GNUnet debian-0.24.3-29-g453fda2cf
 
Loading...
Searching...
No Matches
crypto_symmetric.c File Reference

Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each) More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include <gcrypt.h>
Include dependency graph for crypto_symmetric.c:

Go to the source code of this file.

Macros

#define LOG(kind, ...)
 

Functions

void GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key)
 Create a new SessionKey (for symmetric encryption).
 
static int setup_cipher_aes (gcry_cipher_hd_t *handle, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv)
 Initialize AES cipher.
 
static int setup_cipher_twofish (gcry_cipher_hd_t *handle, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv)
 Initialize TWOFISH cipher.
 
ssize_t GNUNET_CRYPTO_symmetric_encrypt (const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
 Encrypt a block with a symmetric session key.
 
ssize_t GNUNET_CRYPTO_symmetric_decrypt (const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
 Decrypt a given block with the session key.
 
void GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
 Derive an IV.
 
void GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len, va_list argp)
 Derive an IV.
 

Detailed Description

Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each)

Author
Christian Grothoff
Ioana Patrascu

Definition in file crypto_symmetric.c.

Macro Definition Documentation

◆ LOG

#define LOG (   kind,
  ... 
)
Value:
GNUNET_log_from (kind, "util-crypto-symmetric", \
__VA_ARGS__)
#define GNUNET_log_from(kind, comp,...)

Definition at line 33 of file crypto_symmetric.c.

44{
45 gcry_randomize (key->aes_key,
47 GCRY_STRONG_RANDOM);
48 gcry_randomize (key->twofish_key,
50 GCRY_STRONG_RANDOM);
51}
52
53
62static int
63setup_cipher_aes (gcry_cipher_hd_t *handle,
64 const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
66{
67 int rc;
68
69 GNUNET_assert (0 ==
70 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
71 GCRY_CIPHER_MODE_CFB, 0));
72 rc = gcry_cipher_setkey (*handle,
73 sessionkey->aes_key,
74 sizeof(sessionkey->aes_key));
75 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
76 rc = gcry_cipher_setiv (*handle,
77 iv->aes_iv,
78 sizeof(iv->aes_iv));
79 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
80 return GNUNET_OK;
81}
82
83
92static int
93setup_cipher_twofish (gcry_cipher_hd_t *handle,
94 const struct
96 const struct
98{
99 int rc;
100
101 GNUNET_assert (0 ==
102 gcry_cipher_open (handle, GCRY_CIPHER_TWOFISH,
103 GCRY_CIPHER_MODE_CFB, 0));
104 rc = gcry_cipher_setkey (*handle,
105 sessionkey->twofish_key,
106 sizeof(sessionkey->twofish_key));
107 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
108 rc = gcry_cipher_setiv (*handle,
109 iv->twofish_iv,
110 sizeof(iv->twofish_iv));
111 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
112 return GNUNET_OK;
113}
114
115
129ssize_t
130GNUNET_CRYPTO_symmetric_encrypt (const void *block,
131 size_t size,
132 const struct
134 const struct
136 void *result)
137{
138 gcry_cipher_hd_t handle;
139 char tmp[GNUNET_NZL(size)];
140
141 if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv))
142 return -1;
143 GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, size, block, size));
144 gcry_cipher_close (handle);
145 if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv))
146 return -1;
147 GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, size, tmp, size));
148 gcry_cipher_close (handle);
149 memset (tmp, 0, sizeof(tmp));
150 return size;
151}
152
153
167ssize_t
168GNUNET_CRYPTO_symmetric_decrypt (const void *block,
169 size_t size,
170 const struct
172 const struct
174 void *result)
175{
176 gcry_cipher_hd_t handle;
177 char tmp[size];
178
179 if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv))
180 return -1;
181 GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, block, size));
182 gcry_cipher_close (handle);
183 if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv))
184 return -1;
185 GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, tmp, size));
186 gcry_cipher_close (handle);
187 memset (tmp, 0, sizeof(tmp));
188 return size;
189}
190
191
201void
204 iv,
205 const struct
207 const void *salt,
208 size_t salt_len,
209 ...)
210{
211 va_list argp;
212
213 va_start (argp, salt_len);
214 GNUNET_CRYPTO_symmetric_derive_iv_v (iv, skey, salt, salt_len, argp);
215 va_end (argp);
216}
217
218
219void
222 *iv,
223 const struct
225 const void *salt,
226 size_t salt_len,
227 va_list argp)
228{
229 char aes_salt[salt_len + 4];
230 char twofish_salt[salt_len + 4];
231
232 GNUNET_memcpy (aes_salt, salt, salt_len);
233 GNUNET_memcpy (&aes_salt[salt_len], "AES!", 4);
234 GNUNET_memcpy (twofish_salt, salt, salt_len);
235 GNUNET_memcpy (&twofish_salt[salt_len], "FISH", 4);
237 sizeof(iv->aes_iv),
238 aes_salt,
239 salt_len + 4,
240 skey->aes_key,
241 sizeof(skey->aes_key),
242 argp);
244 sizeof(iv->twofish_iv),
245 twofish_salt,
246 salt_len + 4,
247 skey->twofish_key,
248 sizeof(skey->twofish_key),
249 argp);
250}
251
252
253/* end of crypto_symmetric.c */
static int setup_cipher_aes(gcry_cipher_hd_t *handle, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv)
Initialize AES cipher.
static int setup_cipher_twofish(gcry_cipher_hd_t *handle, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv)
Initialize TWOFISH cipher.
struct GNUNET_HashCode key
The key used in the DHT.
static int result
Global testing status.
static struct GNUNET_CRYPTO_PowSalt salt
Salt for PoW calculations.
static struct GNUNET_VPN_Handle * handle
Handle to vpn service.
Definition gnunet-vpn.c:35
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block with a symmetric session key.
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block with the session key.
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf_v(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len, va_list argp)
Derive key.
Definition crypto_kdf.c:38
void GNUNET_CRYPTO_symmetric_derive_iv_v(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len, va_list argp)
Derive an IV.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
@ GNUNET_OK
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static unsigned int size
Size of the "table".
Definition peer.c:68
unsigned char twofish_key[(256/8)]
Actual key for TwoFish.
unsigned char aes_key[(256/8)]
Actual key for AES.

