diff options
Diffstat (limited to 'src/omemo')
| -rw-r--r-- | src/omemo/crypto.c | 50 | ||||
| -rw-r--r-- | src/omemo/crypto.h | 9 |
2 files changed, 49 insertions, 10 deletions
diff --git a/src/omemo/crypto.c b/src/omemo/crypto.c index 6d6ba519..7dd3be10 100644 --- a/src/omemo/crypto.c +++ b/src/omemo/crypto.c @@ -463,12 +463,50 @@ out: return res; } -int aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size, - unsigned char key[], unsigned char nonce[]) { - return aes256gcm_crypt_file(in, out, file_size, key, nonce, true); +char *aes256gcm_create_secure_fragment(unsigned char *key, unsigned char *nonce) { + int key_size = AES256_GCM_KEY_LENGTH; + int nonce_size = AES256_GCM_NONCE_LENGTH; + + char *fragment = gcry_malloc_secure((nonce_size+key_size)*2+1); + + for (int i = 0; i < nonce_size; i++) { + sprintf(&(fragment[i*2]), "%02x", nonce[i]); + } + + for (int i = 0; i < key_size; i++) { + sprintf(&(fragment[(i+nonce_size)*2]), "%02x", key[i]); + } + + return fragment; } -int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size, - unsigned char key[], unsigned char nonce[]) { - return aes256gcm_crypt_file(in, out, file_size, key, nonce, false); +void aes256gcm_fragment_free(char *fragment) { + gcry_free(fragment); } + +char *aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size, int *gcry_res) { + unsigned char *key = gcry_random_bytes_secure( + AES256_GCM_KEY_LENGTH, + GCRY_VERY_STRONG_RANDOM); + + // Create nonce/IV with random bytes. + unsigned char nonce[AES256_GCM_NONCE_LENGTH]; + gcry_create_nonce(nonce, AES256_GCM_NONCE_LENGTH); + + char *fragment = aes256gcm_create_secure_fragment(key, nonce); + *gcry_res = aes256gcm_crypt_file(in, out, file_size, key, nonce, true); + + if (*gcry_res != GPG_ERR_NO_ERROR) { + gcry_free(fragment); + fragment = NULL; + } + + gcry_free(key); + + return fragment; +} + +//int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size, +// unsigned char key[], unsigned char nonce[]) { +// return aes256gcm_crypt_file(in, out, file_size, key, nonce, false); +//} diff --git a/src/omemo/crypto.h b/src/omemo/crypto.h index 916486b7..34cbb82c 100644 --- a/src/omemo/crypto.h +++ b/src/omemo/crypto.h @@ -185,8 +185,9 @@ int aes128gcm_decrypt(unsigned char *plaintext, size_t ciphertext_len, const unsigned char *const iv, size_t iv_len, const unsigned char *const key, const unsigned char *const tag); -int aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size, - unsigned char key[], unsigned char nonce[]); +char *aes256gcm_encrypt_file(FILE *in, FILE *out, off_t file_size, int *gcry_res); -int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size, - unsigned char key[], unsigned char nonce[]); +//int aes256gcm_decrypt_file(FILE *in, FILE *out, off_t file_size, +// unsigned char key[], unsigned char nonce[]); + +void aes256gcm_fragment_free(char *fragment); |