skdp.h

Go to the documentation of this file.

/* 2025 Quantum Resistant Cryptographic Solutions Corporation
 * All Rights Reserved.
 *
 * NOTICE: This software and all accompanying materials are the exclusive 
 * property of Quantum Resistant Cryptographic Solutions Corporation (QRCS).
 * The intellectual and technical concepts contained within this implementation 
 * are proprietary to QRCS and its authorized licensors and are protected under 
 * applicable U.S. and international copyright, patent, and trade secret laws.
 *
 * CRYPTOGRAPHIC STANDARDS:
 * - This software includes implementations of cryptographic algorithms such as 
 *   SHA3, AES, and others. These algorithms are public domain or standardized 
 *   by organizations such as NIST and are NOT the property of QRCS.
 * - However, all source code, optimizations, and implementations in this library 
 *   are original works of QRCS and are protected under this license.
 *
 * RESTRICTIONS:
 * - Redistribution, modification, or unauthorized distribution of this software, 
 *   in whole or in part, is strictly prohibited.
 * - This software is provided for non-commercial, educational, and research 
 *   purposes only. Commercial use in any form is expressly forbidden.
 * - Licensing and authorized distribution are solely at the discretion of QRCS.
 * - Any use of this software implies acceptance of these restrictions.
 *
 * DISCLAIMER:
 * This software is provided "as is," without warranty of any kind, express or 
 * implied, including but not limited to warranties of merchantability or fitness 
 * for a particular purpose. QRCS disclaims all liability for any direct, indirect, 
 * incidental, or consequential damages resulting from the use or misuse of this software.
 *
 * FULL LICENSE:
 * This software is subject to the **Quantum Resistant Cryptographic Solutions 
 * Proprietary License (QRCS-PL)**. The complete license terms are included 
 * in the LICENSE.txt file distributed with this software.
 *
 * Written by: John G. Underhill
 * Contact: john.underhill@protonmail.com
 */
 
#ifndef SKPD_H
#define SKPD_H
 
#include "common.h"
#include "../../QSC/QSC/sha3.h"


#define SKDP_CONFIG_SIZE 26

#define SKDP_ERROR_SIZE 1

#define SKDP_EXP_SIZE 8

#define SKDP_HEADER_SIZE 21

#define SKDP_KEEPALIVE_MESSAGE 8

#define SKDP_KEEPALIVE_STRING 20

#define SKDP_KEEPALIVE_TIMEOUT (300 * 1000)

#define SKDP_MESSAGE_SIZE 1024

#define SKDP_MESSAGE_MAX (SKDP_MESSAGE_SIZE + SKDP_HEADER_SIZE)

#define SKDP_SERVER_PORT 2201

#define SKDP_MID_SIZE 4

#define SKDP_SID_SIZE 8

#define SKDP_DID_SIZE 12

#define SKDP_TID_SIZE 4

#define SKDP_KID_SIZE 16

#define SKDP_SEQUENCE_TERMINATOR 0xFFFFFFFF

#if !defined(SKDP_PROTOCOL_SEC512)
#   if !defined(SKDP_PROTOCOL_SEC256)
#       define SKDP_PROTOCOL_SEC256
#   endif
#endif
 
#if defined(SKDP_PROTOCOL_SEC512)
 
/* 512-bit security configuration definitions */

#   define SKDP_CPRKEY_SIZE 64

#   define SKDP_DDK_SIZE 64

#   define SKDP_DTK_SIZE 64

#   define SKDP_HASH_SIZE 64

#   define SKDP_PERMUTATION_RATE QSC_KECCAK_512_RATE

#   define SKDP_MACKEY_SIZE 64

#   define SKDP_MACTAG_SIZE 64

#   define SKDP_MDK_SIZE 64

#   define SKDP_SDK_SIZE 64

#   define SKDP_STH_SIZE 64

#   define SKDP_STK_SIZE 64

#   define SKDP_STOK_SIZE 64

#define SKDP_EXCHANGE_MAX_MESSAGE_SIZE (SKDP_DTK_SIZE + SKDP_MACKEY_SIZE + SKDP_HEADER_SIZE)

static const char SKDP_CONFIG_STRING[SKDP_CONFIG_SIZE] = "r01-skdp-rcs512-keccak512";
 
#else
 
/* 256-bit security configuration definitions */

#   define SKDP_CPRKEY_SIZE 32

#   define SKDP_DDK_SIZE 32

#   define SKDP_DTK_SIZE 32

#   define SKDP_HASH_SIZE 32

#   define SKDP_MACKEY_SIZE 32

#   define SKDP_MACTAG_SIZE 32

#   define SKDP_MDK_SIZE 32

#   define SKDP_PERMUTATION_RATE QSC_KECCAK_256_RATE

#   define SKDP_SDK_SIZE 32

#   define SKDP_STK_SIZE 32

#   define SKDP_STH_SIZE 32

#   define SKDP_STOK_SIZE 32

#define SKDP_EXCHANGE_MAX_MESSAGE_SIZE (SKDP_KID_SIZE + SKDP_CONFIG_SIZE + SKDP_STOK_SIZE + SKDP_HEADER_SIZE)

static const char SKDP_CONFIG_STRING[SKDP_CONFIG_SIZE] = "r01-skdp-rcs256-keccak256";
 
#endif

#define SKDP_KEY_DURATION_DAYS 365

#define SKDP_PACKET_TIME_THRESHOLD 60

#define SKDP_KEY_DURATION_SECONDS (SKDP_KEY_DURATION_DAYS * 24 * 60 * 60)

#define SKDP_DEVKEY_ENCODED_SIZE (SKDP_KID_SIZE + SKDP_DDK_SIZE + SKDP_EXP_SIZE)

#define SKDP_MSTKEY_ENCODED_SIZE (SKDP_KID_SIZE + SKDP_MDK_SIZE + SKDP_EXP_SIZE)

#define SKDP_SRVKEY_ENCODED_SIZE (SKDP_KID_SIZE + SKDP_SDK_SIZE + SKDP_EXP_SIZE)

#define SKDP_CONNECT_REQUEST_MESSAGE_SIZE (SKDP_KID_SIZE + SKDP_CONFIG_SIZE + SKDP_STOK_SIZE)

#define SKDP_CONNECT_REQUEST_PACKET_SIZE (SKDP_CONNECT_REQUEST_MESSAGE_SIZE + SKDP_HEADER_SIZE)

#define SKDP_EXCHANGE_REQUEST_MESSAGE_SIZE (SKDP_DTK_SIZE + SKDP_MACKEY_SIZE)

#define SKDP_EXCHANGE_REQUEST_PACKET_SIZE (SKDP_EXCHANGE_REQUEST_MESSAGE_SIZE + SKDP_HEADER_SIZE)

#define SKDP_ESTABLISH_REQUEST_MESSAGE_SIZE (SKDP_STH_SIZE + SKDP_MACTAG_SIZE)

#define SKDP_ESTABLISH_REQUEST_PACKET_SIZE (SKDP_ESTABLISH_REQUEST_MESSAGE_SIZE + SKDP_HEADER_SIZE)

#define SKDP_CONNECT_RESPONSE_MESSAGE_SIZE (SKDP_KID_SIZE + SKDP_CONFIG_SIZE + SKDP_STOK_SIZE)

#define SKDP_CONNECT_RESPONSE_PACKET_SIZE (SKDP_CONNECT_RESPONSE_MESSAGE_SIZE + SKDP_HEADER_SIZE)

#define SKDP_EXCHANGE_RESPONSE_MESSAGE_SIZE (SKDP_DTK_SIZE + SKDP_MACKEY_SIZE)

#define SKDP_EXCHANGE_RESPONSE_PACKET_SIZE (SKDP_EXCHANGE_RESPONSE_MESSAGE_SIZE + SKDP_HEADER_SIZE)

#define SKDP_ESTABLISH_RESPONSE_MESSAGE_SIZE (SKDP_HASH_SIZE + SKDP_MACTAG_SIZE)

#define SKDP_ESTABLISH_RESPONSE_PACKET_SIZE (SKDP_ESTABLISH_RESPONSE_MESSAGE_SIZE + SKDP_HEADER_SIZE)

#define SKDP_ESTABLISH_VERIFY_MESSAGE_SIZE (SKDP_HASH_SIZE + SKDP_MACTAG_SIZE)

#define SKDP_ESTABLISH_VERIFY_PACKET_SIZE (SKDP_ESTABLISH_VERIFY_MESSAGE_SIZE + SKDP_HEADER_SIZE)
 
/* error code strings */

#define SKDP_ERROR_STRING_DEPTH 17
#define SKDP_ERROR_STRING_WIDTH 128
 
static const char SKDP_ERROR_STRINGS[SKDP_ERROR_STRING_DEPTH][SKDP_ERROR_STRING_WIDTH] =
{
    "No error was detected.",
    "The cipher authentication has failed.",
    "The kex authentication has failed.",
    "The keep alive check failed.",
    "The communications channel has failed.",
    "The device could not make a connnection to the remote host.",
    "The transmission failed at the kex establish phase.",
    "The input is invalid.",
    "The keep alive has expired with no response.",
    "The key-id is not recognized.",
    "The random generator experienced a failure.",
    "The receiver failed at the network layer.",
    "The transmitter failed at the network layer.",
    "The protocol version is unknown.",
    "The packet was received out of sequence.",
    "The packet valid-time was exceeded",
    "The connection experienced an error",
};

SKDP_EXPORT_API typedef struct skdp_master_key
{
    uint8_t kid[SKDP_KID_SIZE];             
    uint8_t mdk[SKDP_MDK_SIZE];             
    uint64_t expiration;                  
} skdp_master_key;

SKDP_EXPORT_API typedef struct skdp_server_key
{
    uint8_t kid[SKDP_KID_SIZE];             
    uint8_t sdk[SKDP_SDK_SIZE];             
    uint64_t expiration;                  
} skdp_server_key;

