migrated to libsodium _easy() crypto functions, thus getting rid of my hand made padding mess

2025-12-17 20:00:58 +01:00 · 2015-01-13 13:04:12 +01:00
parent d1200a0831
commit 54986fa6dc
6 changed files with 99 additions and 431 deletions
--- a/libpcp/crypto.c
+++ b/libpcp/crypto.c
@@ -22,87 +22,27 @@

 #include "crypto.h"

-size_t pcp_sodium_box(byte **cipher,
-		      byte *cleartext,
-		      size_t clearsize,
-		      byte *nonce,
-		      byte *secret,
-		      byte *pub) {
-
-  byte *pad_clear;
-  byte *pad_cipher;
-
-  size_t ciphersize = (clearsize + crypto_box_ZEROBYTES) - crypto_box_BOXZEROBYTES;
-
-  pad_cipher = ucmalloc(crypto_box_ZEROBYTES + clearsize);
-  pcp_pad_prepend(&pad_clear, cleartext, crypto_box_ZEROBYTES, clearsize);
-  
-  /*  crypto_box(c,m,mlen,n,pk,sk); */
-  crypto_box(pad_cipher, pad_clear,
-	     clearsize + crypto_box_ZEROBYTES, nonce, pub, secret);
-
-  pcp_pad_remove(cipher, pad_cipher, crypto_secretbox_BOXZEROBYTES, ciphersize);
-
-  free(pad_clear);
-  free(pad_cipher);
-
-  return ciphersize;
-}
-
-
-
-
-int pcp_sodium_verify_box(byte **cleartext, byte* message,
-			  size_t messagesize, byte *nonce,
-			  byte *secret, byte *pub) {
-  /*  verify/decrypt the box */
-  byte *pad_cipher;
-  byte *pad_clear;
-  int success = -1;
-
-  pcp_pad_prepend(&pad_cipher, message, crypto_box_BOXZEROBYTES, messagesize);
-  pad_clear = (byte *)ucmalloc((crypto_box_ZEROBYTES+ messagesize));
-
-  /*  crypto_box_open(m,c,clen,n,pk,sk); */
-  if (crypto_box_open(pad_clear, pad_cipher,
-		      messagesize + crypto_box_BOXZEROBYTES,
-		      nonce, pub, secret) == 0) {
-    success = 0;
-  }
-
-  pcp_pad_remove(cleartext, pad_clear, crypto_box_ZEROBYTES, messagesize);
-
-  free(pad_clear);
-  free(pad_cipher);
-
-  return success;
-}
-



+/* asym encr */
 byte *pcp_box_encrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
 			       byte *message, size_t messagesize,
 			       size_t *csize) {

  byte *nonce = pcp_gennonce();

-  byte *cipher;
+  size_t es = messagesize + crypto_box_MACBYTES;
+  byte *cipher = ucmalloc(es);

-  size_t es = pcp_sodium_box(&cipher, message, messagesize, nonce,
-		 secret->secret, pub->pub);
+  if(crypto_box_easy(cipher, message, messagesize, nonce, pub->pub, secret->secret) != 0)
+    es = 0; /* signal sodium error */

  if(es <= messagesize) {
    fatal(ptx, "failed to encrypt message!\n");
    goto errbec;
  }

-  /*  scip */
-  /* fprintf(stderr, "public: "); pcpprint_bin(stderr, pub->pub, 32); fprintf(stderr, "\n"); */
-  /* fprintf(stderr, "secret: "); pcpprint_bin(stderr, secret->secret, 32); fprintf(stderr, "\n"); */
-  /* fprintf(stderr, "cipher: "); pcpprint_bin(stderr, cipher, es); fprintf(stderr, "\n"); */
-  /* fprintf(stderr, " nonce: "); pcpprint_bin(stderr, nonce, crypto_secretbox_NONCEBYTES); fprintf(stderr, "\n"); */
-
  /*  put nonce and cipher together */
  byte *combined = ucmalloc(es + crypto_secretbox_NONCEBYTES);
  memcpy(combined, nonce, crypto_secretbox_NONCEBYTES);
@@ -124,6 +64,7 @@ byte *pcp_box_encrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
 }


+/* asym decr */
 byte *pcp_box_decrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
 			       byte *cipher, size_t ciphersize,
 			       size_t *dsize) {
@@ -137,9 +78,9 @@ byte *pcp_box_decrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
  memcpy(cipheronly, &cipher[crypto_secretbox_NONCEBYTES],
 	 ciphersize - crypto_secretbox_NONCEBYTES);

