- test for external iterator

[oweals/gnunet.git] / src / util / crypto_aes.c

diff --git a/src/util/crypto_aes.c b/src/util/crypto_aes.c
index db4d843b57e79d737fda78fd29522776ead84f31..11b894f6910e41fd7626c41a3f67301c826808e0 100644 (file)
--- a/src/util/crypto_aes.c
+++ b/src/util/crypto_aes.c
@@ -30,40 +30,55 @@
 #include "gnunet_crypto_lib.h"
 #include <gcrypt.h>
 
+#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
+
 /**
  * Create a new SessionKey (for AES-256).
+ *
+ * @param key session key to initialize
  */
 void
 GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey *key)
 {
   gcry_randomize (&key->key[0], GNUNET_CRYPTO_AES_KEY_LENGTH,
                   GCRY_STRONG_RANDOM);
-  key->crc32 =
-    htonl (GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH));
 }
 
+
 /**
- * Check that a new session key is well-formed.
+ * Initialize AES cipher.
  *
- * @return GNUNET_OK if the key is valid
+ * @param handle handle to initialize
+ * @param sessionkey session key to use
+ * @param iv initialization vector to use
+ * @return GNUNET_OK on success, GNUNET_SYSERR on error
  */
-int
-GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
-                                     *key)
+static int
+setup_cipher (gcry_cipher_hd_t *handle,
+             const struct GNUNET_CRYPTO_AesSessionKey *
+             sessionkey,
+             const struct GNUNET_CRYPTO_AesInitializationVector *
+             iv)
 {
-  uint32_t crc;
+  int rc;
 
-  crc = GNUNET_CRYPTO_crc32_n (key, GNUNET_CRYPTO_AES_KEY_LENGTH);
-  if (ntohl (key->crc32) == crc)
-    return GNUNET_OK;
-  GNUNET_break (0);
-  return GNUNET_SYSERR;
+  GNUNET_assert (0 ==
+                 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
+                                   GCRY_CIPHER_MODE_CFB, 0));
+  rc = gcry_cipher_setkey (*handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);
+  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+  rc = gcry_cipher_setiv (*handle, iv,
+                          sizeof (struct
+                                  GNUNET_CRYPTO_AesInitializationVector));
+  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+  return GNUNET_OK;
 }
 
 
 /**
  * Encrypt a block with the public key of another
  * host that uses the same cyper.
+ *
  * @param block the block to encrypt
  * @param len the size of the block
  * @param sessionkey the key used to encrypt
@@ -73,37 +88,22 @@ GNUNET_CRYPTO_aes_check_session_key (const struct GNUNET_CRYPTO_AesSessionKey
  * @returns the size of the encrypted block, -1 for errors
  */
 ssize_t
-GNUNET_CRYPTO_aes_encrypt (const void *block,
-                           size_t len,
-                           const struct GNUNET_CRYPTO_AesSessionKey
-                           * sessionkey,
-                           const struct GNUNET_CRYPTO_AesInitializationVector
-                           * iv, void *result)
+GNUNET_CRYPTO_aes_encrypt (const void *block, size_t len,
+                           const struct GNUNET_CRYPTO_AesSessionKey *
+                           sessionkey,
+                           const struct GNUNET_CRYPTO_AesInitializationVector *
+                           iv, void *result)
 {
   gcry_cipher_hd_t handle;
-  int rc;
 
-  if (sessionkey->crc32 !=
-      htonl (GNUNET_CRYPTO_crc32_n
-             (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH)))
-    {
-      GNUNET_break (0);
-      return -1;
-    }
-  GNUNET_assert (0 == gcry_cipher_open (&handle,
-                                        GCRY_CIPHER_AES256,
-                                        GCRY_CIPHER_MODE_CFB, 0));
-  rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-  rc =
-    gcry_cipher_setiv (handle, iv,
-                       sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+  if (GNUNET_OK != setup_cipher (&handle, sessionkey, iv))
+    return -1;
   GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, block, len));
   gcry_cipher_close (handle);
   return len;
 }
 
+
 /**
  * Decrypt a given block with the sessionkey.
  *
@@ -116,40 +116,25 @@ GNUNET_CRYPTO_aes_encrypt (const void *block,
  * @return -1 on failure, size of decrypted block on success
  */
 ssize_t
-GNUNET_CRYPTO_aes_decrypt (const void *block,
-                           size_t size,
-                           const struct GNUNET_CRYPTO_AesSessionKey
-                           * sessionkey,
-                           const struct GNUNET_CRYPTO_AesInitializationVector
-                           * iv, void *result)
+GNUNET_CRYPTO_aes_decrypt (const void *block, size_t size,
+                           const struct GNUNET_CRYPTO_AesSessionKey *
+                           sessionkey,
+                           const struct GNUNET_CRYPTO_AesInitializationVector *
+                           iv, void *result)
 {
   gcry_cipher_hd_t handle;
-  int rc;
 
-  if (sessionkey->crc32 !=
-      htonl (GNUNET_CRYPTO_crc32_n
-             (sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH)))
-    {
-      GNUNET_break (0);
-      return -1;
-    }
-  GNUNET_assert (0 == gcry_cipher_open (&handle,
-                                        GCRY_CIPHER_AES256,
-                                        GCRY_CIPHER_MODE_CFB, 0));
-  rc = gcry_cipher_setkey (handle, sessionkey, GNUNET_CRYPTO_AES_KEY_LENGTH);
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-  rc =
-    gcry_cipher_setiv (handle, iv,
-                       sizeof (struct GNUNET_CRYPTO_AesInitializationVector));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-  GNUNET_assert (0 ==
-                 gcry_cipher_decrypt (handle, result, size, block, size));
+  if (GNUNET_OK != setup_cipher (&handle, sessionkey, iv))
+    return -1;
+  GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size));
   gcry_cipher_close (handle);
   return size;
 }
 
+
 /**
  * @brief Derive an IV
+ *
  * @param iv initialization vector
  * @param skey session key
  * @param salt salt for the derivation
@@ -158,8 +143,8 @@ GNUNET_CRYPTO_aes_decrypt (const void *block,
  */
 void
 GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
-    const struct GNUNET_CRYPTO_AesSessionKey *skey, void *salt,
-    size_t salt_len, ...)
+                             const struct GNUNET_CRYPTO_AesSessionKey *skey,
+                             const void *salt, size_t salt_len, ...)
 {
   va_list argp;
 
@@ -168,8 +153,10 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
   va_end (argp);
 }
 
+
 /**
  * @brief Derive an IV
+ *
  * @param iv initialization vector
  * @param skey session key
  * @param salt salt for the derivation
@@ -178,11 +165,11 @@ GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
  */
 void
 GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv,
-    const struct GNUNET_CRYPTO_AesSessionKey *skey, void *salt,
-    size_t salt_len, const va_list argp)
+                               const struct GNUNET_CRYPTO_AesSessionKey *skey,
+                               const void *salt, size_t salt_len, va_list argp)
 {
-  GNUNET_CRYPTO_kdf_v (iv->iv, sizeof(iv->iv), salt, salt_len, skey->key,
-      sizeof(skey->key), argp);
+  GNUNET_CRYPTO_kdf_v (iv->iv, sizeof (iv->iv), salt, salt_len, skey->key,
+                       sizeof (skey->key), argp);
 }
 
 /* end of crypto_aes.c */