💾 Archived View for gmi.noulin.net › gitRepositories › heartbeat › file › sel.c.gmi captured on 2024-06-20 at 11:56:00. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
sel.c (2297B)
1 #include "sel.h"
2
3 // detect entropy quality
4 #include <fcntl.h>
5 #include <unistd.h>
6 #include <sys/ioctl.h>
7 #include <linux/random.h>
8
9 #include <iso646.h> /* and or not defines */
10
11 int selInit(void) {
12 // detect entropy quality
13 int urandomfd;
14 if ((urandomfd = open("/dev/urandom", O_RDONLY)) != -1) {
15 int c;
16 if (ioctl(urandomfd, RNDGETENTCNT, &c) == 0 && c < 160) {
17 /* logN("This system doesn't provide enough entropy to quickly generate high-quality random numbers.\n" */
18 /* "Installing the rng-utils/rng-tools, jitterentropy or haveged packages may help.\n" */
19 /* "On virtualized Linux environments, also consider using virtio-rng.\n" */
20 /* "The service will not start until enough entropy has been collected.\n", stderr); */
21 close(urandomfd);
22 return 0;
23 }
24 }
25 close(urandomfd);
26 if (sodium_init() == -1) {
27 /* logC("Panic! libsodium couldn't be initialized; it is not safe to use"); */
28 return 0;
29 }
30 return 1;
31 }
32
33 void newKeysBuf(keyst *keys) {
34 crypto_box_keypair(keys->publicKey, keys->secretKey);
35 /* logD("Public key"); */
36 /* loghex(keys->publicKey, sizeof(keys->publicKey)); */
37 /* put; */
38 /* logD("Secret key"); */
39 /* loghex(keys->secretKey, sizeof(keys->secretKey)); */
40 /* put; */
41 }
42
43 // return ciphertext (encrypted message) length
44 int selPublicEncrypt(u8 *ciphertext/*result*/, size_t csize, const u8 *msg, size_t mlen, keyst *keys) {
45 // csize is ciphertext buffer size
46 // check is there is enough space in ciphertext
47 if (csize < mlen + crypto_box_MACBYTES) return 0;
48 if (crypto_box_easy(ciphertext, msg, mlen, keys->nonce, keys->remotePublicKey, keys->secretKey) != 0) return 0;
49 return mlen + crypto_box_MACBYTES;
50 }
51
52 // return message length
53 int selPublicDecrypt(u8 *msg/*result*/, size_t msize, const u8 *ciphertext, size_t clen, keyst *keys) {
54 // msize is message buffer size
55 // check ciphertext has minimal length, the message has to be at least one byte
56 // check is there is enough space in message buffer
57 if (clen <= crypto_box_MACBYTES or msize < clen - crypto_box_MACBYTES) return 0;
58 if (crypto_box_open_easy(msg, ciphertext, clen, keys->nonce, keys->remotePublicKey, keys->secretKey) != 0) return 0;
59 return clen - crypto_box_MACBYTES;
60 }
61
62 // vim: set expandtab ts=2 sw=2: