mirror of
https://github.com/profanity-im/profanity.git
synced 2025-01-03 14:57:42 -05:00
Follow xep by putting gcm tag on encrypted key
This commit is contained in:
parent
605e06411c
commit
b0c52f84ab
@ -261,7 +261,7 @@ out:
|
||||
}
|
||||
|
||||
int
|
||||
aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len, const unsigned char *const plaintext, size_t plaintext_len, const unsigned char *const iv, const unsigned char *const key)
|
||||
aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len, unsigned char *tag, size_t *tag_len, const unsigned char *const plaintext, size_t plaintext_len, const unsigned char *const iv, const unsigned char *const key)
|
||||
{
|
||||
gcry_error_t res;
|
||||
gcry_cipher_hd_t hd;
|
||||
@ -284,7 +284,7 @@ aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len, const unsig
|
||||
goto out;
|
||||
}
|
||||
|
||||
res = gcry_cipher_gettag(hd, ciphertext + plaintext_len, AES128_GCM_TAG_LENGTH);
|
||||
res = gcry_cipher_gettag(hd, tag, *tag_len);
|
||||
if (res != GPG_ERR_NO_ERROR) {
|
||||
goto out;
|
||||
}
|
||||
|
@ -137,10 +137,10 @@ int omemo_decrypt_func(signal_buffer **output,
|
||||
const uint8_t *ciphertext, size_t ciphertext_len,
|
||||
void *user_data);
|
||||
|
||||
int aes128gcm_encrypt(unsigned char *ciphertext,
|
||||
size_t *ciphertext_len, const unsigned char *const cleartext,
|
||||
size_t cleatext_len, const unsigned char *const iv,
|
||||
const unsigned char *const key);
|
||||
int aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len,
|
||||
unsigned char *tag, size_t *tag_len,
|
||||
const unsigned char *const plaintext, size_t plaintext_len,
|
||||
const unsigned char *const iv, const unsigned char *const key);
|
||||
|
||||
int aes128gcm_decrypt(unsigned char *plaintext,
|
||||
size_t *plaintext_len, const unsigned char *const ciphertext,
|
||||
|
@ -444,19 +444,27 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
|
||||
unsigned char *key;
|
||||
unsigned char *iv;
|
||||
unsigned char *ciphertext;
|
||||
size_t ciphertext_len;
|
||||
unsigned char *tag;
|
||||
unsigned char *key_tag;
|
||||
size_t ciphertext_len, tag_len;
|
||||
|
||||
ciphertext_len = strlen(message) + AES128_GCM_TAG_LENGTH;
|
||||
ciphertext_len = strlen(message);
|
||||
ciphertext = malloc(ciphertext_len);
|
||||
tag_len = AES128_GCM_TAG_LENGTH;
|
||||
tag = gcry_malloc_secure(tag_len);
|
||||
key_tag = gcry_malloc_secure(AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH);
|
||||
|
||||
key = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
|
||||
iv = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
|
||||
key = gcry_random_bytes_secure(AES128_GCM_KEY_LENGTH, GCRY_VERY_STRONG_RANDOM);
|
||||
iv = gcry_random_bytes_secure(AES128_GCM_IV_LENGTH, GCRY_VERY_STRONG_RANDOM);
|
||||
|
||||
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, (const unsigned char * const)message, strlen(message), iv, key);
|
||||
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, tag, &tag_len, (const unsigned char * const)message, strlen(message), iv, key);
|
||||
if (res != 0) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
memcpy(key_tag, key, AES128_GCM_KEY_LENGTH);
|
||||
memcpy(key_tag + AES128_GCM_KEY_LENGTH, tag, AES128_GCM_TAG_LENGTH);
|
||||
|
||||
GList *keys = NULL;
|
||||
GList *device_ids_iter;
|
||||
for (device_ids_iter = recipient_device_id; device_ids_iter != NULL; device_ids_iter = device_ids_iter->next) {
|
||||
@ -472,7 +480,7 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
|
||||
continue;
|
||||
}
|
||||
|
||||
res = session_cipher_encrypt(cipher, key, AES128_GCM_KEY_LENGTH, &ciphertext);
|
||||
res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
|
||||
if (res != 0) {
|
||||
continue;
|
||||
}
|
||||
@ -498,7 +506,7 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
|
||||
continue;
|
||||
}
|
||||
|
||||
res = session_cipher_encrypt(cipher, key, AES128_GCM_KEY_LENGTH, &ciphertext);
|
||||
res = session_cipher_encrypt(cipher, key_tag, AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH, &ciphertext);
|
||||
if (res != 0) {
|
||||
continue;
|
||||
}
|
||||
@ -520,6 +528,8 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
|
||||
free(ciphertext);
|
||||
gcry_free(key);
|
||||
gcry_free(iv);
|
||||
gcry_free(tag);
|
||||
gcry_free(key_tag);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user