diff options
Diffstat (limited to 'src/util/crypto_aes.c')
| -rw-r--r-- | src/util/crypto_aes.c | 53 |
1 files changed, 24 insertions, 29 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index e26b59abe..200c367c1 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c | |||
| @@ -39,7 +39,7 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | |||
| 39 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, | 39 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, |
| 40 | GCRY_STRONG_RANDOM); | 40 | GCRY_STRONG_RANDOM); |
| 41 | key->crc32 = | 41 | key->crc32 = |
| 42 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); | 42 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); |
| 43 | } | 43 | } |
| 44 | 44 | ||
| 45 | /** | 45 | /** |
| @@ -84,20 +84,19 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, | |||
| 84 | int rc; | 84 | int rc; |
| 85 | 85 | ||
| 86 | if (sessionkey->crc32 != | 86 | if (sessionkey->crc32 != |
| 87 | htonl (GNUNET_CRYPTO_crc32_n | 87 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
| 88 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 88 | { |
| 89 | { | 89 | GNUNET_break (0); |
| 90 | GNUNET_break (0); | 90 | return -1; |
| 91 | return -1; | 91 | } |
| 92 | } | ||
| 93 | GNUNET_assert (0 == gcry_cipher_open (&handle, | 92 | GNUNET_assert (0 == gcry_cipher_open (&handle, |
| 94 | GCRY_CIPHER_AES256, | 93 | GCRY_CIPHER_AES256, |
| 95 | GCRY_CIPHER_MODE_CFB, 0)); | 94 | GCRY_CIPHER_MODE_CFB, 0)); |
| 96 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 95 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
| 97 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 96 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 98 | rc = | 97 | rc = gcry_cipher_setiv (handle, iv, |
| 99 | gcry_cipher_setiv (handle, iv, | 98 | sizeof (struct |
| 100 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 99 | GNUNET_CRYPTO_AesInitializationVector)); |
| 101 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 100 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 102 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); | 101 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); |
| 103 | gcry_cipher_close (handle); | 102 | gcry_cipher_close (handle); |
| @@ -127,23 +126,21 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, | |||
| 127 | int rc; | 126 | int rc; |
| 128 | 127 | ||
| 129 | if (sessionkey->crc32 != | 128 | if (sessionkey->crc32 != |
| 130 | htonl (GNUNET_CRYPTO_crc32_n | 129 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
| 131 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 130 | { |
| 132 | { | 131 | GNUNET_break (0); |
| 133 | GNUNET_break (0); | 132 | return -1; |
| 134 | return -1; | 133 | } |
| 135 | } | ||
| 136 | GNUNET_assert (0 == gcry_cipher_open (&handle, | 134 | GNUNET_assert (0 == gcry_cipher_open (&handle, |
| 137 | GCRY_CIPHER_AES256, | 135 | GCRY_CIPHER_AES256, |
| 138 | GCRY_CIPHER_MODE_CFB, 0)); | 136 | GCRY_CIPHER_MODE_CFB, 0)); |
| 139 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 137 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
| 140 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 138 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 141 | rc = | 139 | rc = gcry_cipher_setiv (handle, iv, |
| 142 | gcry_cipher_setiv (handle, iv, | 140 | sizeof (struct |
| 143 | sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); | 141 | GNUNET_CRYPTO_AesInitializationVector)); |
| 144 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 142 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 145 | GNUNET_assert (0 == | 143 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); |
| 146 | gcry_cipher_decrypt (handle, result, size, block, size)); | ||
| 147 | gcry_cipher_close (handle); | 144 | gcry_cipher_close (handle); |
| 148 | return size; | 145 | return size; |
| 149 | } | 146 | } |
| @@ -158,9 +155,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, | |||
| 158 | */ | 155 | */ |
| 159 | void | 156 | void |
| 160 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 157 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
| 161 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 158 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
| 162 | const void *salt, size_t salt_len, | 159 | const void *salt, size_t salt_len, ...) |
| 163 | ...) | ||
| 164 | { | 160 | { |
| 165 | va_list argp; | 161 | va_list argp; |
| 166 | 162 | ||
| @@ -179,12 +175,11 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
| 179 | */ | 175 | */ |
| 180 | void | 176 | void |
| 181 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 177 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
| 182 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 178 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
| 183 | const void *salt, size_t salt_len, | 179 | const void *salt, size_t salt_len, va_list argp) |
| 184 | va_list argp) | ||
| 185 | { | 180 | { |
| 186 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof(iv->iv), salt, salt_len, skey->key, | 181 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, |
| 187 | sizeof(skey->key), argp); | 182 | sizeof (skey->key), argp); |
| 188 | } | 183 | } |
| 189 | 184 | ||
| 190 | /* end of crypto_aes.c */ | 185 | /* end of crypto_aes.c */ |