X-Git-Url: http://git.vrable.net/?a=blobdiff_plain;f=bluesky%2Fcrypto.c;h=f34b8b7c8eea0fd927431e5dc8dfeec813dbdb9d;hb=e8d8d9a530c94f1fabc43c0222212296732fa874;hp=4490e8c5d270eb2dbf0a1bb703cc467e062b2d1b;hpb=5f2b6416e93119d1896f5fcf703af81a292cd2ad;p=bluesky.git diff --git a/bluesky/crypto.c b/bluesky/crypto.c index 4490e8c..f34b8b7 100644 --- a/bluesky/crypto.c +++ b/bluesky/crypto.c @@ -20,6 +20,8 @@ * the functions in this file, so this is the only point where we interface * with an external cryptographic library. */ +/* TODO: We ought to switch to an authenticated encryption mode like EAX. */ + GCRY_THREAD_OPTION_PTHREAD_IMPL; void bluesky_crypt_init() @@ -58,14 +60,207 @@ void bluesky_crypt_hash_key(const char *keystr, uint8_t *out) memcpy(out, raw_csum, CRYPTO_KEY_SIZE); } +/* Compute an HMAC of a given data block with the given key. The key and + * output should both as large as the hash output size. */ +#define MD_ALGO GCRY_MD_SHA256 +void bluesky_crypt_hmac(const char *buf, size_t bufsize, + const uint8_t key[CRYPTO_HASH_SIZE], + uint8_t output[CRYPTO_HASH_SIZE]) +{ + gcry_error_t status; + gcry_md_hd_t handle; + + g_assert(gcry_md_get_algo_dlen(MD_ALGO) == CRYPTO_HASH_SIZE); + + status = gcry_md_open(&handle, MD_ALGO, GCRY_MD_FLAG_HMAC); + if (status) { + g_error("gcrypt error setting up message digest: %s\n", + gcry_strerror(status)); + g_assert(FALSE); + } + + status = gcry_md_setkey(handle, key, CRYPTO_HASH_SIZE); + if (status) { + g_error("gcrypt error setting HMAC key: %s\n", + gcry_strerror(status)); + g_assert(FALSE); + } + + gcry_md_write(handle, buf, bufsize); + + unsigned char *digest = gcry_md_read(handle, MD_ALGO); + memcpy(output, digest, CRYPTO_HASH_SIZE); + + gcry_md_close(handle); +} + +void bluesky_crypt_derive_keys(BlueSkyCryptKeys *keys, const gchar *master) +{ + uint8_t outbuf[CRYPTO_HASH_SIZE]; + + const char *key_type = "ENCRYPT"; + bluesky_crypt_hmac(key_type, strlen(key_type), + (const uint8_t *)master, outbuf); + memcpy(keys->encryption_key, outbuf, sizeof(keys->encryption_key)); + + key_type = "AUTH"; + bluesky_crypt_hmac(key_type, strlen(key_type), + (const uint8_t *)master, outbuf); + memcpy(keys->authentication_key, outbuf, sizeof(keys->authentication_key)); +} + +/* A boolean: are blocks of the specified type encrypted in the BlueSky file + * system? */ +gboolean bluesky_crypt_block_needs_encryption(uint8_t type) +{ + type -= '0'; + + switch (type) { + case LOGTYPE_DATA: + case LOGTYPE_INODE: + return TRUE; + case LOGTYPE_INODE_MAP: + case LOGTYPE_CHECKPOINT: + return FALSE; + default: + g_warning("Unknown log item type in crypto layer: %d!\n", + type); + return TRUE; + } +} + +void bluesky_crypt_block_encrypt(gchar *cloud_block, size_t len, + BlueSkyCryptKeys *keys) +{ + gcry_error_t status; + gcry_cipher_hd_t handle; + + status = gcry_cipher_open(&handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CTR, + 0); + if (status) { + g_error("gcrypt error setting up encryption: %s\n", + gcry_strerror(status)); + } + + struct cloudlog_header *header = (struct cloudlog_header *)cloud_block; + g_assert(memcmp(header->magic, CLOUDLOG_MAGIC, sizeof(header->magic)) == 0); + + gcry_cipher_setkey(handle, keys->encryption_key, CRYPTO_KEY_SIZE); + if (status) { + g_error("gcrypt error setting key: %s\n", + gcry_strerror(status)); + } + + gboolean encrypted = bluesky_crypt_block_needs_encryption(header->type); + + if (encrypted) { + header->magic[3] ^= 0x10; + + bluesky_crypt_random_bytes(header->crypt_iv, sizeof(header->crypt_iv)); + status = gcry_cipher_setctr(handle, header->crypt_iv, + sizeof(header->crypt_iv)); + if (status) { + g_error("gcrypt error setting IV: %s\n", + gcry_strerror(status)); + } + + status = gcry_cipher_encrypt(handle, + cloud_block + sizeof(struct cloudlog_header), + GUINT32_FROM_LE(header->size1), + NULL, 0); + if (status) { + g_error("gcrypt error encrypting: %s\n", + gcry_strerror(status)); + } + } else { + memset(header->crypt_iv, 0, sizeof(header->crypt_iv)); + } + + bluesky_crypt_hmac((char *)&header->crypt_iv, + cloud_block + len - (char *)&header->crypt_iv, + keys->authentication_key, + header->crypt_auth); + + gcry_cipher_close(handle); +} + +gboolean bluesky_crypt_block_decrypt(gchar *cloud_block, size_t len, + BlueSkyCryptKeys *keys) +{ + gcry_error_t status; + uint8_t hmac_check[CRYPTO_HASH_SIZE]; + + gboolean encrypted = TRUE; + + struct cloudlog_header *header = (struct cloudlog_header *)cloud_block; + if (memcmp(header->magic, CLOUDLOG_MAGIC, + sizeof(header->magic)) == 0) + encrypted = FALSE; + else + g_assert(memcmp(header->magic, CLOUDLOG_MAGIC_ENCRYPTED, + sizeof(header->magic)) == 0); + + if (encrypted != bluesky_crypt_block_needs_encryption(header->type)) { + g_warning("Encrypted status of item does not match expected!\n"); + } + + bluesky_crypt_hmac((char *)&header->crypt_iv, + cloud_block + len - (char *)&header->crypt_iv, + keys->authentication_key, + hmac_check); + if (memcmp(hmac_check, header->crypt_auth, CRYPTO_HASH_SIZE) != 0) { + g_warning("Cloud block HMAC does not match!\n"); + return FALSE; + } + + if (encrypted) { + gcry_cipher_hd_t handle; + status = gcry_cipher_open(&handle, GCRY_CIPHER_AES, + GCRY_CIPHER_MODE_CTR, 0); + if (status) { + g_error("gcrypt error setting up encryption: %s\n", + gcry_strerror(status)); + } + + gcry_cipher_setkey(handle, keys->encryption_key, CRYPTO_KEY_SIZE); + if (status) { + g_error("gcrypt error setting key: %s\n", + gcry_strerror(status)); + } + + status = gcry_cipher_setctr(handle, header->crypt_iv, + sizeof(header->crypt_iv)); + if (status) { + g_error("gcrypt error setting IV: %s\n", + gcry_strerror(status)); + } + + status = gcry_cipher_decrypt(handle, + cloud_block + sizeof(struct cloudlog_header), + GUINT32_FROM_LE(header->size1), + NULL, 0); + if (status) { + g_error("gcrypt error decrypting: %s\n", + gcry_strerror(status)); + } + header->magic[3] ^= 0x10; + memset(header->crypt_iv, 0, sizeof(header->crypt_iv)); + + gcry_cipher_close(handle); + } + + return TRUE; +} + +#if 0 /* Encrypt a data block. */ BlueSkyRCStr *bluesky_crypt_encrypt(BlueSkyRCStr *in, const uint8_t *key) { gcry_error_t status; gcry_cipher_hd_t handle; - status = gcry_cipher_open(&handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC, - GCRY_CIPHER_CBC_CTS); + status = gcry_cipher_open(&handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CTR, + 0); if (status) { g_error("gcrypt error setting up encryption: %s\n", gcry_strerror(status)); @@ -80,7 +275,7 @@ BlueSkyRCStr *bluesky_crypt_encrypt(BlueSkyRCStr *in, const uint8_t *key) } bluesky_crypt_random_bytes(out, CRYPTO_BLOCK_SIZE); - status = gcry_cipher_setiv(handle, out, CRYPTO_BLOCK_SIZE); + status = gcry_cipher_setctr(handle, out, CRYPTO_BLOCK_SIZE); if (status) { g_error("gcrypt error setting IV: %s\n", gcry_strerror(status)); @@ -106,8 +301,8 @@ BlueSkyRCStr *bluesky_crypt_decrypt(BlueSkyRCStr *in, const uint8_t *key) g_return_val_if_fail(in->len > CRYPTO_BLOCK_SIZE, NULL); - status = gcry_cipher_open(&handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC, - GCRY_CIPHER_CBC_CTS); + status = gcry_cipher_open(&handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CTR, + 0); if (status) { g_error("gcrypt error setting up encryption: %s\n", gcry_strerror(status)); @@ -121,7 +316,7 @@ BlueSkyRCStr *bluesky_crypt_decrypt(BlueSkyRCStr *in, const uint8_t *key) gcry_strerror(status)); } - status = gcry_cipher_setiv(handle, in->data, CRYPTO_BLOCK_SIZE); + status = gcry_cipher_setctr(handle, in->data, CRYPTO_BLOCK_SIZE); if (status) { g_error("gcrypt error setting IV: %s\n", gcry_strerror(status)); @@ -139,3 +334,4 @@ BlueSkyRCStr *bluesky_crypt_decrypt(BlueSkyRCStr *in, const uint8_t *key) return bluesky_string_new(out, in->len - CRYPTO_BLOCK_SIZE); } +#endif