GNUnet  0.11.x
Data Structures | Functions
abe.c File Reference

functions for Attribute-Based Encryption More...

#include "platform.h"
#include <pbc/pbc.h>
#include <gabe.h>
#include "gnunet_crypto_lib.h"
#include "gnunet_abe_lib.h"
Include dependency graph for abe.c:

Go to the source code of this file.

Data Structures

struct  GNUNET_ABE_AbeMasterKey
 
struct  GNUNET_ABE_AbeKey
 

Functions

static int init_aes (element_t k, int enc, gcry_cipher_hd_t *handle, struct GNUNET_CRYPTO_SymmetricSessionKey *key, unsigned char *iv)
 
static int aes_128_cbc_encrypt (char *pt, int size, element_t k, char **ct)
 
static int aes_128_cbc_decrypt (char *ct, int size, element_t k, char **pt)
 
struct GNUNET_ABE_AbeMasterKeyGNUNET_ABE_cpabe_create_master_key (void)
 Create a new CP-ABE master key. More...
 
void GNUNET_ABE_cpabe_delete_master_key (struct GNUNET_ABE_AbeMasterKey *key)
 Delete a CP-ABE master key. More...
 
struct GNUNET_ABE_AbeKeyGNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key, char **attrs)
 Create a new CP-ABE key. More...
 
void GNUNET_ABE_cpabe_delete_key (struct GNUNET_ABE_AbeKey *key, int delete_pub)
 Delete a CP-ABE key. More...
 
static ssize_t write_cpabe (void **result, uint32_t file_len, char *cph_buf, int cph_buf_len, char *aes_buf, int aes_buf_len)
 
static ssize_t read_cpabe (const void *data, char **cph_buf, int *cph_buf_len, char **aes_buf, int *aes_buf_len)
 
ssize_t GNUNET_ABE_cpabe_encrypt (const void *block, size_t size, const char *policy, const struct GNUNET_ABE_AbeMasterKey *key, void **result)
 Encrypt a block using sessionkey. More...
 
ssize_t GNUNET_ABE_cpabe_decrypt (const void *block, size_t size, const struct GNUNET_ABE_AbeKey *key, void **result)
 Decrypt a block using the ABE key. More...
 
ssize_t GNUNET_ABE_cpabe_serialize_key (const struct GNUNET_ABE_AbeKey *key, void **result)
 Serialize an ABE key. More...
 
struct GNUNET_ABE_AbeKeyGNUNET_ABE_cpabe_deserialize_key (const void *data, size_t len)
 Deserialize a serialized ABE key. More...
 
ssize_t GNUNET_ABE_cpabe_serialize_master_key (const struct GNUNET_ABE_AbeMasterKey *key, void **result)
 Serialize an ABE master key. More...
 
struct GNUNET_ABE_AbeMasterKeyGNUNET_ABE_cpabe_deserialize_master_key (const void *data, size_t len)
 Deserialize an ABE master key. More...
 

Detailed Description

functions for Attribute-Based Encryption

Author
Martin Schanzenbach

Definition in file abe.c.

Function Documentation

◆ init_aes()

static int init_aes ( element_t  k,
int  enc,
gcry_cipher_hd_t *  handle,
struct GNUNET_CRYPTO_SymmetricSessionKey key,
unsigned char *  iv 
)
static

Definition at line 49 of file abe.c.

References GNUNET_CRYPTO_SymmetricSessionKey::aes_key, GNUNET_assert, GNUNET_CRYPTO_AES_KEY_LENGTH, and GNUNET_memcpy.

Referenced by aes_128_cbc_decrypt(), and aes_128_cbc_encrypt().

53 {
54  int rc;
55  int key_len;
56  unsigned char*key_buf;
57 
58  key_len = element_length_in_bytes (k) < 33 ? 3 : element_length_in_bytes (k);
59  key_buf = (unsigned char*) malloc (key_len);
60  element_to_bytes (key_buf, k);
61 
63  GNUNET_assert (0 ==
64  gcry_cipher_open (handle, GCRY_CIPHER_AES256,
65  GCRY_CIPHER_MODE_CFB, 0));
66  rc = gcry_cipher_setkey (*handle,
67  key->aes_key,
68  sizeof(key->aes_key));
69  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
70  memset (iv, 0, 16); // TODO make reasonable
71  rc = gcry_cipher_setiv (*handle,
72  iv,
73  16);
74  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
75 
76  free (key_buf);
77  return rc;
78 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
unsigned char aes_key[(256/8)]
Actual key for AES.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
Here is the caller graph for this function:

◆ aes_128_cbc_encrypt()

static int aes_128_cbc_encrypt ( char *  pt,
int  size,
element_t  k,
char **  ct 
)
static

Definition at line 82 of file abe.c.

References buf, GNUNET_assert, GNUNET_free, GNUNET_malloc, GNUNET_memcpy, handle, init_aes(), len, and size.

Referenced by GNUNET_ABE_cpabe_encrypt().

