aboutsummaryrefslogtreecommitdiff
path: root/src/util/crypto_symmetric.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/crypto_symmetric.c')
-rw-r--r--src/util/crypto_symmetric.c262
1 files changed, 0 insertions, 262 deletions
diff --git a/src/util/crypto_symmetric.c b/src/util/crypto_symmetric.c
deleted file mode 100644
index 51414b00e..000000000
--- a/src/util/crypto_symmetric.c
+++ /dev/null
@@ -1,262 +0,0 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2013 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
21/**
22 * @file util/crypto_symmetric.c
23 * @brief Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each)
24 * @author Christian Grothoff
25 * @author Ioana Patrascu
26 */
27
28#include "platform.h"
29#include "gnunet_crypto_lib.h"
30#include <gcrypt.h>
31
32#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-symmetric", \
33 __VA_ARGS__)
34
35/**
36 * Create a new SessionKey (for symmetric encryption).
37 *
38 * @param key session key to initialize
39 */
40void
41GNUNET_CRYPTO_symmetric_create_session_key (struct
42 GNUNET_CRYPTO_SymmetricSessionKey *
43 key)
44{
45 gcry_randomize (key->aes_key,
46 GNUNET_CRYPTO_AES_KEY_LENGTH,
47 GCRY_STRONG_RANDOM);
48 gcry_randomize (key->twofish_key,
49 GNUNET_CRYPTO_AES_KEY_LENGTH,
50 GCRY_STRONG_RANDOM);
51}
52
53
54/**
55 * Initialize AES cipher.
56 *
57 * @param handle handle to initialize
58 * @param sessionkey session key to use
59 * @param iv initialization vector to use
60 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
61 */
62static int
63setup_cipher_aes (gcry_cipher_hd_t *handle,
64 const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
65 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv)
66{
67 int rc;
68
69 GNUNET_assert (0 ==
70 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
71 GCRY_CIPHER_MODE_CFB, 0));
72 rc = gcry_cipher_setkey (*handle,
73 sessionkey->aes_key,
74 sizeof(sessionkey->aes_key));
75 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
76 rc = gcry_cipher_setiv (*handle,
77 iv->aes_iv,
78 sizeof(iv->aes_iv));
79 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
80 return GNUNET_OK;
81}
82
83
84/**
85 * Initialize TWOFISH cipher.
86 *
87 * @param handle handle to initialize
88 * @param sessionkey session key to use
89 * @param iv initialization vector to use
90 * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
91 */
92static int
93setup_cipher_twofish (gcry_cipher_hd_t *handle,
94 const struct
95 GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
96 const struct
97 GNUNET_CRYPTO_SymmetricInitializationVector *iv)
98{
99 int rc;
100
101 GNUNET_assert (0 ==
102 gcry_cipher_open (handle, GCRY_CIPHER_TWOFISH,
103 GCRY_CIPHER_MODE_CFB, 0));
104 rc = gcry_cipher_setkey (*handle,
105 sessionkey->twofish_key,
106 sizeof(sessionkey->twofish_key));
107 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
108 rc = gcry_cipher_setiv (*handle,
109 iv->twofish_iv,
110 sizeof(iv->twofish_iv));
111 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
112 return GNUNET_OK;
113}
114
115
116/**
117 * Encrypt a block with a symmetric session key.
118 *
119 * @param block the block to encrypt
120 * @param size the size of the @a block
121 * @param sessionkey the key used to encrypt
122 * @param iv the initialization vector to use, use INITVALUE for streams
123 * @param result the output parameter in which to store the encrypted result
124 * can be the same or overlap with @c block
125 * @returns the size of the encrypted block, -1 for errors.
126 * Due to the use of CFB and therefore an effective stream cipher,
127 * this size should be the same as @c len.
