GNUnet  0.10.x
abe.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet. Copyright (C) 2001-2018 Christian Grothoff
3  (and other contributing authors)
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19 
20  */
21 
29 #include "platform.h"
30 #include <pbc/pbc.h>
31 #include <gabe.h>
32 
33 #include "gnunet_crypto_lib.h"
34 #include "gnunet_abe_lib.h"
35 
36 struct GNUNET_ABE_AbeMasterKey {
37  gabe_pub_t* pub;
38  gabe_msk_t* msk;
39 };
40 
41 struct GNUNET_ABE_AbeKey {
42  gabe_pub_t* pub;
43  gabe_prv_t* prv;
44 };
45 
46 static int
47 init_aes(element_t k, int enc,
48  gcry_cipher_hd_t* handle,
49  struct GNUNET_CRYPTO_SymmetricSessionKey *key,
50  unsigned char* iv)
51 {
52  int rc;
53  int key_len;
54  unsigned char* key_buf;
55 
56  key_len = element_length_in_bytes(k) < 33 ? 3 : element_length_in_bytes(k);
57  key_buf = (unsigned char*)malloc(key_len);
58  element_to_bytes(key_buf, k);
59 
60  GNUNET_memcpy(key->aes_key, key_buf, GNUNET_CRYPTO_AES_KEY_LENGTH);
61  GNUNET_assert(0 ==
62  gcry_cipher_open(handle, GCRY_CIPHER_AES256,
63  GCRY_CIPHER_MODE_CFB, 0));
64  rc = gcry_cipher_setkey(*handle,
65  key->aes_key,
66  sizeof(key->aes_key));
67  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
68  memset(iv, 0, 16); //TODO make reasonable
69  rc = gcry_cipher_setiv(*handle,
70  iv,
71  16);
72  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
73 
74  free(key_buf);
75  return rc;
76 }
77 
78 static int
79 aes_128_cbc_encrypt(char* pt,
80  int size,
81  element_t k,
82  char **ct)
83 {
84  gcry_cipher_hd_t handle;
85  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
86  unsigned char iv[16];
87  char* buf;
88  int padding;
89  int buf_size;
90  uint8_t len[4];
91 
92  init_aes(k, 1, &handle, &skey, iv);
93 
94  /* TODO make less crufty */
95 
96  /* stuff in real length (big endian) before padding */
97  len[0] = (size & 0xff000000) >> 24;
98  len[1] = (size & 0xff0000) >> 16;
99  len[2] = (size & 0xff00) >> 8;
100  len[3] = (size & 0xff) >> 0;
101  padding = 16 - ((4 + size) % 16);
102  buf_size = 4 + size + padding;
103  buf = GNUNET_malloc(buf_size);
104  GNUNET_memcpy(buf, len, 4);
105  GNUNET_memcpy(buf + 4, pt, size);
106  *ct = GNUNET_malloc(buf_size);
107 
108  GNUNET_assert(0 == gcry_cipher_encrypt(handle, *ct, buf_size, buf, buf_size));
109  gcry_cipher_close(handle);
110  //AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
111  GNUNET_free(buf);
112  return buf_size;
113 }
114 
115 static int
116 aes_128_cbc_decrypt(char* ct,
117  int size,
118  element_t k,
119  char **pt)
120 {
121  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
122  gcry_cipher_hd_t handle;
123  unsigned char iv[16];
124  char* tmp;
125  uint32_t len;
126 
127  init_aes(k, 1, &handle, &skey, iv);
128 
129  tmp = GNUNET_malloc(size);
130 
131  //AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
132  GNUNET_assert(0 == gcry_cipher_decrypt(handle, tmp, size, ct, size));
133  gcry_cipher_close(handle);
134  /* TODO make less crufty */
135 
136  /* get real length */
137  len = 0;
138  len = len
139  | ((tmp[0]) << 24) | ((tmp[1]) << 16)
140  | ((tmp[2]) << 8) | ((tmp[3]) << 0);
141  /* truncate any garbage from the padding */
142  *pt = GNUNET_malloc(len);
143  GNUNET_memcpy(*pt, tmp + 4, len);
144  GNUNET_free(tmp);
145  return len;
146 }
147 
154 struct GNUNET_ABE_AbeMasterKey*
155 GNUNET_ABE_cpabe_create_master_key(void)
156 {
157  struct GNUNET_ABE_AbeMasterKey* key;
158 
159  key = GNUNET_new(struct GNUNET_ABE_AbeMasterKey);
160  gabe_setup(&key->pub, &key->msk);
161  GNUNET_assert(NULL != key->pub);
162  GNUNET_assert(NULL != key->msk);
163  return key;
164 }
165 
173 void
174 GNUNET_ABE_cpabe_delete_master_key(struct GNUNET_ABE_AbeMasterKey *key)
175 {
176  gabe_msk_free(key->msk);
177  gabe_pub_free(key->pub);
178  //GNUNET_free (key->msk);
179  //gabe_msk_free (key->msk); //For some reason free of pub implicit?
