/*
This file is part of GNUnet. Copyright (C) 2001-2014 Christian Grothoff
(and other contributing authors)
GNUnet is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.
GNUnet is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
SPDX-License-Identifier: AGPL3.0-or-later
*/
/**
* @file util/crypto_random.c
* @brief functions to gather random numbers
* @author Christian Grothoff
*/
#include "platform.h"
#include
#include
#include "gnunet_crypto_lib.h"
struct GNUNET_CRYPTO_AbeMasterKey
{
gabe_pub_t*pub;
gabe_msk_t*msk;
};
struct GNUNET_CRYPTO_AbeKey
{
gabe_pub_t*pub;
gabe_prv_t*prv;
};
static int
init_aes (element_t k, int enc,
gcry_cipher_hd_t*handle,
struct GNUNET_CRYPTO_SymmetricSessionKey *key,
unsigned char*iv)
{
int rc;
int key_len;
unsigned char*key_buf;
key_len = element_length_in_bytes (k) < 33 ? 3 : element_length_in_bytes (k);
key_buf = (unsigned char *) malloc (key_len);
element_to_bytes (key_buf, k);
GNUNET_memcpy (key->aes_key,
key_buf,
GNUNET_CRYPTO_AES_KEY_LENGTH);
GNUNET_assert (0 ==
gcry_cipher_open (handle, GCRY_CIPHER_AES256,
GCRY_CIPHER_MODE_CFB, 0));
rc = gcry_cipher_setkey (*handle,
key->aes_key,
sizeof(key->aes_key));
GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
memset (iv, 0, 16); // TODO make reasonable
rc = gcry_cipher_setiv (*handle,
iv,
16);
GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
free (key_buf);
return rc;
}
static int
aes_128_cbc_encrypt (char*pt,
int size,
element_t k,
char **ct)
{
gcry_cipher_hd_t handle;
struct GNUNET_CRYPTO_SymmetricSessionKey skey;
unsigned char iv[16];
char*buf;
int padding;
int buf_size;
uint8_t len[4];
init_aes (k, 1, &handle, &skey, iv);
/* TODO make less crufty */
/* stuff in real length (big endian) before padding */
len[0] = (size & 0xff000000) >> 24;
len[1] = (size & 0xff0000) >> 16;
len[2] = (size & 0xff00) >> 8;
len[3] = (size & 0xff) >> 0;
padding = 16 - ((4 + size) % 16);
buf_size = 4 + size + padding;
buf = GNUNET_malloc (buf_size);
GNUNET_memcpy (buf, len, 4);
GNUNET_memcpy (buf + 4, pt, size);
*ct = GNUNET_malloc (buf_size);
GNUNET_assert (0 == gcry_cipher_encrypt (handle, *ct, buf_size, buf,
buf_size));
gcry_cipher_close (handle);
// AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
GNUNET_free (buf);
return buf_size;
}
static int
aes_128_cbc_decrypt (char*ct,
int size,
element_t k,
char **pt)
{
struct GNUNET_CRYPTO_SymmetricSessionKey skey;
gcry_cipher_hd_t handle;
unsigned char iv[16];
char*tmp;
uint32_t len;
init_aes (k, 1, &handle, &skey, iv);
tmp = GNUNET_malloc (size);
// AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, ct, size));
gcry_cipher_close (handle);
/* TODO make less crufty */
/* get real length */
len = 0;
len = len
| ((tmp[0]) << 24) | ((tmp[1]) << 16)
| ((tmp[2]) << 8) | ((tmp[3]) << 0);
/* truncate any garbage from the padding */
*pt = GNUNET_malloc (len);
GNUNET_memcpy (*pt, tmp + 4, len);
GNUNET_free (tmp);
return len;
}
struct GNUNET_CRYPTO_AbeMasterKey*
GNUNET_CRYPTO_cpabe_create_master_key (void)
{
struct GNUNET_CRYPTO_AbeMasterKey*key;
key = GNUNET_new (struct GNUNET_CRYPTO_AbeMasterKey);
gabe_setup (&key->pub, &key->msk);
GNUNET_assert (NULL != key->pub);
GNUNET_assert (NULL != key->msk);
return key;
}
void
GNUNET_CRYPTO_cpabe_delete_master_key (struct GNUNET_CRYPTO_AbeMasterKey *key)
{
gabe_msk_free (key->msk);
gabe_pub_free (key->pub);
// GNUNET_free (key->msk);
// gabe_msk_free (key->msk); //For some reason free of pub implicit?
