/*
This file is part of GNUnet. Copyright (C) 2001-2014 Christian Grothoff
(and other contributing authors)
GNUnet is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.
GNUnet is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
SPDX-License-Identifier: AGPL3.0-or-later
*/
/**
* @file util/crypto_random.c
* @brief functions to gather random numbers
* @author Christian Grothoff
*/
#include "platform.h"
#include
#include
#include "gnunet_crypto_lib.h"
struct GNUNET_CRYPTO_AbeMasterKey {
gabe_pub_t* pub;
gabe_msk_t* msk;
};
struct GNUNET_CRYPTO_AbeKey {
gabe_pub_t* pub;
gabe_prv_t* prv;
};
static int
init_aes(element_t k, int enc,
gcry_cipher_hd_t* handle,
struct GNUNET_CRYPTO_SymmetricSessionKey *key,
unsigned char* iv)
{
int rc;
int key_len;
unsigned char* key_buf;
key_len = element_length_in_bytes(k) < 33 ? 3 : element_length_in_bytes(k);
key_buf = (unsigned char*)malloc(key_len);
element_to_bytes(key_buf, k);
GNUNET_memcpy(key->aes_key,
key_buf,
GNUNET_CRYPTO_AES_KEY_LENGTH);
GNUNET_assert(0 ==
gcry_cipher_open(handle, GCRY_CIPHER_AES256,
GCRY_CIPHER_MODE_CFB, 0));
rc = gcry_cipher_setkey(*handle,
key->aes_key,
sizeof(key->aes_key));
GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
memset(iv, 0, 16); //TODO make reasonable
rc = gcry_cipher_setiv(*handle,
iv,
16);
GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
free(key_buf);
return rc;
}
static int
aes_128_cbc_encrypt(char* pt,
int size,
element_t k,
char **ct)
{
gcry_cipher_hd_t handle;
struct GNUNET_CRYPTO_SymmetricSessionKey skey;
unsigned char iv[16];
char* buf;
int padding;
int buf_size;
uint8_t len[4];
init_aes(k, 1, &handle, &skey, iv);
/* TODO make less crufty */
/* stuff in real length (big endian) before padding */
len[0] = (size & 0xff000000) >> 24;
len[1] = (size & 0xff0000) >> 16;
len[2] = (size & 0xff00) >> 8;
len[3] = (size & 0xff) >> 0;
padding = 16 - ((4 + size) % 16);
buf_size = 4 + size + padding;
buf = GNUNET_malloc(buf_size);
GNUNET_memcpy(buf, len, 4);
GNUNET_memcpy(buf + 4, pt, size);
*ct = GNUNET_malloc(buf_size);
GNUNET_assert(0 == gcry_cipher_encrypt(handle, *ct, buf_size, buf, buf_size));
gcry_cipher_close(handle);
//AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
GNUNET_free(buf);
return buf_size;
}
static int
aes_128_cbc_decrypt(char* ct,
int size,
element_t k,
char **pt)
{
struct GNUNET_CRYPTO_SymmetricSessionKey skey;
gcry_cipher_hd_t handle;
unsigned char iv[16];
char* tmp;
uint32_t len;
init_aes(k, 1, &handle, &skey, iv);
tmp = GNUNET_malloc(size);
//AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
GNUNET_assert(0 == gcry_cipher_decrypt(handle, tmp, size, ct, size));
gcry_cipher_close(handle);
/* TODO make less crufty */
/* get real length */
len = 0;
len = len
| ((tmp[0]) << 24) | ((tmp[1]) << 16)
| ((tmp[2]) << 8) | ((tmp[3]) << 0);
/* truncate any garbage from the padding */
*pt = GNUNET_malloc(len);
GNUNET_memcpy(*pt, tmp + 4, len);
GNUNET_free(tmp);
return len;
}
struct GNUNET_CRYPTO_AbeMasterKey*
GNUNET_CRYPTO_cpabe_create_master_key(void)
{
struct GNUNET_CRYPTO_AbeMasterKey* key;
key = GNUNET_new(struct GNUNET_CRYPTO_AbeMasterKey);
gabe_setup(&key->pub, &key->msk);
GNUNET_assert(NULL != key->pub);
GNUNET_assert(NULL != key->msk);
return key;
}
void
GNUNET_CRYPTO_cpabe_delete_master_key(struct GNUNET_CRYPTO_AbeMasterKey *key)
{
gabe_msk_free(key->msk);
gabe_pub_free(key->pub);
//GNUNET_free (key->msk);
//gabe_msk_free (key->msk); //For some reason free of pub implicit?
GNUNET_free(key);
}
struct GNUNET_CRYPTO_AbeKey*
GNUNET_CRYPTO_cpabe_create_key(struct GNUNET_CRYPTO_AbeMasterKey *key,
char **attrs)
{
struct GNUNET_CRYPTO_AbeKey *prv_key;
int size;
char *tmp;
prv_key = GNUNET_new(struct GNUNET_CRYPTO_AbeKey);
prv_key->prv = gabe_keygen(key->pub, key->msk, attrs);
size = gabe_pub_serialize(key->pub, &tmp);
prv_key->pub = gabe_pub_unserialize(tmp, size);
GNUNET_free(tmp);
GNUNET_assert(NULL != prv_key->prv);
return prv_key;
}
void
GNUNET_CRYPTO_cpabe_delete_key(struct GNUNET_CRYPTO_AbeKey *key,
int delete_pub)
{
//Memory management in gabe is buggy
gabe_prv_free(key->prv);
if (GNUNET_YES == delete_pub)
gabe_pub_free(key->pub);
GNUNET_free(key);
}
ssize_t
write_cpabe(void **result,
uint32_t file_len,
char* cph_buf,
int cph_buf_len,
char* aes_buf,
int aes_buf_len)
{
char *ptr;
uint32_t *len;
*result = GNUNET_malloc(12 + cph_buf_len + aes_buf_len);
ptr = *result;
len = (uint32_t*)ptr;
*len = htonl(file_len);
ptr += 4;
len = (uint32_t*)ptr;
*len = htonl(aes_buf_len);
ptr += 4;
GNUNET_memcpy(ptr, aes_buf, aes_buf_len);
ptr += aes_buf_len;
len = (uint32_t*)ptr;
*len = htonl(cph_buf_len);
ptr += 4;
GNUNET_memcpy(ptr, cph_buf, cph_buf_len);
return 12 + cph_buf_len + aes_buf_len;
}
ssize_t
read_cpabe(const void *data,
char** cph_buf,
int *cph_buf_len,
char** aes_buf,
int *aes_buf_len)
{
int buf_len;
char *ptr;
uint32_t *len;
ptr = (char*)data;
len = (uint32_t*)ptr;
buf_len = ntohl(*len);
ptr += 4;
len = (uint32_t*)ptr;
*aes_buf_len = ntohl(*len);
ptr += 4;
*aes_buf = GNUNET_malloc(*aes_buf_len);
GNUNET_memcpy(*aes_buf, ptr, *aes_buf_len);
ptr += *aes_buf_len;
len = (uint32_t*)ptr;
*cph_buf_len = ntohl(*len);
ptr += 4;
*cph_buf = GNUNET_malloc(*cph_buf_len);
GNUNET_memcpy(*cph_buf, ptr, *cph_buf_len);
return buf_len;
}
ssize_t
GNUNET_CRYPTO_cpabe_encrypt(const void *block,
size_t size,
const char *policy,
const struct GNUNET_CRYPTO_AbeMasterKey *key,
void **result)
{
gabe_cph_t* cph;
char* plt;
char* cph_buf;
char* aes_buf;
element_t m;
int cph_buf_len;
int aes_buf_len;
ssize_t result_len;
if (!(cph = gabe_enc(key->pub, m, (char*)policy)))
return GNUNET_SYSERR;
cph_buf_len = gabe_cph_serialize(cph,
&cph_buf);
gabe_cph_free(cph);
GNUNET_free(cph);
plt = GNUNET_memdup(block, size);
aes_buf_len = aes_128_cbc_encrypt(plt, size, m, &aes_buf);
GNUNET_free(plt);
element_clear(m);
result_len = write_cpabe(result, size, cph_buf, cph_buf_len, aes_buf, aes_buf_len);
GNUNET_free(cph_buf);
GNUNET_free(aes_buf);
return result_len;
}
ssize_t
