comparison: libidav/crypto.c
libidav/crypto.c
- changeset 260
- 26f5f817429e
- parent 237
- fd9135bc7580
- child 261
- f60d742a62a0
equal
deleted
inserted
replaced
| 259:6c8d5f8a1d6f | 260:26f5f817429e |
|---|---|
| 45 | 45 |
| 46 return dec; | 46 return dec; |
| 47 } | 47 } |
| 48 | 48 |
| 49 void aes_decrypter_init(AESDecrypter *dec) { | 49 void aes_decrypter_init(AESDecrypter *dec) { |
| 50 EVP_CIPHER_CTX_init(&dec->ctx); | 50 //EVP_CIPHER_CTX_init(&dec->ctx); |
| 51 dec->ctx = EVP_CIPHER_CTX_new(); | |
| 51 dec->init = 1; | 52 dec->init = 1; |
| 52 if(dec->key->type == DAV_KEY_AES128) { | 53 if(dec->key->type == DAV_KEY_AES128) { |
| 53 EVP_DecryptInit_ex( | 54 EVP_DecryptInit_ex( |
| 54 &dec->ctx, | 55 dec->ctx, |
| 55 EVP_aes_128_cbc(), | 56 EVP_aes_128_cbc(), |
| 56 NULL, | 57 NULL, |
| 57 dec->key->data, | 58 dec->key->data, |
| 58 dec->ivtmp); | 59 dec->ivtmp); |
| 59 } else if(dec->key->type == DAV_KEY_AES256) { | 60 } else if(dec->key->type == DAV_KEY_AES256) { |
| 60 EVP_DecryptInit_ex( | 61 EVP_DecryptInit_ex( |
| 61 &dec->ctx, | 62 dec->ctx, |
| 62 EVP_aes_256_cbc(), | 63 EVP_aes_256_cbc(), |
| 63 NULL, | 64 NULL, |
| 64 dec->key->data, | 65 dec->key->data, |
| 65 dec->ivtmp); | 66 dec->ivtmp); |
| 66 } else { | 67 } else { |
| 87 } | 88 } |
| 88 } | 89 } |
| 89 | 90 |
| 90 int outlen = len + 16; | 91 int outlen = len + 16; |
| 91 unsigned char *out = malloc(outlen); | 92 unsigned char *out = malloc(outlen); |
| 92 EVP_DecryptUpdate(&dec->ctx, out, &len, buf, len); | 93 EVP_DecryptUpdate(dec->ctx, out, &len, buf, len); |
| 93 ssize_t wlen = dec->write(out, 1, len, dec->stream); | 94 ssize_t wlen = dec->write(out, 1, len, dec->stream); |
| 94 SHA256_Update(&dec->sha256, out, wlen); | 95 SHA256_Update(&dec->sha256, out, wlen); |
| 95 free(out); | 96 free(out); |
| 96 return (s*n) / s; | 97 return (s*n) / s; |
| 97 } | 98 } |
| 98 | 99 |
| 99 void aes_decrypter_shutdown(AESDecrypter *dec) { | 100 void aes_decrypter_shutdown(AESDecrypter *dec) { |
| 100 if(dec->init) { | 101 if(dec->init) { |
| 101 void *out = malloc(128); | 102 void *out = malloc(128); |
| 102 int len = 0; | 103 int len = 0; |
| 103 EVP_DecryptFinal_ex(&dec->ctx, out, &len); | 104 EVP_DecryptFinal_ex(dec->ctx, out, &len); |
| 104 dec->write(out, 1, len, dec->stream); | 105 dec->write(out, 1, len, dec->stream); |
| 105 SHA256_Update(&dec->sha256, out, len); | 106 SHA256_Update(&dec->sha256, out, len); |
| 106 free(out); | 107 free(out); |
| 107 EVP_CIPHER_CTX_cleanup(&dec->ctx); | 108 //EVP_CIPHER_CTX_cleanup(&dec->ctx); |
| 109 EVP_CIPHER_CTX_free(dec->ctx); | |
| 108 } | 110 } |
| 109 } | 111 } |
| 110 | 112 |
| 111 void aes_decrypter_close(AESDecrypter *dec) { | 113 void aes_decrypter_close(AESDecrypter *dec) { |
| 112 free(dec); | 114 free(dec); |
| 129 enc->tmpoff = 0; | 131 enc->tmpoff = 0; |
| 130 enc->end = 0; | 132 enc->end = 0; |
| 131 enc->iv = iv; | 133 enc->iv = iv; |
| 132 enc->ivlen = 16; | 134 enc->ivlen = 16; |
| 133 | 135 |
| 134 EVP_CIPHER_CTX_init(&enc->ctx); | 136 //EVP_CIPHER_CTX_init(&enc->ctx); |
| 137 enc->ctx = EVP_CIPHER_CTX_new(); | |
| 135 if(key->type == DAV_KEY_AES128) { | 138 if(key->type == DAV_KEY_AES128) { |
