, didReceiveTrust trust: SecTrust!, completionHandler: ((Bool) -> Void)!) 109 | { 110 | 111 | completionHandler(true) 112 | 113 | // let bgQueue:dispatch_queue_t = dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0) 114 | // dispatch_async(bgQueue) { 115 | // [weak self] in 116 | // var identity1:SecIdentityRef 117 | // var trust1:SecTrustRef 118 | // 119 | // 120 | // let arrayRefTrust:CFArrayRef = SecTrustCopyProperties(trust)! 121 | // var result = kSecTrustResultUnspecified//SecTrustResultType 122 | //// var status:OSStatus = SecTrustEvaluate(trust, &result) 123 | //// 124 | //// //AxLogger.log("evaluate with result \(result) and status \(status)") 125 | //// //AxLogger.log("trust properties: \(arrayRefTrust)") 126 | //// 127 | //// var myReturnedCertificate1:SecCertificateRef 128 | //// var status3:OSStatus = SecIdentityCopyCertificate (identity1, &myReturnedCertificate1) 129 | //// 130 | //// 131 | //// var myReturnedCertificate2:SecCertificateRef 132 | //// var status4:OSStatus = SecIdentityCopyCertificate (identity2, &myReturnedCertificate2); 133 | // 134 | // 135 | // let count:CFIndex = SecTrustGetCertificateCount(trust) 136 | // var isMatching:Bool = false 137 | // for i in 0 ..< count{ 138 | // let certRef:SecCertificateRef = SecTrustGetCertificateAtIndex(trust, i)! 139 | // 140 | // if let name = NSString.init(UTF8String: CFStringGetCStringPtr(SecCertificateCopySubjectSummary(certRef), CFStringBuiltInEncodings.UTF8.rawValue)) { 141 | // //AxLogger.log("remote cert at index \(i) is \(name)'") 142 | // if name == self!.proxy.serverAddress { 143 | // isMatching = true 144 | // } 145 | // 146 | // var trustManual:UnsafeMutablePointer = UnsafeMutablePointer.alloc(1) 147 | // //var trust:SecTrust 148 | // var status:OSStatus = SecTrustCreateWithCertificates(trust, SecPolicyCreateBasicX509(), trustManual) 149 | // //AxLogger.log("certStatus \(status)'") 150 | // var result:UnsafeMutablePointer = UnsafeMutablePointer.alloc(1) 151 | // status = SecTrustEvaluate(trust, result) 152 | // //AxLogger.log("certStatus \(status)'") 153 | // 154 | // let arrayRef:CFArrayRef = SecTrustCopyProperties(trust)! 155 | // //AxLogger.log("arrayRef \(arrayRef)'") 156 | // } 157 | // 158 | // 159 | // } 160 | // if isMatching { 161 | // completionHandler(true) 162 | // }else { 163 | // completionHandler(false) 164 | // } 165 | // 166 | // } 167 | 168 | } 169 | 170 | public override func start() { 171 | let q = SFTCPConnectionManager.shared().dispatchQueue 172 | let q2 = self.socketQueue() 173 | 174 | let s = GCDAsyncSocket.init(delegate: self, delegateQueue: q, socketQueue: q2 ) 175 | //#if DEBUG 176 | s.userData = cIDString 177 | // #endif 178 | 179 | socket = s 180 | 181 | do { 182 | let host:String = proxy.connectHost 183 | try s.connectToHost(host, onPort: UInt16(proxy.serverPort)!) 184 | AxLogger.log("now connect \(targetHost) via \(host)",level: .Debug) 185 | if tlsSupport { 186 | var sslSettings:[String : NSNumber] = [:] 187 | //http://stackoverflow.com/questions/26906773/gcdasyncsocket-two-way-authentication 188 | //https://source.ind.ie/project/pulse-swift/blob/454a9c3e679ab7178af2196479009bfa09862654/pulse-swift/TLS.swift 189 | // abount tls 190 | //let chain = NSString(format: kCFStreamSSLValidatesCertificateChain) 191 | //sslSettings[GCDAsyncSocketManuallyEvaluateTrust] = NSNumber.init(bool: true) 192 | //let identityout:SecIdentityRef; [sslSettings setObject:[[NSArray alloc] initWithObjects:(__bridge id)(identityout), nil] forKey:GCDAsyncSocketSSLCertificates]; 193 | //[self.asyncSocket startTLS:sslSettings]; 194 | sslSettings[GCDAsyncSocketSSLProtocolVersionMin] = NSNumber(int: SSLProtocol.TLSProtocol12.rawValue)//NSNumber(unsignedInt: kTLSProtocol12.rawValue) 195 | //sslSettings[GCDAsyncSocketSSLCipherSuites] = acceptableCipherSuites 196 | sslSettings[GCDAsyncSocketManuallyEvaluateTrust] = true 197 | //AxLogger.log("\(cIDString) \(proxy.serverAddress):\(proxy.serverPort) tls:\(sslSettings) ",level: .Warning) 198 | socket?.startTLS(sslSettings) 199 | 200 | } 201 | 202 | } catch { 203 | //AxLogger.log("\(cIDString) connectToHost ",level: .Error) 204 | let e = NSError(domain:errDomain , code: 7, userInfo: ["reason": "connectToHost error"]) 205 | if let d = delegate{ 206 | d.connectorDidSetupFailed(self, withError: e) 207 | } 208 | 209 | } 210 | 211 | 212 | //AxLogger.log("\(cIDString) connectToHost \(targetHost) \(targetPort) by \(proxy.serverAddress) \(proxy.serverPort)",level:.Info) 213 | //return 214 | } 215 | 216 | override public func socket(sock: GCDAsyncSocket, didConnectToHost host: String!, port: UInt16){ 217 | 218 | //AxLogger.log("\(cIDString) \(targetHost):\(targetPort) didConnectToHost \(host) and port \(port) via:\(proxy.serverAddress):\(proxy.serverPort)",level:.Info) 219 | remoteIPaddress = host 220 | isConnected = true 221 | if let d = delegate { 222 | d.connectorDidBecomeAvailable(self) 223 | } 224 | 225 | } 226 | // public func socket(sock: GCDAsyncSocket!, shouldTimeoutReadWithTag tag: Int, elapsed: NSTimeInterval, bytesDone length: UInt) -> NSTimeInterval{ 227 | // //AxLogger.log("\(cIDString) shouldTimeoutReadWithTag \(tag)") 228 | // return 3 229 | // } 230 | // public func socket(sock: GCDAsyncSocket!, shouldTimeoutWriteWithTag tag: Int, elapsed: NSTimeInterval, bytesDone length: UInt) -> NSTimeInterval{ 231 | // //AxLogger.log("\(cIDString) shouldTimeoutWriteWithTag \(tag)") 232 | // return 3 233 | // } 234 | } 235 | -------------------------------------------------------------------------------- /ENV/SFEnv.swift: -------------------------------------------------------------------------------- 1 | // 2 | // SFEnv.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | import Foundation 33 | import NetworkExtension 34 | import Darwin 35 | 36 | 37 | enum SFNetWorkIPType:Int32,CustomStringConvertible { 38 | case ipv4 = 2//AF_INET 39 | case ipv6 = 30//AF_INET6 40 | internal var description: String { 41 | switch self { 42 | case .ipv4:return "IPV4" 43 | case .ipv6:return "IPV6" 44 | 45 | } 46 | } 47 | init(ip:String) { 48 | var sin = sockaddr_in() 49 | var sin6 = sockaddr_in6() 50 | var t:Int32 = 0 51 | if ip.withCString({ cstring in inet_pton(AF_INET6, cstring, &sin6.sin6_addr) }) == 1 { 52 | // IPv6 peer. 53 | t = AF_INET6 54 | } 55 | else if ip.withCString({ cstring in inet_pton(AF_INET, cstring, &sin.sin_addr) }) == 1 { 56 | // IPv4 peer. 57 | t = AF_INET 58 | } 59 | self = SFNetWorkIPType.init(rawValue: t)! 60 | 61 | } 62 | } 63 | //物理层type 64 | enum SFNetWorkType:Int,CustomStringConvertible { 65 | case wifi = 0 66 | case bluetooth = 1 67 | case cell = 2 68 | case cellshare = 3 //cell share 模式 69 | internal var description: String { 70 | switch self { 71 | case .wifi:return "WI-FI" 72 | case .bluetooth:return "BlueTooth" 73 | case .cell:return "Cell" 74 | case .cellshare:return "Cell Share" 75 | } 76 | } 77 | init(interface:String) { 78 | 79 | var t = -1 80 | switch interface { 81 | case "en0": 82 | t = 0 83 | case "awdl0": 84 | t = 0 85 | case "pdp_ip0": 86 | t = 2 87 | case "pdp_ip1": 88 | t = 3 89 | default: 90 | t = 1 91 | } 92 | self = SFNetWorkType.init(rawValue: t)! 93 | 94 | } 95 | 96 | } 97 | class SFEnv { 98 | static let env:SFEnv = SFEnv() 99 | var session:SFVPNSession = SFVPNSession() 100 | var ipType:SFNetWorkIPType = .ipv4 101 | var hwType:SFNetWorkType = .cell 102 | 103 | init() { 104 | } 105 | func updateEnv(ip:String,interface:String){ 106 | ipType = SFNetWorkIPType.init(ip: ip) 107 | hwType = SFNetWorkType.init(interface: interface) 108 | } 109 | func updateEnvIP(ip:String){ 110 | if !ip.isEmpty{ 111 | ipType = SFNetWorkIPType.init(ip: ip) 112 | } 113 | 114 | } 115 | func updateEnvHW(interface:String){ 116 | hwType = SFNetWorkType.init(interface: interface) 117 | } 118 | func updateEnvHWWithPath(path:NWPath?){ 119 | if let p = path{ 120 | if p.expensive { 121 | hwType = .cell 122 | }else { 123 | hwType = .wifi 124 | } 125 | AxLogger.log("Now Network Type: \(hwType.description)",level:.Info) 126 | SFNetworkInterfaceManager.instances.updateIPAddress() 127 | 128 | } 129 | } 130 | } 131 | -------------------------------------------------------------------------------- /EngineTest.swift: -------------------------------------------------------------------------------- 1 | // 2 | // EngineTest.swift 3 | // SSencrypt 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | // need add https://github.com/networkextension/A.BIG.T code 33 | import Foundation 34 | 35 | class Engine { 36 | var recv_decryption_ctx:SEContextRef = SEContextRef() 37 | var send_encryption_ctx:SEContextRef = SEContextRef() 38 | var aes:SSEncrypt? 39 | let pass:String = "aHR0cHM6Ly9yYXcuZ2l0aHVidXN" 40 | var m:Int32 = 0 41 | var mem:String = "test" 42 | 43 | init(){ 44 | 45 | aes = SSEncrypt.init(password: pass, method: "aes-256-cfb") 46 | self.config() 47 | // Do any additional setup after loading the view. 48 | } 49 | 50 | 51 | @IBAction func doAction(sender: AnyObject) { 52 | test3() 53 | // test2() 54 | } 55 | func config(){ 56 | 57 | recv_decryption_ctx = enc_ctx_create() 58 | send_encryption_ctx = enc_ctx_create() 59 | m = settingSS(pass,method: "aes-256-cfb") 60 | 61 | enc_ctx_init(m, send_encryption_ctx, 1); 62 | enc_ctx_init(m, recv_decryption_ctx, 0); 63 | //test_encryptor(d!) 64 | } 65 | 66 | func test(){ 67 | //for i in 67 { 68 | let i = Int(arc4random_uniform(1024*1000*1000)) + 1 69 | 70 | let data = aes!.getSecureRandom(i) 71 | // var ptr = data.bytes 72 | // let end = ptr + data.length 73 | let result = NSMutableData.init() 74 | var index = 0 75 | while index < data.length { 76 | //srand(UInt32(NSDate().timeIntervalSinceReferenceDate))//"218.75.4.130" 77 | var randomNumber: Int = Int(arc4random_uniform(1024)) + 1// Int(rand()) % 1024 78 | if randomNumber + index >= data.length { 79 | randomNumber = data.length - index 80 | } 81 | let temp = data.subdataWithRange(NSMakeRange(index, randomNumber)) 82 | index += randomNumber 83 | //print("*** \(randomNumber) ") 84 | let cipher = test_encryptor(temp) 85 | 86 | result.appendData(cipher) 87 | 88 | 89 | } 90 | 91 | index = 0 92 | let plain = NSMutableData.init() 93 | while index < result.length { 94 | //srand(UInt32(NSDate().timeIntervalSinceReferenceDate))//"218.75.4.130" 95 | var randomNumber: Int = Int(arc4random_uniform(1024)) + 1 96 | if randomNumber + index >= result.length { 97 | randomNumber = result.length - index 98 | } 99 | let temp = result.subdataWithRange(NSMakeRange(index, randomNumber)) 100 | index += randomNumber 101 | 102 | //print("### \(randomNumber) ") 103 | let plain2 = aes!.decrypt(temp) 104 | plain.appendData(plain2!) 105 | 106 | 107 | } 108 | 109 | let m1 = plain.md5 110 | let m2 = data.md5 111 | if plain.isEqualToData(data){ 112 | print("FINAL \(i) PASS") 113 | }else { 114 | print("FINAL \(i) FALI") 115 | } 116 | print("\(m1)") 117 | print("\(m2)") 118 | //} 119 | 120 | } 121 | func test3(){ 122 | //for i in 67 { 123 | let i = Int(arc4random_uniform(1024*1000*1000)) + 1 124 | 125 | let data = aes!.getSecureRandom(i) 126 | // var ptr = data.bytes 127 | // let end = ptr + data.length 128 | let result = NSMutableData.init() 129 | var index = 0 130 | while index < data.length { 131 | //srand(UInt32(NSDate().timeIntervalSinceReferenceDate))//"218.75.4.130" 132 | var randomNumber: Int = Int(arc4random_uniform(1024)) + 1// Int(rand()) % 1024 133 | if randomNumber + index >= data.length { 134 | randomNumber = data.length - index 135 | } 136 | let temp = data.subdataWithRange(NSMakeRange(index, randomNumber)) 137 | index += randomNumber 138 | //print("*** \(randomNumber) ") 139 | let cipher = aes!.encrypt(temp)! 140 | 141 | result.appendData(cipher) 142 | 143 | 144 | } 145 | 146 | index = 0 147 | let plain = NSMutableData.init() 148 | while index < result.length { 149 | //srand(UInt32(NSDate().timeIntervalSinceReferenceDate))//"218.75.4.130" 150 | var randomNumber: Int = Int(arc4random_uniform(1024)) + 1 151 | if randomNumber + index >= result.length { 152 | randomNumber = result.length - index 153 | } 154 | let temp = result.subdataWithRange(NSMakeRange(index, randomNumber)) 155 | index += randomNumber 156 | 157 | //print("### \(randomNumber) ") 158 | let plain2 = test_decryptor(temp) 159 | plain.appendData(plain2) 160 | 161 | 162 | } 163 | 164 | let m1 = plain.md5 165 | let m2 = data.md5 166 | if plain.isEqualToData(data){ 167 | print("FINAL \(i) PASS") 168 | }else { 169 | print("FINAL \(i) FALI") 170 | } 171 | print("\(m1)") 172 | print("\(m2)") 173 | //} 174 | 175 | } 176 | func test2(){ 177 | for i in 32 ... 1024 { 178 | 179 | var data = aes!.getSecureRandom(i) 180 | let x = data.length % 16 181 | if x != 0 { 182 | let y = NSMutableData.init(data: data) 183 | y.length += x 184 | data = y 185 | } 186 | let cipher = aes?.encrypt(data) 187 | let plain = test_decryptor(cipher!) 188 | //let plain = aes!.decrypt(cipher) 189 | if plain.isEqualToData(data){ 190 | print("222: \(i) PASS") 191 | }else { 192 | print("\(i) \(plain.length) FALI") 193 | } 194 | } 195 | 196 | } 197 | func test_encryptor(buffer:NSData) ->NSData { 198 | 199 | let sendb:bufferRef = bufferRef.alloc(1) 200 | balloc(sendb,buffer.length) 201 | buffer_t_copy(sendb,UnsafePointer(buffer.bytes),buffer.length) 202 | let ret = ss_encrypt(sendb,send_encryption_ctx,buffer.length) 203 | if ret != 0 { 204 | abort() 205 | } 206 | 207 | let len = buffer_t_len(sendb) 208 | //let recvb:bufferRef = bufferRef.alloc(1) 209 | //balloc(recvb,cipher.length) 210 | let temp = NSData.init(bytes: buffer_t_buffer(sendb), length: len) 211 | bfree(sendb) 212 | sendb.dealloc(1) 213 | return temp 214 | 215 | 216 | } 217 | func test_decryptor(buffer:NSData) ->NSData { 218 | 219 | let sendb:bufferRef = bufferRef.alloc(1) 220 | balloc(sendb,buffer.length) 221 | buffer_t_copy(sendb,UnsafePointer(buffer.bytes),buffer.length) 222 | let ret = ss_decrypt(sendb,recv_decryption_ctx,buffer.length) 223 | if ret != 0 { 224 | abort() 225 | } 226 | 227 | let len = buffer_t_len(sendb) 228 | //let recvb:bufferRef = bufferRef.alloc(1) 229 | //balloc(recvb,cipher.length) 230 | let temp = NSData.init(bytes: buffer_t_buffer(sendb), length: len) 231 | bfree(sendb) 232 | sendb.dealloc(1) 233 | return temp 234 | 235 | 236 | } 237 | } 238 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2016, networkextension 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without 5 | modification, are permitted provided that the following conditions are met: 6 | 7 | * Redistributions of source code must retain the above copyright notice, this 8 | list of conditions and the following disclaimer. 9 | 10 | * Redistributions in binary form must reproduce the above copyright notice, 11 | this list of conditions and the following disclaimer in the documentation 12 | and/or other materials provided with the distribution. 13 | 14 | * Neither the name of SSencrypt nor the names of its 15 | contributors may be used to endorse or promote products derived from 16 | this software without specific prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 22 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 26 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # SSencrypt 2 | AES encrypt demo 3 | ## About 4 | this project code will replace ss lib-ev encrypt code in A.BIG.T 5 | this project add GFW.press encrypt support 2016.7.30 6 | ## About A.BIG.T 7 | https://appsto.re/cn/-JFQ-.i , if you like this project , you can buy A.BIG.T. 8 | ## Author 9 | twitter @network_ext, email: support@abigt.net 10 | ## License 11 | BSD, see LICENSE FILE 12 | ## Donor list 13 | @sky4sky7 14 | -------------------------------------------------------------------------------- /SSencrypt-Bridging-Header.h: -------------------------------------------------------------------------------- 1 | // 2 | // Use this file to import your target's public headers that you would like to expose to Swift. 3 | // 4 | 5 | #import 6 | #import -------------------------------------------------------------------------------- /TCP_UDP/DNSCache.swift: -------------------------------------------------------------------------------- 1 | //Copyright (c) 2016, networkextension 2 | //All rights reserved. 3 | // 4 | //Redistribution and use in source and binary forms, with or without 5 | //modification, are permitted provided that the following conditions are met: 6 | // 7 | //* Redistributions of source code must retain the above copyright notice, this 8 | //list of conditions and the following disclaimer. 9 | // 10 | //* Redistributions in binary form must reproduce the above copyright notice, 11 | //this list of conditions and the following disclaimer in the documentation 12 | //and/or other materials provided with the distribution. 13 | // 14 | //* Neither the name of SSencrypt nor the names of its 15 | //contributors may be used to endorse or promote products derived from 16 | //this software without specific prior written permission. 17 | // 18 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 22 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 26 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | 29 | import Foundation 30 | 31 | struct DNSCache { 32 | var domain:String 33 | var ips:[String] 34 | init(d:String, i:[String]) { 35 | domain = d 36 | ips = i 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /TCP_UDP/DNSPacket.swift: -------------------------------------------------------------------------------- 1 | // 2 | // DNSPacket.swift 3 | //Copyright (c) 2016, networkextension 4 | //All rights reserved. 5 | // 6 | //Redistribution and use in source and binary forms, with or without 7 | //modification, are permitted provided that the following conditions are met: 8 | // 9 | //* Redistributions of source code must retain the above copyright notice, this 10 | //list of conditions and the following disclaimer. 11 | // 12 | //* Redistributions in binary form must reproduce the above copyright notice, 13 | //this list of conditions and the following disclaimer in the documentation 14 | //and/or other materials provided with the distribution. 15 | // 16 | //* Neither the name of SSencrypt nor the names of its 17 | //contributors may be used to endorse or promote products derived from 18 | //this software without specific prior written permission. 19 | // 20 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 21 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 23 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 24 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 26 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 27 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | 31 | import Foundation 32 | import Darwin 33 | 34 | 35 | public enum QTYPE:UInt16,CustomStringConvertible{ 36 | case A = 0x0001 37 | case NS = 0x0002 38 | case CNAME = 0x005 39 | case SOA = 0x0006 40 | 41 | case WKS = 0x000B 42 | case PTR = 0x000C 43 | case MX = 0x000F 44 | case SRV = 0x0021 45 | 46 | case A6 = 0x0026 47 | case ANY = 0x00FF 48 | 49 | 50 | public var description: String { 51 | switch self { 52 | case A: return "A" 53 | case NS : return "NS" 54 | case CNAME : return "CNAME" 55 | case SOA : return "SOA" 56 | 57 | case WKS : return "WKS" 58 | case PTR : return "PTR" 59 | case MX : return "MX" 60 | case SRV : return "SRV" 61 | 62 | case A6 : return "A6" 63 | case ANY : return "ANY" 64 | } 65 | } 66 | } 67 | 68 | 69 | class DNSPacket: NSObject { 70 | var identifier:UInt16 = 0 71 | var queryDomains:[String] = [] 72 | var answerDomains:[String:String] = [:] 73 | var rawData:NSData 74 | var qr:CChar = 0 75 | var count:UInt16 = 0 76 | var qType:UInt16 = 0 77 | var qClass:UInt16 = 0 78 | var reqCount:UInt16 = 0 79 | var answerCount:UInt16 = 0 80 | var ipString:[String] = [] 81 | var finished:Bool = true 82 | // override init() { 83 | // 84 | // } 85 | 86 | 87 | init(data:NSData) { 88 | if data.length < 12 { 89 | 90 | AxLogger.log("DNS data error data",level: .Error) 91 | } 92 | 93 | rawData = data 94 | super.init() 95 | let bytes:UnsafePointer = UnsafePointer.init(rawData.bytes) 96 | var p:UnsafePointer = bytes 97 | identifier = bytes.memory 98 | p = bytes + 1 99 | let op = p.memory.bigEndian 100 | //print("#######################") 101 | qr = CChar(op >> 15) 102 | if qr == 0{ 103 | //NSLog("#######################DNS req") 104 | }else { 105 | let c = p.memory.bigEndian & 0x000F 106 | if c == 0 { 107 | //NSLog("#######################DNS resp OK") 108 | }else { 109 | //NSLog("#######################DNS resp err:\(c)") 110 | } 111 | 112 | 113 | } 114 | 115 | p = p + 1 116 | reqCount = p.memory.bigEndian 117 | p = p + 1 118 | answerCount = p.memory.bigEndian 119 | p = p + 1 120 | 121 | p += 2 122 | var ptr:UnsafePointer = UnsafePointer.init(p) 123 | if qr == 0 { 124 | count = reqCount 125 | }else { 126 | count = answerCount 127 | } 128 | let endptr:UnsafePointer = ptr.advancedBy(rawData.length-6*2) 129 | for _ in 0..> 14 177 | var domain:String = "" 178 | if pxx == 3 { 179 | //NSLog("cc %d", pxx) 180 | let offset:UInt16 = px & 0x3fff 181 | var ptr0:UnsafePointer = UnsafePointer.init(bytes) 182 | 183 | ptr0 = ptr0.advancedBy(Int(offset)) 184 | 185 | domain = DNSPacket.findLabel(ptr0) 186 | }else { 187 | // packet 不全,导致后面无法解析 188 | finished = false 189 | return 190 | } 191 | 192 | 193 | var t:UInt16 = 0 194 | 195 | memcpy(&t, ptr, 2) 196 | t = t.bigEndian 197 | guard let type :QTYPE = QTYPE(rawValue: t) else { 198 | return 199 | } 200 | ptr += 2 201 | var qclass:UInt16 = 0 202 | memcpy(&qclass, ptr, 2) 203 | qclass = qclass.bigEndian 204 | ptr += 2 205 | var ttl:Int32 = 0 206 | memcpy(&ttl, ptr, 4) 207 | ttl = ttl.byteSwapped 208 | ptr += 4 209 | 210 | var len:UInt16 = 0 211 | 212 | memcpy(&len, ptr, 2) 213 | len = len.bigEndian 214 | ptr += 2 215 | 216 | var domainString:String = "" 217 | var domainLength = 0 218 | if type == .A { 219 | var ip:Int32 = 0 220 | memcpy(&ip, ptr, Int(len)) 221 | ip = ip.byteSwapped 222 | domainString = "\(ip>>24 & 0xFF).\(ip>>16 & 0xFF).\(ip>>8 & 0xFF).\(ip & 0xFF)" 223 | ptr += Int(len) 224 | ipString.append(domainString) 225 | }else if type == .A6 { 226 | 227 | let buffer = NSMutableData() 228 | memcpy(buffer.mutableBytes, ptr, Int(len)) 229 | ptr += Int(len) 230 | AxLogger.log("IPv6 AAAA record found \(buffer)",level: .Notify) 231 | }else { 232 | while (ptr.memory != 0x0) { 233 | let len = Int(ptr.memory) 234 | ptr = ptr.successor() 235 | 236 | if ptr.distanceTo(endptr) < len { 237 | finished = false 238 | return 239 | //NSLog("error return ") 240 | } 241 | if let s = NSString.init(bytes: ptr, length: len, encoding: NSUTF8StringEncoding) { 242 | domainString = domainString + (s as String) + "." 243 | } 244 | 245 | 246 | ptr = ptr + Int(len) 247 | domainLength += len 248 | 249 | domainLength += 1 250 | } 251 | ptr += 1 252 | } 253 | 254 | AxLogger.log(" \(domain) \(domainString)",level: .Debug) 255 | 256 | } 257 | } 258 | 259 | 260 | if let d = queryDomains.first { 261 | if qr == 0 { 262 | AxLogger.log("DNS Request: \(d) ",level: .Debug) 263 | 264 | }else { 265 | //NSLog("DNS Response Packet %@", d) 266 | AxLogger.log("DNS Response: \(d) :\(ipString) ",level: .Debug) 267 | if !self.ipString.isEmpty { 268 | let r = DNSCache.init(d: d, i: ipString) 269 | SFSettingModule.setting.addDNSCacheRecord(r) 270 | AxLogger.log("DNS \(d) IN A \(ipString)", level: .Trace) 271 | }else { 272 | AxLogger.log("DNS \(d) IN not found record", level: .Trace) 273 | } 274 | } 275 | 276 | } 277 | 278 | 279 | //super.init() 280 | } 281 | static func findLabel(ptr0:UnsafePointer) ->String { 282 | var ptr:UnsafePointer = ptr0 283 | var domainString:String = "" 284 | var domainLength = 0 285 | while (ptr.memory != 0x0) { 286 | let len = Int(ptr.memory) 287 | ptr = ptr.successor() 288 | 289 | // if ptr.distanceTo(endptr) < len { 290 | // NSLog("error return ") 291 | // } 292 | if let s = NSString.init(bytes: ptr, length: len, encoding: NSUTF8StringEncoding) { 293 | 294 | 295 | domainString = domainString + (s as String) + "." 296 | } 297 | 298 | ptr = ptr + Int(len) 299 | domainLength += len 300 | 301 | domainLength += 1 302 | } 303 | 304 | return domainString 305 | } 306 | deinit{ 307 | AxLogger.log("DNSPacket deinit",level: .Debug) 308 | } 309 | static func genPacketData(ip:String,domain:String,identifier:UInt16) ->NSData { 310 | //IPv4 311 | let respData = NSMutableData() 312 | respData.write(identifier) 313 | let x:UInt16 = 0x8180 314 | let y:UInt32 = 0x00010001 315 | let z:UInt32 = 0x00000000 316 | respData.write(x.bigEndian) 317 | respData.write(y.bigEndian) 318 | respData.write(z.bigEndian) 319 | let xx = domain.componentsSeparatedByString(".") 320 | for p in xx { 321 | let len:CChar = Int8(p.characters.count) 322 | respData.write(len) 323 | respData.write(p) 324 | } 325 | respData.write(CChar(0x00)) // .在那里 326 | respData.write(UInt16(0x0001).bigEndian) 327 | respData.write(UInt16(0x0001).bigEndian) 328 | respData.write(UInt16(0xC00C).bigEndian) 329 | respData.write(UInt16(0x0001).bigEndian) 330 | respData.write(UInt16(0x0001).bigEndian) 331 | respData.write(UInt32(0x000d2f00).bigEndian) 332 | respData.write(UInt16(0x0004).bigEndian) 333 | 334 | let ipD:UInt32 = inet_addr(ip.cStringUsingEncoding(NSUTF8StringEncoding)!) 335 | respData.write(ipD) 336 | return respData 337 | } 338 | } 339 | -------------------------------------------------------------------------------- /TCP_UDP/DNSServer.swift: -------------------------------------------------------------------------------- 1 | // 2 | // DNSServer.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | import Darwin 35 | class DNSServer :CustomStringConvertible { 36 | var ipaddr:String 37 | var system:Bool = false 38 | var type:SFNetWorkIPType 39 | var successCount:Int = 0 40 | var failureCount:Int = 0 41 | var totalTime:Double = 0.0 42 | init(ip:String,sys:Bool){ 43 | ipaddr = ip 44 | system = sys 45 | type = SFNetWorkIPType.init(ip: ip) 46 | } 47 | static func currentSystemDns() ->[String] { 48 | let dnss = loadSystemDNSServer() 49 | return dnss 50 | } 51 | static func createSetting() ->DNSServer { 52 | let count = DNSServer.default_servers.count 53 | let value = Int(arc4random()) % count; 54 | let x = DNSServer.default_servers[value] 55 | let r = DNSServer.init(ip: x, sys: false) 56 | return r 57 | } 58 | static let tunIPV4DNS = ["240.7.1.10"] 59 | static let default_servers = ["119.29.29.29","223.6.6.6", "223.5.5.5"] 60 | var description: String { 61 | return "\(ipaddr)" 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /TCP_UDP/IPv4Packet.swift: -------------------------------------------------------------------------------- 1 | // 2 | // IPv4Packet.swift 3 | // SimpleTunnel 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | import NetworkExtension 35 | 36 | 37 | public class IPv4Packet:NSObject{ 38 | var proto:UInt8 = 0 39 | let srcIP:NSData? 40 | let _rawData:NSData 41 | let destinationIP:NSData? 42 | var headerLength:Int32 = 0 43 | let payloadLength:Int32 = 0 44 | init(PacketData:NSData){ 45 | 46 | if PacketData.length < 20 { 47 | //AxLogger.log("PacketData lenth error",) 48 | fatalError() 49 | } 50 | _rawData = PacketData; 51 | 52 | 53 | var p = _rawData.subdataWithRange(NSRange.init(location: 9, length: 1)) 54 | proto = UInt8(data2Int(p,len: 1)) 55 | srcIP = _rawData.subdataWithRange(NSRange.init(location: 12, length: 4)) 56 | destinationIP = _rawData.subdataWithRange(NSRange.init(location: 16, length: 4)) 57 | 58 | p = _rawData.subdataWithRange(NSRange.init(location: 0, length: 1)) 59 | let len = data2Int(p, len: 1) & 0x0F 60 | headerLength = len * 4 61 | 62 | super.init() 63 | 64 | } 65 | func payloadData() ->NSData{ 66 | return _rawData.subdataWithRange(NSRange.init(location: Int(headerLength), length: _rawData.length - Int(headerLength))) 67 | } 68 | override public var debugDescription: String { 69 | return "\(srcIP) \(destinationIP)" 70 | } 71 | deinit{ 72 | //debugLog("IPv4Packet deinit") 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /TCP_UDP/SFDNSManager.swift: -------------------------------------------------------------------------------- 1 | // 2 | // SFDNSManager.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | 35 | class SFDNSManager { 36 | static let manager = SFDNSManager() 37 | var settings:[DNSServer] = [] 38 | var index:Int = 0 39 | var userSetDNS = false 40 | var dnsServers:[String] = [] 41 | func setUpConfig(opt:[String]?) ->[DNSServer]{ 42 | 43 | var result:[DNSServer] = [] 44 | if let opt = opt where !opt.isEmpty { 45 | userSetDNS = true 46 | for o in opt{ 47 | let uper = o.uppercaseString 48 | if uper == "SYSTEM"{ 49 | addSystemDNS(&result) 50 | }else { 51 | let d = DNSServer.init(ip: o,sys:false) 52 | //settings.append(d) 53 | result.append(d) 54 | } 55 | } 56 | }else { 57 | addSystemDNS(&result) 58 | } 59 | return result 60 | //maybe add default 61 | } 62 | func addSystemDNS(inout result:[DNSServer]) { 63 | let system = DNSServer.currentSystemDns() 64 | for s in system { 65 | if s == proxyIpAddr { 66 | AxLogger.log("DNS invalid \(s) ",level: .Error) 67 | }else { 68 | 69 | if !s.isEmpty{ 70 | let d = DNSServer.init(ip: s,sys:true) 71 | //settings.append(d) 72 | result.append(d) 73 | 74 | SFEnv.env.updateEnvIP(s) 75 | AxLogger.log("systen dns \(s) type:\( SFEnv.env.ipType)",level: .Info) 76 | } 77 | 78 | } 79 | 80 | } 81 | } 82 | func currentDNSServer() -> [String] { 83 | 84 | 85 | let dnss = loadSystemDNSServer() 86 | if let f = dnss.first where f == proxyIpAddr { 87 | AxLogger.log("DNS don't need update",level: .Info) 88 | }else { 89 | dnsServers.removeAll() 90 | for item in dnss{ 91 | dnsServers.append(item) 92 | } 93 | AxLogger.log("System DNS \(dnsServers)",level: .Info) 94 | } 95 | 96 | 97 | 98 | return dnsServers 99 | 100 | } 101 | func giveMeAserver() ->DNSServer{ 102 | 103 | 104 | if index == settings.count { 105 | index = 0 106 | } 107 | 108 | if index < settings.count{ 109 | let s = settings[index] 110 | index += 1 111 | return s 112 | 113 | }else { 114 | return DNSServer.createSetting() 115 | } 116 | 117 | 118 | 119 | } 120 | func tunDNSSetting() ->[String]{ 121 | if SFEnv.env.ipType == .ipv6 { 122 | return DNSServer.currentSystemDns() 123 | }else { 124 | return DNSServer.tunIPV4DNS 125 | } 126 | } 127 | func updateSetting() ->[DNSServer]{ 128 | 129 | var result:[DNSServer] 130 | if let r = SFSettingModule.setting.rule, let g = r.general{ 131 | result = setUpConfig(g.dnsserver) 132 | }else { 133 | result = setUpConfig(nil) 134 | } 135 | settings = result 136 | 137 | //SFNetworkInterfaceManager.instances.updateIPAddress() 138 | //settings.removeAll() 139 | //settings.appendContentsOf(result) 140 | 141 | return result 142 | } 143 | } 144 | -------------------------------------------------------------------------------- /TCP_UDP/SFUDPForwarder.swift: -------------------------------------------------------------------------------- 1 | // 2 | // UDPReplayer.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | // UDP 直接转发器 35 | class SFUDPForwarder:SFUDPConnector, GCDAsyncUdpSocketDelegate { 36 | 37 | 38 | 39 | var socket:GCDAsyncUdpSocket? 40 | var targetHost:String = "" //cache dest ip 41 | //var targetPort:UInt16 = 0 42 | 43 | 44 | var rule:SFRuler? 45 | 46 | override init(sip:NSData, dip:NSData,packet:UDPPacket) { 47 | super.init(sip: sip, dip: dip, packet: packet) 48 | //targetHost = 49 | //AxLogger.log("current only udp port 53 process, other port packet drop",level:.Warning) 50 | 51 | 52 | //socket = GCDAsyncUdpSocket.init(delegate: self, delegateQueue: dispatchQueue) 53 | //let rec:GCDAsyncUdpSocketReceiveFilterBlock = (NSData!, NSData!, AutoreleasingUnsafeMutablePointer) { 54 | 55 | //} 56 | targetHost = datatoIP(dip) 57 | start() 58 | 59 | } 60 | func start() { 61 | 62 | socket = GCDAsyncUdpSocket.init(delegate: self, delegateQueue: SFTCPConnectionManager.manager.dispatchQueue) 63 | 64 | do { 65 | //try socket?.connectToHost("192.168.11.1", onPort: 53) 66 | socket?.setDelegate(self) 67 | socket?.setDelegateQueue(SFTCPConnectionManager.manager.dispatchQueue) 68 | 69 | let message = String.init(format: "start udp %@:%d", targetHost ,dstPort) 70 | AxLogger.log(message,level: .Trace) 71 | try socket?.connectToHost(targetHost, onPort: dstPort) 72 | 73 | } catch let e as NSError { 74 | //AxLogger.log("can't connectToHost \(server)",level: .Erro) 75 | //NSLog("DNS can't connectToHost \(server) \(port) error:\(e)") 76 | AxLogger.log("DNS can't connectToHost \(e.description) ",level: .Error) 77 | } 78 | } 79 | func udpSocket(sock: GCDAsyncUdpSocket, didConnectToAddress address: NSData) { 80 | 81 | do { 82 | try sock.beginReceiving() 83 | connected = true 84 | processQuery() 85 | }catch let e as NSError { 86 | AxLogger.log("DNS:\(reqID) beginReceiving error :\(e.localizedDescription) ", level: .Error) 87 | } 88 | 89 | } 90 | override func addQuery(packet udp:UDPPacket!) { 91 | //let ip = IPv4Packet(PacketData:data) 92 | //let udp = UDPPacket.init(PacketData: ip.payloadData()) 93 | sendingQueue.append(udp) 94 | 95 | 96 | // if dstPort != 53 { 97 | // //AxLogger.log("dst \(dstPort) udp packet drop") 98 | // if dstPort >= 16384 && dstPort <= 16386{ 99 | // //AxLogger.log("Apple use udp \(dstPort) Apple FaceTime, Apple Game Center (RTP/RTCP) http://www.speedguide.net/port.php?port=16386") 100 | // } 101 | // self.delegate!.serverDidClose(self) 102 | // return 103 | // } 104 | //let packet:DNSPacket = DNSPacket.init(data: udp.payloadData()) 105 | //clientAddress = 0xf0070109.bigEndian// ip.srcIP 106 | // NSLog("DNS queryDomains:\(packet.queryDomains) via \(SFNetworkInterfaceManager.instances.dnsAddress())") 107 | // dstAddress = ip.destinationIP 108 | 109 | //let inden = packet.identifier 110 | //waittingQueriesMap[Int(queryIDCounter)] = inden 111 | //waittingQueriesTimeMap[inden] = NSDate() 112 | //AxLogger.log("inden:\(inden) clientPort:\(clientPort)",level: .Debug) 113 | //AxLogger.log("\(packet.queryDomains),waittingQueriesMap \(waittingQueriesMap)",level: .Debug) 114 | //let packet:DNSPacket = DNSPacket.init(packetData: data) 115 | 116 | //queries.append(packet!.rawData) 117 | processQuery() 118 | 119 | } 120 | 121 | func processQuery() { 122 | 123 | // //AxLogger.log("\(packet.rawData)") 124 | // 125 | // if (queryIDCounter == UInt16(UINT16_MAX)) { 126 | // queryIDCounter = 0 127 | // } 128 | // queryIDCounter += 1 129 | 130 | 131 | //let queryID:UInt16 = queryIDCounter++; 132 | //data.replaceBytesInRange(NSMakeRange(0, 2), withBytes: queryID) 133 | 134 | //[data replaceBytesInRange:NSMakeRange(0, 2) withBytes:&queryID]; 135 | //how to send data 136 | //waittingQueriesMap[queryID] = data 137 | //socket?.sendData(data, toHost: "192.168.0.245", port: 53, withTimeout: 10, tag: 0) 138 | //AxLogger.log("send dns request data: \(packet.rawData)",level: .Trace) 139 | 140 | activeTime = NSDate() 141 | let udp:UDPPacket = sendingQueue.removeFirst() 142 | //let clientPort = udp.sourcePort 143 | _ = udp.destinationPort 144 | if let s = socket { 145 | dispatch_async(SFTCPConnectionManager.manager.socketQueue){ [unowned self] in 146 | s.sendData(udp.payloadData(), withTimeout: 10, tag: 0) 147 | } 148 | 149 | } 150 | 151 | } 152 | internal func udpSocket(sock: GCDAsyncUdpSocket, didReceiveData tempdata: NSData, fromAddress address: NSData, withFilterContext filterContext: AnyObject?) { 153 | //收到dns replay packet 154 | activeTime = NSDate() 155 | AxLogger.log("UDP-\(reqID) recv data len:\(tempdata.length)", level: .Trace) 156 | var r:NSRange 157 | if address.length == 4{ 158 | r = NSMakeRange(0, 4) 159 | }else { 160 | //10020035 c0a800f5 00000000 00000000 这个是ipv6? 161 | //addr = address.subdataWithRange(NSMakeRange(4, 4)) 162 | r = NSMakeRange(4, 4) 163 | } 164 | 165 | var srcip:UInt32 = 0//0xc0a800f5//0b01 // 00f5 166 | //var dstip:UInt32 = 0xf0070109 //bigEndian//= 0xc0a80202 167 | //if let c = clientAddress { 168 | //c.getBytes(&dstip, length: 4) 169 | address.getBytes(&srcip, range: r) 170 | //} 171 | 172 | let data:NSData = tempdata 173 | 174 | 175 | //AxLogger.log("\(data) from address \(address.subdataWithRange(r))",level: .Trace) 176 | let data_len = 1460 - 28 //ip header + udp header 177 | if data.length != 0 { 178 | //NSLog("udpSocket recv data:%@", data) 179 | if data.length > data_len { 180 | var used:Int = 0 181 | let total:Int = data.length 182 | while used < total { 183 | var buffer:NSData 184 | if total - used > data_len { 185 | buffer = data.subdataWithRange(NSMakeRange(used, data_len)) 186 | used += data_len 187 | }else { 188 | buffer = data.subdataWithRange(NSMakeRange(used, total - used)) 189 | used += total - used 190 | } 191 | writePacketData(buffer) 192 | } 193 | }else { 194 | writePacketData(data) 195 | } 196 | 197 | 198 | }else { 199 | AxLogger.log("DNS request data error!",level: .Error) 200 | self.delegate!.serverDidClose(self) 201 | } 202 | 203 | } 204 | internal func writePacketData(data:NSData){ 205 | //这里要修改 206 | //NSLog("dns packet %@", data) 207 | 208 | let srcip:UInt32 = inet_addr(targetHost.cStringUsingEncoding(NSUTF8StringEncoding)!) //0xc0a800f5//0b01 // 00f5 209 | let dstip:UInt32 = inet_addr("240.7.1.9".cStringUsingEncoding(NSUTF8StringEncoding))//= 0xc0a80202 210 | 211 | let h = ipHeader(20+data.length+8, srcip ,dstip,queryIDCounter.bigEndian,UInt8(IPPROTO_UDP)) 212 | queryIDCounter += 1 213 | 214 | //NSLog("DNS 111") 215 | 216 | // var udp:UDPPacket 217 | // var ip:IPv4Packet 218 | // var packet:DNSPacket 219 | // if let cacheData = cacheData { 220 | // 221 | // cacheData.appendData(data) 222 | // packet = DNSPacket.init(data: cacheData) 223 | // }else { 224 | // packet = DNSPacket.init(data: data) 225 | // } 226 | //NSLog("DNS 222") 227 | 228 | let d = NSMutableData() 229 | d.appendData(h) 230 | 231 | let sport:UInt16 = dstPort 232 | d.write(sport.bigEndian) 233 | let cPort = clientPort // waittingQueriesMap[inden]{ 234 | d.write(UInt16((cPort.bigEndian))) 235 | 236 | let ulen = data.length + 8 237 | d.write(UInt16(ulen).bigEndian) 238 | d.write(UInt16(0)) 239 | // d.appendBytes(&(a.bigEndian), length: sizeof(a)) 240 | // d.appendBytes(&(srcport?.bigEndian) ,length: 2) 241 | d.appendData(data) 242 | //waittingQueriesMap.removeValueForKey(inden) 243 | if let delegate = self.delegate { 244 | delegate.serverDidQuery(self, data: d,close: false) 245 | } 246 | } 247 | func udpSocket(sock: GCDAsyncUdpSocket, didNotConnect error: NSError){ 248 | //NSLog("DNS didNotConnect: \(error)") 249 | // if let p = proxy { 250 | // let message = String.init(format: "#### %@:%d didNotConnect", p.serverAddress,p.serverPort) 251 | // AxLogger.log(message,level: .Error) 252 | // p.udpRelay = false 253 | // AxLogger.log("#### \(p.serverAddress):\(p.serverPort) UDP RELAY Error",level: .Warning) 254 | // } 255 | 256 | dispatch_async(dispatch_get_main_queue(), { 257 | if let d = self.delegate { 258 | d.serverDidClose(self) 259 | } 260 | }) 261 | 262 | 263 | 264 | } 265 | func udpSocket(sock: GCDAsyncUdpSocket, didSendDataWithTag tag: Int){ 266 | //NSLog("DNS didSendDataWithTag") 267 | } 268 | func udpSocketDidClose(sock: GCDAsyncUdpSocket, withError error: NSError){ 269 | //NSLog("DNS udpSocketDidClose \(error)") 270 | //socket?.setDelegate( nil) 271 | 272 | //socket = nil 273 | //self.start() 274 | if let d = delegate { 275 | d.serverDidClose(self) 276 | } 277 | 278 | } 279 | internal func udpSocket(sock: GCDAsyncUdpSocket, didNotSendDataWithTag tag: Int, dueToError error: NSError){ 280 | //NSLog("DNS didNotSendDataWithTag \(error)") 281 | // self.delegate!.serverDidClose(self) 282 | if let d = delegate { 283 | d.serverDidClose(self) 284 | } 285 | } 286 | func shutdownSocket(){ 287 | //maybe crash 288 | if let s = socket { 289 | s.setDelegate(nil) 290 | s.setDelegateQueue(nil) 291 | s.close() 292 | } 293 | } 294 | deinit { 295 | 296 | if let s = socket { 297 | s.setDelegate( nil) 298 | 299 | //s = nil 300 | } 301 | AxLogger.log("DNS-Server deinit",level: .Debug) 302 | } 303 | 304 | } 305 | -------------------------------------------------------------------------------- /TCP_UDP/SFUDPProxyForwarder.swift: -------------------------------------------------------------------------------- 1 | // 2 | // SFUDPProxyForwarder.swift 3 | // Surf 4 | // 5 | // Created by 孔祥波 on 8/16/16. 