123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438 |
- /*
- This file is part of GNUnet. Copyright (C) 2001-2014 Christian Grothoff
- (and other contributing authors)
- GNUnet is free software: you can redistribute it and/or modify it
- under the terms of the GNU Affero General Public License as published
- by the Free Software Foundation, either version 3 of the License,
- or (at your option) any later version.
- GNUnet is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Affero General Public License for more details.
- You should have received a copy of the GNU Affero General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
- SPDX-License-Identifier: AGPL3.0-or-later
- */
- /**
- * @file util/crypto_random.c
- * @brief functions to gather random numbers
- * @author Christian Grothoff
- */
- #include "platform.h"
- #include <pbc/pbc.h>
- #include <gabe.h>
- #include "gnunet_crypto_lib.h"
- struct GNUNET_CRYPTO_AbeMasterKey
- {
- gabe_pub_t*pub;
- gabe_msk_t*msk;
- };
- struct GNUNET_CRYPTO_AbeKey
- {
- gabe_pub_t*pub;
- gabe_prv_t*prv;
- };
- static int
- init_aes (element_t k, int enc,
- gcry_cipher_hd_t*handle,
- struct GNUNET_CRYPTO_SymmetricSessionKey *key,
- unsigned char*iv)
- {
- int rc;
- int key_len;
- unsigned char*key_buf;
- key_len = element_length_in_bytes (k) < 33 ? 3 : element_length_in_bytes (k);
- key_buf = (unsigned char *) malloc (key_len);
- element_to_bytes (key_buf, k);
- GNUNET_memcpy (key->aes_key,
- key_buf,
- GNUNET_CRYPTO_AES_KEY_LENGTH);
- GNUNET_assert (0 ==
- gcry_cipher_open (handle, GCRY_CIPHER_AES256,
- GCRY_CIPHER_MODE_CFB, 0));
- rc = gcry_cipher_setkey (*handle,
- key->aes_key,
- sizeof(key->aes_key));
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
- memset (iv, 0, 16); // TODO make reasonable
- rc = gcry_cipher_setiv (*handle,
- iv,
- 16);
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
- free (key_buf);
- return rc;
- }
- static int
- aes_128_cbc_encrypt (char*pt,
- int size,
- element_t k,
- char **ct)
- {
- gcry_cipher_hd_t handle;
- struct GNUNET_CRYPTO_SymmetricSessionKey skey;
- unsigned char iv[16];
- char*buf;
- int padding;
- int buf_size;
- uint8_t len[4];
- init_aes (k, 1, &handle, &skey, iv);
- /* TODO make less crufty */
- /* stuff in real length (big endian) before padding */
- len[0] = (size & 0xff000000) >> 24;
- len[1] = (size & 0xff0000) >> 16;
- len[2] = (size & 0xff00) >> 8;
- len[3] = (size & 0xff) >> 0;
- padding = 16 - ((4 + size) % 16);
- buf_size = 4 + size + padding;
- buf = GNUNET_malloc (buf_size);
- GNUNET_memcpy (buf, len, 4);
- GNUNET_memcpy (buf + 4, pt, size);
- *ct = GNUNET_malloc (buf_size);
- GNUNET_assert (0 == gcry_cipher_encrypt (handle, *ct, buf_size, buf,
- buf_size));
- gcry_cipher_close (handle);
- // AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
- GNUNET_free (buf);
- return buf_size;
- }
- static int
- aes_128_cbc_decrypt (char*ct,
- int size,
- element_t k,
- char **pt)
- {
- struct GNUNET_CRYPTO_SymmetricSessionKey skey;
- gcry_cipher_hd_t handle;
- unsigned char iv[16];
- char*tmp;
- uint32_t len;
- init_aes (k, 1, &handle, &skey, iv);
- tmp = GNUNET_malloc (size);
- // AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
- GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, ct, size));
- gcry_cipher_close (handle);
- /* TODO make less crufty */
- /* get real length */
- len = 0;
- len = len
- | ((tmp[0]) << 24) | ((tmp[1]) << 16)
- | ((tmp[2]) << 8) | ((tmp[3]) << 0);
- /* truncate any garbage from the padding */
- *pt = GNUNET_malloc (len);
- GNUNET_memcpy (*pt, tmp + 4, len);
- GNUNET_free (tmp);
- return len;
- }
- struct GNUNET_CRYPTO_AbeMasterKey*
- GNUNET_CRYPTO_cpabe_create_master_key (void)
- {
- struct GNUNET_CRYPTO_AbeMasterKey*key;
- key = GNUNET_new (struct GNUNET_CRYPTO_AbeMasterKey);
- gabe_setup (&key->pub, &key->msk);
- GNUNET_assert (NULL != key->pub);
- GNUNET_assert (NULL != key->msk);
- return key;
- }
- void
- GNUNET_CRYPTO_cpabe_delete_master_key (struct GNUNET_CRYPTO_AbeMasterKey *key)
- {
- gabe_msk_free (key->msk);
- gabe_pub_free (key->pub);
- // GNUNET_free (key->msk);
- // gabe_msk_free (key->msk); //For some reason free of pub implicit?
