use anastasis_(de|en)crypt primitive everywhere

author: Florian Dold <florian@dold.me> 2021-10-06 20:23:37 +0200
committer: Florian Dold <florian@dold.me> 2021-10-06 20:23:37 +0200
commit: bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa (patch)
tree: 7c4098fe4f1369451cff79b977c91e31e9e7d773 /src/util
parent: 9328a55a72c4a61d62f7e052854ea8ba52801879 (diff)
download: anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.tar.gz
anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.tar.bz2
anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.zip
2 files changed, 102 insertions, 71 deletions
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index bed0a94..067ac92 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -239,6 +239,7 @@ anastasis_decrypt (const void *key,
   if (*res_size >= data_size)
   {
     GNUNET_break (0);
+    *res = NULL;
     return;
   }
   *res = GNUNET_malloc (*res_size);
@@ -530,93 +531,110 @@ ANASTASIS_CRYPTO_policy_key_derive (
 }
 
 
-void
+struct ANASTASIS_CoreSecretEncryptionResult *
 ANASTASIS_CRYPTO_core_secret_encrypt (
   const struct ANASTASIS_CRYPTO_PolicyKeyP *policy_keys,
   unsigned int policy_keys_length,
   const void *core_secret,
-  size_t core_secret_size,
-  void **enc_core_secret,
-  struct ANASTASIS_CRYPTO_EncryptedMasterKeyP *encrypted_master_keys)
+  size_t core_secret_size)
 {
-  struct GNUNET_CRYPTO_SymmetricSessionKey sk;
-  struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
   struct GNUNET_HashCode master_key;
+  struct ANASTASIS_CoreSecretEncryptionResult *cser;
+  struct ANASTASIS_CRYPTO_NonceP nonce;
+
+  cser = GNUNET_new (struct ANASTASIS_CoreSecretEncryptionResult);
 
-  *enc_core_secret = GNUNET_malloc (core_secret_size);
   GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
                               &master_key,
                               sizeof (struct GNUNET_HashCode));
-  GNUNET_CRYPTO_hash_to_aes_key (&master_key,
-                                 &sk,
-                                 &iv);
-  GNUNET_assert (GNUNET_SYSERR !=
-                 GNUNET_CRYPTO_symmetric_encrypt (core_secret,
-                                                  core_secret_size,
-                                                  &sk,
-                                                  &iv,
-                                                  *enc_core_secret));
+  GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
+                              &nonce,
+                              sizeof (struct ANASTASIS_CRYPTO_NonceP));
+
+  anastasis_encrypt (&nonce,
+                     &master_key,
+                     sizeof (struct GNUNET_HashCode),
+                     core_secret,
+                     core_secret_size,
+                     "cse",
+                     &cser->enc_core_secret,
+                     &cser->enc_core_secret_size);
+
+  /* Allocate result arrays with NULL-termination so we don't
+     need to store the length to free */
+  cser->enc_master_key_sizes = GNUNET_new_array (policy_keys_length + 1,
+                                                 size_t);
+  cser->enc_master_keys = GNUNET_new_array (policy_keys_length + 1,
+                                            void *);
+
   for (unsigned int i = 0; i < policy_keys_length; i++)
   {
-    struct GNUNET_CRYPTO_SymmetricSessionKey i_sk;
-    struct GNUNET_CRYPTO_SymmetricInitializationVector i_iv;
-    struct GNUNET_HashCode key = policy_keys[i].key;
-
-    GNUNET_CRYPTO_hash_to_aes_key (&key,
-                                   &i_sk,
-                                   &i_iv);
-    GNUNET_assert (
-      GNUNET_SYSERR !=
-      GNUNET_CRYPTO_symmetric_encrypt (&master_key,
-                                       sizeof (struct GNUNET_HashCode),
-                                       &i_sk,
-                                       &i_iv,
-                                       &encrypted_master_keys[i]));
+    struct ANASTASIS_CRYPTO_NonceP nonce_i;
+
+    GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_STRONG,
+                                &nonce_i,
+                                sizeof (struct ANASTASIS_CRYPTO_NonceP));
+
+    anastasis_encrypt (&nonce_i,
+                       &policy_keys[i].key,
+                       sizeof (struct GNUNET_HashCode),
+                       &master_key,
+                       sizeof (struct GNUNET_HashCode),
+                       "emk",
+                       &cser->enc_master_keys[i],
+                       &cser->enc_master_key_sizes[i]);
   }
+  return cser;
 }
 
 
+/**
+ * Decrypts the core secret with the master key. First the master key is decrypted with the provided policy key.
+ * Afterwards the core secret is encrypted with the master key. The core secret is returned.
+ *
+ * @param encrypted_master_key master key for decrypting the core secret, is itself encrypted by the policy key
+ * @param encrypted_master_key_size size of the encrypted master key
+ * @param policy_key built policy key which will decrypt the master key
+ * @param encrypted_core_secret the encrypted core secret from the user, will be encrypted with the policy key
+ * @param encrypted_core_secret_size size of the encrypted core secret
+ * @param[out] core_secret decrypted core secret will be returned
+ * @param[out] core_secret_size size of core secret
+ */
 void
 ANASTASIS_CRYPTO_core_secret_recover (
-  const struct ANASTASIS_CRYPTO_EncryptedMasterKeyP *encrypted_master_key,
+  const void *encrypted_master_key,
+  size_t encrypted_master_key_size,
   const struct ANASTASIS_CRYPTO_PolicyKeyP *policy_key,
   const void *encrypted_core_secret,
   size_t encrypted_core_secret_size,
   void **core_secret,
   size_t *core_secret_size)
 {
-  struct GNUNET_CRYPTO_SymmetricSessionKey mk_sk;
-  struct GNUNET_CRYPTO_SymmetricInitializationVector mk_iv;
-  struct GNUNET_CRYPTO_SymmetricSessionKey core_sk;
-  struct GNUNET_CRYPTO_SymmetricInitializationVector core_iv;
-  struct GNUNET_HashCode master_key;
-  struct GNUNET_HashCode key = policy_key->key;
+  void *master_key;
+  size_t master_key_size;
 
