gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] branch master updated: modified decryption method

From: gnunet
Subject: [taler-anastasis] branch master updated: modified decryption method
Date: Thu, 26 Mar 2020 17:57:19 +0100 
This is an automated email from the git hooks/post-receive script.

dennis-neufeld pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 5abbf4a  modified decryption method
5abbf4a is described below

commit 5abbf4a476c4c19b4cb70f0487168fc71335a3f2
Author: Dennis Neufeld <address@hidden>
AuthorDate: Thu Mar 26 16:57:11 2020 +0000

    modified decryption method
---
 src/util/anastasis_crypto.c | 95 +++++++++++++++++++++++++++------------------
 1 file changed, 58 insertions(+), 37 deletions(-)

diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index fb17361..c883867 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -139,6 +139,62 @@ encrypt (const void *msec,
   gcry_cipher_close (cipher);
 }
 
+/**
+ * Decryption of data like encrypted recovery document etc.
+ *
+ * @param msec master secret which is used to derive a key/iv pair from
+ * @param data data to decrypt
+ * @param data_size size of the data
+ * @param salt salt value which is used for key derivation
+ * @param res plaintext output
+ * @param res_size size of the plaintext
+ */
+void
+decrypt (const void *msec,
+         const void *data,
+         size_t data_size,
+         const char *salt,
+         void **res,
+         size_t *res_size)
+{
+  struct ANASTASIS_CRYPTO_Nonce nonce;
+  gcry_cipher_hd_t cipher;
+  char sym_key[AES_KEY_SIZE];
+  char iv[AES_IV_SIZE];
+  int rc;
+
+  memcpy (&nonce, data, sizeof (struct ANASTASIS_CRYPTO_Nonce));
+  get_iv_key (msec, &nonce, salt, sym_key, iv);
+
+  GNUNET_assert (0 == gcry_cipher_open (&cipher,
+                                        GCRY_CIPHER_AES256,
+                                        GCRY_CIPHER_MODE_GCM,
+                                        0));
+  rc = gcry_cipher_setkey (cipher,
+                           sym_key,
+                           sizeof (sym_key));
+  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+
+  rc = gcry_cipher_setiv (cipher,
+                          &iv,
+                          sizeof (iv));
+  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+
+  GNUNET_assert (0 == gcry_cipher_decrypt (cipher,
+                                           *res, *res_size,
+                                           data
+                                           + sizeof (struct
+                                                     ANASTASIS_CRYPTO_Nonce)
+                                           + GCM_TAG_SIZE,
+                                           *res_size));
+  GNUNET_assert (0 == gcry_cipher_checktag (cipher,
+                                            data
+                                            + sizeof (struct
+                                                      ANASTASIS_CRYPTO_Nonce),
+                                            GCM_TAG_SIZE));
+  gcry_cipher_close (cipher);
+}
+
 /**
  * Creates the UserIdentifier, it is used as entropy source for the encryption 
keys and
  * for the public and private key for signing the data.
@@ -221,46 +277,11 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
   void **res,
   size_t *res_size)
 {
-  struct ANASTASIS_CRYPTO_Nonce nonce;
-  gcry_cipher_hd_t cipher;
-  char sym_key[AES_KEY_SIZE];
-  char iv[AES_IV_SIZE];
-  int rc;
-
+  char *salt = "erd";
   *res_size = data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce)
               - GCM_TAG_SIZE;
   *res = GNUNET_malloc (*res_size);
-
-  memcpy (&nonce, data, sizeof (struct ANASTASIS_CRYPTO_Nonce));
-  get_iv_key (id, &nonce, "erd", sym_key, iv);
-
-  GNUNET_assert (0 == gcry_cipher_open (&cipher,
-                                        GCRY_CIPHER_AES256,
-                                        GCRY_CIPHER_MODE_GCM,
-                                        0));
-  rc = gcry_cipher_setkey (cipher,
-                           sym_key,
-                           sizeof (sym_key));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-
-  rc = gcry_cipher_setiv (cipher,
-                          &iv,
-                          sizeof (iv));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-
-  GNUNET_assert (0 == gcry_cipher_decrypt (cipher,
-                                           *res, *res_size,
-                                           data
-                                           + sizeof (struct
-                                                     ANASTASIS_CRYPTO_Nonce)
-                                           + GCM_TAG_SIZE,
-                                           *res_size));
-  GNUNET_assert (0 == gcry_cipher_checktag (cipher,
-                                            data
-                                            + sizeof (struct
-                                                      ANASTASIS_CRYPTO_Nonce),
-                                            GCM_TAG_SIZE));
-  gcry_cipher_close (cipher);
+  decrypt (id, data, data_size, salt, res, res_size);
 
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "PLAINTEXT_AFTER(int):   %s\n",

-- 
To stop receiving notification emails like this one, please contact
address@hidden.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]