From 45b5c1f11144bc14fae34c991ae9db89d6ba8913 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 30 Sep 2013 11:32:30 +0000 Subject: -rename files/symbols from _aes to _symmetric --- src/core/gnunet-service-core_kx.c | 42 +++---- src/fs/fs_download.c | 18 +-- src/fs/fs_publish_ublock.c | 16 +-- src/fs/fs_tree.c | 6 +- src/fs/gnunet-service-fs_indexing.c | 6 +- src/fs/test_gnunet_fs_idx.py.in | 4 +- src/fs/test_gnunet_fs_psd.py.in | 6 +- src/include/gnunet_crypto_lib.h | 34 ++--- src/mesh/gnunet-service-mesh-enc.c | 12 +- src/namestore/namestore_api_common.c | 20 +-- src/util/Makefile.am | 18 +-- src/util/crypto_aes.c | 233 ----------------------------------- src/util/crypto_hash.c | 14 +-- src/util/crypto_symmetric.c | 233 +++++++++++++++++++++++++++++++++++ src/util/perf_crypto_aes.c | 76 ------------ src/util/perf_crypto_symmetric.c | 76 ++++++++++++ src/util/test_crypto_aes.c | 171 ------------------------- src/util/test_crypto_hash.c | 4 +- src/util/test_crypto_symmetric.c | 171 +++++++++++++++++++++++++ 19 files changed, 580 insertions(+), 580 deletions(-) delete mode 100644 src/util/crypto_aes.c create mode 100644 src/util/crypto_symmetric.c delete mode 100644 src/util/perf_crypto_aes.c create mode 100644 src/util/perf_crypto_symmetric.c delete mode 100644 src/util/test_crypto_aes.c create mode 100644 src/util/test_crypto_symmetric.c diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c index bf5e9a5fa..675ac83a6 100644 --- a/src/core/gnunet-service-core_kx.c +++ b/src/core/gnunet-service-core_kx.c @@ -311,13 +311,13 @@ struct GSC_KeyExchangeInfo * Key we use to encrypt our messages for the other peer * (initialized by us when we do the handshake). */ - struct GNUNET_CRYPTO_AesSessionKey encrypt_key; + struct GNUNET_CRYPTO_SymmetricSessionKey encrypt_key; /** * Key we use to decrypt messages from the other peer * (given to us by the other peer during the handshake). */ - struct GNUNET_CRYPTO_AesSessionKey decrypt_key; + struct GNUNET_CRYPTO_SymmetricSessionKey decrypt_key; /** * At what time did the other peer generate the decryption key? @@ -425,13 +425,13 @@ static GNUNET_SCHEDULER_TaskIdentifier rekey_task; */ static void derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, - const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed) + const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed) { static const char ctx[] = "authentication key"; GNUNET_CRYPTO_hmac_derive_key (akey, skey, &seed, sizeof (seed), - skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), + skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), ctx, sizeof (ctx), NULL); } @@ -446,13 +446,13 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, * @param identity identity of the other peer to use */ static void -derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, - const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, +derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, const struct GNUNET_PeerIdentity *identity) { static const char ctx[] = "initialization vector"; - GNUNET_CRYPTO_aes_derive_iv (iv, skey, &seed, sizeof (seed), + GNUNET_CRYPTO_symmetric_derive_iv (iv, skey, &seed, sizeof (seed), &identity->hashPubKey.bits, sizeof (identity->hashPubKey.bits), ctx, sizeof (ctx), NULL); @@ -469,13 +469,13 @@ derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, * @param identity identity of the other peer to use */ static void -derive_pong_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, - const struct GNUNET_CRYPTO_AesSessionKey *skey, uint32_t seed, +derive_pong_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, uint32_t seed, uint32_t challenge, const struct GNUNET_PeerIdentity *identity) { static const char ctx[] = "pong initialization vector"; - GNUNET_CRYPTO_aes_derive_iv (iv, skey, &seed, sizeof (seed), + GNUNET_CRYPTO_symmetric_derive_iv (iv, skey, &seed, sizeof (seed), &identity->hashPubKey.bits, sizeof (identity->hashPubKey.bits), &challenge, sizeof (challenge), ctx, sizeof (ctx), NULL); @@ -494,11 +494,11 @@ static void derive_aes_key (const struct GNUNET_PeerIdentity *sender, const struct GNUNET_PeerIdentity *receiver, const struct GNUNET_HashCode *key_material, - struct GNUNET_CRYPTO_AesSessionKey *skey) + struct GNUNET_CRYPTO_SymmetricSessionKey *skey) { static const char ctx[] = "aes key generation vector"; - GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), + GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), ctx, sizeof (ctx), key_material, sizeof (struct GNUNET_HashCode), sender, sizeof (struct GNUNET_PeerIdentity), @@ -520,7 +520,7 @@ derive_aes_key (const struct GNUNET_PeerIdentity *sender, */ static int do_encrypt (struct GSC_KeyExchangeInfo *kx, - const struct GNUNET_CRYPTO_AesInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size) { if (size != (uint16_t) size) @@ -529,7 +529,7 @@ do_encrypt (struct GSC_KeyExchangeInfo *kx, return GNUNET_NO; } GNUNET_assert (size == - GNUNET_CRYPTO_aes_encrypt (in, (uint16_t) size, + GNUNET_CRYPTO_symmetric_encrypt (in, (uint16_t) size, &kx->encrypt_key, iv, out)); GNUNET_STATISTICS_update (GSC_stats, gettext_noop ("# bytes encrypted"), size, GNUNET_NO); @@ -561,7 +561,7 @@ do_encrypt (struct GSC_KeyExchangeInfo *kx, */ static int do_decrypt (struct GSC_KeyExchangeInfo *kx, - const struct GNUNET_CRYPTO_AesInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size) { if (size != (uint16_t) size) @@ -576,7 +576,7 @@ do_decrypt (struct GSC_KeyExchangeInfo *kx, return GNUNET_SYSERR; } if (size != - GNUNET_CRYPTO_aes_decrypt (in, (uint16_t) size, &kx->decrypt_key, iv, + GNUNET_CRYPTO_symmetric_decrypt (in, (uint16_t) size, &kx->decrypt_key, iv, out)) { GNUNET_break (0); @@ -635,7 +635,7 @@ setup_fresh_ping (struct GSC_KeyExchangeInfo *kx) { struct PingMessage pp; struct PingMessage *pm; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; pm = &kx->ping; pm->header.size = htons (sizeof (struct PingMessage)); @@ -911,7 +911,7 @@ GSC_KX_handle_ping (struct GSC_KeyExchangeInfo *kx, struct PingMessage t; struct PongMessage tx; struct PongMessage tp; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; uint16_t msize; msize = ntohs (msg->size); @@ -1056,7 +1056,7 @@ GSC_KX_handle_pong (struct GSC_KeyExchangeInfo *kx, { const struct PongMessage *m; struct PongMessage t; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; uint16_t msize; msize = ntohs (msg->size); @@ -1214,7 +1214,7 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, char cbuf[used]; /* ciphertext */ struct EncryptedMessage *em; /* encrypted message */ struct EncryptedMessage *ph; /* plaintext header */ - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_CRYPTO_AuthKey auth_key; ph = (struct EncryptedMessage *) pbuf; @@ -1281,7 +1281,7 @@ GSC_KX_handle_encrypted_message (struct GSC_KeyExchangeInfo *kx, struct GNUNET_HashCode ph; uint32_t snum; struct GNUNET_TIME_Absolute t; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_CRYPTO_AuthKey auth_key; struct DeliverMessageContext dmc; uint16_t size = ntohs (msg->size); diff --git a/src/fs/fs_download.c b/src/fs/fs_download.c index 2b67dc31e..282198cd3 100644 --- a/src/fs/fs_download.c +++ b/src/fs/fs_download.c @@ -234,12 +234,12 @@ encrypt_existing_match (struct GNUNET_FS_DownloadContext *dc, { struct ProcessResultClosure prc; char enc[len]; - struct GNUNET_CRYPTO_AesSessionKey sk; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey sk; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_HashCode query; GNUNET_CRYPTO_hash_to_aes_key (&chk->key, &sk, &iv); - if (-1 == GNUNET_CRYPTO_aes_encrypt (block, len, &sk, &iv, enc)) + if (-1 == GNUNET_CRYPTO_symmetric_encrypt (block, len, &sk, &iv, enc)) { GNUNET_break (0); return GNUNET_SYSERR; @@ -434,8 +434,8 @@ try_match_block (struct GNUNET_FS_DownloadContext *dc, char enc[DBLOCK_SIZE]; struct ContentHashKey chks[CHK_PER_INODE]; struct ContentHashKey in_chk; - struct GNUNET_CRYPTO_AesSessionKey sk; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey sk; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; size_t dlen; struct DownloadRequest *drc; struct GNUNET_DISK_FileHandle *fh; @@ -473,7 +473,7 @@ try_match_block (struct GNUNET_FS_DownloadContext *dc, } GNUNET_CRYPTO_hash (&data[dr->offset], dlen, &in_chk.key); GNUNET_CRYPTO_hash_to_aes_key (&in_chk.key, &sk, &iv); - if (-1 == GNUNET_CRYPTO_aes_encrypt (&data[dr->offset], dlen, &sk, &iv, enc)) + if (-1 == GNUNET_CRYPTO_symmetric_encrypt (&data[dr->offset], dlen, &sk, &iv, enc)) { GNUNET_break (0); return; @@ -945,8 +945,8 @@ process_result_with_request (void *cls, const struct GNUNET_HashCode * key, struct GNUNET_FS_DownloadContext *dc = prc->dc; struct DownloadRequest *drc; struct GNUNET_DISK_FileHandle *fh = NULL; - struct GNUNET_CRYPTO_AesSessionKey skey; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey skey; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; char pt[prc->size]; struct GNUNET_FS_ProgressInfo pi; uint64_t off; @@ -991,7 +991,7 @@ process_result_with_request (void *cls, const struct GNUNET_HashCode * key, } GNUNET_CRYPTO_hash_to_aes_key (&dr->chk.key, &skey, &iv); - if (-1 == GNUNET_CRYPTO_aes_decrypt (prc->data, prc->size, &skey, &iv, pt)) + if (-1 == GNUNET_CRYPTO_symmetric_decrypt (prc->data, prc->size, &skey, &iv, pt)) { GNUNET_break (0); dc->emsg = GNUNET_strdup (_("internal error decrypting content")); diff --git a/src/fs/fs_publish_ublock.c b/src/fs/fs_publish_ublock.c index 1c46f0d29..c84b21ba8 100644 --- a/src/fs/fs_publish_ublock.c +++ b/src/fs/fs_publish_ublock.c @@ -43,8 +43,8 @@ * @param pub public key to use for key derivation */ static void -derive_ublock_encryption_key (struct GNUNET_CRYPTO_AesSessionKey *skey, - struct GNUNET_CRYPTO_AesInitializationVector *iv, +derive_ublock_encryption_key (struct GNUNET_CRYPTO_SymmetricSessionKey *skey, + struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const char *label, const struct GNUNET_CRYPTO_EccPublicSignKey *pub) { @@ -77,12 +77,12 @@ GNUNET_FS_ublock_decrypt_ (const void *input, const char *label, void *output) { - struct GNUNET_CRYPTO_AesInitializationVector iv; - struct GNUNET_CRYPTO_AesSessionKey skey; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey skey; derive_ublock_encryption_key (&skey, &iv, label, ns); - GNUNET_CRYPTO_aes_decrypt (input, input_len, + GNUNET_CRYPTO_symmetric_decrypt (input, input_len, &skey, &iv, output); } @@ -167,8 +167,8 @@ GNUNET_FS_publish_ublock_ (struct GNUNET_FS_Handle *h, { struct GNUNET_FS_PublishUblockContext *uc; struct GNUNET_HashCode query; - struct GNUNET_CRYPTO_AesInitializationVector iv; - struct GNUNET_CRYPTO_AesSessionKey skey; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey skey; struct GNUNET_CRYPTO_EccPrivateKey *nsd; struct GNUNET_CRYPTO_EccPublicSignKey pub; char *uris; @@ -232,7 +232,7 @@ GNUNET_FS_publish_ublock_ (struct GNUNET_FS_Handle *h, /* encrypt ublock */ ub_enc = GNUNET_malloc (size); - GNUNET_CRYPTO_aes_encrypt (&ub_plain[1], + GNUNET_CRYPTO_symmetric_encrypt (&ub_plain[1], ulen + slen + mdsize, &skey, &iv, &ub_enc[1]); diff --git a/src/fs/fs_tree.c b/src/fs/fs_tree.c index b9dd894f5..4e0ef8c5b 100644 --- a/src/fs/fs_tree.c +++ b/src/fs/fs_tree.c @@ -336,8 +336,8 @@ GNUNET_FS_tree_encoder_next (struct GNUNET_FS_TreeEncoder *te) uint16_t pt_size; char iob[DBLOCK_SIZE]; char enc[DBLOCK_SIZE]; - struct GNUNET_CRYPTO_AesSessionKey sk; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey sk; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; unsigned int off; GNUNET_assert (GNUNET_NO == te->in_next); @@ -383,7 +383,7 @@ GNUNET_FS_tree_encoder_next (struct GNUNET_FS_TreeEncoder *te) mychk = &te->chk_tree[te->current_depth * CHK_PER_INODE + off]; GNUNET_CRYPTO_hash (pt_block, pt_size, &mychk->key); GNUNET_CRYPTO_hash_to_aes_key (&mychk->key, &sk, &iv); - GNUNET_CRYPTO_aes_encrypt (pt_block, pt_size, &sk, &iv, enc); + GNUNET_CRYPTO_symmetric_encrypt (pt_block, pt_size, &sk, &iv, enc); GNUNET_CRYPTO_hash (enc, pt_size, &mychk->query); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "TE calculates query to be `%s', stored at %u\n", diff --git a/src/fs/gnunet-service-fs_indexing.c b/src/fs/gnunet-service-fs_indexing.c index 1baab4c67..c8e9d636e 100644 --- a/src/fs/gnunet-service-fs_indexing.c +++ b/src/fs/gnunet-service-fs_indexing.c @@ -508,8 +508,8 @@ GNUNET_FS_handle_on_demand_block (const struct GNUNET_HashCode * key, uint32_t s { const struct OnDemandBlock *odb; struct GNUNET_HashCode nkey; - struct GNUNET_CRYPTO_AesSessionKey skey; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey skey; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_HashCode query; ssize_t nsize; char ndata[DBLOCK_SIZE]; @@ -566,7 +566,7 @@ GNUNET_FS_handle_on_demand_block (const struct GNUNET_HashCode * key, uint32_t s GNUNET_DISK_file_close (fh); GNUNET_CRYPTO_hash (ndata, nsize, &nkey); GNUNET_CRYPTO_hash_to_aes_key (&nkey, &skey, &iv); - GNUNET_CRYPTO_aes_encrypt (ndata, nsize, &skey, &iv, edata); + GNUNET_CRYPTO_symmetric_encrypt (ndata, nsize, &skey, &iv, edata); GNUNET_CRYPTO_hash (edata, nsize, &query); if (0 != memcmp (&query, key, sizeof (struct GNUNET_HashCode))) { diff --git a/src/fs/test_gnunet_fs_idx.py.in b/src/fs/test_gnunet_fs_idx.py.in index 0f8343057..a116c4e06 100755 --- a/src/fs/test_gnunet_fs_idx.py.in +++ b/src/fs/test_gnunet_fs_idx.py.in @@ -54,10 +54,10 @@ try: pub = pexpect () pub.spawn (None, [publish, '-c', 'test_gnunet_fs_idx_data.conf', '-m', "description:Test archive", '-k', 'tst', 'test_gnunet_fs_rec_data.tgz'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) - pub.expect ("stdout", re.compile (r"URI is `gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO\.FPEBEAL6HCABM5LMFNNJOPPLKAF5TLUC86A11EIS1HLMIUBP8VEUTU7FT50OLF9ESKP7GTBUE7GDN392J2VKL6JKM1VT1KB4C7Q1U48\.17822'\.