Noise-C
 All Data Structures Files Functions Variables Typedefs Macros Groups Pages
loader.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2016 Southern Storm Software, Pty Ltd.
3  *
4  * Permission is hereby granted, free of charge, to any person obtaining a
5  * copy of this software and associated documentation files (the "Software"),
6  * to deal in the Software without restriction, including without limitation
7  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8  * and/or sell copies of the Software, and to permit persons to whom the
9  * Software is furnished to do so, subject to the following conditions:
10  *
11  * The above copyright notice and this permission notice shall be included
12  * in all copies or substantial portions of the Software.
13  *
14  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
19  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
20  * DEALINGS IN THE SOFTWARE.
21  */
22 
23 #include <noise/keys.h>
24 #include <noise/protocol.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 
49 #define NOISE_KEY_VERSION 1
50 
54 #define NOISE_KEY_SALT_LEN 16
55 
59 #define NOISE_KEY_ITERATIONS 20000
60 
65 #define NOISE_ENC_KEY_OVERHEAD 128
66 
87 static int noise_load_file
88  (const char *filename, NoiseProtobuf *pbuf)
89 {
90  FILE *file;
91  size_t size;
92 
93  /* Initialize the buffer */
94  pbuf->data = 0;
95  pbuf->size = 0;
96  pbuf->posn = 0;
97  pbuf->error = NOISE_ERROR_NONE;
98 
99  /* Attempt to open the file */
100  if (!filename)
101  return NOISE_ERROR_INVALID_PARAM;
102  file = fopen(filename, "rb");
103  if (!file)
104  return NOISE_ERROR_SYSTEM;
105 
106  /* Can we get the length of the file now? If not, allocate
107  the maximum possible size */
108  if (fseek(file, 0L, SEEK_END) >= 0) {
109  off_t length = ftell(file);
110  if (length <= 0 || length > NOISE_MAX_PAYLOAD_LEN) {
111  fclose(file);
112  return NOISE_ERROR_INVALID_FORMAT;
113  }
114  if (fseek(file, 0L, SEEK_SET) < 0) {
115  fclose(file);
116  return NOISE_ERROR_SYSTEM;
117  }
118  pbuf->size = (size_t)length;
119  } else {
120  pbuf->size = NOISE_MAX_PAYLOAD_LEN;
121  }
122  pbuf->data = (uint8_t *)malloc(pbuf->size);
123  if (!(pbuf->data)) {
124  fclose(file);
125  return NOISE_ERROR_NO_MEMORY;
126  }
127 
128  /* Read the entire contents of the file into memory */
129  size = fread(pbuf->data, 1, pbuf->size, file);
130  if (!size && ferror(file)) {
131  noise_free(pbuf->data, pbuf->size);
132  pbuf->data = 0;
133  fclose(file);
134  return NOISE_ERROR_SYSTEM;
135  }
136  pbuf->size = size;
137 
138  /* Clean up and exit */
139  fclose(file);
140  return NOISE_ERROR_NONE;
141 }
142 
148 static void noise_load_free(NoiseProtobuf *pbuf)
149 {
150  noise_free(pbuf->data, pbuf->size);
151 }
152 
178 int noise_load_certificate_from_file
179  (Noise_Certificate **cert, const char *filename)
180 {
181  NoiseProtobuf pbuf;
182  int err = noise_load_file(filename, &pbuf);
183  if (err != NOISE_ERROR_NONE)
184  return err;
185  err = noise_load_certificate_from_buffer(cert, &pbuf);
186  noise_load_free(&pbuf);
187  return err;
188 }
189 
213 int noise_load_certificate_from_buffer
214  (Noise_Certificate **cert, NoiseProtobuf *pbuf)
215 {
216  /* Validate the parameters */
217  if (!cert)
218  return NOISE_ERROR_INVALID_PARAM;
219  *cert = 0;
220  if (!pbuf)
221  return NOISE_ERROR_INVALID_PARAM;
222 
223  /* No point continuing if the protobuf already has an error */
224  if (pbuf->error != NOISE_ERROR_NONE)
225  return pbuf->error;
226 
227  /* Peek at the first tag to determine if this is a certificate chain */
228  if (noise_protobuf_peek_tag(pbuf) == 8) {
229  int err;
230  size_t end_posn = 0;
231  Noise_Certificate *cert2 = 0;
232  noise_protobuf_read_start_element(pbuf, 0, &end_posn);
233  while (!noise_protobuf_read_at_end_element(pbuf, end_posn)) {
234  err = Noise_Certificate_read(pbuf, 8, &cert2);
235  if (err != NOISE_ERROR_NONE)
236  break;
237  if (!(*cert))
238  *cert = cert2;
239  else
240  Noise_Certificate_free(cert2);
241  }
242  err = noise_protobuf_read_end_element(pbuf, end_posn);
243  if (err != NOISE_ERROR_NONE) {
244  Noise_Certificate_free(*cert);
245  *cert = 0;
246  }
247  return err;
248  }
249 
250  /* Load the entire buffer as a certificate */
251  return Noise_Certificate_read(pbuf, 0, cert);
252 }
253 
279 int noise_load_certificate_chain_from_file
280  (Noise_CertificateChain **chain, const char *filename)
281 {
282  NoiseProtobuf pbuf;
283  int err = noise_load_file(filename, &pbuf);
284  if (err != NOISE_ERROR_NONE)
285  return err;
286  err = noise_load_certificate_chain_from_buffer(chain, &pbuf);
287  noise_load_free(&pbuf);
288  return err;
289 }
290 
314 int noise_load_certificate_chain_from_buffer
315  (Noise_CertificateChain **chain, NoiseProtobuf *pbuf)
316 {
317  /* Validate the parameters */
318  if (!chain)
319  return NOISE_ERROR_INVALID_PARAM;
320  *chain = 0;
321  if (!pbuf)
322  return NOISE_ERROR_INVALID_PARAM;
323 
324  /* No point continuing if the protobuf already has an error */
325  if (pbuf->error != NOISE_ERROR_NONE)
326  return pbuf->error;
327 
328  /* Peek at the first tag to determine if this is a singleton certificate */
329  if (noise_protobuf_peek_tag(pbuf) != 8) {
330  Noise_Certificate *cert = 0;
331  int err;
332  err = Noise_CertificateChain_new(chain);
333  if (err != NOISE_ERROR_NONE)
334  return err;
335  err = Noise_Certificate_read(pbuf, 0, &cert);
336  if (err == NOISE_ERROR_NONE)
337  err = Noise_CertificateChain_insert_certs(*chain, 0, cert);
338  if (err != NOISE_ERROR_NONE) {
339  Noise_CertificateChain_free(*chain);
340  *chain = 0;
341  }
342  return err;
343  }
344 
345  /* Load the entire buffer as a certificate chain */
346  return Noise_CertificateChain_read(pbuf, 0, chain);
347 }
348 
375 int noise_load_private_key_from_file
376  (Noise_PrivateKey **key, const char *filename,
377  const void *passphrase, size_t passphrase_len)
378 {
379  NoiseProtobuf pbuf;
380  int err = noise_load_file(filename, &pbuf);
381  if (err != NOISE_ERROR_NONE)
382  return err;
383  err = noise_load_private_key_from_buffer
384  (key, &pbuf, passphrase, passphrase_len);
385  noise_load_free(&pbuf);
386  return err;
387 }
388 
401 static int noise_parse_protect_name
402  (const char *name, int *cipher_id, int *hash_id)
403 {
404  char *end;
405  *cipher_id = NOISE_CIPHER_NONE;
406  *hash_id = NOISE_HASH_NONE;
407  end = strchr(name, '_');
408  if (!end)
409  return NOISE_ERROR_UNKNOWN_NAME;
410  *cipher_id = noise_name_to_id(NOISE_CIPHER_CATEGORY, name, end - name);
411  if (*cipher_id == NOISE_CIPHER_NONE)
412  return NOISE_ERROR_UNKNOWN_NAME;
413  name = end + 1;
414  end = strchr(name, '_');
415  if (!end)
416  return NOISE_ERROR_UNKNOWN_NAME;
417  *hash_id = noise_name_to_id(NOISE_HASH_CATEGORY, name, end - name);
418  if (*hash_id == NOISE_HASH_NONE)
419  return NOISE_ERROR_UNKNOWN_NAME;
420  name = end + 1;
421  if (strcmp(name, "PBKDF2") != 0)
422  return NOISE_ERROR_UNKNOWN_NAME;
423  return NOISE_ERROR_NONE;
424 }
425 
450 int noise_load_private_key_from_buffer
451  (Noise_PrivateKey **key, NoiseProtobuf *pbuf,
452  const void *passphrase, size_t passphrase_len)
453 {
454  Noise_EncryptedPrivateKey *enc_key = 0;
455  NoiseCipherState *cipher = 0;
456  NoiseHashState *hash = 0;
457  uint8_t key_data[40];
458  int cipher_id, hash_id;
459  int err;
460  NoiseBuffer buf;
461  NoiseProtobuf pbuf2;
462 
463  /* Validate the parameters */
464  if (!key)
465  return NOISE_ERROR_INVALID_PARAM;
466  *key = 0;
467  if (!pbuf || !passphrase)
468  return NOISE_ERROR_INVALID_PARAM;
469 
470  /* Load the encrypted version of the private key */
471  err = Noise_EncryptedPrivateKey_read(pbuf, 0, &enc_key);
472  if (err != NOISE_ERROR_NONE)
473  return err;
474 
475  /* Check that we have everything we need for a valid key */
476  if (Noise_EncryptedPrivateKey_get_version(enc_key) != NOISE_KEY_VERSION ||
477  !Noise_EncryptedPrivateKey_has_algorithm(enc_key) ||
