1
0
mirror of https://github.com/profanity-im/profanity.git synced 2024-12-04 14:46:46 -05:00

Get rid of libsodium

This commit is contained in:
Paul Fariello 2019-03-06 18:57:11 +01:40
parent 695694051e
commit 605e06411c
5 changed files with 73 additions and 42 deletions

View File

@ -276,14 +276,6 @@ if test "x$enable_omemo" != xno; then
[AC_MSG_ERROR([libsignal-protocol-c is required for omemo support])],
[AC_MSG_NOTICE([libsignal-protocol-c not found, omemo support not enabled])])])
AC_CHECK_LIB([sodium], [sodium_init],
[AM_CONDITIONAL([BUILD_OMEMO], [true])
AC_DEFINE([HAVE_OMEMO], [1], [Have omemo]),
LIBS="-lsodium $LIBS"],
[AS_IF([test "x$enable_omemo" = xyes],
[AC_MSG_ERROR([libsodium is required for omemo support])],
[AC_MSG_NOTICE([libsodium not found, omemo support not enabled])])])
AC_CHECK_LIB([gcrypt], [gcry_check_version],
[AM_CONDITIONAL([BUILD_OMEMO], [true])
AC_DEFINE([HAVE_OMEMO], [1], [Have omemo]),

View File

@ -7944,7 +7944,7 @@ cmd_omemo_start(ProfWin *window, const char *const command, gchar **args)
}
if (!omemo_loaded()) {
win_println(window, THEME_DEFAULT, '!', "You have not generated or loaded a cryptographic materials, use '/omemo init'");
win_println(window, THEME_DEFAULT, '!', "You have not generated or loaded a cryptographic materials, use '/omemo gen'");
return TRUE;
}

View File

@ -1,19 +1,15 @@
#include <assert.h>
#include <signal/signal_protocol.h>
#include <signal/signal_protocol_types.h>
#include <sodium.h>
#include <gcrypt.h>
#include "log.h"
#include "omemo/omemo.h"
#include "omemo/crypto.h"
int
omemo_crypto_init(void)
{
if (sodium_init() < 0) {
return -1;
}
if (!gcry_check_version(GCRYPT_VERSION)) {
return -1;
}
@ -26,74 +22,114 @@ omemo_crypto_init(void)
int
omemo_random_func(uint8_t *data, size_t len, void *user_data)
{
randombytes_buf(data, len);
gcry_randomize(data, len, GCRY_VERY_STRONG_RANDOM);
return 0;
}
int
omemo_hmac_sha256_init_func(void **hmac_context, const uint8_t *key, size_t key_len, void *user_data)
{
*hmac_context = sodium_malloc(sizeof(crypto_auth_hmacsha256_state));
return crypto_auth_hmacsha256_init(*hmac_context, key, key_len);
gcry_error_t res;
gcry_mac_hd_t hd;
res = gcry_mac_open(&hd, GCRY_MAC_HMAC_SHA256, 0, NULL);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
*hmac_context = hd;
res = gcry_mac_setkey(hd, key, key_len);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
return 0;
}
int
omemo_hmac_sha256_update_func(void *hmac_context, const uint8_t *data, size_t data_len, void *user_data)
{
return crypto_auth_hmacsha256_update(hmac_context, data, data_len);
gcry_error_t res;
res = gcry_mac_write(hmac_context, data, data_len);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
return 0;
}
int
omemo_hmac_sha256_final_func(void *hmac_context, signal_buffer **output, void *user_data)
{
int ret;
unsigned char out[crypto_auth_hmacsha256_BYTES];
gcry_error_t res;
size_t mac_len = 32;
unsigned char out[mac_len];
if ((ret = crypto_auth_hmacsha256_final(hmac_context, out)) != 0) {
return ret;
res = gcry_mac_read(hmac_context, out, &mac_len);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
*output = signal_buffer_create(out, crypto_auth_hmacsha256_BYTES);
*output = signal_buffer_create(out, mac_len);
return 0;
}
void
omemo_hmac_sha256_cleanup_func(void *hmac_context, void *user_data)
{
sodium_free(hmac_context);
gcry_mac_close(hmac_context);
}
int
omemo_sha512_digest_init_func(void **digest_context, void *user_data)
{
*digest_context = sodium_malloc(sizeof(crypto_hash_sha512_state));
return crypto_hash_sha512_init(*digest_context);
gcry_error_t res;
gcry_md_hd_t hd;
res = gcry_md_open(&hd, GCRY_MD_SHA512, 0);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
*digest_context = hd;
return 0;
}
int
omemo_sha512_digest_update_func(void *digest_context, const uint8_t *data, size_t data_len, void *user_data)
{
return crypto_hash_sha512_update(digest_context, data, data_len);
gcry_md_write(digest_context, data, data_len);
return 0;
}
int
omemo_sha512_digest_final_func(void *digest_context, signal_buffer **output, void *user_data)
{
int ret;
unsigned char out[crypto_hash_sha512_BYTES];
gcry_error_t res;
unsigned char out[64];
if ((ret = crypto_hash_sha512_final(digest_context, out)) != 0) {
return ret;
res = gcry_md_extract(digest_context, GCRY_MD_SHA512, out, 64);
if (res != GPG_ERR_NO_ERROR) {
log_error("OMEMO: %s", gcry_strerror(res));
return OMEMO_ERR_GCRYPT;
}
*output = signal_buffer_create(out, crypto_hash_sha512_BYTES);
*output = signal_buffer_create(out, 64);
return 0;
}
void
omemo_sha512_digest_cleanup_func(void *digest_context, void *user_data)
{
sodium_free(digest_context);
gcry_md_close(digest_context);
}
int

