aniani/profanity
1
0
Fork 0
mirror of https://github.com/profanity-im/profanity.git synced 2024-12-04 14:46:46 -05:00
Code

Get rid of libsodium

Browse Source
This commit is contained in:
Paul Fariello 2019-03-06 18:57:11 +01:40
parent 695694051e
commit 605e06411c
5 changed files with 73 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
configure.ac
View File

@ -276,14 +276,6 @@ if test "x$enable_omemo" != xno; then
[AC_MSG_ERROR([libsignal-protocol-c is required for omemo support])], [AC_MSG_ERROR([libsignal-protocol-c is required for omemo support])],
[AC_MSG_NOTICE([libsignal-protocol-c not found, omemo support not enabled])])]) [AC_MSG_NOTICE([libsignal-protocol-c not found, omemo support not enabled])])])
AC_CHECK_LIB([sodium], [sodium_init],
[AM_CONDITIONAL([BUILD_OMEMO], [true])
AC_DEFINE([HAVE_OMEMO], [1], [Have omemo]),
LIBS="-lsodium $LIBS"],
[AS_IF([test "x$enable_omemo" = xyes],
[AC_MSG_ERROR([libsodium is required for omemo support])],
[AC_MSG_NOTICE([libsodium not found, omemo support not enabled])])])
AC_CHECK_LIB([gcrypt], [gcry_check_version], AC_CHECK_LIB([gcrypt], [gcry_check_version],
[AM_CONDITIONAL([BUILD_OMEMO], [true]) [AM_CONDITIONAL([BUILD_OMEMO], [true])
AC_DEFINE([HAVE_OMEMO], [1], [Have omemo]), AC_DEFINE([HAVE_OMEMO], [1], [Have omemo]),

2
src/command/cmd_funcs.c
View File

@ -7944,7 +7944,7 @@ cmd_omemo_start(ProfWin *window, const char *const command, gchar **args)
} }
if (!omemo_loaded()) { if (!omemo_loaded()) {
win_println(window, THEME_DEFAULT, '!', "You have not generated or loaded a cryptographic materials, use '/omemo init'"); win_println(window, THEME_DEFAULT, '!', "You have not generated or loaded a cryptographic materials, use '/omemo gen'");
return TRUE; return TRUE;
} }

84
src/omemo/crypto.c
View File

@ -1,19 +1,15 @@
#include <assert.h> #include <assert.h>
#include <signal/signal_protocol.h> #include <signal/signal_protocol.h>
#include <signal/signal_protocol_types.h> #include <signal/signal_protocol_types.h>
#include <sodium.h>
#include <gcrypt.h> #include <gcrypt.h>
#include "log.h"
#include "omemo/omemo.h" #include "omemo/omemo.h"
#include "omemo/crypto.h" #include "omemo/crypto.h"
int int
omemo_crypto_init(void) omemo_crypto_init(void)
{ {
if (sodium_init() < 0) {
return -1;
}
if (!gcry_check_version(GCRYPT_VERSION)) { if (!gcry_check_version(GCRYPT_VERSION)) {
return -1; return -1;
} }
@ -26,74 +22,114 @@ omemo_crypto_init(void)
int int
omemo_random_func(uint8_t *data, size_t len, void *user_data) omemo_random_func(uint8_t *data, size_t len, void *user_data)
{ {
randombytes_buf(data, len); gcry_randomize(data, len, GCRY_VERY_STRONG_RANDOM);
return 0; return 0;
} }
int int
omemo_hmac_sha256_init_func(void **hmac_context, const uint8_t *key, size_t key_len, void *user_data) omemo_hmac_sha256_init_func(void **hmac_context, const uint8_t *key, size_t key_len, void *user_data)
{ {
*hmac_context = sodium_malloc(sizeof(crypto_auth_hmacsha256_state)); gcry_error_t res;
return crypto_auth_hmacsha256_init(*hmac_context, key, key_len); gcry_mac_hd_t hd;
res = gcry_mac_open(&hd, GCRY_MAC_HMAC_SHA256, 0, NULL);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
*hmac_context = hd;
res = gcry_mac_setkey(hd, key, key_len);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
return 0;
} }
int int
omemo_hmac_sha256_update_func(void *hmac_context, const uint8_t *data, size_t data_len, void *user_data) omemo_hmac_sha256_update_func(void *hmac_context, const uint8_t *data, size_t data_len, void *user_data)
{ {
return crypto_auth_hmacsha256_update(hmac_context, data, data_len); gcry_error_t res;
res = gcry_mac_write(hmac_context, data, data_len);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
return 0;
} }
int int
omemo_hmac_sha256_final_func(void *hmac_context, signal_buffer **output, void *user_data) omemo_hmac_sha256_final_func(void *hmac_context, signal_buffer **output, void *user_data)
{ {
int ret; gcry_error_t res;
unsigned char out[crypto_auth_hmacsha256_BYTES]; size_t mac_len = 32;
unsigned char out[mac_len];
if ((ret = crypto_auth_hmacsha256_final(hmac_context, out)) != 0) { res = gcry_mac_read(hmac_context, out, &mac_len);
return ret; if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
} }
*output = signal_buffer_create(out, crypto_auth_hmacsha256_BYTES); *output = signal_buffer_create(out, mac_len);
return 0; return 0;
} }
void void
omemo_hmac_sha256_cleanup_func(void *hmac_context, void *user_data) omemo_hmac_sha256_cleanup_func(void *hmac_context, void *user_data)
{ {
sodium_free(hmac_context); gcry_mac_close(hmac_context);
} }
int int
omemo_sha512_digest_init_func(void **digest_context, void *user_data) omemo_sha512_digest_init_func(void **digest_context, void *user_data)
{ {
*digest_context = sodium_malloc(sizeof(crypto_hash_sha512_state)); gcry_error_t res;
return crypto_hash_sha512_init(*digest_context); gcry_md_hd_t hd;
res = gcry_md_open(&hd, GCRY_MD_SHA512, 0);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
*digest_context = hd;
return 0;
} }
int int
omemo_sha512_digest_update_func(void *digest_context, const uint8_t *data, size_t data_len, void *user_data) omemo_sha512_digest_update_func(void *digest_context, const uint8_t *data, size_t data_len, void *user_data)
{ {
return crypto_hash_sha512_update(digest_context, data, data_len); gcry_md_write(digest_context, data, data_len);
return 0;
} }
int int
omemo_sha512_digest_final_func(void *digest_context, signal_buffer **output, void *user_data) omemo_sha512_digest_final_func(void *digest_context, signal_buffer **output, void *user_data)
{ {
int ret; gcry_error_t res;
unsigned char out[crypto_hash_sha512_BYTES]; unsigned char out[64];
if ((ret = crypto_hash_sha512_final(digest_context, out)) != 0) { res = gcry_md_extract(digest_context, GCRY_MD_SHA512, out, 64);
return ret; if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
} }
*output = signal_buffer_create(out, crypto_hash_sha512_BYTES); *output = signal_buffer_create(out, 64);
return 0; return 0;
} }
void void
omemo_sha512_digest_cleanup_func(void *digest_context, void *user_data) omemo_sha512_digest_cleanup_func(void *digest_context, void *user_data)
{ {
sodium_free(digest_context); gcry_md_close(digest_context);
} }
int int