6 | // Copyright © 2016 yarshure. All rights reserved. 7 | // 8 | 9 | import Foundation 10 | -------------------------------------------------------------------------------- /TCP_UDP/TCPPacket.swift: -------------------------------------------------------------------------------- 1 | // 2 | // TCPPacket.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | import Darwin 35 | public class TCPPacket:NSObject{ 36 | 37 | } 38 | -------------------------------------------------------------------------------- /TCP_UDP/UDPPacket.swift: -------------------------------------------------------------------------------- 1 | // 2 | // UDPPacket.swift 3 | // Surf 4 | // 5 | //Copyright (c) 2016, networkextension 6 | //All rights reserved. 7 | // 8 | //Redistribution and use in source and binary forms, with or without 9 | //modification, are permitted provided that the following conditions are met: 10 | // 11 | //* Redistributions of source code must retain the above copyright notice, this 12 | //list of conditions and the following disclaimer. 13 | // 14 | //* Redistributions in binary form must reproduce the above copyright notice, 15 | //this list of conditions and the following disclaimer in the documentation 16 | //and/or other materials provided with the distribution. 17 | // 18 | //* Neither the name of SSencrypt nor the names of its 19 | //contributors may be used to endorse or promote products derived from 20 | //this software without specific prior written permission. 21 | // 22 | //THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 23 | //AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 | //IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 | //DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 26 | //FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 | //DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 28 | //SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | //CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | //OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 31 | //OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 | 33 | import Foundation 34 | import NetworkExtension 35 | 36 | 37 | public class UDPPacket:NSObject{ 38 | var sourcePort:UInt16 = 0 39 | var destinationPort:UInt16 = 0 40 | var _rawData:NSData? 41 | init(PacketData:NSData){ 42 | //debugLog("UDPPacket init") 43 | _rawData = PacketData 44 | var p = _rawData?.subdataWithRange(NSRange.init(location: 0, length: 2)) 45 | var d = data2Int(p!, len: 2) 46 | sourcePort = UInt16(d).byteSwapped 47 | p = _rawData?.subdataWithRange(NSRange.init(location: 2, length: 2)) 48 | d = data2Int(p!, len: 2) 49 | 50 | destinationPort = UInt16(d).byteSwapped 51 | super.init() 52 | } 53 | func payloadData() -> NSData{ 54 | return (_rawData?.subdataWithRange(NSRange.init(location: 8, length: (_rawData?.length)! - 8)))! 55 | } 56 | deinit{ 57 | //debugLog("UDPPacket deinit") 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /include/net/if_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2000-2012 Apple Inc. All rights reserved. 3 | * 4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 | * 6 | * This file contains Original Code and/or Modifications of Original Code 7 | * as defined in and that are subject to the Apple Public Source License 8 | * Version 2.0 (the 'License'). You may not use this file except in 9 | * compliance with the License. The rights granted to you under the License 10 | * may not be used to create, or enable the creation or redistribution of, 11 | * unlawful or unlicensed copies of an Apple operating system, or to 12 | * circumvent, violate, or enable the circumvention or violation of, any 13 | * terms of an Apple operating system software license agreement. 14 | * 15 | * Please obtain a copy of the License at 16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 | * 18 | * The Original Code and all software distributed under the License are 19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 | * Please see the License for the specific language governing rights and 24 | * limitations under the License. 25 | * 26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 | */ 28 | /* 29 | * Copyright (c) 1989, 1993, 1994 30 | * The Regents of the University of California. All rights reserved. 31 | * 32 | * Redistribution and use in source and binary forms, with or without 33 | * modification, are permitted provided that the following conditions 34 | * are met: 35 | * 1. Redistributions of source code must retain the above copyright 36 | * notice, this list of conditions and the following disclaimer. 37 | * 2. Redistributions in binary form must reproduce the above copyright 38 | * notice, this list of conditions and the following disclaimer in the 39 | * documentation and/or other materials provided with the distribution. 40 | * 3. All advertising materials mentioning features or use of this software 41 | * must display the following acknowledgement: 42 | * This product includes software developed by the University of 43 | * California, Berkeley and its contributors. 44 | * 4. Neither the name of the University nor the names of its contributors 45 | * may be used to endorse or promote products derived from this software 46 | * without specific prior written permission. 47 | * 48 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 | * SUCH DAMAGE. 59 | * 60 | * @(#)if_types.h 8.2 (Berkeley) 4/20/94 61 | * $FreeBSD: src/sys/net/if_types.h,v 1.8.2.3 2001/07/03 11:01:41 ume Exp $ 62 | */ 63 | 64 | #ifndef _NET_IF_TYPES_H_ 65 | #define _NET_IF_TYPES_H_ 66 | #include 67 | 68 | /* 69 | * Interface types for benefit of parsing media address headers. 70 | * This list is derived from the SNMP list of ifTypes, currently 71 | * documented in RFC1573. 72 | * The current list of assignments is maintained at: 73 | * http://www.iana.org/assignments/smi-numbers 74 | */ 75 | 76 | #define IFT_OTHER 0x1 /* none of the following */ 77 | #define IFT_1822 0x2 /* old-style arpanet imp */ 78 | #define IFT_HDH1822 0x3 /* HDH arpanet imp */ 79 | #define IFT_X25DDN 0x4 /* x25 to imp */ 80 | #define IFT_X25 0x5 /* PDN X25 interface (RFC877) */ 81 | #define IFT_ETHER 0x6 /* Ethernet CSMACD */ 82 | #define IFT_ISO88023 0x7 /* CMSA CD */ 83 | #define IFT_ISO88024 0x8 /* Token Bus */ 84 | #define IFT_ISO88025 0x9 /* Token Ring */ 85 | #define IFT_ISO88026 0xa /* MAN */ 86 | #define IFT_STARLAN 0xb 87 | #define IFT_P10 0xc /* Proteon 10MBit ring */ 88 | #define IFT_P80 0xd /* Proteon 80MBit ring */ 89 | #define IFT_HY 0xe /* Hyperchannel */ 90 | #define IFT_FDDI 0xf 91 | #define IFT_LAPB 0x10 92 | #define IFT_SDLC 0x11 93 | #define IFT_T1 0x12 94 | #define IFT_CEPT 0x13 /* E1 - european T1 */ 95 | #define IFT_ISDNBASIC 0x14 96 | #define IFT_ISDNPRIMARY 0x15 97 | #define IFT_PTPSERIAL 0x16 /* Proprietary PTP serial */ 98 | #define IFT_PPP 0x17 /* RFC 1331 */ 99 | #define IFT_LOOP 0x18 /* loopback */ 100 | #define IFT_EON 0x19 /* ISO over IP */ 101 | #define IFT_XETHER 0x1a /* obsolete 3MB experimental ethernet */ 102 | #define IFT_NSIP 0x1b /* XNS over IP */ 103 | #define IFT_SLIP 0x1c /* IP over generic TTY */ 104 | #define IFT_ULTRA 0x1d /* Ultra Technologies */ 105 | #define IFT_DS3 0x1e /* Generic T3 */ 106 | #define IFT_SIP 0x1f /* SMDS */ 107 | #define IFT_FRELAY 0x20 /* Frame Relay DTE only */ 108 | #define IFT_RS232 0x21 109 | #define IFT_PARA 0x22 /* parallel-port */ 110 | #define IFT_ARCNET 0x23 111 | #define IFT_ARCNETPLUS 0x24 112 | #define IFT_ATM 0x25 /* ATM cells */ 113 | #define IFT_MIOX25 0x26 114 | #define IFT_SONET 0x27 /* SONET or SDH */ 115 | #define IFT_X25PLE 0x28 116 | #define IFT_ISO88022LLC 0x29 117 | #define IFT_LOCALTALK 0x2a 118 | #define IFT_SMDSDXI 0x2b 119 | #define IFT_FRELAYDCE 0x2c /* Frame Relay DCE */ 120 | #define IFT_V35 0x2d 121 | #define IFT_HSSI 0x2e 122 | #define IFT_HIPPI 0x2f 123 | #define IFT_MODEM 0x30 /* Generic Modem */ 124 | #define IFT_AAL5 0x31 /* AAL5 over ATM */ 125 | #define IFT_SONETPATH 0x32 126 | #define IFT_SONETVT 0x33 127 | #define IFT_SMDSICIP 0x34 /* SMDS InterCarrier Interface */ 128 | #define IFT_PROPVIRTUAL 0x35 /* Proprietary Virtual/internal */ 129 | #define IFT_PROPMUX 0x36 /* Proprietary Multiplexing */ 130 | /* 131 | * IFT_GIF, IFT_FAITH and IFT_FAITH are not based on IANA assignments. 132 | * Note: IFT_STF has a defined ifType: 0xd7 (215), but we use 0x39. 133 | */ 134 | #define IFT_GIF 0x37 /*0xf0*/ 135 | #define IFT_FAITH 0x38 /*0xf2*/ 136 | #define IFT_STF 0x39 /*0xf3*/ 137 | 138 | #define IFT_L2VLAN 0x87 /* Layer 2 Virtual LAN using 802.1Q */ 139 | #define IFT_IEEE8023ADLAG 0x88 /* IEEE802.3ad Link Aggregate */ 140 | #define IFT_IEEE1394 0x90 /* IEEE1394 High Performance SerialBus*/ 141 | #define IFT_BRIDGE 0xd1 /* Transparent bridge interface */ 142 | 143 | #define IFT_ENC 0xf4 /* Encapsulation */ 144 | #define IFT_PFLOG 0xf5 /* Packet filter logging */ 145 | #define IFT_PFSYNC 0xf6 /* Packet filter state syncing */ 146 | #define IFT_CARP 0xf8 /* Common Address Redundancy Protocol */ 147 | #define IFT_PKTAP 0xfe /* Packet tap pseudo interface */ 148 | #define IFT_CELLULAR 0xff /* Packet Data over Cellular */ 149 | #define IFT_PDP IFT_CELLULAR /* deprecated; use IFT_CELLULAR */ 150 | 151 | #endif 152 | -------------------------------------------------------------------------------- /include/net/radix.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2000-2008 Apple Inc. All rights reserved. 3 | * 4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 | * 6 | * This file contains Original Code and/or Modifications of Original Code 7 | * as defined in and that are subject to the Apple Public Source License 8 | * Version 2.0 (the 'License'). You may not use this file except in 9 | * compliance with the License. The rights granted to you under the License 10 | * may not be used to create, or enable the creation or redistribution of, 11 | * unlawful or unlicensed copies of an Apple operating system, or to 12 | * circumvent, violate, or enable the circumvention or violation of, any 13 | * terms of an Apple operating system software license agreement. 14 | * 15 | * Please obtain a copy of the License at 16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 | * 18 | * The Original Code and all software distributed under the License are 19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 | * Please see the License for the specific language governing rights and 24 | * limitations under the License. 25 | * 26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 | */ 28 | /* 29 | * Copyright (c) 1988, 1989, 1993 30 | * The Regents of the University of California. All rights reserved. 31 | * 32 | * Redistribution and use in source and binary forms, with or without 33 | * modification, are permitted provided that the following conditions 34 | * are met: 35 | * 1. Redistributions of source code must retain the above copyright 36 | * notice, this list of conditions and the following disclaimer. 37 | * 2. Redistributions in binary form must reproduce the above copyright 38 | * notice, this list of conditions and the following disclaimer in the 39 | * documentation and/or other materials provided with the distribution. 40 | * 3. All advertising materials mentioning features or use of this software 41 | * must display the following acknowledgement: 42 | * This product includes software developed by the University of 43 | * California, Berkeley and its contributors. 44 | * 4. Neither the name of the University nor the names of its contributors 45 | * may be used to endorse or promote products derived from this software 46 | * without specific prior written permission. 47 | * 48 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 | * SUCH DAMAGE. 59 | * 60 | * @(#)radix.h 8.2 (Berkeley) 10/31/94 61 | * $FreeBSD: src/sys/net/radix.h,v 1.16.2.1 2000/05/03 19:17:11 wollman Exp $ 62 | */ 63 | 64 | #ifndef _RADIX_H_ 65 | #define _RADIX_H_ 66 | #include 67 | 68 | #ifdef PRIVATE 69 | 70 | #ifdef MALLOC_DECLARE 71 | MALLOC_DECLARE(M_RTABLE); 72 | #endif 73 | 74 | /* 75 | * Radix search tree node layout. 76 | */ 77 | 78 | struct radix_node { 79 | struct radix_mask *rn_mklist; /* list of masks contained in subtree */ 80 | struct radix_node *rn_parent; /* parent */ 81 | short rn_bit; /* bit offset; -1-index(netmask) */ 82 | char rn_bmask; /* node: mask for bit test*/ 83 | u_char rn_flags; /* enumerated next */ 84 | #define RNF_NORMAL 1 /* leaf contains normal route */ 85 | #define RNF_ROOT 2 /* leaf is root leaf for tree */ 86 | #define RNF_ACTIVE 4 /* This node is alive (for rtfree) */ 87 | union { 88 | struct { /* leaf only data: */ 89 | caddr_t rn_Key; /* object of search */ 90 | caddr_t rn_Mask; /* netmask, if present */ 91 | struct radix_node *rn_Dupedkey; 92 | } rn_leaf; 93 | struct { /* node only data: */ 94 | int rn_Off; /* where to start compare */ 95 | struct radix_node *rn_L;/* progeny */ 96 | struct radix_node *rn_R;/* progeny */ 97 | } rn_node; 98 | } rn_u; 99 | #ifdef RN_DEBUG 100 | int rn_info; 101 | struct radix_node *rn_twin; 102 | struct radix_node *rn_ybro; 103 | #endif 104 | 105 | }; 106 | 107 | #define rn_dupedkey rn_u.rn_leaf.rn_Dupedkey 108 | #define rn_key rn_u.rn_leaf.rn_Key 109 | #define rn_mask rn_u.rn_leaf.rn_Mask 110 | #define rn_offset rn_u.rn_node.rn_Off 111 | #define rn_left rn_u.rn_node.rn_L 112 | #define rn_right rn_u.rn_node.rn_R 113 | 114 | /* 115 | * Annotations to tree concerning potential routes applying to subtrees. 116 | */ 117 | 118 | struct radix_mask { 119 | short rm_bit; /* bit offset; -1-index(netmask) */ 120 | char rm_unused; /* cf. rn_bmask */ 121 | u_char rm_flags; /* cf. rn_flags */ 122 | struct radix_mask *rm_mklist; /* more masks to try */ 123 | union { 124 | caddr_t rmu_mask; /* the mask */ 125 | struct radix_node *rmu_leaf; /* for normal routes */ 126 | } rm_rmu; 127 | int rm_refs; /* # of references to this struct */ 128 | }; 129 | 130 | #define rm_mask rm_rmu.rmu_mask 131 | #define rm_leaf rm_rmu.rmu_leaf /* extra field would make 32 bytes */ 132 | 133 | 134 | #define MKGet(m) {\ 135 | if (rn_mkfreelist) {\ 136 | m = rn_mkfreelist; \ 137 | rn_mkfreelist = (m)->rm_mklist; \ 138 | } else \ 139 | R_Malloc(m, struct radix_mask *, sizeof (*(m))); }\ 140 | 141 | #define MKFree(m) { (m)->rm_mklist = rn_mkfreelist; rn_mkfreelist = (m);} 142 | 143 | typedef int walktree_f_t(struct radix_node *, void *); 144 | typedef int rn_matchf_t(struct radix_node *, void *); 145 | 146 | struct radix_node_head { 147 | struct radix_node *rnh_treetop; 148 | int rnh_addrsize; /* permit, but not require fixed keys */ 149 | int rnh_pktsize; /* permit, but not require fixed keys */ 150 | struct radix_node *(*rnh_addaddr) /* add based on sockaddr */ 151 | (void *v, void *mask, 152 | struct radix_node_head *head, struct radix_node nodes[]); 153 | struct radix_node *(*rnh_addpkt) /* add based on packet hdr */ 154 | (void *v, void *mask, 155 | struct radix_node_head *head, struct radix_node nodes[]); 156 | struct radix_node *(*rnh_deladdr) /* remove based on sockaddr */ 157 | (void *v, void *mask, struct radix_node_head *head); 158 | struct radix_node *(*rnh_delpkt) /* remove based on packet hdr */ 159 | (void *v, void *mask, struct radix_node_head *head); 160 | struct radix_node *(*rnh_matchaddr) /* locate based on sockaddr */ 161 | (void *v, struct radix_node_head *head); 162 | /* locate based on sockaddr and rn_matchf_t() */ 163 | struct radix_node *(*rnh_matchaddr_args) 164 | (void *v, struct radix_node_head *head, 165 | rn_matchf_t *f, void *w); 166 | struct radix_node *(*rnh_lookup) /* locate based on sockaddr */ 167 | (void *v, void *mask, struct radix_node_head *head); 168 | /* locate based on sockaddr, mask and rn_matchf_t() */ 169 | struct radix_node *(*rnh_lookup_args) 170 | (void *v, void *mask, struct radix_node_head *head, 171 | rn_matchf_t *f, void *); 172 | struct radix_node *(*rnh_matchpkt) /* locate based on packet hdr */ 173 | (void *v, struct radix_node_head *head); 174 | int (*rnh_walktree) /* traverse tree */ 175 | (struct radix_node_head *head, walktree_f_t *f, void *w); 176 | int (*rnh_walktree_from) /* traverse tree below a */ 177 | (struct radix_node_head *head, void *a, void *m, 178 | walktree_f_t *f, void *w); 179 | void (*rnh_close) /* do something when the last ref drops */ 180 | (struct radix_node *rn, struct radix_node_head *head); 181 | struct radix_node rnh_nodes[3]; /* empty tree for common case */ 182 | int rnh_cnt; /* tree dimension */ 183 | }; 184 | 185 | #ifndef KERNEL 186 | #define Bcmp(a, b, n) bcmp(((char *)(a)), ((char *)(b)), (n)) 187 | #define Bcopy(a, b, n) bcopy(((char *)(a)), ((char *)(b)), (unsigned)(n)) 188 | #define Bzero(p, n) bzero((char *)(p), (int)(n)); 189 | #define R_Malloc(p, t, n) (p = (t) malloc((unsigned int)(n))) 190 | #define R_Free(p) free((char *)p); 191 | #else 192 | #define Bcmp(a, b, n) bcmp(((caddr_t)(a)), ((caddr_t)(b)), (unsigned)(n)) 193 | #define Bcopy(a, b, n) bcopy(((caddr_t)(a)), ((caddr_t)(b)), (unsigned)(n)) 194 | #define Bzero(p, n) bzero((caddr_t)(p), (unsigned)(n)); 195 | #define R_Malloc(p, t, n) (p = (t) _MALLOC((uint32_t)(n), M_RTABLE, M_WAITOK)) 196 | #define R_Free(p) FREE((caddr_t)p, M_RTABLE); 197 | #endif /*KERNEL*/ 198 | 199 | void rn_init(void); 200 | int rn_inithead(void **, int); 201 | int rn_refines(void *, void *); 202 | struct radix_node 203 | *rn_addmask(void *, int, int), 204 | *rn_addroute(void *, void *, struct radix_node_head *, 205 | struct radix_node [2]), 206 | *rn_delete(void *, void *, struct radix_node_head *), 207 | *rn_lookup(void *v_arg, void *m_arg, struct radix_node_head *head), 208 | *rn_lookup_args(void *v_arg, void *m_arg, struct radix_node_head *head, 209 | rn_matchf_t *, void *), 210 | *rn_match(void *, struct radix_node_head *), 211 | *rn_match_args(void *, struct radix_node_head *, rn_matchf_t *, void *); 212 | 213 | #endif /* PRIVATE */ 214 | #endif /* _RADIX_H_ */ 215 | -------------------------------------------------------------------------------- /include/netstat.