\r?\n")) + pub.expect ("stdout", re.compile (r"URI is `gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO\.49BQ3R5C10JA1695IF71FCQ8VVG4IKIPH04BD9CQ22O6JEK915A7CEPQ17OD0NUQHTR5K4HHEGIKEVPFODB7IAUC0EKIAL2R781E9DG\.17822'\.\r?\n")) down = pexpect () - down.spawn (None, [download, '-c', 'test_gnunet_fs_idx_data.conf', '-o', 'test_gnunet_fs_rec_data.tar.gz', 'gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO.FPEBEAL6HCABM5LMFNNJOPPLKAF5TLUC86A11EIS1HLMIUBP8VEUTU7FT50OLF9ESKP7GTBUE7GDN392J2VKL6JKM1VT1KB4C7Q1U48.17822'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + down.spawn (None, [download, '-c', 'test_gnunet_fs_idx_data.conf', '-o', 'test_gnunet_fs_rec_data.tar.gz', 'gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO.49BQ3R5C10JA1695IF71FCQ8VVG4IKIPH04BD9CQ22O6JEK915A7CEPQ17OD0NUQHTR5K4HHEGIKEVPFODB7IAUC0EKIAL2R781E9DG.17822'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) down.expect ("stdout", re.compile (r"Downloading `test_gnunet_fs_rec_data.tar.gz' done (.*).\r?\n")) os.remove ("test_gnunet_fs_rec_data.tar.gz") diff --git a/src/fs/test_gnunet_fs_psd.py.in b/src/fs/test_gnunet_fs_psd.py.in index ab23da42a..513582f33 100755 --- a/src/fs/test_gnunet_fs_psd.py.in +++ b/src/fs/test_gnunet_fs_psd.py.in @@ -57,16 +57,16 @@ try: pub = pexpect () pub.spawn (None, [publish, '-c', 'test_gnunet_fs_psd_data.conf', '-n', '-m', "description:Test archive", '-k', 'tst', 'test_gnunet_fs_rec_data.tgz'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) pub.expect ("stdout", re.compile (r"Publishing `.+test_gnunet_fs_rec_data.tgz' done\.\r?\n")) - pub.expect ("stdout", re.compile (r"URI is `gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO\.FPEBEAL6HCABM5LMFNNJOPPLKAF5TLUC86A11EIS1HLMIUBP8VEUTU7FT50OLF9ESKP7GTBUE7GDN392J2VKL6JKM1VT1KB4C7Q1U48\.17822'\.\r?\n")) + pub.expect ("stdout", re.compile (r"URI is `gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO\.49BQ3R5C10JA1695IF71FCQ8VVG4IKIPH04BD9CQ22O6JEK915A7CEPQ17OD0NUQHTR5K4HHEGIKEVPFODB7IAUC0EKIAL2R781E9DG\.17822'\.\r?\n")) s = pexpect () s.spawn (None, [search, '-V', '-t', '1000 ms', '-N', '1', '-c', 'test_gnunet_fs_psd_data.conf', 'tst'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) s.expect ("stdout", re.compile (r'#0:\r?\n')) - s.expect ("stdout", re.compile (r'gnunet-download -o "test_gnunet_fs_rec_data.tgz" gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO\.FPEBEAL6HCABM5LMFNNJOPPLKAF5TLUC86A11EIS1HLMIUBP8VEUTU7FT50OLF9ESKP7GTBUE7GDN392J2VKL6JKM1VT1KB4C7Q1U48\.17822\r?\n')) + s.expect ("stdout", re.compile (r'gnunet-download -o "test_gnunet_fs_rec_data.tgz" gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO\.49BQ3R5C10JA1695IF71FCQ8VVG4IKIPH04BD9CQ22O6JEK915A7CEPQ17OD0NUQHTR5K4HHEGIKEVPFODB7IAUC0EKIAL2R781E9DG\.17822\r?\n')) s.expect ("stdout", re.compile (r"\s*description: Test archive\r?\n")) down = pexpect () - down.spawn (None, [download, '-c', 'test_gnunet_fs_psd_data.conf', '-o', 'test_gnunet_fs_rec_data.tar.gz', 'gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO.FPEBEAL6HCABM5LMFNNJOPPLKAF5TLUC86A11EIS1HLMIUBP8VEUTU7FT50OLF9ESKP7GTBUE7GDN392J2VKL6JKM1VT1KB4C7Q1U48.17822'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) + down.spawn (None, [download, '-c', 'test_gnunet_fs_psd_data.conf', '-o', 'test_gnunet_fs_rec_data.tar.gz', 'gnunet://fs/chk/2VKHJMR74CB6GB1GFJNOO95BTINA2PEO25FL48GAS7SPBMA0GDEK5U74R1VIHK0LA6919QRS376BHQFDOE3OUP0JOU92K1NIRJMHFCO.49BQ3R5C10JA1695IF71FCQ8VVG4IKIPH04BD9CQ22O6JEK915A7CEPQ17OD0NUQHTR5K4HHEGIKEVPFODB7IAUC0EKIAL2R781E9DG.17822'], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) down.expect ("stdout", re.compile (r"Downloading `test_gnunet_fs_rec_data.tar.gz' done (.*).\r?\n")) os.remove ("test_gnunet_fs_rec_data.tar.gz") diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index b8e38a2a2..1d000c29a 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h @@ -209,7 +209,7 @@ struct GNUNET_CRYPTO_EccPrivateKey /** * @brief type for session keys */ -struct GNUNET_CRYPTO_AesSessionKey +struct GNUNET_CRYPTO_SymmetricSessionKey { /** * Actual key for AES. @@ -231,7 +231,7 @@ GNUNET_NETWORK_STRUCT_END * NOTE: must be smaller (!) in size than the * `struct GNUNET_HashCode`. */ -struct GNUNET_CRYPTO_AesInitializationVector +struct GNUNET_CRYPTO_SymmetricInitializationVector { unsigned char aes_iv[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; @@ -352,7 +352,7 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, unsigned int n); * @param key key to initialize */ void -GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key); +GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key); /** @@ -367,9 +367,9 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key); * @return the size of the encrypted block, -1 for errors */ ssize_t -GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, - const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, - const struct GNUNET_CRYPTO_AesInitializationVector +GNUNET_CRYPTO_symmetric_encrypt (const void *block, size_t len, + const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, + const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result); @@ -385,9 +385,9 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, * @return -1 on failure, size of decrypted block on success */ ssize_t -GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, - const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, - const struct GNUNET_CRYPTO_AesInitializationVector +GNUNET_CRYPTO_symmetric_decrypt (const void *block, size_t size, + const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, + const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result); @@ -401,8 +401,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, * @param ... pairs of void * & size_t for context chunks, terminated by NULL */ void -GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, - const struct GNUNET_CRYPTO_AesSessionKey *skey, +GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len, ...); @@ -415,8 +415,8 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, * @param argp pairs of void * & size_t for context chunks, terminated by NULL */ void -GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, - const struct GNUNET_CRYPTO_AesSessionKey *skey, +GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len, va_list argp); @@ -610,8 +610,8 @@ GNUNET_CRYPTO_hash_xor (const struct GNUNET_HashCode * a, const struct GNUNET_Ha */ void GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc, - struct GNUNET_CRYPTO_AesSessionKey *skey, - struct GNUNET_CRYPTO_AesInitializationVector + struct GNUNET_CRYPTO_SymmetricSessionKey *skey, + struct GNUNET_CRYPTO_SymmetricInitializationVector *iv); @@ -685,7 +685,7 @@ GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode * h1, */ void GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, - const struct GNUNET_CRYPTO_AesSessionKey *rkey, + const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len, va_list argp); @@ -701,7 +701,7 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, */ void GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, - const struct GNUNET_CRYPTO_AesSessionKey *rkey, + const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len, ...); diff --git a/src/mesh/gnunet-service-mesh-enc.c b/src/mesh/gnunet-service-mesh-enc.c index e682f5b60..323da4cb6 100644 --- a/src/mesh/gnunet-service-mesh-enc.c +++ b/src/mesh/gnunet-service-mesh-enc.c @@ -685,12 +685,12 @@ struct MeshTunnel2 /** * Encryption ("our") key. */ - struct GNUNET_CRYPTO_AesSessionKey e_key; + struct GNUNET_CRYPTO_SymmetricSessionKey e_key; /** * Decryption ("their") key. */ - struct GNUNET_CRYPTO_AesSessionKey d_key; + struct GNUNET_CRYPTO_SymmetricSessionKey d_key; /** * Paths that are actively used to reach the destination peer. @@ -4221,15 +4221,15 @@ tunnel_new (void) // } // char salt[] = "salt"; -// GNUNET_CRYPTO_kdf (&t->e_key, sizeof (struct GNUNET_CRYPTO_AesSessionKey), +// GNUNET_CRYPTO_kdf (&t->e_key, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), // salt, sizeof (salt), -// &t->e_key, sizeof (struct GNUNET_CRYPTO_AesSessionKey), +// &t->e_key, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), // &my_full_id, sizeof (struct GNUNET_PeerIdentity), // GNUNET_PEER_resolve2 (t->peer->id), sizeof (struct GNUNET_PeerIdentity), // NULL); -// GNUNET_CRYPTO_kdf (&t->d_key, sizeof (struct GNUNET_CRYPTO_AesSessionKey), +// GNUNET_CRYPTO_kdf (&t->d_key, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), // salt, sizeof (salt), -// &t->d_key, sizeof (struct GNUNET_CRYPTO_AesSessionKey), +// &t->d_key, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), // GNUNET_PEER_resolve2 (t->peer->id), sizeof (struct GNUNET_PeerIdentity), // &my_full_id, sizeof (struct GNUNET_PeerIdentity), // NULL); diff --git a/src/namestore/namestore_api_common.c b/src/namestore/namestore_api_common.c index 55c9055ff..d54dc3e7f 100644 --- a/src/namestore/namestore_api_common.c +++ b/src/namestore/namestore_api_common.c @@ -321,20 +321,20 @@ GNUNET_NAMESTORE_record_get_expiration_time (unsigned int rd_count, * @param pub public key to use for KDF */ static void -derive_block_aes_key (struct GNUNET_CRYPTO_AesInitializationVector *iv, - struct GNUNET_CRYPTO_AesSessionKey *skey, +derive_block_aes_key (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const char *label, const struct GNUNET_CRYPTO_EccPublicSignKey *pub) { static const char ctx_key[] = "gns-aes-ctx-key"; static const char ctx_iv[] = "gns-aes-ctx-iv"; - GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), + GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), pub, sizeof (struct GNUNET_CRYPTO_EccPublicSignKey), label, strlen (label), ctx_key, strlen (ctx_key), NULL, 0); - GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_AesInitializationVector), + GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector), pub, sizeof (struct GNUNET_CRYPTO_EccPublicSignKey), label, strlen (label), ctx_iv, strlen (ctx_iv), @@ -364,8 +364,8 @@ GNUNET_NAMESTORE_block_create (const struct GNUNET_CRYPTO_EccPrivateKey *key, struct GNUNET_NAMESTORE_Block *block; struct GNUNET_CRYPTO_EccPublicSignKey pkey; struct GNUNET_CRYPTO_EccPrivateKey *dkey; - struct GNUNET_CRYPTO_AesInitializationVector iv; - struct GNUNET_CRYPTO_AesSessionKey skey; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey skey; uint32_t rd_count_nbo; if (payload_len > GNUNET_NAMESTORE_MAX_VALUE_SIZE) @@ -391,7 +391,7 @@ GNUNET_NAMESTORE_block_create (const struct GNUNET_CRYPTO_EccPrivateKey *key, &pkey); derive_block_aes_key (&iv, &skey, label, &pkey); GNUNET_break (payload_len + sizeof (uint32_t) == - GNUNET_CRYPTO_aes_encrypt (payload, payload_len + sizeof (uint32_t), + GNUNET_CRYPTO_symmetric_encrypt (payload, payload_len + sizeof (uint32_t), &skey, &iv, &block[1])); if (GNUNET_OK != @@ -447,8 +447,8 @@ GNUNET_NAMESTORE_block_decrypt (const struct GNUNET_NAMESTORE_Block *block, size_t payload_len = ntohl (block->purpose.size) - sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) - sizeof (struct GNUNET_TIME_AbsoluteNBO); - struct GNUNET_CRYPTO_AesInitializationVector iv; - struct GNUNET_CRYPTO_AesSessionKey skey; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey skey; if (ntohl (block->purpose.size) < sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + @@ -463,7 +463,7 @@ GNUNET_NAMESTORE_block_decrypt (const struct GNUNET_NAMESTORE_Block *block, uint32_t rd_count; GNUNET_break (payload_len == - GNUNET_CRYPTO_aes_decrypt (&block[1], payload_len, + GNUNET_CRYPTO_symmetric_decrypt (&block[1], payload_len, &skey, &iv, payload)); memcpy (&rd_count, diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 6c1d8d785..934385663 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am @@ -75,7 +75,7 @@ libgnunetutil_la_SOURCES = \ container_multihashmap.c \ container_multihashmap32.c \ container_slist.c \ - crypto_aes.c \ + crypto_symmetric.c \ crypto_crc.c \ crypto_ecc.c \ crypto_hash.c \ @@ -189,7 +189,7 @@ libgnunet_plugin_test_la_LDFLAGS = \ if HAVE_BENCHMARKS BENCHMARKS = \ perf_crypto_hash \ - perf_crypto_aes \ + perf_crypto_symmetric \ perf_malloc endif @@ -206,7 +206,7 @@ check_PROGRAMS = \ test_container_multihashmap32 \ test_container_heap \ test_container_slist \ - test_crypto_aes \ + test_crypto_symmetric \ test_crypto_crc \ test_crypto_ecc \ test_crypto_hash \ @@ -320,9 +320,9 @@ test_container_slist_SOURCES = \ test_container_slist_LDADD = \ $(top_builddir)/src/util/libgnunetutil.la -test_crypto_aes_SOURCES = \ - test_crypto_aes.c -test_crypto_aes_LDADD = \ +test_crypto_symmetric_SOURCES = \ + test_crypto_symmetric.c +test_crypto_symmetric_LDADD = \ $(top_builddir)/src/util/libgnunetutil.la test_crypto_crc_SOURCES = \ @@ -494,9 +494,9 @@ perf_crypto_hash_SOURCES = \ perf_crypto_hash_LDADD = \ $(top_builddir)/src/util/libgnunetutil.la -perf_crypto_aes_SOURCES = \ - perf_crypto_aes.c -perf_crypto_aes_LDADD = \ +perf_crypto_symmetric_SOURCES = \ + perf_crypto_symmetric.c +perf_crypto_symmetric_LDADD = \ $(top_builddir)/src/util/libgnunetutil.la perf_malloc_SOURCES = \ diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c deleted file mode 100644 index 91c578ab8..000000000 --- a/src/util/crypto_aes.c +++ /dev/null @@ -1,233 +0,0 @@ -/* - This file is part of GNUnet. - (C) 2001, 2002, 2003, 2004, 2005, 2006, 2013 Christian Grothoff (and other contributing authors) - - GNUnet is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published - by the Free Software Foundation; either version 3, or (at your - option) any later version. - - GNUnet is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with GNUnet; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 59 Temple Place - Suite 330, - Boston, MA 02111-1307, USA. -*/ - -/** - * @file util/crypto_aes.c - * @brief Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each) - * @author Christian Grothoff - * @author Ioana Patrascu - */ - -#include "platform.h" -#include "gnunet_common.h" -#include "gnunet_crypto_lib.h" -#include - -#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) - -/** - * Create a new SessionKey (for symmetric encryption). - * - * @param key session key to initialize - */ -void -GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) -{ - gcry_randomize (key->aes_key, - GNUNET_CRYPTO_AES_KEY_LENGTH, - GCRY_STRONG_RANDOM); - gcry_randomize (key->twofish_key, - GNUNET_CRYPTO_AES_KEY_LENGTH, - GCRY_STRONG_RANDOM); -} - - -/** - * Initialize AES cipher. - * - * @param handle handle to initialize - * @param sessionkey session key to use - * @param iv initialization vector to use - * @return #GNUNET_OK on success, #GNUNET_SYSERR on error - */ -static int -setup_cipher_aes (gcry_cipher_hd_t *handle, - const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, - const struct GNUNET_CRYPTO_AesInitializationVector *iv) -{ - int rc; - - GNUNET_assert (0 == - gcry_cipher_open (handle, GCRY_CIPHER_AES256, - GCRY_CIPHER_MODE_CFB, 0)); - rc = gcry_cipher_setkey (*handle, - sessionkey->aes_key, - sizeof (sessionkey->aes_key)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - rc = gcry_cipher_setiv (*handle, - iv->aes_iv, - sizeof (iv->aes_iv)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - return GNUNET_OK; -} - - -/** - * Initialize TWOFISH cipher. - * - * @param handle handle to initialize - * @param sessionkey session key to use - * @param iv initialization vector to use - * @return #GNUNET_OK on success, #GNUNET_SYSERR on error - */ -static int -setup_cipher_twofish (gcry_cipher_hd_t *handle, - const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, - const struct GNUNET_CRYPTO_AesInitializationVector *iv) -{ - int rc; - - GNUNET_assert (0 == - gcry_cipher_open (handle, GCRY_CIPHER_TWOFISH, - GCRY_CIPHER_MODE_CFB, 0)); - rc = gcry_cipher_setkey (*handle, - sessionkey->twofish_key, - sizeof (sessionkey->twofish_key)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - rc = gcry_cipher_setiv (*handle, - iv->twofish_iv, - sizeof (iv->twofish_iv)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - return GNUNET_OK; -} - - -/** - * Encrypt a block with the public key of another - * host that uses the same cyper. - * - * @param block the block to encrypt - * @param len the size of the @a block - * @param sessionkey the key used to encrypt - * @param iv the initialization vector to use, use INITVALUE - * for streams. - * @param result the output parameter in which to store the encrypted result - * @returns the size of the encrypted block, -1 for errors - */ -ssize_t -GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, - const struct GNUNET_CRYPTO_AesSessionKey * - sessionkey, - const struct GNUNET_CRYPTO_AesInitializationVector * - iv, void *result) -{ - gcry_cipher_hd_t handle; - char tmp[len]; - - if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) - return -1; - GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, len, block, len)); - gcry_cipher_close (handle); - if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) - return -1; - GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, tmp, len)); - gcry_cipher_close (handle); - memset (tmp, 0, sizeof (tmp)); - return len; -} - - -/** - * Decrypt a given block with the sessionkey. - * - * @param block the data to decrypt, encoded as returned by encrypt - * @param size the size of the @a block to decrypt - * @param sessionkey the key used to decrypt - * @param iv the initialization vector to use, use INITVALUE - * for streams. - * @param result address to store the result at - * @return -1 on failure, size of decrypted block on success - */ -ssize_t -GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, - const struct GNUNET_CRYPTO_AesSessionKey *sessionkey, - const struct GNUNET_CRYPTO_AesInitializationVector *iv, - void *result) -{ - gcry_cipher_hd_t handle; - char tmp[size]; - - if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) - return -1; - GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, block, size)); - gcry_cipher_close (handle); - if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) - return -1; - GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, tmp, size)); - gcry_cipher_close (handle); - memset (tmp, 0, sizeof (tmp)); - return size; -} - - -/** - * @brief Derive an IV - * - * @param iv initialization vector - * @param skey session key - * @param salt salt for the derivation - * @param salt_len size of the @a salt - * @param ... pairs of void * & size_t for context chunks, terminated by NULL - */ -void -GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, - const struct GNUNET_CRYPTO_AesSessionKey *skey, - const void *salt, size_t salt_len, ...) -{ - va_list argp; - - va_start (argp, salt_len); - GNUNET_CRYPTO_aes_derive_iv_v (iv, skey, salt, salt_len, argp); - va_end (argp); -} - - -/** - * @brief Derive an IV - * - * @param iv initialization vector - * @param skey session key - * @param salt salt for the derivation - * @param salt_len size of the salt - * @param argp pairs of void * & size_t for context chunks, terminated by NULL - */ -void -GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv, - const struct GNUNET_CRYPTO_AesSessionKey *skey, - const void *salt, size_t salt_len, va_list argp) -{ - char aes_salt[salt_len + 4]; - char twofish_salt[salt_len + 4]; - - memcpy (aes_salt, salt, salt_len); - memcpy (&aes_salt[salt_len], "AES!", 4); - memcpy (twofish_salt, salt, salt_len); - memcpy (&twofish_salt[salt_len], "FISH", 4); - GNUNET_CRYPTO_kdf_v (iv->aes_iv, sizeof (iv->aes_iv), - aes_salt, salt_len + 4, - skey->aes_key, sizeof (skey->aes_key), - argp); - GNUNET_CRYPTO_kdf_v (iv->twofish_iv, sizeof (iv->twofish_iv), - twofish_salt, salt_len + 4, - skey->twofish_key, sizeof (skey->twofish_key), - argp); -} - -/* end of crypto_aes.c */ diff --git