diff options
| author | Bertrand Marc <beberking@gmail.com> | 2012-06-06 20:47:48 +0200 |
|---|---|---|
| committer | Bertrand Marc <beberking@gmail.com> | 2012-06-06 20:47:48 +0200 |
| commit | 740b30688bd745a527f96f9116c19acb3480971a (patch) | |
| tree | 2709a3f4dba11c174aa9e1ba3612e30c578e76a9 /src/util/crypto_aes.c | |
| parent | 2b81464a43485fcc8ce079fafdee7b7a171835f4 (diff) | |
Imported Upstream version 0.9.3upstream/0.9.3
Diffstat (limited to 'src/util/crypto_aes.c')
| -rw-r--r-- | src/util/crypto_aes.c | 87 |
1 files changed, 53 insertions, 34 deletions
diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c index 8b031f3..d5c36d7 100644 --- a/src/util/crypto_aes.c +++ b/src/util/crypto_aes.c @@ -34,6 +34,8 @@ /** * Create a new SessionKey (for AES-256). + * + * @param key session key to initialize */ void GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) @@ -44,6 +46,7 @@ GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key) htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH)); } + /** * Check that a new session key is well-formed. * @@ -56,16 +59,55 @@ GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey uint32_t crc; crc = GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH); - if (ntohl (key->crc32) == crc) - return GNUNET_OK; - GNUNET_break_op (0); - return GNUNET_SYSERR; + if (ntohl (key->crc32) != crc) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + return GNUNET_OK; +} + + +/** + * Initialize AES cipher. + * + * @param handle handle to initialize + * @param sessionkey session key to use + * @param iv initialization vector to use + * @return GNUNET_OK on success, GNUNET_SYSERR on error + */ +static int +setup_cipher (gcry_cipher_hd_t *handle, + const struct GNUNET_CRYPTO_AesSessionKey * + sessionkey, + const struct GNUNET_CRYPTO_AesInitializationVector * + iv) +{ + int rc; + + if (GNUNET_OK != + GNUNET_CRYPTO_aes_check_session_key (sessionkey)) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + GNUNET_assert (0 == + gcry_cipher_open (handle, GCRY_CIPHER_AES256, + GCRY_CIPHER_MODE_CFB, 0)); + rc = gcry_cipher_setkey (*handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); + GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); + rc = gcry_cipher_setiv (*handle, iv, + sizeof (struct + GNUNET_CRYPTO_AesInitializationVector)); + GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); + return GNUNET_OK; } /** * Encrypt a block with the public key of another * host that uses the same cyper. + * * @param block the block to encrypt * @param len the size of the block * @param sessionkey the key used to encrypt @@ -82,28 +124,15 @@ GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len, iv, void *result) { gcry_cipher_hd_t handle; - int rc; - if (sessionkey->crc32 != - htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) - { - GNUNET_break (0); + if (GNUNET_OK != setup_cipher (&handle, sessionkey, iv)) return -1; - } - GNUNET_assert (0 == - gcry_cipher_open (&handle, GCRY_CIPHER_AES256, - GCRY_CIPHER_MODE_CFB, 0)); - rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - rc = gcry_cipher_setiv (handle, iv, - sizeof (struct - GNUNET_CRYPTO_AesInitializationVector)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len)); gcry_cipher_close (handle); return len; } + /** * Decrypt a given block with the sessionkey. * @@ -123,30 +152,18 @@ GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size, iv, void *result) { gcry_cipher_hd_t handle; - int rc; - if (sessionkey->crc32 != - htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH))) - { - GNUNET_break (0); + if (GNUNET_OK != setup_cipher (&handle, sessionkey, iv)) return -1; - } - GNUNET_assert (0 == - gcry_cipher_open (&handle, GCRY_CIPHER_AES256, - GCRY_CIPHER_MODE_CFB, 0)); - rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - rc = gcry_cipher_setiv (handle, iv, - sizeof (struct - GNUNET_CRYPTO_AesInitializationVector)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size)); gcry_cipher_close (handle); return size; } + /** * @brief Derive an IV + * * @param iv initialization vector * @param skey session key * @param salt salt for the derivation @@ -165,8 +182,10 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv, va_end (argp); } + /** * @brief Derive an IV + * * @param iv initialization vector * @param skey session key * @param salt salt for the derivation |