[thirdparty/pdns.git] / pdns / dnscrypt.hh

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#pragma once
#include "config.h"
#include <memory>

#ifndef HAVE_DNSCRYPT

/* let's just define a few types and values so that the rest of
   the code can ignore whether DNSCrypt support is available */
#define DNSCRYPT_MAX_RESPONSE_PADDING_AND_MAC_SIZE (0)

class DNSCryptContext
{
};

class DNSCryptQuery
{
  DNSCryptQuery(const std::shared_ptr<DNSCryptContext>& ctx): d_ctx(ctx)
  {
  }
private:
  std::shared_ptr<DNSCryptContext> d_ctx{nullptr};
};

#else /* HAVE_DNSCRYPT */

#include <string>
#include <vector>
#include <arpa/inet.h>

#include <sodium.h>

#include "dnsname.hh"
#include "lock.hh"
#include "noinitvector.hh"

#define DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE (crypto_sign_ed25519_PUBLICKEYBYTES)
#define DNSCRYPT_PROVIDER_PRIVATE_KEY_SIZE (crypto_sign_ed25519_SECRETKEYBYTES)
#define DNSCRYPT_SIGNATURE_SIZE (crypto_sign_ed25519_BYTES)

#define DNSCRYPT_PUBLIC_KEY_SIZE (crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES)
#define DNSCRYPT_PRIVATE_KEY_SIZE (crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES)
#define DNSCRYPT_NONCE_SIZE (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES)
#define DNSCRYPT_BEFORENM_SIZE (crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES)
#define DNSCRYPT_MAC_SIZE (crypto_box_curve25519xsalsa20poly1305_MACBYTES)

#ifdef HAVE_CRYPTO_BOX_CURVE25519XCHACHA20POLY1305_EASY
static_assert(crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES == crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES, "DNSCrypt public key size should be the same for all exchange versions");
static_assert(crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES == crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES, "DNSCrypt private key size should be the same for all exchange versions");
static_assert(crypto_box_curve25519xchacha20poly1305_NONCEBYTES == crypto_box_curve25519xsalsa20poly1305_NONCEBYTES, "DNSCrypt nonce size should be the same for all exchange versions");
static_assert(crypto_box_curve25519xsalsa20poly1305_MACBYTES == crypto_box_curve25519xchacha20poly1305_MACBYTES, "DNSCrypt MAC size should be the same for all exchange versions");
static_assert(crypto_box_curve25519xchacha20poly1305_BEFORENMBYTES == crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES, "DNSCrypt BEFORENM size should be the same for all exchange versions");
#endif /* HAVE_CRYPTO_BOX_CURVE25519XCHACHA20POLY1305_EASY */

#define DNSCRYPT_CERT_MAGIC_SIZE (4)
#define DNSCRYPT_CERT_MAGIC_VALUE { 0x44, 0x4e, 0x53, 0x43 }
#define DNSCRYPT_CERT_PROTOCOL_MINOR_VERSION_VALUE { 0x00, 0x00 }
#define DNSCRYPT_CLIENT_MAGIC_SIZE (8)
#define DNSCRYPT_RESOLVER_MAGIC { 0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38 }
#define DNSCRYPT_RESOLVER_MAGIC_SIZE (8)
#define DNSCRYPT_PADDED_BLOCK_SIZE (64)
#define DNSCRYPT_MAX_TCP_PADDING_SIZE (256)
#define DNSCRYPT_MAX_RESPONSE_PADDING_SIZE (256)
#define DNSCRYPT_MAX_RESPONSE_PADDING_AND_MAC_SIZE (DNSCRYPT_MAX_RESPONSE_PADDING_SIZE + DNSCRYPT_MAC_SIZE)