a/src/util/crypto_hash.c b/src/util/crypto_hash.c index 47baf660f..e1997c3bb 100644 --- a/src/util/crypto_hash.c +++ b/src/util/crypto_hash.c @@ -395,16 +395,16 @@ GNUNET_CRYPTO_hash_xor (const struct GNUNET_HashCode * a, const struct GNUNET_Ha */ void GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode *hc, - struct GNUNET_CRYPTO_AesSessionKey *skey, - struct GNUNET_CRYPTO_AesInitializationVector *iv) + struct GNUNET_CRYPTO_SymmetricSessionKey *skey, + struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) { GNUNET_assert (GNUNET_YES == - GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), + GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), "Hash key derivation", strlen ("Hash key derivation"), hc, sizeof (struct GNUNET_HashCode), NULL, 0)); GNUNET_assert (GNUNET_YES == - GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_AesInitializationVector), + GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector), "Initialization vector derivation", strlen ("Initialization vector derivation"), hc, sizeof (struct GNUNET_HashCode), NULL, 0)); @@ -521,7 +521,7 @@ GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode *h1, */ void GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, - const struct GNUNET_CRYPTO_AesSessionKey *rkey, + const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len, ...) { va_list argp; @@ -542,13 +542,13 @@ GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, */ void GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, - const struct GNUNET_CRYPTO_AesSessionKey *rkey, + const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len, va_list argp) { GNUNET_CRYPTO_kdf_v (key->key, sizeof (key->key), salt, salt_len, - rkey, sizeof (struct GNUNET_CRYPTO_AesSessionKey), + rkey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), argp); } diff --git a/src/util/crypto_symmetric.c b/src/util/crypto_symmetric.c new file mode 100644 index 000000000..3e4f9d748 --- /dev/null +++ b/src/util/crypto_symmetric.c @@ -0,0 +1,233 @@ +/* + This file is part of GNUnet. + (C) 2001, 2002, 2003, 2004, 2005, 2006, 2013 Christian Grothoff (and other contributing authors) + + GNUnet is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 3, or (at your + option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNUnet; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. +*/ + +/** + * @file util/crypto_symmetric.c + * @brief Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each) + * @author Christian Grothoff + * @author Ioana Patrascu + */ + +#include "platform.h" +#include "gnunet_common.h" +#include "gnunet_crypto_lib.h" +#include + +#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) + +/** + * Create a new SessionKey (for symmetric encryption). + * + * @param key session key to initialize + */ +void +GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key) +{ + gcry_randomize (key->aes_key, + GNUNET_CRYPTO_AES_KEY_LENGTH, + GCRY_STRONG_RANDOM); + gcry_randomize (key->twofish_key, + GNUNET_CRYPTO_AES_KEY_LENGTH, + GCRY_STRONG_RANDOM); +} + + +/** + * Initialize AES cipher. + * + * @param handle handle to initialize + * @param sessionkey session key to use + * @param iv initialization vector to use + * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + */ +static int +setup_cipher_aes (gcry_cipher_hd_t *handle, + const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, + const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) +{ + int rc; + + GNUNET_assert (0 == + gcry_cipher_open (handle, GCRY_CIPHER_AES256, + GCRY_CIPHER_MODE_CFB, 0)); + rc = gcry_cipher_setkey (*handle, + sessionkey->aes_key, + sizeof (sessionkey->aes_key)); + GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); + rc = gcry_cipher_setiv (*handle, + iv->aes_iv, + sizeof (iv->aes_iv)); + GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); + return GNUNET_OK; +} + + +/** + * Initialize TWOFISH cipher. + * + * @param handle handle to initialize + * @param sessionkey session key to use + * @param iv initialization vector to use + * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + */ +static int +setup_cipher_twofish (gcry_cipher_hd_t *handle, + const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, + const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) +{ + int rc; + + GNUNET_assert (0 == + gcry_cipher_open (handle, GCRY_CIPHER_TWOFISH, + GCRY_CIPHER_MODE_CFB, 0)); + rc = gcry_cipher_setkey (*handle, + sessionkey->twofish_key, + sizeof (sessionkey->twofish_key)); + GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); + rc = gcry_cipher_setiv (*handle, + iv->twofish_iv, + sizeof (iv->twofish_iv)); + GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); + return GNUNET_OK; +} + + +/** + * Encrypt a block with the public key of another + * host that uses the same cyper. + * + * @param block the block to encrypt + * @param len the size of the @a block + * @param sessionkey the key used to encrypt + * @param iv the initialization vector to use, use INITVALUE + * for streams. + * @param result the output parameter in which to store the encrypted result + * @returns the size of the encrypted block, -1 for errors + */ +ssize_t +GNUNET_CRYPTO_symmetric_encrypt (const void *block, size_t len, + const struct GNUNET_CRYPTO_SymmetricSessionKey * + sessionkey, + const struct GNUNET_CRYPTO_SymmetricInitializationVector * + iv, void *result) +{ + gcry_cipher_hd_t handle; + char tmp[len]; + + if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) + return -1; + GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, len, block, len)); + gcry_cipher_close (handle); + if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) + return -1; + GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, tmp, len)); + gcry_cipher_close (handle); + memset (tmp, 0, sizeof (tmp)); + return len; +} + + +/** + * Decrypt a given block with the sessionkey. + * + * @param block the data to decrypt, encoded as returned by encrypt + * @param size the size of the @a block to decrypt + * @param sessionkey the key used to decrypt + * @param iv the initialization vector to use, use INITVALUE + * for streams. + * @param result address to store the result at + * @return -1 on failure, size of decrypted block on success + */ +ssize_t +GNUNET_CRYPTO_symmetric_decrypt (const void *block, size_t size, + const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, + const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + void *result) +{ + gcry_cipher_hd_t handle; + char tmp[size]; + + if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv)) + return -1; + GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, block, size)); + gcry_cipher_close (handle); + if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv)) + return -1; + GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, tmp, size)); + gcry_cipher_close (handle); + memset (tmp, 0, sizeof (tmp)); + return size; +} + + +/** + * @brief Derive an IV + * + * @param iv initialization vector + * @param skey session key + * @param salt salt for the derivation + * @param salt_len size of the @a salt + * @param ... pairs of void * & size_t for context chunks, terminated by NULL + */ +void +GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, + const void *salt, size_t salt_len, ...) +{ + va_list argp; + + va_start (argp, salt_len); + GNUNET_CRYPTO_symmetric_derive_iv_v (iv, skey, salt, salt_len, argp); + va_end (argp); +} + + +/** + * @brief Derive an IV + * + * @param iv initialization vector + * @param skey session key + * @param salt salt for the derivation + * @param salt_len size of the salt + * @param argp pairs of void * & size_t for context chunks, terminated by NULL + */ +void +GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, + const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, + const void *salt, size_t salt_len, va_list argp) +{ + char aes_salt[salt_len + 4]; + char twofish_salt[salt_len + 4]; + + memcpy (aes_salt, salt, salt_len); + memcpy (&aes_salt[salt_len], "AES!", 4); + memcpy (twofish_salt, salt, salt_len); + memcpy (&twofish_salt[salt_len], "FISH", 4); + GNUNET_CRYPTO_kdf_v (iv->aes_iv, sizeof (iv->aes_iv), + aes_salt, salt_len + 4, + skey->aes_key, sizeof (skey->aes_key), + argp); + GNUNET_CRYPTO_kdf_v (iv->twofish_iv, sizeof (iv->twofish_iv), + twofish_salt, salt_len + 4, + skey->twofish_key, sizeof (skey->twofish_key), + argp); +} + +/* end of crypto_aes.c */ diff --git a/src/util/perf_crypto_aes.c b/src/util/perf_crypto_aes.c deleted file mode 100644 index f02335afe..000000000 --- a/src/util/perf_crypto_aes.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - This file is part of GNUnet. - (C) 2002, 2003, 2004, 2006 Christian Grothoff (and other contributing authors) - - GNUnet is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published - by the Free Software Foundation; either version 3, or (at your - option) any later version. - - GNUnet is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with GNUnet; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 59 Temple Place - Suite 330, - Boston, MA 02111-1307, USA. -*/ - -/** - * @author Christian Grothoff - * @file util/perf_crypto_aes.c - * @brief measure performance of encryption function - */ -#include "platform.h" -#include "gnunet_common.h" -#include "gnunet_util_lib.h" -#include - - -static void -perfEncrypt () -{ - unsigned int i; - char buf[64 * 1024]; - char rbuf[64 * 1024]; - struct GNUNET_CRYPTO_AesSessionKey sk; - struct GNUNET_CRYPTO_AesInitializationVector iv; - - GNUNET_CRYPTO_aes_create_session_key (&sk); - - memset (buf, 1, sizeof (buf)); - for (i = 0; i < 1024; i++) - { - memset (&iv, (int8_t) i, sizeof (iv)); - GNUNET_CRYPTO_aes_encrypt (buf, sizeof (buf), - &sk, &iv, - rbuf); - GNUNET_CRYPTO_aes_decrypt (rbuf, sizeof (buf), - &sk, &iv, - buf); - } - memset (rbuf, 1, sizeof (rbuf)); - GNUNET_assert (0 == memcmp (rbuf, buf, sizeof (buf))); -} - - -int -main (int argc, char *argv[]) -{ - struct GNUNET_TIME_Absolute start; - - start = GNUNET_TIME_absolute_get (); - perfEncrypt (); - printf ("Encrypt perf took %s\n", - GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start), - GNUNET_YES)); - GAUGER ("UTIL", "Symmetric encryption", - 64 * 1024 / (1 + - GNUNET_TIME_absolute_get_duration - (start).rel_value_us / 1000LL), "kb/ms"); - return 0; -} - -/* end of perf_crypto_aes.c */ diff --git a/src/util/perf_crypto_symmetric.c b/src/util/perf_crypto_symmetric.c new file mode 100644 index 000000000..9f4e2a938 --- /dev/null +++ b/src/util/perf_crypto_symmetric.c @@ -0,0 +1,76 @@ +/* + This file is part of GNUnet. + (C) 2002, 2003, 2004, 2006 Christian Grothoff (and other contributing authors) + + GNUnet is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 3, or (at your + option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNUnet; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. +*/ + +/** + * @author Christian Grothoff + * @file util/perf_crypto_symmetric.c + * @brief measure performance of encryption function + */ +#include "platform.h" +#include "gnunet_common.h" +#include "gnunet_util_lib.h" +#include + + +static void +perfEncrypt () +{ + unsigned int i; + char buf[64 * 1024]; + char rbuf[64 * 1024]; + struct GNUNET_CRYPTO_SymmetricSessionKey sk; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; + + GNUNET_CRYPTO_symmetric_create_session_key (&sk); + + memset (buf, 1, sizeof (buf)); + for (i = 0; i < 1024; i++) + { + memset (&iv, (int8_t) i, sizeof (iv)); + GNUNET_CRYPTO_symmetric_encrypt (buf, sizeof (buf), + &sk, &iv, + rbuf); + GNUNET_CRYPTO_symmetric_decrypt (rbuf, sizeof (buf), + &sk, &iv, + buf); + } + memset (rbuf, 1, sizeof (rbuf)); + GNUNET_assert (0 == memcmp (rbuf, buf, sizeof (buf))); +} + + +int +main (int argc, char *argv[]) +{ + struct GNUNET_TIME_Absolute start; + + start = GNUNET_TIME_absolute_get (); + perfEncrypt (); + printf ("Encrypt perf took %s\n", + GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start), + GNUNET_YES)); + GAUGER ("UTIL", "Symmetric encryption", + 64 * 1024 / (1 + + GNUNET_TIME_absolute_get_duration + (start).rel_value_us / 1000LL), "kb/ms"); + return 0; +} + +/* end of perf_crypto_aes.c */ diff --git a/src/util/test_crypto_aes.c b/src/util/test_crypto_aes.c deleted file mode 100644 index a5d49063a..000000000 --- a/src/util/test_crypto_aes.c +++ /dev/null @@ -1,171 +0,0 @@ -/* - This file is part of GNUnet. - (C) 2002, 2003, 2004, 2006 Christian Grothoff (and other contributing authors) - - GNUnet is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published - by the Free Software Foundation; either version 3, or (at your - option) any later version. - - GNUnet is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with GNUnet; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 59 Temple Place - Suite 330, - Boston, MA 02111-1307, USA. - -*/ -/** - * @author Christian Grothoff - * @file util/test_crypto_aes.c - * @brief test for AES ciphers - */ -#include "platform.h" -#include "gnunet_common.h" -#include "gnunet_crypto_lib.h" - -#define TESTSTRING "Hello World!" -#define INITVALUE "InitializationVectorValueinitializationvectorvalue" - -static int -testSymcipher () -{ - struct GNUNET_CRYPTO_AesSessionKey key; - char result[100]; - int size; - char res[100]; - - GNUNET_CRYPTO_aes_create_session_key (&key); - size = - GNUNET_CRYPTO_aes_encrypt (TESTSTRING, strlen (TESTSTRING) + 1, &key, - (const struct - GNUNET_CRYPTO_AesInitializationVector *) - INITVALUE, result); - if (size == -1) - { - printf ("symciphertest failed: encryptBlock returned %d\n", size); - return 1; - } - size = - GNUNET_CRYPTO_aes_decrypt (result, size, &key, - (const struct - GNUNET_CRYPTO_AesInitializationVector *) - INITVALUE, res); - if (strlen (TESTSTRING) + 1 != size) - { - printf ("symciphertest failed: decryptBlock returned %d\n", size); - return 1; - } - if (0 != strcmp (res, TESTSTRING)) - { - printf ("symciphertest failed: %s != %s\n", res, TESTSTRING); - return 1; - } - else - return 0; -} - - -static int -verifyCrypto () -{ - struct GNUNET_CRYPTO_AesSessionKey key; - char result[GNUNET_CRYPTO_AES_KEY_LENGTH]; - char *res; - int ret; - - unsigned char plain[] = - { - 29, 128, 192, 253, 74, 171, 38, 187, 84, 219, 76, 76, 209, 118, 33, 249, - 172, 124, 96, 9, 157, 110, 8, 215, 200, 63, 69, 230, 157, 104, 247, 164 - }; - unsigned char raw_key_aes[] = - { - 106, 74, 209, 88, 145, 55, 189, 135, 125, 180, 225, 108, 183, 54, 25, - 169, 129, 188, 131, 75, 227, 245, 105, 10, 225, 15, 115, 159, 148, 184, - 34, 191 - }; - unsigned char raw_key_twofish[] = - { - 145, 55, 189, 135, 125, 180, 225, 108, 183, 54, 25, - 169, 129, 188, 131, 75, 227, 245, 105, 10, 225, 15, 115, 159, 148, 184, - 34, 191, 106, 74, 209, 88 - }; - unsigned char encrresult[] = - { - 161, 152, 186, 231, 214, 55, 225, 206, 85, 43, 80, 134, 145, 198, 20, - 233, 236, 57, 194, 10, 147, 149, 30, 106, 179, 54, 182, 247, 71, 204, - 179, 51, 1 - }; - - res = NULL; - ret = 0; - - memcpy (key.aes_key, raw_key_aes, GNUNET_CRYPTO_AES_KEY_LENGTH); - memcpy (key.twofish_key, raw_key_twofish, GNUNET_CRYPTO_AES_KEY_LENGTH); - if (GNUNET_CRYPTO_AES_KEY_LENGTH != - GNUNET_CRYPTO_aes_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key, - (const struct - GNUNET_CRYPTO_AesInitializationVector *) - "testtesttesttest", result)) - { - printf ("Wrong return value from encrypt block.\n"); - ret = 1; - goto error; - } - - if (0 != memcmp (encrresult, result, GNUNET_CRYPTO_AES_KEY_LENGTH)) - { - int i; - printf ("Encrypted result wrong.\n"); - for (i=0;i - sizeof (struct GNUNET_CRYPTO_AesInitializationVector)); - failureCount += testSymcipher (); - failureCount += verifyCrypto (); - - if (failureCount != 0) - { - printf ("%d TESTS FAILED!\n", failureCount); - return -1; - } - return 0; -} - -/* end of test_crypto_aes.c */ diff --git a/src/util/test_crypto_hash.c b/src/util/test_crypto_hash.c index 2a5d6d773..9e10702ce 100644 --- a/src/util/test_crypto_hash.c +++ b/src/util/test_crypto_hash.c @@ -69,8 +69,8 @@ testArithmetic () struct GNUNET_HashCode h2; struct GNUNET_HashCode d; struct GNUNET_HashCode s; - struct GNUNET_CRYPTO_AesSessionKey skey; - struct GNUNET_CRYPTO_AesInitializationVector iv; + struct GNUNET_CRYPTO_SymmetricSessionKey skey; + struct GNUNET_CRYPTO_SymmetricInitializationVector iv; GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK, &h1); GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_WEAK, &h2); diff --git a/src/util/test_crypto_symmetric.c b/src/util/test_crypto_symmetric.c new file mode 100644 index 000000000..b350e9efe --- /dev/null +++ b/src/util/test_crypto_symmetric.c @@ -0,0 +1,171 @@ +/* + This file is part of GNUnet. + (C) 2002, 2003, 2004, 2006 Christian Grothoff (and other contributing authors) + + GNUnet is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published + by the Free Software Foundation; either version 3, or (at your + option) any later version. + + GNUnet is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with GNUnet; see the file COPYING. If not, write to the + Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. + +*/ +/** + * @author Christian Grothoff + * @file util/test_crypto_symmetric.c + * @brief test for AES ciphers + */ +#include "platform.h" +#include "gnunet_common.h" +#include "gnunet_crypto_lib.h" + +#define TESTSTRING "Hello World!" +#define INITVALUE "InitializationVectorValueinitializationvectorvalue" + +static int +testSymcipher () +{ + struct GNUNET_CRYPTO_SymmetricSessionKey key; + char result[100]; + int size; + char res[100]; + + GNUNET_CRYPTO_symmetric_create_session_key (&key); + size = + GNUNET_CRYPTO_symmetric_encrypt (TESTSTRING, strlen (TESTSTRING) + 1, &key, + (const struct + GNUNET_CRYPTO_SymmetricInitializationVector *) + INITVALUE, result); + if (size == -1) + { + printf ("symciphertest failed: encryptBlock returned %d\n", size); + return 1; + } + size = + GNUNET_CRYPTO_symmetric_decrypt (result, size, &key, + (const struct + GNUNET_CRYPTO_SymmetricInitializationVector *) + INITVALUE, res); + if (strlen (TESTSTRING) + 1 != size) + { + printf ("symciphertest failed: decryptBlock returned %d\n", size); + return 1; + } + if (0 != strcmp (res, TESTSTRING)) + { + printf ("symciphertest failed: %s != %s\n", res, TESTSTRING); + return 1; + } + else + return 0; +} + + +static int +verifyCrypto () +{ + struct GNUNET_CRYPTO_SymmetricSessionKey key; + char result[GNUNET_CRYPTO_AES_KEY_LENGTH]; + char *res; + int ret; + + unsigned char plain[] = + { + 29, 128, 192, 253, 74, 171, 38, 187, 84, 219, 76, 76, 209, 118, 33, 249, + 172, 124, 96, 9, 157, 110, 8, 215, 200, 63, 69, 230, 157, 104, 247, 164 + }; + unsigned char raw_key_aes[] = + { + 106, 74, 209, 88, 145, 55, 189, 135, 125, 180, 225, 108, 183, 54, 25, + 169, 129, 188, 131, 75, 227, 245, 105, 10, 225, 15, 115, 159, 148, 184, + 34, 191 + }; + unsigned char raw_key_twofish[] = + { + 145, 55, 189, 135, 125, 180, 225, 108, 183, 54, 25, + 169, 129, 188, 131, 75, 227, 245, 105, 10, 225, 15, 115, 159, 148, 184, + 34, 191, 106, 74, 209, 88 + }; + unsigned char encrresult[] = + { + 161, 152, 186, 231, 214, 55, 225, 206, 85, 43, 80, 134, 145, 198, 20, + 233, 236, 57, 194, 10, 147, 149, 30, 106, 179, 54, 182, 247, 71, 204, + 179, 51, 1 + }; + + res = NULL; + ret = 0; + + memcpy (key.aes_key, raw_key_aes, GNUNET_CRYPTO_AES_KEY_LENGTH); + memcpy (key.twofish_key, raw_key_twofish, GNUNET_CRYPTO_AES_KEY_LENGTH); + if (GNUNET_CRYPTO_AES_KEY_LENGTH != + GNUNET_CRYPTO_symmetric_encrypt (plain, GNUNET_CRYPTO_AES_KEY_LENGTH, &key, + (const struct + GNUNET_CRYPTO_SymmetricInitializationVector *) + "testtesttesttest", result)) + { + printf ("Wrong return value from encrypt block.\n"); + ret = 1; + goto error; + } + + if (0 != memcmp (encrresult, result, GNUNET_CRYPTO_AES_KEY_LENGTH)) + { + int i; + printf ("Encrypted result wrong.\n"); + for (i=0;i + sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector)); + failureCount += testSymcipher (); + failureCount += verifyCrypto (); + + if (failureCount != 0) + { + printf ("%d TESTS FAILED!\n", failureCount); + return -1; + } + return 0; +} + +/* end of test_crypto_aes.c */ -- cgit v1.2.3