commit 90545e798c5d046cec0742bbc26f794da0c248ca
parent 551d36ad77df853998aa5726bd7d26c945122270
Author: TheJackiMonster <thejackimonster@gmail.com>
Date: Mon, 17 Jan 2022 14:03:53 +0100
Added file hash checking after decryption and using hash as iv
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com>
Diffstat:
3 files changed, 20 insertions(+), 8 deletions(-)
diff --git a/src/gnunet_chat_lib.c b/src/gnunet_chat_lib.c
@@ -651,7 +651,7 @@ GNUNET_CHAT_context_send_file (struct GNUNET_CHAT_Context *context,
struct GNUNET_CRYPTO_SymmetricSessionKey key;
GNUNET_CRYPTO_symmetric_create_session_key(&key);
- if (GNUNET_OK != util_encrypt_file(filename, &key))
+ if (GNUNET_OK != util_encrypt_file(filename, &hash, &key))
{
GNUNET_free(filename);
return NULL;
@@ -1043,7 +1043,9 @@ GNUNET_CHAT_file_open_preview (struct GNUNET_CHAT_File *file)
remove(file->preview);
if ((GNUNET_OK != GNUNET_DISK_file_copy(filename, file->preview)) ||
- (GNUNET_OK != util_decrypt_file(file->preview, &(file->key))))
+ (GNUNET_OK != util_decrypt_file(file->preview,
+ &(file->hash),
+ &(file->key))))
{
GNUNET_free(file->preview);
file->preview = NULL;
diff --git a/src/gnunet_chat_util.c b/src/gnunet_chat_util.c
@@ -1,6 +1,6 @@
/*
This file is part of GNUnet.
- Copyright (C) 2021 GNUnet e.V.
+ Copyright (C) 2021--2022 GNUnet e.V.
GNUnet is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
@@ -86,9 +86,10 @@ util_hash_file (const char *filename, struct GNUNET_HashCode *hash)
int
util_encrypt_file (const char *filename,
+ const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_SymmetricSessionKey *key)
{
- GNUNET_assert((filename) && (key));
+ GNUNET_assert((filename) && (hash) && (key));
uint64_t size;
@@ -131,7 +132,7 @@ util_encrypt_file (const char *filename,
if (index > 0)
memcpy(&iv, ((uint8_t*) data) + (block_size * (index - 1)), sizeof(iv));
else
- memset(&iv, 0, sizeof(iv));
+ memcpy(&iv, hash, sizeof(iv));
result = GNUNET_CRYPTO_symmetric_encrypt(
location,
@@ -162,9 +163,10 @@ util_encrypt_file (const char *filename,
int
util_decrypt_file (const char *filename,
+ const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_SymmetricSessionKey *key)
{
- GNUNET_assert((filename) && (key));
+ GNUNET_assert((filename) && (hash) && (key));
uint64_t size;
@@ -206,7 +208,7 @@ util_decrypt_file (const char *filename,
if (index > 0)
memcpy(&iv, ((uint8_t*) data) + (block_size * (index - 1)), sizeof(iv));
else
- memset(&iv, 0, sizeof(iv));
+ memcpy(&iv, hash, sizeof(iv));
result = GNUNET_CRYPTO_symmetric_decrypt(
location,
@@ -220,6 +222,12 @@ util_decrypt_file (const char *filename,
break;
}
+ struct GNUNET_HashCode check;
+ GNUNET_CRYPTO_hash(data, size, &check);
+
+ if (0 != GNUNET_CRYPTO_hash_cmp(hash, &check))
+ result = -1;
+
if (GNUNET_OK != GNUNET_DISK_file_unmap(mapping))
result = -1;
diff --git a/src/gnunet_chat_util.h b/src/gnunet_chat_util.h
@@ -1,6 +1,6 @@
/*
This file is part of GNUnet.
- Copyright (C) 2021 GNUnet e.V.
+ Copyright (C) 2021--2022 GNUnet e.V.
GNUnet is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
@@ -44,10 +44,12 @@ util_hash_file (const char *filename, struct GNUNET_HashCode *hash);
int
util_encrypt_file (const char *filename,
+ const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_SymmetricSessionKey *key);
int
util_decrypt_file (const char *filename,
+ const struct GNUNET_HashCode *hash,
const struct GNUNET_CRYPTO_SymmetricSessionKey *key);
int
