diff options
author | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2017-08-20 02:20:07 +0300 |
---|---|---|
committer | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2017-08-20 02:21:49 +0300 |
commit | 25bf739636683eab654458fdf09b84eb6465fcb9 (patch) | |
tree | f44b9330ff991014835aa73eb6a70d42654cb282 | |
parent | 575a77de45de54185c1aea2dc4e306d3e0dda7b8 (diff) |
jabber: omemo: working on TODO
aes_128_gcm: disabled any aad/tag related cals as it's not described at all in omemo xep
-rwxr-xr-x | protocols/JabberG/src/jabber_omemo.cpp | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/protocols/JabberG/src/jabber_omemo.cpp b/protocols/JabberG/src/jabber_omemo.cpp index 6d5814649e..fa1a2c671f 100755 --- a/protocols/JabberG/src/jabber_omemo.cpp +++ b/protocols/JabberG/src/jabber_omemo.cpp @@ -24,10 +24,10 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
//TODO: further improovement requirements folllows in priority sequence
-/* 1. fix AES-128 GCM in 4.5 implementation
- * 2. handle prekeys properly (cleanup after first use, create new keys)
- * 3. fingerprints/keys management ui
- * 4. per-contact encryption settings (enable/disable for one contact)
+/*
+ * 1. handle prekeys properly (cleanup after first use, create new keys)
+ * 2. fingerprints/keys management ui
+ * 3. per-contact encryption settings (enable/disable for one contact)
*/
#include "stdafx.h"
@@ -1776,18 +1776,18 @@ void CJabberProto::OmemoHandleMessage(HXML node, wchar_t *jid, time_t msgTime) }
char *out = nullptr;
{
- int dec_success = 0;
+// int dec_success = 0;
unsigned int payload_len = 0;
int outl = 0, round_len = 0;
char *payload_base64 = mir_u2a(payload_base64w);
unsigned char *payload = (unsigned char*)mir_base64_decode(payload_base64, &payload_len);
mir_free(payload_base64);
- unsigned char tag[16];
+// unsigned char tag[16];
out = (char*)mir_alloc(payload_len + 1); //TODO: check this
const EVP_CIPHER *cipher = EVP_aes_128_gcm();
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit(ctx, cipher, signal_buffer_data(decrypted_key), iv);
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
+// EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag);
//EVP_DecryptInit(ctx, NULL, signal_buffer_data(decrypted_key), iv);
//EVP_DecryptUpdate(ctx, NULL, &howmany, AAD, aad_len);
@@ -1802,14 +1802,14 @@ void CJabberProto::OmemoHandleMessage(HXML node, wchar_t *jid, time_t msgTime) outl += round_len;
out[outl] = 0;
mir_free(payload);
- dec_success = EVP_DecryptFinal(ctx, tag, &round_len);
+// dec_success = EVP_DecryptFinal(ctx, tag, &round_len);
EVP_CIPHER_CTX_free(ctx);
- if (!dec_success)
- {
- debugLogA("Jabber OMEMO: error: aes_128_gcm verification failed (ignored for now, but still error)");
+// if (!dec_success) //TODO: check this... omemo xep have no info about tag
+// {
+// debugLogA("Jabber OMEMO: error: aes_128_gcm verification failed (ignored for now, but still error)");
//return;
//TODO: handle decryption failure
- }
+// }
}
@@ -2262,10 +2262,10 @@ void CJabberProto::OmemoOnIqResultGetBundle(HXML iqNode, CJabberIqInfo *pInfo) unsigned int CJabberProto::OmemoEncryptMessage(XmlNode &msg, const wchar_t *msg_text, MCONTACT hContact)
{
const EVP_CIPHER *cipher = EVP_aes_128_gcm();
- unsigned char key[16], iv[12], tag[16]/*, aad[48]*/;
+ unsigned char key[16], iv[12]/*, tag[16]*/ /*, aad[48]*/;
Utils_GetRandom(key, _countof_portable(key));
Utils_GetRandom(iv, _countof_portable(iv));
- Utils_GetRandom(tag, _countof_portable(tag));
+// Utils_GetRandom(tag, _countof_portable(tag));
//Utils_GetRandom(aad, _countof_portable(aad));
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, _countof_portable(iv), NULL);
@@ -2284,7 +2284,7 @@ unsigned int CJabberProto::OmemoEncryptMessage(XmlNode &msg, const wchar_t *msg_ }
EVP_EncryptFinal(ctx, (unsigned char*)(in + tmp_len), &outl);
tmp_len += outl;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, _countof_portable(tag), tag);
+ //EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, _countof_portable(tag), tag);
EVP_CIPHER_CTX_free(ctx);
//TODO: fix encryption
mir_free(in);
|