20
src/omemo/omemo.c
View File

@ -9,7 +9,7 @@
#include <signal/signal_protocol.h> #include <signal/signal_protocol.h>
#include <signal/session_builder.h> #include <signal/session_builder.h>
#include <signal/session_cipher.h> #include <signal/session_cipher.h>
#include <sodium.h> #include <gcrypt.h>
#include "config/account.h" #include "config/account.h"
#include "log.h" #include "log.h"
@ -218,7 +218,8 @@ omemo_generate_crypto_materials(ProfAccount *account)
return; return;
} }
omemo_ctx.device_id = randombytes_uniform(0x80000000); gcry_randomize(&omemo_ctx.device_id, 4, GCRY_VERY_STRONG_RANDOM);
omemo_ctx.device_id &= 0x7fffffff;
signal_protocol_key_helper_generate_identity_key_pair(&omemo_ctx.identity_key_pair, omemo_ctx.signal); signal_protocol_key_helper_generate_identity_key_pair(&omemo_ctx.identity_key_pair, omemo_ctx.signal);
signal_protocol_key_helper_generate_registration_id(&omemo_ctx.registration_id, 0, omemo_ctx.signal); signal_protocol_key_helper_generate_registration_id(&omemo_ctx.registration_id, 0, omemo_ctx.signal);
@ -245,8 +246,11 @@ omemo_generate_crypto_materials(ProfAccount *account)
static void static void
omemo_generate_short_term_crypto_materials(ProfAccount *account) omemo_generate_short_term_crypto_materials(ProfAccount *account)
{ {
unsigned int start;
gcry_randomize(&start, sizeof(unsigned int), GCRY_VERY_STRONG_RANDOM);
signal_protocol_key_helper_pre_key_list_node *pre_keys_head; signal_protocol_key_helper_pre_key_list_node *pre_keys_head;
signal_protocol_key_helper_generate_pre_keys(&pre_keys_head, randombytes_random(), 100, omemo_ctx.signal); signal_protocol_key_helper_generate_pre_keys(&pre_keys_head, start, 100, omemo_ctx.signal);
session_signed_pre_key *signed_pre_key; session_signed_pre_key *signed_pre_key;
struct timeval tv; struct timeval tv;
@ -442,13 +446,11 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
unsigned char *ciphertext; unsigned char *ciphertext;
size_t ciphertext_len; size_t ciphertext_len;
key = sodium_malloc(AES128_GCM_KEY_LENGTH);
iv = sodium_malloc(AES128_GCM_IV_LENGTH);
ciphertext_len = strlen(message) + AES128_GCM_TAG_LENGTH; ciphertext_len = strlen(message) + AES128_GCM_TAG_LENGTH;
ciphertext = malloc(ciphertext_len); ciphertext = malloc(ciphertext_len);
randombytes_buf(key, 16); key = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
randombytes_buf(iv, 16); iv = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, (const unsigned char * const)message, strlen(message), iv, key); res = aes128gcm_encrypt(ciphertext, &ciphertext_len, (const unsigned char * const)message, strlen(message), iv, key);
if (res != 0) { if (res != 0) {
@ -516,8 +518,8 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
free(id); free(id);
g_list_free_full(keys, free); g_list_free_full(keys, free);
free(ciphertext); free(ciphertext);
sodium_free(key); gcry_free(key);
sodium_free(iv); gcry_free(iv);
return TRUE; return TRUE;
} }

1
src/omemo/omemo.h
View File

@ -4,6 +4,7 @@
#include "config/account.h" #include "config/account.h"
#define OMEMO_ERR_UNSUPPORTED_CRYPTO -10000 #define OMEMO_ERR_UNSUPPORTED_CRYPTO -10000
#define OMEMO_ERR_GCRYPT -20000
typedef struct omemo_context_t omemo_context; typedef struct omemo_context_t omemo_context;