/* "The client must check for new certificates every hour", so let's use one hour TTL */
#define DNSCRYPT_CERTIFICATE_RESPONSE_TTL (3600)

static_assert(DNSCRYPT_CLIENT_MAGIC_SIZE <= DNSCRYPT_PUBLIC_KEY_SIZE, "DNSCrypt Client Nonce size should be smaller or equal to public key size.");

#define DNSCRYPT_CERT_ES_VERSION1_VALUE { 0x00, 0x01 }
#define DNSCRYPT_CERT_ES_VERSION2_VALUE { 0x00, 0x02 }

class DNSCryptContext;

struct DNSCryptCertSignedData
{
  unsigned char resolverPK[DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE];
  unsigned char clientMagic[DNSCRYPT_CLIENT_MAGIC_SIZE];
  uint32_t serial;
  uint32_t tsStart;
  uint32_t tsEnd;
};

class DNSCryptCert
{
public:
  uint32_t getSerial() const
  {
    return ntohl(signedData.serial);
  }
  uint32_t getTSStart() const
  {
    return signedData.tsStart;
  }
  uint32_t getTSEnd() const
  {
    return signedData.tsEnd;
  }
  bool isValid(time_t now) const
  {
    // coverity[store_truncates_time_t]
    return ntohl(getTSStart()) <= static_cast<uint32_t>(now) && static_cast<uint32_t>(now) <= ntohl(getTSEnd());
  }
  unsigned char magic[DNSCRYPT_CERT_MAGIC_SIZE];
  unsigned char esVersion[2];
  unsigned char protocolMinorVersion[2];
  unsigned char signature[DNSCRYPT_SIGNATURE_SIZE];
  struct DNSCryptCertSignedData signedData;
};

static_assert((sizeof(DNSCryptCertSignedData) + DNSCRYPT_SIGNATURE_SIZE) == 116, "Dnscrypt cert signed data size + signature size should be 116!");
static_assert(sizeof(DNSCryptCert) == 124, "Dnscrypt cert size should be 124!");

struct DNSCryptQueryHeader
{
  unsigned char clientMagic[DNSCRYPT_CLIENT_MAGIC_SIZE];
  unsigned char clientPK[DNSCRYPT_PUBLIC_KEY_SIZE];
  unsigned char clientNonce[DNSCRYPT_NONCE_SIZE / 2];
};

static_assert(sizeof(DNSCryptQueryHeader) == 52, "Dnscrypt query header size should be 52!");

struct DNSCryptResponseHeader
{
  const unsigned char resolverMagic[DNSCRYPT_RESOLVER_MAGIC_SIZE] = DNSCRYPT_RESOLVER_MAGIC;
  unsigned char nonce[DNSCRYPT_NONCE_SIZE];
};

typedef enum {
  VERSION1,
  VERSION2
} DNSCryptExchangeVersion;

class DNSCryptPrivateKey
{
public:
  DNSCryptPrivateKey();
  ~DNSCryptPrivateKey();
  void loadFromFile(const std::string& keyFile);
  void saveToFile(const std::string& keyFile) const;

  unsigned char key[DNSCRYPT_PRIVATE_KEY_SIZE];
};

struct DNSCryptCertificatePair
{
  unsigned char publicKey[DNSCRYPT_PUBLIC_KEY_SIZE];
  DNSCryptCert cert;
  DNSCryptPrivateKey privateKey;
  bool active;
};

class DNSCryptQuery
{
public:
  DNSCryptQuery(const std::shared_ptr<DNSCryptContext>& ctx): d_ctx(ctx)
  {
    memset(&d_header, 0, sizeof(d_header));
#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
    memset(&d_sharedKey, 0, sizeof(d_sharedKey));
#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
  }

