summaryrefslogtreecommitdiff
path: root/keyDerivation.cpp
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2008-02-04 20:34:37 +0000
committerChristian Pointner <equinox@anytun.org>2008-02-04 20:34:37 +0000
commitc01ff56f61b28d0a909f46b95182b5a26aaa6cd3 (patch)
tree0192e862cc9e71d260d64daf1f6fd2e4a379e80f /keyDerivation.cpp
parentsorry for not working checkin ;) (diff)
fixed bug @ sync
key gets updatet @ sync
Diffstat (limited to 'keyDerivation.cpp')
-rw-r--r--keyDerivation.cpp67
1 files changed, 18 insertions, 49 deletions
diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index 911ea87..893825c 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -41,55 +41,37 @@
#include <gcrypt.h>
-const char* KeyDerivation::MIN_GCRYPT_VERSION = "1.2.3";
-
void KeyDerivation::init(Buffer key, Buffer salt)
{
Lock lock(mutex_);
gcry_error_t err;
- // No other library has already initialized libgcrypt.
- if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P) )
- {
- if( !gcry_check_version( MIN_GCRYPT_VERSION ) ) {
- cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION;
- return;
- }
-
- // do NOT allocate a pool of secure memory!
- // this is NOT thread safe!
-
- /* Allocate a pool of 16k secure memory. This also drops priviliges
- * on some systems. */
- err = gcry_control(GCRYCTL_INIT_SECMEM, GCRYPT_SEC_MEM, 0);
- if( err )
- {
- cLog.msg(Log::PRIO_ERR) << "Failed to allocate " << GCRYPT_SEC_MEM << " bytes of secure memory: " << gpg_strerror( err );
- return;
- }
-
- /* Tell Libgcrypt that initialization has completed. */
- err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
- if( err ) {
- cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to finish the initialization of libgcrypt: " << gpg_strerror( err );
- return;
- } else {
- cLog.msg(Log::PRIO_NOTICE) << "KeyDerivation::init: libgcrypt init finished";
- }
- }
-
+ // TODO: hardcoded keysize!
err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
if( err ) {
cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to open cipher: " << gpg_strerror( err );
return;
}
- // FIXXME: hardcoded keysize!
- err = gcry_cipher_setkey( cipher_, key.getBuf(), 16 );
+ salt_ = SyncBuffer(salt);
+ key_ = SyncBuffer(key);
+
+ updateKey();
+}
+
+void KeyDerivation::updateKey()
+{
+ gcry_error_t err;
+
+ err = gcry_cipher_setkey( cipher_, key_.getBuf(), key_.getLength() );
if( err )
cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to set cipher key: " << gpg_strerror( err );
+}
- salt_ = SyncBuffer(salt);
+KeyDerivation::~KeyDerivation()
+{
+ Lock lock(mutex_);
+ gcry_cipher_close( cipher_ );
}
void KeyDerivation::setLogKDRate(const uint8_t log_rate)
@@ -99,7 +81,6 @@ void KeyDerivation::setLogKDRate(const uint8_t log_rate)
ld_kdr_ = log_rate;
}
-
void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key, u_int32_t length)
{
////Lock lock(mutex_);
@@ -120,7 +101,7 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key,
if( ld_kdr_ == -1 ) // means key_derivation_rate = 0
r = 0;
else
- // FIXXME: kdr can be greater than 2^32 (= 2^48)
+ // TODO: kdr can be greater than 2^32 (= 2^48)
r = static_cast<long unsigned int>(seq_nr / ( 0x01 << ld_kdr_ ));
r = r.mul2exp(8);
@@ -144,15 +125,3 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key,
if( err )
cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to generate cipher bitstream: " << gpg_strerror( err );
}
-
-
-void KeyDerivation::clear()
-{
- Lock lock(mutex_);
- gcry_cipher_close( cipher_ );
-}
-
-u_int32_t KeyDerivation::bufferGetLength() const
-{
- return salt_.getLength();
-}