diff options
Diffstat (limited to 'src/gnsrecord/gnsrecord_crypto.c')
-rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 252 |
1 files changed, 115 insertions, 137 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index fe7db88b9..58feaee74 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
@@ -25,15 +25,7 @@ | |||
25 | * @author Matthias Wachs | 25 | * @author Matthias Wachs |
26 | * @author Christian Grothoff | 26 | * @author Christian Grothoff |
27 | */ | 27 | */ |
28 | #include "platform.h" | 28 | #include "gnsrecord_crypto.h" |
29 | #include "gnunet_util_lib.h" | ||
30 | #include "gnunet_constants.h" | ||
31 | #include "gnunet_signatures.h" | ||
32 | #include "gnunet_arm_service.h" | ||
33 | #include "gnunet_gnsrecord_lib.h" | ||
34 | #include "gnunet_dnsparser_lib.h" | ||
35 | #include "gnunet_tun_lib.h" | ||
36 | |||
37 | 29 | ||
38 | #define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__) | 30 | #define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__) |
39 | 31 | ||
@@ -104,7 +96,7 @@ eddsa_symmetric_decrypt ( | |||
104 | return GNUNET_SYSERR; | 96 | return GNUNET_SYSERR; |
105 | if (0 != crypto_secretbox_open_detached (result, | 97 | if (0 != crypto_secretbox_open_detached (result, |
106 | block, // Ciphertext | 98 | block, // Ciphertext |
107 | ((unsigned char*)block) + ctlen, // TAG | 99 | ((unsigned char*) block) + ctlen, // TAG |
108 | ctlen, | 100 | ctlen, |
109 | nonce, key)) | 101 | nonce, key)) |
110 | { | 102 | { |
@@ -131,20 +123,12 @@ eddsa_symmetric_encrypt ( | |||
131 | } | 123 | } |
132 | 124 | ||
133 | 125 | ||
134 | /** | 126 | void |
135 | * Derive session key and iv from label and public key. | 127 | GNR_derive_block_aes_key (unsigned char *ctr, |
136 | * | 128 | unsigned char *key, |
137 | * @param iv initialization vector to initialize | 129 | const char *label, |
138 | * @param skey session key to initialize | 130 | uint64_t exp, |
139 | * @param label label to use for KDF | 131 | const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) |
140 | * @param pub public key to use for KDF | ||
141 | */ | ||
142 | static void | ||
143 | derive_block_aes_key (unsigned char *ctr, | ||
144 | unsigned char *key, | ||
145 | const char *label, | ||
146 | uint64_t exp, | ||
147 | const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) | ||
148 | { | 132 | { |
149 | static const char ctx_key[] = "gns-aes-ctx-key"; | 133 | static const char ctx_key[] = "gns-aes-ctx-key"; |
150 | static const char ctx_iv[] = "gns-aes-ctx-iv"; | 134 | static const char ctx_iv[] = "gns-aes-ctx-iv"; |
@@ -168,20 +152,12 @@ derive_block_aes_key (unsigned char *ctr, | |||
168 | } | 152 | } |
169 | 153 | ||
170 | 154 | ||
171 | /** | 155 | void |
172 | * Derive session key and iv from label and public key. | 156 | GNR_derive_block_xsalsa_key (unsigned char *nonce, |
173 | * | 157 | unsigned char *key, |
174 | * @param nonce initialization vector to initialize | 158 | const char *label, |
175 | * @param skey session key to initialize | 159 | uint64_t exp, |
176 | * @param label label to use for KDF | 160 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub) |
177 | * @param pub public key to use for KDF | ||
178 | */ | ||
179 | static void | ||
180 | derive_block_xsalsa_key (unsigned char *nonce, | ||
181 | unsigned char *key, | ||
182 | const char *label, | ||
183 | uint64_t exp, | ||
184 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub) | ||
185 | { | 161 | { |
186 | static const char ctx_key[] = "gns-aes-ctx-key"; | 162 | static const char ctx_key[] = "gns-aes-ctx-key"; |
187 | static const char ctx_iv[] = "gns-aes-ctx-iv"; | 163 | static const char ctx_iv[] = "gns-aes-ctx-iv"; |
