diff options
Diffstat (limited to 'src/util/crypto_symmetric.c')
-rw-r--r-- | src/util/crypto_symmetric.c | 186 |
1 files changed, 93 insertions, 93 deletions
diff --git a/src/util/crypto_symmetric.c b/src/util/crypto_symmetric.c index 18784d127..7fad2a884 100644 --- a/src/util/crypto_symmetric.c +++ b/src/util/crypto_symmetric.c | |||
@@ -11,12 +11,12 @@ | |||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | 11 | WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
13 | Affero General Public License for more details. | 13 | Affero General Public License for more details. |
14 | 14 | ||
15 | You should have received a copy of the GNU Affero General Public License | 15 | You should have received a copy of the GNU Affero General Public License |
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | 17 | ||
18 | SPDX-License-Identifier: AGPL3.0-or-later | 18 | SPDX-License-Identifier: AGPL3.0-or-later |
19 | */ | 19 | */ |
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @file util/crypto_symmetric.c | 22 | * @file util/crypto_symmetric.c |
@@ -29,7 +29,7 @@ | |||
29 | #include "gnunet_crypto_lib.h" | 29 | #include "gnunet_crypto_lib.h" |
30 | #include <gcrypt.h> | 30 | #include <gcrypt.h> |
31 | 31 | ||
32 | #define LOG(kind,...) GNUNET_log_from (kind, "util-crypto-symmetric", __VA_ARGS__) | 32 | #define LOG(kind, ...) GNUNET_log_from(kind, "util-crypto-symmetric", __VA_ARGS__) |
33 | 33 | ||
34 | /** | 34 | /** |
35 | * Create a new SessionKey (for symmetric encryption). | 35 | * Create a new SessionKey (for symmetric encryption). |
@@ -37,14 +37,14 @@ | |||
37 | * @param key session key to initialize | 37 | * @param key session key to initialize |
38 | */ | 38 | */ |
39 | void | 39 | void |
40 | GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key) | 40 | GNUNET_CRYPTO_symmetric_create_session_key(struct GNUNET_CRYPTO_SymmetricSessionKey *key) |
41 | { | 41 | { |
42 | gcry_randomize (key->aes_key, | 42 | gcry_randomize(key->aes_key, |
43 | GNUNET_CRYPTO_AES_KEY_LENGTH, | 43 | GNUNET_CRYPTO_AES_KEY_LENGTH, |
44 | GCRY_STRONG_RANDOM); | 44 | GCRY_STRONG_RANDOM); |
45 | gcry_randomize (key->twofish_key, | 45 | gcry_randomize(key->twofish_key, |
46 | GNUNET_CRYPTO_AES_KEY_LENGTH, | 46 | GNUNET_CRYPTO_AES_KEY_LENGTH, |
47 | GCRY_STRONG_RANDOM); | 47 | GCRY_STRONG_RANDOM); |
48 | } | 48 | } |
49 | 49 | ||
50 | 50 | ||
@@ -57,23 +57,23 @@ GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessio | |||
57 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | 57 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error |
58 | */ | 58 | */ |
59 | static int | 59 | static int |
60 | setup_cipher_aes (gcry_cipher_hd_t *handle, | 60 | setup_cipher_aes(gcry_cipher_hd_t *handle, |
61 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, | 61 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, |
62 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) | 62 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) |
63 | { | 63 | { |
64 | int rc; | 64 | int rc; |
65 | 65 | ||
66 | GNUNET_assert (0 == | 66 | GNUNET_assert(0 == |
67 | gcry_cipher_open (handle, GCRY_CIPHER_AES256, | 67 | gcry_cipher_open(handle, GCRY_CIPHER_AES256, |
68 | GCRY_CIPHER_MODE_CFB, 0)); | 68 | GCRY_CIPHER_MODE_CFB, 0)); |
69 | rc = gcry_cipher_setkey (*handle, | 69 | rc = gcry_cipher_setkey(*handle, |
70 | sessionkey->aes_key, | 70 | sessionkey->aes_key, |
71 | sizeof (sessionkey->aes_key)); | 71 | sizeof(sessionkey->aes_key)); |
72 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 72 | GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY)); |
73 | rc = gcry_cipher_setiv (*handle, | 73 | rc = gcry_cipher_setiv(*handle, |
74 | iv->aes_iv, | 74 | iv->aes_iv, |
75 | sizeof (iv->aes_iv)); | 75 | sizeof(iv->aes_iv)); |
76 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 76 | GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY)); |
77 | return GNUNET_OK; | 77 | return GNUNET_OK; |
78 | } | 78 | } |
79 | 79 | ||
@@ -87,23 +87,23 @@ setup_cipher_aes (gcry_cipher_hd_t *handle, | |||
87 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error | 87 | * @return #GNUNET_OK on success, #GNUNET_SYSERR on error |
