[taler-anastasis] branch master updated (3c308d9 -> ef2d157)

[gnunet]

This is an automated email from the git hooks/post-receive script.

ds-meister pushed a change to branch master
in repository anastasis.

    from 3c308d9  worked on crypto implementation (obviously with errors :D))
     new 29eabb3  worked on crypto lib
     new ef2d157  Worked on crypto lib

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 src/util/anastasis_crypto.c | 107 ++++++++++++++++++++++++++++----------------
 1 file changed, 69 insertions(+), 38 deletions(-)

diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 19874f8..c77c51e 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -26,6 +26,7 @@
 #include <gcrypt.h>
 #include <taler/taler_json_lib.h>
 #include <gnunet/gnunet_util_lib.h>
+#include <string.h>
 
 /**
  * Creates the UserIdentifier, it is used as entropy source for the encryption 
keys and
@@ -62,6 +63,8 @@ ANASTASIS_CRYPTO_account_public_key_derive (
   struct ANASTASIS_CRYPTO_AccountPublicKey *pub_key,
   const struct ANASTASIS_CRYPTO_UserIdentifier *id)
 {
+
+  // FIXME Muss zuerst HKDF mit "ver" als salt gemacht werden !
   struct GNUNET_CRYPTO_EddsaPrivateKey priv_key;
   char *val;
   val = GNUNET_STRINGS_data_to_string_alloc (&id,
@@ -95,47 +98,75 @@ ANASTASIS_CRYPTO_recovery_document_encrypt (
   void **res,
   size_t *res_size)
 {
-  char key[256 / 8];
-  char iv[96 / 8];
+  struct ANASTASIS_CRYPTO_Nonce nonce;
+  struct ANASTASIS_CRYPTO_Iv iv;
+  gcry_cipher_hd_t cipher;
+  char ciphertext[data_size];
+  char *str_id;
+  char *str_nonce;
+  unsigned int i;
+  char sym_key[32];
+  char source_key_material[64];
+  void *erd;
+
+  GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+                              &nonce,
+                              sizeof (nonce));
+
+  // FIXME IV CREATION
+  GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+                              &iv,
+                              sizeof (iv));
+
+  str_id = GNUNET_STRINGS_data_to_string_alloc (&id,
+                                                sizeof (id));
+
+  str_nonce = GNUNET_STRINGS_data_to_string_alloc (&nonce,
+                                                   sizeof (nonce));
+  strcpy (source_key_material, str_id);
+  strcat (source_key_material, str_nonce);
+
+  GNUNET_assert (0 == (GNUNET_CRYPTO_hkdf (sym_key,
+                                           sizeof(sym_key),
+                                           GCRY_MD_SHA512,
+                                           GCRY_MD_SHA256,
+                                           "erd",
+                                           (size_t) 3,
+                                           source_key_material,
+                                           sizeof(source_key_material))));
+  gcry_cipher_open (&cipher,
+                    GCRY_CIPHER_AES256,
+                    GCRY_CIPHER_MODE_GCM,
+                    0);
+  gcry_cipher_setkey (cipher,
+                      sym_key,
+                      sizeof (sym_key));
+  gcry_cipher_setiv (cipher,
+                     &iv,
+                     sizeof (iv));
+  gcry_cipher_encrypt (cipher,
+                       ciphertext,
+                       sizeof (ciphertext),
+                       data,
+                       data_size);
+  gcry_cipher_close (cipher);
+
+  res_size = sizeof (ciphertext) + sizeof(nonce) + sizeof(iv);
+  erd = GNUNET_malloc (res_size);
+  memcpy (erd,
+          &nonce,
+          sizeof(nonce));
+  memcpy (erd + sizeof(nonce),
+          &iv,
+          sizeof(iv));
+  memcpy (erd + sizeof(nonce) + sizeof(iv),
+          ciphertext,
+          sizeof(ciphertext));
+  *res = (void *) erd;
+}
 
-  const void *buf;
-  int rc;
-  gcry_cipher_hd_t handle;
 
-  GNUNET_break (0 == gcry_kdf_derive (buf,
-                                      strlen (buf),
-                                      GCRY_KDF_SCRYPT,
-                                      1 /* subalgo */,
-                                      "erd",
-                                      strlen ("erd"),
-                                      2 /* iterations; keep cost of individual 
op small */,
-                                      sizeof(twofish_key),
-                                      &twofish_key));
 
-  GNUNET_CRYPTO_kdf (twofish_iv,
-                     sizeof (twofish_iv),
-                     "gnunet-proof-of-work-iv",
-                     strlen ("gnunet-proof-of-work-iv"),
-                     twofish_key,
-                     sizeof(twofish_key),
-                     salt,
-                     strlen (salt),
-                     NULL, 0);
-  GNUNET_assert (0 ==
-                 gcry_cipher_open (&handle, GCRY_CIPHER_TWOFISH,
-                                   GCRY_CIPHER_MODE_CFB, 0));
-  rc = gcry_cipher_setkey (handle,
-                           twofish_key,
-                           sizeof(twofish_key));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-  rc = gcry_cipher_setiv (handle,
-                          twofish_iv,
-                          sizeof(twofish_iv));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-  GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf,
-                                           buf_len));
-  gcry_cipher_close (handle);
-}
 
 /**
  * Decrypts the recovery document with AES256, the decryption key is generated 
with

-- 
To stop receiving notification emails like this one, please contact
address@hidden.