aboutsummaryrefslogtreecommitdiff
path: root/src/util/crypto_aes.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/crypto_aes.c')
-rw-r--r--src/util/crypto_aes.c79
1 files changed, 43 insertions, 36 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c
index a984e17fc..9e194094c 100644
--- a/src/util/crypto_aes.c
+++ b/src/util/crypto_aes.c
@@ -30,6 +30,8 @@
30#include "gnunet_crypto_lib.h" 30#include "gnunet_crypto_lib.h"
31#include <gcrypt.h> 31#include <gcrypt.h>
32 32
33#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
34
33/** 35/**
34 * Create a new SessionKey (for AES-256). 36 * Create a new SessionKey (for AES-256).
35 */ 37 */
@@ -37,9 +39,9 @@ void
37GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) 39GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key)
38{ 40{
39 gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, 41 gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH,
40 GCRY_STRONG_RANDOM); 42 GCRY_STRONG_RANDOM);
41 key->crc32 = 43 key->crc32 =
42 htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); 44 htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH));
43} 45}
44 46
45/** 47/**
@@ -49,7 +51,7 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key)
49 */ 51 */
50int 52int
51GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey 53GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
52 *key) 54 *key)
53{ 55{
54 uint32_t crc; 56 uint32_t crc;
55 57
@@ -74,28 +76,29 @@ GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
74 */ 76 */
75ssize_t 77ssize_t
76GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, 78GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len,
77 const struct GNUNET_CRYPTO_AesSessionKey * 79 const struct GNUNET_CRYPTO_AesSessionKey *
78 sessionkey, 80 sessionkey,
79 const struct GNUNET_CRYPTO_AesInitializationVector * 81 const struct GNUNET_CRYPTO_AesInitializationVector
80 iv, void *result) 82 * iv, void *result)
81{ 83{
82 gcry_cipher_hd_t handle; 84 gcry_cipher_hd_t handle;
83 int rc; 85 int rc;
84 86
85 if (sessionkey->crc32 != 87 if (sessionkey->crc32 !=
86 htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) 88 htonl (GNUNET_CRYPTO_crc32_n
87 { 89 (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH)))
88 GNUNET_break (0); 90 {
89 return -1; 91 GNUNET_break (0);
90 } 92 return -1;
93 }
91 GNUNET_assert (0 == 94 GNUNET_assert (0 ==
92 gcry_cipher_open (&handle, GCRY_CIPHER_AES256, 95 gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
93 GCRY_CIPHER_MODE_CFB, 0)); 96 GCRY_CIPHER_MODE_CFB, 0));
94 rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); 97 rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);
95 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); 98 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
96 rc = gcry_cipher_setiv (handle, iv, 99 rc = gcry_cipher_setiv (handle, iv,
97 sizeof (struct 100 sizeof (struct
98 GNUNET_CRYPTO_AesInitializationVector)); 101 GNUNET_CRYPTO_AesInitializationVector));
99 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); 102 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
100 GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); 103 GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len));
101 gcry_cipher_close (handle); 104 gcry_cipher_close (handle);
@@ -115,30 +118,32 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len,
115 */ 118 */
116ssize_t 119ssize_t
117GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, 120GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size,
118 const struct GNUNET_CRYPTO_AesSessionKey * 121 const struct GNUNET_CRYPTO_AesSessionKey *
119 sessionkey, 122 sessionkey,
120 const struct GNUNET_CRYPTO_AesInitializationVector * 123 const struct GNUNET_CRYPTO_AesInitializationVector
121 iv, void *result) 124 * iv, void *result)
122{ 125{
123 gcry_cipher_hd_t handle; 126 gcry_cipher_hd_t handle;
124 int rc; 127 int rc;
125 128
126 if (sessionkey->crc32 != 129 if (sessionkey->crc32 !=
127 htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) 130 htonl (GNUNET_CRYPTO_crc32_n
128 { 131 (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH)))
129 GNUNET_break (0); 132 {
130 return -1; 133 GNUNET_break (0);
131 } 134 return -1;
135 }
132 GNUNET_assert (0 == 136 GNUNET_assert (0 ==
133 gcry_cipher_open (&handle, GCRY_CIPHER_AES256, 137 gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
134 GCRY_CIPHER_MODE_CFB, 0)); 138 GCRY_CIPHER_MODE_CFB, 0));
135 rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); 139 rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);
136 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); 140 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
137 rc = gcry_cipher_setiv (handle, iv, 141 rc = gcry_cipher_setiv (handle, iv,
138 sizeof (struct 142 sizeof (struct
139 GNUNET_CRYPTO_AesInitializationVector)); 143 GNUNET_CRYPTO_AesInitializationVector));
140 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); 144 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
141 GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); 145 GNUNET_assert (0 ==
146 gcry_cipher_decrypt (handle, result, size, block, size));
142 gcry_cipher_close (handle); 147 gcry_cipher_close (handle);
143 return size; 148 return size;
144} 149}
@@ -153,8 +158,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size,
153 */ 158 */
154void 159void
155GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, 160GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
156 const struct GNUNET_CRYPTO_AesSessionKey *skey, 161 const struct GNUNET_CRYPTO_AesSessionKey *skey,
157 const void *salt, size_t salt_len, ...) 162 const void *salt, size_t salt_len, ...)
158{ 163{
159 va_list argp; 164 va_list argp;
160 165
@@ -172,12 +177,14 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
172 * @param argp pairs of void * & size_t for context chunks, terminated by NULL 177 * @param argp pairs of void * & size_t for context chunks, terminated by NULL
173 */ 178 */
174void 179void
175GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, 180GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector
176 const struct GNUNET_CRYPTO_AesSessionKey *skey, 181 *iv,
177 const void *salt, size_t salt_len, va_list argp) 182 const struct GNUNET_CRYPTO_AesSessionKey *skey,
183 const void *salt, size_t salt_len,
184 va_list argp)
178{ 185{
179 GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, 186 GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key,
180 sizeof (skey->key), argp); 187 sizeof (skey->key), argp);
181} 188}
182 189
183/* end of crypto_aes.c */ 190/* end of crypto_aes.c */
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-30 21:29:41 +0000