crypto.c - UNIXwork Code

1 /* 2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. 3 * 4 * Copyright 2018 Olaf Wintermann. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #include <stdio.h> 30 #include <stdlib.h> 31 #include <string.h> 32 #include <fcntl.h> 33 34 #ifndef _WIN32 35 #include <unistd.h> 36 #endif 37 38 #include "utils.h" 39 40 #include "crypto.h" 41 42 /* -------------------- OpenSSL Crypto Functions -------------------- */ 43 #ifdef DAV_USE_OPENSSL 44 45 #if OPENSSL_VERSION_NUMBER < 0x10000000L 46 47 static EVP_CIPHER_CTX* create_evp_cipher_ctx() { 48 EVP_CIPHER_CTX *ctx = malloc(sizeof(EVP_CIPHER_CTX)); 49 EVP_CIPHER_CTX_init(ctx); 50 return ctx; 51 } 52 53 static void free_evp_cipher_ctx(EVP_CIPHER_CTX *ctx) { 54 EVP_CIPHER_CTX_cleanup(ctx); 55 free(ctx); 56 } 57 58 #define EVP_CIPHER_CTX_new() create_evp_cipher_ctx() 59 #define EVP_CIPHER_CTX_free(ctx) free_evp_cipher_ctx(ctx) 60 61 #endif 62 63 int dav_rand_bytes(unsigned char *buf, size_t len) { 64 return !RAND_bytes(buf, len); 65 } 66 67 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) { 68 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter)); 69 SHA256_Init(&dec->sha256); 70 dec->stream = stream; 71 dec->write = write_func; 72 dec->key = key; 73 dec->init = 0; 74 dec->ivpos = 0; 75 76 return dec; 77 } 78 79 void aes_decrypter_init(AESDecrypter *dec) { 80 //EVP_CIPHER_CTX_init(&dec->ctx); 81 dec->ctx = EVP_CIPHER_CTX_new(); 82 dec->init = 1; 83 if(dec->key->type == DAV_KEY_AES128) { 84 EVP_DecryptInit_ex( 85 dec->ctx, 86 EVP_aes_128_cbc(), 87 NULL, 88 dec->key->data, 89 dec->ivtmp); 90 } else if(dec->key->type == DAV_KEY_AES256) { 91 EVP_DecryptInit_ex( 92 dec->ctx, 93 EVP_aes_256_cbc(), 94 NULL, 95 dec->key->data, 96 dec->ivtmp); 97 } else { 98 fprintf(stderr, "unknown key type\n"); 99 exit(-1); 100 } 101 } 102 103 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) { 104 int len = s*n; 105 if(!dec->init) { 106 size_t m = 16 - dec->ivpos; 107 size_t cp = m > len ? len : m; 108 memcpy(dec->ivtmp + dec->ivpos, buf, cp); 109 dec->ivpos += cp; 110 if(dec->ivpos >= 16) { 111 aes_decrypter_init(dec); 112 } 113 if(len == cp) { 114 return len; 115 } else { 116 buf = (char*)buf + cp; 117 len -= cp; 118 } 119 } 120 121 int outlen = len + 16; 122 unsigned char *out = malloc(outlen); 123 EVP_DecryptUpdate(dec->ctx, out, &outlen, buf, len); 124 ssize_t wlen = dec->write(out, 1, outlen, dec->stream); 125 SHA256_Update(&dec->sha256, out, wlen); 126 free(out); 127 return (s*n) / s; 128 } 129 130 void aes_decrypter_shutdown(AESDecrypter *dec) { 131 if(dec->init) { 132 void *out = malloc(128); 133 int len = 0; 134 EVP_DecryptFinal_ex(dec->ctx, out, &len); 135 dec->write(out, 1, len, dec->stream); 136 SHA256_Update(&dec->sha256, out, len); 137 free(out); 138 //EVP_CIPHER_CTX_cleanup(&dec->ctx); 139 EVP_CIPHER_CTX_free(dec->ctx); 140 } 141 } 142 143 void aes_decrypter_close(AESDecrypter *dec) { 144 free(dec); 145 } 146 147 148 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) { 