Function Documentation

◆ setup_cipher_aes()

static int setup_cipher_aes ( gcry_cipher_hd_t *  handle,
const struct GNUNET_CRYPTO_SymmetricSessionKey sessionkey,
const struct GNUNET_CRYPTO_SymmetricInitializationVector iv 
)
static

Initialize AES cipher.

Parameters
handlehandle to initialize
sessionkeysession key to use
ivinitialization vector to use
Returns
GNUNET_OK on success, GNUNET_SYSERR on error

Definition at line 64 of file crypto_symmetric.c.

67{
68 int rc;
69
70 GNUNET_assert (0 ==
71 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
72 GCRY_CIPHER_MODE_CFB, 0));
73 rc = gcry_cipher_setkey (*handle,
74 sessionkey->aes_key,
75 sizeof(sessionkey->aes_key));
76 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
77 rc = gcry_cipher_setiv (*handle,
78 iv->aes_iv,
79 sizeof(iv->aes_iv));
80 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
81 return GNUNET_OK;
82}

References GNUNET_CRYPTO_SymmetricInitializationVector::aes_iv, GNUNET_CRYPTO_SymmetricSessionKey::aes_key, GNUNET_assert, GNUNET_OK, and handle.

Referenced by GNUNET_CRYPTO_symmetric_decrypt(), and GNUNET_CRYPTO_symmetric_encrypt().

Here is the caller graph for this function:

◆ setup_cipher_twofish()

static int setup_cipher_twofish ( gcry_cipher_hd_t *  handle,
const struct GNUNET_CRYPTO_SymmetricSessionKey sessionkey,
const struct GNUNET_CRYPTO_SymmetricInitializationVector iv 
)
static

Initialize TWOFISH cipher.

Parameters
handlehandle to initialize
sessionkeysession key to use
ivinitialization vector to use
Returns
GNUNET_OK on success, GNUNET_SYSERR on error

Definition at line 94 of file crypto_symmetric.c.

99{
100 int rc;
101
102 GNUNET_assert (0 ==
103 gcry_cipher_open (handle, GCRY_CIPHER_TWOFISH,
104 GCRY_CIPHER_MODE_CFB, 0));
105 rc = gcry_cipher_setkey (*handle,
106 sessionkey->twofish_key,
107 sizeof(sessionkey->twofish_key));
108 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
109 rc = gcry_cipher_setiv (*handle,
110 iv->twofish_iv,
111 sizeof(iv->twofish_iv));
112 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
113 return GNUNET_OK;
114}

References GNUNET_assert, GNUNET_OK, handle, GNUNET_CRYPTO_SymmetricInitializationVector::twofish_iv, and GNUNET_CRYPTO_SymmetricSessionKey::twofish_key.

Referenced by GNUNET_CRYPTO_symmetric_decrypt(), and GNUNET_CRYPTO_symmetric_encrypt().

Here is the caller graph for this function: