diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-09-30 11:22:48 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-09-30 11:22:48 +0000 |
commit | 05ef63d9f8cf65561b7ed2234efdc80e3fb40bd0 (patch) | |
tree | 7c00b58220e87d7f2f050b46e0e2f59c3795e703 /src/util/crypto_hash.c | |
parent | 814457c05d62c8f0c167c6bc2015201151355249 (diff) | |
download | gnunet-05ef63d9f8cf65561b7ed2234efdc80e3fb40bd0.tar.gz gnunet-05ef63d9f8cf65561b7ed2234efdc80e3fb40bd0.zip |
-encrypt using both AES and TWOFISH, with independent symmetric keys
Diffstat (limited to 'src/util/crypto_hash.c')
-rw-r--r-- | src/util/crypto_hash.c | 64 |
1 files changed, 36 insertions, 28 deletions
diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c index a5b97148b..47baf660f 100644 --- a/src/util/crypto_hash.c +++ b/src/util/crypto_hash.c | |||
@@ -252,7 +252,7 @@ GNUNET_CRYPTO_hash_file_cancel (struct GNUNET_CRYPTO_FileHashContext *fhc) | |||
252 | * safely cast to char*, a '\\0' termination is set). | 252 | * safely cast to char*, a '\\0' termination is set). |
253 | */ | 253 | */ |
254 | void | 254 | void |
255 | GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode * block, | 255 | GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode *block, |
256 | struct GNUNET_CRYPTO_HashAsciiEncoded *result) | 256 | struct GNUNET_CRYPTO_HashAsciiEncoded *result) |
257 | { | 257 | { |
258 | char *np; | 258 | char *np; |
@@ -270,13 +270,14 @@ GNUNET_CRYPTO_hash_to_enc (const struct GNUNET_HashCode * block, | |||
270 | * Convert ASCII encoding back to hash code. | 270 | * Convert ASCII encoding back to hash code. |
271 | * | 271 | * |
272 | * @param enc the encoding | 272 | * @param enc the encoding |
273 | * @param enclen number of characters in 'enc' (without 0-terminator, which can be missing) | 273 | * @param enclen number of characters in @a enc (without 0-terminator, which can be missing) |
274 | * @param result where to store the hash code | 274 | * @param result where to store the hash code |
275 | * @return GNUNET_OK on success, GNUNET_SYSERR if result has the wrong encoding | 275 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
276 | */ | 276 | */ |
277 | int | 277 | int |
278 | GNUNET_CRYPTO_hash_from_string2 (const char *enc, size_t enclen, | 278 | GNUNET_CRYPTO_hash_from_string2 (const char *enc, |
279 | struct GNUNET_HashCode * result) | 279 | size_t enclen, |
280 | struct GNUNET_HashCode *result) | ||
280 | { | 281 | { |
281 | char upper_enc[enclen]; | 282 | char upper_enc[enclen]; |
282 | char* up_ptr = upper_enc; | 283 | char* up_ptr = upper_enc; |
@@ -303,8 +304,8 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, size_t enclen, | |||
303 | * hashcode proximity. | 304 | * hashcode proximity. |
304 | */ | 305 | */ |
305 | unsigned int | 306 | unsigned int |
306 | GNUNET_CRYPTO_hash_distance_u32 (const struct GNUNET_HashCode * a, | 307 | GNUNET_CRYPTO_hash_distance_u32 (const struct GNUNET_HashCode *a, |
307 | const struct GNUNET_HashCode * b) | 308 | const struct GNUNET_HashCode *b) |
308 | { | 309 | { |
309 | unsigned int x1 = (a->bits[1] - b->bits[1]) >> 16; | 310 | unsigned int x1 = (a->bits[1] - b->bits[1]) >> 16; |
310 | unsigned int x2 = (b->bits[1] - a->bits[1]) >> 16; | 311 | unsigned int x2 = (b->bits[1] - a->bits[1]) >> 16; |
@@ -338,9 +339,9 @@ GNUNET_CRYPTO_hash_create_random (enum GNUNET_CRYPTO_Quality mode, | |||
338 | * @param result set to b - a | 339 | * @param result set to b - a |
339 | */ | 340 | */ |
340 | void | 341 | void |
341 | GNUNET_CRYPTO_hash_difference (const struct GNUNET_HashCode * a, | 342 | GNUNET_CRYPTO_hash_difference (const struct GNUNET_HashCode *a, |
342 | const struct GNUNET_HashCode * b, | 343 | const struct GNUNET_HashCode *b, |
343 | struct GNUNET_HashCode * result) | 344 | struct GNUNET_HashCode *result) |
344 | { | 345 | { |
345 | int i; | 346 | int i; |
346 | 347 | ||
@@ -393,16 +394,20 @@ GNUNET_CRYPTO_hash_xor (const struct GNUNET_HashCode * a, const struct GNUNET_Ha | |||
393 | * @param iv set to a valid initialization vector | 394 | * @param iv set to a valid initialization vector |
394 | */ | 395 | */ |
395 | void | 396 | void |
396 | GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc, | 397 | GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode *hc, |
397 | struct GNUNET_CRYPTO_AesSessionKey *skey, | 398 | struct GNUNET_CRYPTO_AesSessionKey *skey, |
398 | struct GNUNET_CRYPTO_AesInitializationVector *iv) | 399 | struct GNUNET_CRYPTO_AesInitializationVector *iv) |
399 | { | 400 | { |
400 | GNUNET_assert (sizeof (struct GNUNET_HashCode) >= | 401 | GNUNET_assert (GNUNET_YES == |
401 | GNUNET_CRYPTO_AES_KEY_LENGTH + | 402 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), |
402 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 403 | "Hash key derivation", strlen ("Hash key derivation"), |
403 | memcpy (skey, hc, GNUNET_CRYPTO_AES_KEY_LENGTH); | 404 | hc, sizeof (struct GNUNET_HashCode), |
404 | memcpy (iv, &((char *) hc)[GNUNET_CRYPTO_AES_KEY_LENGTH], | 405 | NULL, 0)); |
405 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 406 | GNUNET_assert (GNUNET_YES == |
407 | GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_AesInitializationVector), | ||
408 | "Initialization vector derivation", strlen ("Initialization vector derivation"), | ||
409 | hc, sizeof (struct GNUNET_HashCode), | ||
410 | NULL, 0)); | ||
406 | } | 411 | } |
407 | 412 | ||
408 | 413 | ||
@@ -422,7 +427,7 @@ GNUNET_CRYPTO_hash_get_bit (const struct GNUNET_HashCode * code, unsigned int bi | |||
422 | 427 | ||
423 | /** | 428 | /** |
424 | * Determine how many low order bits match in two | 429 | * Determine how many low order bits match in two |
425 | * struct GNUNET_HashCodes. i.e. - 010011 and 011111 share | 430 | * `struct GNUNET_HashCode`s. i.e. - 010011 and 011111 share |
426 | * the first two lowest order bits, and therefore the | 431 | * the first two lowest order bits, and therefore the |
427 | * return value is two (NOT XOR distance, nor how many | 432 | * return value is two (NOT XOR distance, nor how many |
428 | * bits match absolutely!). | 433 | * bits match absolutely!). |
@@ -455,7 +460,8 @@ GNUNET_CRYPTO_hash_matching_bits (const struct GNUNET_HashCode * first, | |||
455 | * @return 1 if h1 > h2, -1 if h1 < h2 and 0 if h1 == h2. | 460 | * @return 1 if h1 > h2, -1 if h1 < h2 and 0 if h1 == h2. |
456 | */ | 461 | */ |
457 | int | 462 | int |
458 | GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_HashCode * h2) | 463 | GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode *h1, |
464 | const struct GNUNET_HashCode *h2) | ||
459 | { | 465 | { |
460 | unsigned int *i1; | 466 | unsigned int *i1; |
461 | unsigned int *i2; | 467 | unsigned int *i2; |
@@ -475,7 +481,7 @@ GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_H | |||
475 | 481 | ||
476 | 482 | ||
477 | /** | 483 | /** |
478 | * Find out which of the two GNUNET_CRYPTO_hash codes is closer to target | 484 | * Find out which of the two `struct GNUNET_HashCode`s is closer to target |
479 | * in the XOR metric (Kademlia). | 485 | * in the XOR metric (Kademlia). |
480 | * | 486 | * |
481 | * @param h1 some hash code | 487 | * @param h1 some hash code |
@@ -484,9 +490,9 @@ GNUNET_CRYPTO_hash_cmp (const struct GNUNET_HashCode * h1, const struct GNUNET_H | |||
484 | * @return -1 if h1 is closer, 1 if h2 is closer and 0 if h1==h2. | 490 | * @return -1 if h1 is closer, 1 if h2 is closer and 0 if h1==h2. |
485 | */ | 491 | */ |
486 | int | 492 | int |
487 | GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode * h1, | 493 | GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode *h1, |
488 | const struct GNUNET_HashCode * h2, | 494 | const struct GNUNET_HashCode *h2, |
489 | const struct GNUNET_HashCode * target) | 495 | const struct GNUNET_HashCode *target) |
490 | { | 496 | { |
491 | int i; | 497 | int i; |
492 | unsigned int d1; | 498 | unsigned int d1; |
@@ -510,7 +516,7 @@ GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode * h1, | |||
510 | * @param key authentication key | 516 | * @param key authentication key |
511 | * @param rkey root key | 517 | * @param rkey root key |
512 | * @param salt salt | 518 | * @param salt salt |
513 | * @param salt_len size of the salt | 519 | * @param salt_len size of the @a salt |
514 | * @param ... pair of void * & size_t for context chunks, terminated by NULL | 520 | * @param ... pair of void * & size_t for context chunks, terminated by NULL |
515 | */ | 521 | */ |
516 | void | 522 | void |
@@ -531,7 +537,7 @@ GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, | |||
531 | * @param key authentication key | 537 | * @param key authentication key |
532 | * @param rkey root key | 538 | * @param rkey root key |
533 | * @param salt salt | 539 | * @param salt salt |
534 | * @param salt_len size of the salt | 540 | * @param salt_len size of the @a salt |
535 | * @param argp pair of void * & size_t for context chunks, terminated by NULL | 541 | * @param argp pair of void * & size_t for context chunks, terminated by NULL |
536 | */ | 542 | */ |
537 | void | 543 | void |
@@ -540,8 +546,10 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, | |||
540 | const void *salt, size_t salt_len, | 546 | const void *salt, size_t salt_len, |
541 | va_list argp) | 547 | va_list argp) |
542 | { | 548 | { |
543 | GNUNET_CRYPTO_kdf_v (key->key, sizeof (key->key), salt, salt_len, rkey->key, | 549 | GNUNET_CRYPTO_kdf_v (key->key, sizeof (key->key), |
544 | sizeof (rkey->key), argp); | 550 | salt, salt_len, |
551 | rkey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), | ||
552 | argp); | ||
545 | } | 553 | } |
546 | 554 | ||
547 | 555 | ||
@@ -550,7 +558,7 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, | |||
550 | * | 558 | * |
551 | * @param key secret key | 559 | * @param key secret key |
552 | * @param plaintext input plaintext | 560 | * @param plaintext input plaintext |
553 | * @param plaintext_len length of plaintext | 561 | * @param plaintext_len length of @a plaintext |
554 | * @param hmac where to store the hmac | 562 | * @param hmac where to store the hmac |
555 | */ | 563 | */ |
556 | void | 564 | void |