149 unsigned char *iv = malloc(16); 150 if(!RAND_bytes(iv, 16)) { 151 free(iv); 152 return NULL; 153 } 154 155 AESEncrypter *enc = malloc(sizeof(AESEncrypter)); 156 SHA256_Init(&enc->sha256); 157 enc->stream = stream; 158 enc->read = read_func; 159 enc->seek = seek_func; 160 enc->tmp = NULL; 161 enc->tmplen = 0; 162 enc->tmpoff = 0; 163 enc->end = 0; 164 enc->iv = iv; 165 enc->ivlen = 16; 166 167 //EVP_CIPHER_CTX_init(&enc->ctx); 168 enc->ctx = EVP_CIPHER_CTX_new(); 169 if(key->type == DAV_KEY_AES128) { 170 EVP_EncryptInit_ex(enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv); 171 } else if(key->type == DAV_KEY_AES256) { 172 EVP_EncryptInit_ex(enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv); 173 } else { 174 fprintf(stderr, "unknown key type\n"); 175 exit(-1); 176 } 177 return enc; 178 } 179 180 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) { 181 size_t len = s*n; 182 if(enc->tmp) { 183 size_t tmp_diff = enc->tmplen - enc->tmpoff; 184 size_t cp_len = tmp_diff > len ? len : tmp_diff; 185 memcpy(buf, enc->tmp + enc->tmpoff, cp_len); 186 enc->tmpoff += cp_len; 187 if(enc->tmpoff >= enc->tmplen) { 188 free(enc->tmp); 189 enc->tmp = NULL; 190 enc->tmplen = 0; 191 enc->tmpoff = 0; 192 } 193 return cp_len / s; 194 } 195 196 if(enc->end) { 197 return 0; 198 } 199 200 void *in = malloc(len); 201 size_t in_len = enc->read(in, 1, len, enc->stream); 202 203 SHA256_Update(&enc->sha256, in, in_len); 204 205 unsigned char *out = NULL; 206 int outlen = 0; 207 size_t ivl = enc->ivlen; 208 if(in_len != 0) { 209 outlen = len + 32; 210 out = malloc(outlen + ivl); 211 if(ivl > 0) { 212 memcpy(out, enc->iv, ivl); 213 } 214 EVP_EncryptUpdate(enc->ctx, out + ivl, &outlen, in, in_len); 215 // I think we don't need this 216 /* 217 if(in_len != len) { 218 int newoutlen = 16; 219 EVP_EncryptFinal_ex(enc->ctx, out + ivl + outlen, &newoutlen); 220 outlen += newoutlen; 221 enc->end = 1; 222 } 223 */ 224 } else { 225 out = malloc(16); 226 EVP_EncryptFinal_ex(enc->ctx, out, &outlen); 227 enc->end = 1; 228 } 229 enc->tmp = (char*)out; 230 enc->tmplen = outlen + ivl; 231 enc->tmpoff = 0; 232 233 if(enc->ivlen > 0) { 234 enc->ivlen = 0; 235 } 236 237 free(in); 238 239 return aes_read(buf, s, n, enc); 240 } 241 242 void aes_encrypter_close(AESEncrypter *enc) { 243 if(enc->tmp) { 244 free(enc->tmp); 245 } 246 if(enc->iv) { 247 free(enc->iv); 248 } 249 //EVP_CIPHER_CTX_cleanup(&enc->ctx); 250 EVP_CIPHER_CTX_free(enc->ctx); 251 free(enc); 252 } 253 254 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) { 255 if(origin != SEEK_SET || offset != 0 || !enc->seek) { 256 return CURL_SEEKFUNC_CANTSEEK; 257 } 258 259 enc->ivlen = 16; 260 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) { 261 return CURL_SEEKFUNC_FAIL; 262 } 263 return CURL_SEEKFUNC_OK; 264 } 265 266 267 char* aes_encrypt(const char *in, size_t len, DavKey *key) { 268 unsigned char iv[16]; 269 if(!RAND_bytes(iv, 16)) { 270 return NULL; 271 } 272 273 //EVP_CIPHER_CTX ctx; 274 //EVP_CIPHER_CTX_init(&ctx); 275 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); 276 if(key->type == DAV_KEY_AES128) { 277 EVP_EncryptInit_ex( 278 ctx, 279 EVP_aes_128_cbc(), 280 NULL, 281 (unsigned char*)key->data, 282 iv); 283 } else if(key->type == DAV_KEY_AES256) { 284 EVP_EncryptInit_ex( 285 ctx, 286 EVP_aes_256_cbc(), 287 NULL, 288 (unsigned char*)key->data, 289 iv); 290 } else { 291 //EVP_CIPHER_CTX_cleanup(&ctx); 292 EVP_CIPHER_CTX_free(ctx); 293 return NULL; 294 } 295 296 //int len = strlen(in); 297 int buflen = len + 64; 298 unsigned char *buf = calloc(1, buflen); 299 memcpy(buf, iv, 16); 300 301 int l = buflen - 16; 302 EVP_EncryptUpdate(ctx, buf + 16, &l, (unsigned char*)in, len); 303 304 int f = 0; 305 EVP_EncryptFinal_ex(ctx, buf + 16 + l, &f); 306 char *out = util_base64encode((char*)buf, 16 + l + f); 307 free(buf); 308 EVP_CIPHER_CTX_free(ctx); 309 //EVP_CIPHER_CTX_cleanup(&ctx); 310 311 return out; 312 } 313 314 char* aes_decrypt(const char *in, size_t *length, DavKey *key) { 315 int len; 316 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len); 317 318 //EVP_CIPHER_CTX ctx; 319 //EVP_CIPHER_CTX_init(&ctx); 320 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); 321 if(key->type == DAV_KEY_AES128) { 322 EVP_DecryptInit_ex( 323 ctx, 324 EVP_aes_128_cbc(), 325 NULL, 326 key->data, 327 buf); 328 } else if(key->type == DAV_KEY_AES256) { 329 EVP_DecryptInit_ex( 330 ctx, 331 EVP_aes_256_cbc(), 332 NULL, 333 key->data, 334 buf); 335 } else { 336 //EVP_CIPHER_CTX_cleanup(&ctx); 337 EVP_CIPHER_CTX_free(ctx); 338 return NULL; 339 } 340 341 unsigned char *out = malloc(len + 1); 342 int outlen = len; 343 unsigned char *in_buf = buf + 16; 344 int inlen = len - 16; 345 int f = 0; 346 347 EVP_DecryptUpdate(ctx, out, &outlen, in_buf, inlen); 348 EVP_DecryptFinal_ex(ctx, out + outlen, &f); 349 out[outlen + f] = '\0'; 350 free(buf); 351 //EVP_CIPHER_CTX_cleanup(&ctx); 352 EVP_CIPHER_CTX_free(ctx); 353 354 *length = outlen + f; 355 return (char*)out; 356 } 357 358 359 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf){ 360 SHA256_Final((unsigned char*)buf, sha256); 361 } 362 363 char* dav_create_hash(const char *data, size_t len) { 364 unsigned char hash[DAV_SHA256_DIGEST_LENGTH]; 365 DAV_SHA_CTX ctx; 366 SHA256_Init(&ctx); 367 SHA256_Update(&ctx, data, len); 368 SHA256_Final(hash, &ctx); 369 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH); 370 } 371 372 DAV_SHA_CTX* dav_hash_init(void) { 373 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX)); 374 SHA256_Init(ctx); 375 return ctx; 376 } 377 378 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) { 379 SHA256_Update(ctx, data, len); 380 } 381 382 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) { 383 SHA256_Final(buf, ctx); 384 free(ctx); 385 } 386 387 #if OPENSSL_VERSION_NUMBER < 0x10100000L 388 static int crypto_pw2key_error = 0; 389 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) { 390 if(!crypto_pw2key_error) { 