478  !Noise_EncryptedPrivateKey_has_salt(enc_key) ||
479  !Noise_EncryptedPrivateKey_has_iterations(enc_key) ||
480  !Noise_EncryptedPrivateKey_has_encrypted_data(enc_key)) {
481  Noise_EncryptedPrivateKey_free(enc_key);
482  return NOISE_ERROR_INVALID_FORMAT;
483  }
484 
485  /* Is the key protection algorithm supported? */
486  err = noise_parse_protect_name
487  (Noise_EncryptedPrivateKey_get_algorithm(enc_key),
488  &cipher_id, &hash_id);
489  if (err == NOISE_ERROR_NONE) {
490  err = noise_cipherstate_new_by_id(&cipher, cipher_id);
491  if (err == NOISE_ERROR_NONE &&
492  noise_cipherstate_get_key_length(cipher) != 32) {
493  /* At the moment we only support ciphers with 256-bit keys */
494  err = NOISE_ERROR_UNKNOWN_NAME;
495  }
496  }
497  if (err == NOISE_ERROR_NONE) {
498  err = noise_hashstate_new_by_id(&hash, hash_id);
499  }
500 
501  /* Decrypt the private key information */
502  memset(&buf, 0, sizeof(buf));
503  if (err == NOISE_ERROR_NONE) {
504  /* Generate the key material using PBKDF2 */
505  noise_hashstate_pbkdf2
506  (hash, (const uint8_t *)passphrase, passphrase_len,
507  (const uint8_t *)Noise_EncryptedPrivateKey_get_salt(enc_key),
508  Noise_EncryptedPrivateKey_get_size_salt(enc_key),
509  Noise_EncryptedPrivateKey_get_iterations(enc_key),
510  key_data, sizeof(key_data));
511 
512  /* Set the decryption key */
513  noise_cipherstate_init_key(cipher, key_data, 32);
514 
515  /* Set the nonce and fast-forward the cipher */
516  noise_cipherstate_set_nonce
517  (cipher, (((uint64_t)(key_data[32])) << 56) |
518  (((uint64_t)(key_data[33])) << 48) |
519  (((uint64_t)(key_data[34])) << 40) |
520  (((uint64_t)(key_data[35])) << 32) |
521  (((uint64_t)(key_data[36])) << 24) |
522  (((uint64_t)(key_data[37])) << 16) |
523  (((uint64_t)(key_data[38])) << 8) |
524  ((uint64_t)(key_data[39])));
525 
526  /* Decrypt the private key and check the MAC value.
527  We decrypt the value in-place in the EncryptedPrivateKey
528  object. We will be throwing it away later so there's
529  no harm in overwriting the previous value. */
530  noise_buffer_set_input
531  (buf, (uint8_t *)Noise_EncryptedPrivateKey_get_encrypted_data(enc_key),
532  Noise_EncryptedPrivateKey_get_size_encrypted_data(enc_key));
533  err = noise_cipherstate_decrypt_with_ad(cipher, 0, 0, &buf);
534  }
535 
536  /* Parse the decrypted data into a PrivateKey object */
537  if (err == NOISE_ERROR_NONE) {
538  noise_protobuf_prepare_input(&pbuf2, buf.data, buf.size);
539  err = Noise_PrivateKey_read(&pbuf2, 0, key);
540  }
541 
542  /* Clean up and exit */
543  Noise_EncryptedPrivateKey_free(enc_key);
544  noise_cipherstate_free(cipher);
545  noise_hashstate_free(hash);
546  noise_clean(key_data, sizeof(key_data));
547  return err;
548 }
549 
555 typedef int (*NoiseWriteFunc)(NoiseProtobuf *pbuf, int tag, const void *obj);
556 
568 static int noise_save_to_file
569  (const void *obj, const char *filename, NoiseWriteFunc func)
570 {
571  NoiseProtobuf pbuf;
572  uint8_t *data = 0;
573  size_t size = 0;
574  int err;
575  FILE *file;
576 
577  /* Validate the parameters */
578  if (!obj || !filename)
579  return NOISE_ERROR_INVALID_PARAM;
580 
581  /* Measure the size of the serialized object */
582  noise_protobuf_prepare_measure(&pbuf, NOISE_MAX_PAYLOAD_LEN);
583  err = (*func)(&pbuf, 0, obj);
584  if (err != NOISE_ERROR_NONE)
585  return err;
586  err = noise_protobuf_finish_measure(&pbuf, &size);
587  if (err != NOISE_ERROR_NONE)
588  return err;
589 
590  /* Allocate memory to hold the serialized form temporarily */
591  pbuf.data = (uint8_t *)malloc(size);
592  if (!(pbuf.data))
593  return NOISE_ERROR_NO_MEMORY;
594  pbuf.size = size;
595  pbuf.posn = size;
596  pbuf.error = NOISE_ERROR_NONE;
597  err = (*func)(&pbuf, 0, obj);
598  if (err == NOISE_ERROR_NONE)
599  err = noise_protobuf_finish_output(&pbuf, &data, &size);
600  if (err != NOISE_ERROR_NONE) {
601  noise_free(pbuf.data, pbuf.size);
602  return err;
603  }
604 
