summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Pointner <equinox@anytun.org>2014-06-21 18:59:34 +0000
committerChristian Pointner <equinox@anytun.org>2014-06-21 18:59:34 +0000
commiteb89126a5a21fcf56ca239c31e46a725c319e9f7 (patch)
treea2e5ade54b0e2ac10aa28da82eac4eed12aca21a
parentadded defines for nettle as crypto lib (diff)
implemented cipher with nettle (not tested yet)
-rw-r--r--src/cipher.c19
-rw-r--r--src/cipher.h3
2 files changed, 12 insertions, 10 deletions
diff --git a/src/cipher.c b/src/cipher.c
index a2e7f5e..bf9ac25 100644
--- a/src/cipher.c
+++ b/src/cipher.c
@@ -39,6 +39,9 @@
#include "encrypted_packet.h"
#include "cipher.h"
+#if defined(USE_NETTLE)
+#include <nettle/ctr.h>
+#endif
#include "log.h"
@@ -213,8 +216,7 @@ int cipher_aesctr_init(cipher_t* c)
#if defined(USE_SSL_CRYPTO)
// nothing here
#elif defined(USE_NETTLE)
- // TODO: nettle
-
+ // nothing here
#else // USE_GCRYPT is the default
int algo;
switch(c->key_length_) {
@@ -247,8 +249,7 @@ void cipher_aesctr_close(cipher_t* c)
#if defined(USE_SSL_CRYPTO)
// nothing here
#elif defined(USE_NETTLE)
- // TODO: nettle
-
+ // nothing here
#else // USE_GCRYPT is the default
cipher_aesctr_param_t* params = c->params_;
gcry_cipher_close(params->handle_);
@@ -302,8 +303,7 @@ int32_t cipher_aesctr_crypt(cipher_t* c, key_derivation_t* kd, key_derivation_di
return -1;
}
#elif defined(USE_NETTLE)
- // TODO: nettle
-
+ aes_set_encrypt_key(&params->ctx_, c->key_length_, c->key_.buf_);
#else // USE_GCRYPT is the default
gcry_error_t err = gcry_cipher_setkey(params->handle_, c->key_.buf_, c->key_.length_);
if(err) {
@@ -327,8 +327,11 @@ int32_t cipher_aesctr_crypt(cipher_t* c, key_derivation_t* kd, key_derivation_di
memset(params->ecount_buf_, 0, AES_BLOCK_SIZE);
AES_ctr128_encrypt(in, out, (ilen < olen) ? ilen : olen, &params->aes_key_, params->ctr_.buf_, params->ecount_buf_, &num);
#elif defined(USE_NETTLE)
- // TODO: nettle
-
+ if(C_AESCTR_CTR_LENGTH != AES_BLOCK_SIZE) {
+ log_printf(ERROR, "failed to set cipher CTR: size doesn't fit");
+ return -1;
+ }
+ ctr_crypt(&params->ctx_, (nettle_crypt_func *)(aes_encrypt), AES_BLOCK_SIZE, params->ctr_.buf_, (ilen < olen) ? ilen : olen, out, in);
#else // USE_GCRYPT is the default
err = gcry_cipher_setctr(params->handle_, params->ctr_.buf_, C_AESCTR_CTR_LENGTH);
if(err) {
diff --git a/src/cipher.h b/src/cipher.h
index 8221a3c..e5976b0 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -100,8 +100,7 @@ struct cipher_aesctr_param_struct {
AES_KEY aes_key_;
u_int8_t ecount_buf_[AES_BLOCK_SIZE];
#elif defined(USE_NETTLE)
- // TODO: nettle
-
+ struct aes_ctx ctx_;
#else // USE_GCRYPT is the default
gcry_cipher_hd_t handle_;
#endif