From b03df3f7a6dc3c4e6592b37109dbdb5b754247b5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrien=20B=C3=A9raud?= <>
Date: Tue, 2 Jan 2024 15:18:44 -0500
Subject: [PATCH] aesEncrypt: allow to provide salt
---
include/opendht/crypto.h | 5 ++++-
src/crypto.cpp | 8 ++++----
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/include/opendht/crypto.h b/include/opendht/crypto.h
index 67c95f1b..e72082ea 100644
--- a/include/opendht/crypto.h
+++ b/include/opendht/crypto.h
@@ -807,8 +807,11 @@ OPENDHT_PUBLIC inline Blob aesEncrypt(const Blob& data, const Blob& key) {
* This function uses `stretchKey` to generate an AES key from the password and a random salt.
* The result is a bundle including the salt that can be decrypted with `aesDecrypt(data, password)`.
* If needed, the salt or encrypted data can be individually extracted from the bundle with `aesGetSalt` and `aesGetEncrypted`.
+ * @param data: data to encrypt
+ * @param password: password to encrypt the data with
+ * @param salt: optional salt to use for key derivation. If not provided, a random salt will be generated.
*/
-OPENDHT_PUBLIC Blob aesEncrypt(const Blob& data, std::string_view password);
+OPENDHT_PUBLIC Blob aesEncrypt(const Blob& data, std::string_view password, const Blob& salt = {});
/**
* AES-GCM decryption.
diff --git a/src/crypto.cpp b/src/crypto.cpp
index 4b6ee226..eafce169 100644
--- a/src/crypto.cpp
+++ b/src/crypto.cpp
@@ -103,11 +103,11 @@ Blob aesEncrypt(const uint8_t* data, size_t data_length, const Blob& key)
return ret;
}
-Blob aesEncrypt(const Blob& data, std::string_view password)
+Blob aesEncrypt(const Blob& data, std::string_view password, const Blob& salt)
{
- Blob salt;
- Blob key = stretchKey(password, salt, 256 / 8);
- return aesBuildEncrypted(aesEncrypt(data, key), salt);
+ Blob salt_actual = salt;
+ Blob key = stretchKey(password, salt_actual, 256 / 8);
+ return aesBuildEncrypted(aesEncrypt(data, key), salt_actual);
}
Blob aesDecrypt(const uint8_t* data, size_t data_length, const Blob& key)
--
GitLab