- GNUNET_free (key);
- }
- struct GNUNET_CRYPTO_AbeKey*
- GNUNET_CRYPTO_cpabe_create_key (struct GNUNET_CRYPTO_AbeMasterKey *key,
- char **attrs)
- {
- struct GNUNET_CRYPTO_AbeKey *prv_key;
- int size;
- char *tmp;
- prv_key = GNUNET_new (struct GNUNET_CRYPTO_AbeKey);
- prv_key->prv = gabe_keygen (key->pub, key->msk, attrs);
- size = gabe_pub_serialize (key->pub, &tmp);
- prv_key->pub = gabe_pub_unserialize (tmp, size);
- GNUNET_free (tmp);
- GNUNET_assert (NULL != prv_key->prv);
- return prv_key;
- }
- void
- GNUNET_CRYPTO_cpabe_delete_key (struct GNUNET_CRYPTO_AbeKey *key,
- int delete_pub)
- {
- // Memory management in gabe is buggy
- gabe_prv_free (key->prv);
- if (GNUNET_YES == delete_pub)
- gabe_pub_free (key->pub);
- GNUNET_free (key);
- }
- ssize_t
- write_cpabe (void **result,
- uint32_t file_len,
- char*cph_buf,
- int cph_buf_len,
- char*aes_buf,
- int aes_buf_len)
- {
- char *ptr;
- uint32_t *len;
- *result = GNUNET_malloc (12 + cph_buf_len + aes_buf_len);
- ptr = *result;
- len = (uint32_t *) ptr;
- *len = htonl (file_len);
- ptr += 4;
- len = (uint32_t *) ptr;
- *len = htonl (aes_buf_len);
- ptr += 4;
- GNUNET_memcpy (ptr, aes_buf, aes_buf_len);
- ptr += aes_buf_len;
- len = (uint32_t *) ptr;
- *len = htonl (cph_buf_len);
- ptr += 4;
- GNUNET_memcpy (ptr, cph_buf, cph_buf_len);
- return 12 + cph_buf_len + aes_buf_len;
- }
- ssize_t
- read_cpabe (const void *data,
- char**cph_buf,
- int *cph_buf_len,
- char**aes_buf,
- int *aes_buf_len)
- {
- int buf_len;
- char *ptr;
- uint32_t *len;
- ptr = (char *) data;
- len = (uint32_t *) ptr;
- buf_len = ntohl (*len);
- ptr += 4;
- len = (uint32_t *) ptr;
- *aes_buf_len = ntohl (*len);
- ptr += 4;
- *aes_buf = GNUNET_malloc (*aes_buf_len);
- GNUNET_memcpy (*aes_buf, ptr, *aes_buf_len);
- ptr += *aes_buf_len;
- len = (uint32_t *) ptr;
- *cph_buf_len = ntohl (*len);
- ptr += 4;
- *cph_buf = GNUNET_malloc (*cph_buf_len);
- GNUNET_memcpy (*cph_buf, ptr, *cph_buf_len);
- return buf_len;
- }
- ssize_t
- GNUNET_CRYPTO_cpabe_encrypt (const void *block,
- size_t size,
- const char *policy,
- const struct GNUNET_CRYPTO_AbeMasterKey *key,
- void **result)
- {
- gabe_cph_t*cph;
- char*plt;
- char*cph_buf;
- char*aes_buf;
- element_t m;
- int cph_buf_len;
- int aes_buf_len;
- ssize_t result_len;
- if (! (cph = gabe_enc (key->pub, m, (char *) policy)))
- return GNUNET_SYSERR;
- cph_buf_len = gabe_cph_serialize (cph,
- &cph_buf);
- gabe_cph_free (cph);
- GNUNET_free (cph);
- plt = GNUNET_memdup (block, size);
- aes_buf_len = aes_128_cbc_encrypt (plt, size, m, &aes_buf);
- GNUNET_free (plt);
- element_clear (m);
- result_len = write_cpabe (result, size, cph_buf, cph_buf_len, aes_buf,
- aes_buf_len);
- GNUNET_free (cph_buf);
- GNUNET_free (aes_buf);
- return result_len;
- }
- ssize_t