  ~DNSCryptQuery();

  bool isValid() const
  {
    return d_valid;
  }

  const DNSName& getQName() const
  {
    return d_qname;
  }

  uint16_t getID() const
  {
    return d_id;
  }

  const unsigned char* getClientMagic() const
  {
    return d_header.clientMagic;
  }

  bool isEncrypted() const
  {
    return d_encrypted;
  }

  void setCertificatePair(const std::shared_ptr<DNSCryptCertificatePair>& pair)
  {
    d_pair = pair;
  }

  void parsePacket(PacketBuffer& packet, bool tcp, time_t now);
  void getDecrypted(bool tcp, PacketBuffer& packet);
  void getCertificateResponse(time_t now, PacketBuffer& response) const;
  int encryptResponse(PacketBuffer& response, size_t maxResponseSize, bool tcp);

  static const size_t s_minUDPLength = 256;

private:
  DNSCryptExchangeVersion getVersion() const;
#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
  int computeSharedKey();
#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
  void fillServerNonce(unsigned char* dest) const;
  uint16_t computePaddingSize(uint16_t unpaddedLen, size_t maxLen) const;
  bool parsePlaintextQuery(const PacketBuffer& packet);
  bool isEncryptedQuery(const PacketBuffer& packet, bool tcp, time_t now);

  DNSCryptQueryHeader d_header;
#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
  unsigned char d_sharedKey[crypto_box_BEFORENMBYTES];
#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
  DNSName d_qname;
  std::shared_ptr<DNSCryptContext> d_ctx{nullptr};
  std::shared_ptr<DNSCryptCertificatePair> d_pair{nullptr};
  uint16_t d_id{0};
  uint16_t d_len{0};
  uint16_t d_paddedLen{0};
  bool d_encrypted{false};
  bool d_valid{false};

#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
  bool d_sharedKeyComputed{false};
#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
};

class DNSCryptContext
{
public:
  static void generateProviderKeys(unsigned char publicKey[DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE], unsigned char privateKey[DNSCRYPT_PROVIDER_PRIVATE_KEY_SIZE]);
  static std::string getProviderFingerprint(unsigned char publicKey[DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE]);
  static void generateCertificate(uint32_t serial, time_t begin, time_t end, const DNSCryptExchangeVersion& version, const unsigned char providerPrivateKey[DNSCRYPT_PROVIDER_PRIVATE_KEY_SIZE], DNSCryptPrivateKey& privateKey, DNSCryptCert& cert);
  static void saveCertFromFile(const DNSCryptCert& cert, const std::string&filename);
  static std::string certificateDateToStr(uint32_t date);
  static void generateResolverKeyPair(DNSCryptPrivateKey& privK, unsigned char pubK[DNSCRYPT_PUBLIC_KEY_SIZE]);
  static void setExchangeVersion(const DNSCryptExchangeVersion& version,  unsigned char esVersion[sizeof(DNSCryptCert::esVersion)]);
  static DNSCryptExchangeVersion getExchangeVersion(const unsigned char esVersion[sizeof(DNSCryptCert::esVersion)]);
  static DNSCryptExchangeVersion getExchangeVersion(const DNSCryptCert& cert);

  struct CertKeyPaths
  {
    std::string cert;
    std::string key;
  };

  DNSCryptContext(const std::string& pName, const std::vector<CertKeyPaths>& certKeys);
  DNSCryptContext(const std::string& pName, const DNSCryptCert& certificate, const DNSCryptPrivateKey& pKey);
  ~DNSCryptContext();
  
  void reloadCertificates();
  void loadNewCertificate(const std::string& certFile, const std::string& keyFile, bool active=true, bool reload=false);
  void addNewCertificate(const DNSCryptCert& newCert, const DNSCryptPrivateKey& newKey, bool active=true, bool reload=false);

  void markActive(uint32_t serial);
  void markInactive(uint32_t serial);
  void removeInactiveCertificate(uint32_t serial);
  std::vector<std::shared_ptr<DNSCryptCertificatePair>> getCertificates();
  const DNSName& getProviderName() const { return providerName; }

