diff options
-rw-r--r-- | plugins/crypto-vala/src/cipher.vala | 24 | ||||
-rw-r--r-- | plugins/crypto-vala/src/cipher_converter.vala | 78 | ||||
-rw-r--r-- | plugins/crypto-vala/src/error.vala | 2 | ||||
-rw-r--r-- | xmpp-vala/src/module/xep/0391_jingle_encrypted_transports.vala | 2 |
4 files changed, 59 insertions, 47 deletions
diff --git a/plugins/crypto-vala/src/cipher.vala b/plugins/crypto-vala/src/cipher.vala index b5236314..75e5d26e 100644 --- a/plugins/crypto-vala/src/cipher.vala +++ b/plugins/crypto-vala/src/cipher.vala @@ -11,18 +11,18 @@ public class SymmetricCipher { private static unowned string mode_to_string(GCrypt.Cipher.Mode mode) { switch (mode) { - case ECB: return "ECB"; - case CFB: return "CFB"; - case CBC: return "CBC"; - case STREAM: return "STREAM"; - case OFB: return "OFB"; - case CTR: return "CTR"; - case AESWRAP: return "AESWRAP"; - case GCM: return "GCM"; - case POLY1305: return "POLY1305"; - case OCB: return "OCB"; - case CFB8: return "CFB8"; - case XTS: return "XTS"; + case GCrypt.Cipher.Mode.ECB: return "ECB"; + case GCrypt.Cipher.Mode.CFB: return "CFB"; + case GCrypt.Cipher.Mode.CBC: return "CBC"; + case GCrypt.Cipher.Mode.STREAM: return "STREAM"; + case GCrypt.Cipher.Mode.OFB: return "OFB"; + case GCrypt.Cipher.Mode.CTR: return "CTR"; + case GCrypt.Cipher.Mode.AESWRAP: return "AESWRAP"; + case GCrypt.Cipher.Mode.GCM: return "GCM"; + case GCrypt.Cipher.Mode.POLY1305: return "POLY1305"; + case GCrypt.Cipher.Mode.OCB: return "OCB"; + case GCrypt.Cipher.Mode.CFB8: return "CFB8"; + case GCrypt.Cipher.Mode.XTS: return "XTS"; } return "NONE"; } diff --git a/plugins/crypto-vala/src/cipher_converter.vala b/plugins/crypto-vala/src/cipher_converter.vala index 72e11dcd..f1363fb0 100644 --- a/plugins/crypto-vala/src/cipher_converter.vala +++ b/plugins/crypto-vala/src/cipher_converter.vala @@ -16,7 +16,11 @@ public abstract class SymmetricCipherConverter : Converter, Object { } public void reset() { - cipher.reset(); + try { + cipher.reset(); + } catch (Crypto.Error e) { + warning(@"$(e.domain) error while resetting cipher: $(e.message)"); + } } } @@ -33,22 +37,26 @@ public class SymmetricCipherEncrypter : SymmetricCipherConverter { if ((flags & ConverterFlags.INPUT_AT_END) != 0 && inbuf.length + attached_taglen > outbuf.length) { throw new IOError.NO_SPACE("CipherConverter needs additional output space to attach tag"); } - if (inbuf.length > 0) { - cipher.encrypt(outbuf, inbuf); - } - bytes_read = inbuf.length; - bytes_written = inbuf.length; - if ((flags & ConverterFlags.INPUT_AT_END) != 0) { - if (attached_taglen > 0) { - Memory.copy((uint8*)outbuf + inbuf.length, get_tag(attached_taglen), attached_taglen); - bytes_written = inbuf.length + attached_taglen; + try { + if (inbuf.length > 0) { + cipher.encrypt(outbuf, inbuf); } - return ConverterResult.FINISHED; - } - if ((flags & ConverterFlags.FLUSH) != 0) { - return ConverterResult.FLUSHED; + bytes_read = inbuf.length; + bytes_written = inbuf.length; + if ((flags & ConverterFlags.INPUT_AT_END) != 0) { + if (attached_taglen > 0) { + Memory.copy((uint8*)outbuf + inbuf.length, get_tag(attached_taglen), attached_taglen); + bytes_written = inbuf.length + attached_taglen; + } + return ConverterResult.FINISHED; + } + if ((flags & ConverterFlags.FLUSH) != 0) { + return ConverterResult.FLUSHED; + } + return ConverterResult.CONVERTED; + } catch (Crypto.Error e) { + throw new IOError.FAILED(@"$(e.domain) error while decrypting: $(e.message)"); } - return ConverterResult.CONVERTED; } } @@ -67,26 +75,30 @@ public class SymmetricCipherDecrypter : SymmetricCipherConverter { } else if ((flags & ConverterFlags.INPUT_AT_END) == 0 && inbuf.length < attached_taglen + 1) { throw new IOError.PARTIAL_INPUT("CipherConverter needs additional input to make sure to not accidentally read tag"); } - inbuf.length -= (int) attached_taglen; - if (inbuf.length > 0) { - cipher.decrypt(outbuf, inbuf); - } - bytes_read = inbuf.length; - bytes_written = inbuf.length; - inbuf.length += (int) attached_taglen; - if ((flags & ConverterFlags.INPUT_AT_END) != 0) { - if (attached_taglen > 0) { - print("Checking tag\n"); - check_tag(inbuf[(inbuf.length - attached_taglen):inbuf.length]); - print("tag ok\n"); - bytes_read = inbuf.length; + try { + inbuf.length -= (int) attached_taglen; + if (inbuf.length > 0) { + cipher.decrypt(outbuf, inbuf); } - return ConverterResult.FINISHED; - } - if ((flags & ConverterFlags.FLUSH) != 0) { - return ConverterResult.FLUSHED; + bytes_read = inbuf.length; + bytes_written = inbuf.length; + inbuf.length += (int) attached_taglen; + if ((flags & ConverterFlags.INPUT_AT_END) != 0) { + if (attached_taglen > 0) { + print("Checking tag\n"); + check_tag(inbuf[(inbuf.length - attached_taglen):inbuf.length]); + print("tag ok\n"); + bytes_read = inbuf.length; + } + return ConverterResult.FINISHED; + } + if ((flags & ConverterFlags.FLUSH) != 0) { + return ConverterResult.FLUSHED; + } + return ConverterResult.CONVERTED; + } catch (Crypto.Error e) { + throw new IOError.FAILED(@"$(e.domain) error while decrypting: $(e.message)"); } - return ConverterResult.CONVERTED; } } }
\ No newline at end of file diff --git a/plugins/crypto-vala/src/error.vala b/plugins/crypto-vala/src/error.vala index c694dfc7..bae4ad08 100644 --- a/plugins/crypto-vala/src/error.vala +++ b/plugins/crypto-vala/src/error.vala @@ -5,7 +5,7 @@ public errordomain Error { GCRYPT } -internal void may_throw_gcrypt_error(GCrypt.Error e) throws GLib.Error { +internal void may_throw_gcrypt_error(GCrypt.Error e) throws Error { if (((int)e) != 0) { throw new Crypto.Error.GCRYPT(e.to_string()); } diff --git a/xmpp-vala/src/module/xep/0391_jingle_encrypted_transports.vala b/xmpp-vala/src/module/xep/0391_jingle_encrypted_transports.vala index e2b1326b..a6827bf3 100644 --- a/xmpp-vala/src/module/xep/0391_jingle_encrypted_transports.vala +++ b/xmpp-vala/src/module/xep/0391_jingle_encrypted_transports.vala @@ -39,7 +39,7 @@ public class Module : XmppStreamModule, SecurityPrecondition { string cipher = jet_options.cipher_uri; string type = jet_options.type_uri; if (!envelop_encodings.has_key(type) || !ciphers.has_key(cipher)) { - throw new IqError.NOT_IMPLEMENTED("JET cipher or type unknown"); + throw new Jingle.Error.UNSUPPORTED_SECURITY("JET cipher or type unknown"); } EnvelopEncoding encoding = envelop_encodings[type]; return new SecurityParameters(ciphers[cipher], encoding, ciphers[cipher].generate_random_secret(), jet_options); |