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2008-2015 Apple Inc. All rights reserved. 3 | * 4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 | * 6 | * This file contains Original Code and/or Modifications of Original Code 7 | * as defined in and that are subject to the Apple Public Source License 8 | * Version 2.0 (the 'License'). You may not use this file except in 9 | * compliance with the License. The rights granted to you under the License 10 | * may not be used to create, or enable the creation or redistribution of, 11 | * unlawful or unlicensed copies of an Apple operating system, or to 12 | * circumvent, violate, or enable the circumvention or violation of, any 13 | * terms of an Apple operating system software license agreement. 14 | * 15 | * Please obtain a copy of the License at 16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 | * 18 | * The Original Code and all software distributed under the License are 19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 | * Please see the License for the specific language governing rights and 24 | * limitations under the License. 25 | * 26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 | */ 28 | /* 29 | * Copyright (c) 1992, 1993 30 | * Regents of the University of California. All rights reserved. 31 | * 32 | * Redistribution and use in source and binary forms, with or without 33 | * modification, are permitted provided that the following conditions 34 | * are met: 35 | * 1. Redistributions of source code must retain the above copyright 36 | * notice, this list of conditions and the following disclaimer. 37 | * 2. Redistributions in binary form must reproduce the above copyright 38 | * notice, this list of conditions and the following disclaimer in the 39 | * documentation and/or other materials provided with the distribution. 40 | * 3. All advertising materials mentioning features or use of this software 41 | * must display the following acknowledgement: 42 | * This product includes software developed by the University of 43 | * California, Berkeley and its contributors. 44 | * 4. Neither the name of the University nor the names of its contributors 45 | * may be used to endorse or promote products derived from this software 46 | * without specific prior written permission. 47 | * 48 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 49 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 50 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 51 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 52 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 53 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 54 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 55 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 56 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 57 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 58 | * SUCH DAMAGE. 59 | * 60 | * @(#)netstat.h 8.2 (Berkeley) 1/4/94 61 | */ 62 | 63 | #include 64 | #include 65 | #include 66 | 67 | #include 68 | 69 | extern int Aflag; /* show addresses of protocol control block */ 70 | extern int aflag; /* show all sockets (including servers) */ 71 | extern int bflag; /* show i/f total bytes in/out */ 72 | extern int cflag; /* show specific classq */ 73 | extern int dflag; /* show i/f dropped packets */ 74 | extern int Fflag; /* show i/f forwarded packets */ 75 | #if defined(__APPLE__) && !TARGET_OS_EMBEDDED 76 | extern int gflag; /* show group (multicast) routing or stats */ 77 | #endif 78 | extern int iflag; /* show interfaces */ 79 | extern int lflag; /* show routing table with use and ref */ 80 | extern int Lflag; /* show size of listen queues */ 81 | extern int mflag; /* show memory stats */ 82 | extern int nflag; /* show addresses numerically */ 83 | extern int Rflag; /* show reachability information */ 84 | extern int rflag; /* show routing tables (or routing stats) */ 85 | extern int sflag; /* show protocol statistics */ 86 | extern int prioflag; /* show packet priority statistics */ 87 | extern int tflag; /* show i/f watchdog timers */ 88 | extern int vflag; /* more verbose */ 89 | extern int Wflag; /* wide display */ 90 | extern int qflag; /* Display ifclassq stats */ 91 | extern int Qflag; /* Display opportunistic polling stats */ 92 | extern int xflag; /* show extended link-layer reachability information */ 93 | 94 | extern int cq; /* send classq index (-1 for all) */ 95 | extern int interval; /* repeat interval for i/f stats */ 96 | 97 | extern char *interface; /* desired i/f for stats, or NULL for all i/fs */ 98 | extern int unit; /* unit number for above */ 99 | 100 | extern int af; /* address family */ 101 | 102 | extern char *plural(int); 103 | extern char *plurales(int); 104 | extern char *pluralies(int); 105 | 106 | extern void protopr(uint32_t, char *, int); 107 | extern void mptcppr(uint32_t, char *, int); 108 | extern void tcp_stats(uint32_t, char *, int); 109 | extern void mptcp_stats(uint32_t, char *, int); 110 | extern void udp_stats(uint32_t, char *, int); 111 | extern void ip_stats(uint32_t, char *, int); 112 | extern void icmp_stats(uint32_t, char *, int); 113 | extern void igmp_stats(uint32_t, char *, int); 114 | extern void arp_stats(uint32_t, char *, int); 115 | #ifdef IPSEC 116 | extern void ipsec_stats(uint32_t, char *, int); 117 | #endif 118 | 119 | #ifdef INET6 120 | extern void ip6_stats(uint32_t, char *, int); 121 | extern void ip6_ifstats(char *); 122 | extern void icmp6_stats(uint32_t, char *, int); 123 | extern void icmp6_ifstats(char *); 124 | extern void rip6_stats(uint32_t, char *, int); 125 | 126 | /* forward references */ 127 | struct sockaddr_in6; 128 | struct in6_addr; 129 | struct sockaddr; 130 | 131 | extern char *routename6(struct sockaddr_in6 *); 132 | extern char *netname6(struct sockaddr_in6 *, struct sockaddr *); 133 | #endif /*INET6*/ 134 | 135 | #ifdef IPSEC 136 | extern void pfkey_stats(uint32_t, char *, int); 137 | #endif 138 | 139 | extern void systmpr(uint32_t, char *, int); 140 | extern void kctl_stats(uint32_t, char *, int); 141 | extern void kevt_stats(uint32_t, char *, int); 142 | 143 | extern void mbpr(void); 144 | 145 | extern void intpr(void (*)(char *)); 146 | extern void intpr_ri(void (*)(char *)); 147 | extern void intervalpr(void (*)(uint32_t, char *, int), uint32_t, 148 | char *, int); 149 | 150 | extern void pr_rthdr(int); 151 | extern void pr_family(int); 152 | extern void rt_stats(void); 153 | extern void upHex(char *); 154 | extern char *routename(uint32_t); 155 | extern char *netname(uint32_t, uint32_t); 156 | extern void routepr(char *p); 157 | 158 | extern void unixpr(void); 159 | extern void aqstatpr(void); 160 | extern void rxpollstatpr(void); 161 | 162 | extern void ifmalist_dump(void); 163 | 164 | extern int print_time(void); 165 | extern void print_link_status(const char *); 166 | 167 | extern void print_extbkidle_stats(uint32_t, char *, int); 168 | extern void print_nstat_stats(uint32_t, char *, int); 169 | -------------------------------------------------------------------------------- /include/sodium.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef sodium_H 3 | #define sodium_H 4 | 5 | #include "sodium/core.h" 6 | #include "sodium/crypto_aead_aes256gcm.h" 7 | #include "sodium/crypto_aead_chacha20poly1305.h" 8 | #include "sodium/crypto_auth.h" 9 | #include "sodium/crypto_auth_hmacsha256.h" 10 | #include "sodium/crypto_auth_hmacsha512.h" 11 | #include "sodium/crypto_auth_hmacsha512256.h" 12 | #include "sodium/crypto_box.h" 13 | #include "sodium/crypto_box_curve25519xsalsa20poly1305.h" 14 | #include "sodium/crypto_core_hsalsa20.h" 15 | #include "sodium/crypto_core_salsa20.h" 16 | #include "sodium/crypto_core_salsa2012.h" 17 | #include "sodium/crypto_core_salsa208.h" 18 | #include "sodium/crypto_generichash.h" 19 | #include "sodium/crypto_generichash_blake2b.h" 20 | #include "sodium/crypto_hash.h" 21 | #include "sodium/crypto_hash_sha256.h" 22 | #include "sodium/crypto_hash_sha512.h" 23 | #include "sodium/crypto_onetimeauth.h" 24 | #include "sodium/crypto_onetimeauth_poly1305.h" 25 | #include "sodium/crypto_pwhash_scryptsalsa208sha256.h" 26 | #include "sodium/crypto_scalarmult.h" 27 | #include "sodium/crypto_scalarmult_curve25519.h" 28 | #include "sodium/crypto_secretbox.h" 29 | #include "sodium/crypto_secretbox_xsalsa20poly1305.h" 30 | #include "sodium/crypto_shorthash.h" 31 | #include "sodium/crypto_shorthash_siphash24.h" 32 | #include "sodium/crypto_sign.h" 33 | #include "sodium/crypto_sign_ed25519.h" 34 | #include "sodium/crypto_stream.h" 35 | #include "sodium/crypto_stream_aes128ctr.h" 36 | #include "sodium/crypto_stream_chacha20.h" 37 | #include "sodium/crypto_stream_salsa20.h" 38 | #include "sodium/crypto_stream_salsa2012.h" 39 | #include "sodium/crypto_stream_salsa208.h" 40 | #include "sodium/crypto_stream_xsalsa20.h" 41 | #include "sodium/crypto_verify_16.h" 42 | #include "sodium/crypto_verify_32.h" 43 | #include "sodium/crypto_verify_64.h" 44 | #include "sodium/randombytes.h" 45 | #ifdef __native_client__ 46 | # include "sodium/randombytes_nativeclient.h" 47 | #endif 48 | #include "sodium/randombytes_salsa20_random.h" 49 | #include "sodium/randombytes_sysrandom.h" 50 | #include "sodium/runtime.h" 51 | #include "sodium/utils.h" 52 | #include "sodium/version.h" 53 | 54 | #endif 55 | -------------------------------------------------------------------------------- /include/sodium/core.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef sodium_core_H 3 | #define sodium_core_H 4 | 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | SODIUM_EXPORT 12 | int sodium_init(void) 13 | __attribute__ ((warn_unused_result)); 14 | 15 | #ifdef __cplusplus 16 | } 17 | #endif 18 | 19 | #endif 20 | -------------------------------------------------------------------------------- /include/sodium/crypto_aead_aes256gcm.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_aead_aes256gcm_H 2 | #define crypto_aead_aes256gcm_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | # if __GNUC__ 9 | # pragma GCC diagnostic ignored "-Wlong-long" 10 | # endif 11 | extern "C" { 12 | #endif 13 | 14 | SODIUM_EXPORT 15 | int crypto_aead_aes256gcm_is_available(void); 16 | 17 | #define crypto_aead_aes256gcm_KEYBYTES 32U 18 | SODIUM_EXPORT 19 | size_t crypto_aead_aes256gcm_keybytes(void); 20 | 21 | #define crypto_aead_aes256gcm_NSECBYTES 0U 22 | SODIUM_EXPORT 23 | size_t crypto_aead_aes256gcm_nsecbytes(void); 24 | 25 | #define crypto_aead_aes256gcm_NPUBBYTES 12U 26 | SODIUM_EXPORT 27 | size_t crypto_aead_aes256gcm_npubbytes(void); 28 | 29 | #define crypto_aead_aes256gcm_ABYTES 16U 30 | SODIUM_EXPORT 31 | size_t crypto_aead_aes256gcm_abytes(void); 32 | 33 | typedef CRYPTO_ALIGN(16) unsigned char crypto_aead_aes256gcm_state[512]; 34 | SODIUM_EXPORT 35 | size_t crypto_aead_aes256gcm_statebytes(void); 36 | 37 | SODIUM_EXPORT 38 | int crypto_aead_aes256gcm_encrypt(unsigned char *c, 39 | unsigned long long *clen_p, 40 | const unsigned char *m, 41 | unsigned long long mlen, 42 | const unsigned char *ad, 43 | unsigned long long adlen, 44 | const unsigned char *nsec, 45 | const unsigned char *npub, 46 | const unsigned char *k); 47 | 48 | SODIUM_EXPORT 49 | int crypto_aead_aes256gcm_decrypt(unsigned char *m, 50 | unsigned long long *mlen_p, 51 | unsigned char *nsec, 52 | const unsigned char *c, 53 | unsigned long long clen, 54 | const unsigned char *ad, 55 | unsigned long long adlen, 56 | const unsigned char *npub, 57 | const unsigned char *k) 58 | __attribute__ ((warn_unused_result)); 59 | 60 | SODIUM_EXPORT 61 | int crypto_aead_aes256gcm_beforenm(crypto_aead_aes256gcm_state *ctx_, 62 | const unsigned char *k); 63 | 64 | SODIUM_EXPORT 65 | int crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c, 66 | unsigned long long *clen_p, 67 | const unsigned char *m, 68 | unsigned long long mlen, 69 | const unsigned char *ad, 70 | unsigned long long adlen, 71 | const unsigned char *nsec, 72 | const unsigned char *npub, 73 | const crypto_aead_aes256gcm_state *ctx_); 74 | 75 | SODIUM_EXPORT 76 | int crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m, 77 | unsigned long long *mlen_p, 78 | unsigned char *nsec, 79 | const unsigned char *c, 80 | unsigned long long clen, 81 | const unsigned char *ad, 82 | unsigned long long adlen, 83 | const unsigned char *npub, 84 | const crypto_aead_aes256gcm_state *ctx_) 85 | __attribute__ ((warn_unused_result)); 86 | 87 | #ifdef __cplusplus 88 | } 89 | #endif 90 | 91 | #endif 92 | -------------------------------------------------------------------------------- /include/sodium/crypto_aead_chacha20poly1305.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_aead_chacha20poly1305_H 2 | #define crypto_aead_chacha20poly1305_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | # if __GNUC__ 9 | # pragma GCC diagnostic ignored "-Wlong-long" 10 | # endif 11 | extern "C" { 12 | #endif 13 | 14 | #define crypto_aead_chacha20poly1305_KEYBYTES 32U 15 | SODIUM_EXPORT 16 | size_t crypto_aead_chacha20poly1305_keybytes(void); 17 | 18 | #define crypto_aead_chacha20poly1305_NSECBYTES 0U 19 | SODIUM_EXPORT 20 | size_t crypto_aead_chacha20poly1305_nsecbytes(void); 21 | 22 | #define crypto_aead_chacha20poly1305_NPUBBYTES 8U 23 | SODIUM_EXPORT 24 | size_t crypto_aead_chacha20poly1305_npubbytes(void); 25 | 26 | #define crypto_aead_chacha20poly1305_ABYTES 16U 27 | SODIUM_EXPORT 28 | size_t crypto_aead_chacha20poly1305_abytes(void); 29 | 30 | SODIUM_EXPORT 31 | int crypto_aead_chacha20poly1305_encrypt(unsigned char *c, 32 | unsigned long long *clen_p, 33 | const unsigned char *m, 34 | unsigned long long mlen, 35 | const unsigned char *ad, 36 | unsigned long long adlen, 37 | const unsigned char *nsec, 38 | const unsigned char *npub, 39 | const unsigned char *k); 40 | 41 | SODIUM_EXPORT 42 | int crypto_aead_chacha20poly1305_decrypt(unsigned char *m, 43 | unsigned long long *mlen_p, 44 | unsigned char *nsec, 45 | const unsigned char *c, 46 | unsigned long long clen, 47 | const unsigned char *ad, 48 | unsigned long long adlen, 49 | const unsigned char *npub, 50 | const unsigned char *k) 51 | __attribute__ ((warn_unused_result)); 52 | 53 | #define crypto_aead_chacha20poly1305_IETF_NPUBBYTES 12U 54 | SODIUM_EXPORT 55 | size_t crypto_aead_chacha20poly1305_ietf_npubbytes(void); 56 | 57 | SODIUM_EXPORT 58 | int crypto_aead_chacha20poly1305_ietf_encrypt(unsigned char *c, 59 | unsigned long long *clen_p, 60 | const unsigned char *m, 61 | unsigned long long mlen, 62 | const unsigned char *ad, 63 | unsigned long long adlen, 64 | const unsigned char *nsec, 65 | const unsigned char *npub, 66 | const unsigned char *k); 67 | 68 | SODIUM_EXPORT 69 | int crypto_aead_chacha20poly1305_ietf_decrypt(unsigned char *m, 70 | unsigned long long *mlen_p, 71 | unsigned char *nsec, 72 | const unsigned char *c, 73 | unsigned long long clen, 74 | const unsigned char *ad, 75 | unsigned long long adlen, 76 | const unsigned char *npub, 77 | const unsigned char *k) 78 | __attribute__ ((warn_unused_result)); 79 | 80 | #ifdef __cplusplus 81 | } 82 | #endif 83 | 84 | #endif 85 | -------------------------------------------------------------------------------- /include/sodium/crypto_auth.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_auth_H 2 | #define crypto_auth_H 3 | 4 | #include 5 | 6 | #include "crypto_auth_hmacsha512256.h" 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | # if __GNUC__ 11 | # pragma GCC diagnostic ignored "-Wlong-long" 12 | # endif 13 | extern "C" { 14 | #endif 15 | 16 | #define crypto_auth_BYTES crypto_auth_hmacsha512256_BYTES 17 | SODIUM_EXPORT 18 | size_t crypto_auth_bytes(void); 19 | 20 | #define crypto_auth_KEYBYTES crypto_auth_hmacsha512256_KEYBYTES 21 | SODIUM_EXPORT 22 | size_t crypto_auth_keybytes(void); 23 | 24 | #define crypto_auth_PRIMITIVE "hmacsha512256" 25 | SODIUM_EXPORT 26 | const char *crypto_auth_primitive(void); 27 | 28 | SODIUM_EXPORT 29 | int crypto_auth(unsigned char *out, const unsigned char *in, 30 | unsigned long long inlen, const unsigned char *k); 31 | 32 | SODIUM_EXPORT 33 | int crypto_auth_verify(const unsigned char *h, const unsigned char *in, 34 | unsigned long long inlen, const unsigned char *k) 35 | __attribute__ ((warn_unused_result)); 36 | 37 | #ifdef __cplusplus 38 | } 39 | #endif 40 | 41 | #endif 42 | -------------------------------------------------------------------------------- /include/sodium/crypto_auth_hmacsha256.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_auth_hmacsha256_H 2 | #define crypto_auth_hmacsha256_H 3 | 4 | #include 5 | #include "crypto_hash_sha256.h" 6 | #include "export.h" 7 | 8 | #ifdef __cplusplus 9 | # if __GNUC__ 10 | # pragma GCC diagnostic ignored "-Wlong-long" 11 | # endif 12 | extern "C" { 13 | #endif 14 | 15 | #define crypto_auth_hmacsha256_BYTES 32U 16 | SODIUM_EXPORT 17 | size_t crypto_auth_hmacsha256_bytes(void); 18 | 19 | #define crypto_auth_hmacsha256_KEYBYTES 32U 20 | SODIUM_EXPORT 21 | size_t crypto_auth_hmacsha256_keybytes(void); 22 | 23 | SODIUM_EXPORT 24 | int crypto_auth_hmacsha256(unsigned char *out, 25 | const unsigned char *in, 26 | unsigned long long inlen, 27 | const unsigned char *k); 28 | 29 | SODIUM_EXPORT 30 | int crypto_auth_hmacsha256_verify(const unsigned char *h, 31 | const unsigned char *in, 32 | unsigned long long inlen, 33 | const unsigned char *k) 34 | __attribute__ ((warn_unused_result)); 35 | 36 | /* ------------------------------------------------------------------------- */ 37 | 38 | typedef struct crypto_auth_hmacsha256_state { 39 | crypto_hash_sha256_state ictx; 40 | crypto_hash_sha256_state octx; 41 | } crypto_auth_hmacsha256_state; 42 | SODIUM_EXPORT 43 | size_t crypto_auth_hmacsha256_statebytes(void); 44 | 45 | SODIUM_EXPORT 46 | int crypto_auth_hmacsha256_init(crypto_auth_hmacsha256_state *state, 47 | const unsigned char *key, 48 | size_t keylen); 49 | 50 | SODIUM_EXPORT 51 | int crypto_auth_hmacsha256_update(crypto_auth_hmacsha256_state *state, 52 | const unsigned char *in, 53 | unsigned long long inlen); 54 | 55 | SODIUM_EXPORT 56 | int crypto_auth_hmacsha256_final(crypto_auth_hmacsha256_state *state, 57 | unsigned char *out); 58 | 59 | #ifdef __cplusplus 60 | } 61 | #endif 62 | 63 | #endif 64 | -------------------------------------------------------------------------------- /include/sodium/crypto_auth_hmacsha512.