GNUNET_free (key);
}
struct GNUNET_CRYPTO_AbeKey*
GNUNET_CRYPTO_cpabe_create_key (struct GNUNET_CRYPTO_AbeMasterKey *key,
char **attrs)
{
struct GNUNET_CRYPTO_AbeKey *prv_key;
int size;
char *tmp;
prv_key = GNUNET_new (struct GNUNET_CRYPTO_AbeKey);
prv_key->prv = gabe_keygen (key->pub, key->msk, attrs);
size = gabe_pub_serialize (key->pub, &tmp);
prv_key->pub = gabe_pub_unserialize (tmp, size);
GNUNET_free (tmp);
GNUNET_assert (NULL != prv_key->prv);
return prv_key;
}
void
GNUNET_CRYPTO_cpabe_delete_key (struct GNUNET_CRYPTO_AbeKey *key,
int delete_pub)
{
// Memory management in gabe is buggy
gabe_prv_free (key->prv);
if (GNUNET_YES == delete_pub)
gabe_pub_free (key->pub);
GNUNET_free (key);
}
ssize_t
write_cpabe (void **result,
uint32_t file_len,
char*cph_buf,
int cph_buf_len,
char*aes_buf,
int aes_buf_len)
{
char *ptr;
uint32_t *len;
*result = GNUNET_malloc (12 + cph_buf_len + aes_buf_len);
ptr = *result;
len = (uint32_t *) ptr;
*len = htonl (file_len);
ptr += 4;
len = (uint32_t *) ptr;
*len = htonl (aes_buf_len);
ptr += 4;
GNUNET_memcpy (ptr, aes_buf, aes_buf_len);
ptr += aes_buf_len;
len = (uint32_t *) ptr;
*len = htonl (cph_buf_len);
ptr += 4;
GNUNET_memcpy (ptr, cph_buf, cph_buf_len);
return 12 + cph_buf_len + aes_buf_len;
}
ssize_t
read_cpabe (const void *data,
char**cph_buf,
int *cph_buf_len,
char**aes_buf,
int *aes_buf_len)
{
int buf_len;
char *ptr;
uint32_t *len;
ptr = (char *) data;
len = (uint32_t *) ptr;
buf_len = ntohl (*len);
ptr += 4;
len = (uint32_t *) ptr;
*aes_buf_len = ntohl (*len);
ptr += 4;
*aes_buf = GNUNET_malloc (*aes_buf_len);
GNUNET_memcpy (*aes_buf, ptr, *aes_buf_len);
ptr += *aes_buf_len;
len = (uint32_t *) ptr;
*cph_buf_len = ntohl (*len);
ptr += 4;
*cph_buf = GNUNET_malloc (*cph_buf_len);
GNUNET_memcpy (*cph_buf, ptr, *cph_buf_len);
return buf_len;
}
ssize_t
GNUNET_CRYPTO_cpabe_encrypt (const void *block,
size_t size,
const char *policy,
const struct GNUNET_CRYPTO_AbeMasterKey *key,
void **result)
{
gabe_cph_t*cph;
char*plt;
char*cph_buf;
char*aes_buf;
element_t m;
int cph_buf_len;
int aes_buf_len;
ssize_t result_len;
if (! (cph = gabe_enc (key->pub, m, (char *) policy)))
return GNUNET_SYSERR;
cph_buf_len = gabe_cph_serialize (cph,
&cph_buf);
gabe_cph_free (cph);
GNUNET_free (cph);
plt = GNUNET_memdup (block, size);
aes_buf_len = aes_128_cbc_encrypt (plt, size, m, &aes_buf);
GNUNET_free (plt);
element_clear (m);
result_len = write_cpabe (result, size, cph_buf, cph_buf_len, aes_buf,
aes_buf_len);
GNUNET_free (cph_buf);
GNUNET_free (aes_buf);
return result_len;
}
ssize_t