180  GNUNET_free(key);
181 }
182 
191 struct GNUNET_ABE_AbeKey*
192 GNUNET_ABE_cpabe_create_key(struct GNUNET_ABE_AbeMasterKey *key,
193  char **attrs)
194 {
195  struct GNUNET_ABE_AbeKey *prv_key;
196  int size;
197  char *tmp;
198 
199  prv_key = GNUNET_new(struct GNUNET_ABE_AbeKey);
200  prv_key->prv = gabe_keygen(key->pub, key->msk, attrs);
201  size = gabe_pub_serialize(key->pub, &tmp);
202  prv_key->pub = gabe_pub_unserialize(tmp, size);
203  GNUNET_free(tmp);
204  GNUNET_assert(NULL != prv_key->prv);
205  return prv_key;
206 }
207 
216 void
217 GNUNET_ABE_cpabe_delete_key(struct GNUNET_ABE_AbeKey *key,
218  int delete_pub)
219 {
220  //Memory management in gabe is buggy
221  gabe_prv_free(key->prv);
222  if (GNUNET_YES == delete_pub)
223  gabe_pub_free(key->pub);
224  GNUNET_free(key);
225 }
226 
227 static ssize_t
228 write_cpabe(void **result,
229  uint32_t file_len,
230  char* cph_buf,
231  int cph_buf_len,
232  char* aes_buf,
233  int aes_buf_len)
234 {
235  char *ptr;
236  uint32_t *len;
237 
238  *result = GNUNET_malloc(12 + cph_buf_len + aes_buf_len);
239  ptr = *result;
240  len = (uint32_t*)ptr;
241  *len = htonl(file_len);
242  ptr += 4;
243  len = (uint32_t*)ptr;
244  *len = htonl(aes_buf_len);
245  ptr += 4;
246  GNUNET_memcpy(ptr, aes_buf, aes_buf_len);
247  ptr += aes_buf_len;
248  len = (uint32_t*)ptr;
249  *len = htonl(cph_buf_len);
250  ptr += 4;
251  GNUNET_memcpy(ptr, cph_buf, cph_buf_len);
252  return 12 + cph_buf_len + aes_buf_len;
253 }
254 
255 static ssize_t
256 read_cpabe(const void *data,
257  char** cph_buf,
258  int *cph_buf_len,
259  char** aes_buf,
260  int *aes_buf_len)
261 {
262  int buf_len;
263  char *ptr;
264  uint32_t *len;
265 
266  ptr = (char*)data;
267  len = (uint32_t*)ptr;
268  buf_len = ntohl(*len);
269  ptr += 4;
270  len = (uint32_t*)ptr;
271  *aes_buf_len = ntohl(*len);
272  ptr += 4;
273  *aes_buf = GNUNET_malloc(*aes_buf_len);
274  GNUNET_memcpy(*aes_buf, ptr, *aes_buf_len);
275  ptr += *aes_buf_len;
276  len = (uint32_t*)ptr;
277  *cph_buf_len = ntohl(*len);
278  ptr += 4;
279  *cph_buf = GNUNET_malloc(*cph_buf_len);
280  GNUNET_memcpy(*cph_buf, ptr, *cph_buf_len);
281 
282  return buf_len;
283 }
284 
296 ssize_t
297 GNUNET_ABE_cpabe_encrypt(const void *block,
298  size_t size,
299  const char *policy,
300  const struct GNUNET_ABE_AbeMasterKey *key,
301  void **result)
302 {
303  gabe_cph_t* cph;
304  char* plt;
305  char* cph_buf;
306  char* aes_buf;
307  element_t m;
308  int cph_buf_len;
309  int aes_buf_len;
310  ssize_t result_len;
311 
312  if (!(cph = gabe_enc(key->pub, m, (char*)policy)))
313  return GNUNET_SYSERR;
314  cph_buf_len = gabe_cph_serialize(cph,
315  &cph_buf);
316  gabe_cph_free(cph);
317  GNUNET_free(cph);
318  plt = GNUNET_memdup(block, size);
319  aes_buf_len = aes_128_cbc_encrypt(plt, size, m, &aes_buf);
320  GNUNET_free(plt);
321  element_clear(m);
322  result_len = write_cpabe(result, size, cph_buf, cph_buf_len, aes_buf, aes_buf_len);
323  GNUNET_free(cph_buf);
324  GNUNET_free(aes_buf);
325  return result_len;
326 }
327 
338 ssize_t
339 GNUNET_ABE_cpabe_decrypt(const void *block,
340  size_t size,
341  const struct GNUNET_ABE_AbeKey *key,
342  void **result)
343 {
344  char* aes_buf;
345  char* cph_buf;
346  gabe_cph_t* cph;
347  element_t m;
348  int cph_buf_size;
349  int aes_buf_size;
350  int plt_len;
351 
352  read_cpabe(block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size);
353  cph = gabe_cph_unserialize(key->pub, cph_buf, cph_buf_size);
354  if (!gabe_dec(key->pub, key->prv, cph, m))
355  {
356  GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
357  "%s\n", gabe_error());
358  GNUNET_free(aes_buf);
359  GNUNET_free(cph_buf);
360  gabe_cph_free(cph);
361  GNUNET_free(cph);
362  element_clear(m);
363  return GNUNET_SYSERR;
364  }
365  gabe_cph_free(cph);
366  GNUNET_free(cph);
367  plt_len = aes_128_cbc_decrypt(aes_buf, aes_buf_size, m, (char**)result);
368  GNUNET_free(cph_buf);
369  GNUNET_free(aes_buf);
370  element_clear(m);
371  //freeing is buggy in gabe
372  //gabe_prv_free (prv);
373  //gabe_pub_free (pub);
374  return plt_len;
375 }
376 
385 ssize_t
386 GNUNET_ABE_cpabe_serialize_key(const struct GNUNET_ABE_AbeKey *key,
387  void **result)
388 {
389  ssize_t len;
390  char *pub;
391  char *prv;
392  int pub_len;
393  int prv_len;
394 
395  pub_len = gabe_pub_serialize(key->pub, &pub);
396  prv_len = gabe_prv_serialize(key->prv, &prv);
397 
398  len = pub_len + prv_len + 12;
399  write_cpabe(result, len, pub, pub_len, prv, prv_len);
400 
401  GNUNET_free(pub);
402  GNUNET_free(prv);
403 
404  return len;
405 }
406 
415 struct GNUNET_ABE_AbeKey*
416 GNUNET_ABE_cpabe_deserialize_key(const void *data,
417  size_t len)
418 {
419  struct GNUNET_ABE_AbeKey *key;
420  char *pub;
421  char *prv;
422  int prv_len;
423  int pub_len;
424 
425  key = GNUNET_new(struct GNUNET_ABE_AbeKey);
426  read_cpabe(data,
427  &pub,
428  &pub_len,
429  &prv,
430  &prv_len);
431  key->pub = gabe_pub_unserialize(pub, pub_len);
432  key->prv = gabe_prv_unserialize(key->pub, prv, prv_len);
433 
434  GNUNET_free(pub);
435  GNUNET_free(prv);
436  return key;
437 }
438 
447 ssize_t
448 GNUNET_ABE_cpabe_serialize_master_key(const struct GNUNET_ABE_AbeMasterKey *key,
449  void **result)
450 {
451  ssize_t len;
452  char *pub;