88 | */ | 88 | */ |
89 | static int | 89 | static int |
90 | setup_cipher_twofish (gcry_cipher_hd_t *handle, | 90 | setup_cipher_twofish(gcry_cipher_hd_t *handle, |
91 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, | 91 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, |
92 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) | 92 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) |
93 | { | 93 | { |
94 | int rc; | 94 | int rc; |
95 | 95 | ||
96 | GNUNET_assert (0 == | 96 | GNUNET_assert(0 == |
97 | gcry_cipher_open (handle, GCRY_CIPHER_TWOFISH, | 97 | gcry_cipher_open(handle, GCRY_CIPHER_TWOFISH, |
98 | GCRY_CIPHER_MODE_CFB, 0)); | 98 | GCRY_CIPHER_MODE_CFB, 0)); |
99 | rc = gcry_cipher_setkey (*handle, | 99 | rc = gcry_cipher_setkey(*handle, |
100 | sessionkey->twofish_key, | 100 | sessionkey->twofish_key, |
101 | sizeof (sessionkey->twofish_key)); | 101 | sizeof(sessionkey->twofish_key)); |
102 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 102 | GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY)); |
103 | rc = gcry_cipher_setiv (*handle, | 103 | rc = gcry_cipher_setiv(*handle, |
104 | iv->twofish_iv, | 104 | iv->twofish_iv, |
105 | sizeof (iv->twofish_iv)); | 105 | sizeof(iv->twofish_iv)); |
106 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | 106 | GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY)); |
107 | return GNUNET_OK; | 107 | return GNUNET_OK; |
108 | } | 108 | } |
109 | 109 | ||
@@ -122,24 +122,24 @@ setup_cipher_twofish (gcry_cipher_hd_t *handle, | |||
122 | * this size should be the same as @c len. | 122 | * this size should be the same as @c len. |
123 | */ | 123 | */ |
124 | ssize_t | 124 | ssize_t |
125 | GNUNET_CRYPTO_symmetric_encrypt (const void *block, | 125 | GNUNET_CRYPTO_symmetric_encrypt(const void *block, |
126 | size_t size, | 126 | size_t size, |
127 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, | 127 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, |
128 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | 128 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, |
129 | void *result) | 129 | void *result) |
130 | { | 130 | { |
131 | gcry_cipher_hd_t handle; | 131 | gcry_cipher_hd_t handle; |
132 | char tmp[size]; | 132 | char tmp[size]; |
133 | 133 | ||
134 | if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) | 134 | if (GNUNET_OK != setup_cipher_aes(&handle, sessionkey, iv)) |
135 | return -1; | 135 | return -1; |
136 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, size, block, size)); | 136 | GNUNET_assert(0 == gcry_cipher_encrypt(handle, tmp, size, block, size)); |
137 | gcry_cipher_close (handle); | 137 | gcry_cipher_close(handle); |
138 | if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) | 138 | if (GNUNET_OK != setup_cipher_twofish(&handle, sessionkey, iv)) |
139 | return -1; | 139 | return -1; |
140 | GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, size, tmp, size)); | 140 | GNUNET_assert(0 == gcry_cipher_encrypt(handle, result, size, tmp, size)); |
141 | gcry_cipher_close (handle); | 141 | gcry_cipher_close(handle); |
142 | memset (tmp, 0, sizeof (tmp)); | 142 | memset(tmp, 0, sizeof(tmp)); |
143 | return size; | 143 | return size; |
144 | } | 144 | } |
145 | 145 | ||
@@ -158,24 +158,24 @@ GNUNET_CRYPTO_symmetric_encrypt (const void *block, | |||
158 | * this size should be the same as @c size. | 158 | * this size should be the same as @c size. |
159 | */ | 159 | */ |
160 | ssize_t | 160 | ssize_t |
161 | GNUNET_CRYPTO_symmetric_decrypt (const void *block, | 161 | GNUNET_CRYPTO_symmetric_decrypt(const void *block, |
162 | size_t size, | 162 | size_t size, |
163 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, | 163 | const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, |
164 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | 164 | const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, |
165 | void *result) | 165 | void *result) |
166 | { | 166 | { |
167 | gcry_cipher_hd_t handle; | 167 | gcry_cipher_hd_t handle; |
168 | char tmp[size]; | 168 | char tmp[size]; |
169 | 169 | ||
170 | if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) | 170 | if (GNUNET_OK != setup_cipher_twofish(&handle, sessionkey, iv)) |
