GNUnet  0.10.x
Macros | Functions
crypto_symmetric.c File Reference

Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each) More...

#include "platform.h"
#include "gnunet_crypto_lib.h"
#include <gcrypt.h>
Include dependency graph for crypto_symmetric.c:

Go to the source code of this file.

Macros

#define LOG(kind, ...)   GNUNET_log_from(kind, "util-crypto-symmetric", __VA_ARGS__)
 

Functions

void GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key)
 Create a new SessionKey (for symmetric encryption). More...
 
static int setup_cipher_aes (gcry_cipher_hd_t *handle, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv)
 Initialize AES cipher. More...
 
static int setup_cipher_twofish (gcry_cipher_hd_t *handle, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv)
 Initialize TWOFISH cipher. More...
 
ssize_t GNUNET_CRYPTO_symmetric_encrypt (const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
 Encrypt a block with a symmetric session key. More...
 
ssize_t GNUNET_CRYPTO_symmetric_decrypt (const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
 Decrypt a given block with the session key. More...
 
void GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
 Derive an IV. More...
 
void GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len, va_list argp)
 Derive an IV. More...
 

Detailed Description

Symmetric encryption services; combined cipher AES+TWOFISH (256-bit each)

Author
Christian Grothoff
Ioana Patrascu

Definition in file crypto_symmetric.c.

Macro Definition Documentation

◆ LOG

#define LOG (   kind,
  ... 
)    GNUNET_log_from(kind, "util-crypto-symmetric", __VA_ARGS__)

Definition at line 32 of file crypto_symmetric.c.

Function Documentation

◆ setup_cipher_aes()

static int setup_cipher_aes ( gcry_cipher_hd_t *  handle,
const struct GNUNET_CRYPTO_SymmetricSessionKey sessionkey,
const struct GNUNET_CRYPTO_SymmetricInitializationVector iv 
)
static

Initialize AES cipher.

Parameters
handlehandle to initialize
sessionkeysession key to use
ivinitialization vector to use
Returns
GNUNET_OK on success, GNUNET_SYSERR on error

Definition at line 60 of file crypto_symmetric.c.

References GNUNET_CRYPTO_SymmetricInitializationVector::aes_iv, GNUNET_CRYPTO_SymmetricSessionKey::aes_key, GNUNET_assert, and GNUNET_OK.

Referenced by GNUNET_CRYPTO_symmetric_decrypt(), and GNUNET_CRYPTO_symmetric_encrypt().

63 {
64  int rc;
65 
66  GNUNET_assert(0 ==
67  gcry_cipher_open(handle, GCRY_CIPHER_AES256,
68  GCRY_CIPHER_MODE_CFB, 0));
69  rc = gcry_cipher_setkey(*handle,
70  sessionkey->aes_key,
71  sizeof(sessionkey->aes_key));
72  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
73  rc = gcry_cipher_setiv(*handle,
74  iv->aes_iv,
75  sizeof(iv->aes_iv));
76  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
77  return GNUNET_OK;
78 }
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:820
GNUNET_OK
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
GNUNET_CRYPTO_SymmetricSessionKey::aes_key
unsigned char aes_key[(256/8)]
Actual key for AES.
Definition: gnunet_crypto_lib.h:269
GNUNET_CRYPTO_SymmetricInitializationVector::aes_iv
unsigned char aes_iv[(256/8)/2]
Definition: gnunet_crypto_lib.h:286
handle
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
Definition: gnunet-dns-monitor.c:35
Here is the caller graph for this function:

◆ setup_cipher_twofish()

static int setup_cipher_twofish ( gcry_cipher_hd_t *  handle,
const struct GNUNET_CRYPTO_SymmetricSessionKey sessionkey,
const struct GNUNET_CRYPTO_SymmetricInitializationVector iv 
)
static

Initialize TWOFISH cipher.

Parameters
handlehandle to initialize
sessionkeysession key to use
ivinitialization vector to use
Returns
GNUNET_OK on success, GNUNET_SYSERR on error

Definition at line 90 of file crypto_symmetric.c.

References GNUNET_assert, GNUNET_OK, GNUNET_CRYPTO_SymmetricInitializationVector::twofish_iv, and GNUNET_CRYPTO_SymmetricSessionKey::twofish_key.

Referenced by GNUNET_CRYPTO_symmetric_decrypt(), and GNUNET_CRYPTO_symmetric_encrypt().