-  if(pcp_sodium_verify_box(&message, cipheronly,
-			   ciphersize - crypto_secretbox_NONCEBYTES,
-			   nonce, secret->secret, pub->pub) != 0){
+  message = ucmalloc(ciphersize - crypto_secretbox_NONCEBYTES - crypto_box_MACBYTES);
+  if(crypto_box_open_easy(message, cipheronly, ciphersize - crypto_secretbox_NONCEBYTES,
+			  nonce, pub->pub, secret->secret) != 0) {
    fatal(ptx, "failed to decrypt message!\n");
    goto errbed;
  }
@@ -161,6 +102,29 @@ byte *pcp_box_decrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
  return NULL;
 }

+/* sym encr */
+size_t pcp_sodium_mac(byte **cipher,
+		byte *cleartext,
+		size_t clearsize,
+		byte *nonce,
+		byte *key) {
+
+  *cipher = ucmalloc(clearsize + crypto_secretbox_MACBYTES);
+  crypto_secretbox_easy(*cipher, cleartext, clearsize, nonce, key);
+
+  return clearsize + crypto_secretbox_MACBYTES;
+}
+
+/* sym decr */
+int pcp_sodium_verify_mac(byte **cleartext, byte* message,
+			  size_t messagesize, byte *nonce,
+			  byte *key) {
+
+  *cleartext = ucmalloc(messagesize - crypto_secretbox_MACBYTES);
+  return crypto_secretbox_open_easy(*cleartext, message, messagesize, nonce, key);
+}
+
+
 size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t *s, byte *symkey, int verify, int anon) {
  pcp_pubkey_t *cur = NULL;
  byte *reccipher = NULL;
@@ -255,7 +219,7 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
      if(recipient != NULL && rec_size == crypto_secretbox_KEYBYTES) {
 	/*  found a match */
 	recmatch = 1;
-	symkey = ucmalloc(crypto_secretbox_KEYBYTES);
+	symkey = smalloc(crypto_secretbox_KEYBYTES);
 	memcpy(symkey, recipient, crypto_secretbox_KEYBYTES);
 	free(recipient);
 	ucfree(senderpub, sizeof(pcp_pubkey_t));
@@ -271,7 +235,7 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
 	if(recipient != NULL && rec_size == crypto_secretbox_KEYBYTES) {
 	  /*  found a match */
 	  recmatch = 1;
-	  symkey = ucmalloc(crypto_secretbox_KEYBYTES);
+	  symkey = smalloc(crypto_secretbox_KEYBYTES);
 	  memcpy(symkey, recipient, crypto_secretbox_KEYBYTES);
 	  free(recipient);
 	  break;
@@ -296,17 +260,17 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
    pcp_rec_t *rec = pcp_rec_new(reccipher, nrec * PCP_ASYM_RECIPIENT_SIZE, NULL, cur);
    size_t s = pcp_decrypt_stream_sym(ptx, in, out, symkey, rec);
    pcp_rec_free(rec);
-    ucfree(symkey, crypto_secretbox_KEYBYTES);
+    sfree(symkey);
    return s;
  }
  else {
    size_t s = pcp_decrypt_stream_sym(ptx, in, out, symkey, NULL);
-    ucfree(symkey, crypto_secretbox_KEYBYTES);
+    sfree(symkey);
    return s;
  }

 errdef1:
-  ucfree(symkey, crypto_secretbox_KEYBYTES);
+  sfree(symkey);
  return 0;
 }

@@ -329,7 +293,7 @@ size_t pcp_encrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, pcp_key_t

  /*  preparation */
  /*  A, generate sym key */
-  symkey = urmalloc(crypto_secretbox_KEYBYTES);
+  symkey = srmalloc(crypto_secretbox_KEYBYTES);

  /*  B, encrypt it asymetrically for each recipient */
  recipient_count = HASH_COUNT(p);
@@ -408,8 +372,7 @@ size_t pcp_encrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, pcp_key_t
    goto errec1;


-  memset(symkey, 0, crypto_secretbox_KEYBYTES);
-  free(symkey);
+  sfree(symkey);
  free(recipients_cipher);
  return out_size + sym_size;

@@ -709,12 +672,12 @@ void pcp_rec_free(pcp_rec_t *r) {
  free(r->cipher);

  if(r->secret != NULL) {
-    memset(r->secret, 0, sizeof(pcp_key_t));
+    sodium_memzero(r->secret, sizeof(pcp_key_t));
    free(r->secret);
  }

  if(r->pub != NULL) {
-    memset(r->pub, 0, sizeof(pcp_pubkey_t));
+    sodium_memzero(r->pub, sizeof(pcp_pubkey_t));
    free(r->pub);
  }

