paraslash Paraslash Audio Streaming
About   News   Download   Documentation   Development
Macros | Enumerations | Functions
gcrypt.c File Reference

Libgrcypt-based encryption/decryption routines. More...

#include <regex.h>
#include <gcrypt.h>
#include "para.h"
#include "error.h"
#include "string.h"
#include "crypt.h"
#include "crypt_backend.h"
#include "fd.h"
#include "base64.h"

Macros

#define dump_buffer(a, b, c)
 Empty. More...
 
#define RSA_PUBKEY_SEXP   "(public-key (rsa (n %m) (e %m)))"
 S-expression for the public part of an RSA key. More...
 
#define RSA_PRIVKEY_SEXP   "(private-key (rsa (n %m) (e %m) (d %m) (p %m) (q %m) (u %m)))"
 S-expression for a private RSA key. More...
 
#define RSA_DECRYPT_SEXP   "(enc-val(flags oaep)(rsa(a %m)))"
 S-expression for decryption. More...
 

Enumerations

enum  asn1_types { ASN1_TYPE_INTEGER = 0x2, ASN1_TYPE_BIT_STRING = 0x03, ASN1_TYPE_SEQUENCE = 0x30 }
 ASN Types and their code. More...
 

Functions

void hash_function (const char *data, unsigned long len, unsigned char *hash)
 Compute the hash of the given input data. More...
 
void hash2_function (const char *data, unsigned long len, unsigned char *hash)
 Compute the hash2 of the given input data. More...
 
void get_random_bytes_or_die (unsigned char *buf, int num)
 Fill a buffer with random content. More...
 
void crypt_init (void)
 Initialize the crypto backend. More...
 
void crypt_shutdown (void)
 Allocate all resources of the crypto backend. More...
 
int apc_get_pubkey (const char *key_file, struct asymmetric_key **result)
 Read an asymmetric key from a file. More...
 
void apc_free_pubkey (struct asymmetric_key *key)
 Deallocate a public key. More...
 
int apc_priv_decrypt (const char *key_file, unsigned char **outbuf, unsigned char *inbuf, int inlen)
 Decrypt a buffer using a private key. More...
 
int apc_pub_encrypt (struct asymmetric_key *pub, unsigned char *inbuf, unsigned len, unsigned char **outbuf)
 Encrypt a buffer using asymmetric keys. More...
 
struct stream_cipher * sc_new (const unsigned char *data, int len)
 Allocate and initialize an aes_ctr128 stream cipher structure. More...
 
void sc_free (struct stream_cipher *sc)
 Deallocate a stream cipher structure. More...
 
void sc_crypt (struct stream_cipher *sc, struct iovec *src, struct iovec *dst)
 Encrypt or decrypt a buffer using a stream cipher. More...
 

Detailed Description

Libgrcypt-based encryption/decryption routines.

Macro Definition Documentation

◆ dump_buffer

#define dump_buffer (   a,
  b,
 
)

Empty.

Define GCRYPT_DEBUG to dump buffers.

◆ RSA_PUBKEY_SEXP

#define RSA_PUBKEY_SEXP   "(public-key (rsa (n %m) (e %m)))"

S-expression for the public part of an RSA key.

◆ RSA_PRIVKEY_SEXP

#define RSA_PRIVKEY_SEXP   "(private-key (rsa (n %m) (e %m) (d %m) (p %m) (q %m) (u %m)))"

S-expression for a private RSA key.

◆ RSA_DECRYPT_SEXP

#define RSA_DECRYPT_SEXP   "(enc-val(flags oaep)(rsa(a %m)))"

S-expression for decryption.

Enumeration Type Documentation

◆ asn1_types

enum asn1_types

ASN Types and their code.

Enumerator
ASN1_TYPE_INTEGER 

The next object is an integer.

ASN1_TYPE_BIT_STRING 

Bit string object.

ASN1_TYPE_SEQUENCE 

Keys start with one big type sequence.

Function Documentation

◆ hash_function()

void hash_function ( const char *  data,
unsigned long  len,
unsigned char *  hash 
)

Compute the hash of the given input data.

Parameters
dataPointer to the data to compute the hash value from.
lenThe length of data in bytes.
hashResult pointer.

hash must point to an area at least HASH_SIZE bytes large.