93 {
94  int rc;
95 
96  GNUNET_assert(0 ==
97  gcry_cipher_open(handle, GCRY_CIPHER_TWOFISH,
98  GCRY_CIPHER_MODE_CFB, 0));
99  rc = gcry_cipher_setkey(*handle,
100  sessionkey->twofish_key,
101  sizeof(sessionkey->twofish_key));
102  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
103  rc = gcry_cipher_setiv(*handle,
104  iv->twofish_iv,
105  sizeof(iv->twofish_iv));
106  GNUNET_assert((0 == rc) || ((char)rc == GPG_ERR_WEAK_KEY));
107  return GNUNET_OK;
108 }
GNUNET_CRYPTO_SymmetricInitializationVector::twofish_iv
unsigned char twofish_iv[(256/8)/2]
Definition: gnunet_crypto_lib.h:288
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:820
GNUNET_OK
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
GNUNET_CRYPTO_SymmetricSessionKey::twofish_key
unsigned char twofish_key[(256/8)]
Actual key for TwoFish.
Definition: gnunet_crypto_lib.h:274
handle
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
Definition: gnunet-dns-monitor.c:35
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_symmetric_derive_iv_v()

void GNUNET_CRYPTO_symmetric_derive_iv_v ( struct GNUNET_CRYPTO_SymmetricInitializationVector iv,
const struct GNUNET_CRYPTO_SymmetricSessionKey skey,
const void *  salt,
size_t  salt_len,
va_list  argp 
)

Derive an IV.

Parameters
ivinitialization vector
skeysession key
saltsalt for the derivation
salt_lensize of the salt
argppairs of void * & size_t for context chunks, terminated by NULL

Definition at line 217 of file crypto_symmetric.c.

References GNUNET_CRYPTO_SymmetricInitializationVector::aes_iv, GNUNET_CRYPTO_SymmetricSessionKey::aes_key, GNUNET_CRYPTO_kdf_v(), GNUNET_memcpy, GNUNET_CRYPTO_SymmetricInitializationVector::twofish_iv, and GNUNET_CRYPTO_SymmetricSessionKey::twofish_key.

Referenced by GNUNET_CRYPTO_symmetric_derive_iv().

222 {
223  char aes_salt[salt_len + 4];
224  char twofish_salt[salt_len + 4];
225 
226  GNUNET_memcpy(aes_salt, salt, salt_len);
227  GNUNET_memcpy(&aes_salt[salt_len], "AES!", 4);
228  GNUNET_memcpy(twofish_salt, salt, salt_len);
229  GNUNET_memcpy(&twofish_salt[salt_len], "FISH", 4);
230  GNUNET_CRYPTO_kdf_v(iv->aes_iv,
231  sizeof(iv->aes_iv),
232  aes_salt,
233  salt_len + 4,
234  skey->aes_key,
235  sizeof(skey->aes_key),
236  argp);
237  GNUNET_CRYPTO_kdf_v(iv->twofish_iv,
238  sizeof(iv->twofish_iv),
239  twofish_salt,
240  salt_len + 4,
241  skey->twofish_key,
242  sizeof(skey->twofish_key),
243  argp);
244 }
GNUNET_CRYPTO_SymmetricInitializationVector::twofish_iv
unsigned char twofish_iv[(256/8)/2]
Definition: gnunet_crypto_lib.h:288
GNUNET_memcpy
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
Definition: gnunet_common.h:1092
GNUNET_CRYPTO_SymmetricSessionKey::aes_key
unsigned char aes_key[(256/8)]
Actual key for AES.
Definition: gnunet_crypto_lib.h:269
GNUNET_CRYPTO_SymmetricInitializationVector::aes_iv
unsigned char aes_iv[(256/8)/2]
Definition: gnunet_crypto_lib.h:286
GNUNET_CRYPTO_SymmetricSessionKey::twofish_key
unsigned char twofish_key[(256/8)]
Actual key for TwoFish.
Definition: gnunet_crypto_lib.h:274
GNUNET_CRYPTO_kdf_v
int GNUNET_CRYPTO_kdf_v(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len, va_list argp)
Derive key.
Definition: crypto_kdf.c:47
Here is the call graph for this function:
Here is the caller graph for this function:
Generated by   doxygen 1.8.13