diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-08-07 08:47:33 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-08-07 08:47:33 +0000 |
commit | 33dddd4cfb71c4c3bb874d542e72cf48f2e4ce65 (patch) | |
tree | 60457c1c4d46befc4abecea58a45a6eb0fd23b8b /src/fs/fs_publish_ublock.c | |
parent | 0f8b11c7c8fa59eded68dc57de5410b7a313a031 (diff) | |
download | gnunet-33dddd4cfb71c4c3bb874d542e72cf48f2e4ce65.tar.gz gnunet-33dddd4cfb71c4c3bb874d542e72cf48f2e4ce65.zip |
-implement block decryption again
Diffstat (limited to 'src/fs/fs_publish_ublock.c')
-rw-r--r-- | src/fs/fs_publish_ublock.c | 62 |
1 files changed, 39 insertions, 23 deletions
diff --git a/src/fs/fs_publish_ublock.c b/src/fs/fs_publish_ublock.c index 1e1d1e233..d4f65edc3 100644 --- a/src/fs/fs_publish_ublock.c +++ b/src/fs/fs_publish_ublock.c | |||
@@ -34,6 +34,34 @@ | |||
34 | 34 | ||
35 | 35 | ||
36 | /** | 36 | /** |
37 | * Derive the key for symmetric encryption/decryption from | ||
38 | * the public key and the label. | ||
39 | * | ||
40 | * @param skey where to store symmetric key | ||
41 | * @param iv where to store the IV | ||
42 | * @param label label to use for key derivation | ||
43 | * @param pub public key to use for key derivation | ||
44 | */ | ||
45 | static void | ||
46 | derive_ublock_encryption_key (struct GNUNET_CRYPTO_AesSessionKey *skey, | ||
47 | struct GNUNET_CRYPTO_AesInitializationVector *iv, | ||
48 | const char *label, | ||
49 | const struct GNUNET_CRYPTO_EccPublicKey *pub) | ||
50 | { | ||
51 | struct GNUNET_HashCode key; | ||
52 | |||
53 | /* derive key from 'label' and public key of the namespace */ | ||
54 | GNUNET_assert (GNUNET_YES == | ||
55 | GNUNET_CRYPTO_kdf (&key, sizeof (key), | ||
56 | "UBLOCK-ENC", strlen ("UBLOCK-ENC"), | ||
57 | label, strlen (label), | ||
58 | pub, sizeof (*pub), | ||
59 | NULL, 0)); | ||
60 | GNUNET_CRYPTO_hash_to_aes_key (&key, skey, iv); | ||
61 | } | ||
62 | |||
63 | |||
64 | /** | ||
37 | * Decrypt the given UBlock, storing the result in output. | 65 | * Decrypt the given UBlock, storing the result in output. |
38 | * | 66 | * |
39 | * @param input input data | 67 | * @param input input data |
@@ -49,7 +77,14 @@ GNUNET_FS_ublock_decrypt_ (const void *input, | |||
49 | const char *label, | 77 | const char *label, |
50 | void *output) | 78 | void *output) |
51 | { | 79 | { |
52 | GNUNET_break (0); | 80 | struct GNUNET_CRYPTO_AesInitializationVector iv; |
81 | struct GNUNET_CRYPTO_AesSessionKey skey; | ||
82 | |||
83 | derive_ublock_encryption_key (&skey, &iv, | ||
84 | label, ns); | ||
85 | GNUNET_CRYPTO_aes_decrypt (input, input_len, | ||
86 | &skey, &iv, | ||
87 | output); | ||
53 | } | 88 | } |
54 | 89 | ||
55 | 90 | ||
@@ -131,12 +166,9 @@ GNUNET_FS_publish_ublock_ (struct GNUNET_FS_Handle *h, | |||
131 | GNUNET_FS_UBlockContinuation cont, void *cont_cls) | 166 | GNUNET_FS_UBlockContinuation cont, void *cont_cls) |
132 | { | 167 | { |
133 | struct GNUNET_FS_PublishUblockContext *uc; | 168 | struct GNUNET_FS_PublishUblockContext *uc; |
134 | struct GNUNET_HashCode key; | ||
135 | struct GNUNET_HashCode seed; | ||
136 | struct GNUNET_HashCode signing_key; | ||
137 | struct GNUNET_HashCode query; | 169 | struct GNUNET_HashCode query; |
138 | struct GNUNET_CRYPTO_AesSessionKey skey; | ||
139 | struct GNUNET_CRYPTO_AesInitializationVector iv; | 170 | struct GNUNET_CRYPTO_AesInitializationVector iv; |
171 | struct GNUNET_CRYPTO_AesSessionKey skey; | ||
140 | struct GNUNET_CRYPTO_EccPrivateKey *nsd; | 172 | struct GNUNET_CRYPTO_EccPrivateKey *nsd; |
141 | struct GNUNET_CRYPTO_EccPublicKey pub; | 173 | struct GNUNET_CRYPTO_EccPublicKey pub; |
142 | char *uris; | 174 | char *uris; |
@@ -188,24 +220,14 @@ GNUNET_FS_publish_ublock_ (struct GNUNET_FS_Handle *h, | |||
188 | } | 220 | } |
189 | size = sizeof (struct UBlock) + slen + mdsize + ulen; | 221 | size = sizeof (struct UBlock) + slen + mdsize + ulen; |
190 | 222 | ||
191 | /* derive signing seed from plaintext */ | ||
192 | GNUNET_CRYPTO_hash (&ub_plain[1], | ||
193 | ulen + slen + mdsize, | ||
194 | &seed); | ||
195 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 223 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
196 | "Publishing under identifier `%s'\n", | 224 | "Publishing under identifier `%s'\n", |
197 | label); | 225 | label); |
198 | /* get public key of the namespace */ | 226 | /* get public key of the namespace */ |
199 | GNUNET_CRYPTO_ecc_key_get_public (ns, | 227 | GNUNET_CRYPTO_ecc_key_get_public (ns, |
200 | &pub); | 228 | &pub); |
201 | /* derive key from 'label' and public key of the namespace */ | 229 | derive_ublock_encryption_key (&skey, &iv, |
202 | GNUNET_assert (GNUNET_YES == | 230 | label, &pub); |
203 | GNUNET_CRYPTO_kdf (&key, sizeof (key), | ||
204 | "UBLOCK-ENC", strlen ("UBLOCK-ENC"), | ||
205 | label, strlen (label), | ||
206 | &pub, sizeof (pub), | ||
207 | NULL, 0)); | ||
208 | GNUNET_CRYPTO_hash_to_aes_key (&key, &skey, &iv); | ||
209 | 231 | ||
210 | /* encrypt ublock */ | 232 | /* encrypt ublock */ |
211 | ub_enc = GNUNET_malloc (size); | 233 | ub_enc = GNUNET_malloc (size); |
@@ -219,12 +241,6 @@ GNUNET_FS_publish_ublock_ (struct GNUNET_FS_Handle *h, | |||
219 | ub_enc->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_FS_UBLOCK); | 241 | ub_enc->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_FS_UBLOCK); |
220 | 242 | ||
221 | /* derive signing-key from 'label' and public key of the namespace */ | 243 | /* derive signing-key from 'label' and public key of the namespace */ |
222 | GNUNET_assert (GNUNET_YES == | ||
223 | GNUNET_CRYPTO_kdf (&signing_key, sizeof (signing_key), | ||
224 | "UBLOCK-SIGN", strlen ("UBLOCK-SIGN"), | ||
225 | label, strlen (label), | ||
226 | &pub, sizeof (pub), | ||
227 | NULL, 0)); | ||
228 | nsd = GNUNET_CRYPTO_ecc_key_derive (ns, label); | 244 | nsd = GNUNET_CRYPTO_ecc_key_derive (ns, label); |
229 | GNUNET_CRYPTO_ecc_key_get_public (nsd, | 245 | GNUNET_CRYPTO_ecc_key_get_public (nsd, |
230 | &ub_enc->verification_key); | 246 | &ub_enc->verification_key); |