--- a/libpcp/mac.c
+++ b/libpcp/mac.c
@@ -1,76 +0,0 @@
-/*
-    This file is part of Pretty Curved Privacy (pcp1).
-
-    Copyright (C) 2013 T.Linden.
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-    You can contact me by mail: <tlinden AT cpan DOT org>.
-*/
-
-
-#include "mac.h"
-
-
-
-size_t pcp_sodium_mac(byte **cipher,
-		byte *cleartext,
-		size_t clearsize,
-		byte *nonce,
-		byte *key) {
-  byte *pad_clear;
-  byte *pad_cipher;
-
-  pad_cipher = ucmalloc(crypto_secretbox_ZEROBYTES + clearsize);
-
-  pcp_pad_prepend(&pad_clear, cleartext, crypto_secretbox_ZEROBYTES, clearsize);
-
-  crypto_secretbox(pad_cipher, pad_clear,
-		   clearsize + crypto_secretbox_ZEROBYTES, nonce, key);
-
-  pcp_pad_remove(cipher, pad_cipher, crypto_secretbox_BOXZEROBYTES,
-     (clearsize + crypto_secretbox_ZEROBYTES) - crypto_secretbox_BOXZEROBYTES);
-
-  free(pad_clear);
-  free(pad_cipher);
-
-  return (clearsize + crypto_secretbox_ZEROBYTES) - crypto_secretbox_BOXZEROBYTES;
-}
-
-int pcp_sodium_verify_mac(byte **cleartext, byte* message,
-			  size_t messagesize, byte *nonce,
-			  byte *key) {
-  /*  verify the mac */
-  byte *pad_cipher;
-  byte *pad_clear;
-  int success = -1;
-
-  pcp_pad_prepend(&pad_cipher, message, crypto_secretbox_BOXZEROBYTES, messagesize);
-
-  pad_clear = (byte *)ucmalloc((crypto_secretbox_ZEROBYTES + messagesize));
-
-  if (crypto_secretbox_open(pad_clear,
-			    pad_cipher,
-			    messagesize + crypto_secretbox_BOXZEROBYTES,
-			    nonce, key) == 0) {
-    success = 0;
-  }
-
-  pcp_pad_remove(cleartext, pad_clear, crypto_secretbox_ZEROBYTES, messagesize);
-
-  free(pad_clear);
-  free(pad_cipher);
-
-  return success;
-}
--- a/libpcp/pad.c
+++ b/libpcp/pad.c
@@ -1,75 +0,0 @@
-/*
-    This file is part of Pretty Curved Privacy (pcp1).
-
-    Copyright (C) 2013 T.Linden.
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-    You can contact me by mail: <tlinden AT cpan DOT org>.
-*/
-
-
-#include "pad.h"
-
-void pcp_pad_prepend(byte **padded, byte *unpadded,
-		 size_t padlen, size_t unpadlen) {
-  *padded = ucmalloc(unpadlen + padlen);
-  byte *tmp = ucmalloc(unpadlen + padlen);
-
-  /*  pcp_append orig */
-  size_t i;
-  for(i=0; i<unpadlen; ++i) {
-    tmp[i + padlen] = unpadded[i];
-  }
-
-  memcpy(*padded, tmp, unpadlen + padlen);
-  free(tmp);
-}
-
-void pcp_pad_remove(byte **unpadded, byte *padded,
-		size_t padlen, size_t unpadlen) {
-  *unpadded = ucmalloc(unpadlen * sizeof(byte));
-  byte *tmp = ucmalloc(unpadlen);
-
-  size_t i;
-  for(i=0; i<unpadlen; ++i) {
-    tmp[i] = padded[padlen + i];
-  }
-  
-  memcpy(*unpadded, tmp, unpadlen);
-  free(tmp);
-}
-
-#ifdef _MK_ZPAD_MAIN
-int main(int argc, char **argv) {
-  if(argc >= 2) {
-    size_t unpadlen;
-    int padlen = strtol(argv[2], NULL, 0);
-    unpadlen = strlen(argv[1]);
-    byte *dst;
-    
-    pcp_pad_prepend(&dst, argv[1], padlen, unpadlen);
-    /* printf("   prev: %s\n  after: %s\n", argv[1], dst); */
-    
-    byte *reverse;
-    pcp_pad_remove(&reverse, dst, padlen, unpadlen);
-    /* printf("reverse: %s\n", reverse); */
-    
-    return 0;
-  }
-  /* fprintf(stderr, "Usage: pad <string> <padlen>\n"); */
-  return -1;
-}
-#endif
-