fixed bug @ sync

key gets updatet @ sync

1 files changed, 18 insertions, 49 deletions

diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index 911ea87..893825c 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -41,55 +41,37 @@
 #include <gcrypt.h>
 
 
-const char* KeyDerivation::MIN_GCRYPT_VERSION = "1.2.3";
-
 void KeyDerivation::init(Buffer key, Buffer salt)
 {
   Lock lock(mutex_);
   gcry_error_t err;
 
-  // No other library has already initialized libgcrypt.
-  if( !gcry_control(GCRYCTL_ANY_INITIALIZATION_P) )
-  {
-    if( !gcry_check_version( MIN_GCRYPT_VERSION ) ) {
-      cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION;
-      return;
-    }
-
-    // do NOT allocate a pool of secure memory!
-    // this is NOT thread safe!
-
-    /* Allocate a pool of 16k secure memory.  This also drops priviliges
-     * on some systems. */
-    err = gcry_control(GCRYCTL_INIT_SECMEM, GCRYPT_SEC_MEM, 0);
-    if( err )
-    {
-      cLog.msg(Log::PRIO_ERR) << "Failed to allocate " << GCRYPT_SEC_MEM << " bytes of secure memory: " << gpg_strerror( err );
-      return;
-    }
-
-    /* Tell Libgcrypt that initialization has completed. */
-    err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
-    if( err ) {
-      cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to finish the initialization of libgcrypt: " << gpg_strerror( err );
-      return;
-    } else {
-      cLog.msg(Log::PRIO_NOTICE) << "KeyDerivation::init: libgcrypt init finished";
-    }
-  }
-
+  // TODO: hardcoded keysize!
   err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
   if( err ) {
     cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to open cipher: " << gpg_strerror( err );
     return;
   }
 
-  // FIXXME: hardcoded keysize!
-  err = gcry_cipher_setkey( cipher_, key.getBuf(), 16 );
+  salt_ = SyncBuffer(salt);
+  key_ = SyncBuffer(key);
+
+  updateKey();
+}
+
+void KeyDerivation::updateKey()
+{
+  gcry_error_t err;
+
+  err = gcry_cipher_setkey( cipher_, key_.getBuf(), key_.getLength() );
   if( err )
     cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to set cipher key: " << gpg_strerror( err );
+}
 
-  salt_ = SyncBuffer(salt);
+KeyDerivation::~KeyDerivation()
+{
+  Lock lock(mutex_);
+  gcry_cipher_close( cipher_ );
 }
 
 void KeyDerivation::setLogKDRate(const uint8_t log_rate)
@@ -99,7 +81,6 @@ void KeyDerivation::setLogKDRate(const uint8_t log_rate)
     ld_kdr_ = log_rate;
 }
 
-
 void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key, u_int32_t length) 
 {
   ////Lock lock(mutex_);
@@ -120,7 +101,7 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key,
   if( ld_kdr_ == -1 )    // means key_derivation_rate = 0
     r = 0;
   else
-    // FIXXME: kdr can be greater than 2^32 (= 2^48)
+    // TODO: kdr can be greater than 2^32 (= 2^48)
     r = static_cast<long unsigned int>(seq_nr / ( 0x01 << ld_kdr_ ));
 
   r = r.mul2exp(8);
@@ -144,15 +125,3 @@ void KeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer& key,
   if( err ) 
     cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to generate cipher bitstream: " << gpg_strerror( err );
 }
-
-
-void KeyDerivation::clear() 
-{
-  Lock lock(mutex_);
-  gcry_cipher_close( cipher_ );
-}
-
-u_int32_t KeyDerivation::bufferGetLength() const
-{
-	return salt_.getLength();
-}