aboutsummaryrefslogtreecommitdiff
path: root/src/crypto.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto.cpp')
-rw-r--r--src/crypto.cpp175
1 files changed, 55 insertions, 120 deletions
diff --git a/src/crypto.cpp b/src/crypto.cpp
index 8024355..5095c79 100644
--- a/src/crypto.cpp
+++ b/src/crypto.cpp
@@ -12,62 +12,26 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#include "olm/crypto.hh"
+#include "olm/crypto.h"
#include "olm/memory.hh"
#include <cstring>
extern "C" {
-int curve25519_donna(
- uint8_t * output,
- const uint8_t * secret,
- const uint8_t * basepoint
-);
-
#include "crypto-algorithms/aes.h"
#include "crypto-algorithms/sha256.h"
-int ed25519_sign(
- unsigned char *signature,
- const unsigned char *message, size_t message_len,
- const unsigned char *public_key,
- const unsigned char *private_key
-);
-
-
-int ed25519_verify(
- const unsigned char *signature,
- const unsigned char *message, size_t message_len,
- const unsigned char *public_key
-);
-
-
-void convert_curve25519_to_ed25519(
- unsigned char * public_key,
- unsigned char * signature
-);
-
-
-void convert_ed25519_to_curve25519(
- unsigned char const * public_key,
- unsigned char * signature
-);
-
-
-void ed25519_keypair(
- unsigned char * private_key,
- unsigned char * public_key
-);
-
}
+#include "ed25519/src/ed25519.h"
+#include "curve25519-donna.h"
namespace {
static const std::uint8_t CURVE25519_BASEPOINT[32] = {9};
static const std::size_t AES_KEY_SCHEDULE_LENGTH = 60;
-static const std::size_t AES_KEY_BITS = 8 * olm::KEY_LENGTH;
+static const std::size_t AES_KEY_BITS = 8 * AES256_KEY_LENGTH;
static const std::size_t AES_BLOCK_LENGTH = 16;
static const std::size_t SHA256_BLOCK_LENGTH = 64;
static const std::uint8_t HKDF_DEFAULT_SALT[32] = {};
@@ -120,7 +84,7 @@ inline static void hmac_sha256_final(
std::uint8_t const * hmac_key,
std::uint8_t * output
) {
- std::uint8_t o_pad[SHA256_BLOCK_LENGTH + olm::SHA256_OUTPUT_LENGTH];
+ std::uint8_t o_pad[SHA256_BLOCK_LENGTH + SHA256_OUTPUT_LENGTH];
std::memcpy(o_pad, hmac_key, SHA256_BLOCK_LENGTH);
for (std::size_t i = 0; i < SHA256_BLOCK_LENGTH; ++i) {
o_pad[i] ^= 0x5C;
@@ -136,115 +100,86 @@ inline static void hmac_sha256_final(
} // namespace
-
-void olm::curve25519_generate_key(
- std::uint8_t const * random_32_bytes,
- olm::Curve25519KeyPair & key_pair
+void _olm_crypto_curve25519_generate_key(
+ uint8_t const * random_32_bytes,
+ struct _olm_curve25519_key_pair *key_pair
) {
- std::memcpy(key_pair.private_key, random_32_bytes, KEY_LENGTH);
+ std::memcpy(
+ key_pair->private_key.private_key, random_32_bytes,
+ CURVE25519_KEY_LENGTH
+ );
::curve25519_donna(
- key_pair.public_key, key_pair.private_key, CURVE25519_BASEPOINT
+ key_pair->public_key.public_key,
+ key_pair->private_key.private_key,
+ CURVE25519_BASEPOINT
);
}
-void olm::curve25519_shared_secret(
- olm::Curve25519KeyPair const & our_key,
- olm::Curve25519PublicKey const & their_key,
- std::uint8_t * output
-) {
- ::curve25519_donna(output, our_key.private_key, their_key.public_key);
-}
-
-
-void olm::curve25519_sign(
- olm::Curve25519KeyPair const & our_key,
- std::uint8_t const * message, std::size_t message_length,
+void _olm_crypto_curve25519_shared_secret(
+ const struct _olm_curve25519_key_pair *our_key,
+ const struct _olm_curve25519_public_key * their_key,
std::uint8_t * output
) {
- std::uint8_t private_key[KEY_LENGTH];
- std::uint8_t public_key[KEY_LENGTH];
- std::memcpy(private_key, our_key.private_key, KEY_LENGTH);
- ::ed25519_keypair(private_key, public_key);
- ::ed25519_sign(
- output,
- message, message_length,
- public_key, private_key
- );
- ::convert_ed25519_to_curve25519(public_key, output);
+ ::curve25519_donna(output, our_key->private_key.private_key, their_key->public_key);
}
-bool olm::curve25519_verify(
- olm::Curve25519PublicKey const & their_key,
- std::uint8_t const * message, std::size_t message_length,
- std::uint8_t const * signature
-) {
- std::uint8_t public_key[KEY_LENGTH];
- std::uint8_t signature_buffer[SIGNATURE_LENGTH];
- std::memcpy(public_key, their_key.public_key, KEY_LENGTH);
- std::memcpy(signature_buffer, signature, SIGNATURE_LENGTH);
- ::convert_curve25519_to_ed25519(public_key, signature_buffer);
- return 0 != ::ed25519_verify(
- signature,
- message, message_length,
- public_key
- );
-}
-
-
-void olm::ed25519_generate_key(
+void _olm_crypto_ed25519_generate_key(
std::uint8_t const * random_32_bytes,
- olm::Ed25519KeyPair & key_pair
+ struct _olm_ed25519_key_pair *key_pair
) {
- std::memcpy(key_pair.private_key, random_32_bytes, KEY_LENGTH);
- ::ed25519_keypair(key_pair.private_key, key_pair.public_key);
+ ::ed25519_create_keypair(
+ key_pair->public_key.public_key, key_pair->private_key.private_key,
+ random_32_bytes
+ );
}
-void olm::ed25519_sign(
- olm::Ed25519KeyPair const & our_key,
+void _olm_crypto_ed25519_sign(
+ const struct _olm_ed25519_key_pair *our_key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t * output
) {
::ed25519_sign(
output,
message, message_length,
- our_key.public_key, our_key.private_key
+ our_key->public_key.public_key,
+ our_key->private_key.private_key
);
}
-bool olm::ed25519_verify(
- olm::Ed25519PublicKey const & their_key,
+int _olm_crypto_ed25519_verify(
+ const struct _olm_ed25519_public_key *their_key,
std::uint8_t const * message, std::size_t message_length,
std::uint8_t const * signature
) {
return 0 != ::ed25519_verify(
signature,
message, message_length,
- their_key.public_key
+ their_key->public_key
);
}
-std::size_t olm::aes_encrypt_cbc_length(
+std::size_t _olm_crypto_aes_encrypt_cbc_length(
std::size_t input_length
) {
return input_length + AES_BLOCK_LENGTH - input_length % AES_BLOCK_LENGTH;
}
-void olm::aes_encrypt_cbc(
- olm::Aes256Key const & key,
- olm::Aes256Iv const & iv,
+void _olm_crypto_aes_encrypt_cbc(
+ _olm_aes256_key const *key,
+ _olm_aes256_iv const *iv,
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
) {
std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
- ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
+ ::aes_key_setup(key->key, key_schedule, AES_KEY_BITS);
std::uint8_t input_block[AES_BLOCK_LENGTH];
- std::memcpy(input_block, iv.iv, AES_BLOCK_LENGTH);
+ std::memcpy(input_block, iv->iv, AES_BLOCK_LENGTH);
while (input_length >= AES_BLOCK_LENGTH) {
xor_block<AES_BLOCK_LENGTH>(input_block, input);
::aes_encrypt(input_block, output, key_schedule, AES_KEY_BITS);
@@ -266,17 +201,17 @@ void olm::aes_encrypt_cbc(
}
-std::size_t olm::aes_decrypt_cbc(
- olm::Aes256Key const & key,
- olm::Aes256Iv const & iv,
+std::size_t _olm_crypto_aes_decrypt_cbc(
+ _olm_aes256_key const *key,
+ _olm_aes256_iv const *iv,
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
) {
std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
- ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
+ ::aes_key_setup(key->key, key_schedule, AES_KEY_BITS);
std::uint8_t block1[AES_BLOCK_LENGTH];
std::uint8_t block2[AES_BLOCK_LENGTH];
- std::memcpy(block1, iv.iv, AES_BLOCK_LENGTH);
+ std::memcpy(block1, iv->iv, AES_BLOCK_LENGTH);
for (std::size_t i = 0; i < input_length; i += AES_BLOCK_LENGTH) {
std::memcpy(block2, &input[i], AES_BLOCK_LENGTH);
::aes_decrypt(&input[i], &output[i], key_schedule, AES_KEY_BITS);
@@ -291,7 +226,7 @@ std::size_t olm::aes_decrypt_cbc(
}
-void olm::sha256(
+void _olm_crypto_sha256(
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
) {
@@ -303,7 +238,7 @@ void olm::sha256(
}
-void olm::hmac_sha256(
+void _olm_crypto_hmac_sha256(
std::uint8_t const * key, std::size_t key_length,
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
@@ -319,7 +254,7 @@ void olm::hmac_sha256(
}
-void olm::hkdf_sha256(
+void _olm_crypto_hkdf_sha256(
std::uint8_t const * input, std::size_t input_length,
std::uint8_t const * salt, std::size_t salt_length,
std::uint8_t const * info, std::size_t info_length,
@@ -327,32 +262,32 @@ void olm::hkdf_sha256(
) {
::SHA256_CTX context;
std::uint8_t hmac_key[SHA256_BLOCK_LENGTH];
- std::uint8_t step_result[olm::SHA256_OUTPUT_LENGTH];
+ std::uint8_t step_result[SHA256_OUTPUT_LENGTH];
std::size_t bytes_remaining = output_length;
std::uint8_t iteration = 1;
if (!salt) {
salt = HKDF_DEFAULT_SALT;
salt_length = sizeof(HKDF_DEFAULT_SALT);
}
- /* Expand */
+ /* Extract */
hmac_sha256_key(salt, salt_length, hmac_key);
hmac_sha256_init(&context, hmac_key);
::sha256_update(&context, input, input_length);
hmac_sha256_final(&context, hmac_key, step_result);
- hmac_sha256_key(step_result, olm::SHA256_OUTPUT_LENGTH, hmac_key);
+ hmac_sha256_key(step_result, SHA256_OUTPUT_LENGTH, hmac_key);
- /* Extract */
+ /* Expand */
hmac_sha256_init(&context, hmac_key);
::sha256_update(&context, info, info_length);
::sha256_update(&context, &iteration, 1);
hmac_sha256_final(&context, hmac_key, step_result);
- while (bytes_remaining > olm::SHA256_OUTPUT_LENGTH) {
- std::memcpy(output, step_result, olm::SHA256_OUTPUT_LENGTH);
- output += olm::SHA256_OUTPUT_LENGTH;
- bytes_remaining -= olm::SHA256_OUTPUT_LENGTH;
+ while (bytes_remaining > SHA256_OUTPUT_LENGTH) {
+ std::memcpy(output, step_result, SHA256_OUTPUT_LENGTH);
+ output += SHA256_OUTPUT_LENGTH;
+ bytes_remaining -= SHA256_OUTPUT_LENGTH;
iteration ++;
hmac_sha256_init(&context, hmac_key);
- ::sha256_update(&context, step_result, olm::SHA256_OUTPUT_LENGTH);
+ ::sha256_update(&context, step_result, SHA256_OUTPUT_LENGTH);
::sha256_update(&context, info, info_length);
::sha256_update(&context, &iteration, 1);
hmac_sha256_final(&context, hmac_key, step_result);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 23:59:17 +0000