gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r11808 - in gnunet/src: core include util

From: gnunet
Subject: [GNUnet-SVN] r11808 - in gnunet/src: core include util
Date: Fri, 18 Jun 2010 17:29:45 +0200 
Author: grothoff
Date: 2010-06-18 17:29:45 +0200 (Fri, 18 Jun 2010)
New Revision: 11808

Modified:
   gnunet/src/core/gnunet-service-core.c
   gnunet/src/include/gnunet_crypto_lib.h
   gnunet/src/util/crypto_hash.c
Log:
hmac

Modified: gnunet/src/core/gnunet-service-core.c
===================================================================
--- gnunet/src/core/gnunet-service-core.c       2010-06-18 15:02:59 UTC (rev 
11807)
+++ gnunet/src/core/gnunet-service-core.c       2010-06-18 15:29:45 UTC (rev 
11808)
@@ -189,7 +189,7 @@
    * verify message integrity.  Everything after this hash (including
    * this hash itself) will be encrypted.  
    */
-  GNUNET_HashCode plaintext_hash;
+  GNUNET_HashCode hmac;
 
   /**
    * Sequence number, in network byte order.  This field
@@ -2024,15 +2024,16 @@
   em->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE);
   em->iv_seed = ph->iv_seed;
   esize = used - ENCRYPTED_HEADER_SIZE;
-  GNUNET_CRYPTO_hash (&ph->sequence_number,
+  GNUNET_CRYPTO_hmac (&n->encrypt_key,
+                     &ph->sequence_number,
                      esize - sizeof (GNUNET_HashCode), 
-                     &ph->plaintext_hash);
+                     &ph->hmac);
   GNUNET_CRYPTO_hash (&ph->iv_seed, sizeof (uint32_t), &iv);
 #if DEBUG_HANDSHAKE
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Hashed %u bytes of plaintext (`%s') using IV `%d'\n",
              (unsigned int) (esize - sizeof (GNUNET_HashCode)),
-             GNUNET_h2s (&ph->plaintext_hash),
+             GNUNET_h2s (&ph->hmac),
              (int) ph->iv_seed);
 #endif
   /* encrypt */
@@ -2046,8 +2047,8 @@
   GNUNET_assert (GNUNET_OK ==
                  do_encrypt (n,
                              &iv,
-                             &ph->plaintext_hash,
-                             &em->plaintext_hash, esize));
+                             &ph->hmac,
+                             &em->hmac, esize));
   /* append to transmission list */
   GNUNET_CONTAINER_DLL_insert_after (n->encrypted_head,
                                     n->encrypted_tail,
@@ -3313,13 +3314,14 @@
   if (GNUNET_OK !=
       do_decrypt (n,
                   &iv,
-                  &m->plaintext_hash,
+                  &m->hmac,
                   &buf[ENCRYPTED_HEADER_SIZE], 
                  size - ENCRYPTED_HEADER_SIZE))
     return;
   pt = (struct EncryptedMessage *) buf;
   /* validate hash */
-  GNUNET_CRYPTO_hash (&pt->sequence_number,
+  GNUNET_CRYPTO_hmac (&n->decrypt_key,
+                     &pt->sequence_number,
                       size - ENCRYPTED_HEADER_SIZE - sizeof (GNUNET_HashCode), 
&ph);
 #if DEBUG_HANDSHAKE 
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -3329,7 +3331,7 @@
              (int) m->iv_seed);
 #endif
   if (0 != memcmp (&ph, 
-                  &pt->plaintext_hash, 
+                  &pt->hmac, 
                   sizeof (GNUNET_HashCode)))
     {
       /* checksum failed */

Modified: gnunet/src/include/gnunet_crypto_lib.h
===================================================================
--- gnunet/src/include/gnunet_crypto_lib.h      2010-06-18 15:02:59 UTC (rev 
11807)
+++ gnunet/src/include/gnunet_crypto_lib.h      2010-06-18 15:29:45 UTC (rev 
11808)
@@ -354,6 +354,21 @@
 
 
 /**
+ * Calculate HMAC of a message (RFC 2104)
+ *
+ * @param key secret key
+ * @param plaintext input plaintext
+ * @param plaintext_len length of plaintext
+ * @param hmac where to store the hmac
+ */
+void 
+GNUNET_CRYPTO_hmac (const struct GNUNET_CRYPTO_AesSessionKey *key,
+                   const void *plaintext,
+                   size_t plaintext_len,
+                   GNUNET_HashCode *hmac);
+
+
+/**
  * Function called once the hash computation over the
  * specified file has completed.
  *

Modified: gnunet/src/util/crypto_hash.c
===================================================================
--- gnunet/src/util/crypto_hash.c       2010-06-18 15:02:59 UTC (rev 11807)
+++ gnunet/src/util/crypto_hash.c       2010-06-18 15:29:45 UTC (rev 11808)
@@ -806,4 +806,43 @@
   return 0;
 }
 
+
+/**
+ * Calculate HMAC of a message (RFC 2104)
+ *
+ * @param key secret key
+ * @param plaintext input plaintext
+ * @param plaintext_len length of plaintext
+ * @param hmac where to store the hmac
+ */
+void 
+GNUNET_CRYPTO_hmac (const struct GNUNET_CRYPTO_AesSessionKey *key,
+                   const void *plaintext,
+                   size_t plaintext_len,
+                   GNUNET_HashCode *hmac)
+{
+  GNUNET_HashCode kh;
+  GNUNET_HashCode ipad;
+  GNUNET_HashCode opad;
+  GNUNET_HashCode him;
+  struct sha512_ctx sctx;
+
+  memset (&kh, 0, sizeof (kh));
+  GNUNET_assert (sizeof (GNUNET_HashCode) > sizeof (struct 
GNUNET_CRYPTO_AesSessionKey));
+  memcpy (&kh, key, sizeof (struct GNUNET_CRYPTO_AesSessionKey));              
                
+  memset (&ipad, 0x5c, sizeof (ipad));
+  memset (&opad, 0x36, sizeof (opad));
+  GNUNET_CRYPTO_hash_xor (&ipad, &kh, &ipad);
+  GNUNET_CRYPTO_hash_xor (&opad, &kh, &opad);
+  sha512_init (&sctx);
+  sha512_update (&sctx, (const unsigned char*) &ipad, sizeof (ipad));
+  sha512_update (&sctx, plaintext, plaintext_len);
+  sha512_final (&sctx, (unsigned char*) &him);
+  sha512_init (&sctx);
+  sha512_update (&sctx, (const unsigned char*) &opad, sizeof (opad));
+  sha512_update (&sctx, (const unsigned char*) &him, sizeof (him));
+  sha512_final (&sctx, (unsigned char*) hmac);
+}
+
+
 /* end of crypto_hash.c */
reply via email to
[Prev in Thread] Current Thread [Next in Thread]