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_auth_hmacsha512_H 2 | #define crypto_auth_hmacsha512_H 3 | 4 | #include 5 | #include "crypto_hash_sha512.h" 6 | #include "export.h" 7 | 8 | #ifdef __cplusplus 9 | # if __GNUC__ 10 | # pragma GCC diagnostic ignored "-Wlong-long" 11 | # endif 12 | extern "C" { 13 | #endif 14 | 15 | #define crypto_auth_hmacsha512_BYTES 64U 16 | SODIUM_EXPORT 17 | size_t crypto_auth_hmacsha512_bytes(void); 18 | 19 | #define crypto_auth_hmacsha512_KEYBYTES 32U 20 | SODIUM_EXPORT 21 | size_t crypto_auth_hmacsha512_keybytes(void); 22 | 23 | SODIUM_EXPORT 24 | int crypto_auth_hmacsha512(unsigned char *out, 25 | const unsigned char *in, 26 | unsigned long long inlen, 27 | const unsigned char *k); 28 | 29 | SODIUM_EXPORT 30 | int crypto_auth_hmacsha512_verify(const unsigned char *h, 31 | const unsigned char *in, 32 | unsigned long long inlen, 33 | const unsigned char *k) 34 | __attribute__ ((warn_unused_result)); 35 | 36 | /* ------------------------------------------------------------------------- */ 37 | 38 | typedef struct crypto_auth_hmacsha512_state { 39 | crypto_hash_sha512_state ictx; 40 | crypto_hash_sha512_state octx; 41 | } crypto_auth_hmacsha512_state; 42 | SODIUM_EXPORT 43 | size_t crypto_auth_hmacsha512_statebytes(void); 44 | 45 | SODIUM_EXPORT 46 | int crypto_auth_hmacsha512_init(crypto_auth_hmacsha512_state *state, 47 | const unsigned char *key, 48 | size_t keylen); 49 | 50 | SODIUM_EXPORT 51 | int crypto_auth_hmacsha512_update(crypto_auth_hmacsha512_state *state, 52 | const unsigned char *in, 53 | unsigned long long inlen); 54 | 55 | SODIUM_EXPORT 56 | int crypto_auth_hmacsha512_final(crypto_auth_hmacsha512_state *state, 57 | unsigned char *out); 58 | 59 | #ifdef __cplusplus 60 | } 61 | #endif 62 | 63 | #endif 64 | -------------------------------------------------------------------------------- /include/sodium/crypto_auth_hmacsha512256.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_auth_hmacsha512256_H 2 | #define crypto_auth_hmacsha512256_H 3 | 4 | #include 5 | #include "crypto_auth_hmacsha512.h" 6 | #include "export.h" 7 | 8 | #ifdef __cplusplus 9 | # if __GNUC__ 10 | # pragma GCC diagnostic ignored "-Wlong-long" 11 | # endif 12 | extern "C" { 13 | #endif 14 | 15 | #define crypto_auth_hmacsha512256_BYTES 32U 16 | SODIUM_EXPORT 17 | size_t crypto_auth_hmacsha512256_bytes(void); 18 | 19 | #define crypto_auth_hmacsha512256_KEYBYTES 32U 20 | SODIUM_EXPORT 21 | size_t crypto_auth_hmacsha512256_keybytes(void); 22 | 23 | SODIUM_EXPORT 24 | int crypto_auth_hmacsha512256(unsigned char *out, const unsigned char *in, 25 | unsigned long long inlen,const unsigned char *k); 26 | 27 | SODIUM_EXPORT 28 | int crypto_auth_hmacsha512256_verify(const unsigned char *h, 29 | const unsigned char *in, 30 | unsigned long long inlen, 31 | const unsigned char *k) 32 | __attribute__ ((warn_unused_result)); 33 | 34 | /* ------------------------------------------------------------------------- */ 35 | 36 | typedef crypto_auth_hmacsha512_state crypto_auth_hmacsha512256_state; 37 | SODIUM_EXPORT 38 | size_t crypto_auth_hmacsha512256_statebytes(void); 39 | 40 | SODIUM_EXPORT 41 | int crypto_auth_hmacsha512256_init(crypto_auth_hmacsha512256_state *state, 42 | const unsigned char *key, 43 | size_t keylen); 44 | 45 | SODIUM_EXPORT 46 | int crypto_auth_hmacsha512256_update(crypto_auth_hmacsha512256_state *state, 47 | const unsigned char *in, 48 | unsigned long long inlen); 49 | 50 | SODIUM_EXPORT 51 | int crypto_auth_hmacsha512256_final(crypto_auth_hmacsha512256_state *state, 52 | unsigned char *out); 53 | 54 | #ifdef __cplusplus 55 | } 56 | #endif 57 | 58 | #endif 59 | -------------------------------------------------------------------------------- /include/sodium/crypto_box.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_box_H 2 | #define crypto_box_H 3 | 4 | /* 5 | * THREAD SAFETY: crypto_box_keypair() is thread-safe, 6 | * provided that you called sodium_init() once before using any 7 | * other libsodium function. 8 | * Other functions are always thread-safe. 9 | */ 10 | 11 | #include 12 | 13 | #include "crypto_box_curve25519xsalsa20poly1305.h" 14 | #include "export.h" 15 | 16 | #ifdef __cplusplus 17 | # if __GNUC__ 18 | # pragma GCC diagnostic ignored "-Wlong-long" 19 | # endif 20 | extern "C" { 21 | #endif 22 | 23 | #define crypto_box_SEEDBYTES crypto_box_curve25519xsalsa20poly1305_SEEDBYTES 24 | SODIUM_EXPORT 25 | size_t crypto_box_seedbytes(void); 26 | 27 | #define crypto_box_PUBLICKEYBYTES crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES 28 | SODIUM_EXPORT 29 | size_t crypto_box_publickeybytes(void); 30 | 31 | #define crypto_box_SECRETKEYBYTES crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES 32 | SODIUM_EXPORT 33 | size_t crypto_box_secretkeybytes(void); 34 | 35 | #define crypto_box_NONCEBYTES crypto_box_curve25519xsalsa20poly1305_NONCEBYTES 36 | SODIUM_EXPORT 37 | size_t crypto_box_noncebytes(void); 38 | 39 | #define crypto_box_MACBYTES crypto_box_curve25519xsalsa20poly1305_MACBYTES 40 | SODIUM_EXPORT 41 | size_t crypto_box_macbytes(void); 42 | 43 | #define crypto_box_PRIMITIVE "curve25519xsalsa20poly1305" 44 | SODIUM_EXPORT 45 | const char *crypto_box_primitive(void); 46 | 47 | SODIUM_EXPORT 48 | int crypto_box_seed_keypair(unsigned char *pk, unsigned char *sk, 49 | const unsigned char *seed); 50 | 51 | SODIUM_EXPORT 52 | int crypto_box_keypair(unsigned char *pk, unsigned char *sk); 53 | 54 | SODIUM_EXPORT 55 | int crypto_box_easy(unsigned char *c, const unsigned char *m, 56 | unsigned long long mlen, const unsigned char *n, 57 | const unsigned char *pk, const unsigned char *sk) 58 | __attribute__ ((warn_unused_result)); 59 | 60 | SODIUM_EXPORT 61 | int crypto_box_open_easy(unsigned char *m, const unsigned char *c, 62 | unsigned long long clen, const unsigned char *n, 63 | const unsigned char *pk, const unsigned char *sk) 64 | __attribute__ ((warn_unused_result)); 65 | 66 | SODIUM_EXPORT 67 | int crypto_box_detached(unsigned char *c, unsigned char *mac, 68 | const unsigned char *m, unsigned long long mlen, 69 | const unsigned char *n, const unsigned char *pk, 70 | const unsigned char *sk) 71 | __attribute__ ((warn_unused_result)); 72 | 73 | SODIUM_EXPORT 74 | int crypto_box_open_detached(unsigned char *m, const unsigned char *c, 75 | const unsigned char *mac, 76 | unsigned long long clen, 77 | const unsigned char *n, 78 | const unsigned char *pk, 79 | const unsigned char *sk) 80 | __attribute__ ((warn_unused_result)); 81 | 82 | /* -- Precomputation interface -- */ 83 | 84 | #define crypto_box_BEFORENMBYTES crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES 85 | SODIUM_EXPORT 86 | size_t crypto_box_beforenmbytes(void); 87 | 88 | SODIUM_EXPORT 89 | int crypto_box_beforenm(unsigned char *k, const unsigned char *pk, 90 | const unsigned char *sk) 91 | __attribute__ ((warn_unused_result)); 92 | 93 | SODIUM_EXPORT 94 | int crypto_box_easy_afternm(unsigned char *c, const unsigned char *m, 95 | unsigned long long mlen, const unsigned char *n, 96 | const unsigned char *k); 97 | 98 | SODIUM_EXPORT 99 | int crypto_box_open_easy_afternm(unsigned char *m, const unsigned char *c, 100 | unsigned long long clen, const unsigned char *n, 101 | const unsigned char *k) 102 | __attribute__ ((warn_unused_result)); 103 | 104 | SODIUM_EXPORT 105 | int crypto_box_detached_afternm(unsigned char *c, unsigned char *mac, 106 | const unsigned char *m, unsigned long long mlen, 107 | const unsigned char *n, const unsigned char *k); 108 | 109 | SODIUM_EXPORT 110 | int crypto_box_open_detached_afternm(unsigned char *m, const unsigned char *c, 111 | const unsigned char *mac, 112 | unsigned long long clen, const unsigned char *n, 113 | const unsigned char *k) 114 | __attribute__ ((warn_unused_result)); 115 | 116 | /* -- Ephemeral SK interface -- */ 117 | 118 | #define crypto_box_SEALBYTES (crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) 119 | SODIUM_EXPORT 120 | size_t crypto_box_sealbytes(void); 121 | 122 | SODIUM_EXPORT 123 | int crypto_box_seal(unsigned char *c, const unsigned char *m, 124 | unsigned long long mlen, const unsigned char *pk); 125 | 126 | SODIUM_EXPORT 127 | int crypto_box_seal_open(unsigned char *m, const unsigned char *c, 128 | unsigned long long clen, 129 | const unsigned char *pk, const unsigned char *sk) 130 | __attribute__ ((warn_unused_result)); 131 | 132 | /* -- NaCl compatibility interface ; Requires padding -- */ 133 | 134 | #define crypto_box_ZEROBYTES crypto_box_curve25519xsalsa20poly1305_ZEROBYTES 135 | SODIUM_EXPORT 136 | size_t crypto_box_zerobytes(void); 137 | 138 | #define crypto_box_BOXZEROBYTES crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES 139 | SODIUM_EXPORT 140 | size_t crypto_box_boxzerobytes(void); 141 | 142 | SODIUM_EXPORT 143 | int crypto_box(unsigned char *c, const unsigned char *m, 144 | unsigned long long mlen, const unsigned char *n, 145 | const unsigned char *pk, const unsigned char *sk) 146 | __attribute__ ((warn_unused_result)); 147 | 148 | SODIUM_EXPORT 149 | int crypto_box_open(unsigned char *m, const unsigned char *c, 150 | unsigned long long clen, const unsigned char *n, 151 | const unsigned char *pk, const unsigned char *sk) 152 | __attribute__ ((warn_unused_result)); 153 | 154 | SODIUM_EXPORT 155 | int crypto_box_afternm(unsigned char *c, const unsigned char *m, 156 | unsigned long long mlen, const unsigned char *n, 157 | const unsigned char *k); 158 | 159 | SODIUM_EXPORT 160 | int crypto_box_open_afternm(unsigned char *m, const unsigned char *c, 161 | unsigned long long clen, const unsigned char *n, 162 | const unsigned char *k) 163 | __attribute__ ((warn_unused_result)); 164 | 165 | #ifdef __cplusplus 166 | } 167 | #endif 168 | 169 | #endif 170 | -------------------------------------------------------------------------------- /include/sodium/crypto_box_curve25519xsalsa20poly1305.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_box_curve25519xsalsa20poly1305_H 2 | #define crypto_box_curve25519xsalsa20poly1305_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | # if __GNUC__ 9 | # pragma GCC diagnostic ignored "-Wlong-long" 10 | # endif 11 | extern "C" { 12 | #endif 13 | 14 | #define crypto_box_curve25519xsalsa20poly1305_SEEDBYTES 32U 15 | SODIUM_EXPORT 16 | size_t crypto_box_curve25519xsalsa20poly1305_seedbytes(void); 17 | 18 | #define crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES 32U 19 | SODIUM_EXPORT 20 | size_t crypto_box_curve25519xsalsa20poly1305_publickeybytes(void); 21 | 22 | #define crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES 32U 23 | SODIUM_EXPORT 24 | size_t crypto_box_curve25519xsalsa20poly1305_secretkeybytes(void); 25 | 26 | #define crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES 32U 27 | SODIUM_EXPORT 28 | size_t crypto_box_curve25519xsalsa20poly1305_beforenmbytes(void); 29 | 30 | #define crypto_box_curve25519xsalsa20poly1305_NONCEBYTES 24U 31 | SODIUM_EXPORT 32 | size_t crypto_box_curve25519xsalsa20poly1305_noncebytes(void); 33 | 34 | #define crypto_box_curve25519xsalsa20poly1305_ZEROBYTES 32U 35 | SODIUM_EXPORT 36 | size_t crypto_box_curve25519xsalsa20poly1305_zerobytes(void); 37 | 38 | #define crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES 16U 39 | SODIUM_EXPORT 40 | size_t crypto_box_curve25519xsalsa20poly1305_boxzerobytes(void); 41 | 42 | #define crypto_box_curve25519xsalsa20poly1305_MACBYTES \ 43 | (crypto_box_curve25519xsalsa20poly1305_ZEROBYTES - \ 44 | crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES) 45 | SODIUM_EXPORT 46 | size_t crypto_box_curve25519xsalsa20poly1305_macbytes(void); 47 | 48 | SODIUM_EXPORT 49 | int crypto_box_curve25519xsalsa20poly1305(unsigned char *c, 50 | const unsigned char *m, 51 | unsigned long long mlen, 52 | const unsigned char *n, 53 | const unsigned char *pk, 54 | const unsigned char *sk) 55 | __attribute__ ((warn_unused_result)); 56 | 57 | SODIUM_EXPORT 58 | int crypto_box_curve25519xsalsa20poly1305_open(unsigned char *m, 59 | const unsigned char *c, 60 | unsigned long long clen, 61 | const unsigned char *n, 62 | const unsigned char *pk, 63 | const unsigned char *sk) 64 | __attribute__ ((warn_unused_result)); 65 | 66 | SODIUM_EXPORT 67 | int crypto_box_curve25519xsalsa20poly1305_seed_keypair(unsigned char *pk, 68 | unsigned char *sk, 69 | const unsigned char *seed); 70 | 71 | SODIUM_EXPORT 72 | int crypto_box_curve25519xsalsa20poly1305_keypair(unsigned char *pk, 73 | unsigned char *sk); 74 | 75 | SODIUM_EXPORT 76 | int crypto_box_curve25519xsalsa20poly1305_beforenm(unsigned char *k, 77 | const unsigned char *pk, 78 | const unsigned char *sk) 79 | __attribute__ ((warn_unused_result)); 80 | 81 | SODIUM_EXPORT 82 | int crypto_box_curve25519xsalsa20poly1305_afternm(unsigned char *c, 83 | const unsigned char *m, 84 | unsigned long long mlen, 85 | const unsigned char *n, 86 | const unsigned char *k); 87 | 88 | SODIUM_EXPORT 89 | int crypto_box_curve25519xsalsa20poly1305_open_afternm(unsigned char *m, 90 | const unsigned char *c, 91 | unsigned long long clen, 92 | const unsigned char *n, 93 | const unsigned char *k) 94 | __attribute__ ((warn_unused_result)); 95 | 96 | #ifdef __cplusplus 97 | } 98 | #endif 99 | 100 | #endif 101 | -------------------------------------------------------------------------------- /include/sodium/crypto_core_hsalsa20.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_core_hsalsa20_H 2 | #define crypto_core_hsalsa20_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #define crypto_core_hsalsa20_OUTPUTBYTES 32U 12 | SODIUM_EXPORT 13 | size_t crypto_core_hsalsa20_outputbytes(void); 14 | 15 | #define crypto_core_hsalsa20_INPUTBYTES 16U 16 | SODIUM_EXPORT 17 | size_t crypto_core_hsalsa20_inputbytes(void); 18 | 19 | #define crypto_core_hsalsa20_KEYBYTES 32U 20 | SODIUM_EXPORT 21 | size_t crypto_core_hsalsa20_keybytes(void); 22 | 23 | #define crypto_core_hsalsa20_CONSTBYTES 16U 24 | SODIUM_EXPORT 25 | size_t crypto_core_hsalsa20_constbytes(void); 26 | 27 | SODIUM_EXPORT 28 | int crypto_core_hsalsa20(unsigned char *out, const unsigned char *in, 29 | const unsigned char *k, const unsigned char *c); 30 | 31 | #ifdef __cplusplus 32 | } 33 | #endif 34 | 35 | #endif 36 | -------------------------------------------------------------------------------- /include/sodium/crypto_core_salsa20.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_core_salsa20_H 2 | #define crypto_core_salsa20_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #define crypto_core_salsa20_OUTPUTBYTES 64U 12 | SODIUM_EXPORT 13 | size_t crypto_core_salsa20_outputbytes(void); 14 | 15 | #define crypto_core_salsa20_INPUTBYTES 16U 16 | SODIUM_EXPORT 17 | size_t crypto_core_salsa20_inputbytes(void); 18 | 19 | #define crypto_core_salsa20_KEYBYTES 32U 20 | SODIUM_EXPORT 21 | size_t crypto_core_salsa20_keybytes(void); 22 | 23 | #define crypto_core_salsa20_CONSTBYTES 16U 24 | SODIUM_EXPORT 25 | size_t crypto_core_salsa20_constbytes(void); 26 | 27 | SODIUM_EXPORT 28 | int crypto_core_salsa20(unsigned char *out, const unsigned char *in, 29 | const unsigned char *k, const unsigned char *c); 30 | 31 | #ifdef __cplusplus 32 | } 33 | #endif 34 | 35 | #endif 36 | -------------------------------------------------------------------------------- /include/sodium/crypto_core_salsa2012.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_core_salsa2012_H 2 | #define crypto_core_salsa2012_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #define crypto_core_salsa2012_OUTPUTBYTES 64U 12 | SODIUM_EXPORT 13 | size_t crypto_core_salsa2012_outputbytes(void); 14 | 15 | #define crypto_core_salsa2012_INPUTBYTES 16U 16 | SODIUM_EXPORT 17 | size_t crypto_core_salsa2012_inputbytes(void); 18 | 19 | #define crypto_core_salsa2012_KEYBYTES 32U 20 | SODIUM_EXPORT 21 | size_t crypto_core_salsa2012_keybytes(void); 22 | 23 | #define crypto_core_salsa2012_CONSTBYTES 16U 24 | SODIUM_EXPORT 25 | size_t crypto_core_salsa2012_constbytes(void); 26 | 27 | SODIUM_EXPORT 28 | int crypto_core_salsa2012(unsigned char *out, const unsigned char *in, 29 | const unsigned char *k, const unsigned char *c); 30 | 31 | #ifdef __cplusplus 32 | } 33 | #endif 34 | 35 | #endif 36 | -------------------------------------------------------------------------------- /include/sodium/crypto_core_salsa208.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_core_salsa208_H 2 | #define crypto_core_salsa208_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #define crypto_core_salsa208_OUTPUTBYTES 64U 12 | SODIUM_EXPORT 13 | size_t crypto_core_salsa208_outputbytes(void); 14 | 15 | #define crypto_core_salsa208_INPUTBYTES 16U 16 | SODIUM_EXPORT 17 | size_t crypto_core_salsa208_inputbytes(void); 18 | 19 | #define crypto_core_salsa208_KEYBYTES 32U 20 | SODIUM_EXPORT 21 | size_t crypto_core_salsa208_keybytes(void); 22 | 23 | #define crypto_core_salsa208_CONSTBYTES 16U 24 | SODIUM_EXPORT 25 | size_t crypto_core_salsa208_constbytes(void); 26 | 27 | SODIUM_EXPORT 28 | int crypto_core_salsa208(unsigned char *out, const unsigned char *in, 29 | const unsigned char *k, const unsigned char *c); 30 | 31 | #ifdef __cplusplus 32 | } 33 | #endif 34 | 35 | #endif 36 | -------------------------------------------------------------------------------- /include/sodium/crypto_generichash.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_generichash_H 2 | #define crypto_generichash_H 3 | 4 | #include 5 | 6 | #include "crypto_generichash_blake2b.h" 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | # if __GNUC__ 11 | # pragma GCC diagnostic ignored "-Wlong-long" 12 | # endif 13 | extern "C" { 14 | #endif 15 | 16 | #define crypto_generichash_BYTES_MIN crypto_generichash_blake2b_BYTES_MIN 17 | SODIUM_EXPORT 18 | size_t crypto_generichash_bytes_min(void); 19 | 20 | #define crypto_generichash_BYTES_MAX crypto_generichash_blake2b_BYTES_MAX 21 | SODIUM_EXPORT 22 | size_t crypto_generichash_bytes_max(void); 23 | 24 | #define crypto_generichash_BYTES crypto_generichash_blake2b_BYTES 25 | SODIUM_EXPORT 26 | size_t crypto_generichash_bytes(void); 27 | 28 | #define crypto_generichash_KEYBYTES_MIN crypto_generichash_blake2b_KEYBYTES_MIN 29 | SODIUM_EXPORT 30 | size_t crypto_generichash_keybytes_min(void); 31 | 32 | #define crypto_generichash_KEYBYTES_MAX crypto_generichash_blake2b_KEYBYTES_MAX 33 | SODIUM_EXPORT 34 | size_t crypto_generichash_keybytes_max(void); 35 | 36 | #define crypto_generichash_KEYBYTES crypto_generichash_blake2b_KEYBYTES 37 | SODIUM_EXPORT 38 | size_t crypto_generichash_keybytes(void); 39 | 40 | #define crypto_generichash_PRIMITIVE "blake2b" 41 | SODIUM_EXPORT 42 | const char *crypto_generichash_primitive(void); 43 | 44 | typedef crypto_generichash_blake2b_state crypto_generichash_state; 45 | SODIUM_EXPORT 46 | size_t crypto_generichash_statebytes(void); 47 | 48 | SODIUM_EXPORT 49 | int crypto_generichash(unsigned char *out, size_t outlen, 50 | const unsigned char *in, unsigned long long inlen, 51 | const unsigned char *key, size_t keylen); 52 | 53 | SODIUM_EXPORT 54 | int crypto_generichash_init(crypto_generichash_state *state, 55 | const unsigned char *key, 56 | const size_t keylen, const size_t outlen); 57 | 58 | SODIUM_EXPORT 59 | int crypto_generichash_update(crypto_generichash_state *state, 60 | const unsigned char *in, 61 | unsigned long long inlen); 62 | 63 | SODIUM_EXPORT 64 | int crypto_generichash_final(crypto_generichash_state *state, 65 | unsigned char *out, const size_t outlen); 66 | 67 | #ifdef __cplusplus 68 | } 69 | #endif 70 | 71 | #endif 72 | -------------------------------------------------------------------------------- /include/sodium/crypto_generichash_blake2b.