diff options
| author | Christian Grothoff <christian@grothoff.org> | 2013-09-30 11:22:48 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2013-09-30 11:22:48 +0000 |
| commit | 05ef63d9f8cf65561b7ed2234efdc80e3fb40bd0 (patch) | |
| tree | 7c00b58220e87d7f2f050b46e0e2f59c3795e703 /src/util/crypto_hash.c | |
| parent | 814457c05d62c8f0c167c6bc2015201151355249 (diff) | |
| download | gnunet-05ef63d9f8cf65561b7ed2234efdc80e3fb40bd0.tar.gz gnunet-05ef63d9f8cf65561b7ed2234efdc80e3fb40bd0.zip | |
-encrypt using both AES and TWOFISH, with independent symmetric keys
Diffstat (limited to 'src/util/crypto_hash.c')
| -rw-r--r-- | src/util/crypto_hash.c | 64 |
1 files changed, 36 insertions, 28 deletions
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c index a5b97148b..47baf660f 100644 --- a/src/util/crypto_hash.c +++ b/src/util/crypto_hash.c | |||
| @@ -252,7 +252,7 @@ GNUNET_CRYPTO_hash_file_cancel (struct GNUNET_CRYPTO_FileHashContext *fhc) | |||
| 252 | * safely cast to char*, a '\\0' termination is set). | 252 | * safely cast to char*, a '\\0' termination is set). |
| 253 | */ | 253 | */ |
| 254 | void | 254 | void |
| 255 | GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode * block, | 255 | GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode *block, |
| 256 | struct GNUNET_CRYPTO_HashAsciiEncoded *result) | 256 | struct GNUNET_CRYPTO_HashAsciiEncoded *result) |
| 257 | { | 257 | { |
| 258 | char *np; | 258 | char *np; |
| @@ -270,13 +270,14 @@ GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode * block, | |||
| 270 | * Convert ASCII encoding back to hash code. | 270 | * Convert ASCII encoding back to hash code. |
| 271 | * | 271 | * |
| 272 | * @param enc the encoding | 272 | * @param enc the encoding |
| 273 | * @param enclen number of characters in 'enc' (without 0-terminator, which can be missing) | 273 | * @param enclen number of characters in @a enc (without 0-terminator, which can be missing) |
| 274 | * @param result where to store the hash code | 274 | * @param result where to store the hash code |
| 275 | * @return GNUNET_OK on success, GNUNET_SYSERR if result has the wrong encoding | 275 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
| 276 | */ | 276 | */ |
| 277 | int | 277 | int |
| 278 | GNUNET_CRYPTO_hash_from_string2 (const char *enc, size_t enclen, | 278 | GNUNET_CRYPTO_hash_from_string2 (const char *enc, |
| 279 | struct GNUNET_HashCode * result) | 279 | size_t enclen, |
| 280 | struct GNUNET_HashCode *result) | ||
| 280 | { | 281 | { |
| 281 | char upper_enc[enclen]; | 282 | char upper_enc[enclen]; |
| 282 | char* up_ptr = upper_enc; | 283 | char* up_ptr = upper_enc; |
| @@ -303,8 +304,8 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, size_t enclen, | |||
| 303 | * hashcode proximity. | 304 | * hashcode proximity. |
| 304 | */ | 305 | */ |
| 305 | unsigned int | 306 | unsigned int |
| 306 | GNUNET_CRYPTO_hash_distance_u32 (const struct GNUNET_HashCode * a, | 307 | GNUNET_CRYPTO_hash_distance_u32 (const struct GNUNET_HashCode *a, |
| 307 | const struct GNUNET_HashCode * b) | 308 | const struct GNUNET_HashCode *b) |
| 308 | { | 309 | { |
| 309 | unsigned int x1 = (a->bits[1] - b->bits[1]) >> 16; | 310 | unsigned int x1 = (a->bits[1] - b->bits[1]) >> 16; |
| 310 | unsigned int x2 = (b->bits[1] - a->bits[1]) >> 16; | 311 | unsigned int x2 = (b->bits[1] - a->bits[1]) >> 16; |
| @@ -338,9 +339,9 @@ GNUNET_CRYPTO_hash_create_random (enum GNUNET_CRYPTO_Quality mode, | |||