View File

@ -9,7 +9,7 @@
#include <signal/signal_protocol.h>
#include <signal/session_builder.h>
#include <signal/session_cipher.h>
#include <sodium.h>
#include <gcrypt.h>
#include "config/account.h"
#include "log.h"
@ -218,7 +218,8 @@ omemo_generate_crypto_materials(ProfAccount *account)
return;
}
omemo_ctx.device_id = randombytes_uniform(0x80000000);
gcry_randomize(&omemo_ctx.device_id, 4, GCRY_VERY_STRONG_RANDOM);
omemo_ctx.device_id &= 0x7fffffff;
signal_protocol_key_helper_generate_identity_key_pair(&omemo_ctx.identity_key_pair, omemo_ctx.signal);
signal_protocol_key_helper_generate_registration_id(&omemo_ctx.registration_id, 0, omemo_ctx.signal);
@ -245,8 +246,11 @@ omemo_generate_crypto_materials(ProfAccount *account)
static void
omemo_generate_short_term_crypto_materials(ProfAccount *account)
{
unsigned int start;
gcry_randomize(&start, sizeof(unsigned int), GCRY_VERY_STRONG_RANDOM);
signal_protocol_key_helper_pre_key_list_node *pre_keys_head;
signal_protocol_key_helper_generate_pre_keys(&pre_keys_head, randombytes_random(), 100, omemo_ctx.signal);
signal_protocol_key_helper_generate_pre_keys(&pre_keys_head, start, 100, omemo_ctx.signal);
session_signed_pre_key *signed_pre_key;
struct timeval tv;
@ -442,13 +446,11 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
unsigned char *ciphertext;
size_t ciphertext_len;
key = sodium_malloc(AES128_GCM_KEY_LENGTH);
iv = sodium_malloc(AES128_GCM_IV_LENGTH);
ciphertext_len = strlen(message) + AES128_GCM_TAG_LENGTH;
ciphertext = malloc(ciphertext_len);
randombytes_buf(key, 16);
randombytes_buf(iv, 16);
key = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
iv = gcry_random_bytes_secure(16, GCRY_VERY_STRONG_RANDOM);
res = aes128gcm_encrypt(ciphertext, &ciphertext_len, (const unsigned char * const)message, strlen(message), iv, key);
if (res != 0) {
@ -516,8 +518,8 @@ omemo_on_message_send(ProfChatWin *chatwin, const char *const message, gboolean
free(id);
g_list_free_full(keys, free);
free(ciphertext);
sodium_free(key);
sodium_free(iv);
gcry_free(key);
gcry_free(iv);
return TRUE;
}

View File

@ -4,6 +4,7 @@
#include "config/account.h"
#define OMEMO_ERR_UNSUPPORTED_CRYPTO -10000
#define OMEMO_ERR_GCRYPT -20000
typedef struct omemo_context_t omemo_context;