605  /* Write the data to the file */
606  file = fopen(filename, "wb");
607  if (file) {
608  if (fwrite(data, 1, size, file) != size)
609  err = NOISE_ERROR_SYSTEM;
610  fclose(file);
611  } else {
612  err = NOISE_ERROR_SYSTEM;
613  }
614 
615  /* Clean up and exit */
616  noise_free(pbuf.data, pbuf.size);
617  return err;
618 }
619 
636 int noise_save_certificate_to_file
637  (const Noise_Certificate *cert, const char *filename)
638 {
639  return noise_save_to_file
640  (cert, filename, (NoiseWriteFunc)Noise_Certificate_write);
641 }
642 
654 int noise_save_certificate_to_buffer
655  (const Noise_Certificate *cert, NoiseProtobuf *pbuf)
656 {
657  return Noise_Certificate_write(pbuf, 0, cert);
658 }
659 
677 int noise_save_certificate_chain_to_file
678  (const Noise_CertificateChain *chain, const char *filename)
679 {
680  return noise_save_to_file
681  (chain, filename, (NoiseWriteFunc)Noise_CertificateChain_write);
682 }
683 
696 int noise_save_certificate_chain_to_buffer
697  (const Noise_CertificateChain *chain, NoiseProtobuf *pbuf)
698 {
699  return Noise_CertificateChain_write(pbuf, 0, chain);
700 }
701 
726 int noise_save_private_key_to_file
727  (const Noise_PrivateKey *key, const char *filename,
728  const void *passphrase, size_t passphrase_len,
729  const char *protect_name)
730 {
731  NoiseProtobuf pbuf;
732  size_t size = 0;
733  int cipher_id, hash_id;
734  int err;
735  FILE *file;
736 
737  /* Validate the parameters */
738  if (!key || !filename || !passphrase || !protect_name)
739  return NOISE_ERROR_INVALID_PARAM;
740  err = noise_parse_protect_name(protect_name, &cipher_id, &hash_id);
741  if (err != NOISE_ERROR_NONE)
742  return err;
743 
744  /* Estimate how much memory we will need for the EncryptedPrivateKey */
745  noise_protobuf_prepare_measure(&pbuf, NOISE_MAX_PAYLOAD_LEN);
746  err = Noise_PrivateKey_write(&pbuf, 0, key);
747  if (err != NOISE_ERROR_NONE)
748  return err;
749  err = noise_protobuf_finish_measure(&pbuf, &size);
750  if (err != NOISE_ERROR_NONE)
751  return err;
752  size += strlen(protect_name) + NOISE_ENC_KEY_OVERHEAD;
753 
754  /* Serialize the EncryptedPrivateKey into memory */
755  pbuf.data = (uint8_t *)malloc(size);
756  if (!(pbuf.data))
757  return NOISE_ERROR_NO_MEMORY;
758  pbuf.posn = size;
759  pbuf.size = size;
760  pbuf.error = NOISE_ERROR_NONE;
761  err = noise_save_private_key_to_buffer
762  (key, &pbuf, passphrase, passphrase_len, protect_name);
763  if (err == NOISE_ERROR_NONE &&
764  (pbuf.size - pbuf.posn) > NOISE_MAX_PAYLOAD_LEN) {
765  err = NOISE_ERROR_INVALID_LENGTH;
766  }
767 
768  /* Save the encrypted data to the file */
769  if (err == NOISE_ERROR_NONE) {
770  file = fopen(filename, "wb");
771  if (file) {
772  size_t len = pbuf.size - pbuf.posn;
773  if (fwrite(pbuf.data + pbuf.posn, 1, len, file) != len)
774  err = NOISE_ERROR_SYSTEM;
775  fclose(file);
776  } else {
777  err = NOISE_ERROR_SYSTEM;
778  }
779  }
780 
781  /* Clean up and exit */
782  noise_free(pbuf.data, size);
783  return err;
784 }
785 
807 int noise_save_private_key_to_buffer
808  (const Noise_PrivateKey *key, NoiseProtobuf *pbuf,
809  const void *passphrase, size_t passphrase_len,
810  const char *protect_name)
811 {
812  Noise_EncryptedPrivateKey *enc_key = 0;
813  NoiseProtobuf pcopy;
814  uint8_t salt[NOISE_KEY_SALT_LEN];
815  uint8_t key_data[40];
816  int cipher_id, hash_id;
817  NoiseCipherState *cipher = 0;
818  NoiseHashState *hash = 0;
819  size_t mac_len;
820  NoiseBuffer buf;
821  int err;
822  int retry;
823 
824  /* Validate the parameters */
825  if (!key || !pbuf || !passphrase || !protect_name)
826  return NOISE_ERROR_INVALID_PARAM;
827  err = noise_parse_protect_name(protect_name, &cipher_id, &hash_id);
828  if (err != NOISE_ERROR_NONE)
829  return err;
830 
831  /* Construct the cipher and hash objects to use to encrypt the key */
832  err = noise_cipherstate_new_by_id(&cipher, cipher_id);
833  if (err != NOISE_ERROR_NONE)
834  return err;
