diff options
Diffstat (limited to 'src/util/crypto_aes.c')
-rw-r--r-- | src/util/crypto_aes.c | 79 |
1 files changed, 43 insertions, 36 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index a984e17fc..9e194094c 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c | |||
@@ -30,6 +30,8 @@ | |||
30 | #include "gnunet_crypto_lib.h" | 30 | #include "gnunet_crypto_lib.h" |
31 | #include <gcrypt.h> | 31 | #include <gcrypt.h> |
32 | 32 | ||
33 | #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) | ||
34 | |||
33 | /** | 35 | /** |
34 | * Create a new SessionKey (for AES-256). | 36 | * Create a new SessionKey (for AES-256). |
35 | */ | 37 | */ |
@@ -37,9 +39,9 @@ void | |||
37 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | 39 | GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) |
38 | { | 40 | { |
39 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, | 41 | gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH, |
40 | GCRY_STRONG_RANDOM); | 42 | GCRY_STRONG_RANDOM); |
41 | key->crc32 = | 43 | key->crc32 = |
42 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); | 44 | htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); |
43 | } | 45 | } |
44 | 46 | ||
45 | /** | 47 | /** |
@@ -49,7 +51,7 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) | |||
49 | */ | 51 | */ |
50 | int | 52 | int |
51 | GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey | 53 | GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey |
52 | *key) | 54 | *key) |
53 | { | 55 | { |
54 | uint32_t crc; | 56 | uint32_t crc; |
55 | 57 | ||
@@ -74,28 +76,29 @@ GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey | |||
74 | */ | 76 | */ |
75 | ssize_t | 77 | ssize_t |
76 | GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | 78 | GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, |
77 | const struct GNUNET_CRYPTO_AesSessionKey * | 79 | const struct GNUNET_CRYPTO_AesSessionKey * |
78 | sessionkey, | 80 | sessionkey, |
79 | const struct GNUNET_CRYPTO_AesInitializationVector * | 81 | const struct GNUNET_CRYPTO_AesInitializationVector |
80 | iv, void *result) | 82 | * iv, void *result) |
81 | { | 83 | { |
82 | gcry_cipher_hd_t handle; | 84 | gcry_cipher_hd_t handle; |
83 | int rc; | 85 | int rc; |
84 | 86 | ||
85 | if (sessionkey->crc32 != | 87 | if (sessionkey->crc32 != |
86 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 88 | htonl (GNUNET_CRYPTO_crc32_n |
87 | { | 89 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
88 | GNUNET_break (0); | 90 | { |
89 | return -1; | 91 | GNUNET_break (0); |
90 | } | 92 | return -1; |
93 | } | ||
91 | GNUNET_assert (0 == | 94 | GNUNET_assert (0 == |
92 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, | 95 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, |
93 | GCRY_CIPHER_MODE_CFB, 0)); | 96 | GCRY_CIPHER_MODE_CFB, 0)); |
94 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 97 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
95 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 98 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
96 | rc = gcry_cipher_setiv (handle, iv, | 99 | rc = gcry_cipher_setiv (handle, iv, |
97 | sizeof (struct | 100 | sizeof (struct |
98 | GNUNET_CRYPTO_AesInitializationVector)); | 101 | GNUNET_CRYPTO_AesInitializationVector)); |
99 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 102 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
100 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); | 103 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); |
101 | gcry_cipher_close (handle); | 104 | gcry_cipher_close (handle); |
@@ -115,30 +118,32 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, | |||
115 | */ | 118 | */ |
116 | ssize_t | 119 | ssize_t |
117 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | 120 | GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, |
118 | const struct GNUNET_CRYPTO_AesSessionKey * | 121 | const struct GNUNET_CRYPTO_AesSessionKey * |
119 | sessionkey, | 122 | sessionkey, |
120 | const struct GNUNET_CRYPTO_AesInitializationVector * | 123 | const struct GNUNET_CRYPTO_AesInitializationVector |
121 | iv, void *result) | 124 | * iv, void *result) |
122 | { | 125 | { |
123 | gcry_cipher_hd_t handle; | 126 | gcry_cipher_hd_t handle; |
124 | int rc; | 127 | int rc; |
125 | 128 | ||
126 | if (sessionkey->crc32 != | 129 | if (sessionkey->crc32 != |
127 | htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) | 130 | htonl (GNUNET_CRYPTO_crc32_n |
128 | { | 131 | (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) |
129 | GNUNET_break (0); | 132 | { |
130 | return -1; | 133 | GNUNET_break (0); |
131 | } | 134 | return -1; |
135 | } | ||
132 | GNUNET_assert (0 == | 136 | GNUNET_assert (0 == |
133 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, | 137 | gcry_cipher_open (&handle, GCRY_CIPHER_AES256, |
134 | GCRY_CIPHER_MODE_CFB, 0)); | 138 | GCRY_CIPHER_MODE_CFB, 0)); |
135 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); | 139 | rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); |
136 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 140 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
137 | rc = gcry_cipher_setiv (handle, iv, | 141 | rc = gcry_cipher_setiv (handle, iv, |
138 | sizeof (struct | 142 | sizeof (struct |
139 | GNUNET_CRYPTO_AesInitializationVector)); | 143 | GNUNET_CRYPTO_AesInitializationVector)); |
140 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 144 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); |
141 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); | 145 | GNUNET_assert (0 == |
146 | gcry_cipher_decrypt (handle, result, size, block, size)); | ||
142 | gcry_cipher_close (handle); | 147 | gcry_cipher_close (handle); |
143 | return size; | 148 | return size; |
144 | } | 149 | } |
@@ -153,8 +158,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, | |||
153 | */ | 158 | */ |
154 | void | 159 | void |
155 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 160 | GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, |
156 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 161 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
157 | const void *salt, size_t salt_len, ...) | 162 | const void *salt, size_t salt_len, ...) |
158 | { | 163 | { |
159 | va_list argp; | 164 | va_list argp; |
160 | 165 | ||
@@ -172,12 +177,14 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, | |||
172 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL | 177 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL |
173 | */ | 178 | */ |
174 | void | 179 | void |
175 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, | 180 | GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector |
176 | const struct GNUNET_CRYPTO_AesSessionKey *skey, | 181 | *iv, |
177 | const void *salt, size_t salt_len, va_list argp) | 182 | const struct GNUNET_CRYPTO_AesSessionKey *skey, |
183 | const void *salt, size_t salt_len, | ||
184 | va_list argp) | ||
178 | { | 185 | { |
179 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, | 186 | GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key, |
180 | sizeof (skey->key), argp); | 187 | sizeof (skey->key), argp); |
181 | } | 188 | } |
182 | 189 | ||
183 | /* end of crypto_aes.c */ | 190 | /* end of crypto_aes.c */ |