[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: modified decryption method
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: modified decryption method |
Date: |
Thu, 26 Mar 2020 17:57:19 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 5abbf4a modified decryption method
5abbf4a is described below
commit 5abbf4a476c4c19b4cb70f0487168fc71335a3f2
Author: Dennis Neufeld <address@hidden>
AuthorDate: Thu Mar 26 16:57:11 2020 +0000
modified decryption method
---
src/util/anastasis_crypto.c | 95 +++++++++++++++++++++++++++------------------
1 file changed, 58 insertions(+), 37 deletions(-)
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index fb17361..c883867 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -139,6 +139,62 @@ encrypt (const void *msec,
gcry_cipher_close (cipher);
}
+/**
+ * Decryption of data like encrypted recovery document etc.
+ *
+ * @param msec master secret which is used to derive a key/iv pair from
+ * @param data data to decrypt
+ * @param data_size size of the data
+ * @param salt salt value which is used for key derivation
+ * @param res plaintext output
+ * @param res_size size of the plaintext
+ */
+void
+decrypt (const void *msec,
+ const void *data,
+ size_t data_size,
+ const char *salt,
+ void **res,
+ size_t *res_size)
+{
+ struct ANASTASIS_CRYPTO_Nonce nonce;
+ gcry_cipher_hd_t cipher;
+ char sym_key[AES_KEY_SIZE];
+ char iv[AES_IV_SIZE];
+ int rc;
+
+ memcpy (&nonce, data, sizeof (struct ANASTASIS_CRYPTO_Nonce));
+ get_iv_key (msec, &nonce, salt, sym_key, iv);
+
+ GNUNET_assert (0 == gcry_cipher_open (&cipher,
+ GCRY_CIPHER_AES256,
+ GCRY_CIPHER_MODE_GCM,
+ 0));
+ rc = gcry_cipher_setkey (cipher,
+ sym_key,
+ sizeof (sym_key));
+ GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+
+ rc = gcry_cipher_setiv (cipher,
+ &iv,
+ sizeof (iv));
+ GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
+
+ GNUNET_assert (0 == gcry_cipher_decrypt (cipher,
+ *res, *res_size,
+ data
+ + sizeof (struct
+ ANASTASIS_CRYPTO_Nonce)
+ + GCM_TAG_SIZE,
+ *res_size));
+ GNUNET_assert (0 == gcry_cipher_checktag (cipher,
+ data
+ + sizeof (struct
+ ANASTASIS_CRYPTO_Nonce),
+ GCM_TAG_SIZE));
+ gcry_cipher_close (cipher);
+}
+
/**
* Creates the UserIdentifier, it is used as entropy source for the encryption
keys and
* for the public and private key for signing the data.
@@ -221,46 +277,11 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
void **res,
size_t *res_size)
{
- struct ANASTASIS_CRYPTO_Nonce nonce;
- gcry_cipher_hd_t cipher;
- char sym_key[AES_KEY_SIZE];
- char iv[AES_IV_SIZE];
- int rc;
-
+ char *salt = "erd";
*res_size = data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce)
- GCM_TAG_SIZE;
*res = GNUNET_malloc (*res_size);
-
- memcpy (&nonce, data, sizeof (struct ANASTASIS_CRYPTO_Nonce));
- get_iv_key (id, &nonce, "erd", sym_key, iv);
-
- GNUNET_assert (0 == gcry_cipher_open (&cipher,
- GCRY_CIPHER_AES256,
- GCRY_CIPHER_MODE_GCM,
- 0));
- rc = gcry_cipher_setkey (cipher,
- sym_key,
- sizeof (sym_key));
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-
- rc = gcry_cipher_setiv (cipher,
- &iv,
- sizeof (iv));
- GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-
- GNUNET_assert (0 == gcry_cipher_decrypt (cipher,
- *res, *res_size,
- data
- + sizeof (struct
- ANASTASIS_CRYPTO_Nonce)
- + GCM_TAG_SIZE,
- *res_size));
- GNUNET_assert (0 == gcry_cipher_checktag (cipher,
- data
- + sizeof (struct
- ANASTASIS_CRYPTO_Nonce),
- GCM_TAG_SIZE));
- gcry_cipher_close (cipher);
+ decrypt (id, data, data_size, salt, res, res_size);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"PLAINTEXT_AFTER(int): %s\n",
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: modified decryption method,
gnunet <=