835  if (noise_cipherstate_get_key_length(cipher) != 32) {
836  /* At the moment we only support ciphers with 256-bit keys */
837  noise_cipherstate_free(cipher);
838  return NOISE_ERROR_UNKNOWN_NAME;
839  }
840  err = noise_hashstate_new_by_id(&hash, hash_id);
841  if (err != NOISE_ERROR_NONE) {
842  noise_cipherstate_free(cipher);
843  return err;
844  }
845  mac_len = noise_cipherstate_get_mac_length(cipher);
846 
847  /* Write the private key details to the protobuf. The incoming
848  protobuf is supposed to be large enough to hold the encrypted
849  version of the key so it should be large enough to hold the
850  unencrypted private key and MAC temporarily */
851  pcopy = *pbuf;
852  if (pcopy.posn < mac_len) {
853  err = NOISE_ERROR_INVALID_LENGTH;
854  } else {
855  pcopy.posn -= mac_len;
856  err = Noise_PrivateKey_write(&pcopy, 0, key);
857  }
858  if (err != NOISE_ERROR_NONE) {
859  noise_clean(pcopy.data + pcopy.posn, pbuf->posn - pcopy.posn);
860  noise_cipherstate_free(cipher);
861  noise_hashstate_free(hash);
862  return err;
863  }
864 
865  /* Construct an EncryptedPrivateKey object and populate it */
866  err = Noise_EncryptedPrivateKey_new(&enc_key);
867  if (err == NOISE_ERROR_NONE) {
868  err = Noise_EncryptedPrivateKey_set_version(enc_key, NOISE_KEY_VERSION);
869  }
870  if (err == NOISE_ERROR_NONE) {
871  err = Noise_EncryptedPrivateKey_set_algorithm
872  (enc_key, protect_name, strlen(protect_name));
873  }
874  if (err == NOISE_ERROR_NONE) {
875  err = Noise_EncryptedPrivateKey_set_iterations
876  (enc_key, NOISE_KEY_ITERATIONS);
877  }
878 
879  /* Encrypt the private key information */
880  noise_randstate_generate_simple(salt, sizeof(salt));
881  if (err == NOISE_ERROR_NONE) {
882  do {
883  /* Generate the key material using PBKDF2 */
884  retry = 0;
885  noise_hashstate_pbkdf2
886  (hash, (const uint8_t *)passphrase, passphrase_len,
887  salt, sizeof(salt), NOISE_KEY_ITERATIONS,
888  key_data, sizeof(key_data));
889 
890  /* Set the encryption key */
891  noise_cipherstate_init_key(cipher, key_data, 32);
892 
893  /* Set the nonce and fast-forward the cipher */
894  noise_cipherstate_set_nonce
895  (cipher, (((uint64_t)(key_data[32])) << 56) |
896  (((uint64_t)(key_data[33])) << 48) |
897  (((uint64_t)(key_data[34])) << 40) |
898  (((uint64_t)(key_data[35])) << 32) |
899  (((uint64_t)(key_data[36])) << 24) |
900  (((uint64_t)(key_data[37])) << 16) |
901  (((uint64_t)(key_data[38])) << 8) |
902  ((uint64_t)(key_data[39])));
903 
904  /* Encrypt the private key and compute the MAC value */
905  noise_buffer_set_inout(buf, pcopy.data + pcopy.posn,
906  pbuf->posn - pcopy.posn - mac_len,
907  pbuf->posn - pcopy.posn);
908  err = noise_cipherstate_encrypt_with_ad(cipher, 0, 0, &buf);
909  if (err != NOISE_ERROR_NONE) {
910  /* The nonce is probably the reserved value 2^64 - 1,
911  which we cannot use. Generate a new salt and try again */
912  noise_randstate_generate_simple(salt, sizeof(salt));
913  retry = 1;
914  }
915  } while (retry);
916  }
917 
918  /* Add the encrypted data to the EncryptedPrivateKey object */
919  if (err == NOISE_ERROR_NONE) {
920  err = Noise_EncryptedPrivateKey_set_salt(enc_key, salt, sizeof(salt));
921  }
922  if (err == NOISE_ERROR_NONE) {
923  err = Noise_EncryptedPrivateKey_set_encrypted_data
924  (enc_key, pcopy.data + pcopy.posn, pbuf->posn - pcopy.posn);
925  }
926  noise_clean(pcopy.data + pcopy.posn, pbuf->posn - pcopy.posn);
927 
928  /* Now write the entire EncryptedPrivateKey object to the protobuf */
929  if (err == NOISE_ERROR_NONE) {
930  err = Noise_EncryptedPrivateKey_write(pbuf, 0, enc_key);
931  }
932 
933  /* Clean up and exit */
934  Noise_EncryptedPrivateKey_free(enc_key);
935  noise_cipherstate_free(cipher);
936  noise_hashstate_free(hash);
937  noise_clean(salt, sizeof(salt));
938  noise_clean(key_data, sizeof(key_data));
939  return err;
940 }
941 
NOISE_MAX_PAYLOAD_LEN
#define NOISE_MAX_PAYLOAD_LEN
Maximum payload length for Noise packets.