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_generichash_blake2b_H 2 | #define crypto_generichash_blake2b_H 3 | 4 | #include 5 | #include 6 | #include 7 | 8 | #include "export.h" 9 | 10 | #ifdef __cplusplus 11 | # if __GNUC__ 12 | # pragma GCC diagnostic ignored "-Wlong-long" 13 | # endif 14 | extern "C" { 15 | #endif 16 | 17 | #if defined(__IBMC__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) 18 | # pragma pack(1) 19 | #else 20 | # pragma pack(push, 1) 21 | #endif 22 | 23 | typedef CRYPTO_ALIGN(64) struct crypto_generichash_blake2b_state { 24 | uint64_t h[8]; 25 | uint64_t t[2]; 26 | uint64_t f[2]; 27 | uint8_t buf[2 * 128]; 28 | size_t buflen; 29 | uint8_t last_node; 30 | } crypto_generichash_blake2b_state; 31 | 32 | #if defined(__IBMC__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) 33 | # pragma pack() 34 | #else 35 | # pragma pack(pop) 36 | #endif 37 | 38 | #define crypto_generichash_blake2b_BYTES_MIN 16U 39 | SODIUM_EXPORT 40 | size_t crypto_generichash_blake2b_bytes_min(void); 41 | 42 | #define crypto_generichash_blake2b_BYTES_MAX 64U 43 | SODIUM_EXPORT 44 | size_t crypto_generichash_blake2b_bytes_max(void); 45 | 46 | #define crypto_generichash_blake2b_BYTES 32U 47 | SODIUM_EXPORT 48 | size_t crypto_generichash_blake2b_bytes(void); 49 | 50 | #define crypto_generichash_blake2b_KEYBYTES_MIN 16U 51 | SODIUM_EXPORT 52 | size_t crypto_generichash_blake2b_keybytes_min(void); 53 | 54 | #define crypto_generichash_blake2b_KEYBYTES_MAX 64U 55 | SODIUM_EXPORT 56 | size_t crypto_generichash_blake2b_keybytes_max(void); 57 | 58 | #define crypto_generichash_blake2b_KEYBYTES 32U 59 | SODIUM_EXPORT 60 | size_t crypto_generichash_blake2b_keybytes(void); 61 | 62 | #define crypto_generichash_blake2b_SALTBYTES 16U 63 | SODIUM_EXPORT 64 | size_t crypto_generichash_blake2b_saltbytes(void); 65 | 66 | #define crypto_generichash_blake2b_PERSONALBYTES 16U 67 | SODIUM_EXPORT 68 | size_t crypto_generichash_blake2b_personalbytes(void); 69 | 70 | SODIUM_EXPORT 71 | int crypto_generichash_blake2b(unsigned char *out, size_t outlen, 72 | const unsigned char *in, 73 | unsigned long long inlen, 74 | const unsigned char *key, size_t keylen); 75 | 76 | SODIUM_EXPORT 77 | int crypto_generichash_blake2b_salt_personal(unsigned char *out, size_t outlen, 78 | const unsigned char *in, 79 | unsigned long long inlen, 80 | const unsigned char *key, 81 | size_t keylen, 82 | const unsigned char *salt, 83 | const unsigned char *personal); 84 | 85 | SODIUM_EXPORT 86 | int crypto_generichash_blake2b_init(crypto_generichash_blake2b_state *state, 87 | const unsigned char *key, 88 | const size_t keylen, const size_t outlen); 89 | 90 | SODIUM_EXPORT 91 | int crypto_generichash_blake2b_init_salt_personal(crypto_generichash_blake2b_state *state, 92 | const unsigned char *key, 93 | const size_t keylen, const size_t outlen, 94 | const unsigned char *salt, 95 | const unsigned char *personal); 96 | 97 | SODIUM_EXPORT 98 | int crypto_generichash_blake2b_update(crypto_generichash_blake2b_state *state, 99 | const unsigned char *in, 100 | unsigned long long inlen); 101 | 102 | SODIUM_EXPORT 103 | int crypto_generichash_blake2b_final(crypto_generichash_blake2b_state *state, 104 | unsigned char *out, 105 | const size_t outlen); 106 | 107 | /* ------------------------------------------------------------------------- */ 108 | 109 | int _crypto_generichash_blake2b_pick_best_implementation(void); 110 | 111 | #ifdef __cplusplus 112 | } 113 | #endif 114 | 115 | #endif 116 | -------------------------------------------------------------------------------- /include/sodium/crypto_hash.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_hash_H 2 | #define crypto_hash_H 3 | 4 | /* 5 | * WARNING: Unless you absolutely need to use SHA512 for interoperatibility, 6 | * purposes, you might want to consider crypto_generichash() instead. 7 | * Unlike SHA512, crypto_generichash() is not vulnerable to length 8 | * extension attacks. 9 | */ 10 | 11 | #include 12 | 13 | #include "crypto_hash_sha512.h" 14 | #include "export.h" 15 | 16 | #ifdef __cplusplus 17 | # if __GNUC__ 18 | # pragma GCC diagnostic ignored "-Wlong-long" 19 | # endif 20 | extern "C" { 21 | #endif 22 | 23 | #define crypto_hash_BYTES crypto_hash_sha512_BYTES 24 | SODIUM_EXPORT 25 | size_t crypto_hash_bytes(void); 26 | 27 | SODIUM_EXPORT 28 | int crypto_hash(unsigned char *out, const unsigned char *in, 29 | unsigned long long inlen); 30 | 31 | #define crypto_hash_PRIMITIVE "sha512" 32 | SODIUM_EXPORT 33 | const char *crypto_hash_primitive(void) 34 | __attribute__ ((warn_unused_result)); 35 | 36 | #ifdef __cplusplus 37 | } 38 | #endif 39 | 40 | #endif 41 | -------------------------------------------------------------------------------- /include/sodium/crypto_hash_sha256.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_hash_sha256_H 2 | #define crypto_hash_sha256_H 3 | 4 | /* 5 | * WARNING: Unless you absolutely need to use SHA256 for interoperatibility, 6 | * purposes, you might want to consider crypto_generichash() instead. 7 | * Unlike SHA256, crypto_generichash() is not vulnerable to length 8 | * extension attacks. 9 | */ 10 | 11 | #include 12 | #include 13 | #include 14 | 15 | #include "export.h" 16 | 17 | #ifdef __cplusplus 18 | # if __GNUC__ 19 | # pragma GCC diagnostic ignored "-Wlong-long" 20 | # endif 21 | extern "C" { 22 | #endif 23 | 24 | typedef struct crypto_hash_sha256_state { 25 | uint32_t state[8]; 26 | uint64_t count; 27 | unsigned char buf[64]; 28 | } crypto_hash_sha256_state; 29 | SODIUM_EXPORT 30 | size_t crypto_hash_sha256_statebytes(void); 31 | 32 | #define crypto_hash_sha256_BYTES 32U 33 | SODIUM_EXPORT 34 | size_t crypto_hash_sha256_bytes(void); 35 | 36 | SODIUM_EXPORT 37 | int crypto_hash_sha256(unsigned char *out, const unsigned char *in, 38 | unsigned long long inlen); 39 | 40 | SODIUM_EXPORT 41 | int crypto_hash_sha256_init(crypto_hash_sha256_state *state); 42 | 43 | SODIUM_EXPORT 44 | int crypto_hash_sha256_update(crypto_hash_sha256_state *state, 45 | const unsigned char *in, 46 | unsigned long long inlen); 47 | 48 | SODIUM_EXPORT 49 | int crypto_hash_sha256_final(crypto_hash_sha256_state *state, 50 | unsigned char *out); 51 | 52 | #ifdef __cplusplus 53 | } 54 | #endif 55 | 56 | #endif 57 | -------------------------------------------------------------------------------- /include/sodium/crypto_hash_sha512.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_hash_sha512_H 2 | #define crypto_hash_sha512_H 3 | 4 | /* 5 | * WARNING: Unless you absolutely need to use SHA512 for interoperatibility, 6 | * purposes, you might want to consider crypto_generichash() instead. 7 | * Unlike SHA512, crypto_generichash() is not vulnerable to length 8 | * extension attacks. 9 | */ 10 | 11 | #include 12 | #include 13 | #include 14 | 15 | #include "export.h" 16 | 17 | #ifdef __cplusplus 18 | # if __GNUC__ 19 | # pragma GCC diagnostic ignored "-Wlong-long" 20 | # endif 21 | extern "C" { 22 | #endif 23 | 24 | typedef struct crypto_hash_sha512_state { 25 | uint64_t state[8]; 26 | uint64_t count[2]; 27 | unsigned char buf[128]; 28 | } crypto_hash_sha512_state; 29 | SODIUM_EXPORT 30 | size_t crypto_hash_sha512_statebytes(void); 31 | 32 | #define crypto_hash_sha512_BYTES 64U 33 | SODIUM_EXPORT 34 | size_t crypto_hash_sha512_bytes(void); 35 | 36 | SODIUM_EXPORT 37 | int crypto_hash_sha512(unsigned char *out, const unsigned char *in, 38 | unsigned long long inlen); 39 | 40 | SODIUM_EXPORT 41 | int crypto_hash_sha512_init(crypto_hash_sha512_state *state); 42 | 43 | SODIUM_EXPORT 44 | int crypto_hash_sha512_update(crypto_hash_sha512_state *state, 45 | const unsigned char *in, 46 | unsigned long long inlen); 47 | 48 | SODIUM_EXPORT 49 | int crypto_hash_sha512_final(crypto_hash_sha512_state *state, 50 | unsigned char *out); 51 | 52 | #ifdef __cplusplus 53 | } 54 | #endif 55 | 56 | #endif 57 | -------------------------------------------------------------------------------- /include/sodium/crypto_int32.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_int32_H 2 | #define crypto_int32_H 3 | 4 | #include 5 | 6 | typedef int32_t crypto_int32; 7 | 8 | #endif 9 | -------------------------------------------------------------------------------- /include/sodium/crypto_int64.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_int64_H 2 | #define crypto_int64_H 3 | 4 | #include 5 | 6 | typedef int64_t crypto_int64; 7 | 8 | #endif 9 | -------------------------------------------------------------------------------- /include/sodium/crypto_onetimeauth.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_onetimeauth_H 2 | #define crypto_onetimeauth_H 3 | 4 | #include 5 | 6 | #include "crypto_onetimeauth_poly1305.h" 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | # if __GNUC__ 11 | # pragma GCC diagnostic ignored "-Wlong-long" 12 | # endif 13 | extern "C" { 14 | #endif 15 | 16 | typedef crypto_onetimeauth_poly1305_state crypto_onetimeauth_state; 17 | SODIUM_EXPORT 18 | size_t crypto_onetimeauth_statebytes(void); 19 | 20 | #define crypto_onetimeauth_BYTES crypto_onetimeauth_poly1305_BYTES 21 | SODIUM_EXPORT 22 | size_t crypto_onetimeauth_bytes(void); 23 | 24 | #define crypto_onetimeauth_KEYBYTES crypto_onetimeauth_poly1305_KEYBYTES 25 | SODIUM_EXPORT 26 | size_t crypto_onetimeauth_keybytes(void); 27 | 28 | #define crypto_onetimeauth_PRIMITIVE "poly1305" 29 | SODIUM_EXPORT 30 | const char *crypto_onetimeauth_primitive(void); 31 | 32 | SODIUM_EXPORT 33 | int crypto_onetimeauth(unsigned char *out, const unsigned char *in, 34 | unsigned long long inlen, const unsigned char *k); 35 | 36 | SODIUM_EXPORT 37 | int crypto_onetimeauth_verify(const unsigned char *h, const unsigned char *in, 38 | unsigned long long inlen, const unsigned char *k) 39 | __attribute__ ((warn_unused_result)); 40 | 41 | SODIUM_EXPORT 42 | int crypto_onetimeauth_init(crypto_onetimeauth_state *state, 43 | const unsigned char *key); 44 | 45 | SODIUM_EXPORT 46 | int crypto_onetimeauth_update(crypto_onetimeauth_state *state, 47 | const unsigned char *in, 48 | unsigned long long inlen); 49 | 50 | SODIUM_EXPORT 51 | int crypto_onetimeauth_final(crypto_onetimeauth_state *state, 52 | unsigned char *out); 53 | 54 | #ifdef __cplusplus 55 | } 56 | #endif 57 | 58 | #endif 59 | -------------------------------------------------------------------------------- /include/sodium/crypto_onetimeauth_poly1305.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_onetimeauth_poly1305_H 2 | #define crypto_onetimeauth_poly1305_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | # if __GNUC__ 9 | # pragma GCC diagnostic ignored "-Wlong-long" 10 | # endif 11 | extern "C" { 12 | #endif 13 | 14 | #include 15 | 16 | #include 17 | #include 18 | 19 | typedef CRYPTO_ALIGN(16) struct crypto_onetimeauth_poly1305_state { 20 | unsigned char opaque[256]; 21 | } crypto_onetimeauth_poly1305_state; 22 | 23 | #define crypto_onetimeauth_poly1305_BYTES 16U 24 | SODIUM_EXPORT 25 | size_t crypto_onetimeauth_poly1305_bytes(void); 26 | 27 | #define crypto_onetimeauth_poly1305_KEYBYTES 32U 28 | SODIUM_EXPORT 29 | size_t crypto_onetimeauth_poly1305_keybytes(void); 30 | 31 | SODIUM_EXPORT 32 | int crypto_onetimeauth_poly1305(unsigned char *out, 33 | const unsigned char *in, 34 | unsigned long long inlen, 35 | const unsigned char *k); 36 | 37 | SODIUM_EXPORT 38 | int crypto_onetimeauth_poly1305_verify(const unsigned char *h, 39 | const unsigned char *in, 40 | unsigned long long inlen, 41 | const unsigned char *k) 42 | __attribute__ ((warn_unused_result)); 43 | 44 | SODIUM_EXPORT 45 | int crypto_onetimeauth_poly1305_init(crypto_onetimeauth_poly1305_state *state, 46 | const unsigned char *key); 47 | 48 | SODIUM_EXPORT 49 | int crypto_onetimeauth_poly1305_update(crypto_onetimeauth_poly1305_state *state, 50 | const unsigned char *in, 51 | unsigned long long inlen); 52 | 53 | SODIUM_EXPORT 54 | int crypto_onetimeauth_poly1305_final(crypto_onetimeauth_poly1305_state *state, 55 | unsigned char *out); 56 | 57 | /* ------------------------------------------------------------------------- */ 58 | 59 | int _crypto_onetimeauth_poly1305_pick_best_implementation(void); 60 | 61 | #ifdef __cplusplus 62 | } 63 | #endif 64 | 65 | #endif 66 | -------------------------------------------------------------------------------- /include/sodium/crypto_pwhash_scryptsalsa208sha256.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_pwhash_scryptsalsa208sha256_H 2 | #define crypto_pwhash_scryptsalsa208sha256_H 3 | 4 | #include 5 | #include 6 | 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | # if __GNUC__ 11 | # pragma GCC diagnostic ignored "-Wlong-long" 12 | # endif 13 | extern "C" { 14 | #endif 15 | 16 | #define crypto_pwhash_scryptsalsa208sha256_SALTBYTES 32U 17 | SODIUM_EXPORT 18 | size_t crypto_pwhash_scryptsalsa208sha256_saltbytes(void); 19 | 20 | #define crypto_pwhash_scryptsalsa208sha256_STRBYTES 102U 21 | SODIUM_EXPORT 22 | size_t crypto_pwhash_scryptsalsa208sha256_strbytes(void); 23 | 24 | #define crypto_pwhash_scryptsalsa208sha256_STRPREFIX "$7$" 25 | SODIUM_EXPORT 26 | const char *crypto_pwhash_scryptsalsa208sha256_strprefix(void); 27 | 28 | #define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE 524288ULL 29 | SODIUM_EXPORT 30 | size_t crypto_pwhash_scryptsalsa208sha256_opslimit_interactive(void); 31 | 32 | #define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE 16777216ULL 33 | SODIUM_EXPORT 34 | size_t crypto_pwhash_scryptsalsa208sha256_memlimit_interactive(void); 35 | 36 | #define crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE 33554432ULL 37 | SODIUM_EXPORT 38 | size_t crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive(void); 39 | 40 | #define crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE 1073741824ULL 41 | SODIUM_EXPORT 42 | size_t crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive(void); 43 | 44 | SODIUM_EXPORT 45 | int crypto_pwhash_scryptsalsa208sha256(unsigned char * const out, 46 | unsigned long long outlen, 47 | const char * const passwd, 48 | unsigned long long passwdlen, 49 | const unsigned char * const salt, 50 | unsigned long long opslimit, 51 | size_t memlimit) 52 | __attribute__ ((warn_unused_result)); 53 | 54 | SODIUM_EXPORT 55 | int crypto_pwhash_scryptsalsa208sha256_str(char out[crypto_pwhash_scryptsalsa208sha256_STRBYTES], 56 | const char * const passwd, 57 | unsigned long long passwdlen, 58 | unsigned long long opslimit, 59 | size_t memlimit) 60 | __attribute__ ((warn_unused_result)); 61 | 62 | SODIUM_EXPORT 63 | int crypto_pwhash_scryptsalsa208sha256_str_verify(const char str[crypto_pwhash_scryptsalsa208sha256_STRBYTES], 64 | const char * const passwd, 65 | unsigned long long passwdlen) 66 | __attribute__ ((warn_unused_result)); 67 | 68 | SODIUM_EXPORT 69 | int crypto_pwhash_scryptsalsa208sha256_ll(const uint8_t * passwd, size_t passwdlen, 70 | const uint8_t * salt, size_t saltlen, 71 | uint64_t N, uint32_t r, uint32_t p, 72 | uint8_t * buf, size_t buflen) 73 | __attribute__ ((warn_unused_result)); 74 | 75 | #ifdef __cplusplus 76 | } 77 | #endif 78 | 79 | #endif 80 | -------------------------------------------------------------------------------- /include/sodium/crypto_scalarmult.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_scalarmult_H 2 | #define crypto_scalarmult_H 3 | 4 | #include 5 | 6 | #include "crypto_scalarmult_curve25519.h" 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | extern "C" { 11 | #endif 12 | 13 | #define crypto_scalarmult_BYTES crypto_scalarmult_curve25519_BYTES 14 | SODIUM_EXPORT 15 | size_t crypto_scalarmult_bytes(void); 16 | 17 | #define crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_SCALARBYTES 18 | SODIUM_EXPORT 19 | size_t crypto_scalarmult_scalarbytes(void); 20 | 21 | #define crypto_scalarmult_PRIMITIVE "curve25519" 22 | SODIUM_EXPORT 23 | const char *crypto_scalarmult_primitive(void); 24 | 25 | SODIUM_EXPORT 26 | int crypto_scalarmult_base(unsigned char *q, const unsigned char *n); 27 | 28 | SODIUM_EXPORT 29 | int crypto_scalarmult(unsigned char *q, const unsigned char *n, 30 | const unsigned char *p) 31 | __attribute__ ((warn_unused_result)); 32 | 33 | #ifdef __cplusplus 34 | } 35 | #endif 36 | 37 | #endif 38 | -------------------------------------------------------------------------------- /include/sodium/crypto_scalarmult_curve25519.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_scalarmult_curve25519_H 2 | #define crypto_scalarmult_curve25519_H 3 | 4 | #include 5 | 6 | #include "export.h" 7 | 8 | #ifdef __cplusplus 9 | extern "C" { 10 | #endif 11 | 12 | #define crypto_scalarmult_curve25519_BYTES 32U 13 | SODIUM_EXPORT 14 | size_t crypto_scalarmult_curve25519_bytes(void); 15 | 16 | #define crypto_scalarmult_curve25519_SCALARBYTES 32U 17 | SODIUM_EXPORT 18 | size_t crypto_scalarmult_curve25519_scalarbytes(void); 19 | 20 | SODIUM_EXPORT 21 | int crypto_scalarmult_curve25519(unsigned char *q, const unsigned char *n, 22 | const unsigned char *p) 23 | __attribute__ ((warn_unused_result)); 24 | 25 | SODIUM_EXPORT 26 | int crypto_scalarmult_curve25519_base(unsigned char *q, const unsigned char *n); 27 | 28 | /* ------------------------------------------------------------------------- */ 29 | 30 | int _crypto_scalarmult_curve25519_pick_best_implementation(void); 31 | 32 | #ifdef __cplusplus 33 | } 34 | #endif 35 | 36 | #endif 37 | -------------------------------------------------------------------------------- /include/sodium/crypto_secretbox.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_secretbox_H 2 | #define crypto_secretbox_H 3 | 4 | #include 5 | 6 | #include "crypto_secretbox_xsalsa20poly1305.h" 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | # if __GNUC__ 11 | # pragma GCC diagnostic ignored "-Wlong-long" 12 | # endif 13 | extern "C" { 14 | #endif 15 | 16 | #define crypto_secretbox_KEYBYTES crypto_secretbox_xsalsa20poly1305_KEYBYTES 17 | SODIUM_EXPORT 18 | size_t crypto_secretbox_keybytes(void); 19 | 20 | #define crypto_secretbox_NONCEBYTES crypto_secretbox_xsalsa20poly1305_NONCEBYTES 21 | SODIUM_EXPORT 22 | size_t crypto_secretbox_noncebytes(void); 23 | 24 | #define crypto_secretbox_MACBYTES crypto_secretbox_xsalsa20poly1305_MACBYTES 25 | SODIUM_EXPORT 26 | size_t crypto_secretbox_macbytes(void); 27 | 28 | #define crypto_secretbox_PRIMITIVE "xsalsa20poly1305" 29 | SODIUM_EXPORT 30 | const char *crypto_secretbox_primitive(void); 31 | 32 | SODIUM_EXPORT 33 | int crypto_secretbox_easy(unsigned char *c, const unsigned char *m, 34 | unsigned long long mlen, const unsigned char *n, 35 | const unsigned char *k); 36 | 37 | SODIUM_EXPORT 38 | int crypto_secretbox_open_easy(unsigned char *m, const unsigned char *c, 39 | unsigned long long clen, const unsigned char *n, 40 | const unsigned char *k) 41 | __attribute__ ((warn_unused_result)); 42 | 43 | SODIUM_EXPORT 44 | int crypto_secretbox_detached(unsigned char *c, unsigned char *mac, 45 | const unsigned char *m, 46 | unsigned long long mlen, 47 | const unsigned char *n, 48 | const unsigned char *k); 49 | 50 | SODIUM_EXPORT 51 | int crypto_secretbox_open_detached(unsigned char *m, 52 | const unsigned char *c, 53 | const unsigned char *mac, 54 | unsigned long long clen, 55 | const unsigned char *n, 56 | const unsigned char *k) 57 | __attribute__ ((warn_unused_result)); 58 | 59 | /* -- NaCl compatibility interface ; Requires padding -- */ 60 | 61 | #define crypto_secretbox_ZEROBYTES crypto_secretbox_xsalsa20poly1305_ZEROBYTES 62 | SODIUM_EXPORT 63 | size_t crypto_secretbox_zerobytes(void); 64 | 65 | #define crypto_secretbox_BOXZEROBYTES crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES 66 | SODIUM_EXPORT 67 | size_t crypto_secretbox_boxzerobytes(void); 68 | 69 | SODIUM_EXPORT 70 | int crypto_secretbox(unsigned char *c, const unsigned char *m, 71 | unsigned long long mlen, const unsigned char *n, 72 | const unsigned char *k); 73 | 74 | SODIUM_EXPORT 75 | int crypto_secretbox_open(unsigned char *m, const unsigned char *c, 76 | unsigned long long clen, const unsigned char *n, 77 | const unsigned char *k) 78 | __attribute__ ((warn_unused_result)); 79 | 80 | #ifdef __cplusplus 81 | } 82 | #endif 83 | 84 | #endif 85 | -------------------------------------------------------------------------------- /include/sodium/crypto_secretbox_xsalsa20poly1305.