/*
This file is part of GNUnet.
- (C) 2001, 2002, 2003, 2004, 2005, 2006, 2013 Christian Grothoff (and other contributing authors)
+ Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2013 GNUnet e.V.
GNUnet is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
You should have received a copy of the GNU General Public License
along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
*/
/**
*/
#include "platform.h"
-#include "gnunet_util_lib.h"
+#include "gnunet_crypto_lib.h"
#include <gcrypt.h>
-#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
+#define LOG(kind,...) GNUNET_log_from (kind, "util-crypto-symmetric", __VA_ARGS__)
/**
* Create a new SessionKey (for symmetric encryption).
/**
- * Encrypt a block with the public key of another
- * host that uses the same cyper.
+ * Encrypt a block with a symmetric session key.
*
* @param block the block to encrypt
- * @param len the size of the @a block
+ * @param size the size of the @a block
* @param sessionkey the key used to encrypt
- * @param iv the initialization vector to use, use INITVALUE
- * for streams.
+ * @param iv the initialization vector to use, use INITVALUE for streams
* @param result the output parameter in which to store the encrypted result
- * @returns the size of the encrypted block, -1 for errors
+ * can be the same or overlap with @c block
+ * @returns the size of the encrypted block, -1 for errors.
+ * Due to the use of CFB and therefore an effective stream cipher,
+ * this size should be the same as @c len.
*/
ssize_t
GNUNET_CRYPTO_symmetric_encrypt (const void *block,
- size_t len,
+ size_t size,
const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
void *result)
{
gcry_cipher_hd_t handle;
- char tmp[len];
+ char tmp[size];
if (GNUNET_OK != setup_cipher_aes (&handle, sessionkey, iv))
return -1;
- GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, len, block, len));
+ GNUNET_assert (0 == gcry_cipher_encrypt (handle, tmp, size, block, size));
gcry_cipher_close (handle);
if (GNUNET_OK != setup_cipher_twofish (&handle, sessionkey, iv))
return -1;
- GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, len, tmp, len));
+ GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, size, tmp, size));
gcry_cipher_close (handle);
memset (tmp, 0, sizeof (tmp));
- return len;
+ return size;
}
/**
- * Decrypt a given block with the sessionkey.
+ * Decrypt a given block with the session key.
*
* @param block the data to decrypt, encoded as returned by encrypt
* @param size the size of the @a block to decrypt
* @param sessionkey the key used to decrypt
- * @param iv the initialization vector to use, use INITVALUE
- * for streams.
+ * @param iv the initialization vector to use, use INITVALUE for streams
* @param result address to store the result at
- * @return -1 on failure, size of decrypted block on success
+ * can be the same or overlap with @c block
+ * @return -1 on failure, size of decrypted block on success.
+ * Due to the use of CFB and therefore an effective stream cipher,
+ * this size should be the same as @c size.
*/
ssize_t
-GNUNET_CRYPTO_symmetric_decrypt (const void *block, size_t size,
+GNUNET_CRYPTO_symmetric_decrypt (const void *block,
+ size_t size,
const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
void *result)
*/
void
GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- const void *salt, size_t salt_len, ...)
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ const void *salt,
+ size_t salt_len,
+ ...)
{
va_list argp;
*/
void
GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- const void *salt, size_t salt_len, va_list argp)
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ const void *salt,
+ size_t salt_len,
+ va_list argp)
{
char aes_salt[salt_len + 4];
char twofish_salt[salt_len + 4];
- memcpy (aes_salt, salt, salt_len);
- memcpy (&aes_salt[salt_len], "AES!", 4);
- memcpy (twofish_salt, salt, salt_len);
- memcpy (&twofish_salt[salt_len], "FISH", 4);
- GNUNET_CRYPTO_kdf_v (iv->aes_iv, sizeof (iv->aes_iv),
- aes_salt, salt_len + 4,
- skey->aes_key, sizeof (skey->aes_key),
+ GNUNET_memcpy (aes_salt, salt, salt_len);
+ GNUNET_memcpy (&aes_salt[salt_len], "AES!", 4);
+ GNUNET_memcpy (twofish_salt, salt, salt_len);
+ GNUNET_memcpy (&twofish_salt[salt_len], "FISH", 4);
+ GNUNET_CRYPTO_kdf_v (iv->aes_iv,
+ sizeof (iv->aes_iv),
+ aes_salt,
+ salt_len + 4,
+ skey->aes_key,
+ sizeof (skey->aes_key),
argp);
- GNUNET_CRYPTO_kdf_v (iv->twofish_iv, sizeof (iv->twofish_iv),
- twofish_salt, salt_len + 4,
- skey->twofish_key, sizeof (skey->twofish_key),
+ GNUNET_CRYPTO_kdf_v (iv->twofish_iv,
+ sizeof (iv->twofish_iv),
+ twofish_salt,
+ salt_len + 4,
+ skey->twofish_key,
+ sizeof (skey->twofish_key),
argp);
}
-/* end of crypto_aes.c */
+/* end of crypto_symmetric.c */