Noise_EncryptedPrivateKey_get_algorithm
const char * Noise_EncryptedPrivateKey_get_algorithm(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1926
Noise_Certificate_write
int Noise_Certificate_write(NoiseProtobuf *pbuf, int tag, const Noise_Certificate *obj)
Definition: certificate.c:151
noise_save_certificate_to_buffer
int noise_save_certificate_to_buffer(const Noise_Certificate *cert, NoiseProtobuf *pbuf)
Saves a certificate to a protobuf.
Definition: loader.c:655
noise_load_certificate_chain_from_buffer
int noise_load_certificate_chain_from_buffer(Noise_CertificateChain **chain, NoiseProtobuf *pbuf)
Loads a certificate chain from a protobuf.
Definition: loader.c:315
Noise_EncryptedPrivateKey_has_salt
int Noise_EncryptedPrivateKey_has_salt(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1965
Noise_Certificate_free
int Noise_Certificate_free(Noise_Certificate *obj)
Definition: certificate.c:138
noise_cipherstate_init_key
int noise_cipherstate_init_key(NoiseCipherState *state, const uint8_t *key, size_t key_len)
Initializes the key on a CipherState object.
Definition: cipherstate.c:222
noise_protobuf_prepare_input
int noise_protobuf_prepare_input(NoiseProtobuf *pbuf, const uint8_t *data, size_t size)
Noise_EncryptedPrivateKey_get_iterations
uint32_t Noise_EncryptedPrivateKey_get_iterations(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:2011
noise_clean
void noise_clean(void *data, size_t size)
Cleans a block of memory to destroy its contents.
Definition: util.c:170
noise_hashstate_pbkdf2
int noise_hashstate_pbkdf2(NoiseHashState *state, const uint8_t *passphrase, size_t passphrase_len, const uint8_t *salt, size_t salt_len, size_t iterations, uint8_t *output, size_t output_len)
Hashes a passphrase and salt using the PBKDF2 key derivation function.
Definition: hashstate.c:542
Noise_EncryptedPrivateKey_get_encrypted_data
const void * Noise_EncryptedPrivateKey_get_encrypted_data(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:2041
Noise_EncryptedPrivateKey_write
int Noise_EncryptedPrivateKey_write(NoiseProtobuf *pbuf, int tag, const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1811
NOISE_ERROR_INVALID_PARAM
#define NOISE_ERROR_INVALID_PARAM
Invalid parameter to function; e.g. a NULL value.
_Noise_Certificate
Definition: certificate.c:27
_Noise_CertificateChain
Definition: certificate.c:35
NoiseHashState_s
Internal structure of the NoiseHashState type.
Definition: internal.h:151
noise_save_private_key_to_file
int noise_save_private_key_to_file(const Noise_PrivateKey *key, const char *filename, const void *passphrase, size_t passphrase_len, const char *protect_name)
Saves a private key in encrypted form to a file.
Definition: loader.c:727
NOISE_ERROR_NONE
#define NOISE_ERROR_NONE
Success, no error.
noise_protobuf_read_at_end_element
int noise_protobuf_read_at_end_element(const NoiseProtobuf *pbuf, size_t end_posn)
noise_load_private_key_from_file
int noise_load_private_key_from_file(Noise_PrivateKey **key, const char *filename, const void *passphrase, size_t passphrase_len)
Loads a private key from a file.
Definition: loader.c:376
Noise_EncryptedPrivateKey_has_algorithm
int Noise_EncryptedPrivateKey_has_algorithm(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1921
noise_cipherstate_set_nonce
int noise_cipherstate_set_nonce(NoiseCipherState *state, uint64_t nonce)
Sets the nonce value for this cipherstate object.
Definition: cipherstate.c:517
noise_buffer_set_input
#define noise_buffer_set_input(buffer, ptr, len)
Sets a NoiseBuffer object to point to an input memory region.
noise_cipherstate_decrypt_with_ad
int noise_cipherstate_decrypt_with_ad(NoiseCipherState *state, const uint8_t *ad, size_t ad_len, NoiseBuffer *buffer)
Decrypts a block of data with this CipherState object.
Definition: cipherstate.c:374
Noise_CertificateChain_write
int Noise_CertificateChain_write(NoiseProtobuf *pbuf, int tag, const Noise_CertificateChain *obj)
Definition: certificate.c:357
_Noise_EncryptedPrivateKey
Definition: certificate.c:95
Noise_PrivateKey_write
int Noise_PrivateKey_write(NoiseProtobuf *pbuf, int tag, const Noise_PrivateKey *obj)
Definition: certificate.c:2096
noise_cipherstate_free
int noise_cipherstate_free(NoiseCipherState *state)
Frees a CipherState object after destroying all sensitive material.
