aboutsummaryrefslogtreecommitdiff
path: root/src/util/crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/crypto.c')
-rw-r--r--src/util/crypto.c118
1 files changed, 118 insertions, 0 deletions
diff --git a/src/util/crypto.c b/src/util/crypto.c
new file mode 100644
index 000000000..7ff741159
--- /dev/null
+++ b/src/util/crypto.c
@@ -0,0 +1,118 @@
1/*
2 This file is part of TALER
3 (C) 2014 Christian Grothoff (and other contributing authors)
4
5 TALER is free software; you can redistribute it and/or modify it under the
6 terms of the GNU General Public License as published by the Free Software
7 Foundation; either version 3, or (at your option) any later version.
8
9 TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12
13 You should have received a copy of the GNU General Public License along with
14 TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
15*/
16
17/**
18 * @file crypto.c
19 * @brief Cryptographic utility functions
20 * @author Sree Harsha Totakura <sreeharsha@totakura.in>
21 * @author Florian Dold
22 * @author Benedikt Mueller
23 */
24
25#include "platform.h"
26#include "taler_util.h"
27#include <gnunet/gnunet_common.h>
28#include <gnunet/gnunet_util_lib.h>
29#include <gcrypt.h>
30
31#define CURVE "Ed25519"
32
33
34static void
35fatal_error_handler (void *cls, int wtf, const char *msg)
36{
37 LOG_ERROR("Fatal error in Gcrypt: %s\n", msg);
38 abort();
39}
40
41
42/**
43 * Initialize Gcrypt library.
44 */
45void
46TALER_gcrypt_init()
47{
48 gcry_set_fatalerror_handler (&fatal_error_handler, NULL);
49 TALER_assert_as(gcry_check_version(NEED_LIBGCRYPT_VERSION),
50 "libgcrypt version mismatch");
51 /* Disable secure memory. */
52 gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
53 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
54}
55
56
57/**
58 * Derive symmetric key material for refresh operations from
59 * a given shared secret.
60 *
61 * @param secret the shared secret
62 * @param[out] iv set to initialization vector
63 * @param[out] skey set to session key
64 */
65static void
66derive_refresh_key (const struct GNUNET_HashCode *secret,
67 struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
68 struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
69{
70 static const char ctx_key[] = "taler-key-skey";
71 static const char ctx_iv[] = "taler-key-iv";
72
73 GNUNET_assert (GNUNET_YES ==
74 GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey),
75 ctx_key, strlen (ctx_key),
76 secret, sizeof (struct GNUNET_HashCode),
77 NULL, 0));
78 GNUNET_assert (GNUNET_YES ==
79 GNUNET_CRYPTO_kdf (iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector),
80 ctx_iv, strlen (ctx_iv),
81 secret, sizeof (struct GNUNET_HashCode),
82 NULL, 0));
83}
84
85
86int
87TALER_refresh_decrypt (const void *input,
88 size_t input_size,
89 const struct GNUNET_HashCode *secret,
90 void *result)
91{
92 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
93 struct GNUNET_CRYPTO_SymmetricSessionKey skey;
94
95 derive_refresh_key (secret, &iv, &skey);
96
97 return GNUNET_CRYPTO_symmetric_decrypt (input, input_size, &skey, &iv, result);
98}
99
100
101int
102TALER_refresh_encrypt (const void *input,
103 size_t input_size,
104 const struct GNUNET_HashCode *secret,
105 void *result)
106{
107 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
108 struct GNUNET_CRYPTO_SymmetricSessionKey skey;
109
110 derive_refresh_key (secret, &iv, &skey);
111
112 return GNUNET_CRYPTO_symmetric_encrypt (input, input_size, &skey, &iv, result);
113}
114
115
116
117
118/* end of crypto.c */