aboutsummaryrefslogtreecommitdiff
path: root/src/crypto.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto.cpp')
-rw-r--r--src/crypto.cpp52
1 files changed, 27 insertions, 25 deletions
diff --git a/src/crypto.cpp b/src/crypto.cpp
index fffda4c..8024355 100644
--- a/src/crypto.cpp
+++ b/src/crypto.cpp
@@ -66,8 +66,9 @@ void ed25519_keypair(
namespace {
static const std::uint8_t CURVE25519_BASEPOINT[32] = {9};
+static const std::size_t AES_KEY_SCHEDULE_LENGTH = 60;
+static const std::size_t AES_KEY_BITS = 8 * olm::KEY_LENGTH;
static const std::size_t AES_BLOCK_LENGTH = 16;
-static const std::size_t SHA256_HASH_LENGTH = 32;
static const std::size_t SHA256_BLOCK_LENGTH = 64;
static const std::uint8_t HKDF_DEFAULT_SALT[32] = {};
@@ -119,7 +120,7 @@ inline static void hmac_sha256_final(
std::uint8_t const * hmac_key,
std::uint8_t * output
) {
- std::uint8_t o_pad[SHA256_BLOCK_LENGTH + SHA256_HASH_LENGTH];
+ std::uint8_t o_pad[SHA256_BLOCK_LENGTH + olm::SHA256_OUTPUT_LENGTH];
std::memcpy(o_pad, hmac_key, SHA256_BLOCK_LENGTH);
for (std::size_t i = 0; i < SHA256_BLOCK_LENGTH; ++i) {
o_pad[i] ^= 0x5C;
@@ -140,7 +141,7 @@ void olm::curve25519_generate_key(
std::uint8_t const * random_32_bytes,
olm::Curve25519KeyPair & key_pair
) {
- std::memcpy(key_pair.private_key, random_32_bytes, 32);
+ std::memcpy(key_pair.private_key, random_32_bytes, KEY_LENGTH);
::curve25519_donna(
key_pair.public_key, key_pair.private_key, CURVE25519_BASEPOINT
);
@@ -161,9 +162,9 @@ void olm::curve25519_sign(
std::uint8_t const * message, std::size_t message_length,
std::uint8_t * output
) {
- std::uint8_t private_key[32];
- std::uint8_t public_key[32];
- std::memcpy(private_key, our_key.private_key, 32);
+ std::uint8_t private_key[KEY_LENGTH];
+ std::uint8_t public_key[KEY_LENGTH];
+ std::memcpy(private_key, our_key.private_key, KEY_LENGTH);
::ed25519_keypair(private_key, public_key);
::ed25519_sign(
output,
@@ -179,10 +180,10 @@ bool olm::curve25519_verify(
std::uint8_t const * message, std::size_t message_length,
std::uint8_t const * signature
) {
- std::uint8_t public_key[32];
- std::uint8_t signature_buffer[64];
- std::memcpy(public_key, their_key.public_key, 32);
- std::memcpy(signature_buffer, signature, 64);
+ std::uint8_t public_key[KEY_LENGTH];
+ std::uint8_t signature_buffer[SIGNATURE_LENGTH];
+ std::memcpy(public_key, their_key.public_key, KEY_LENGTH);
+ std::memcpy(signature_buffer, signature, SIGNATURE_LENGTH);
::convert_curve25519_to_ed25519(public_key, signature_buffer);
return 0 != ::ed25519_verify(
signature,
@@ -196,7 +197,7 @@ void olm::ed25519_generate_key(
std::uint8_t const * random_32_bytes,
olm::Ed25519KeyPair & key_pair
) {
- std::memcpy(key_pair.private_key, random_32_bytes, 32);
+ std::memcpy(key_pair.private_key, random_32_bytes, KEY_LENGTH);
::ed25519_keypair(key_pair.private_key, key_pair.public_key);
}
@@ -240,13 +241,13 @@ void olm::aes_encrypt_cbc(
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
) {
- std::uint32_t key_schedule[60];
- ::aes_key_setup(key.key, key_schedule, 256);
+ std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
+ ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
std::uint8_t input_block[AES_BLOCK_LENGTH];
std::memcpy(input_block, iv.iv, AES_BLOCK_LENGTH);
while (input_length >= AES_BLOCK_LENGTH) {
xor_block<AES_BLOCK_LENGTH>(input_block, input);
- ::aes_encrypt(input_block, output, key_schedule, 256);
+ ::aes_encrypt(input_block, output, key_schedule, AES_KEY_BITS);
std::memcpy(input_block, output, AES_BLOCK_LENGTH);
input += AES_BLOCK_LENGTH;
output += AES_BLOCK_LENGTH;
@@ -259,7 +260,7 @@ void olm::aes_encrypt_cbc(
for (; i < AES_BLOCK_LENGTH; ++i) {
input_block[i] ^= AES_BLOCK_LENGTH - input_length;
}
- ::aes_encrypt(input_block, output, key_schedule, 256);
+ ::aes_encrypt(input_block, output, key_schedule, AES_KEY_BITS);
olm::unset(key_schedule);
olm::unset(input_block);
}
@@ -271,14 +272,14 @@ std::size_t olm::aes_decrypt_cbc(
std::uint8_t const * input, std::size_t input_length,
std::uint8_t * output
) {
- std::uint32_t key_schedule[60];
- ::aes_key_setup(key.key, key_schedule, 256);
+ std::uint32_t key_schedule[AES_KEY_SCHEDULE_LENGTH];
+ ::aes_key_setup(key.key, key_schedule, AES_KEY_BITS);
std::uint8_t block1[AES_BLOCK_LENGTH];
std::uint8_t block2[AES_BLOCK_LENGTH];
std::memcpy(block1, iv.iv, AES_BLOCK_LENGTH);
for (std::size_t i = 0; i < input_length; i += AES_BLOCK_LENGTH) {
std::memcpy(block2, &input[i], AES_BLOCK_LENGTH);
- ::aes_decrypt(&input[i], &output[i], key_schedule, 256);
+ ::aes_decrypt(&input[i], &output[i], key_schedule, AES_KEY_BITS);
xor_block<AES_BLOCK_LENGTH>(&output[i], block1);
std::memcpy(block1, block2, AES_BLOCK_LENGTH);
}
@@ -301,6 +302,7 @@ void olm::sha256(
olm::unset(context);
}
+
void olm::hmac_sha256(
std::uint8_t const * key, std::size_t key_length,
std::uint8_t const * input, std::size_t input_length,
@@ -325,7 +327,7 @@ void olm::hkdf_sha256(
) {
::SHA256_CTX context;
std::uint8_t hmac_key[SHA256_BLOCK_LENGTH];
- std::uint8_t step_result[SHA256_HASH_LENGTH];
+ std::uint8_t step_result[olm::SHA256_OUTPUT_LENGTH];
std::size_t bytes_remaining = output_length;
std::uint8_t iteration = 1;
if (!salt) {
@@ -337,20 +339,20 @@ void olm::hkdf_sha256(
hmac_sha256_init(&context, hmac_key);
::sha256_update(&context, input, input_length);
hmac_sha256_final(&context, hmac_key, step_result);
- hmac_sha256_key(step_result, SHA256_HASH_LENGTH, hmac_key);
+ hmac_sha256_key(step_result, olm::SHA256_OUTPUT_LENGTH, hmac_key);
/* Extract */
hmac_sha256_init(&context, hmac_key);
::sha256_update(&context, info, info_length);
::sha256_update(&context, &iteration, 1);
hmac_sha256_final(&context, hmac_key, step_result);
- while (bytes_remaining > SHA256_HASH_LENGTH) {
- std::memcpy(output, step_result, SHA256_HASH_LENGTH);
- output += SHA256_HASH_LENGTH;
- bytes_remaining -= SHA256_HASH_LENGTH;
+ while (bytes_remaining > olm::SHA256_OUTPUT_LENGTH) {
+ std::memcpy(output, step_result, olm::SHA256_OUTPUT_LENGTH);
+ output += olm::SHA256_OUTPUT_LENGTH;
+ bytes_remaining -= olm::SHA256_OUTPUT_LENGTH;
iteration ++;
hmac_sha256_init(&context, hmac_key);
- ::sha256_update(&context, step_result, SHA256_HASH_LENGTH);
+ ::sha256_update(&context, step_result, olm::SHA256_OUTPUT_LENGTH);
::sha256_update(&context, info, info_length);
::sha256_update(&context, &iteration, 1);
hmac_sha256_final(&context, hmac_key, step_result);