Definition: cipherstate.c:152
noise_load_certificate_from_file
int noise_load_certificate_from_file(Noise_Certificate **cert, const char *filename)
Loads a certificate from a file.
Definition: loader.c:179
NoiseBuffer::data
uint8_t * data
Definition: buffer.h:35
Noise_EncryptedPrivateKey_new
int Noise_EncryptedPrivateKey_new(Noise_EncryptedPrivateKey **obj)
Definition: certificate.c:1790
Noise_EncryptedPrivateKey_get_salt
const void * Noise_EncryptedPrivateKey_get_salt(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1970
noise_load_certificate_from_buffer
int noise_load_certificate_from_buffer(Noise_Certificate **cert, NoiseProtobuf *pbuf)
Loads a certificate from a protobuf.
Definition: loader.c:214
NOISE_HASH_CATEGORY
#define NOISE_HASH_CATEGORY
Category for hash algorithms.
protocol.h
Main header file to include the Noise protocol library definitions.
noise_cipherstate_encrypt_with_ad
int noise_cipherstate_encrypt_with_ad(NoiseCipherState *state, const uint8_t *ad, size_t ad_len, NoiseBuffer *buffer)
Encrypts a block of data with this CipherState object.
Definition: cipherstate.c:294
noise_hashstate_new_by_id
int noise_hashstate_new_by_id(NoiseHashState **state, int id)
Creates a new HashState object by its algorithm identifier.
Definition: hashstate.c:73
noise_protobuf_peek_tag
int noise_protobuf_peek_tag(const NoiseProtobuf *pbuf)
noise_save_certificate_chain_to_buffer
int noise_save_certificate_chain_to_buffer(const Noise_CertificateChain *chain, NoiseProtobuf *pbuf)
Saves a certificate chain to a protobuf.
Definition: loader.c:697
noise_cipherstate_get_mac_length
size_t noise_cipherstate_get_mac_length(const NoiseCipherState *state)
Gets the length of packet MAC values for a CipherState object.
Definition: cipherstate.c:202
Noise_EncryptedPrivateKey_free
int Noise_EncryptedPrivateKey_free(Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1800
NOISE_ERROR_NO_MEMORY
#define NOISE_ERROR_NO_MEMORY
Insufficient memory to complete the operation.
NOISE_ERROR_UNKNOWN_NAME
#define NOISE_ERROR_UNKNOWN_NAME
Algorithm name is unknown.
NOISE_ERROR_INVALID_LENGTH
#define NOISE_ERROR_INVALID_LENGTH
Invalid length specified for a key, packet, etc.
Noise_CertificateChain_free
int Noise_CertificateChain_free(Noise_CertificateChain *obj)
Definition: certificate.c:345
Noise_EncryptedPrivateKey_get_version
uint32_t Noise_EncryptedPrivateKey_get_version(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1896
Noise_CertificateChain_insert_certs
int Noise_CertificateChain_insert_certs(Noise_CertificateChain *obj, size_t index, Noise_Certificate *value)
Definition: certificate.c:458
Noise_EncryptedPrivateKey_get_size_salt
size_t Noise_EncryptedPrivateKey_get_size_salt(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:1975
noise_protobuf_finish_output
int noise_protobuf_finish_output(NoiseProtobuf *pbuf, uint8_t **data, size_t *size)
noise_name_to_id
int noise_name_to_id(int category, const char *name, size_t name_len)
Maps an algorithm name to the corresponding identifier.
Definition: names.c:146
noise_save_private_key_to_buffer
int noise_save_private_key_to_buffer(const Noise_PrivateKey *key, NoiseProtobuf *pbuf, const void *passphrase, size_t passphrase_len, const char *protect_name)
Saves a private key in encrypted form to a protobuf.
Definition: loader.c:808
NOISE_CIPHER_CATEGORY
#define NOISE_CIPHER_CATEGORY
Category for cipher algorithms.
noise_randstate_generate_simple
int noise_randstate_generate_simple(uint8_t *buffer, size_t len)
Generates random data without first creating a RandState object.
Definition: randstate.c:391
Noise_EncryptedPrivateKey_get_size_encrypted_data
size_t Noise_EncryptedPrivateKey_get_size_encrypted_data(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:2046
noise_save_certificate_chain_to_file
int noise_save_certificate_chain_to_file(const Noise_CertificateChain *chain, const char *filename)
Saves a certificate chain to a file.
Definition: loader.c:678
NoiseBuffer::size
size_t size
Definition: buffer.h:36
noise_free
void noise_free(void *ptr, size_t size)
Destroys the contents of a block of memory and free it.
Definition: util.c:152
noise_load_private_key_from_buffer
int noise_load_private_key_from_buffer(Noise_PrivateKey **key, NoiseProtobuf *pbuf, const void *passphrase, size_t passphrase_len)
Loads a private key from a protobuf.