128 */
129ssize_t
130GNUNET_CRYPTO_symmetric_encrypt (const void *block,
131 size_t size,
132 const struct
133 GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
134 const struct
135 GNUNET_CRYPTO_SymmetricInitializationVector *iv,
136 void *result)
137{
138 gcry_cipher_hd_t handle;
139 char tmp[size];
140
141 if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv))
142 return -1;
143 GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, size, block, size));
144 gcry_cipher_close (handle);
145 if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv))
146 return -1;
147 GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, size, tmp, size));
148 gcry_cipher_close (handle);
149 memset (tmp, 0, sizeof(tmp));
150 return size;
151}
152
153
154/**
155 * Decrypt a given block with the session key.
156 *
157 * @param block the data to decrypt, encoded as returned by encrypt
158 * @param size the size of the @a block to decrypt
159 * @param sessionkey the key used to decrypt
160 * @param iv the initialization vector to use, use INITVALUE for streams
161 * @param result address to store the result at
162 * can be the same or overlap with @c block
163 * @return -1 on failure, size of decrypted block on success.
164 * Due to the use of CFB and therefore an effective stream cipher,
165 * this size should be the same as @c size.
166 */
167ssize_t
168GNUNET_CRYPTO_symmetric_decrypt (const void *block,
169 size_t size,
170 const struct
171 GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
172 const struct
173 GNUNET_CRYPTO_SymmetricInitializationVector *iv,
174 void *result)
175{
176 gcry_cipher_hd_t handle;
177 char tmp[size];
178
179 if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv))
180 return -1;
181 GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, block, size));
182 gcry_cipher_close (handle);
183 if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv))
184 return -1;
185 GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, tmp, size));
186 gcry_cipher_close (handle);
187 memset (tmp, 0, sizeof(tmp));
188 return size;
189}
190
191
192/**
193 * @brief Derive an IV
194 *
195 * @param iv initialization vector
196 * @param skey session key
197 * @param salt salt for the derivation
198 * @param salt_len size of the @a salt
199 * @param ... pairs of void * & size_t for context chunks, terminated by NULL
200 */
201void
202GNUNET_CRYPTO_symmetric_derive_iv (struct
203 GNUNET_CRYPTO_SymmetricInitializationVector *
204 iv,
205 const struct
206 GNUNET_CRYPTO_SymmetricSessionKey *skey,
207 const void *salt,
208 size_t salt_len,
209 ...)
210{
211 va_list argp;
212
213 va_start (argp, salt_len);
214 GNUNET_CRYPTO_symmetric_derive_iv_v (iv, skey, salt, salt_len, argp);
215 va_end (argp);
216}
217
218
219/**
220 * @brief Derive an IV
221 *
222 * @param iv initialization vector
223 * @param skey session key
224 * @param salt salt for the derivation
225 * @param salt_len size of the salt
226 * @param argp pairs of void * & size_t for context chunks, terminated by NULL
227 */
228void
229GNUNET_CRYPTO_symmetric_derive_iv_v (struct
230 GNUNET_CRYPTO_SymmetricInitializationVector
231 *iv,
232 const struct
233 GNUNET_CRYPTO_SymmetricSessionKey *skey,
234 const void *salt,
235 size_t salt_len,
236 va_list argp)
237{
238 char aes_salt[salt_len + 4];
239 char twofish_salt[salt_len + 4];
240
241 GNUNET_memcpy (aes_salt, salt, salt_len);
242 GNUNET_memcpy (&aes_salt[salt_len], "AES!", 4);
243 GNUNET_memcpy (twofish_salt, salt, salt_len);
244 GNUNET_memcpy (&twofish_salt[salt_len], "FISH", 4);
245 GNUNET_CRYPTO_kdf_v (iv->aes_iv,
246 sizeof(iv->aes_iv),
247 aes_salt,
248 salt_len + 4,
249 skey->aes_key,
250 sizeof(skey->aes_key),
251 argp);
252 GNUNET_CRYPTO_kdf_v (iv->twofish_iv,
253 sizeof(iv->twofish_iv),
254 twofish_salt,
255 salt_len + 4,
256 skey->twofish_key,
257 sizeof(skey->twofish_key),
258 argp);
259}
260
261
262/* end of crypto_symmetric.c */