See also
sha(3), openssl(1).

References HASH_SIZE.

◆ hash2_function()

void hash2_function ( const char *  data,
unsigned long  len,
unsigned char *  hash 
)

Compute the hash2 of the given input data.

Parameters
dataPointer to the data to compute the hash value from.
lenThe length of data in bytes.
hashResult pointer.

hash must point to an area at least HASH2_SIZE bytes large.

See also
sha(3), openssl(1).

References HASH2_SIZE.

◆ get_random_bytes_or_die()

void get_random_bytes_or_die ( unsigned char *  buf,
int  num 
)

Fill a buffer with random content.

Parameters
bufThe buffer to fill.
numThe size of buf in bytes.

This function puts num cryptographically strong pseudo-random bytes into buf. If it can not guarantee an unpredictable byte sequence (for example because the PRNG has not been seeded with enough randomness) the function logs an error message and calls exit().

Referenced by crypt_init().

◆ crypt_init()

void crypt_init ( void  )

Initialize the crypto backend.

This function initializes the crypto library and seeds the pseudo random number generator used by random() with a random seed obtained from the crypto implementation. On errors, an error message is logged and the function calls exit().

See also
get_random_bytes_or_die(), srandom(3), random(3), para_random().

References get_random_bytes_or_die(), and PARA_EMERG_LOG.

◆ crypt_shutdown()

void crypt_shutdown ( void  )

Allocate all resources of the crypto backend.

◆ apc_get_pubkey()

int apc_get_pubkey ( const char *  key_file,
struct asymmetric_key **  result 
)

Read an asymmetric key from a file.

Parameters
key_fileThe file containing the key.
resultThe key structure is returned here.
Returns
The size of the key in bytes on success, negative on errors.

References decode_public_key(), and PARA_DEBUG_LOG.

◆ apc_free_pubkey()

void apc_free_pubkey ( struct asymmetric_key *  key)

Deallocate a public key.

Parameters
keyPointer to the key structure to free.

This should be called for keys obtained by apc_get_pubkey() if the key is no longer needed.

◆ apc_priv_decrypt()

int apc_priv_decrypt ( const char *  key_file,
unsigned char **  outbuf,
unsigned char *  inbuf,
int  inlen 
)

Decrypt a buffer using a private key.

Parameters
key_fileFull path of the key.
outbufThe output buffer is allocated by the callee.
inbufThe encrypted input buffer.
inlenThe length of inbuf.

The outbuf must be large enough to hold at least 512 bytes.

Returns
The size of the recovered plaintext on success, negative on errors.

◆ apc_pub_encrypt()

int apc_pub_encrypt ( struct asymmetric_key *  pub,
unsigned char *  inbuf,
unsigned  len,
unsigned char **  outbuf 
)

Encrypt a buffer using asymmetric keys.

Parameters
pubThe public key.
inbufThe input buffer.
lenThe length of inbuf.
outbufThe output buffer will be allocated by the callee.
Returns
The size of the encrypted data on success, negative on errors.

◆ sc_new()

struct stream_cipher* sc_new ( const unsigned char *  data,
int  len 
)

Allocate and initialize an aes_ctr128 stream cipher structure.

Parameters
dataThe key.
lenThe size of the key.
Returns
A new stream cipher structure.

References AES_CRT128_BLOCK_SIZE, and alloc().

◆ sc_free()

void sc_free ( struct stream_cipher *  sc)

Deallocate a stream cipher structure.

Parameters
scA stream cipher previously obtained by sc_new().

◆ sc_crypt()

void sc_crypt ( struct stream_cipher *  sc,
struct iovec *  src,
struct iovec *  dst 
)

Encrypt or decrypt a buffer using a stream cipher.

Parameters
scCrypto key.
srcThe source buffer and length.
dstThe destination buffer and length, filled out by the function.

It is up to the implementation to decide whether the crypt operation is performed in place. The caller can tell by looking if the buffers given by src and dst coincide after the call. If (and only if) the crypt operation was not performed in place, the function allocated a new buffer for the result, so dst->iov_base is different from src->iov_base. In this case, the destination buffer must be freed by the caller when it is no longer needed.