| 136 EVP_EncryptInit_ex(&enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv); | 139 EVP_EncryptInit_ex(enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv); |
| 137 } else if(key->type == DAV_KEY_AES256) { | 140 } else if(key->type == DAV_KEY_AES256) { |
| 138 EVP_EncryptInit_ex(&enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv); | 141 EVP_EncryptInit_ex(enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv); |
| 139 } else { | 142 } else { |
| 140 fprintf(stderr, "unknown key type\n"); | 143 fprintf(stderr, "unknown key type\n"); |
| 141 exit(-1); | 144 exit(-1); |
| 142 } | 145 } |
| 143 return enc; | 146 return enc; |
| 175 outlen = len + 16; | 178 outlen = len + 16; |
| 176 out = malloc(outlen + ivl); | 179 out = malloc(outlen + ivl); |
| 177 if(enc->iv) { | 180 if(enc->iv) { |
| 178 memcpy(out, enc->iv, ivl); | 181 memcpy(out, enc->iv, ivl); |
| 179 } | 182 } |
| 180 EVP_EncryptUpdate(&enc->ctx, out + ivl, &outlen, in, in_len); | 183 EVP_EncryptUpdate(enc->ctx, out + ivl, &outlen, in, in_len); |
| 181 free(in); | 184 free(in); |
| 182 } else { | 185 } else { |
| 183 out = malloc(16); | 186 out = malloc(16); |
| 184 EVP_EncryptFinal_ex(&enc->ctx, out, &outlen); | 187 EVP_EncryptFinal_ex(enc->ctx, out, &outlen); |
| 185 enc->end = 1; | 188 enc->end = 1; |
| 186 free(in); | 189 free(in); |
| 187 } | 190 } |
| 188 enc->tmp = (char*)out; | 191 enc->tmp = (char*)out; |
| 189 enc->tmplen = outlen + ivl; | 192 enc->tmplen = outlen + ivl; |
| 203 free(enc->tmp); | 206 free(enc->tmp); |
| 204 } | 207 } |
| 205 if(enc->iv) { | 208 if(enc->iv) { |
| 206 free(enc->iv); | 209 free(enc->iv); |
| 207 } | 210 } |
| 208 EVP_CIPHER_CTX_cleanup(&enc->ctx); | 211 //EVP_CIPHER_CTX_cleanup(&enc->ctx); |
| 212 EVP_CIPHER_CTX_free(enc->ctx); | |
| 209 free(enc); | 213 free(enc); |
| 210 } | 214 } |
| 211 | 215 |
| 212 | 216 |
| 213 char* aes_encrypt(char *in, size_t len, DavKey *key) { | 217 char* aes_encrypt(char *in, size_t len, DavKey *key) { |
| 214 unsigned char iv[16]; | 218 unsigned char iv[16]; |
| 215 if(!RAND_bytes(iv, 16)) { | 219 if(!RAND_bytes(iv, 16)) { |
| 216 return NULL; | 220 return NULL; |
| 217 } | 221 } |
| 218 | 222 |
| 219 EVP_CIPHER_CTX ctx; | 223 //EVP_CIPHER_CTX ctx; |
| 220 EVP_CIPHER_CTX_init(&ctx); | 224 //EVP_CIPHER_CTX_init(&ctx); |
| 225 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); | |
| 221 if(key->type == DAV_KEY_AES128) { | 226 if(key->type == DAV_KEY_AES128) { |
| 222 EVP_EncryptInit_ex( | 227 EVP_EncryptInit_ex( |
| 223 &ctx, | 228 ctx, |
| 224 EVP_aes_128_cbc(), | 229 EVP_aes_128_cbc(), |
| 225 NULL, | 230 NULL, |
| 226 (unsigned char*)key->data, | 231 (unsigned char*)key->data, |
| 227 iv); | 232 iv); |
| 228 } else if(key->type == DAV_KEY_AES256) { | 233 } else if(key->type == DAV_KEY_AES256) { |
| 229 EVP_EncryptInit_ex( | 234 EVP_EncryptInit_ex( |
| 230 &ctx, | 235 ctx, |
| 231 EVP_aes_256_cbc(), | 236 EVP_aes_256_cbc(), |
| 232 NULL, | 237 NULL, |
| 233 (unsigned char*)key->data, | 238 (unsigned char*)key->data, |
| 234 iv); | 239 iv); |
| 235 } else { | 240 } else { |
| 236 EVP_CIPHER_CTX_cleanup(&ctx); | 241 //EVP_CIPHER_CTX_cleanup(&ctx); |
| 242 EVP_CIPHER_CTX_free(ctx); | |
| 237 return NULL; | 243 return NULL; |
| 238 } | 244 } |
| 239 | 245 |