GNUNET_CRYPTO_cpabe_decrypt(const void *block,
size_t size,
const struct GNUNET_CRYPTO_AbeKey *key,
void **result)
{
char* aes_buf;
char* cph_buf;
gabe_cph_t* cph;
element_t m;
int cph_buf_size;
int aes_buf_size;
int plt_len;
read_cpabe(block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size);
cph = gabe_cph_unserialize(key->pub, cph_buf, cph_buf_size);
if (!gabe_dec(key->pub, key->prv, cph, m))
{
GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
"%s\n", gabe_error());
GNUNET_free(aes_buf);
GNUNET_free(cph_buf);
gabe_cph_free(cph);
GNUNET_free(cph);
element_clear(m);
return GNUNET_SYSERR;
}
gabe_cph_free(cph);
GNUNET_free(cph);
plt_len = aes_128_cbc_decrypt(aes_buf, aes_buf_size, m, (char**)result);
GNUNET_free(cph_buf);
GNUNET_free(aes_buf);
element_clear(m);
//freeing is buggy in gabe
//gabe_prv_free (prv);
//gabe_pub_free (pub);
return plt_len;
}
ssize_t
GNUNET_CRYPTO_cpabe_serialize_key(const struct GNUNET_CRYPTO_AbeKey *key,
void **result)
{
ssize_t len;
char *pub;
char *prv;
int pub_len;
int prv_len;
pub_len = gabe_pub_serialize(key->pub, &pub);
prv_len = gabe_prv_serialize(key->prv, &prv);
len = pub_len + prv_len + 12;
write_cpabe(result, len, pub, pub_len, prv, prv_len);
GNUNET_free(pub);
GNUNET_free(prv);
return len;
}
struct GNUNET_CRYPTO_AbeKey*
GNUNET_CRYPTO_cpabe_deserialize_key(const void *data,
size_t len)
{
struct GNUNET_CRYPTO_AbeKey *key;
char *pub;
char *prv;
int prv_len;
int pub_len;
key = GNUNET_new(struct GNUNET_CRYPTO_AbeKey);
read_cpabe(data,
&pub,
&pub_len,
&prv,
&prv_len);
key->pub = gabe_pub_unserialize(pub, pub_len);
key->prv = gabe_prv_unserialize(key->pub, prv, prv_len);
GNUNET_free(pub);
GNUNET_free(prv);
return key;
}
ssize_t
GNUNET_CRYPTO_cpabe_serialize_master_key(const struct GNUNET_CRYPTO_AbeMasterKey *key,
void **result)
{
ssize_t len;
char *pub;
char *msk;
int pub_len;
int msk_len;
pub_len = gabe_pub_serialize(key->pub, &pub);
msk_len = gabe_msk_serialize(key->msk, &msk);
len = pub_len + msk_len + 12;
write_cpabe(result, len, pub, pub_len, msk, msk_len);
GNUNET_free(pub);
GNUNET_free(msk);
return len;
}
struct GNUNET_CRYPTO_AbeMasterKey*
GNUNET_CRYPTO_cpabe_deserialize_master_key(const void *data,
size_t len)
{
struct GNUNET_CRYPTO_AbeMasterKey *key;
char *msk;
char *pub;
int msk_len;
int pub_len;
key = GNUNET_new(struct GNUNET_CRYPTO_AbeMasterKey);
read_cpabe(data,
&pub,
&pub_len,
&msk,
&msk_len);
key->pub = gabe_pub_unserialize(pub, pub_len);
key->msk = gabe_msk_unserialize(key->pub, msk, msk_len);
GNUNET_free(pub);
GNUNET_free(msk);
return key;
}