diff options
Diffstat (limited to 'src/util/crypto_aes.c')
-rw-r--r-- | src/util/crypto_aes.c | 77 |
1 files changed, 36 insertions, 41 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index 9e194094c..8b031f367 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c | |||
@@ -39,9 +39,9 @@ void | |||
39 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | 39 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) |
40 | { | 40 | { |
41 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, | 41 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, |
42 | GCRY_STRONG_RANDOM); | 42 | GCRY_STRONG_RANDOM); |
43 | key->crc32 = | 43 | key->crc32 = |
44 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); | 44 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); |
45 | } | 45 | } |
46 | 46 | ||
47 | /** | 47 | /** |
@@ -51,7 +51,7 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | |||
51 | */ | 51 | */ |
52 | int | 52 | int |
53 | GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey | 53 | GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey |
54 | *key) | 54 | *key) |
55 | { | 55 | { |
56 | uint32_t crc; | 56 | uint32_t crc; |
57 | 57 | ||
@@ -76,29 +76,28 @@ GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey | |||
76 | */ | 76 | */ |
77 | ssize_t | 77 | ssize_t |
78 | GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | 78 | GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, |
79 | const struct GNUNET_CRYPTO_AesSessionKey * | 79 | const struct GNUNET_CRYPTO_AesSessionKey * |
80 | sessionkey, | 80 | sessionkey, |
81 | const struct GNUNET_CRYPTO_AesInitializationVector | 81 | const struct GNUNET_CRYPTO_AesInitializationVector * |
82 | * iv, void *result) | 82 | iv, void *result) |
83 | { | 83 | { |
84 | gcry_cipher_hd_t handle; | 84 | gcry_cipher_hd_t handle; |
85 | int rc; | 85 | int rc; |
86 | 86 | ||
87 | if (sessionkey->crc32 != | 87 | if (sessionkey->crc32 != |
88 | htonl (GNUNET_CRYPTO_crc32_n | 88 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
89 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 89 | { |
90 | { | 90 | GNUNET_break (0); |
91 | GNUNET_break (0); | 91 | return -1; |
92 | return -1; | 92 | } |
93 | } | ||
94 | GNUNET_assert (0 == | 93 | GNUNET_assert (0 == |
95 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, | 94 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, |
96 | GCRY_CIPHER_MODE_CFB, 0)); | 95 | GCRY_CIPHER_MODE_CFB, 0)); |
97 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 96 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
98 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 97 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
99 | rc = gcry_cipher_setiv (handle, iv, | 98 | rc = gcry_cipher_setiv (handle, iv, |
100 | sizeof (struct | 99 | sizeof (struct |
101 | GNUNET_CRYPTO_AesInitializationVector)); | 100 | GNUNET_CRYPTO_AesInitializationVector)); |
102 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 101 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
103 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); | 102 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); |
104 | gcry_cipher_close (handle); | 103 | gcry_cipher_close (handle); |
@@ -118,32 +117,30 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | |||
118 | */ | 117 | */ |
119 | ssize_t | 118 | ssize_t |
120 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | 119 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, |
121 | const struct GNUNET_CRYPTO_AesSessionKey * | 120 | const struct GNUNET_CRYPTO_AesSessionKey * |
122 | sessionkey, | 121 | sessionkey, |
123 | const struct GNUNET_CRYPTO_AesInitializationVector | 122 | const struct GNUNET_CRYPTO_AesInitializationVector * |
124 | * iv, void *result) | 123 | iv, void *result) |
125 | { | 124 | { |
126 | gcry_cipher_hd_t handle; | 125 | gcry_cipher_hd_t handle; |
127 | int rc; | 126 | int rc; |
128 | 127 | ||
129 | if (sessionkey->crc32 != | 128 | if (sessionkey->crc32 != |
130 | htonl (GNUNET_CRYPTO_crc32_n | 129 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
131 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 130 | { |
132 | { | 131 | GNUNET_break (0); |
133 | GNUNET_break (0); | 132 | return -1; |
134 | return -1; | 133 | } |
135 | } | ||
136 | GNUNET_assert (0 == | 134 | GNUNET_assert (0 == |
137 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, | 135 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, |
138 | GCRY_CIPHER_MODE_CFB, 0)); | 136 | GCRY_CIPHER_MODE_CFB, 0)); |
139 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 137 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
140 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 138 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
141 | rc = gcry_cipher_setiv (handle, iv, | 139 | rc = gcry_cipher_setiv (handle, iv, |
142 | sizeof (struct | 140 | sizeof (struct |
143 | GNUNET_CRYPTO_AesInitializationVector)); | 141 | GNUNET_CRYPTO_AesInitializationVector)); |
144 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 142 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
145 | GNUNET_assert (0 == | 143 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); |
146 | gcry_cipher_decrypt (handle, result, size, block, size)); | ||
147 | gcry_cipher_close (handle); | 144 | gcry_cipher_close (handle); |
148 | return size; | 145 | return size; |
149 | } | 146 | } |
@@ -158,8 +155,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | |||
158 | */ | 155 | */ |
159 | void | 156 | void |
160 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 157 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
161 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 158 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
162 | const void *salt, size_t salt_len, ...) | 159 | const void *salt, size_t salt_len, ...) |
163 | { | 160 | { |
164 | va_list argp; | 161 | va_list argp; |
165 | 162 | ||
@@ -177,14 +174,12 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
177 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL | 174 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL |
178 | */ | 175 | */ |
179 | void | 176 | void |
180 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector | 177 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
181 | *iv, | 178 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
182 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 179 | const void *salt, size_t salt_len, va_list argp) |
183 | const void *salt, size_t salt_len, | ||
184 | va_list argp) | ||
185 | { | 180 | { |
186 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, | 181 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, |
187 | sizeof (skey->key), argp); | 182 | sizeof (skey->key), argp); |
188 | } | 183 | } |
189 | 184 | ||
190 | /* end of crypto_aes.c */ | 185 | /* end of crypto_aes.c */ |