453  char *msk;
454  int pub_len;
455  int msk_len;
456 
457  pub_len = gabe_pub_serialize(key->pub, &pub);
458  msk_len = gabe_msk_serialize(key->msk, &msk);
459 
460  len = pub_len + msk_len + 12;
461  write_cpabe(result, len, pub, pub_len, msk, msk_len);
462 
463  GNUNET_free(pub);
464  GNUNET_free(msk);
465 
466  return len;
467 }
468 
477 struct GNUNET_ABE_AbeMasterKey*
478 GNUNET_ABE_cpabe_deserialize_master_key(const void *data,
479  size_t len)
480 {
481  struct GNUNET_ABE_AbeMasterKey *key;
482  char *msk;
483  char *pub;
484  int msk_len;
485  int pub_len;
486 
487  key = GNUNET_new(struct GNUNET_ABE_AbeMasterKey);
488  read_cpabe(data,
489  &pub,
490  &pub_len,
491  &msk,
492  &msk_len);
493  key->pub = gabe_pub_unserialize(pub, pub_len);
494  key->msk = gabe_msk_unserialize(key->pub, msk, msk_len);
495 
496  GNUNET_free(pub);
497  GNUNET_free(msk);
498 
499  return key;
500 }
GNUNET_ABE_AbeKey::pub
gabe_pub_t * pub
Definition: abe.c:42
aes_128_cbc_decrypt
static int aes_128_cbc_decrypt(char *ct, int size, element_t k, char **pt)
Definition: abe.c:116
init_aes
static int init_aes(element_t k, int enc, gcry_cipher_hd_t *handle, struct GNUNET_CRYPTO_SymmetricSessionKey *key, unsigned char *iv)
Definition: abe.c:47
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:820
GNUNET_ABE_cpabe_serialize_master_key
ssize_t GNUNET_ABE_cpabe_serialize_master_key(const struct GNUNET_ABE_AbeMasterKey *key, void **result)
Serialize an ABE master key.
Definition: abe.c:448
GNUNET_ABE_AbeMasterKey::msk
gabe_msk_t * msk
Definition: abe.c:38
GNUNET_memcpy
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
Definition: gnunet_common.h:1092
GNUNET_memdup
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
Definition: gnunet_common.h:1157
GNUNET_new
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition: gnunet_common.h:1055
GNUNET_CRYPTO_SymmetricSessionKey::aes_key
unsigned char aes_key[(256/8)]
Actual key for AES.
Definition: gnunet_crypto_lib.h:269
m
static struct GNUNET_ARM_MonitorHandle * m
Monitor connection with ARM.
Definition: gnunet-arm.c:99
gnunet_crypto_lib.h
cryptographic primitives for GNUnet
GNUNET_CRYPTO_SymmetricSessionKey
type for session keys
Definition: gnunet_crypto_lib.h:265
GNUNET_ABE_cpabe_decrypt
ssize_t GNUNET_ABE_cpabe_decrypt(const void *block, size_t size, const struct GNUNET_ABE_AbeKey *key, void **result)
Decrypt a block using the ABE key.
Definition: abe.c:339
buf
static char buf[2048]
Definition: gnunet-service-testbed_meminfo.c:64
handle
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
Definition: gnunet-dns-monitor.c:35
result
static int result
Global testing status.
