remove references to AES, fix ciphertext header

1 files changed, 13 insertions, 27 deletions

diff --git a/src/include/anastasis_crypto_lib.h b/src/include/anastasis_crypto_lib.h
index 9e038fc..fbafcd6 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -133,7 +133,7 @@ struct ANASTASIS_CRYPTO_PolicyKeyP
 
 
 /**
- * Specifies a Nonce used for the AES encryption, here defined as 32Byte large.
+ * Nonce used for encryption, 24 bytes.
  */
 struct ANASTASIS_CRYPTO_NonceP
 {
@@ -142,16 +142,16 @@ struct ANASTASIS_CRYPTO_NonceP
 
 
 /**
- * Specifies an IV used for the AES encryption, here defined as 16Byte large.
+ * Header that is prepended to a ciphertext, consisting of nonce and MAC.
  */
-struct ANASTASIS_CRYPTO_IvP
+struct ANASTASIS_CRYPTO_CiphertextHeaderP
 {
-  uint32_t iv[4];
+  uint8_t header[crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES];
 };
 
 
 /**
- * Specifies an symmetric key used for the AES encryption, here defined as 32Byte large.
+ * Specifies a key used for symmetric encryption, 32 bytes.
  */
 struct ANASTASIS_CRYPTO_SymKeyP
 {
@@ -160,15 +160,6 @@ struct ANASTASIS_CRYPTO_SymKeyP
 
 
 /**
- * Specifies an AES Tag used for the AES authentication, here defined as 16 Byte large.
- */
-struct ANASTASIS_CRYPTO_AesTagP
-{
-  uint32_t aes_tag[4];
-};
-
-
-/**
  * Specifies a Key Share from an escrow provider, the combined
  * keyshares generate the EscrowMasterKey which is used to decrypt the
  * Secret from the user.
@@ -185,17 +176,12 @@ struct ANASTASIS_CRYPTO_KeyShareP
 struct ANASTASIS_CRYPTO_EncryptedKeyShareP
 {
   /**
-   * Nonce used for the symmetric encryption.
-   */
-  struct ANASTASIS_CRYPTO_NonceP nonce;
-
-  /**
-   * GCM tag to check authenticity.
+   * Ciphertext.
    */
-  struct ANASTASIS_CRYPTO_AesTagP tag;
+  struct ANASTASIS_CRYPTO_CiphertextHeaderP header;
 
   /**
-   * The actual key share.
+   * The actual key share, encrypted.
    */
   struct ANASTASIS_CRYPTO_KeyShareP keyshare;
 };
@@ -362,7 +348,7 @@ ANASTASIS_CRYPTO_secure_answer_hash (
 
 
 /**
- * Encrypt and signs the recovery document with AES256, the recovery
+ * Encrypt and signs the recovery document, the recovery
  * document is encrypted with a derivation from the user identifier
  * and the salt "erd".
  *
@@ -383,7 +369,7 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
 
 
 /**
- * Decrypts the recovery document with AES256, the decryption key is generated with
+ * Decrypts the recovery document, the decryption key is generated with
  * the user identifier provided by the user and the salt "erd". The nonce and IV used for the encryption
  * are the first 48 bytes of the data.
  *
@@ -437,7 +423,7 @@ ANASTASIS_CRYPTO_keyshare_decrypt (
 
 /**
  * Encrypts the truth data which contains the hashed answer or the
- * phone number.  It is encrypted with AES256, the key is generated
+ * phone number.  It is encrypted with xsalsa20-poly1305, the key is generated
  * with the user identification as entropy source and the salt "ect".
  *
  * @param nonce value to use for the nonce
@@ -460,7 +446,7 @@ ANASTASIS_CRYPTO_truth_encrypt (
 
 /**
  * Decrypts the truth data which contains the hashed answer or the phone number..
- * It is decrypted with AES256, the key is generated with the user identification as
+ * It is decrypted with xsalsa20-poly1305, the key is generated with the user identification as
  * entropy source and the salt "ect".
  *
  * @param truth_enc_key master key used for encryption of the truth (see interface EscrowMethod)
@@ -510,7 +496,7 @@ ANASTASIS_CRYPTO_policy_key_derive (
  * The core secret is the user provided secret which will be saved with Anastasis.
  * The secret will be encrypted with the master key, the master key is a random key which will
  * be generated. The master key afterwards will be encrypted with the different policy keys.
- * Encryption is performed with AES256
+ * Encryption is performed with xsalsa20-poly1305.
  *
  * @param policy_keys an array of policy keys which are used to encrypt the master key
  * @param policy_keys_length defines the amount of policy keys and also the amount of encrypted master keys