| 338 | * @param result set to b - a | 339 | * @param result set to b - a |
| 339 | */ | 340 | */ |
| 340 | void | 341 | void |
| 341 | GNUNET_CRYPTO_hash_difference (const struct GNUNET_HashCode * a, | 342 | GNUNET_CRYPTO_hash_difference (const struct GNUNET_HashCode *a, |
| 342 | const struct GNUNET_HashCode * b, | 343 | const struct GNUNET_HashCode *b, |
| 343 | struct GNUNET_HashCode * result) | 344 | struct GNUNET_HashCode *result) |
| 344 | { | 345 | { |
| 345 | int i; | 346 | int i; |
| 346 | 347 | ||
| @@ -393,16 +394,20 @@ GNUNET_CRYPTO_hash_xor (const struct GNUNET_HashCode * a, const struct GNUNET_Ha | |||
| 393 | * @param iv set to a valid initialization vector | 394 | * @param iv set to a valid initialization vector |
| 394 | */ | 395 | */ |
| 395 | void | 396 | void |
| 396 | GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc, | 397 | GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode *hc, |
| 397 | struct GNUNET_CRYPTO_AesSessionKey *skey, | 398 | struct GNUNET_CRYPTO_AesSessionKey *skey, |
| 398 | struct GNUNET_CRYPTO_AesInitializationVector *iv) | 399 | struct GNUNET_CRYPTO_AesInitializationVector *iv) |
| 399 | { | 400 | { |
| 400 | GNUNET_assert (sizeof (struct GNUNET_HashCode) >= | 401 | GNUNET_assert (GNUNET_YES == |
| 401 | GNUNET_CRYPTO_AES_KEY_LENGTH + | 402 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), |
| 402 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 403 | "Hash key derivation", strlen ("Hash key derivation"), |
| 403 | memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH); | 404 | hc, sizeof (struct GNUNET_HashCode), |
| 404 | memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH], | 405 | NULL, 0)); |
| 405 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 406 | GNUNET_assert (GNUNET_YES == |
| 407 | GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_AesInitializationVector), | ||
| 408 | "Initialization vector derivation", strlen ("Initialization vector derivation"), | ||
| 409 | hc, sizeof (struct GNUNET_HashCode), | ||
| 410 | NULL, 0)); | ||
| 406 | } | 411 | } |
| 407 | 412 | ||
| 408 | 413 | ||
| @@ -422,7 +427,7 @@ GNUNET_CRYPTO_hash_get_bit (const struct GNUNET_HashCode * code, unsigned int bi | |||
| 422 | 427 | ||
| 423 | /** | 428 | /** |
| 424 | * Determine how many low order bits match in two | 429 | * Determine how many low order bits match in two |
| 425 | * struct GNUNET_HashCodes. i.e. - 010011 and 011111 share | 430 | * `struct GNUNET_HashCode`s. i.e. - 010011 and 011111 share |
| 426 | * the first two lowest order bits, and therefore the | 431 | * the first two lowest order bits, and therefore the |
| 427 | * return value is two (NOT XOR distance, nor how many | 432 | * return value is two (NOT XOR distance, nor how many |
| 428 | * bits match absolutely!). | 433 | * bits match absolutely!). |
| @@ -455,7 +460,8 @@ GNUNET_CRYPTO_hash_matching_bits (const struct GNUNET_HashCode * first, | |||
| 455 | * @return 1 if h1 > h2, -1 if h1 < h2 and 0 if h1 == h2. | 460 | * @return 1 if h1 > h2, -1 if h1 < h2 and 0 if h1 == h2. |
| 456 | */ | 461 | */ |
| 457 | int | 462 | int |
| 458 | GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_HashCode * h2) | 463 | GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode *h1, |
| 464 | const struct GNUNET_HashCode *h2) | ||
| 459 | { | 465 | { |
| 460 | unsigned int *i1; | 466 | unsigned int *i1; |
| 461 | unsigned int *i2; | 467 | unsigned int *i2; |
| @@ -475,7 +481,7 @@ GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_H | |||
| 475 | 481 | ||
| 476 | 482 | ||
| 477 | /** | 483 | /** |
| 478 | * Find out which of the two GNUNET_CRYPTO_hash codes is closer to target | 484 | * Find out which of the two `struct GNUNET_HashCode`s is closer to target |
| 479 | * in the XOR metric (Kademlia). | 485 | * in the XOR metric (Kademlia). |
| 480 | * | 486 | * |
| 481 | * @param h1 some hash code | 487 | * @param h1 some hash code |
| @@ -484,9 +490,9 @@ GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_H | |||
| 484 | * @return -1 if h1 is closer, 1 if h2 is closer and 0 if h1==h2. | 490 | * @return -1 if h1 is closer, 1 if h2 is closer and 0 if h1==h2. |
| 485 | */ | 491 | */ |
| 486 | int | 492 | int |
| 487 | GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode * h1, | 493 | GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode *h1, |
| 488 | const struct GNUNET_HashCode * h2, | 494 | const struct GNUNET_HashCode *h2, |
| 489 | const struct GNUNET_HashCode * target) | 495 | const struct GNUNET_HashCode *target) |
| 490 | { | 496 | { |
| 491 | int i; | 497 | int i; |
| 492 | unsigned int d1; | 498 | unsigned int d1; |
| @@ -510,7 +516,7 @@ GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode * h1, | |||
| 510 | * @param key authentication key | 516 | * @param key authentication key |
| 511 | * @param rkey root key | 517 | * @param rkey root key |
| 512 | * @param salt salt | 518 | * @param salt salt |
| 513 | * @param salt_len size of the salt | 519 | * @param salt_len size of the @a salt |
| 514 | * @param ... pair of void * & size_t for context chunks, terminated by NULL | 520 | * @param ... pair of void * & size_t for context chunks, terminated by NULL |
| 515 | */ | 521 | */ |
| 516 | void | 522 | void |
| @@ -531,7 +537,7 @@ GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, | |||
| 531 | * @param key authentication key | 537 | * @param key authentication key |
| 532 | * @param rkey root key | 538 | * @param rkey root key |
| 533 | * @param salt salt | 539 | * @param salt salt |
| 534 | * @param salt_len size of the salt | 540 | * @param salt_len size of the @a salt |
| 535 | * @param argp pair of void * & size_t for context chunks, terminated by NULL | 541 | * @param argp pair of void * & size_t for context chunks, terminated by NULL |
| 536 | */ | 542 | */ |
| 537 | void | 543 | void |
| @@ -540,8 +546,10 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, | |||
| 540 | const void *salt, size_t salt_len, | 546 | const void *salt, size_t salt_len, |
| 541 | va_list argp) | 547 | va_list argp) |
| 542 | { | 548 | { |
| 543 | GNUNET_CRYPTO_kdf_v (key->key, sizeof (key->key), salt, salt_len, rkey->key, | 549 | GNUNET_CRYPTO_kdf_v (key->key, sizeof (key->key), |
| 544 | sizeof (rkey->key), argp); | 550 | salt, salt_len, |
| 551 | rkey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), | ||
| 552 | argp); | ||
| 545 | } | 553 | } |
| 546 | 554 | ||
| 547 | 555 | ||
| @@ -550,7 +558,7 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, | |||
| 550 | * | 558 | * |
| 551 | * @param key secret key | 559 | * @param key secret key |
| 552 | * @param plaintext input plaintext | 560 | * @param plaintext input plaintext |
| 553 | * @param plaintext_len length of plaintext | 561 | * @param plaintext_len length of @a plaintext |
| 554 | * @param hmac where to store the hmac | 562 | * @param hmac where to store the hmac |
| 555 | */ | 563 | */ |
| 556 | void | 564 | void |