diff options
Diffstat (limited to 'src/abe/abe.c')
-rw-r--r-- | src/abe/abe.c | 519 |
1 files changed, 0 insertions, 519 deletions
diff --git a/src/abe/abe.c b/src/abe/abe.c deleted file mode 100644 index a03944821..000000000 --- a/src/abe/abe.c +++ /dev/null | |||
@@ -1,519 +0,0 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. Copyright (C) 2001-2018 Christian Grothoff | ||
3 | (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | |||
18 | SPDX-License-Identifier: AGPL3.0-or-later | ||
19 | |||
20 | */ | ||
21 | |||
22 | /** | ||
23 | * @file abe/abe.c | ||
24 | * @brief functions for Attribute-Based Encryption | ||
25 | * @author Martin Schanzenbach | ||
26 | */ | ||
27 | |||
28 | |||
29 | #include "platform.h" | ||
30 | #include <pbc/pbc.h> | ||
31 | #include <gabe.h> | ||
32 | |||
33 | #include "gnunet_crypto_lib.h" | ||
34 | #include "gnunet_abe_lib.h" | ||
35 | |||
36 | struct GNUNET_ABE_AbeMasterKey | ||
37 | { | ||
38 | gabe_pub_t*pub; | ||
39 | gabe_msk_t*msk; | ||
40 | }; | ||
41 | |||
42 | struct GNUNET_ABE_AbeKey | ||
43 | { | ||
44 | gabe_pub_t*pub; | ||
45 | gabe_prv_t*prv; | ||
46 | }; | ||
47 | |||
48 | static int | ||
49 | init_aes (element_t k, int enc, | ||
50 | gcry_cipher_hd_t*handle, | ||
51 | struct GNUNET_CRYPTO_SymmetricSessionKey *key, | ||
52 | unsigned char*iv) | ||
53 | { | ||
54 | int rc; | ||
55 | int key_len; | ||
56 | unsigned char*key_buf; | ||
57 | |||
58 | key_len = element_length_in_bytes (k) < 33 ? 3 : element_length_in_bytes (k); | ||
59 | key_buf = (unsigned char *) malloc (key_len); | ||
60 | element_to_bytes (key_buf, k); | ||
61 | |||
62 | GNUNET_memcpy (key->aes_key, key_buf, GNUNET_CRYPTO_AES_KEY_LENGTH); | ||
63 | GNUNET_assert (0 == | ||
64 | gcry_cipher_open (handle, GCRY_CIPHER_AES256, | ||
65 | GCRY_CIPHER_MODE_CFB, 0)); | ||
66 | rc = gcry_cipher_setkey (*handle, | ||
67 | key->aes_key, | ||
68 | sizeof(key->aes_key)); | ||
69 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | ||
70 | memset (iv, 0, 16); // TODO make reasonable | ||
71 | rc = gcry_cipher_setiv (*handle, | ||
72 | iv, | ||
73 | 16); | ||
74 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | ||
75 | |||
76 | free (key_buf); | ||
77 | return rc; | ||
78 | } | ||
79 | |||
80 | |||
81 | static int | ||
82 | aes_128_cbc_encrypt (char*pt, | ||
83 | int size, | ||
84 | element_t k, | ||
85 | char **ct) | ||
86 | { | ||
87 | gcry_cipher_hd_t handle; | ||
88 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; | ||
89 | unsigned char iv[16]; | ||
90 | char*buf; | ||
91 | int padding; | ||
92 | int buf_size; | ||
93 | uint8_t len[4]; | ||
94 | |||
95 | init_aes (k, 1, &handle, &skey, iv); | ||
96 | |||
97 | /* TODO make less crufty */ | ||
98 | |||
99 | /* stuff in real length (big endian) before padding */ | ||
100 | len[0] = (size & 0xff000000) >> 24; | ||
101 | len[1] = (size & 0xff0000) >> 16; | ||
102 | len[2] = (size & 0xff00) >> 8; | ||
103 | len[3] = (size & 0xff) >> 0; | ||
104 | padding = 16 - ((4 + size) % 16); | ||
105 | buf_size = 4 + size + padding; | ||
106 | buf = GNUNET_malloc (buf_size); | ||
107 | GNUNET_memcpy (buf, len, 4); | ||
108 | GNUNET_memcpy (buf + 4, pt, size); | ||
109 | *ct = GNUNET_malloc (buf_size); | ||
110 | |||