| 240 //int len = strlen(in); | 246 //int len = strlen(in); |
| 241 int buflen = len + 64; | 247 int buflen = len + 64; |
| 242 unsigned char *buf = calloc(1, buflen); | 248 unsigned char *buf = calloc(1, buflen); |
| 243 memcpy(buf, iv, 16); | 249 memcpy(buf, iv, 16); |
| 244 | 250 |
| 245 int l = buflen - 16; | 251 int l = buflen - 16; |
| 246 EVP_EncryptUpdate(&ctx, buf + 16, &l, (unsigned char*)in, len); | 252 EVP_EncryptUpdate(ctx, buf + 16, &l, (unsigned char*)in, len); |
| 247 | 253 |
| 248 int f = 0; | 254 int f = 0; |
| 249 EVP_EncryptFinal_ex(&ctx, buf + 16 + l, &f); | 255 EVP_EncryptFinal_ex(ctx, buf + 16 + l, &f); |
| 250 char *out = util_base64encode((char*)buf, 16 + l + f); | 256 char *out = util_base64encode((char*)buf, 16 + l + f); |
| 251 free(buf); | 257 free(buf); |
| 252 EVP_CIPHER_CTX_cleanup(&ctx); | 258 EVP_CIPHER_CTX_free(ctx); |
| 259 //EVP_CIPHER_CTX_cleanup(&ctx); | |
| 253 | 260 |
| 254 return out; | 261 return out; |
| 255 } | 262 } |
| 256 | 263 |
| 257 char* aes_decrypt(char *in, size_t *length, DavKey *key) { | 264 char* aes_decrypt(char *in, size_t *length, DavKey *key) { |
| 258 int len; | 265 int len; |
| 259 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len); | 266 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len); |
| 260 | 267 |
| 261 EVP_CIPHER_CTX ctx; | 268 //EVP_CIPHER_CTX ctx; |
| 262 EVP_CIPHER_CTX_init(&ctx); | 269 //EVP_CIPHER_CTX_init(&ctx); |
| 270 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); | |
| 263 if(key->type == DAV_KEY_AES128) { | 271 if(key->type == DAV_KEY_AES128) { |
| 264 EVP_DecryptInit_ex( | 272 EVP_DecryptInit_ex( |
| 265 &ctx, | 273 ctx, |
| 266 EVP_aes_128_cbc(), | 274 EVP_aes_128_cbc(), |
| 267 NULL, | 275 NULL, |
| 268 key->data, | 276 key->data, |
| 269 buf); | 277 buf); |
| 270 } else if(key->type == DAV_KEY_AES256) { | 278 } else if(key->type == DAV_KEY_AES256) { |
| 271 EVP_DecryptInit_ex( | 279 EVP_DecryptInit_ex( |
| 272 &ctx, | 280 ctx, |
| 273 EVP_aes_256_cbc(), | 281 EVP_aes_256_cbc(), |
| 274 NULL, | 282 NULL, |
| 275 key->data, | 283 key->data, |
| 276 buf); | 284 buf); |
| 277 } else { | 285 } else { |
| 278 EVP_CIPHER_CTX_cleanup(&ctx); | 286 //EVP_CIPHER_CTX_cleanup(&ctx); |
| 287 EVP_CIPHER_CTX_free(ctx); | |
| 279 return NULL; | 288 return NULL; |
| 280 } | 289 } |
| 281 | 290 |
| 282 unsigned char *out = malloc(len + 1); | 291 unsigned char *out = malloc(len + 1); |
| 283 int outlen = len; | 292 int outlen = len; |
| 284 unsigned char *in_buf = buf + 16; | 293 unsigned char *in_buf = buf + 16; |
| 285 int inlen = len - 16; | 294 int inlen = len - 16; |
| 286 int f = 0; | 295 int f = 0; |
| 287 | 296 |
| 288 EVP_DecryptUpdate(&ctx, out, &outlen, in_buf, inlen); | 297 EVP_DecryptUpdate(ctx, out, &outlen, in_buf, inlen); |
| 289 EVP_DecryptFinal_ex(&ctx, out + outlen, &f); | 298 EVP_DecryptFinal_ex(ctx, out + outlen, &f); |
| 290 out[outlen + f] = '\0'; | 299 out[outlen + f] = '\0'; |
| 291 free(buf); | 300 free(buf); |
| 292 EVP_CIPHER_CTX_cleanup(&ctx); | 301 //EVP_CIPHER_CTX_cleanup(&ctx); |
| 302 EVP_CIPHER_CTX_free(ctx); | |
| 293 | 303 |
| 294 *length = outlen + f; | 304 *length = outlen + f; |
| 295 return (char*)out; | 305 return (char*)out; |
| 296 } | 306 } |
| 297 | 307 |