  int encryptQuery(PacketBuffer& query, size_t maximumSize, const unsigned char clientPublicKey[DNSCRYPT_PUBLIC_KEY_SIZE], const DNSCryptPrivateKey& clientPrivateKey, const unsigned char clientNonce[DNSCRYPT_NONCE_SIZE / 2], bool tcp, const std::shared_ptr<DNSCryptCert>& cert) const;
  bool magicMatchesAPublicKey(DNSCryptQuery& query, time_t now);
  void getCertificateResponse(time_t now, const DNSName& qname, uint16_t qid, PacketBuffer& response);

private:
  static void computePublicKeyFromPrivate(const DNSCryptPrivateKey& privK, unsigned char pubK[DNSCRYPT_PUBLIC_KEY_SIZE]);
  static void loadCertFromFile(const std::string&filename, DNSCryptCert& dest);
  static std::shared_ptr<DNSCryptCertificatePair> loadCertificatePair(const std::string& certFile, const std::string& keyFile);

  void addNewCertificate(std::shared_ptr<DNSCryptCertificatePair>& newCert, bool reload=false);

  SharedLockGuarded<std::vector<std::shared_ptr<DNSCryptCertificatePair>>> d_certs;
  SharedLockGuarded<std::vector<CertKeyPaths>> d_certKeyPaths;
  DNSName providerName;
};

bool generateDNSCryptCertificate(const std::string& providerPrivateKeyFile, uint32_t serial, time_t begin, time_t end, DNSCryptExchangeVersion version, DNSCryptCert& certOut, DNSCryptPrivateKey& keyOut);

#endif
Commit	Line	Data
12471842 PL	1	/*
	2	* This file is part of PowerDNS or dnsdist.
	3	* Copyright -- PowerDNS.COM B.V. and its contributors
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of version 2 of the GNU General Public License as
	7	* published by the Free Software Foundation.
	8	*
	9	* In addition, for the avoidance of any doubt, permission is granted to
	10	* link this program with OpenSSL and to (re)distribute the binaries
	11	* produced as the result of such linking.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program; if not, write to the Free Software
	20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	21	*/
11e1e08b RG	22	#pragma once
11e1e08b RG	23	#include "config.h"
83dc6a38	24	#include <memory>
11e1e08b	25
77f6a2a0 RG	26	#ifndef HAVE_DNSCRYPT
77f6a2a0 RG	27
7129b5c4 RG	28	/* let's just define a few types and values so that the rest of
	29	the code can ignore whether DNSCrypt support is available */
	30	#define DNSCRYPT_MAX_RESPONSE_PADDING_AND_MAC_SIZE (0)
	31
	32	class DNSCryptContext
	33	{
	34	};
	35
77f6a2a0 RG	36	class DNSCryptQuery
77f6a2a0 RG	37	{
7129b5c4 RG	38	DNSCryptQuery(const std::shared_ptr<DNSCryptContext>& ctx): d_ctx(ctx)
	39	{
	40	}
	41	private:
	42	std::shared_ptr<DNSCryptContext> d_ctx{nullptr};
77f6a2a0 RG	43	};
77f6a2a0 RG	44
7129b5c4	45	#else /* HAVE_DNSCRYPT */
11e1e08b	46
11e1e08b RG	47	#include <string>
11e1e08b RG	48	#include <vector>
43234e76 RG	49	#include <arpa/inet.h>
43234e76 RG	50
11e1e08b RG	51	#include <sodium.h>
	52
	53	#include "dnsname.hh"
f0941861	54	#include "lock.hh"
32fbb2ab	55	#include "noinitvector.hh"
11e1e08b RG	56
	57	#define DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE (crypto_sign_ed25519_PUBLICKEYBYTES)
	58	#define DNSCRYPT_PROVIDER_PRIVATE_KEY_SIZE (crypto_sign_ed25519_SECRETKEYBYTES)
43234e76 RG	59	#define DNSCRYPT_SIGNATURE_SIZE (crypto_sign_ed25519_BYTES)
43234e76 RG	60
11e1e08b RG	61	#define DNSCRYPT_PUBLIC_KEY_SIZE (crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES)
	62	#define DNSCRYPT_PRIVATE_KEY_SIZE (crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES)
	63	#define DNSCRYPT_NONCE_SIZE (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES)
	64	#define DNSCRYPT_BEFORENM_SIZE (crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES)
11e1e08b	65	#define DNSCRYPT_MAC_SIZE (crypto_box_curve25519xsalsa20poly1305_MACBYTES)
43234e76 RG	66
	67	#ifdef HAVE_CRYPTO_BOX_CURVE25519XCHACHA20POLY1305_EASY
	68	static_assert(crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES == crypto_box_curve25519xchacha20poly1305_PUBLICKEYBYTES, "DNSCrypt public key size should be the same for all exchange versions");
	69	static_assert(crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES == crypto_box_curve25519xchacha20poly1305_SECRETKEYBYTES, "DNSCrypt private key size should be the same for all exchange versions");
	70	static_assert(crypto_box_curve25519xchacha20poly1305_NONCEBYTES == crypto_box_curve25519xsalsa20poly1305_NONCEBYTES, "DNSCrypt nonce size should be the same for all exchange versions");
	71	static_assert(crypto_box_curve25519xsalsa20poly1305_MACBYTES == crypto_box_curve25519xchacha20poly1305_MACBYTES, "DNSCrypt MAC size should be the same for all exchange versions");
	72	static_assert(crypto_box_curve25519xchacha20poly1305_BEFORENMBYTES == crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES, "DNSCrypt BEFORENM size should be the same for all exchange versions");
	73	#endif /* HAVE_CRYPTO_BOX_CURVE25519XCHACHA20POLY1305_EASY */
	74
11e1e08b RG	75	#define DNSCRYPT_CERT_MAGIC_SIZE (4)
11e1e08b RG	76	#define DNSCRYPT_CERT_MAGIC_VALUE { 0x44, 0x4e, 0x53, 0x43 }
11e1e08b RG	77	#define DNSCRYPT_CERT_PROTOCOL_MINOR_VERSION_VALUE { 0x00, 0x00 }
	78	#define DNSCRYPT_CLIENT_MAGIC_SIZE (8)
	79	#define DNSCRYPT_RESOLVER_MAGIC { 0x72, 0x36, 0x66, 0x6e, 0x76, 0x57, 0x6a, 0x38 }
	80	#define DNSCRYPT_RESOLVER_MAGIC_SIZE (8)
	81	#define DNSCRYPT_PADDED_BLOCK_SIZE (64)
	82	#define DNSCRYPT_MAX_TCP_PADDING_SIZE (256)
	83	#define DNSCRYPT_MAX_RESPONSE_PADDING_SIZE (256)
	84	#define DNSCRYPT_MAX_RESPONSE_PADDING_AND_MAC_SIZE (DNSCRYPT_MAX_RESPONSE_PADDING_SIZE + DNSCRYPT_MAC_SIZE)
	85
	86	/* "The client must check for new certificates every hour", so let's use one hour TTL */
	87	#define DNSCRYPT_CERTIFICATE_RESPONSE_TTL (3600)
	88
43234e76 RG	89	static_assert(DNSCRYPT_CLIENT_MAGIC_SIZE <= DNSCRYPT_PUBLIC_KEY_SIZE, "DNSCrypt Client Nonce size should be smaller or equal to public key size.");
	90
	91	#define DNSCRYPT_CERT_ES_VERSION1_VALUE { 0x00, 0x01 }
	92	#define DNSCRYPT_CERT_ES_VERSION2_VALUE { 0x00, 0x02 }
11e1e08b	93
43234e76	94	class DNSCryptContext;
11e1e08b	95
43234e76	96	struct DNSCryptCertSignedData
11e1e08b RG	97	{
	98	unsigned char resolverPK[DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE];
	99	unsigned char clientMagic[DNSCRYPT_CLIENT_MAGIC_SIZE];
	100	uint32_t serial;
	101	uint32_t tsStart;
	102	uint32_t tsEnd;
	103	};
	104
43234e76	105	class DNSCryptCert
11e1e08b	106	{
43234e76 RG	107	public:
	108	uint32_t getSerial() const
	109	{
b7bd0317	110	return ntohl(signedData.serial);
43234e76 RG	111	}
	112	uint32_t getTSStart() const
	113	{
	114	return signedData.tsStart;
	115	}
	116	uint32_t getTSEnd() const
	117	{
	118	return signedData.tsEnd;
	119	}
	120	bool isValid(time_t now) const
	121	{
56b827c5	122	// coverity[store_truncates_time_t]
638a7c34	123	return ntohl(getTSStart()) <= static_cast<uint32_t>(now) && static_cast<uint32_t>(now) <= ntohl(getTSEnd());
43234e76	124	}
a683e8bd	125	unsigned char magic[DNSCRYPT_CERT_MAGIC_SIZE];
11e1e08b RG	126	unsigned char esVersion[2];
	127	unsigned char protocolMinorVersion[2];
	128	unsigned char signature[DNSCRYPT_SIGNATURE_SIZE];
43234e76	129	struct DNSCryptCertSignedData signedData;
11e1e08b RG	130	};
11e1e08b RG	131
43234e76 RG	132	static_assert((sizeof(DNSCryptCertSignedData) + DNSCRYPT_SIGNATURE_SIZE) == 116, "Dnscrypt cert signed data size + signature size should be 116!");
43234e76 RG	133	static_assert(sizeof(DNSCryptCert) == 124, "Dnscrypt cert size should be 124!");
11e1e08b	134
43234e76	135	struct DNSCryptQueryHeader
11e1e08b RG	136	{
	137	unsigned char clientMagic[DNSCRYPT_CLIENT_MAGIC_SIZE];
	138	unsigned char clientPK[DNSCRYPT_PUBLIC_KEY_SIZE];
	139	unsigned char clientNonce[DNSCRYPT_NONCE_SIZE / 2];
	140	};
	141
43234e76	142	static_assert(sizeof(DNSCryptQueryHeader) == 52, "Dnscrypt query header size should be 52!");
11e1e08b	143
43234e76	144	struct DNSCryptResponseHeader
8089cbe5 RG	145	{
	146	const unsigned char resolverMagic[DNSCRYPT_RESOLVER_MAGIC_SIZE] = DNSCRYPT_RESOLVER_MAGIC;
	147	unsigned char nonce[DNSCRYPT_NONCE_SIZE];
	148	};
	149
43234e76 RG	150	typedef enum {
	151	VERSION1,
	152	VERSION2
	153	} DNSCryptExchangeVersion;
	154
	155	class DNSCryptPrivateKey
8089cbe5 RG	156	{
8089cbe5 RG	157	public:
43234e76 RG	158	DNSCryptPrivateKey();