   *core_secret = GNUNET_malloc (encrypted_core_secret_size);
-  GNUNET_CRYPTO_hash_to_aes_key (&key,
-                                 &mk_sk,
-                                 &mk_iv);
-  GNUNET_assert (
-    GNUNET_SYSERR !=
-    GNUNET_CRYPTO_symmetric_decrypt (
-      encrypted_master_key,
-      sizeof (struct ANASTASIS_CRYPTO_EncryptedMasterKeyP),
-      &mk_sk,
-      &mk_iv,
-      &master_key));
-  GNUNET_CRYPTO_hash_to_aes_key (&master_key,
-                                 &core_sk,
-                                 &core_iv);
+  anastasis_decrypt (&policy_key->key,
+                     sizeof (struct GNUNET_HashCode),
+                     encrypted_master_key,
+                     encrypted_master_key_size,
+                     "emk",
+                     &master_key,
+                     &master_key_size);
+  GNUNET_break (NULL != master_key);
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "At %s:%d encrypted core secret is %s-%llu b\n", __FILE__,
               __LINE__,
               TALER_b2s (encrypted_core_secret, encrypted_core_secret_size),
               (unsigned long long) encrypted_core_secret_size);
-  *core_secret_size = GNUNET_CRYPTO_symmetric_decrypt (encrypted_core_secret,
-                                                       encrypted_core_secret_size,
-                                                       &core_sk,
-                                                       &core_iv,
-                                                       *core_secret);
+  anastasis_decrypt (master_key,
+                     master_key_size,
+                     encrypted_core_secret,
+                     encrypted_core_secret_size,
+                     "cse",
+                     core_secret,
+                     core_secret_size);
+  GNUNET_break (NULL != *core_secret);
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "At %s:%d decrypted core secret is %s-%llu b\n", __FILE__,
               __LINE__,
@@ -626,4 +644,22 @@ ANASTASIS_CRYPTO_core_secret_recover (
 }
 
 
+/**
+ * Destroy a core secret encryption result.
+ *
+ * @param cser the result to destroy
+ */
+void
+ANASTASIS_CRYPTO_destroy_encrypted_core_secret (
+  struct ANASTASIS_CoreSecretEncryptionResult *cser)
+{
+  for (unsigned int i = 0; NULL != cser->enc_master_keys[i]; i++)
+    GNUNET_free (cser->enc_master_keys[i]);
+  GNUNET_free (cser->enc_master_keys);
+  GNUNET_free (cser->enc_master_key_sizes);
+  GNUNET_free (cser->enc_core_secret);
+  GNUNET_free (cser);
+}
+
+
 /* end of anastasis_crypto.c */
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index b435bea..428aebf 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -216,11 +216,9 @@ test_core_secret (void)
 {
   const char *test = "TEST_CORE_SECRET";
   const char *test_wrong = "TEST_CORE_WRONG";
-  void *enc_core_secret;
   unsigned int policy_keys_length = 5;
   struct ANASTASIS_CRYPTO_MasterSaltP salt;
-  struct ANASTASIS_CRYPTO_EncryptedMasterKeyP
-    encrypted_master_keys[policy_keys_length];
+  struct ANASTASIS_CoreSecretEncryptionResult *cser;
 
   GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
                               &salt,
@@ -258,14 +256,10 @@ test_core_secret (void)
               TALER_b2s (test, strlen (test)));
 
   // test encryption of core_secret
-  ANASTASIS_CRYPTO_core_secret_encrypt (policy_keys,
-                                        policy_keys_length,
-                                        test,
-                                        strlen (test),
-                                        &enc_core_secret,
-                                        (struct
-                                         ANASTASIS_CRYPTO_EncryptedMasterKeyP *)
-                                        &encrypted_master_keys);
+  cser = ANASTASIS_CRYPTO_core_secret_encrypt (policy_keys,
+                                               policy_keys_length,
+                                               test,
+                                               strlen (test));
 
   // test recover of core secret
   for (unsigned int k = 0; k < policy_keys_length; k++)
@@ -273,10 +267,11 @@ test_core_secret (void)
     void *dec_core_secret;
     size_t core_secret_size;
 
-    ANASTASIS_CRYPTO_core_secret_recover (&encrypted_master_keys[k],
+    ANASTASIS_CRYPTO_core_secret_recover (cser->enc_master_keys[k],
+                                          cser->enc_master_key_sizes[k],
                                           &policy_keys[k],
-                                          enc_core_secret,
-                                          strlen (test),
+                                          cser->enc_core_secret,
+                                          cser->enc_core_secret_size,
                                           &dec_core_secret,
                                           &core_secret_size);
     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -291,7 +286,7 @@ test_core_secret (void)
                               test)));
     GNUNET_free (dec_core_secret);
   }
-  GNUNET_free (enc_core_secret);
+  ANASTASIS_CRYPTO_destroy_encrypted_core_secret (cser);
   return 0;
 }
author	Florian Dold <florian@dold.me>	2021-10-06 20:23:37 +0200
committer	Florian Dold <florian@dold.me>	2021-10-06 20:23:37 +0200
commit	bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa (patch)
tree	7c4098fe4f1369451cff79b977c91e31e9e7d773 /src/util
parent	9328a55a72c4a61d62f7e052854ea8ba52801879 (diff)
download	anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.tar.gz anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.tar.bz2 anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.zip