+2018-02-20 Niels Möller <nisse@lysator.liu.se>
+
+ * examples/rsa-session.h (struct rsa_session): Use struct
+ aes256_ctx, instead of the deprecated struct aes_ctx.
+
+ * examples/rsa-encrypt.c (rsa_session_set_encrypt_key)
+ (process_file): Use aes256_* functions.
+ * examples/rsa-decrypt.c (rsa_session_set_decrypt_key)
+ (process_file): Likewise.
+
+
2018-02-19 Niels Möller <nisse@lysator.liu.se>
* nettle-internal.h: Include sha3.h, needed for the definition of
const uint8_t *iv = SESSION_IV(key);
const uint8_t *hmac_key = SESSION_HMAC_KEY(key);
- aes_set_decrypt_key(&ctx->aes.ctx, AES_KEY_SIZE, aes_key);
+ aes256_set_decrypt_key(&ctx->aes.ctx, aes_key);
CBC_SET_IV(&ctx->aes, iv);
hmac_sha1_set_key(&ctx->hmac, SHA1_DIGEST_SIZE, hmac_key);
}
if (size)
{
- CBC_DECRYPT(&ctx->aes, aes_decrypt, size, buffer, buffer);
+ CBC_DECRYPT(&ctx->aes, aes256_decrypt, size, buffer, buffer);
hmac_sha1_update(&ctx->hmac, size, buffer);
if (!write_data(out, size, buffer))
{
while (size == BUF_SIZE);
/* Decrypt final block */
- CBC_DECRYPT(&ctx->aes, aes_decrypt, AES_BLOCK_SIZE, buffer, buffer);
+ CBC_DECRYPT(&ctx->aes, aes256_decrypt, AES_BLOCK_SIZE, buffer, buffer);
padding = buffer[AES_BLOCK_SIZE - 1];
if (padding > AES_BLOCK_SIZE)
{
const uint8_t *iv = SESSION_IV(key);
const uint8_t *hmac_key = SESSION_HMAC_KEY(key);
- aes_set_encrypt_key(&ctx->aes.ctx, AES_KEY_SIZE, aes_key);
+ aes256_set_encrypt_key(&ctx->aes.ctx, aes_key);
CBC_SET_IV(&ctx->aes, iv);
hmac_sha1_set_key(&ctx->hmac, SHA1_DIGEST_SIZE, hmac_key);
}
size += padding;
buffer[size - 1] = padding;
- CBC_ENCRYPT(&ctx->aes, aes_encrypt, size, buffer, buffer);
+ CBC_ENCRYPT(&ctx->aes, aes256_encrypt, size, buffer, buffer);
assert (size + SHA1_DIGEST_SIZE <= sizeof(buffer));
return 1;
}
- CBC_ENCRYPT(&ctx->aes, aes_encrypt, size, buffer, buffer);
+ CBC_ENCRYPT(&ctx->aes, aes256_encrypt, size, buffer, buffer);
if (!write_data(out, size, buffer))
{
werror("Writing output failed: %s\n", strerror(errno));
uint8_t iv[AES_BLOCK_SIZE];
uint8_t hmac_key[SHA1_DIGEST_SIZE];
- of size (4 + AES_KEY_SIZE + AES_BLOCK_SIZE + SHA1_DIGEST_SIZE) = 72
+ of size (4 + AES256_KEY_SIZE + AES_BLOCK_SIZE + SHA1_DIGEST_SIZE) = 72
bytes, encrypted using rsa-pkcs1.
- The cleartext input is encrypted using aes-cbc. The final block is
+ The cleartext input is encrypted using aes256-cbc. The final block is
padded as
| data | random octets | padding length |
struct rsa_session
{
- struct CBC_CTX(struct aes_ctx, AES_BLOCK_SIZE) aes;
+ struct CBC_CTX(struct aes256_ctx, AES_BLOCK_SIZE) aes;
struct hmac_sha1_ctx hmac;
struct yarrow256_ctx yarrow;
};
struct rsa_session_info
{
/* Version followed by aes key, iv and mac key */
- uint8_t key[4 + AES_KEY_SIZE + AES_BLOCK_SIZE + SHA1_DIGEST_SIZE];
+ uint8_t key[4 + AES256_KEY_SIZE + AES_BLOCK_SIZE + SHA1_DIGEST_SIZE];
};
#define SESSION_VERSION(s) ((s)->key)
#define SESSION_AES_KEY(s) ((s)->key + 4)
-#define SESSION_IV(s) ((s)->key + 4 + AES_KEY_SIZE)
-#define SESSION_HMAC_KEY(s) ((s)->key + 4 + AES_KEY_SIZE + AES_BLOCK_SIZE)
+#define SESSION_IV(s) ((s)->key + 4 + AES256_KEY_SIZE)
+#define SESSION_HMAC_KEY(s) ((s)->key + 4 + AES256_KEY_SIZE + AES_BLOCK_SIZE)
void
rsa_session_set_encrypt_key(struct rsa_session *ctx,
projects / thirdparty / nettle.git / commitdiff