Definition: gnunet-regex-profiler.c:241
GNUNET_ABE_cpabe_encrypt
ssize_t GNUNET_ABE_cpabe_encrypt(const void *block, size_t size, const char *policy, const struct GNUNET_ABE_AbeMasterKey *key, void **result)
Encrypt a block using sessionkey.
Definition: abe.c:297
GNUNET_ABE_cpabe_create_master_key
struct GNUNET_ABE_AbeMasterKey * GNUNET_ABE_cpabe_create_master_key(void)
Create a new CP-ABE master key.
Definition: abe.c:155
GNUNET_ABE_AbeKey
Definition: abe.c:41
GNUNET_ABE_AbeKey::prv
gabe_prv_t * prv
Definition: abe.c:43
GNUNET_CRYPTO_AES_KEY_LENGTH
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
Definition: gnunet_crypto_lib.h:99
key
struct GNUNET_HashCode key
The key used in the DHT.
Definition: gnunet-dht-put.c:37
GNUNET_SYSERR
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
GNUNET_ABE_cpabe_serialize_key
ssize_t GNUNET_ABE_cpabe_serialize_key(const struct GNUNET_ABE_AbeKey *key, void **result)
Serialize an ABE key.
Definition: abe.c:386
size
static unsigned int size
Size of the "table".
Definition: peer.c:66
write_cpabe
static ssize_t write_cpabe(void **result, uint32_t file_len, char *cph_buf, int cph_buf_len, char *aes_buf, int aes_buf_len)
Definition: abe.c:228
GNUNET_ABE_AbeMasterKey::pub
gabe_pub_t * pub
Definition: abe.c:37
GNUNET_ABE_cpabe_deserialize_master_key
struct GNUNET_ABE_AbeMasterKey * GNUNET_ABE_cpabe_deserialize_master_key(const void *data, size_t len)
Deserialize an ABE master key.
Definition: abe.c:478
GNUNET_ABE_cpabe_delete_master_key
void GNUNET_ABE_cpabe_delete_master_key(struct GNUNET_ABE_AbeMasterKey *key)
Delete a CP-ABE master key.
Definition: abe.c:174
aes_128_cbc_encrypt
static int aes_128_cbc_encrypt(char *pt, int size, element_t k, char **ct)
Definition: abe.c:79
GNUNET_ABE_cpabe_deserialize_key
struct GNUNET_ABE_AbeKey * GNUNET_ABE_cpabe_deserialize_key(const void *data, size_t len)
Deserialize a serialized ABE key.
Definition: abe.c:416
enc
static OpusEncoder * enc
OPUS encoder.
Definition: gnunet-helper-audio-record.c:204
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:494
GNUNET_ERROR_TYPE_DEBUG
Definition: gnunet_common.h:373
GNUNET_ABE_AbeMasterKey
Definition: abe.c:36
read_cpabe
static ssize_t read_cpabe(const void *data, char **cph_buf, int *cph_buf_len, char **aes_buf, int *aes_buf_len)
Definition: abe.c:256
GNUNET_YES
#define GNUNET_YES
Definition: gnunet_common.h:77
data
uint32_t data
The data value.
Definition: gnunet-helper-transport-wlan.c:89
gnunet_abe_lib.h
Attribute-Based Encryption primitives for GNUnet.
GNUNET_ABE_cpabe_delete_key
void GNUNET_ABE_cpabe_delete_key(struct GNUNET_ABE_AbeKey *key, int delete_pub)
Delete a CP-ABE key.
Definition: abe.c:217
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1147
GNUNET_ABE_cpabe_create_key
struct GNUNET_ABE_AbeKey * GNUNET_ABE_cpabe_create_key(struct GNUNET_ABE_AbeMasterKey *key, char **attrs)
Create a new CP-ABE key.
Definition: abe.c:192
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1191
len
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Definition: gnunet-helper-transport-wlan.c:84
Generated by   doxygen 1.8.13