crypt_session_encrypt() and crypt_session_decrypt() was implemented.
This commit is contained in:
parent
3ec30111e2
commit
acc016f10b
24
src/crypt.c
24
src/crypt.c
@ -144,7 +144,7 @@ const unsigned char *crypt_hello_get_nonce(const unsigned char *const own_hello,
|
||||
return nonce;
|
||||
}
|
||||
|
||||
int crypt_session_init(crypt_session_t *const s, const crypt_key_t *const own, crypt_key_t *const remote, bool is_client) {
|
||||
int crypt_session_init(crypt_session_t *const s, const crypt_key_t *const own, crypt_key_t *const remote, const unsigned char *const nonce, bool is_client) {
|
||||
if (is_client) {
|
||||
if (crypto_kx_client_session_keys(s->rx, s->tx, own->kx_pub, own->kx_sec, remote->kx_pub) != 0) {
|
||||
fprintf(stderr, "Failed to instantiate a client session.\n");
|
||||
@ -159,11 +159,33 @@ int crypt_session_init(crypt_session_t *const s, const crypt_key_t *const own, c
|
||||
|
||||
s->remote_key = remote;
|
||||
|
||||
memcpy(s->nonce, nonce, CRYPT_NONCE_LEN);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
unsigned char *crypt_session_encrypt(crypt_session_t *const s, const unsigned char *const m, unsigned long long mlen, unsigned long long *clen) {
|
||||
unsigned char *c = (unsigned char *)malloc((mlen + crypto_aead_aegis256_ABYTES) * sizeof(unsigned char));
|
||||
|
||||
crypto_aead_aegis256_encrypt(c, clen, m, mlen, NULL, 0, NULL, s->nonce, s->tx);
|
||||
|
||||
return c;
|
||||
}
|
||||
|
||||
unsigned char *crypt_session_decrypt(crypt_session_t *const s, const unsigned char *const c, unsigned long long clen, unsigned long long *mlen) {
|
||||
unsigned char *m = (unsigned char *)malloc((clen - crypto_aead_aegis256_ABYTES) * sizeof(unsigned char));
|
||||
|
||||
if (crypto_aead_aegis256_decrypt(m, mlen, NULL, c, clen, NULL, 0, s->nonce, s->rx) != 0) {
|
||||
free(m);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return m;
|
||||
}
|
||||
|
||||
void crypt_session_destroy(crypt_session_t *const s) {
|
||||
sodium_memzero(s->rx, CRYPT_SESS_KEY_LEN);
|
||||
sodium_memzero(s->tx, CRYPT_SESS_KEY_LEN);
|
||||
sodium_memzero(s->nonce, CRYPT_NONCE_LEN);
|
||||
crypt_key_destroy(s->remote_key);
|
||||
}
|
@ -68,13 +68,16 @@ const unsigned char *crypt_hello_get_nonce(const unsigned char *const own_hello,
|
||||
typedef struct crypt_session_t {
|
||||
unsigned char rx[CRYPT_SESS_KEY_LEN];
|
||||
unsigned char tx[CRYPT_SESS_KEY_LEN];
|
||||
unsigned char nonce[CRYPT_NONCE_LEN];
|
||||
crypt_key_t *remote_key;
|
||||
} crypt_session_t;
|
||||
|
||||
// Derives the symmetric keys for a data encryption using own public and secret and remote's public keys.
|
||||
//
|
||||
// is_client should be set to true if you are the one establishing the connection.
|
||||
int crypt_session_init(crypt_session_t *const s, const crypt_key_t *const own, crypt_key_t *const remote, bool is_client);
|
||||
int crypt_session_init(crypt_session_t *const s, const crypt_key_t *const own, crypt_key_t *const remote, const unsigned char *const nonce, bool is_client);
|
||||
unsigned char *crypt_session_encrypt(crypt_session_t *const s, const unsigned char *const m, unsigned long long mlen, unsigned long long *clen);
|
||||
unsigned char *crypt_session_decrypt(crypt_session_t *const s, const unsigned char *const c, unsigned long long clen, unsigned long long *mlen);
|
||||
// Securely erase the fields of a crypt_session_t struct.
|
||||
void crypt_session_destroy(crypt_session_t *const s);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user