GNUnet  0.10.x
Data Structures | Functions
abe.c File Reference

functions for Attribute-Based Encryption More...

#include "platform.h"
#include <pbc/pbc.h>
#include <gabe.h>
#include "gnunet_crypto_lib.h"
#include "gnunet_abe_lib.h"
Include dependency graph for abe.c:

Go to the source code of this file.

Data Structures

struct  GNUNET_ABE_AbeMasterKey
 
struct  GNUNET_ABE_AbeKey
 

Functions

static int init_aes (element_t k, int enc, gcry_cipher_hd_t *handle, struct GNUNET_CRYPTO_SymmetricSessionKey *key, unsigned char *iv)
 
static int aes_128_cbc_encrypt (char *pt, int size, element_t k, char **ct)
 
static int aes_128_cbc_decrypt (char *ct, int size, element_t k, char **pt)
 
struct GNUNET_ABE_AbeMasterKeyGNUNET_ABE_cpabe_create_master_key (void)
 Create a new CP-ABE master key. More...
 
void GNUNET_ABE_cpabe_delete_master_key (struct GNUNET_ABE_AbeMasterKey *key)
 Delete a CP-ABE master key. More...
 
struct GNUNET_ABE_AbeKeyGNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key, char **attrs)
 Create a new CP-ABE key. More...
 
void GNUNET_ABE_cpabe_delete_key (struct GNUNET_ABE_AbeKey *key, int delete_pub)
 Delete a CP-ABE key. More...
 
static ssize_t write_cpabe (void **result, uint32_t file_len, char *cph_buf, int cph_buf_len, char *aes_buf, int aes_buf_len)
 
static ssize_t read_cpabe (const void *data, char **cph_buf, int *cph_buf_len, char **aes_buf, int *aes_buf_len)
 
ssize_t GNUNET_ABE_cpabe_encrypt (const void *block, size_t size, const char *policy, const struct GNUNET_ABE_AbeMasterKey *key, void **result)
 Encrypt a block using sessionkey. More...
 
ssize_t GNUNET_ABE_cpabe_decrypt (const void *block, size_t size, const struct GNUNET_ABE_AbeKey *key, void **result)
 Decrypt a block using the ABE key. More...
 
ssize_t GNUNET_ABE_cpabe_serialize_key (const struct GNUNET_ABE_AbeKey *key, void **result)
 Serialize an ABE key. More...
 
struct GNUNET_ABE_AbeKeyGNUNET_ABE_cpabe_deserialize_key (const void *data, size_t len)
 Deserialize a serialized ABE key. More...
 
ssize_t GNUNET_ABE_cpabe_serialize_master_key (const struct GNUNET_ABE_AbeMasterKey *key, void **result)
 Serialize an ABE master key. More...
 
struct GNUNET_ABE_AbeMasterKeyGNUNET_ABE_cpabe_deserialize_master_key (const void *data, size_t len)
 Deserialize an ABE master key. More...
 

Detailed Description

functions for Attribute-Based Encryption

Author
Martin Schanzenbach

Definition in file abe.c.

Function Documentation

◆ init_aes()

static int init_aes ( element_t  k,
int  enc,
gcry_cipher_hd_t *  handle,
struct GNUNET_CRYPTO_SymmetricSessionKey key,
unsigned char *  iv 
)
static

Definition at line 47 of file abe.c.

References GNUNET_CRYPTO_SymmetricSessionKey::aes_key, GNUNET_assert, GNUNET_CRYPTO_AES_KEY_LENGTH, and GNUNET_memcpy.

Referenced by aes_128_cbc_decrypt(), and aes_128_cbc_encrypt().

51 {
52  int rc;
53  int key_len;
54  unsigned char* key_buf;
55 
56  key_len = element_length_in_bytes(k) < 33 ? 3 : element_length_in_bytes(k);
57  key_buf = (unsigned char*)malloc(key_len);
58  element_to_bytes(key_buf, k);
59 
61  GNUNET_assert(0 ==
62  gcry_cipher_open(handle, GCRY_CIPHER_AES256,
63  GCRY_CIPHER_MODE_CFB, 0));
64  rc = gcry_cipher_setkey(*handle,
65  key->aes_key,
66  sizeof(key->aes_key));
67  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
68  memset(iv, 0, 16); //TODO make reasonable
69  rc = gcry_cipher_setiv(*handle,
70  iv,
71  16);
72  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
73 
74  free(key_buf);
75  return rc;
76 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
unsigned char aes_key[(256/8)]
Actual key for AES.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
Here is the caller graph for this function:

◆ aes_128_cbc_encrypt()

static int aes_128_cbc_encrypt ( char *  pt,
int  size,
element_t  k,
char **  ct 
)
static

Definition at line 79 of file abe.c.

References buf, GNUNET_assert, GNUNET_free, GNUNET_malloc, GNUNET_memcpy, handle, init_aes(), len, and size.

Referenced by GNUNET_ABE_cpabe_encrypt().

