[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated (3c308d9 -> ef2d157)
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated (3c308d9 -> ef2d157) |
Date: |
Mon, 23 Mar 2020 23:52:01 +0100 |
This is an automated email from the git hooks/post-receive script.
ds-meister pushed a change to branch master
in repository anastasis.
from 3c308d9 worked on crypto implementation (obviously with errors :D))
new 29eabb3 worked on crypto lib
new ef2d157 Worked on crypto lib
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/util/anastasis_crypto.c | 107 ++++++++++++++++++++++++++++----------------
1 file changed, 69 insertions(+), 38 deletions(-)
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 19874f8..c77c51e 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -26,6 +26,7 @@
#include <gcrypt.h>
#include <taler/taler_json_lib.h>
#include <gnunet/gnunet_util_lib.h>
+#include <string.h>
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
@@ -62,6 +63,8 @@ ANASTASIS_CRYPTO_account_public_key_derive (
struct ANASTASIS_CRYPTO_AccountPublicKey *pub_key,
const struct ANASTASIS_CRYPTO_UserIdentifier *id)
{
+
+ // FIXME Muss zuerst HKDF mit "ver" als salt gemacht werden !
struct GNUNET_CRYPTO_EddsaPrivateKey priv_key;
char *val;
val = GNUNET_STRINGS_data_to_string_alloc (&id,
@@ -95,47 +98,75 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
void **res,
size_t *res_size)
{
- char key[256 / 8];
- char iv[96 / 8];
+ struct ANASTASIS_CRYPTO_Nonce nonce;
+ struct ANASTASIS_CRYPTO_Iv iv;
+ gcry_cipher_hd_t cipher;
+ char ciphertext[data_size];
+ char *str_id;
+ char *str_nonce;
+ unsigned int i;
+ char sym_key[32];
+ char source_key_material[64];
+ void *erd;
+
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &nonce,
+ sizeof (nonce));
+
+ // FIXME IV CREATION
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &iv,
+ sizeof (iv));
+
+ str_id = GNUNET_STRINGS_data_to_string_alloc (&id,
+ sizeof (id));
+
+ str_nonce = GNUNET_STRINGS_data_to_string_alloc (&nonce,
+ sizeof (nonce));
+ strcpy (source_key_material, str_id);
+ strcat (source_key_material, str_nonce);
+
+ GNUNET_assert (0 == (GNUNET_CRYPTO_hkdf (sym_key,
+ sizeof(sym_key),
+ GCRY_MD_SHA512,
+ GCRY_MD_SHA256,
+ "erd",
+ (size_t) 3,
+ source_key_material,
+ sizeof(source_key_material))));
+ gcry_cipher_open (&cipher,
+ GCRY_CIPHER_AES256,
+ GCRY_CIPHER_MODE_GCM,
+ 0);
+ gcry_cipher_setkey (cipher,
+ sym_key,
+ sizeof (sym_key));
+ gcry_cipher_setiv (cipher,
+ &iv,
+ sizeof (iv));
+ gcry_cipher_encrypt (cipher,
+ ciphertext,
+ sizeof (ciphertext),
+ data,
+ data_size);
+ gcry_cipher_close (cipher);
+
+ res_size = sizeof (ciphertext) + sizeof(nonce) + sizeof(iv);
+ erd = GNUNET_malloc (res_size);
+ memcpy (erd,
+ &nonce,
+ sizeof(nonce));
+ memcpy (erd + sizeof(nonce),
+ &iv,
+ sizeof(iv));
+ memcpy (erd + sizeof(nonce) + sizeof(iv),
+ ciphertext,
+ sizeof(ciphertext));
+ *res = (void *) erd;
+}
- const void *buf;
- int rc;
- gcry_cipher_hd_t handle;
- GNUNET_break (0 == gcry_kdf_derive (buf,
- strlen (buf),
- GCRY_KDF_SCRYPT,
- 1 /* subalgo */,
- "erd",
- strlen ("erd"),
- 2 /* iterations; keep cost of individual
op small */,
- sizeof(twofish_key),
- &twofish_key));
- GNUNET_CRYPTO_kdf (twofish_iv,
- sizeof (twofish_iv),
- "gnunet-proof-of-work-iv",
- strlen ("gnunet-proof-of-work-iv"),
- twofish_key,
- sizeof(twofish_key),
- salt,
- strlen (salt),
- NULL, 0);
- GNUNET_assert (0 ==
- gcry_cipher_open (&handle, GCRY_CIPHER_TWOFISH,
- GCRY_CIPHER_MODE_CFB, 0));
- rc = gcry_cipher_setkey (handle,
- twofish_key,
- sizeof(twofish_key));
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
- rc = gcry_cipher_setiv (handle,
- twofish_iv,
- sizeof(twofish_iv));
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
- GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf,
- buf_len));
- gcry_cipher_close (handle);
-}
/**
* Decrypts the recovery document with AES256, the decryption key is generated
with
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [taler-anastasis] branch master updated (3c308d9 -> ef2d157),
gnunet <=