111 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, *ct, buf_size, buf, | ||
112 | buf_size)); | ||
113 | gcry_cipher_close (handle); | ||
114 | // AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT); | ||
115 | GNUNET_free (buf); | ||
116 | return buf_size; | ||
117 | } | ||
118 | |||
119 | |||
120 | static int | ||
121 | aes_128_cbc_decrypt (char*ct, | ||
122 | int size, | ||
123 | element_t k, | ||
124 | char **pt) | ||
125 | { | ||
126 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; | ||
127 | gcry_cipher_hd_t handle; | ||
128 | unsigned char iv[16]; | ||
129 | char*tmp; | ||
130 | uint32_t len; | ||
131 | |||
132 | init_aes (k, 1, &handle, &skey, iv); | ||
133 | |||
134 | tmp = GNUNET_malloc (size); | ||
135 | |||
136 | // AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT); | ||
137 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, ct, size)); | ||
138 | gcry_cipher_close (handle); | ||
139 | /* TODO make less crufty */ | ||
140 | |||
141 | /* get real length */ | ||
142 | len = 0; | ||
143 | len = len | ||
144 | | ((tmp[0]) << 24) | ((tmp[1]) << 16) | ||
145 | | ((tmp[2]) << 8) | ((tmp[3]) << 0); | ||
146 | /* truncate any garbage from the padding */ | ||
147 | *pt = GNUNET_malloc (len); | ||
148 | GNUNET_memcpy (*pt, tmp + 4, len); | ||
149 | GNUNET_free (tmp); | ||
150 | return len; | ||
151 | } | ||
152 | |||
153 | |||
154 | /** | ||
155 | * @ingroup abe | ||
156 | * Create a new CP-ABE master key. Caller must free return value. | ||
157 | * | ||
158 | * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_master_key | ||
159 | */ | ||
160 | struct GNUNET_ABE_AbeMasterKey* | ||
161 | GNUNET_ABE_cpabe_create_master_key (void) | ||
162 | { | ||
163 | struct GNUNET_ABE_AbeMasterKey*key; | ||
164 | |||
165 | key = GNUNET_new (struct GNUNET_ABE_AbeMasterKey); | ||
166 | gabe_setup (&key->pub, &key->msk); | ||
167 | GNUNET_assert (NULL != key->pub); | ||
168 | GNUNET_assert (NULL != key->msk); | ||
169 | return key; | ||
170 | } | ||
171 | |||
172 | |||
173 | /** | ||
174 | * @ingroup abe | ||
175 | * Delete a CP-ABE master key. | ||
176 | * | ||
177 | * @param key the master key | ||
178 | * @return fresh private key; free using #GNUNET_free | ||
179 | */ | ||
180 | void | ||
181 | GNUNET_ABE_cpabe_delete_master_key (struct GNUNET_ABE_AbeMasterKey *key) | ||
182 | { | ||
183 | gabe_msk_free (key->msk); | ||
184 | gabe_pub_free (key->pub); | ||
185 | // GNUNET_free (key->msk); | ||
186 | // gabe_msk_free (key->msk); //For some reason free of pub implicit? | ||
187 | GNUNET_free (key); | ||
188 | } | ||
189 | |||
190 | |||
191 | /** | ||
192 | * @ingroup abe | ||
193 | * Create a new CP-ABE key. Caller must free return value. | ||
194 | * | ||
195 | * @param key the master key | ||
196 | * @param attrs the attributes to append to the key | ||
197 | * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_key | ||
198 | */ | ||
199 | struct GNUNET_ABE_AbeKey* | ||
200 | GNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key, | ||
201 | char **attrs) | ||
202 | { | ||
203 | struct GNUNET_ABE_AbeKey *prv_key; | ||
204 | int size; | ||
205 | char *tmp; | ||
206 | |||
207 | prv_key = GNUNET_new (struct GNUNET_ABE_AbeKey); | ||
208 | prv_key->prv = gabe_keygen (key->pub, key->msk, attrs); | ||