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_secretbox_xsalsa20poly1305_H 2 | #define crypto_secretbox_xsalsa20poly1305_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | # if __GNUC__ 9 | # pragma GCC diagnostic ignored "-Wlong-long" 10 | # endif 11 | extern "C" { 12 | #endif 13 | 14 | #define crypto_secretbox_xsalsa20poly1305_KEYBYTES 32U 15 | SODIUM_EXPORT 16 | size_t crypto_secretbox_xsalsa20poly1305_keybytes(void); 17 | 18 | #define crypto_secretbox_xsalsa20poly1305_NONCEBYTES 24U 19 | SODIUM_EXPORT 20 | size_t crypto_secretbox_xsalsa20poly1305_noncebytes(void); 21 | 22 | #define crypto_secretbox_xsalsa20poly1305_ZEROBYTES 32U 23 | SODIUM_EXPORT 24 | size_t crypto_secretbox_xsalsa20poly1305_zerobytes(void); 25 | 26 | #define crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES 16U 27 | SODIUM_EXPORT 28 | size_t crypto_secretbox_xsalsa20poly1305_boxzerobytes(void); 29 | 30 | #define crypto_secretbox_xsalsa20poly1305_MACBYTES \ 31 | (crypto_secretbox_xsalsa20poly1305_ZEROBYTES - \ 32 | crypto_secretbox_xsalsa20poly1305_BOXZEROBYTES) 33 | SODIUM_EXPORT 34 | size_t crypto_secretbox_xsalsa20poly1305_macbytes(void); 35 | 36 | SODIUM_EXPORT 37 | int crypto_secretbox_xsalsa20poly1305(unsigned char *c, 38 | const unsigned char *m, 39 | unsigned long long mlen, 40 | const unsigned char *n, 41 | const unsigned char *k); 42 | 43 | SODIUM_EXPORT 44 | int crypto_secretbox_xsalsa20poly1305_open(unsigned char *m, 45 | const unsigned char *c, 46 | unsigned long long clen, 47 | const unsigned char *n, 48 | const unsigned char *k); 49 | 50 | #ifdef __cplusplus 51 | } 52 | #endif 53 | 54 | #endif 55 | -------------------------------------------------------------------------------- /include/sodium/crypto_shorthash.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_shorthash_H 2 | #define crypto_shorthash_H 3 | 4 | #include 5 | 6 | #include "crypto_shorthash_siphash24.h" 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | # if __GNUC__ 11 | # pragma GCC diagnostic ignored "-Wlong-long" 12 | # endif 13 | extern "C" { 14 | #endif 15 | 16 | #define crypto_shorthash_BYTES crypto_shorthash_siphash24_BYTES 17 | SODIUM_EXPORT 18 | size_t crypto_shorthash_bytes(void); 19 | 20 | #define crypto_shorthash_KEYBYTES crypto_shorthash_siphash24_KEYBYTES 21 | SODIUM_EXPORT 22 | size_t crypto_shorthash_keybytes(void); 23 | 24 | #define crypto_shorthash_PRIMITIVE "siphash24" 25 | SODIUM_EXPORT 26 | const char *crypto_shorthash_primitive(void); 27 | 28 | SODIUM_EXPORT 29 | int crypto_shorthash(unsigned char *out, const unsigned char *in, 30 | unsigned long long inlen, const unsigned char *k); 31 | 32 | #ifdef __cplusplus 33 | } 34 | #endif 35 | 36 | #endif 37 | -------------------------------------------------------------------------------- /include/sodium/crypto_shorthash_siphash24.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_shorthash_siphash24_H 2 | #define crypto_shorthash_siphash24_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | # if __GNUC__ 9 | # pragma GCC diagnostic ignored "-Wlong-long" 10 | # endif 11 | extern "C" { 12 | #endif 13 | 14 | #define crypto_shorthash_siphash24_BYTES 8U 15 | SODIUM_EXPORT 16 | size_t crypto_shorthash_siphash24_bytes(void); 17 | 18 | #define crypto_shorthash_siphash24_KEYBYTES 16U 19 | SODIUM_EXPORT 20 | size_t crypto_shorthash_siphash24_keybytes(void); 21 | 22 | SODIUM_EXPORT 23 | int crypto_shorthash_siphash24(unsigned char *out, const unsigned char *in, 24 | unsigned long long inlen, const unsigned char *k); 25 | 26 | #ifdef __cplusplus 27 | } 28 | #endif 29 | 30 | #endif 31 | -------------------------------------------------------------------------------- /include/sodium/crypto_sign.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_sign_H 2 | #define crypto_sign_H 3 | 4 | /* 5 | * THREAD SAFETY: crypto_sign_keypair() is thread-safe, 6 | * provided that you called sodium_init() once before using any 7 | * other libsodium function. 8 | * Other functions, including crypto_sign_seed_keypair() are always thread-safe. 9 | */ 10 | 11 | #include 12 | 13 | #include "crypto_sign_ed25519.h" 14 | #include "export.h" 15 | 16 | #ifdef __cplusplus 17 | # if __GNUC__ 18 | # pragma GCC diagnostic ignored "-Wlong-long" 19 | # endif 20 | extern "C" { 21 | #endif 22 | 23 | #define crypto_sign_BYTES crypto_sign_ed25519_BYTES 24 | SODIUM_EXPORT 25 | size_t crypto_sign_bytes(void); 26 | 27 | #define crypto_sign_SEEDBYTES crypto_sign_ed25519_SEEDBYTES 28 | SODIUM_EXPORT 29 | size_t crypto_sign_seedbytes(void); 30 | 31 | #define crypto_sign_PUBLICKEYBYTES crypto_sign_ed25519_PUBLICKEYBYTES 32 | SODIUM_EXPORT 33 | size_t crypto_sign_publickeybytes(void); 34 | 35 | #define crypto_sign_SECRETKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES 36 | SODIUM_EXPORT 37 | size_t crypto_sign_secretkeybytes(void); 38 | 39 | #define crypto_sign_PRIMITIVE "ed25519" 40 | SODIUM_EXPORT 41 | const char *crypto_sign_primitive(void); 42 | 43 | SODIUM_EXPORT 44 | int crypto_sign_seed_keypair(unsigned char *pk, unsigned char *sk, 45 | const unsigned char *seed); 46 | 47 | SODIUM_EXPORT 48 | int crypto_sign_keypair(unsigned char *pk, unsigned char *sk); 49 | 50 | SODIUM_EXPORT 51 | int crypto_sign(unsigned char *sm, unsigned long long *smlen_p, 52 | const unsigned char *m, unsigned long long mlen, 53 | const unsigned char *sk); 54 | 55 | SODIUM_EXPORT 56 | int crypto_sign_open(unsigned char *m, unsigned long long *mlen_p, 57 | const unsigned char *sm, unsigned long long smlen, 58 | const unsigned char *pk) 59 | __attribute__ ((warn_unused_result)); 60 | 61 | SODIUM_EXPORT 62 | int crypto_sign_detached(unsigned char *sig, unsigned long long *siglen_p, 63 | const unsigned char *m, unsigned long long mlen, 64 | const unsigned char *sk); 65 | 66 | SODIUM_EXPORT 67 | int crypto_sign_verify_detached(const unsigned char *sig, 68 | const unsigned char *m, 69 | unsigned long long mlen, 70 | const unsigned char *pk) 71 | __attribute__ ((warn_unused_result)); 72 | 73 | #ifdef __cplusplus 74 | } 75 | #endif 76 | 77 | #endif 78 | -------------------------------------------------------------------------------- /include/sodium/crypto_sign_ed25519.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_sign_ed25519_H 2 | #define crypto_sign_ed25519_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | # if __GNUC__ 9 | # pragma GCC diagnostic ignored "-Wlong-long" 10 | # endif 11 | extern "C" { 12 | #endif 13 | 14 | #define crypto_sign_ed25519_BYTES 64U 15 | SODIUM_EXPORT 16 | size_t crypto_sign_ed25519_bytes(void); 17 | 18 | #define crypto_sign_ed25519_SEEDBYTES 32U 19 | SODIUM_EXPORT 20 | size_t crypto_sign_ed25519_seedbytes(void); 21 | 22 | #define crypto_sign_ed25519_PUBLICKEYBYTES 32U 23 | SODIUM_EXPORT 24 | size_t crypto_sign_ed25519_publickeybytes(void); 25 | 26 | #define crypto_sign_ed25519_SECRETKEYBYTES (32U + 32U) 27 | SODIUM_EXPORT 28 | size_t crypto_sign_ed25519_secretkeybytes(void); 29 | 30 | SODIUM_EXPORT 31 | int crypto_sign_ed25519(unsigned char *sm, unsigned long long *smlen_p, 32 | const unsigned char *m, unsigned long long mlen, 33 | const unsigned char *sk); 34 | 35 | SODIUM_EXPORT 36 | int crypto_sign_ed25519_open(unsigned char *m, unsigned long long *mlen_p, 37 | const unsigned char *sm, unsigned long long smlen, 38 | const unsigned char *pk) 39 | __attribute__ ((warn_unused_result)); 40 | 41 | SODIUM_EXPORT 42 | int crypto_sign_ed25519_detached(unsigned char *sig, 43 | unsigned long long *siglen_p, 44 | const unsigned char *m, 45 | unsigned long long mlen, 46 | const unsigned char *sk); 47 | 48 | SODIUM_EXPORT 49 | int crypto_sign_ed25519_verify_detached(const unsigned char *sig, 50 | const unsigned char *m, 51 | unsigned long long mlen, 52 | const unsigned char *pk) 53 | __attribute__ ((warn_unused_result)); 54 | 55 | SODIUM_EXPORT 56 | int crypto_sign_ed25519_keypair(unsigned char *pk, unsigned char *sk); 57 | 58 | SODIUM_EXPORT 59 | int crypto_sign_ed25519_seed_keypair(unsigned char *pk, unsigned char *sk, 60 | const unsigned char *seed); 61 | 62 | SODIUM_EXPORT 63 | int crypto_sign_ed25519_pk_to_curve25519(unsigned char *curve25519_pk, 64 | const unsigned char *ed25519_pk) 65 | __attribute__ ((warn_unused_result)); 66 | 67 | SODIUM_EXPORT 68 | int crypto_sign_ed25519_sk_to_curve25519(unsigned char *curve25519_sk, 69 | const unsigned char *ed25519_sk); 70 | 71 | SODIUM_EXPORT 72 | int crypto_sign_ed25519_sk_to_seed(unsigned char *seed, 73 | const unsigned char *sk); 74 | 75 | SODIUM_EXPORT 76 | int crypto_sign_ed25519_sk_to_pk(unsigned char *pk, const unsigned char *sk); 77 | 78 | #ifdef __cplusplus 79 | } 80 | #endif 81 | 82 | #endif 83 | -------------------------------------------------------------------------------- /include/sodium/crypto_sign_edwards25519sha512batch.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_sign_edwards25519sha512batch_H 2 | #define crypto_sign_edwards25519sha512batch_H 3 | 4 | /* 5 | * WARNING: This construction was a prototype, which should not be used 6 | * any more in new projects. 7 | * 8 | * crypto_sign_edwards25519sha512batch is provided for applications 9 | * initially built with NaCl, but as recommended by the author of this 10 | * construction, new applications should use ed25519 instead. 11 | * 12 | * In Sodium, you should use the high-level crypto_sign_*() functions instead. 13 | */ 14 | 15 | #include 16 | #include "export.h" 17 | 18 | #ifdef __cplusplus 19 | # if __GNUC__ 20 | # pragma GCC diagnostic ignored "-Wlong-long" 21 | # endif 22 | extern "C" { 23 | #endif 24 | 25 | #define crypto_sign_edwards25519sha512batch_BYTES 64U 26 | SODIUM_EXPORT 27 | size_t crypto_sign_edwards25519sha512batch_bytes(void) 28 | __attribute__ ((deprecated)); 29 | 30 | #define crypto_sign_edwards25519sha512batch_PUBLICKEYBYTES 32U 31 | SODIUM_EXPORT 32 | size_t crypto_sign_edwards25519sha512batch_publickeybytes(void) 33 | __attribute__ ((deprecated)); 34 | 35 | #define crypto_sign_edwards25519sha512batch_SECRETKEYBYTES (32U + 32U) 36 | SODIUM_EXPORT 37 | size_t crypto_sign_edwards25519sha512batch_secretkeybytes(void) 38 | __attribute__ ((deprecated)); 39 | 40 | SODIUM_EXPORT 41 | int crypto_sign_edwards25519sha512batch(unsigned char *sm, 42 | unsigned long long *smlen_p, 43 | const unsigned char *m, 44 | unsigned long long mlen, 45 | const unsigned char *sk) 46 | __attribute__ ((deprecated)); 47 | 48 | SODIUM_EXPORT 49 | int crypto_sign_edwards25519sha512batch_open(unsigned char *m, 50 | unsigned long long *mlen_p, 51 | const unsigned char *sm, 52 | unsigned long long smlen, 53 | const unsigned char *pk) 54 | __attribute__ ((deprecated)); 55 | 56 | SODIUM_EXPORT 57 | int crypto_sign_edwards25519sha512batch_keypair(unsigned char *pk, 58 | unsigned char *sk) 59 | __attribute__ ((deprecated)); 60 | 61 | #ifdef __cplusplus 62 | } 63 | #endif 64 | 65 | #endif 66 | -------------------------------------------------------------------------------- /include/sodium/crypto_stream.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_stream_H 2 | #define crypto_stream_H 3 | 4 | /* 5 | * WARNING: This is just a stream cipher. It is NOT authenticated encryption. 6 | * While it provides some protection against eavesdropping, it does NOT 7 | * provide any security against active attacks. 8 | * Unless you know what you're doing, what you are looking for is probably 9 | * the crypto_box functions. 10 | */ 11 | 12 | #include 13 | 14 | #include "crypto_stream_xsalsa20.h" 15 | #include "export.h" 16 | 17 | #ifdef __cplusplus 18 | # if __GNUC__ 19 | # pragma GCC diagnostic ignored "-Wlong-long" 20 | # endif 21 | extern "C" { 22 | #endif 23 | 24 | #define crypto_stream_KEYBYTES crypto_stream_xsalsa20_KEYBYTES 25 | SODIUM_EXPORT 26 | size_t crypto_stream_keybytes(void); 27 | 28 | #define crypto_stream_NONCEBYTES crypto_stream_xsalsa20_NONCEBYTES 29 | SODIUM_EXPORT 30 | size_t crypto_stream_noncebytes(void); 31 | 32 | #define crypto_stream_PRIMITIVE "xsalsa20" 33 | SODIUM_EXPORT 34 | const char *crypto_stream_primitive(void); 35 | 36 | SODIUM_EXPORT 37 | int crypto_stream(unsigned char *c, unsigned long long clen, 38 | const unsigned char *n, const unsigned char *k); 39 | 40 | SODIUM_EXPORT 41 | int crypto_stream_xor(unsigned char *c, const unsigned char *m, 42 | unsigned long long mlen, const unsigned char *n, 43 | const unsigned char *k); 44 | 45 | #ifdef __cplusplus 46 | } 47 | #endif 48 | 49 | #endif 50 | -------------------------------------------------------------------------------- /include/sodium/crypto_stream_aes128ctr.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_stream_aes128ctr_H 2 | #define crypto_stream_aes128ctr_H 3 | 4 | /* 5 | * WARNING: This is just a stream cipher. It is NOT authenticated encryption. 6 | * While it provides some protection against eavesdropping, it does NOT 7 | * provide any security against active attacks. 8 | * Unless you know what you're doing, what you are looking for is probably 9 | * the crypto_box functions. 10 | */ 11 | 12 | #include 13 | #include "export.h" 14 | 15 | #ifdef __cplusplus 16 | # if __GNUC__ 17 | # pragma GCC diagnostic ignored "-Wlong-long" 18 | # endif 19 | extern "C" { 20 | #endif 21 | 22 | #define crypto_stream_aes128ctr_KEYBYTES 16U 23 | SODIUM_EXPORT 24 | size_t crypto_stream_aes128ctr_keybytes(void); 25 | 26 | #define crypto_stream_aes128ctr_NONCEBYTES 16U 27 | SODIUM_EXPORT 28 | size_t crypto_stream_aes128ctr_noncebytes(void); 29 | 30 | #define crypto_stream_aes128ctr_BEFORENMBYTES 1408U 31 | SODIUM_EXPORT 32 | size_t crypto_stream_aes128ctr_beforenmbytes(void); 33 | 34 | SODIUM_EXPORT 35 | int crypto_stream_aes128ctr(unsigned char *out, unsigned long long outlen, 36 | const unsigned char *n, const unsigned char *k); 37 | 38 | SODIUM_EXPORT 39 | int crypto_stream_aes128ctr_xor(unsigned char *out, const unsigned char *in, 40 | unsigned long long inlen, const unsigned char *n, 41 | const unsigned char *k); 42 | 43 | SODIUM_EXPORT 44 | int crypto_stream_aes128ctr_beforenm(unsigned char *c, const unsigned char *k); 45 | 46 | SODIUM_EXPORT 47 | int crypto_stream_aes128ctr_afternm(unsigned char *out, unsigned long long len, 48 | const unsigned char *nonce, const unsigned char *c); 49 | 50 | SODIUM_EXPORT 51 | int crypto_stream_aes128ctr_xor_afternm(unsigned char *out, const unsigned char *in, 52 | unsigned long long len, 53 | const unsigned char *nonce, 54 | const unsigned char *c); 55 | 56 | #ifdef __cplusplus 57 | } 58 | #endif 59 | 60 | #endif 61 | -------------------------------------------------------------------------------- /include/sodium/crypto_stream_chacha20.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_stream_chacha20_H 2 | #define crypto_stream_chacha20_H 3 | 4 | /* 5 | * WARNING: This is just a stream cipher. It is NOT authenticated encryption. 6 | * While it provides some protection against eavesdropping, it does NOT 7 | * provide any security against active attacks. 8 | * Unless you know what you're doing, what you are looking for is probably 9 | * the crypto_box functions. 10 | */ 11 | 12 | #include 13 | #include 14 | #include "export.h" 15 | 16 | #ifdef __cplusplus 17 | # if __GNUC__ 18 | # pragma GCC diagnostic ignored "-Wlong-long" 19 | # endif 20 | extern "C" { 21 | #endif 22 | 23 | #define crypto_stream_chacha20_KEYBYTES 32U 24 | SODIUM_EXPORT 25 | size_t crypto_stream_chacha20_keybytes(void); 26 | 27 | #define crypto_stream_chacha20_NONCEBYTES 8U 28 | SODIUM_EXPORT 29 | size_t crypto_stream_chacha20_noncebytes(void); 30 | 31 | /* ChaCha20 with a 64-bit nonce and a 64-bit counter, as originally designed */ 32 | 33 | SODIUM_EXPORT 34 | int crypto_stream_chacha20(unsigned char *c, unsigned long long clen, 35 | const unsigned char *n, const unsigned char *k); 36 | 37 | SODIUM_EXPORT 38 | int crypto_stream_chacha20_xor(unsigned char *c, const unsigned char *m, 39 | unsigned long long mlen, const unsigned char *n, 40 | const unsigned char *k); 41 | 42 | SODIUM_EXPORT 43 | int crypto_stream_chacha20_xor_ic(unsigned char *c, const unsigned char *m, 44 | unsigned long long mlen, 45 | const unsigned char *n, uint64_t ic, 46 | const unsigned char *k); 47 | 48 | /* ChaCha20 with a 96-bit nonce and a 32-bit counter (IETF) */ 49 | 50 | #define crypto_stream_chacha20_IETF_NONCEBYTES 12U 51 | SODIUM_EXPORT 52 | size_t crypto_stream_chacha20_ietf_noncebytes(void); 53 | 54 | SODIUM_EXPORT 55 | int crypto_stream_chacha20_ietf(unsigned char *c, unsigned long long clen, 56 | const unsigned char *n, const unsigned char *k); 57 | 58 | SODIUM_EXPORT 59 | int crypto_stream_chacha20_ietf_xor(unsigned char *c, const unsigned char *m, 60 | unsigned long long mlen, const unsigned char *n, 61 | const unsigned char *k); 62 | 63 | SODIUM_EXPORT 64 | int crypto_stream_chacha20_ietf_xor_ic(unsigned char *c, const unsigned char *m, 65 | unsigned long long mlen, 66 | const unsigned char *n, uint32_t ic, 67 | const unsigned char *k); 68 | 69 | /* ------------------------------------------------------------------------- */ 70 | 71 | int _crypto_stream_chacha20_pick_best_implementation(void); 72 | 73 | #ifdef __cplusplus 74 | } 75 | #endif 76 | 77 | #endif 78 | -------------------------------------------------------------------------------- /include/sodium/crypto_stream_salsa20.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_stream_salsa20_H 2 | #define crypto_stream_salsa20_H 3 | 4 | /* 5 | * WARNING: This is just a stream cipher. It is NOT authenticated encryption. 6 | * While it provides some protection against eavesdropping, it does NOT 7 | * provide any security against active attacks. 8 | * Unless you know what you're doing, what you are looking for is probably 9 | * the crypto_box functions. 