about summary refs log tree commit diff stats
path: root/src/omemo
diff options
context:
space:
mode:
authorWilliam Wennerström <william@wstrm.dev>2020-06-28 12:17:21 +0200
committerWilliam Wennerström <william@wstrm.dev>2020-11-16 21:58:08 +0100
commitd5b1dc0eb6ee9c4caee6c73b9cf26133c875a1c8 (patch)
tree928dee2c32592dcff47ddd96f8320c4e09ffbd4d /src/omemo
parente9d58757825e542fe4ec15ce350c0df4192ec29d (diff)
downloadprofani-tty-d5b1dc0eb6ee9c4caee6c73b9cf26133c875a1c8.tar.gz
Move setup for AESGCM to omemo/crypto
Diffstat (limited to 'src/omemo')
-rw-r--r--src/omemo/crypto.c50
-rw-r--r--src/omemo/crypto.h9
2 files changed, 49 insertions, 10 deletions
diff --git a/src/omemo/crypto.c b/src/omemo/crypto.c
index 6d6ba519..7dd3be10 100644
--- a/src/omemo/crypto.c
+++ b/src/omemo/crypto.c
@@ -463,12 +463,50 @@ out:
     return res;
 }
 
-int aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size,
-    unsigned char key[], unsigned char nonce[]) {
-    return aes256gcm_crypt_file(in, out, file_size, key, nonce, true);
+char *aes256gcm_create_secure_fragment(unsigned char *key, unsigned char *nonce) {
+    int key_size = AES256_GCM_KEY_LENGTH;
+    int nonce_size = AES256_GCM_NONCE_LENGTH;
+
+    char *fragment = gcry_malloc_secure((nonce_size+key_size)*2+1);
+
+    for (int i = 0; i < nonce_size; i++) {
+        sprintf(&(fragment[i*2]), "%02x", nonce[i]);
+    }
+
+    for (int i = 0; i < key_size; i++) {
+        sprintf(&(fragment[(i+nonce_size)*2]), "%02x", key[i]);
+    }
+
+    return fragment;
 }
 
-int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size,
-    unsigned char key[], unsigned char nonce[]) {
-    return aes256gcm_crypt_file(in, out, file_size, key, nonce, false);
+void aes256gcm_fragment_free(char *fragment) {
+    gcry_free(fragment);
 }
+
+char *aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size, int *gcry_res) {
+    unsigned char *key = gcry_random_bytes_secure(
+        AES256_GCM_KEY_LENGTH,
+        GCRY_VERY_STRONG_RANDOM);
+
+    // Create nonce/IV with random bytes.
+    unsigned char nonce[AES256_GCM_NONCE_LENGTH];
+    gcry_create_nonce(nonce, AES256_GCM_NONCE_LENGTH);
+
+    char *fragment = aes256gcm_create_secure_fragment(key, nonce);
+    *gcry_res = aes256gcm_crypt_file(in, out, file_size, key, nonce, true);
+
+    if (*gcry_res != GPG_ERR_NO_ERROR) {
+        gcry_free(fragment);
+        fragment = NULL;
+    }
+
+    gcry_free(key);
+
+    return fragment;
+}
+
+//int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size,
+//    unsigned char key[], unsigned char nonce[]) {
+//    return aes256gcm_crypt_file(in, out, file_size, key, nonce, false);
+//}
diff --git a/src/omemo/crypto.h b/src/omemo/crypto.h
index 916486b7..34cbb82c 100644
--- a/src/omemo/crypto.h
+++ b/src/omemo/crypto.h
@@ -185,8 +185,9 @@ int aes128gcm_decrypt(unsigned char *plaintext,
     size_t ciphertext_len, const unsigned char *const iv, size_t iv_len,
     const unsigned char *const key, const unsigned char *const tag);
 
-int aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size,
-    unsigned char key[], unsigned char nonce[]);
+char *aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size, int *gcry_res);
 
-int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size,
-    unsigned char key[], unsigned char nonce[]);
+//int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size,
+//    unsigned char key[], unsigned char nonce[]);
+
+void aes256gcm_fragment_free(char *fragment);