@@ -291,11 +267,11 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
291 | "gns"); | 267 | "gns"); |
292 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, | 268 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, |
293 | &ecblock->derived_key); | 269 | &ecblock->derived_key); |
294 | derive_block_aes_key (ctr, | 270 | GNR_derive_block_aes_key (ctr, |
295 | skey, | 271 | skey, |
296 | label, | 272 | label, |
297 | ecblock->expiration_time.abs_value_us__, | 273 | ecblock->expiration_time.abs_value_us__, |
298 | pkey); | 274 | pkey); |
299 | GNUNET_break (payload_len + sizeof(uint32_t) == | 275 | GNUNET_break (payload_len + sizeof(uint32_t) == |
300 | ecdsa_symmetric_encrypt (payload, | 276 | ecdsa_symmetric_encrypt (payload, |
301 | payload_len | 277 | payload_len |
@@ -409,11 +385,11 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
409 | &dkey); | 385 | &dkey); |
410 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey, | 386 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey, |
411 | &edblock->derived_key); | 387 | &edblock->derived_key); |
412 | derive_block_xsalsa_key (nonce, | 388 | GNR_derive_block_xsalsa_key (nonce, |
413 | skey, | 389 | skey, |
414 | label, | 390 | label, |
415 | edblock->expiration_time.abs_value_us__, | 391 | edblock->expiration_time.abs_value_us__, |
416 | pkey); | 392 | pkey); |
417 | GNUNET_break (GNUNET_OK == | 393 | GNUNET_break (GNUNET_OK == |
418 | eddsa_symmetric_encrypt (payload, | 394 | eddsa_symmetric_encrypt (payload, |
419 | payload_len | 395 | payload_len |
@@ -456,24 +432,24 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, | |||
456 | 432 | ||
457 | switch (ntohl (key->type)) | 433 | switch (ntohl (key->type)) |
458 | { | 434 | { |
459 | case GNUNET_GNSRECORD_TYPE_PKEY: | 435 | case GNUNET_GNSRECORD_TYPE_PKEY: |
460 | res = block_create_ecdsa (&key->ecdsa_key, | 436 | res = block_create_ecdsa (&key->ecdsa_key, |
461 | &pkey.ecdsa_key, | 437 | &pkey.ecdsa_key, |
462 | expire, | 438 | expire, |
463 | norm_label, | 439 | norm_label, |
464 | rd, | 440 | rd, |
465 | rd_count); | 441 | rd_count); |
466 | break; | 442 | break; |
467 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 443 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
468 | res = block_create_eddsa (&key->eddsa_key, | 444 | res = block_create_eddsa (&key->eddsa_key, |
469 | &pkey.eddsa_key, | 445 | &pkey.eddsa_key, |
470 | expire, | 446 | expire, |
471 | norm_label, | 447 | norm_label, |
472 | rd, | 448 | rd, |
473 | rd_count); | 449 | rd_count); |
474 | break; | 450 | break; |
475 | default: | 451 | default: |
476 | GNUNET_assert (0); | 452 | GNUNET_assert (0); |
477 | } | 453 | } |
478 | GNUNET_free (norm_label); | 454 | GNUNET_free (norm_label); |
479 | return res; | 455 | return res; |
@@ -576,20 +552,20 @@ GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block) | |||
576 | { | 552 | { |
577 | switch (ntohl (block->type)) | 553 | switch (ntohl (block->type)) |
578 | { | 554 | { |
579 | case GNUNET_GNSRECORD_TYPE_PKEY: | 555 | case GNUNET_GNSRECORD_TYPE_PKEY: |
580 | return GNUNET_CRYPTO_ecdsa_verify_ ( | 556 | return GNUNET_CRYPTO_ecdsa_verify_ ( |
581 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, | 557 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, |
582 | &block->ecdsa_block.purpose, | 558 | &block->ecdsa_block.purpose, |
583 | &block->ecdsa_block.signature, | 559 | &block->ecdsa_block.signature, |
584 | &block->ecdsa_block.derived_key); | 560 | &block->ecdsa_block.derived_key); |
585 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 561 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
586 | return GNUNET_CRYPTO_eddsa_verify_ ( | 562 | return GNUNET_CRYPTO_eddsa_verify_ ( |
587 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, | 563 | GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, |
588 | &block->eddsa_block.purpose, | 564 | &block->eddsa_block.purpose, |
589 | &block->eddsa_block.signature, | 565 | &block->eddsa_block.signature, |
590 | &block->eddsa_block.derived_key); | 566 | &block->eddsa_block.derived_key); |
591 | default: | 567 | default: |
592 | return GNUNET_NO; | 568 | return GNUNET_NO; |
593 | } | 569 | } |
594 | } | 570 | } |
595 | 571 | ||
@@ -603,8 +579,8 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, | |||
603 | void *proc_cls) | 579 | void *proc_cls) |
604 | { | 580 | { |
605 | size_t payload_len = ntohl (block->purpose.size) | 581 | size_t payload_len = ntohl (block->purpose.size) |
606 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 582 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) |
607 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); | 583 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); |
608 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; | 584 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; |
609 | unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; | 585 | unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH]; |
610 | 586 | ||
@@ -615,11 +591,11 @@ block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, | |||
615 | GNUNET_break_op (0); | 591 | GNUNET_break_op (0); |
616 | return GNUNET_SYSERR; | 592 | return GNUNET_SYSERR; |
617 | } | 593 | } |
618 | derive_block_aes_key (ctr, | 594 | GNR_derive_block_aes_key (ctr, |
619 | key, | 595 | key, |
620 | label, | 596 | label, |
621 | block->expiration_time.abs_value_us__, | 597 | block->expiration_time.abs_value_us__, |
622 | zone_key); | 598 | zone_key); |
623 | { | 599 | { |
624 | char payload[payload_len]; | 600 | char payload[payload_len]; |
625 | uint32_t rd_count; | 601 | uint32_t rd_count; |
@@ -731,8 +707,8 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, | |||
731 | void *proc_cls) | 707 | void *proc_cls) |
732 | { | 708 | { |
733 | size_t payload_len = ntohl (block->purpose.size) | 709 | size_t payload_len = ntohl (block->purpose.size) |
734 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) | 710 | - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) |
735 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); | 711 | - sizeof(struct GNUNET_TIME_AbsoluteNBO); |
736 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; | 712 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; |
737 | unsigned char key[crypto_secretbox_KEYBYTES]; | 713 | unsigned char key[crypto_secretbox_KEYBYTES]; |
738 | 714 | ||
@@ -743,11 +719,11 @@ block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, | |||
743 | GNUNET_break_op (0); | 719 | GNUNET_break_op (0); |
744 | return GNUNET_SYSERR; | 720 | return GNUNET_SYSERR; |
745 | } | 721 | } |
746 | derive_block_xsalsa_key (nonce, | 722 | GNR_derive_block_xsalsa_key (nonce, |
747 | key, | 723 | key, |
748 | label, | 724 | label, |
749 | block->expiration_time.abs_value_us__, | 725 | block->expiration_time.abs_value_us__, |
750 | zone_key); | 726 | zone_key); |
751 | { | 727 | { |
752 | char payload[payload_len]; | 728 | char payload[payload_len]; |
753 | uint32_t rd_count; | 729 | uint32_t rd_count; |
@@ -875,16 +851,18 @@ GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, | |||
875 | norm_label = GNUNET_GNSRECORD_string_normalize (label); | 851 | norm_label = GNUNET_GNSRECORD_string_normalize (label); |
876 | switch (ntohl (zone_key->type)) | 852 | switch (ntohl (zone_key->type)) |
877 | { | 853 | { |
878 | case GNUNET_IDENTITY_TYPE_ECDSA: | 854 | case GNUNET_IDENTITY_TYPE_ECDSA: |
879 | res = block_decrypt_ecdsa (&block->ecdsa_block, | 855 | res = block_decrypt_ecdsa (&block->ecdsa_block, |
880 | &zone_key->ecdsa_key, norm_label, proc, proc_cls); | 856 | &zone_key->ecdsa_key, norm_label, proc, |
881 | break; | 857 | proc_cls); |
882 | case GNUNET_IDENTITY_TYPE_EDDSA: | 858 | break; |
883 | res = block_decrypt_eddsa (&block->eddsa_block, | 859 | case GNUNET_IDENTITY_TYPE_EDDSA: |
884 | &zone_key->eddsa_key, norm_label, proc, proc_cls); | 860 | res = block_decrypt_eddsa (&block->eddsa_block, |
885 | break; | 861 | &zone_key->eddsa_key, norm_label, proc, |
886 | default: | 862 | proc_cls); |
887 | return GNUNET_SYSERR; | 863 | break; |
864 | default: | ||
865 | return GNUNET_SYSERR; | ||
888 | } | 866 | } |
889 | GNUNET_free (norm_label); | 867 | GNUNET_free (norm_label); |
890 | return res; | 868 | return res; |
@@ -910,17 +888,17 @@ GNUNET_GNSRECORD_query_from_private_key (const struct | |||
910 | norm_label = GNUNET_GNSRECORD_string_normalize (label); | 888 | norm_label = GNUNET_GNSRECORD_string_normalize (label); |
911 | switch (ntohl (zone->type)) | 889 | switch (ntohl (zone->type)) |
912 | { | 890 | { |
913 | case GNUNET_GNSRECORD_TYPE_PKEY: | 891 | case GNUNET_GNSRECORD_TYPE_PKEY: |
914 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 892 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
915 | 893 | ||
916 | GNUNET_IDENTITY_key_get_public (zone, | 894 | GNUNET_IDENTITY_key_get_public (zone, |
917 | &pub); | 895 | &pub); |
918 | GNUNET_GNSRECORD_query_from_public_key (&pub, | 896 | GNUNET_GNSRECORD_query_from_public_key (&pub, |
919 | norm_label, | 897 | norm_label, |
920 | query); | 898 | query); |
921 | break; | 899 | break; |
922 | default: | 900 | default: |
923 | GNUNET_assert (0); | 901 | GNUNET_assert (0); |
924 | } | 902 | } |
925 | GNUNET_free (norm_label); | 903 | GNUNET_free (norm_label); |
926 | } | 904 | } |
@@ -947,28 +925,28 @@ GNUNET_GNSRECORD_query_from_public_key (const struct | |||
947 | 925 | ||
948 | switch (ntohl (pub->type)) | 926 | switch (ntohl (pub->type)) |
949 | { | 927 | { |
950 | case GNUNET_GNSRECORD_TYPE_PKEY: | 928 | case GNUNET_GNSRECORD_TYPE_PKEY: |
951 | pd.type = pub->type; | 929 | pd.type = pub->type; |
952 | GNUNET_CRYPTO_ecdsa_public_key_derive (&pub->ecdsa_key, | 930 | GNUNET_CRYPTO_ecdsa_public_key_derive (&pub->ecdsa_key, |
953 | norm_label, | 931 | norm_label, |
954 | "gns", | 932 | "gns", |
955 | &pd.ecdsa_key); | 933 | &pd.ecdsa_key); |
956 | GNUNET_CRYPTO_hash (&pd.ecdsa_key, | 934 | GNUNET_CRYPTO_hash (&pd.ecdsa_key, |
957 | sizeof (pd.ecdsa_key), | 935 | sizeof (pd.ecdsa_key), |
958 | query); | 936 | query); |
959 | break; | 937 | break; |
960 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 938 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
961 | pd.type = pub->type; | 939 | pd.type = pub->type; |
962 | GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, | 940 | GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, |
963 | norm_label, | 941 | norm_label, |
964 | "gns", | 942 | "gns", |
965 | &(pd.eddsa_key)); | 943 | &(pd.eddsa_key)); |
966 | GNUNET_CRYPTO_hash (&pd.eddsa_key, | 944 | GNUNET_CRYPTO_hash (&pd.eddsa_key, |
967 | sizeof (pd.eddsa_key), | 945 | sizeof (pd.eddsa_key), |
968 | query); | 946 | query); |
969 | break; | 947 | break; |
970 | default: | 948 | default: |
971 | GNUNET_assert (0); | 949 | GNUNET_assert (0); |
972 | } | 950 | } |
973 | GNUNET_free (norm_label); | 951 | GNUNET_free (norm_label); |
974 | } | 952 | } |