1 /* Blue Sky: File Systems in the Cloud
3 * Copyright (C) 2009 The Regents of the University of California
4 * Written by Michael Vrable <mvrable@cs.ucsd.edu>
18 /* Cryptographic operations. The rest of the BlueSky code merely calls into
19 * the functions in this file, so this is the only point where we interface
20 * with an external cryptographic library. */
22 #define CRYPTO_BLOCK_SIZE 16 /* 128-bit AES */
23 #define CRYPTO_KEY_SIZE 16
25 GCRY_THREAD_OPTION_PTHREAD_IMPL;
27 void bluesky_crypt_init()
29 gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
31 if (gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P))
34 g_print("libgcrypt not yet initialized, initializing...\n");
36 if (!gcry_check_version(GCRYPT_VERSION))
37 g_error("libgcrypt version mismatch\n");
39 gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
40 gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
43 /* Return cryptographically-strong random data. */
44 void bluesky_crypt_random_bytes(guchar *buf, gint len)
46 gcry_randomize(buf, len, GCRY_STRONG_RANDOM);
49 /* Encrypt a data block. */
50 BlueSkyRCStr *bluesky_crypt_encrypt(BlueSkyRCStr *in, const uint8_t *key)
53 gcry_cipher_hd_t handle;
55 status = gcry_cipher_open(&handle, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC,
58 g_error("gcrypt error setting up encryption: %s\n",
59 gcry_strerror(status));
62 uint8_t *out = g_malloc0(in->len + CRYPTO_BLOCK_SIZE);
64 gcry_cipher_setkey(handle, key, CRYPTO_KEY_SIZE);
66 g_error("gcrypt error setting key: %s\n",
67 gcry_strerror(status));
70 bluesky_crypt_random_bytes(out, CRYPTO_BLOCK_SIZE);
71 status = gcry_cipher_setiv(handle, out, CRYPTO_BLOCK_SIZE);
73 g_error("gcrypt error setting IV: %s\n",
74 gcry_strerror(status));
77 gcry_cipher_encrypt(handle, out + CRYPTO_BLOCK_SIZE, in->len,
80 g_error("gcrypt error encrypting: %s\n",
81 gcry_strerror(status));
84 gcry_cipher_close(handle);
86 return bluesky_string_new(out, in->len + CRYPTO_BLOCK_SIZE);