Added file hash checking after decryption and using hash as iv

Signed-off-by: TheJackiMonster <thejackimonster@gmail.com>

3 files changed, 20 insertions, 8 deletions

diff --git a/src/gnunet_chat_lib.c b/src/gnunet_chat_lib.c
index 8332f1d..be07f85 100644
--- a/src/gnunet_chat_lib.c
+++ b/src/gnunet_chat_lib.c
@@ -651,7 +651,7 @@ GNUNET_CHAT_context_send_file (struct GNUNET_CHAT_Context *context,
   struct GNUNET_CRYPTO_SymmetricSessionKey key;
   GNUNET_CRYPTO_symmetric_create_session_key(&key);
 
-  if (GNUNET_OK != util_encrypt_file(filename, &key))
+  if (GNUNET_OK != util_encrypt_file(filename, &hash, &key))
   {
     GNUNET_free(filename);
     return NULL;
@@ -1043,7 +1043,9 @@ GNUNET_CHAT_file_open_preview (struct GNUNET_CHAT_File *file)
   remove(file->preview);
 
   if ((GNUNET_OK != GNUNET_DISK_file_copy(filename, file->preview)) ||
-      (GNUNET_OK != util_decrypt_file(file->preview, &(file->key))))
+      (GNUNET_OK != util_decrypt_file(file->preview,
+                                      &(file->hash),
+                                      &(file->key))))
   {
     GNUNET_free(file->preview);
     file->preview = NULL;
diff --git a/src/gnunet_chat_util.c b/src/gnunet_chat_util.c
index 9876f8b..5fde9a3 100644
--- a/src/gnunet_chat_util.c
+++ b/src/gnunet_chat_util.c
@@ -1,6 +1,6 @@
 /*
    This file is part of GNUnet.
-   Copyright (C) 2021 GNUnet e.V.
+   Copyright (C) 2021--2022 GNUnet e.V.
 
    GNUnet is free software: you can redistribute it and/or modify it
    under the terms of the GNU Affero General Public License as published
@@ -86,9 +86,10 @@ util_hash_file (const char *filename, struct GNUNET_HashCode *hash)
 
 int
 util_encrypt_file (const char *filename,
+                   const struct GNUNET_HashCode *hash,
                    const struct GNUNET_CRYPTO_SymmetricSessionKey *key)
 {
-  GNUNET_assert((filename) && (key));
+  GNUNET_assert((filename) && (hash) && (key));
 
   uint64_t size;
 
@@ -131,7 +132,7 @@ util_encrypt_file (const char *filename,
     if (index > 0)
       memcpy(&iv, ((uint8_t*) data) + (block_size * (index - 1)), sizeof(iv));
     else
-      memset(&iv, 0, sizeof(iv));
+      memcpy(&iv, hash, sizeof(iv));
 
     result = GNUNET_CRYPTO_symmetric_encrypt(
         location,
@@ -162,9 +163,10 @@ util_encrypt_file (const char *filename,
 
 int
 util_decrypt_file (const char *filename,
+                   const struct GNUNET_HashCode *hash,
                    const struct GNUNET_CRYPTO_SymmetricSessionKey *key)
 {
-  GNUNET_assert((filename) && (key));
+  GNUNET_assert((filename) && (hash) && (key));
 
   uint64_t size;
 
@@ -206,7 +208,7 @@ util_decrypt_file (const char *filename,
     if (index > 0)
       memcpy(&iv, ((uint8_t*) data) + (block_size * (index - 1)), sizeof(iv));
     else
-      memset(&iv, 0, sizeof(iv));
+      memcpy(&iv, hash, sizeof(iv));
 
     result = GNUNET_CRYPTO_symmetric_decrypt(
         location,
@@ -220,6 +222,12 @@ util_decrypt_file (const char *filename,
       break;
   }
 
+  struct GNUNET_HashCode check;
+  GNUNET_CRYPTO_hash(data, size, &check);
+
+  if (0 != GNUNET_CRYPTO_hash_cmp(hash, &check))
+    result = -1;
+
   if (GNUNET_OK != GNUNET_DISK_file_unmap(mapping))
     result = -1;
 
diff --git a/src/gnunet_chat_util.h b/src/gnunet_chat_util.h
index 7497b67..74d1259 100644
--- a/src/gnunet_chat_util.h
+++ b/src/gnunet_chat_util.h
@@ -1,6 +1,6 @@
 /*
    This file is part of GNUnet.
-   Copyright (C) 2021 GNUnet e.V.
+   Copyright (C) 2021--2022 GNUnet e.V.
 
    GNUnet is free software: you can redistribute it and/or modify it
    under the terms of the GNU Affero General Public License as published
@@ -44,10 +44,12 @@ util_hash_file (const char *filename, struct GNUNET_HashCode *hash);
 
 int
 util_encrypt_file (const char *filename,
+                   const struct GNUNET_HashCode *hash,
                    const struct GNUNET_CRYPTO_SymmetricSessionKey *key);
 
 int
 util_decrypt_file (const char *filename,
+                   const struct GNUNET_HashCode *hash,
                    const struct GNUNET_CRYPTO_SymmetricSessionKey *key);
 
 int