171 | return -1; | 171 | return -1; |
172 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, block, size)); | 172 | GNUNET_assert(0 == gcry_cipher_decrypt(handle, tmp, size, block, size)); |
173 | gcry_cipher_close (handle); | 173 | gcry_cipher_close(handle); |
174 | if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) | 174 | if (GNUNET_OK != setup_cipher_aes(&handle, sessionkey, iv)) |
175 | return -1; | 175 | return -1; |
176 | GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, tmp, size)); | 176 | GNUNET_assert(0 == gcry_cipher_decrypt(handle, result, size, tmp, size)); |
177 | gcry_cipher_close (handle); | 177 | gcry_cipher_close(handle); |
178 | memset (tmp, 0, sizeof (tmp)); | 178 | memset(tmp, 0, sizeof(tmp)); |
179 | return size; | 179 | return size; |
180 | } | 180 | } |
181 | 181 | ||
@@ -190,17 +190,17 @@ GNUNET_CRYPTO_symmetric_decrypt (const void *block, | |||
190 | * @param ... pairs of void * & size_t for context chunks, terminated by NULL | 190 | * @param ... pairs of void * & size_t for context chunks, terminated by NULL |
191 | */ | 191 | */ |
192 | void | 192 | void |
193 | GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | 193 | GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, |
194 | const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, | 194 | const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, |
195 | const void *salt, | 195 | const void *salt, |
196 | size_t salt_len, | 196 | size_t salt_len, |
197 | ...) | 197 | ...) |
198 | { | 198 | { |
199 | va_list argp; | 199 | va_list argp; |
200 | 200 | ||
201 | va_start (argp, salt_len); | 201 | va_start(argp, salt_len); |
202 | GNUNET_CRYPTO_symmetric_derive_iv_v (iv, skey, salt, salt_len, argp); | 202 | GNUNET_CRYPTO_symmetric_derive_iv_v(iv, skey, salt, salt_len, argp); |
203 | va_end (argp); | 203 | va_end(argp); |
204 | } | 204 | } |
205 | 205 | ||
206 | 206 | ||
@@ -214,33 +214,33 @@ GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationV | |||
214 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL | 214 | * @param argp pairs of void * & size_t for context chunks, terminated by NULL |
215 | */ | 215 | */ |
216 | void | 216 | void |
217 | GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, | 217 | GNUNET_CRYPTO_symmetric_derive_iv_v(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, |
218 | const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, | 218 | const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, |
219 | const void *salt, | 219 | const void *salt, |
220 | size_t salt_len, | 220 | size_t salt_len, |
221 | va_list argp) | 221 | va_list argp) |
222 | { | 222 | { |
223 | char aes_salt[salt_len + 4]; | 223 | char aes_salt[salt_len + 4]; |
224 | char twofish_salt[salt_len + 4]; | 224 | char twofish_salt[salt_len + 4]; |
225 | 225 | ||
226 | GNUNET_memcpy (aes_salt, salt, salt_len); | 226 | GNUNET_memcpy(aes_salt, salt, salt_len); |
227 | GNUNET_memcpy (&aes_salt[salt_len], "AES!", 4); | 227 | GNUNET_memcpy(&aes_salt[salt_len], "AES!", 4); |
228 | GNUNET_memcpy (twofish_salt, salt, salt_len); | 228 | GNUNET_memcpy(twofish_salt, salt, salt_len); |
229 | GNUNET_memcpy (&twofish_salt[salt_len], "FISH", 4); | 229 | GNUNET_memcpy(&twofish_salt[salt_len], "FISH", 4); |
230 | GNUNET_CRYPTO_kdf_v (iv->aes_iv, | 230 | GNUNET_CRYPTO_kdf_v(iv->aes_iv, |
231 | sizeof (iv->aes_iv), | 231 | sizeof(iv->aes_iv), |
232 | aes_salt, | 232 | aes_salt, |
233 | salt_len + 4, | 233 | salt_len + 4, |
234 | skey->aes_key, | 234 | skey->aes_key, |
235 | sizeof (skey->aes_key), | 235 | sizeof(skey->aes_key), |
236 | argp); | 236 | argp); |
237 | GNUNET_CRYPTO_kdf_v (iv->twofish_iv, | 237 | GNUNET_CRYPTO_kdf_v(iv->twofish_iv, |
238 | sizeof (iv->twofish_iv), | 238 | sizeof(iv->twofish_iv), |
239 | twofish_salt, | 239 | twofish_salt, |
240 | salt_len + 4, | 240 | salt_len + 4, |
241 | skey->twofish_key, | 241 | skey->twofish_key, |
242 | sizeof (skey->twofish_key), | 242 | sizeof(skey->twofish_key), |
243 | argp); | 243 | argp); |
244 | } | 244 | } |
245 | 245 | ||
246 | /* end of crypto_symmetric.c */ | 246 | /* end of crypto_symmetric.c */ |