1
0
mirror of https://github.com/profanity-im/profanity.git synced 2025-01-03 14:57:42 -05:00

Follow xep by putting gcm tag on encrypted key

This commit is contained in:
Paul Fariello 2019-03-06 21:23:06 +02:20
parent 605e06411c
commit b0c52f84ab
3 changed files with 23 additions and 13 deletions

View File

@ -261,7 +261,7 @@ out:
}
int
aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len, const unsigned char *const plaintext, size_t plaintext_len, const unsigned char *const iv, const unsigned char *const key)
aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len, unsigned char *tag, size_t *tag_len, const unsigned char *const plaintext, size_t plaintext_len, const unsigned char *const iv, const unsigned char *const key)
{
gcry_error_t res;
gcry_cipher_hd_t hd;
@ -284,7 +284,7 @@ aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len, const unsig
goto out;
}
res = gcry_cipher_gettag(hd, ciphertext + plaintext_len, AES128_GCM_TAG_LENGTH);
res = gcry_cipher_gettag(hd, tag, *tag_len);
if (res != GPG_ERR_NO_ERROR) {
goto out;
}

View File

@ -137,10 +137,10 @@ int omemo_decrypt_func(signal_buffer **output,
const uint8_t *ciphertext, size_t ciphertext_len,
void *user_data);
int aes128gcm_encrypt(unsigned char *ciphertext,
size_t *ciphertext_len, const unsigned char *const cleartext,
size_t cleatext_len, const unsigned char *const iv,
const unsigned char *const key);
int aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len,
unsigned char *tag, size_t *tag_len,
const unsigned char *const plaintext, size_t plaintext_len,
const unsigned char *const iv, const unsigned char *const key);
int aes128gcm_decrypt(unsigned char *plaintext,
size_t *plaintext_len, const unsigned char *const ciphertext,

View File

@ -444,19 +444,27 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
unsigned char *key;
unsigned char *iv;
unsigned char *ciphertext;
size_t ciphertext_len;
unsigned char *tag;
unsigned char *key_tag;
size_t ciphertext_len, tag_len;
ciphertext_len = strlen(message) + AES128_GCM_TAG_LENGTH;
ciphertext_len = strlen(message);
ciphertext = malloc(ciphertext_len);
tag_len = AES128_GCM_TAG_LENGTH;
tag = gcry_malloc_secure(tag_len);
key_tag = gcry_malloc_secure(AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH);
key = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
iv = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
key = gcry_random_bytes_secure(AES128_GCM_KEY_LENGTH, GCRY_VERY_STRONG_RANDOM);
iv = gcry_random_bytes_secure(AES128_GCM_IV_LENGTH, GCRY_VERY_STRONG_RANDOM);
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, (const unsigned char * const)message, strlen(message), iv, key);
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, tag, &tag_len, (const unsigned char * const)message, strlen(message), iv, key);
if (res != 0) {
return FALSE;
}
memcpy(key_tag, key, AES128_GCM_KEY_LENGTH);
memcpy(key_tag + AES128_GCM_KEY_LENGTH, tag, AES128_GCM_TAG_LENGTH);
GList *keys = NULL;
GList *device_ids_iter;
for (device_ids_iter = recipient_device_id; device_ids_iter != NULL; device_ids_iter = device_ids_iter->next) {
@ -472,7 +480,7 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
continue;
}
res = session_cipher_encrypt(cipher, key, AES128_GCM_KEY_LENGTH, &ciphertext);
res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
if (res != 0) {
continue;
}
@ -498,7 +506,7 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
continue;
}
res = session_cipher_encrypt(cipher, key, AES128_GCM_KEY_LENGTH, &ciphertext);
res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
if (res != 0) {
continue;
}
@ -520,6 +528,8 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
free(ciphertext);
gcry_free(key);
gcry_free(iv);
gcry_free(tag);
gcry_free(key_tag);
return TRUE;
}