209 | size = gabe_pub_serialize (key->pub, &tmp); | ||
210 | prv_key->pub = gabe_pub_unserialize (tmp, size); | ||
211 | GNUNET_free (tmp); | ||
212 | GNUNET_assert (NULL != prv_key->prv); | ||
213 | return prv_key; | ||
214 | } | ||
215 | |||
216 | |||
217 | /** | ||
218 | * @ingroup abe | ||
219 | * Delete a CP-ABE key. | ||
220 | * | ||
221 | * @param key the key to delete | ||
222 | * @param delete_pub GNUNE_YES if the public key should also be freed (bug in gabe) | ||
223 | * @return fresh private key; free using #GNUNET_free | ||
224 | */ | ||
225 | void | ||
226 | GNUNET_ABE_cpabe_delete_key (struct GNUNET_ABE_AbeKey *key, | ||
227 | int delete_pub) | ||
228 | { | ||
229 | // Memory management in gabe is buggy | ||
230 | gabe_prv_free (key->prv); | ||
231 | if (GNUNET_YES == delete_pub) | ||
232 | gabe_pub_free (key->pub); | ||
233 | GNUNET_free (key); | ||
234 | } | ||
235 | |||
236 | |||
237 | static ssize_t | ||
238 | write_cpabe (void **result, | ||
239 | uint32_t file_len, | ||
240 | char*cph_buf, | ||
241 | int cph_buf_len, | ||
242 | char*aes_buf, | ||
243 | int aes_buf_len) | ||
244 | { | ||
245 | char *ptr; | ||
246 | uint32_t *len; | ||
247 | |||
248 | *result = GNUNET_malloc (12 + cph_buf_len + aes_buf_len); | ||
249 | ptr = *result; | ||
250 | len = (uint32_t *) ptr; | ||
251 | *len = htonl (file_len); | ||
252 | ptr += 4; | ||
253 | len = (uint32_t *) ptr; | ||
254 | *len = htonl (aes_buf_len); | ||
255 | ptr += 4; | ||
256 | GNUNET_memcpy (ptr, aes_buf, aes_buf_len); | ||
257 | ptr += aes_buf_len; | ||
258 | len = (uint32_t *) ptr; | ||
259 | *len = htonl (cph_buf_len); | ||
260 | ptr += 4; | ||
261 | GNUNET_memcpy (ptr, cph_buf, cph_buf_len); | ||
262 | return 12 + cph_buf_len + aes_buf_len; | ||
263 | } | ||
264 | |||
265 | |||
266 | static ssize_t | ||
267 | read_cpabe (const void *data, | ||
268 | char**cph_buf, | ||
269 | int *cph_buf_len, | ||
270 | char**aes_buf, | ||
271 | int *aes_buf_len) | ||
272 | { | ||
273 | int buf_len; | ||
274 | char *ptr; | ||
275 | uint32_t *len; | ||
276 | |||
277 | ptr = (char *) data; | ||
278 | len = (uint32_t *) ptr; | ||
279 | buf_len = ntohl (*len); | ||
280 | ptr += 4; | ||
281 | len = (uint32_t *) ptr; | ||
282 | *aes_buf_len = ntohl (*len); | ||
283 | ptr += 4; | ||
284 | *aes_buf = GNUNET_malloc (*aes_buf_len); | ||
285 | GNUNET_memcpy (*aes_buf, ptr, *aes_buf_len); | ||
286 | ptr += *aes_buf_len; | ||
287 | len = (uint32_t *) ptr; | ||
288 | *cph_buf_len = ntohl (*len); | ||
289 | ptr += 4; | ||
290 | *cph_buf = GNUNET_malloc (*cph_buf_len); | ||
291 | GNUNET_memcpy (*cph_buf, ptr, *cph_buf_len); | ||
292 | |||
293 | return buf_len; | ||
294 | } | ||
295 | |||
296 | |||
297 | /** | ||
298 | * @ingroup abe | ||
299 | * Encrypt a block using sessionkey. | ||
300 | * | ||
301 | * @param block the block to encrypt | ||
302 | * @param size the size of the @a block | ||
303 | * @param policy the ABE policy | ||
304 | * @param key the key used to encrypt | ||
305 | * @param result the result buffer. Will be allocated. Free using #GNUNET_free | ||
306 | * @return the size of the encrypted block, -1 for errors | ||
307 | */ | ||
308 | ssize_t | ||
309 | GNUNET_ABE_cpabe_encrypt (const void *block, | ||
310 | size_t size, | ||
311 | const char *policy, | ||