86 {
87  gcry_cipher_hd_t handle;
89  unsigned char iv[16];
90  char*buf;
91  int padding;
92  int buf_size;
93  uint8_t len[4];
94 
95  init_aes (k, 1, &handle, &skey, iv);
96 
97  /* TODO make less crufty */
98 
99  /* stuff in real length (big endian) before padding */
100  len[0] = (size & 0xff000000) >> 24;
101  len[1] = (size & 0xff0000) >> 16;
102  len[2] = (size & 0xff00) >> 8;
103  len[3] = (size & 0xff) >> 0;
104  padding = 16 - ((4 + size) % 16);
105  buf_size = 4 + size + padding;
106  buf = GNUNET_malloc (buf_size);
107  GNUNET_memcpy (buf, len, 4);
108  GNUNET_memcpy (buf + 4, pt, size);
109  *ct = GNUNET_malloc (buf_size);
110 
111  GNUNET_assert (0 == gcry_cipher_encrypt (handle, *ct, buf_size, buf,
112  buf_size));
113  gcry_cipher_close (handle);
114  // AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
115  GNUNET_free (buf);
116  return buf_size;
117 }
static int init_aes(element_t k, int enc, gcry_cipher_hd_t *handle, struct GNUNET_CRYPTO_SymmetricSessionKey *key, unsigned char *iv)
Definition: abe.c:49
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
static char buf[2048]
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static unsigned int size
Size of the "table".
Definition: peer.c:67
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ aes_128_cbc_decrypt()

static int aes_128_cbc_decrypt ( char *  ct,
int  size,
element_t  k,
char **  pt 
)
static

Definition at line 121 of file abe.c.

References GNUNET_assert, GNUNET_free, GNUNET_malloc, GNUNET_memcpy, handle, init_aes(), and len.

Referenced by GNUNET_ABE_cpabe_decrypt().

125 {
127  gcry_cipher_hd_t handle;
128  unsigned char iv[16];
129  char*tmp;
130  uint32_t len;
131 
132  init_aes (k, 1, &handle, &skey, iv);
133 
134  tmp = GNUNET_malloc (size);
135 
136  // AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
137  GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, ct, size));
138  gcry_cipher_close (handle);
139  /* TODO make less crufty */
140 
141  /* get real length */
142  len = 0;
143  len = len
144  | ((tmp[0]) << 24) | ((tmp[1]) << 16)
145  | ((tmp[2]) << 8) | ((tmp[3]) << 0);
146  /* truncate any garbage from the padding */
147  *pt = GNUNET_malloc (len);
148  GNUNET_memcpy (*pt, tmp + 4, len);
149  GNUNET_free (tmp);
150  return len;
151 }
static int init_aes(element_t k, int enc, gcry_cipher_hd_t *handle, struct GNUNET_CRYPTO_SymmetricSessionKey *key, unsigned char *iv)
Definition: abe.c:49
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static unsigned int size
Size of the "table".
Definition: peer.c:67
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ write_cpabe()

static ssize_t write_cpabe ( void **  result,
uint32_t  file_len,
char *  cph_buf,
int  cph_buf_len,
char *  aes_buf,
int  aes_buf_len 
)
static

Definition at line 238 of file abe.c.

References GNUNET_malloc, GNUNET_memcpy, len, and result.

Referenced by GNUNET_ABE_cpabe_encrypt(), GNUNET_ABE_cpabe_serialize_key(), and GNUNET_ABE_cpabe_serialize_master_key().

244 {
245  char *ptr;
246  uint32_t *len;
247 
248  *result = GNUNET_malloc (12 + cph_buf_len + aes_buf_len);
249  ptr = *result;
250  len = (uint32_t*) ptr;
251  *len = htonl (file_len);
252  ptr += 4;
253  len = (uint32_t*) ptr;
254  *len = htonl (aes_buf_len);
255  ptr += 4;
256  GNUNET_memcpy (ptr, aes_buf, aes_buf_len);
257  ptr += aes_buf_len;
258  len = (uint32_t*) ptr;
259  *len = htonl (cph_buf_len);
260  ptr += 4;
261  GNUNET_memcpy (ptr, cph_buf, cph_buf_len);
262  return 12 + cph_buf_len + aes_buf_len;
263 }
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
static int result
Global testing status.
#define GNUNET_malloc(size)
Wrapper around malloc.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the caller graph for this function:

◆ read_cpabe()

static ssize_t read_cpabe ( const void *  data,
char **  cph_buf,
int *  cph_buf_len,
char **  aes_buf,
int *  aes_buf_len 
)
static

Definition at line 267 of file abe.c.

References GNUNET_malloc, GNUNET_memcpy, and len.

Referenced by GNUNET_ABE_cpabe_decrypt(), GNUNET_ABE_cpabe_deserialize_key(), and GNUNET_ABE_cpabe_deserialize_master_key().

272 {
273  int buf_len;
274  char *ptr;
275  uint32_t *len;
276 
277  ptr = (char*) data;
278  len = (uint32_t*) ptr;
279  buf_len = ntohl (*len);
280  ptr += 4;
281  len = (uint32_t*) ptr;
282  *aes_buf_len = ntohl (*len);
283  ptr += 4;
284  *aes_buf = GNUNET_malloc (*aes_buf_len);
285  GNUNET_memcpy (*aes_buf, ptr, *aes_buf_len);
286  ptr += *aes_buf_len;
287  len = (uint32_t*) ptr;
288  *cph_buf_len = ntohl (*len);
289  ptr += 4;
290  *cph_buf = GNUNET_malloc (*cph_buf_len);
291  GNUNET_memcpy (*cph_buf, ptr, *cph_buf_len);
292 
293  return buf_len;
294 }
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
uint32_t data
The data value.
#define GNUNET_malloc(size)
Wrapper around malloc.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the caller graph for this function: