From e533b0dc8ef606aa808b38d2f49d9baf438dae47 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 13 May 2016 12:56:23 +0100 Subject: Give SHA256 functions C bindings --- src/cipher.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'src/cipher.cpp') diff --git a/src/cipher.cpp b/src/cipher.cpp index 7bb11b8..a550312 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -36,7 +36,7 @@ static void derive_keys( DerivedKeys & keys ) { std::uint8_t derived_secrets[2 * olm::KEY_LENGTH + olm::IV_LENGTH]; - olm::hkdf_sha256( + crypto_hkdf_sha256( key, key_length, nullptr, 0, kdf_info, kdf_info_length, @@ -83,7 +83,7 @@ std::size_t olm::CipherAesSha256::encrypt( return std::size_t(-1); } struct DerivedKeys keys; - std::uint8_t mac[olm::SHA256_OUTPUT_LENGTH]; + std::uint8_t mac[SHA256_OUTPUT_LENGTH]; derive_keys(kdf_info, kdf_info_length, key, key_length, keys); @@ -91,7 +91,7 @@ std::size_t olm::CipherAesSha256::encrypt( keys.aes_key, keys.aes_iv, plaintext, plaintext_length, ciphertext ); - olm::hmac_sha256( + crypto_hmac_sha256( keys.mac_key, olm::KEY_LENGTH, output, output_length - MAC_LENGTH, mac ); @@ -115,11 +115,11 @@ std::size_t olm::CipherAesSha256::decrypt( std::uint8_t * plaintext, std::size_t max_plaintext_length ) const { DerivedKeys keys; - std::uint8_t mac[olm::SHA256_OUTPUT_LENGTH]; + std::uint8_t mac[SHA256_OUTPUT_LENGTH]; derive_keys(kdf_info, kdf_info_length, key, key_length, keys); - olm::hmac_sha256( + crypto_hmac_sha256( keys.mac_key, olm::KEY_LENGTH, input, input_length - MAC_LENGTH, mac ); -- cgit v1.2.3 From 294cf482ea49f690ac9eaad52f2574a90b2e51e6 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Mon, 16 May 2016 16:25:09 +0100 Subject: Convert cipher.hh to plain C --- src/cipher.cpp | 96 +++++++++++++++++++++++++++++++++++----------------------- 1 file changed, 58 insertions(+), 38 deletions(-) (limited to 'src/cipher.cpp') diff --git a/src/cipher.cpp b/src/cipher.cpp index a550312..8c56efa 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -12,15 +12,11 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -#include "olm/cipher.hh" +#include "olm/cipher.h" #include "olm/crypto.hh" #include "olm/memory.hh" #include -olm::Cipher::~Cipher() { - -} - namespace { struct DerivedKeys { @@ -51,41 +47,34 @@ static void derive_keys( static const std::size_t MAC_LENGTH = 8; -} // namespace - - -olm::CipherAesSha256::CipherAesSha256( - std::uint8_t const * kdf_info, std::size_t kdf_info_length -) : kdf_info(kdf_info), kdf_info_length(kdf_info_length) { - -} - - -std::size_t olm::CipherAesSha256::mac_length() const { +size_t aes_sha_256_cipher_mac_length(const struct olm_cipher *cipher) { return MAC_LENGTH; } - -std::size_t olm::CipherAesSha256::encrypt_ciphertext_length( - std::size_t plaintext_length -) const { +size_t aes_sha_256_cipher_encrypt_ciphertext_length( + const struct olm_cipher *cipher, size_t plaintext_length +) { return olm::aes_encrypt_cbc_length(plaintext_length); } +size_t aes_sha_256_cipher_encrypt( + const struct olm_cipher *cipher, + uint8_t const * key, size_t key_length, + uint8_t const * plaintext, size_t plaintext_length, + uint8_t * ciphertext, size_t ciphertext_length, + uint8_t * output, size_t output_length +) { + auto *c = reinterpret_cast(cipher); -std::size_t olm::CipherAesSha256::encrypt( - std::uint8_t const * key, std::size_t key_length, - std::uint8_t const * plaintext, std::size_t plaintext_length, - std::uint8_t * ciphertext, std::size_t ciphertext_length, - std::uint8_t * output, std::size_t output_length -) const { - if (encrypt_ciphertext_length(plaintext_length) < ciphertext_length) { + if (aes_sha_256_cipher_encrypt_ciphertext_length(cipher, plaintext_length) + < ciphertext_length) { return std::size_t(-1); } + struct DerivedKeys keys; std::uint8_t mac[SHA256_OUTPUT_LENGTH]; - derive_keys(kdf_info, kdf_info_length, key, key_length, keys); + derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys); olm::aes_encrypt_cbc( keys.aes_key, keys.aes_iv, plaintext, plaintext_length, ciphertext @@ -102,22 +91,26 @@ std::size_t olm::CipherAesSha256::encrypt( } -std::size_t olm::CipherAesSha256::decrypt_max_plaintext_length( - std::size_t ciphertext_length -) const { +size_t aes_sha_256_cipher_decrypt_max_plaintext_length( + const struct olm_cipher *cipher, + size_t ciphertext_length +) { return ciphertext_length; } -std::size_t olm::CipherAesSha256::decrypt( - std::uint8_t const * key, std::size_t key_length, - std::uint8_t const * input, std::size_t input_length, - std::uint8_t const * ciphertext, std::size_t ciphertext_length, - std::uint8_t * plaintext, std::size_t max_plaintext_length -) const { +size_t aes_sha_256_cipher_decrypt( + const struct olm_cipher *cipher, + uint8_t const * key, size_t key_length, + uint8_t const * input, size_t input_length, + uint8_t const * ciphertext, size_t ciphertext_length, + uint8_t * plaintext, size_t max_plaintext_length +) { + auto *c = reinterpret_cast(cipher); + DerivedKeys keys; std::uint8_t mac[SHA256_OUTPUT_LENGTH]; - derive_keys(kdf_info, kdf_info_length, key, key_length, keys); + derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys); crypto_hmac_sha256( keys.mac_key, olm::KEY_LENGTH, input, input_length - MAC_LENGTH, mac @@ -136,3 +129,30 @@ std::size_t olm::CipherAesSha256::decrypt( olm::unset(keys); return plaintext_length; } + + +void aes_sha_256_cipher_destruct(struct olm_cipher *cipher) { +} + + +const cipher_ops aes_sha_256_cipher_ops = { + aes_sha_256_cipher_mac_length, + aes_sha_256_cipher_encrypt_ciphertext_length, + aes_sha_256_cipher_encrypt, + aes_sha_256_cipher_decrypt_max_plaintext_length, + aes_sha_256_cipher_decrypt, + aes_sha_256_cipher_destruct +}; + +} // namespace + + +olm_cipher *olm_cipher_aes_sha_256_init(struct olm_cipher_aes_sha_256 *cipher, + uint8_t const * kdf_info, + size_t kdf_info_length) +{ + cipher->base_cipher.ops = &aes_sha_256_cipher_ops; + cipher->kdf_info = kdf_info; + cipher->kdf_info_length = kdf_info_length; + return &(cipher->base_cipher); +} -- cgit v1.2.3 From 444ef1f70687c340ba1b0b2a22d6e63c734d5f9e Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Fri, 20 May 2016 11:59:31 +0100 Subject: Prefix for internal symbols Give a load of internal symbols "_olm_" prefixes. This better delineates the public and private interfaces in the module, and helps avoid internal symbols leaking out and possibly being abused. --- src/cipher.cpp | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) (limited to 'src/cipher.cpp') diff --git a/src/cipher.cpp b/src/cipher.cpp index 8c56efa..73d6680 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -32,7 +32,7 @@ static void derive_keys( DerivedKeys & keys ) { std::uint8_t derived_secrets[2 * olm::KEY_LENGTH + olm::IV_LENGTH]; - crypto_hkdf_sha256( + _olm_crypto_hkdf_sha256( key, key_length, nullptr, 0, kdf_info, kdf_info_length, @@ -47,24 +47,24 @@ static void derive_keys( static const std::size_t MAC_LENGTH = 8; -size_t aes_sha_256_cipher_mac_length(const struct olm_cipher *cipher) { +size_t aes_sha_256_cipher_mac_length(const struct _olm_cipher *cipher) { return MAC_LENGTH; } size_t aes_sha_256_cipher_encrypt_ciphertext_length( - const struct olm_cipher *cipher, size_t plaintext_length + const struct _olm_cipher *cipher, size_t plaintext_length ) { return olm::aes_encrypt_cbc_length(plaintext_length); } size_t aes_sha_256_cipher_encrypt( - const struct olm_cipher *cipher, + const struct _olm_cipher *cipher, uint8_t const * key, size_t key_length, uint8_t const * plaintext, size_t plaintext_length, uint8_t * ciphertext, size_t ciphertext_length, uint8_t * output, size_t output_length ) { - auto *c = reinterpret_cast(cipher); + auto *c = reinterpret_cast(cipher); if (aes_sha_256_cipher_encrypt_ciphertext_length(cipher, plaintext_length) < ciphertext_length) { @@ -80,7 +80,7 @@ size_t aes_sha_256_cipher_encrypt( keys.aes_key, keys.aes_iv, plaintext, plaintext_length, ciphertext ); - crypto_hmac_sha256( + _olm_crypto_hmac_sha256( keys.mac_key, olm::KEY_LENGTH, output, output_length - MAC_LENGTH, mac ); @@ -92,27 +92,27 @@ size_t aes_sha_256_cipher_encrypt( size_t aes_sha_256_cipher_decrypt_max_plaintext_length( - const struct olm_cipher *cipher, + const struct _olm_cipher *cipher, size_t ciphertext_length ) { return ciphertext_length; } size_t aes_sha_256_cipher_decrypt( - const struct olm_cipher *cipher, + const struct _olm_cipher *cipher, uint8_t const * key, size_t key_length, uint8_t const * input, size_t input_length, uint8_t const * ciphertext, size_t ciphertext_length, uint8_t * plaintext, size_t max_plaintext_length ) { - auto *c = reinterpret_cast(cipher); + auto *c = reinterpret_cast(cipher); DerivedKeys keys; std::uint8_t mac[SHA256_OUTPUT_LENGTH]; derive_keys(c->kdf_info, c->kdf_info_length, key, key_length, keys); - crypto_hmac_sha256( + _olm_crypto_hmac_sha256( keys.mac_key, olm::KEY_LENGTH, input, input_length - MAC_LENGTH, mac ); @@ -131,11 +131,11 @@ size_t aes_sha_256_cipher_decrypt( } -void aes_sha_256_cipher_destruct(struct olm_cipher *cipher) { +void aes_sha_256_cipher_destruct(struct _olm_cipher *cipher) { } -const cipher_ops aes_sha_256_cipher_ops = { +const _olm_cipher_ops aes_sha_256_cipher_ops = { aes_sha_256_cipher_mac_length, aes_sha_256_cipher_encrypt_ciphertext_length, aes_sha_256_cipher_encrypt, @@ -147,10 +147,11 @@ const cipher_ops aes_sha_256_cipher_ops = { } // namespace -olm_cipher *olm_cipher_aes_sha_256_init(struct olm_cipher_aes_sha_256 *cipher, - uint8_t const * kdf_info, - size_t kdf_info_length) -{ +_olm_cipher *_olm_cipher_aes_sha_256_init( + struct _olm_cipher_aes_sha_256 *cipher, + uint8_t const * kdf_info, + size_t kdf_info_length +) { cipher->base_cipher.ops = &aes_sha_256_cipher_ops; cipher->kdf_info = kdf_info; cipher->kdf_info_length = kdf_info_length; -- cgit v1.2.3 From d4a3c8dbaa6730519d3b6b13004e7fd9ea288870 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 24 May 2016 09:56:01 +0100 Subject: Remove 'destruct' from cipher_ops We never delete a cipher, and the destruct op is empty, so it's a bit pointless --- src/cipher.cpp | 5 ----- 1 file changed, 5 deletions(-) (limited to 'src/cipher.cpp') diff --git a/src/cipher.cpp b/src/cipher.cpp index 73d6680..7830f6c 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -131,17 +131,12 @@ size_t aes_sha_256_cipher_decrypt( } -void aes_sha_256_cipher_destruct(struct _olm_cipher *cipher) { -} - - const _olm_cipher_ops aes_sha_256_cipher_ops = { aes_sha_256_cipher_mac_length, aes_sha_256_cipher_encrypt_ciphertext_length, aes_sha_256_cipher_encrypt, aes_sha_256_cipher_decrypt_max_plaintext_length, aes_sha_256_cipher_decrypt, - aes_sha_256_cipher_destruct }; } // namespace -- cgit v1.2.3 From 2fd28a66824bda7b86c08b065736009c39761987 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Tue, 24 May 2016 12:06:47 +0100 Subject: Rewrite _olm_cipher_aes_sha_256 initialisation Replace the init-static-var dance with some preprocessor macros --- src/cipher.cpp | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) (limited to 'src/cipher.cpp') diff --git a/src/cipher.cpp b/src/cipher.cpp index 7830f6c..8c3de92 100644 --- a/src/cipher.cpp +++ b/src/cipher.cpp @@ -130,25 +130,12 @@ size_t aes_sha_256_cipher_decrypt( return plaintext_length; } +} // namespace -const _olm_cipher_ops aes_sha_256_cipher_ops = { +const struct _olm_cipher_ops _olm_cipher_aes_sha_256_ops = { aes_sha_256_cipher_mac_length, aes_sha_256_cipher_encrypt_ciphertext_length, aes_sha_256_cipher_encrypt, aes_sha_256_cipher_decrypt_max_plaintext_length, aes_sha_256_cipher_decrypt, }; - -} // namespace - - -_olm_cipher *_olm_cipher_aes_sha_256_init( - struct _olm_cipher_aes_sha_256 *cipher, - uint8_t const * kdf_info, - size_t kdf_info_length -) { - cipher->base_cipher.ops = &aes_sha_256_cipher_ops; - cipher->kdf_info = kdf_info; - cipher->kdf_info_length = kdf_info_length; - return &(cipher->base_cipher); -} -- cgit v1.2.3