83 {
84  gcry_cipher_hd_t handle;
86  unsigned char iv[16];
87  char* buf;
88  int padding;
89  int buf_size;
90  uint8_t len[4];
91 
92  init_aes(k, 1, &handle, &skey, iv);
93 
94  /* TODO make less crufty */
95 
96  /* stuff in real length (big endian) before padding */
97  len[0] = (size & 0xff000000) >> 24;
98  len[1] = (size & 0xff0000) >> 16;
99  len[2] = (size & 0xff00) >> 8;
100  len[3] = (size & 0xff) >> 0;
101  padding = 16 - ((4 + size) % 16);
102  buf_size = 4 + size + padding;
103  buf = GNUNET_malloc(buf_size);
104  GNUNET_memcpy(buf, len, 4);
105  GNUNET_memcpy(buf + 4, pt, size);
106  *ct = GNUNET_malloc(buf_size);
107 
108  GNUNET_assert(0 == gcry_cipher_encrypt(handle, *ct, buf_size, buf, buf_size));
109  gcry_cipher_close(handle);
110  //AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
111  GNUNET_free(buf);
112  return buf_size;
113 }
static int init_aes(element_t k, int enc, gcry_cipher_hd_t *handle, struct GNUNET_CRYPTO_SymmetricSessionKey *key, unsigned char *iv)
Definition: abe.c:47
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
static char buf[2048]
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static unsigned int size
Size of the "table".
Definition: peer.c:66
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ aes_128_cbc_decrypt()

static int aes_128_cbc_decrypt ( char *  ct,
int  size,
element_t  k,
char **  pt 
)
static

Definition at line 116 of file abe.c.

References GNUNET_assert, GNUNET_free, GNUNET_malloc, GNUNET_memcpy, handle, init_aes(), and len.

Referenced by GNUNET_ABE_cpabe_decrypt().

120 {
122  gcry_cipher_hd_t handle;
123  unsigned char iv[16];
124  char* tmp;
125  uint32_t len;
126 
127  init_aes(k, 1, &handle, &skey, iv);
128 
129  tmp = GNUNET_malloc(size);
130 
131  //AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
132  GNUNET_assert(0 == gcry_cipher_decrypt(handle, tmp, size, ct, size));
133  gcry_cipher_close(handle);
134  /* TODO make less crufty */
135 
136  /* get real length */
137  len = 0;
138  len = len
139  | ((tmp[0]) << 24) | ((tmp[1]) << 16)
140  | ((tmp[2]) << 8) | ((tmp[3]) << 0);
141  /* truncate any garbage from the padding */
142  *pt = GNUNET_malloc(len);
143  GNUNET_memcpy(*pt, tmp + 4, len);
144  GNUNET_free(tmp);
145  return len;
146 }
static int init_aes(element_t k, int enc, gcry_cipher_hd_t *handle, struct GNUNET_CRYPTO_SymmetricSessionKey *key, unsigned char *iv)
Definition: abe.c:47
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static unsigned int size
Size of the "table".
Definition: peer.c:66
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ write_cpabe()

static ssize_t write_cpabe ( void **  result,
uint32_t  file_len,
char *  cph_buf,
int  cph_buf_len,
char *  aes_buf,
int  aes_buf_len 
)
static

Definition at line 228 of file abe.c.

References GNUNET_malloc, GNUNET_memcpy, len, and result.

Referenced by GNUNET_ABE_cpabe_encrypt(), GNUNET_ABE_cpabe_serialize_key(), and GNUNET_ABE_cpabe_serialize_master_key().

234 {
235  char *ptr;
236  uint32_t *len;
237 
238  *result = GNUNET_malloc(12 + cph_buf_len + aes_buf_len);
239  ptr = *result;
240  len = (uint32_t*)ptr;
241  *len = htonl(file_len);
242  ptr += 4;
243  len = (uint32_t*)ptr;
244  *len = htonl(aes_buf_len);
245  ptr += 4;
246  GNUNET_memcpy(ptr, aes_buf, aes_buf_len);
247  ptr += aes_buf_len;
248  len = (uint32_t*)ptr;
249  *len = htonl(cph_buf_len);
250  ptr += 4;
251  GNUNET_memcpy(ptr, cph_buf, cph_buf_len);
252  return 12 + cph_buf_len + aes_buf_len;
253 }
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
static int result
Global testing status.
#define GNUNET_malloc(size)
Wrapper around malloc.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the caller graph for this function:

◆ read_cpabe()

static ssize_t read_cpabe ( const void *  data,
char **  cph_buf,
int *  cph_buf_len,
char **  aes_buf,
int *  aes_buf_len 
)
static

Definition at line 256 of file abe.c.

References GNUNET_malloc, GNUNET_memcpy, and len.

Referenced by GNUNET_ABE_cpabe_decrypt(), GNUNET_ABE_cpabe_deserialize_key(), and GNUNET_ABE_cpabe_deserialize_master_key().

261 {
262  int buf_len;
263  char *ptr;
264  uint32_t *len;
265 
266  ptr = (char*)data;
267  len = (uint32_t*)ptr;
268  buf_len = ntohl(*len);
269  ptr += 4;
270  len = (uint32_t*)ptr;
271  *aes_buf_len = ntohl(*len);
272  ptr += 4;
273  *aes_buf = GNUNET_malloc(*aes_buf_len);
274  GNUNET_memcpy(*aes_buf, ptr, *aes_buf_len);
275  ptr += *aes_buf_len;
276  len = (uint32_t*)ptr;
277  *cph_buf_len = ntohl(*len);
278  ptr += 4;
279  *cph_buf = GNUNET_malloc(*cph_buf_len);
280  GNUNET_memcpy(*cph_buf, ptr, *cph_buf_len);
281 
282  return buf_len;
283 }
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
uint32_t data
The data value.
#define GNUNET_malloc(size)
Wrapper around malloc.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the caller graph for this function: