diff options
Diffstat (limited to 'src/util/crypto_aes.c')
-rw-r--r-- | src/util/crypto_aes.c | 53 |
1 files changed, 24 insertions, 29 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index e26b59abe..200c367c1 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c | |||
@@ -39,7 +39,7 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | |||
39 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, | 39 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, |
40 | GCRY_STRONG_RANDOM); | 40 | GCRY_STRONG_RANDOM); |
41 | key->crc32 = | 41 | key->crc32 = |
42 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); | 42 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); |
43 | } | 43 | } |
44 | 44 | ||
45 | /** | 45 | /** |
@@ -84,20 +84,19 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, | |||
84 | int rc; | 84 | int rc; |
85 | 85 | ||
86 | if (sessionkey->crc32 != | 86 | if (sessionkey->crc32 != |
87 | htonl (GNUNET_CRYPTO_crc32_n | 87 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
88 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 88 | { |
89 | { | 89 | GNUNET_break (0); |
90 | GNUNET_break (0); | 90 | return -1; |
91 | return -1; | 91 | } |
92 | } | ||
93 | GNUNET_assert (0 == gcry_cipher_open (&handle, | 92 | GNUNET_assert (0 == gcry_cipher_open (&handle, |
94 | GCRY_CIPHER_AES256, | 93 | GCRY_CIPHER_AES256, |
95 | GCRY_CIPHER_MODE_CFB, 0)); | 94 | GCRY_CIPHER_MODE_CFB, 0)); |
96 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 95 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
97 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 96 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
98 | rc = | 97 | rc = gcry_cipher_setiv (handle, iv, |
99 | gcry_cipher_setiv (handle, iv, | 98 | sizeof (struct |
100 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 99 | GNUNET_CRYPTO_AesInitializationVector)); |
101 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 100 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
102 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); | 101 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); |
103 | gcry_cipher_close (handle); | 102 | gcry_cipher_close (handle); |
@@ -127,23 +126,21 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, | |||
127 | int rc; | 126 | int rc; |
128 | 127 | ||
129 | if (sessionkey->crc32 != | 128 | if (sessionkey->crc32 != |
130 | htonl (GNUNET_CRYPTO_crc32_n | 129 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
131 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 130 | { |
132 | { | 131 | GNUNET_break (0); |
133 | GNUNET_break (0); | 132 | return -1; |
134 | return -1; | 133 | } |
135 | } | ||
136 | GNUNET_assert (0 == gcry_cipher_open (&handle, | 134 | GNUNET_assert (0 == gcry_cipher_open (&handle, |
137 | GCRY_CIPHER_AES256, | 135 | GCRY_CIPHER_AES256, |
138 | GCRY_CIPHER_MODE_CFB, 0)); | 136 | GCRY_CIPHER_MODE_CFB, 0)); |
139 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 137 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
140 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 138 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
141 | rc = | 139 | rc = gcry_cipher_setiv (handle, iv, |
142 | gcry_cipher_setiv (handle, iv, | 140 | sizeof (struct |
143 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 141 | GNUNET_CRYPTO_AesInitializationVector)); |
144 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 142 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
145 | GNUNET_assert (0 == | 143 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); |
146 | gcry_cipher_decrypt (handle, result, size, block, size)); | ||
147 | gcry_cipher_close (handle); | 144 | gcry_cipher_close (handle); |
148 | return size; | 145 | return size; |
149 | } | 146 | } |
@@ -158,9 +155,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, | |||
158 | */ | 155 | */ |
159 | void | 156 | void |
160 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 157 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
161 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 158 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
162 | const void *salt, size_t salt_len, | 159 | const void *salt, size_t salt_len, ...) |
163 | ...) | ||
164 | { | 160 | { |
165 | va_list argp; | 161 | va_list argp; |
166 | 162 | ||
@@ -179,12 +175,11 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
179 | */ | 175 | */ |
180 | void | 176 | void |
181 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 177 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
182 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 178 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
183 | const void *salt, size_t salt_len, | 179 | const void *salt, size_t salt_len, va_list argp) |
184 | va_list argp) | ||
185 | { | 180 | { |
186 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof(iv->iv), salt, salt_len, skey->key, | 181 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, |
187 | sizeof(skey->key), argp); | 182 | sizeof (skey->key), argp); |
188 | } | 183 | } |
189 | 184 | ||
190 | /* end of crypto_aes.c */ | 185 | /* end of crypto_aes.c */ |