GNUNET_CRYPTO_cpabe_decrypt (const void *block,
size_t size,
const struct GNUNET_CRYPTO_AbeKey *key,
void **result)
{
char*aes_buf;
char*cph_buf;
gabe_cph_t*cph;
element_t m;
int cph_buf_size;
int aes_buf_size;
int plt_len;
read_cpabe (block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size);
cph = gabe_cph_unserialize (key->pub, cph_buf, cph_buf_size);
if (! gabe_dec (key->pub, key->prv, cph, m))
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"%s\n", gabe_error ());
GNUNET_free (aes_buf);
GNUNET_free (cph_buf);
gabe_cph_free (cph);
GNUNET_free (cph);
element_clear (m);
return GNUNET_SYSERR;
}
gabe_cph_free (cph);
GNUNET_free (cph);
plt_len = aes_128_cbc_decrypt (aes_buf, aes_buf_size, m, (char **) result);
GNUNET_free (cph_buf);
GNUNET_free (aes_buf);
element_clear (m);
// freeing is buggy in gabe
// gabe_prv_free (prv);
// gabe_pub_free (pub);
return plt_len;
}
ssize_t
GNUNET_CRYPTO_cpabe_serialize_key (const struct GNUNET_CRYPTO_AbeKey *key,
void **result)
{
ssize_t len;
char *pub;
char *prv;
int pub_len;
int prv_len;
pub_len = gabe_pub_serialize (key->pub, &pub);
prv_len = gabe_prv_serialize (key->prv, &prv);
len = pub_len + prv_len + 12;
write_cpabe (result, len, pub, pub_len, prv, prv_len);
GNUNET_free (pub);
GNUNET_free (prv);
return len;
}
struct GNUNET_CRYPTO_AbeKey*
GNUNET_CRYPTO_cpabe_deserialize_key (const void *data,
size_t len)
{
struct GNUNET_CRYPTO_AbeKey *key;
char *pub;
char *prv;
int prv_len;
int pub_len;
key = GNUNET_new (struct GNUNET_CRYPTO_AbeKey);
read_cpabe (data,
&pub,
&pub_len,
&prv,
&prv_len);
key->pub = gabe_pub_unserialize (pub, pub_len);
key->prv = gabe_prv_unserialize (key->pub, prv, prv_len);
GNUNET_free (pub);
GNUNET_free (prv);
return key;
}
ssize_t
GNUNET_CRYPTO_cpabe_serialize_master_key (const struct
GNUNET_CRYPTO_AbeMasterKey *key,
void **result)
{
ssize_t len;
char *pub;
char *msk;
int pub_len;
int msk_len;
pub_len = gabe_pub_serialize (key->pub, &pub);
msk_len = gabe_msk_serialize (key->msk, &msk);
len = pub_len + msk_len + 12;
write_cpabe (result, len, pub, pub_len, msk, msk_len);
GNUNET_free (pub);
GNUNET_free (msk);
return len;
}
struct GNUNET_CRYPTO_AbeMasterKey*
GNUNET_CRYPTO_cpabe_deserialize_master_key (const void *data,
size_t len)
{
struct GNUNET_CRYPTO_AbeMasterKey *key;
char *msk;
char *pub;
int msk_len;
int pub_len;
key = GNUNET_new (struct GNUNET_CRYPTO_AbeMasterKey);
read_cpabe (data,
&pub,
&pub_len,
&msk,
&msk_len);
key->pub = gabe_pub_unserialize (pub, pub_len);
key->msk = gabe_msk_unserialize (key->pub, msk, msk_len);
GNUNET_free (pub);
GNUNET_free (msk);
return key;
}