Definition: loader.c:451
Noise_EncryptedPrivateKey_set_iterations
int Noise_EncryptedPrivateKey_set_iterations(Noise_EncryptedPrivateKey *obj, uint32_t value)
Definition: certificate.c:2016
noise_protobuf_finish_measure
int noise_protobuf_finish_measure(NoiseProtobuf *pbuf, size_t *size)
Noise_EncryptedPrivateKey_has_iterations
int Noise_EncryptedPrivateKey_has_iterations(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:2006
NoiseProtobuf::size
size_t size
Definition: protobufs.h:37
NoiseCipherState_s
Internal structure of the NoiseCipherState type.
Definition: internal.h:58
noise_hashstate_free
int noise_hashstate_free(NoiseHashState *state)
Frees a HashState object after destroying all sensitive material.
Definition: hashstate.c:156
NOISE_ERROR_SYSTEM
#define NOISE_ERROR_SYSTEM
System error, with more information in errno.
Noise_EncryptedPrivateKey_has_encrypted_data
int Noise_EncryptedPrivateKey_has_encrypted_data(const Noise_EncryptedPrivateKey *obj)
Definition: certificate.c:2036
noise_save_certificate_to_file
int noise_save_certificate_to_file(const Noise_Certificate *cert, const char *filename)
Saves a certificate to a file.
Definition: loader.c:637
Noise_CertificateChain_new
int Noise_CertificateChain_new(Noise_CertificateChain **obj)
Definition: certificate.c:335
_Noise_PrivateKey
Definition: certificate.c:106
Noise_EncryptedPrivateKey_set_algorithm
int Noise_EncryptedPrivateKey_set_algorithm(Noise_EncryptedPrivateKey *obj, const char *value, size_t size)
Definition: certificate.c:1936
noise_cipherstate_new_by_id
int noise_cipherstate_new_by_id(NoiseCipherState **state, int id)
Creates a new CipherState object by its algorithm identifier.
Definition: cipherstate.c:77
Noise_EncryptedPrivateKey_set_encrypted_data
int Noise_EncryptedPrivateKey_set_encrypted_data(Noise_EncryptedPrivateKey *obj, const void *value, size_t size)
Definition: certificate.c:2051
Noise_EncryptedPrivateKey_set_salt
int Noise_EncryptedPrivateKey_set_salt(Noise_EncryptedPrivateKey *obj, const void *value, size_t size)
Definition: certificate.c:1980
Noise_PrivateKey_read
int Noise_PrivateKey_read(NoiseProtobuf *pbuf, int tag, Noise_PrivateKey **obj)
Definition: certificate.c:2116
Noise_EncryptedPrivateKey_set_version
int Noise_EncryptedPrivateKey_set_version(Noise_EncryptedPrivateKey *obj, uint32_t value)
Definition: certificate.c:1901
NOISE_HASH_NONE
#define NOISE_HASH_NONE
Hash identifier that indicates "no hash".
noise_protobuf_read_end_element
int noise_protobuf_read_end_element(NoiseProtobuf *pbuf, size_t end_posn)
noise_buffer_set_inout
#define noise_buffer_set_inout(buffer, ptr, len, max)
Sets a NoiseBuffer object to point to an input-output memory region.
noise_protobuf_read_start_element
int noise_protobuf_read_start_element(NoiseProtobuf *pbuf, int tag, size_t *end_posn)
noise_load_certificate_chain_from_file
int noise_load_certificate_chain_from_file(Noise_CertificateChain **chain, const char *filename)
Loads a certificate chain from a file.
Definition: loader.c:280
noise_cipherstate_get_key_length
size_t noise_cipherstate_get_key_length(const NoiseCipherState *state)
Gets the length of the encryption key for a CipherState object.
Definition: cipherstate.c:188
Noise_Certificate_read
int Noise_Certificate_read(NoiseProtobuf *pbuf, int tag, Noise_Certificate **obj)
Definition: certificate.c:167
Noise_CertificateChain_read
int Noise_CertificateChain_read(NoiseProtobuf *pbuf, int tag, Noise_CertificateChain **obj)
Definition: certificate.c:369
NOISE_CIPHER_NONE
#define NOISE_CIPHER_NONE
Cipher identifier that indicates "no cipher".
noise_protobuf_prepare_measure
int noise_protobuf_prepare_measure(NoiseProtobuf *pbuf, size_t max_size)
NoiseProtobuf::posn
size_t posn
Definition: protobufs.h:38
NOISE_ERROR_INVALID_FORMAT
#define NOISE_ERROR_INVALID_FORMAT
Invalid format for packet or key file.
NoiseBuffer
Type that defines a region of memory for a data buffer.
Definition: buffer.h:33
Noise_EncryptedPrivateKey_read
int Noise_EncryptedPrivateKey_read(NoiseProtobuf *pbuf, int tag, Noise_EncryptedPrivateKey **obj)
Definition: certificate.c:1830
NoiseProtobuf::data
uint8_t * data
Definition: protobufs.h:36
Generated on Thu Nov 17 2016 05:36:20 for Noise-C by   doxygen 1.8.6