2
This file is part of GNUnet.
3
(C) 2001, 2002, 2003, 2004, 2005, 2006 Christian Grothoff (and other contributing authors)
5
GNUnet is free software; you can redistribute it and/or modify
6
it under the terms of the GNU General Public License as published
7
by the Free Software Foundation; either version 2, or (at your
8
option) any later version.
10
GNUnet is distributed in the hope that it will be useful, but
11
WITHOUT ANY WARRANTY; without even the implied warranty of
12
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13
General Public License for more details.
15
You should have received a copy of the GNU General Public License
16
along with GNUnet; see the file COPYING. If not, write to the
17
Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18
Boston, MA 02111-1307, USA.
22
* @file util/crypto_aes.c
23
* @brief Symmetric encryption services.
24
* @author Christian Grothoff
25
* @author Ioana Patrascu
29
#include "gnunet_common.h"
30
#include "gnunet_crypto_lib.h"
33
#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
36
* Create a new SessionKey (for AES-256).
39
GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key)
41
gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH,
44
htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH));
48
* Check that a new session key is well-formed.
50
* @return GNUNET_OK if the key is valid
53
GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
58
crc = GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH);
59
if (ntohl (key->crc32) == crc)
67
* Encrypt a block with the public key of another
68
* host that uses the same cyper.
69
* @param block the block to encrypt
70
* @param len the size of the block
71
* @param sessionkey the key used to encrypt
72
* @param iv the initialization vector to use, use INITVALUE
74
* @param result the output parameter in which to store the encrypted result
75
* @returns the size of the encrypted block, -1 for errors
78
GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len,
79
const struct GNUNET_CRYPTO_AesSessionKey *
81
const struct GNUNET_CRYPTO_AesInitializationVector *
84
gcry_cipher_hd_t handle;
87
if (sessionkey->crc32 !=
88
htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH)))
94
gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
95
GCRY_CIPHER_MODE_CFB, 0));
96
rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);
97
GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
98
rc = gcry_cipher_setiv (handle, iv,
100
GNUNET_CRYPTO_AesInitializationVector));
101
GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
102
GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len));
103
gcry_cipher_close (handle);
108
* Decrypt a given block with the sessionkey.
110
* @param block the data to decrypt, encoded as returned by encrypt
111
* @param size the size of the block to decrypt
112
* @param sessionkey the key used to decrypt
113
* @param iv the initialization vector to use, use INITVALUE
115
* @param result address to store the result at
116
* @return -1 on failure, size of decrypted block on success
119
GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size,
120
const struct GNUNET_CRYPTO_AesSessionKey *
122
const struct GNUNET_CRYPTO_AesInitializationVector *
125
gcry_cipher_hd_t handle;
128
if (sessionkey->crc32 !=
129
htonl (GNUNET_CRYPTO_crc32_n (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH)))
135
gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
136
GCRY_CIPHER_MODE_CFB, 0));
137
rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);
138
GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
139
rc = gcry_cipher_setiv (handle, iv,
141
GNUNET_CRYPTO_AesInitializationVector));
142
GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
143
GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size));
144
gcry_cipher_close (handle);
149
* @brief Derive an IV
150
* @param iv initialization vector
151
* @param skey session key
152
* @param salt salt for the derivation
153
* @param salt_len size of the salt
154
* @param ... pairs of void * & size_t for context chunks, terminated by NULL
157
GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
158
const struct GNUNET_CRYPTO_AesSessionKey *skey,
159
const void *salt, size_t salt_len, ...)
163
va_start (argp, salt_len);
164
GNUNET_CRYPTO_aes_derive_iv_v (iv, skey, salt, salt_len, argp);
169
* @brief Derive an IV
170
* @param iv initialization vector
171
* @param skey session key
172
* @param salt salt for the derivation
173
* @param salt_len size of the salt
174
* @param argp pairs of void * & size_t for context chunks, terminated by NULL
177
GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv,
178
const struct GNUNET_CRYPTO_AesSessionKey *skey,
179
const void *salt, size_t salt_len, va_list argp)
181
GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key,
182
sizeof (skey->key), argp);
185
/* end of crypto_aes.c */