10 | */ 11 | 12 | #include 13 | #include 14 | #include "export.h" 15 | 16 | #ifdef __cplusplus 17 | # if __GNUC__ 18 | # pragma GCC diagnostic ignored "-Wlong-long" 19 | # endif 20 | extern "C" { 21 | #endif 22 | 23 | #define crypto_stream_salsa20_KEYBYTES 32U 24 | SODIUM_EXPORT 25 | size_t crypto_stream_salsa20_keybytes(void); 26 | 27 | #define crypto_stream_salsa20_NONCEBYTES 8U 28 | SODIUM_EXPORT 29 | size_t crypto_stream_salsa20_noncebytes(void); 30 | 31 | SODIUM_EXPORT 32 | int crypto_stream_salsa20(unsigned char *c, unsigned long long clen, 33 | const unsigned char *n, const unsigned char *k); 34 | 35 | SODIUM_EXPORT 36 | int crypto_stream_salsa20_xor(unsigned char *c, const unsigned char *m, 37 | unsigned long long mlen, const unsigned char *n, 38 | const unsigned char *k); 39 | 40 | SODIUM_EXPORT 41 | int crypto_stream_salsa20_xor_ic(unsigned char *c, const unsigned char *m, 42 | unsigned long long mlen, 43 | const unsigned char *n, uint64_t ic, 44 | const unsigned char *k); 45 | #ifdef __cplusplus 46 | } 47 | #endif 48 | 49 | #endif 50 | -------------------------------------------------------------------------------- /include/sodium/crypto_stream_salsa2012.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_stream_salsa2012_H 2 | #define crypto_stream_salsa2012_H 3 | 4 | /* 5 | * WARNING: This is just a stream cipher. It is NOT authenticated encryption. 6 | * While it provides some protection against eavesdropping, it does NOT 7 | * provide any security against active attacks. 8 | * Unless you know what you're doing, what you are looking for is probably 9 | * the crypto_box functions. 10 | */ 11 | 12 | #include 13 | #include "export.h" 14 | 15 | #ifdef __cplusplus 16 | # if __GNUC__ 17 | # pragma GCC diagnostic ignored "-Wlong-long" 18 | # endif 19 | extern "C" { 20 | #endif 21 | 22 | #define crypto_stream_salsa2012_KEYBYTES 32U 23 | SODIUM_EXPORT 24 | size_t crypto_stream_salsa2012_keybytes(void); 25 | 26 | #define crypto_stream_salsa2012_NONCEBYTES 8U 27 | SODIUM_EXPORT 28 | size_t crypto_stream_salsa2012_noncebytes(void); 29 | 30 | SODIUM_EXPORT 31 | int crypto_stream_salsa2012(unsigned char *c, unsigned long long clen, 32 | const unsigned char *n, const unsigned char *k); 33 | 34 | SODIUM_EXPORT 35 | int crypto_stream_salsa2012_xor(unsigned char *c, const unsigned char *m, 36 | unsigned long long mlen, const unsigned char *n, 37 | const unsigned char *k); 38 | 39 | #ifdef __cplusplus 40 | } 41 | #endif 42 | 43 | #endif 44 | -------------------------------------------------------------------------------- /include/sodium/crypto_stream_salsa208.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_stream_salsa208_H 2 | #define crypto_stream_salsa208_H 3 | 4 | /* 5 | * WARNING: This is just a stream cipher. It is NOT authenticated encryption. 6 | * While it provides some protection against eavesdropping, it does NOT 7 | * provide any security against active attacks. 8 | * Unless you know what you're doing, what you are looking for is probably 9 | * the crypto_box functions. 10 | */ 11 | 12 | #include 13 | #include "export.h" 14 | 15 | #ifdef __cplusplus 16 | # if __GNUC__ 17 | # pragma GCC diagnostic ignored "-Wlong-long" 18 | # endif 19 | extern "C" { 20 | #endif 21 | 22 | #define crypto_stream_salsa208_KEYBYTES 32U 23 | SODIUM_EXPORT 24 | size_t crypto_stream_salsa208_keybytes(void); 25 | 26 | #define crypto_stream_salsa208_NONCEBYTES 8U 27 | SODIUM_EXPORT 28 | size_t crypto_stream_salsa208_noncebytes(void); 29 | 30 | SODIUM_EXPORT 31 | int crypto_stream_salsa208(unsigned char *c, unsigned long long clen, 32 | const unsigned char *n, const unsigned char *k); 33 | 34 | SODIUM_EXPORT 35 | int crypto_stream_salsa208_xor(unsigned char *c, const unsigned char *m, 36 | unsigned long long mlen, const unsigned char *n, 37 | const unsigned char *k); 38 | 39 | #ifdef __cplusplus 40 | } 41 | #endif 42 | 43 | #endif 44 | -------------------------------------------------------------------------------- /include/sodium/crypto_stream_xsalsa20.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_stream_xsalsa20_H 2 | #define crypto_stream_xsalsa20_H 3 | 4 | /* 5 | * WARNING: This is just a stream cipher. It is NOT authenticated encryption. 6 | * While it provides some protection against eavesdropping, it does NOT 7 | * provide any security against active attacks. 8 | * Unless you know what you're doing, what you are looking for is probably 9 | * the crypto_box functions. 10 | */ 11 | 12 | #include 13 | #include 14 | #include "export.h" 15 | 16 | #ifdef __cplusplus 17 | # if __GNUC__ 18 | # pragma GCC diagnostic ignored "-Wlong-long" 19 | # endif 20 | extern "C" { 21 | #endif 22 | 23 | #define crypto_stream_xsalsa20_KEYBYTES 32U 24 | SODIUM_EXPORT 25 | size_t crypto_stream_xsalsa20_keybytes(void); 26 | 27 | #define crypto_stream_xsalsa20_NONCEBYTES 24U 28 | SODIUM_EXPORT 29 | size_t crypto_stream_xsalsa20_noncebytes(void); 30 | 31 | SODIUM_EXPORT 32 | int crypto_stream_xsalsa20(unsigned char *c, unsigned long long clen, 33 | const unsigned char *n, const unsigned char *k); 34 | 35 | SODIUM_EXPORT 36 | int crypto_stream_xsalsa20_xor(unsigned char *c, const unsigned char *m, 37 | unsigned long long mlen, const unsigned char *n, 38 | const unsigned char *k); 39 | 40 | SODIUM_EXPORT 41 | int crypto_stream_xsalsa20_xor_ic(unsigned char *c, const unsigned char *m, 42 | unsigned long long mlen, 43 | const unsigned char *n, uint64_t ic, 44 | const unsigned char *k); 45 | #ifdef __cplusplus 46 | } 47 | #endif 48 | 49 | #endif 50 | -------------------------------------------------------------------------------- /include/sodium/crypto_uint16.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_uint16_H 2 | #define crypto_uint16_H 3 | 4 | #include 5 | 6 | typedef uint16_t crypto_uint16; 7 | 8 | #endif 9 | -------------------------------------------------------------------------------- /include/sodium/crypto_uint32.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_uint32_H 2 | #define crypto_uint32_H 3 | 4 | #include 5 | 6 | typedef uint32_t crypto_uint32; 7 | 8 | #endif 9 | -------------------------------------------------------------------------------- /include/sodium/crypto_uint64.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_uint64_H 2 | #define crypto_uint64_H 3 | 4 | #include 5 | 6 | typedef uint64_t crypto_uint64; 7 | 8 | #endif 9 | -------------------------------------------------------------------------------- /include/sodium/crypto_uint8.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_uint8_H 2 | #define crypto_uint8_H 3 | 4 | #include 5 | 6 | typedef uint8_t crypto_uint8; 7 | 8 | #endif 9 | -------------------------------------------------------------------------------- /include/sodium/crypto_verify_16.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_verify_16_H 2 | #define crypto_verify_16_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #define crypto_verify_16_BYTES 16U 12 | SODIUM_EXPORT 13 | size_t crypto_verify_16_bytes(void); 14 | 15 | SODIUM_EXPORT 16 | int crypto_verify_16(const unsigned char *x, const unsigned char *y) 17 | __attribute__ ((warn_unused_result)); 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /include/sodium/crypto_verify_32.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_verify_32_H 2 | #define crypto_verify_32_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #define crypto_verify_32_BYTES 32U 12 | SODIUM_EXPORT 13 | size_t crypto_verify_32_bytes(void); 14 | 15 | SODIUM_EXPORT 16 | int crypto_verify_32(const unsigned char *x, const unsigned char *y) 17 | __attribute__ ((warn_unused_result)); 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /include/sodium/crypto_verify_64.h: -------------------------------------------------------------------------------- 1 | #ifndef crypto_verify_64_H 2 | #define crypto_verify_64_H 3 | 4 | #include 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | #define crypto_verify_64_BYTES 64U 12 | SODIUM_EXPORT 13 | size_t crypto_verify_64_bytes(void); 14 | 15 | SODIUM_EXPORT 16 | int crypto_verify_64(const unsigned char *x, const unsigned char *y) 17 | __attribute__ ((warn_unused_result)); 18 | 19 | #ifdef __cplusplus 20 | } 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /include/sodium/export.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef sodium_export_H 3 | #define sodium_export_H 4 | 5 | #ifndef __GNUC__ 6 | # ifdef __attribute__ 7 | # undef __attribute__ 8 | # endif 9 | # define __attribute__(a) 10 | #endif 11 | 12 | #ifdef SODIUM_STATIC 13 | # define SODIUM_EXPORT 14 | #else 15 | # if defined(_MSC_VER) 16 | # ifdef SODIUM_DLL_EXPORT 17 | # define SODIUM_EXPORT __declspec(dllexport) 18 | # else 19 | # define SODIUM_EXPORT __declspec(dllimport) 20 | # endif 21 | # else 22 | # if defined(__SUNPRO_C) 23 | # ifndef __GNU_C__ 24 | # define SODIUM_EXPORT __attribute__(visibility(__global)) 25 | # else 26 | # define SODIUM_EXPORT __attribute__ __global 27 | # endif 28 | # elif defined(_MSG_VER) 29 | # define SODIUM_EXPORT extern __declspec(dllexport) 30 | # else 31 | # define SODIUM_EXPORT __attribute__ ((visibility ("default"))) 32 | # endif 33 | # endif 34 | #endif 35 | 36 | #ifndef CRYPTO_ALIGN 37 | # if defined(__INTEL_COMPILER) || defined(_MSC_VER) 38 | # define CRYPTO_ALIGN(x) __declspec(align(x)) 39 | # else 40 | # define CRYPTO_ALIGN(x) __attribute__((aligned(x))) 41 | # endif 42 | #endif 43 | 44 | #endif 45 | -------------------------------------------------------------------------------- /include/sodium/randombytes.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef randombytes_H 3 | #define randombytes_H 4 | 5 | #include 6 | 7 | #include 8 | #include 9 | 10 | #include "export.h" 11 | 12 | #ifdef __cplusplus 13 | # if __GNUC__ 14 | # pragma GCC diagnostic ignored "-Wlong-long" 15 | # endif 16 | extern "C" { 17 | #endif 18 | 19 | typedef struct randombytes_implementation { 20 | const char *(*implementation_name)(void); /* required */ 21 | uint32_t (*random)(void); /* required */ 22 | void (*stir)(void); /* optional */ 23 | uint32_t (*uniform)(const uint32_t upper_bound); /* optional, a default implementation will be used if NULL */ 24 | void (*buf)(void * const buf, const size_t size); /* required */ 25 | int (*close)(void); /* optional */ 26 | } randombytes_implementation; 27 | 28 | SODIUM_EXPORT 29 | void randombytes_buf(void * const buf, const size_t size); 30 | 31 | SODIUM_EXPORT 32 | uint32_t randombytes_random(void); 33 | 34 | SODIUM_EXPORT 35 | uint32_t randombytes_uniform(const uint32_t upper_bound); 36 | 37 | SODIUM_EXPORT 38 | void randombytes_stir(void); 39 | 40 | SODIUM_EXPORT 41 | int randombytes_close(void); 42 | 43 | SODIUM_EXPORT 44 | int randombytes_set_implementation(randombytes_implementation *impl); 45 | 46 | SODIUM_EXPORT 47 | const char *randombytes_implementation_name(void); 48 | 49 | /* -- NaCl compatibility interface -- */ 50 | 51 | SODIUM_EXPORT 52 | void randombytes(unsigned char * const buf, const unsigned long long buf_len); 53 | 54 | #ifdef __cplusplus 55 | } 56 | #endif 57 | 58 | #endif 59 | -------------------------------------------------------------------------------- /include/sodium/randombytes_nativeclient.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef randombytes_nativeclient_H 3 | #define randombytes_nativeclient_H 4 | 5 | #ifdef __native_client__ 6 | 7 | # include "export.h" 8 | # include "randombytes.h" 9 | 10 | # ifdef __cplusplus 11 | extern "C" { 12 | # endif 13 | 14 | SODIUM_EXPORT 15 | extern struct randombytes_implementation randombytes_nativeclient_implementation; 16 | 17 | # ifdef __cplusplus 18 | } 19 | # endif 20 | 21 | #endif 22 | 23 | #endif 24 | -------------------------------------------------------------------------------- /include/sodium/randombytes_salsa20_random.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef randombytes_salsa20_random_H 3 | #define randombytes_salsa20_random_H 4 | 5 | #include "export.h" 6 | #include "randombytes.h" 7 | 8 | #ifdef __cplusplus 9 | extern "C" { 10 | #endif 11 | 12 | SODIUM_EXPORT 13 | extern struct randombytes_implementation randombytes_salsa20_implementation; 14 | 15 | #ifdef __cplusplus 16 | } 17 | #endif 18 | 19 | #endif 20 | -------------------------------------------------------------------------------- /include/sodium/randombytes_sysrandom.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef randombytes_sysrandom_H 3 | #define randombytes_sysrandom_H 4 | 5 | #include "export.h" 6 | #include "randombytes.h" 7 | 8 | #ifdef __cplusplus 9 | extern "C" { 10 | #endif 11 | 12 | SODIUM_EXPORT 13 | extern struct randombytes_implementation randombytes_sysrandom_implementation; 14 | 15 | #ifdef __cplusplus 16 | } 17 | #endif 18 | 19 | #endif 20 | -------------------------------------------------------------------------------- /include/sodium/runtime.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef sodium_runtime_H 3 | #define sodium_runtime_H 4 | 5 | #include "export.h" 6 | 7 | #ifdef __cplusplus 8 | extern "C" { 9 | #endif 10 | 11 | SODIUM_EXPORT 12 | int sodium_runtime_has_neon(void); 13 | 14 | SODIUM_EXPORT 15 | int sodium_runtime_has_sse2(void); 16 | 17 | SODIUM_EXPORT 18 | int sodium_runtime_has_sse3(void); 19 | 20 | SODIUM_EXPORT 21 | int sodium_runtime_has_ssse3(void); 22 | 23 | SODIUM_EXPORT 24 | int sodium_runtime_has_sse41(void); 25 | 26 | SODIUM_EXPORT 27 | int sodium_runtime_has_avx(void); 28 | 29 | SODIUM_EXPORT 30 | int sodium_runtime_has_pclmul(void); 31 | 32 | SODIUM_EXPORT 33 | int sodium_runtime_has_aesni(void); 34 | 35 | /* ------------------------------------------------------------------------- */ 36 | 37 | int _sodium_runtime_get_cpu_features(void); 38 | 39 | #ifdef __cplusplus 40 | } 41 | #endif 42 | 43 | #endif 44 | -------------------------------------------------------------------------------- /include/sodium/utils.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef sodium_utils_H 3 | #define sodium_utils_H 4 | 5 | #include 6 | 7 | #include "export.h" 8 | 9 | #ifdef __cplusplus 10 | extern "C" { 11 | #endif 12 | 13 | #if defined(__cplusplus) || !defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L 14 | # define SODIUM_C99(X) 15 | #else 16 | # define SODIUM_C99(X) X 17 | #endif 18 | 19 | SODIUM_EXPORT 20 | void sodium_memzero(void * const pnt, const size_t len); 21 | 22 | /* 23 | * WARNING: sodium_memcmp() must be used to verify if two secret keys 24 | * are equal, in constant time. 25 | * It returns 0 if the keys are equal, and -1 if they differ. 26 | * This function is not designed for lexicographical comparisons. 27 | */ 28 | SODIUM_EXPORT 29 | int sodium_memcmp(const void * const b1_, const void * const b2_, size_t len) 30 | __attribute__ ((warn_unused_result)); 31 | 32 | /* 33 | * sodium_compare() returns -1 if b1_ < b2_, 1 if b1_ > b2_ and 0 if b1_ == b2_ 34 | * It is suitable for lexicographical comparisons, or to compare nonces 35 | * and counters stored in little-endian format. 36 | * However, it is slower than sodium_memcmp(). 37 | */ 38 | SODIUM_EXPORT 39 | int sodium_compare(const unsigned char *b1_, const unsigned char *b2_, 40 | size_t len) 41 | __attribute__ ((warn_unused_result)); 42 | 43 | SODIUM_EXPORT 44 | int sodium_is_zero(const unsigned char *n, const size_t nlen); 45 | 46 | SODIUM_EXPORT 47 | void sodium_increment(unsigned char *n, const size_t nlen); 48 | 49 | SODIUM_EXPORT 50 | void sodium_add(unsigned char *a, const unsigned char *b, const size_t len); 51 | 52 | SODIUM_EXPORT 53 | char *sodium_bin2hex(char * const hex, const size_t hex_maxlen, 54 | const unsigned char * const bin, const size_t bin_len); 55 | 56 | SODIUM_EXPORT 57 | int sodium_hex2bin(unsigned char * const bin, const size_t bin_maxlen, 58 | const char * const hex, const size_t hex_len, 59 | const char * const ignore, size_t * const bin_len, 60 | const char ** const hex_end); 61 | 62 | SODIUM_EXPORT 63 | int sodium_mlock(void * const addr, const size_t len); 64 | 65 | SODIUM_EXPORT 66 | int sodium_munlock(void * const addr, const size_t len); 67 | 68 | /* WARNING: sodium_malloc() and sodium_allocarray() are not general-purpose 69 | * allocation functions. 70 | * 71 | * They return a pointer to a region filled with 0xd0 bytes, immediately 72 | * followed by a guard page. 73 | * As a result, accessing a single byte after the requested allocation size 74 | * will intentionally trigger a segmentation fault. 75 | * 76 | * A canary and an additional guard page placed before the beginning of the 77 | * region may also kill the process if a buffer underflow is detected. 78 | * 79 | * The memory layout is: 80 | * [unprotected region size (read only)][guard page (no access)][unprotected pages (read/write)][guard page (no access)] 81 | * With the layout of the unprotected pages being: 82 | * [optional padding][16-bytes canary][user region] 83 | * 84 | * However: 85 | * - These functions are significantly slower than standard functions 86 | * - Each allocation requires 3 or 4 additional pages 87 | * - The returned address will not be aligned if the allocation size is not 88 | * a multiple of the required alignment. For this reason, these functions 89 | * are designed to store data, such as secret keys and messages. 90 | * 91 | * sodium_malloc() can be used to allocate any libsodium data structure, 92 | * with the exception of crypto_generichash_state. 93 | * 94 | * The crypto_generichash_state structure is packed and its length is 95 | * either 357 or 361 bytes. For this reason, when using sodium_malloc() to 96 | * allocate a crypto_generichash_state structure, padding must be added in 97 | * order to ensure proper alignment: 98 | * state = sodium_malloc((crypto_generichash_statebytes() + (size_t) 63U) 99 | * & ~(size_t) 63U); 100 | */ 101 | 102 | SODIUM_EXPORT 103 | void *sodium_malloc(const size_t size) 104 | __attribute__ ((malloc)); 105 | 106 | SODIUM_EXPORT 107 | void *sodium_allocarray(size_t count, size_t size) 108 | __attribute__ ((malloc)); 109 | 110 | SODIUM_EXPORT 111 | void sodium_free(void *ptr); 112 | 113 | SODIUM_EXPORT 114 | int sodium_mprotect_noaccess(void *ptr); 115 | 116 | SODIUM_EXPORT 117 | int sodium_mprotect_readonly(void *ptr); 118 | 119 | SODIUM_EXPORT 120 | int sodium_mprotect_readwrite(void *ptr); 121 | 122 | /* -------- */ 123 | 124 | int _sodium_alloc_init(void); 125 | 126 | #ifdef __cplusplus 127 | } 128 | #endif 129 | 130 | #endif 131 | -------------------------------------------------------------------------------- /include/sodium/version.h: -------------------------------------------------------------------------------- 1 | 2 | #ifndef sodium_version_H 3 | #define sodium_version_H 4 | 5 | #include "export.h" 6 | 7 | #define SODIUM_VERSION_STRING "@VERSION@" 8 | 9 | #define SODIUM_LIBRARY_VERSION_MAJOR @SODIUM_LIBRARY_VERSION_MAJOR@ 10 | #define SODIUM_LIBRARY_VERSION_MINOR @SODIUM_LIBRARY_VERSION_MINOR@ 11 | 12 | #ifdef __cplusplus 13 | extern "C" { 14 | #endif 15 | 16 | SODIUM_EXPORT 17 | const char *sodium_version_string(void); 18 | 19 | SODIUM_EXPORT 20 | int sodium_library_version_major(void); 21 | 22 | SODIUM_EXPORT 23 | int sodium_library_version_minor(void); 24 | 25 | #ifdef __cplusplus 26 | } 27 | #endif 28 | 29 | #endif 30 | -------------------------------------------------------------------------------- /lib/libsodium.a: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/networkextension/SSencrypt/66147c6b235fea8165b9e7c22486899a44d75eab/lib/libsodium.a --------------------------------------------------------------------------------