diff options
Diffstat (limited to 'src/util/crypto_aes.c')
| -rw-r--r-- | src/util/crypto_aes.c | 77 |
1 files changed, 36 insertions, 41 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index 9e194094c..8b031f367 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c | |||
| @@ -39,9 +39,9 @@ void | |||
| 39 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | 39 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) |
| 40 | { | 40 | { |
| 41 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, | 41 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, |
| 42 | GCRY_STRONG_RANDOM); | 42 | GCRY_STRONG_RANDOM); |
| 43 | key->crc32 = | 43 | key->crc32 = |
| 44 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); | 44 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); |
| 45 | } | 45 | } |
| 46 | 46 | ||
| 47 | /** | 47 | /** |
| @@ -51,7 +51,7 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | |||
| 51 | */ | 51 | */ |
| 52 | int | 52 | int |
| 53 | GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey | 53 | GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey |
| 54 | *key) | 54 | *key) |
| 55 | { | 55 | { |
| 56 | uint32_t crc; | 56 | uint32_t crc; |
| 57 | 57 | ||
| @@ -76,29 +76,28 @@ GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey | |||
| 76 | */ | 76 | */ |
| 77 | ssize_t | 77 | ssize_t |
| 78 | GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | 78 | GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, |
| 79 | const struct GNUNET_CRYPTO_AesSessionKey * | 79 | const struct GNUNET_CRYPTO_AesSessionKey * |
| 80 | sessionkey, | 80 | sessionkey, |
| 81 | const struct GNUNET_CRYPTO_AesInitializationVector | 81 | const struct GNUNET_CRYPTO_AesInitializationVector * |
| 82 | * iv, void *result) | 82 | iv, void *result) |
| 83 | { | 83 | { |
| 84 | gcry_cipher_hd_t handle; | 84 | gcry_cipher_hd_t handle; |
| 85 | int rc; | 85 | int rc; |
| 86 | 86 | ||
| 87 | if (sessionkey->crc32 != | 87 | if (sessionkey->crc32 != |
| 88 | htonl (GNUNET_CRYPTO_crc32_n | 88 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
| 89 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 89 | { |
| 90 | { | 90 | GNUNET_break (0); |
| 91 | GNUNET_break (0); | 91 | return -1; |
| 92 | return -1; | 92 | } |
| 93 | } | ||
| 94 | GNUNET_assert (0 == | 93 | GNUNET_assert (0 == |
| 95 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, | 94 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, |
| 96 | GCRY_CIPHER_MODE_CFB, 0)); | 95 | GCRY_CIPHER_MODE_CFB, 0)); |
| 97 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 96 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
| 98 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 97 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 99 | rc = gcry_cipher_setiv (handle, iv, | 98 | rc = gcry_cipher_setiv (handle, iv, |
| 100 | sizeof (struct | 99 | sizeof (struct |
| 101 | GNUNET_CRYPTO_AesInitializationVector)); | 100 | GNUNET_CRYPTO_AesInitializationVector)); |
| 102 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 101 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 103 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); | 102 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); |
| 104 | gcry_cipher_close (handle); | 103 | gcry_cipher_close (handle); |
| @@ -118,32 +117,30 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | |||
| 118 | */ | 117 | */ |
| 119 | ssize_t | 118 | ssize_t |
| 120 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | 119 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, |
| 121 | const struct GNUNET_CRYPTO_AesSessionKey * | 120 | const struct GNUNET_CRYPTO_AesSessionKey * |
| 122 | sessionkey, | 121 | sessionkey, |
| 123 | const struct GNUNET_CRYPTO_AesInitializationVector | 122 | const struct GNUNET_CRYPTO_AesInitializationVector * |
| 124 | * iv, void *result) | 123 | iv, void *result) |
| 125 | { | 124 | { |
| 126 | gcry_cipher_hd_t handle; | 125 | gcry_cipher_hd_t handle; |
| 127 | int rc; | 126 | int rc; |
| 128 | 127 | ||
| 129 | if (sessionkey->crc32 != | 128 | if (sessionkey->crc32 != |
| 130 | htonl (GNUNET_CRYPTO_crc32_n | 129 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
| 131 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 130 | { |
| 132 | { | 131 | GNUNET_break (0); |
| 133 | GNUNET_break (0); | 132 | return -1; |
| 134 | return -1; | 133 | } |
| 135 | } | ||
| 136 | GNUNET_assert (0 == | 134 | GNUNET_assert (0 == |
| 137 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, | 135 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, |
| 138 | GCRY_CIPHER_MODE_CFB, 0)); | 136 | GCRY_CIPHER_MODE_CFB, 0)); |
| 139 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 137 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
| 140 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 138 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 141 | rc = gcry_cipher_setiv (handle, iv, | 139 | rc = gcry_cipher_setiv (handle, iv, |
| 142 | sizeof (struct | 140 | sizeof (struct |
| 143 | GNUNET_CRYPTO_AesInitializationVector)); | 141 | GNUNET_CRYPTO_AesInitializationVector)); |
| 144 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 142 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
| 145 | GNUNET_assert (0 == | 143 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); |
| 146 | gcry_cipher_decrypt (handle, result, size, block, size)); | ||
| 147 | gcry_cipher_close (handle); | 144 | gcry_cipher_close (handle); |
| 148 | return size; | 145 | return size; |
| 149 | } | 146 | } |
| @@ -158,8 +155,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | |||
| 158 | */ | 155 | */ |
| 159 | void | 156 | void |
| 160 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 157 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
| 161 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 158 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
| 162 | const void *salt, size_t salt_len, ...) | 159 | const void *salt, size_t salt_len, ...) |
| 163 | { | 160 | { |
| 164 | va_list argp; | 161 | va_list argp; |
| 165 | 162 | ||
| @@ -177,14 +174,12 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
| 177 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL | 174 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL |
| 178 | */ | 175 | */ |
| 179 | void | 176 | void |
| 180 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector | 177 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
| 181 | *iv, | 178 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
| 182 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 179 | const void *salt, size_t salt_len, va_list argp) |
| 183 | const void *salt, size_t salt_len, | ||
| 184 | va_list argp) | ||
| 185 | { | 180 | { |
| 186 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, | 181 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, |
| 187 | sizeof (skey->key), argp); | 182 | sizeof (skey->key), argp); |
| 188 | } | 183 | } |
| 189 | 184 | ||
| 190 | /* end of crypto_aes.c */ | 185 | /* end of crypto_aes.c */ |