312 | const struct GNUNET_ABE_AbeMasterKey *key, | ||
313 | void **result) | ||
314 | { | ||
315 | gabe_cph_t*cph; | ||
316 | char*plt; | ||
317 | char*cph_buf; | ||
318 | char*aes_buf; | ||
319 | element_t m; | ||
320 | int cph_buf_len; | ||
321 | int aes_buf_len; | ||
322 | ssize_t result_len; | ||
323 | |||
324 | if (! (cph = gabe_enc (key->pub, m, (char *) policy))) | ||
325 | return GNUNET_SYSERR; | ||
326 | cph_buf_len = gabe_cph_serialize (cph, | ||
327 | &cph_buf); | ||
328 | gabe_cph_free (cph); | ||
329 | GNUNET_free (cph); | ||
330 | plt = GNUNET_memdup (block, size); | ||
331 | aes_buf_len = aes_128_cbc_encrypt (plt, size, m, &aes_buf); | ||
332 | GNUNET_free (plt); | ||
333 | element_clear (m); | ||
334 | result_len = write_cpabe (result, size, cph_buf, cph_buf_len, aes_buf, | ||
335 | aes_buf_len); | ||
336 | GNUNET_free (cph_buf); | ||
337 | GNUNET_free (aes_buf); | ||
338 | return result_len; | ||
339 | } | ||
340 | |||
341 | |||
342 | /** | ||
343 | * @ingroup abe | ||
344 | * Decrypt a block using the ABE key. | ||
345 | * | ||
346 | * @param block the block to encrypt | ||
347 | * @param size the size of the @a block | ||
348 | * @param key the key used to decrypt | ||
349 | * @param result the result buffer. Will be allocated. Free using #GNUNET_free | ||
350 | * @return the size of the encrypted block, -1 for errors | ||
351 | */ | ||
352 | ssize_t | ||
353 | GNUNET_ABE_cpabe_decrypt (const void *block, | ||
354 | size_t size, | ||
355 | const struct GNUNET_ABE_AbeKey *key, | ||
356 | void **result) | ||
357 | { | ||
358 | char*aes_buf; | ||
359 | char*cph_buf; | ||
360 | gabe_cph_t*cph; | ||
361 | element_t m; | ||
362 | int cph_buf_size; | ||
363 | int aes_buf_size; | ||
364 | int plt_len; | ||
365 | |||
366 | read_cpabe (block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size); | ||
367 | cph = gabe_cph_unserialize (key->pub, cph_buf, cph_buf_size); | ||
368 | if (! gabe_dec (key->pub, key->prv, cph, m)) | ||
369 | { | ||
370 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
371 | "%s\n", gabe_error ()); | ||
372 | GNUNET_free (aes_buf); | ||
373 | GNUNET_free (cph_buf); | ||
374 | gabe_cph_free (cph); | ||
375 | GNUNET_free (cph); | ||
376 | element_clear (m); | ||
377 | return GNUNET_SYSERR; | ||
378 | } | ||
379 | gabe_cph_free (cph); | ||
380 | GNUNET_free (cph); | ||
381 | plt_len = aes_128_cbc_decrypt (aes_buf, aes_buf_size, m, (char **) result); | ||
382 | GNUNET_free (cph_buf); | ||
383 | GNUNET_free (aes_buf); | ||
384 | element_clear (m); | ||
385 | // freeing is buggy in gabe | ||
386 | // gabe_prv_free (prv); | ||
387 | // gabe_pub_free (pub); | ||
388 | return plt_len; | ||
389 | } | ||
390 | |||
391 | |||
392 | /** | ||
393 | * @ingroup abe | ||
394 | * Serialize an ABE key. | ||
395 | * | ||
396 | * @param key the key to serialize | ||
397 | * @param result the result buffer. Will be allocated. Free using #GNUNET_free | ||
398 | * @return the size of the encrypted block, -1 for errors | ||
399 | */ | ||
400 | ssize_t | ||
401 | GNUNET_ABE_cpabe_serialize_key (const struct GNUNET_ABE_AbeKey *key, | ||
402 | void **result) | ||
403 | { | ||
404 | ssize_t len; | ||
405 | char *pub; | ||
406 | char *prv; | ||
407 | int pub_len; | ||
408 | int prv_len; | ||
409 | |||