- GNUNET_CRYPTO_cpabe_decrypt (const void *block,
- size_t size,
- const struct GNUNET_CRYPTO_AbeKey *key,
- void **result)
- {
- char*aes_buf;
- char*cph_buf;
- gabe_cph_t*cph;
- element_t m;
- int cph_buf_size;
- int aes_buf_size;
- int plt_len;
- read_cpabe (block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size);
- cph = gabe_cph_unserialize (key->pub, cph_buf, cph_buf_size);
- if (! gabe_dec (key->pub, key->prv, cph, m))
- {
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "%s\n", gabe_error ());
- GNUNET_free (aes_buf);
- GNUNET_free (cph_buf);
- gabe_cph_free (cph);
- GNUNET_free (cph);
- element_clear (m);
- return GNUNET_SYSERR;
- }
- gabe_cph_free (cph);
- GNUNET_free (cph);
- plt_len = aes_128_cbc_decrypt (aes_buf, aes_buf_size, m, (char **) result);
- GNUNET_free (cph_buf);
- GNUNET_free (aes_buf);
- element_clear (m);
- // freeing is buggy in gabe
- // gabe_prv_free (prv);
- // gabe_pub_free (pub);
- return plt_len;
- }
- ssize_t
- GNUNET_CRYPTO_cpabe_serialize_key (const struct GNUNET_CRYPTO_AbeKey *key,
- void **result)
- {
- ssize_t len;
- char *pub;
- char *prv;
- int pub_len;
- int prv_len;
- pub_len = gabe_pub_serialize (key->pub, &pub);
- prv_len = gabe_prv_serialize (key->prv, &prv);
- len = pub_len + prv_len + 12;
- write_cpabe (result, len, pub, pub_len, prv, prv_len);
- GNUNET_free (pub);
- GNUNET_free (prv);
- return len;
- }
- struct GNUNET_CRYPTO_AbeKey*
- GNUNET_CRYPTO_cpabe_deserialize_key (const void *data,
- size_t len)
- {
- struct GNUNET_CRYPTO_AbeKey *key;
- char *pub;
- char *prv;
- int prv_len;
- int pub_len;
- key = GNUNET_new (struct GNUNET_CRYPTO_AbeKey);
- read_cpabe (data,
- &pub,
- &pub_len,
- &prv,
- &prv_len);
- key->pub = gabe_pub_unserialize (pub, pub_len);
- key->prv = gabe_prv_unserialize (key->pub, prv, prv_len);
- GNUNET_free (pub);
- GNUNET_free (prv);
- return key;
- }
- ssize_t
- GNUNET_CRYPTO_cpabe_serialize_master_key (const struct
- GNUNET_CRYPTO_AbeMasterKey *key,
- void **result)
- {
- ssize_t len;
- char *pub;
- char *msk;
- int pub_len;
- int msk_len;
- pub_len = gabe_pub_serialize (key->pub, &pub);
- msk_len = gabe_msk_serialize (key->msk, &msk);
- len = pub_len + msk_len + 12;
- write_cpabe (result, len, pub, pub_len, msk, msk_len);
- GNUNET_free (pub);
- GNUNET_free (msk);
- return len;
- }
- struct GNUNET_CRYPTO_AbeMasterKey*
- GNUNET_CRYPTO_cpabe_deserialize_master_key (const void *data,
- size_t len)
- {
- struct GNUNET_CRYPTO_AbeMasterKey *key;
- char *msk;
- char *pub;
- int msk_len;
- int pub_len;
- key = GNUNET_new (struct GNUNET_CRYPTO_AbeMasterKey);
- read_cpabe (data,
- &pub,
- &pub_len,
- &msk,
- &msk_len);
- key->pub = gabe_pub_unserialize (pub, pub_len);
- key->msk = gabe_msk_unserialize (key->pub, msk, msk_len);
- GNUNET_free (pub);
- GNUNET_free (msk);
- return key;
- }
|