43234e76 RG	159	~DNSCryptPrivateKey();
8089cbe5 RG	160	void loadFromFile(const std::string& keyFile);
	161	void saveToFile(const std::string& keyFile) const;
	162
	163	unsigned char key[DNSCRYPT_PRIVATE_KEY_SIZE];
	164	};
	165
43234e76 RG	166	struct DNSCryptCertificatePair
	167	{
	168	unsigned char publicKey[DNSCRYPT_PUBLIC_KEY_SIZE];
	169	DNSCryptCert cert;
	170	DNSCryptPrivateKey privateKey;
	171	bool active;
	172	};
	173
	174	class DNSCryptQuery
11e1e08b RG	175	{
11e1e08b RG	176	public:
f3b1a1ef	177	DNSCryptQuery(const std::shared_ptr<DNSCryptContext>& ctx): d_ctx(ctx)
43234e76	178	{
94700dd5 RG	179	memset(&d_header, 0, sizeof(d_header));
	180	#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
	181	memset(&d_sharedKey, 0, sizeof(d_sharedKey));
	182	#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
43234e76	183	}
94700dd5	184
43234e76 RG	185	~DNSCryptQuery();
	186
	187	bool isValid() const
	188	{
	189	return d_valid;
	190	}
	191
	192	const DNSName& getQName() const
8089cbe5	193	{
43234e76	194	return d_qname;
8089cbe5	195	}
43234e76 RG	196
	197	uint16_t getID() const
	198	{
	199	return d_id;
	200	}
	201
	202	const unsigned char* getClientMagic() const
	203	{
	204	return d_header.clientMagic;
	205	}
	206
	207	bool isEncrypted() const
	208	{
	209	return d_encrypted;
	210	}
	211
f3b1a1ef	212	void setCertificatePair(const std::shared_ptr<DNSCryptCertificatePair>& pair)
43234e76 RG	213	{
	214	d_pair = pair;
	215	}
	216
32fbb2ab RG	217	void parsePacket(PacketBuffer& packet, bool tcp, time_t now);
	218	void getDecrypted(bool tcp, PacketBuffer& packet);
	219	void getCertificateResponse(time_t now, PacketBuffer& response) const;
	220	int encryptResponse(PacketBuffer& response, size_t maxResponseSize, bool tcp);
43234e76 RG	221
	222	static const size_t s_minUDPLength = 256;
	223
	224	private:
	225	DNSCryptExchangeVersion getVersion() const;
00ffb1c2	226	#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
43234e76	227	int computeSharedKey();
00ffb1c2	228	#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
43234e76 RG	229	void fillServerNonce(unsigned char* dest) const;
43234e76 RG	230	uint16_t computePaddingSize(uint16_t unpaddedLen, size_t maxLen) const;
32fbb2ab RG	231	bool parsePlaintextQuery(const PacketBuffer& packet);
32fbb2ab RG	232	bool isEncryptedQuery(const PacketBuffer& packet, bool tcp, time_t now);
8089cbe5	233
43234e76	234	DNSCryptQueryHeader d_header;
00ffb1c2	235	#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
43234e76	236	unsigned char d_sharedKey[crypto_box_BEFORENMBYTES];
00ffb1c2	237	#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
43234e76 RG	238	DNSName d_qname;
	239	std::shared_ptr<DNSCryptContext> d_ctx{nullptr};
	240	std::shared_ptr<DNSCryptCertificatePair> d_pair{nullptr};
	241	uint16_t d_id{0};
	242	uint16_t d_len{0};
f3b1a1ef	243	uint16_t d_paddedLen{0};
43234e76 RG	244	bool d_encrypted{false};
	245	bool d_valid{false};
	246
00ffb1c2	247	#ifdef HAVE_CRYPTO_BOX_EASY_AFTERNM
43234e76	248	bool d_sharedKeyComputed{false};
00ffb1c2	249	#endif /* HAVE_CRYPTO_BOX_EASY_AFTERNM */
11e1e08b RG	250	};
11e1e08b RG	251
43234e76	252	class DNSCryptContext
11e1e08b RG	253	{
	254	public:
	255	static void generateProviderKeys(unsigned char publicKey[DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE], unsigned char privateKey[DNSCRYPT_PROVIDER_PRIVATE_KEY_SIZE]);
	256	static std::string getProviderFingerprint(unsigned char publicKey[DNSCRYPT_PROVIDER_PUBLIC_KEY_SIZE]);
43234e76 RG	257	static void generateCertificate(uint32_t serial, time_t begin, time_t end, const DNSCryptExchangeVersion& version, const unsigned char providerPrivateKey[DNSCRYPT_PROVIDER_PRIVATE_KEY_SIZE], DNSCryptPrivateKey& privateKey, DNSCryptCert& cert);
43234e76 RG	258	static void saveCertFromFile(const DNSCryptCert& cert, const std::string&filename);
11e1e08b	259	static std::string certificateDateToStr(uint32_t date);
43234e76 RG	260	static void generateResolverKeyPair(DNSCryptPrivateKey& privK, unsigned char pubK[DNSCRYPT_PUBLIC_KEY_SIZE]);
	261	static void setExchangeVersion(const DNSCryptExchangeVersion& version, unsigned char esVersion[sizeof(DNSCryptCert::esVersion)]);
	262	static DNSCryptExchangeVersion getExchangeVersion(const unsigned char esVersion[sizeof(DNSCryptCert::esVersion)]);
	263	static DNSCryptExchangeVersion getExchangeVersion(const DNSCryptCert& cert);
11e1e08b	264
37b6d73d RG	265	struct CertKeyPaths
	266	{
	267	std::string cert;
	268	std::string key;
	269	};
	270
	271	DNSCryptContext(const std::string& pName, const std::vector<CertKeyPaths>& certKeys);
43234e76	272	DNSCryptContext(const std::string& pName, const DNSCryptCert& certificate, const DNSCryptPrivateKey& pKey);
040793d4 OM	273	~DNSCryptContext();
040793d4 OM	274
37b6d73d	275	void reloadCertificates();
bcc62bfb RG	276	void loadNewCertificate(const std::string& certFile, const std::string& keyFile, bool active=true, bool reload=false);
bcc62bfb RG	277	void addNewCertificate(const DNSCryptCert& newCert, const DNSCryptPrivateKey& newKey, bool active=true, bool reload=false);
37b6d73d	278
43234e76 RG	279	void markActive(uint32_t serial);
	280	void markInactive(uint32_t serial);
	281	void removeInactiveCertificate(uint32_t serial);
5a9cff11	282	std::vector<std::shared_ptr<DNSCryptCertificatePair>> getCertificates();
43234e76	283	const DNSName& getProviderName() const { return providerName; }
11e1e08b	284
32fbb2ab	285	int encryptQuery(PacketBuffer& query, size_t maximumSize, const unsigned char clientPublicKey[DNSCRYPT_PUBLIC_KEY_SIZE], const DNSCryptPrivateKey& clientPrivateKey, const unsigned char clientNonce[DNSCRYPT_NONCE_SIZE / 2], bool tcp, const std::shared_ptr<DNSCryptCert>& cert) const;
43234e76	286	bool magicMatchesAPublicKey(DNSCryptQuery& query, time_t now);
32fbb2ab	287	void getCertificateResponse(time_t now, const DNSName& qname, uint16_t qid, PacketBuffer& response);
11e1e08b RG	288
11e1e08b RG	289	private:
43234e76 RG	290	static void computePublicKeyFromPrivate(const DNSCryptPrivateKey& privK, unsigned char pubK[DNSCRYPT_PUBLIC_KEY_SIZE]);
43234e76 RG	291	static void loadCertFromFile(const std::string&filename, DNSCryptCert& dest);
37b6d73d RG	292	static std::shared_ptr<DNSCryptCertificatePair> loadCertificatePair(const std::string& certFile, const std::string& keyFile);
	293
	294	void addNewCertificate(std::shared_ptr<DNSCryptCertificatePair>& newCert, bool reload=false);
11e1e08b	295
6c1813a0 RG	296	SharedLockGuarded<std::vector<std::shared_ptr<DNSCryptCertificatePair>>> d_certs;
6c1813a0 RG	297	SharedLockGuarded<std::vector<CertKeyPaths>> d_certKeyPaths;
43234e76	298	DNSName providerName;
11e1e08b RG	299	};
11e1e08b RG	300
43234e76	301	bool generateDNSCryptCertificate(const std::string& providerPrivateKeyFile, uint32_t serial, time_t begin, time_t end, DNSCryptExchangeVersion version, DNSCryptCert& certOut, DNSCryptPrivateKey& keyOut);
6bb38cd6	302
11e1e08b	303	#endif