410 | pub_len = gabe_pub_serialize (key->pub, &pub); | ||
411 | prv_len = gabe_prv_serialize (key->prv, &prv); | ||
412 | |||
413 | len = pub_len + prv_len + 12; | ||
414 | write_cpabe (result, len, pub, pub_len, prv, prv_len); | ||
415 | |||
416 | GNUNET_free (pub); | ||
417 | GNUNET_free (prv); | ||
418 | |||
419 | return len; | ||
420 | } | ||
421 | |||
422 | |||
423 | /** | ||
424 | * @ingroup abe | ||
425 | * Deserialize a serialized ABE key. | ||
426 | * | ||
427 | * @param data the data to deserialize | ||
428 | * @param len the length of the data. | ||
429 | * @return the ABE key. NULL of unsuccessful | ||
430 | */ | ||
431 | struct GNUNET_ABE_AbeKey* | ||
432 | GNUNET_ABE_cpabe_deserialize_key (const void *data, | ||
433 | size_t len) | ||
434 | { | ||
435 | struct GNUNET_ABE_AbeKey *key; | ||
436 | char *pub; | ||
437 | char *prv; | ||
438 | int prv_len; | ||
439 | int pub_len; | ||
440 | |||
441 | key = GNUNET_new (struct GNUNET_ABE_AbeKey); | ||
442 | read_cpabe (data, | ||
443 | &pub, | ||
444 | &pub_len, | ||
445 | &prv, | ||
446 | &prv_len); | ||
447 | key->pub = gabe_pub_unserialize (pub, pub_len); | ||
448 | key->prv = gabe_prv_unserialize (key->pub, prv, prv_len); | ||
449 | |||
450 | GNUNET_free (pub); | ||
451 | GNUNET_free (prv); | ||
452 | return key; | ||
453 | } | ||
454 | |||
455 | |||
456 | /** | ||
457 | * @ingroup abe | ||
458 | * Serialize an ABE master key. | ||
459 | * | ||
460 | * @param key the key to serialize | ||
461 | * @param result the result buffer. Will be allocated. Free using #GNUNET_free | ||
462 | * @return the size of the encrypted block, -1 for errors | ||
463 | */ | ||
464 | ssize_t | ||
465 | GNUNET_ABE_cpabe_serialize_master_key (const struct | ||
466 | GNUNET_ABE_AbeMasterKey *key, | ||
467 | void **result) | ||
468 | { | ||
469 | ssize_t len; | ||
470 | char *pub; | ||
471 | char *msk; | ||
472 | int pub_len; | ||
473 | int msk_len; | ||
474 | |||
475 | pub_len = gabe_pub_serialize (key->pub, &pub); | ||
476 | msk_len = gabe_msk_serialize (key->msk, &msk); | ||
477 | |||
478 | len = pub_len + msk_len + 12; | ||
479 | write_cpabe (result, len, pub, pub_len, msk, msk_len); | ||
480 | |||
481 | GNUNET_free (pub); | ||
482 | GNUNET_free (msk); | ||
483 | |||
484 | return len; | ||
485 | } | ||
486 | |||
487 | |||
488 | /** | ||
489 | * @ingroup abe | ||
490 | * Deserialize an ABE master key. | ||
491 | * | ||
492 | * @param data the data to deserialize | ||
493 | * @param len the length of the data. | ||
494 | * @return the ABE key. NULL of unsuccessful | ||
495 | */ | ||
496 | struct GNUNET_ABE_AbeMasterKey* | ||
497 | GNUNET_ABE_cpabe_deserialize_master_key (const void *data, | ||
498 | size_t len) | ||
499 | { | ||
500 | struct GNUNET_ABE_AbeMasterKey *key; | ||
501 | char *msk; | ||
502 | char *pub; | ||
503 | int msk_len; | ||
504 | int pub_len; | ||
505 | |||
506 | key = GNUNET_new (struct GNUNET_ABE_AbeMasterKey); | ||
507 | read_cpabe (data, | ||
508 | &pub, | ||
509 | &pub_len, | ||
510 | &msk, | ||
511 | &msk_len); | ||
512 | key->pub = gabe_pub_unserialize (pub, pub_len); | ||
513 | key->msk = gabe_msk_unserialize (key->pub, msk, msk_len); | ||
514 | |||
515 | GNUNET_free (pub); | ||
516 | GNUNET_free (msk); | ||
517 | |||
518 | return key; | ||
519 | } | ||