X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=gcrypt.c;h=751c1a4a65d4d0b3b9e5a90242462a83d3fc6cf1;hp=926eb15f41ae479b167a0b9a694b972c6f88fcfd;hb=5f511d41a111aa04189b32fd77d02e16f90ff2cc;hpb=2830b9f881898aaec073d5ba19e33482e30190bd;ds=sidebyside diff --git a/gcrypt.c b/gcrypt.c index 926eb15f..751c1a4a 100644 --- a/gcrypt.c +++ b/gcrypt.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2012 Andre Noll + * Copyright (C) 2011-2014 Andre Noll * * Licensed under the GPL v2. For licencing details see COPYING. */ @@ -97,7 +97,7 @@ static void mgf1(unsigned char *seed, size_t seed_len, unsigned result_len, { gcry_error_t gret; gcry_md_hd_t handle; - size_t n;; + size_t n; unsigned char *md; unsigned char octet_string[4], *rp = result, *end = rp + result_len; @@ -499,7 +499,6 @@ static int get_private_key(const char *key_file, struct asymmetric_key **result) ret = read_bignum(cp, end, &u, NULL); if (ret < 0) goto release_q; - cp += ret; /* * OpenSSL uses slightly different parameters than gcrypt. To use these * parameters we need to swap the values of p and q and recompute u. @@ -574,7 +573,6 @@ static int get_asn_public_key(const char *key_file, struct asymmetric_key **resu ret = read_bignum(cp, end, &e, NULL); if (ret < 0) goto release_n; - cp += ret; gret = gcry_sexp_build(&sexp, &erroff, RSA_PUBKEY_SEXP, n, e); if (gret) { @@ -697,7 +695,6 @@ int get_asymmetric_key(const char *key_file, int private, key->num_bytes = ret; key->sexp = sexp; *result = key; - ret = key->num_bytes; unmap: ret2 = para_munmap(map, map_size); if (ret >= 0 && ret2 < 0) @@ -761,13 +758,13 @@ static int decode_rsa(gcry_sexp_t sexp, int key_size, unsigned char *outbuf, PARA_DEBUG_LOG("decrypted buffer before unpad (%d bytes):\n", key_size); - dump_buffer("non-unpadded decrypted buffer", oaep_buf, key_size);; + dump_buffer("non-unpadded decrypted buffer", oaep_buf, key_size); ret = unpad_oaep(oaep_buf, key_size, outbuf, nbytes); if (ret < 0) goto out_mpi_release; PARA_DEBUG_LOG("decrypted buffer after unpad (%zu bytes):\n", *nbytes); - dump_buffer("unpadded decrypted buffer", outbuf, *nbytes);; + dump_buffer("unpadded decrypted buffer", outbuf, *nbytes); ret = 1; out_mpi_release: gcry_mpi_release(out_mpi); @@ -915,11 +912,25 @@ struct stream_cipher { gcry_cipher_hd_t handle; }; -struct stream_cipher *sc_new(const unsigned char *data, int len) +struct stream_cipher *sc_new(const unsigned char *data, int len, + bool use_aes) { gcry_error_t gret; - struct stream_cipher *sc = para_malloc(sizeof(*sc)); + + if (use_aes) { + assert(len >= 2 * AES_CRT128_BLOCK_SIZE); + gret = gcry_cipher_open(&sc->handle, GCRY_CIPHER_AES128, + GCRY_CIPHER_MODE_CTR, 0); + assert(gret == 0); + gret = gcry_cipher_setkey(sc->handle, data, + AES_CRT128_BLOCK_SIZE); + assert(gret == 0); + gret = gcry_cipher_setctr(sc->handle, + data + AES_CRT128_BLOCK_SIZE, AES_CRT128_BLOCK_SIZE); + assert(gret == 0); + return sc; + } gret = gcry_cipher_open(&sc->handle, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0); if (gret) { @@ -940,39 +951,6 @@ void sc_free(struct stream_cipher *sc) free(sc); } -int sc_send_bin_buffer(struct stream_cipher_context *scc, char *buf, - size_t size) -{ - gcry_error_t gret; - int ret; - unsigned char *tmp = para_malloc(size); - - assert(size); - gret = gcry_cipher_encrypt(scc->send->handle, tmp, size, - (unsigned char *)buf, size); - assert(gret == 0); - ret = xwrite(scc->fd, (char *)tmp, size); - free(tmp); - return ret; -} - -int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf, - size_t size) -{ - gcry_error_t gret; - ssize_t ret = recv(scc->fd, buf, size, 0); - - if (ret < 0) - ret = -ERRNO_TO_PARA_ERROR(errno); - if (ret <= 0) - return ret; - /* perform in-place encryption */ - gret = gcry_cipher_encrypt(scc->recv->handle, (unsigned char *)buf, ret, - NULL, 0); - assert(gret == 0); - return ret; -} - void sc_crypt(struct stream_cipher *sc, struct iovec *src, struct iovec *dst) { gcry_cipher_hd_t handle = sc->handle;