SKDP_EXPORT_API typedef struct skdp_device_key
{
    uint8_t kid[SKDP_KID_SIZE];             
    uint8_t ddk[SKDP_DDK_SIZE];             
    uint64_t expiration;                  
} skdp_device_key;

SKDP_EXPORT_API typedef struct qsmp_keep_alive_state
{
    uint64_t etime;                            
    uint64_t seqctr;                      
    bool recd;                              
} skdp_keep_alive_state;

SKDP_EXPORT_API typedef struct skdp_network_packet
{
    uint8_t flag;                           
    uint32_t msglen;                      
    uint64_t sequence;                      
    uint64_t utctime;                        
    uint8_t* pmessage;                      
} skdp_network_packet;

SKDP_EXPORT_API typedef enum skdp_errors
{
    skdp_error_none = 0x00,                  
    skdp_error_cipher_auth_failure = 0x01,    
    skdp_error_kex_auth_failure = 0x02,      
    skdp_error_bad_keep_alive = 0x03,      
    skdp_error_channel_down = 0x04,          
    skdp_error_connection_failure = 0x05,  
    skdp_error_establish_failure = 0x06,    
    skdp_error_invalid_input = 0x07,        
    skdp_error_keep_alive_expired = 0x08,  
    skdp_error_key_not_recognized = 0x09,  
    skdp_error_random_failure = 0x0A,      
    skdp_error_receive_failure = 0x0B,        
    skdp_error_transmit_failure = 0x0C,      
    skdp_error_unknown_protocol = 0x0D,      
    skdp_error_unsequenced = 0x0E,            
    skdp_error_packet_expired = 0x0F,      
    skdp_error_general_failure = 0xFF,        
} skdp_errors;

SKDP_EXPORT_API typedef enum skdp_flags
{
    skdp_flag_none = 0x00,                    
    skdp_flag_connect_request = 0x01,      
    skdp_flag_connect_response = 0x02,        
    skdp_flag_connection_terminate = 0x03,    
    skdp_flag_encrypted_message = 0x04,      
    skdp_flag_exchange_request = 0x05,        
    skdp_flag_exchange_response = 0x06,      
    skdp_flag_establish_request = 0x07,      
    skdp_flag_establish_response = 0x08,    
    skdp_flag_establish_verify = 0x09,        
    skdp_flag_keepalive_request = 0x0A,      
    skdp_flag_session_established = 0x0B,  
    skdp_flag_error_condition = 0xFF,      
} skdp_flags;

SKDP_EXPORT_API void skdp_deserialize_device_key(skdp_device_key* dkey, const uint8_t input[SKDP_DEVKEY_ENCODED_SIZE]);

SKDP_EXPORT_API void skdp_serialize_device_key(uint8_t output[SKDP_DEVKEY_ENCODED_SIZE], const skdp_device_key* dkey);

SKDP_EXPORT_API void skdp_deserialize_master_key(skdp_master_key* mkey, const uint8_t input[SKDP_MSTKEY_ENCODED_SIZE]);

SKDP_EXPORT_API void skdp_serialize_master_key(uint8_t output[SKDP_MSTKEY_ENCODED_SIZE], const skdp_master_key* mkey);

SKDP_EXPORT_API void skdp_deserialize_server_key(skdp_server_key* skey, const uint8_t input[SKDP_SRVKEY_ENCODED_SIZE]);

SKDP_EXPORT_API void skdp_serialize_server_key(uint8_t output[SKDP_SRVKEY_ENCODED_SIZE], const skdp_server_key* skey);

SKDP_EXPORT_API bool skdp_generate_master_key(skdp_master_key* mkey, const uint8_t kid[SKDP_KID_SIZE]);

SKDP_EXPORT_API void skdp_generate_server_key(skdp_server_key* skey, const skdp_master_key* mkey, const uint8_t kid[SKDP_KID_SIZE]);

SKDP_EXPORT_API void skdp_generate_device_key(skdp_device_key* dkey, const skdp_server_key* skey, const uint8_t kid[SKDP_KID_SIZE]);

SKDP_EXPORT_API void skdp_packet_clear(skdp_network_packet* packet);

SKDP_EXPORT_API const char* skdp_error_to_string(skdp_errors error);

SKDP_EXPORT_API void skdp_packet_header_deserialize(const uint8_t* header, skdp_network_packet* packet);

SKDP_EXPORT_API void skdp_packet_header_serialize(const skdp_network_packet* packet, uint8_t* header);

SKDP_EXPORT_API void skdp_packet_set_utc_time(skdp_network_packet* packet);

SKDP_EXPORT_API bool skdp_packet_time_valid(const skdp_network_packet* packet);

SKDP_EXPORT_API size_t skdp_packet_to_stream(const skdp_network_packet* packet, uint8_t* pstream);

SKDP_EXPORT_API void skdp_stream_to_packet(const uint8_t* pstream, skdp_network_packet* packet);
 
#endif