391 fprintf(stderr, "Error: password key derivation not supported on this platform: openssl to old\n"); 392 crypto_pw2key_error = 1; 393 } 394 return 0; 395 } 396 397 #else 398 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) { 399 if(!password) { 400 return NULL; 401 } 402 size_t len = strlen(password); 403 if(len == 0) { 404 return NULL; 405 } 406 407 // setup key data and length 408 unsigned char keydata[32]; 409 int keylen = 32; 410 switch(enc) { 411 case DAV_KEY_AES128: keylen = 16; break; 412 case DAV_KEY_AES256: keylen = 32; break; 413 default: return NULL; 414 } 415 416 // generate key 417 switch(pwfunc) { 418 case DAV_PWFUNC_PBKDF2_SHA256: { 419 PKCS5_PBKDF2_HMAC( 420 password, 421 len, 422 salt, 423 saltlen, 424 DAV_CRYPTO_ITERATION_COUNT, 425 EVP_sha256(), 426 keylen, 427 keydata); 428 break; 429 } 430 case DAV_PWFUNC_PBKDF2_SHA512: { 431 PKCS5_PBKDF2_HMAC( 432 password, 433 len, 434 salt, 435 saltlen, 436 DAV_CRYPTO_ITERATION_COUNT, 437 EVP_sha512(), 438 keylen, 439 keydata); 440 break; 441 } 442 default: return NULL; 443 } 444 445 // create DavKey with generated data 446 DavKey *key = malloc(sizeof(DavKey)); 447 key->data = malloc(keylen); 448 key->length = keylen; 449 key->name = NULL; 450 key->type = enc; 451 memcpy(key->data, keydata, keylen); 452 return key; 453 } 454 #endif 455 456 #endif 457 458 459 /* -------------------- Apple Crypto Functions -------------------- */ 460 #ifdef DAV_CRYPTO_COMMON_CRYPTO 461 462 #define RANDOM_BUFFER_LENGTH 256 463 static char randbuf[RANDOM_BUFFER_LENGTH]; 464 static int rbufpos = RANDOM_BUFFER_LENGTH; 465 466 int dav_rand_bytes(unsigned char *buf, size_t len) { 467 if(len + rbufpos > RANDOM_BUFFER_LENGTH) { 468 int devr = open("/dev/urandom", O_RDONLY); 469 if(devr == -1) { 470 return 1; 471 } 472 473 if(read(devr, randbuf, RANDOM_BUFFER_LENGTH) < RANDOM_BUFFER_LENGTH) { 474 close(devr); 475 return 1; 476 } 477 478 rbufpos = 0; 479 if(len > RANDOM_BUFFER_LENGTH) { 480 int err = 0; 481 if(read(devr, buf, len) < len) { 482 err = 1; 483 } 484 close(devr); 485 return err; 486 } 487 488 close(devr); 489 } 490 491 char *r = randbuf; 492 memcpy(buf, r + rbufpos, len); 493 rbufpos += len; 494 495 return 0; 496 } 497 498 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) { 499 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter)); 500 CC_SHA256_Init(&dec->sha256); 501 dec->stream = stream; 502 dec->write = write_func; 503 dec->key = key; 504 dec->init = 0; 505 dec->ivpos = 0; 506 507 return dec; 508 } 509 510 511 void aes_decrypter_init(AESDecrypter *dec) { 512 //EVP_CIPHER_CTX_init(&dec->ctx); 513 dec->init = 1; 514 515 CCCryptorRef cryptor; 516 CCCryptorStatus status; 517 if(dec->key->type == DAV_KEY_AES128) { 518 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor); 519 } else if(dec->key->type == DAV_KEY_AES256) { 520 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor); 521 } else { 522 fprintf(stderr, "unknown key type\n"); 523 exit(-1); 524 } 525 dec->ctx = cryptor; 526 } 527 528 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) { 529 int len = s*n; 530 if(!dec->init) { 531 size_t n = 16 - dec->ivpos; 532 size_t cp = n > len ? len : n; 533 memcpy(dec->ivtmp + dec->ivpos, buf, cp); 534 dec->ivpos += cp; 535 if(dec->ivpos >= 16) { 536 aes_decrypter_init(dec); 537 } 538 if(len == cp) { 539 return len; 540 } else { 541 buf = (char*)buf + cp; 542 len -= cp; 543 } 544 } 545 546 int outlen = len + 16; 547 unsigned char *out = malloc(outlen); 548 549 CCCryptorStatus status; 550 size_t avail = outlen; 551 size_t moved = 0; 552 status = CCCryptorUpdate(dec->ctx, buf, len, out, avail, &moved); 553 554 ssize_t wlen = dec->write(out, 1, moved, dec->stream); 555 CC_SHA256_Update(&dec->sha256, out, wlen); 556 free(out); 557 return (s*n) / s; 558 } 559 560 void aes_decrypter_shutdown(AESDecrypter *dec) { 561 if(dec->init) { 562 void *out = malloc(128); 563 size_t len = 0; 564 //EVP_DecryptFinal_ex(dec->ctx, out, &len); 565 CCCryptorFinal(dec->ctx, out, 128, &len); 566 567 568 dec->write(out, 1, len, dec->stream); 569 CC_SHA256_Update(&dec->sha256, out, len); 570 free(out); 571 //EVP_CIPHER_CTX_cleanup(&dec->ctx); 572 //EVP_CIPHER_CTX_free(dec->ctx); 573 } 574 } 575 576 void aes_decrypter_close(AESDecrypter *dec) { 577 578 } 579 580 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) { 581 unsigned char *iv = malloc(16); 582 if(dav_rand_bytes(iv, 16)) { 583 return NULL; 584 } 585 586 CCCryptorRef cryptor; 587 CCCryptorStatus status; 588 if(key->type == DAV_KEY_AES128) { 589 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor); 590 } else if(key->type == DAV_KEY_AES256) { 591 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor); 592 } else { 593 free(iv); 594 return NULL; 595 } 596 597 AESEncrypter *enc = malloc(sizeof(AESEncrypter)); 598 enc->ctx = cryptor; 599 CC_SHA256_Init(&enc->sha256); 600 enc->stream = stream; 601 enc->read = read_func; 602 enc->seek = seek_func; 603 enc->tmp = NULL; 604 enc->tmplen = 0; 605 enc->tmpoff = 0; 606 enc->end = 0; 607 enc->iv = iv; 608 enc->ivlen = 16; 609 610 return enc; 611 } 612 613 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) { 614 size_t len = s*n; 615 if(enc->tmp) { 616 size_t tmp_diff = enc->tmplen - enc->tmpoff; 617 size_t cp_len = tmp_diff > len ? len : tmp_diff; 618 memcpy(buf, enc->tmp + enc->tmpoff, cp_len); 619 enc->tmpoff += cp_len; 620 if(enc->tmpoff >= enc->tmplen) { 621 free(enc->tmp); 622 enc->tmp = NULL; 623 enc->tmplen = 0; 624 enc->tmpoff = 0; 625 } 626 return cp_len / s; 627 } 628 629 if(enc->end) { 630 return 0; 631 } 632 633 void *in = malloc(len); 634 size_t in_len = enc->read(in, 1, len, enc->stream); 635 636 CC_SHA256_Update(&enc->sha256, in, in_len); 637 638 unsigned char *out = NULL; 639 size_t outlen = 0; 640 size_t ivl = enc->ivlen; 641 if(in_len != 0) { 642 outlen = len + 32; 643 out = malloc(outlen + ivl); 644 if(ivl > 0) { 645 memcpy(out, enc->iv, ivl); 646 } 647 648 CCCryptorStatus status; 649 size_t avail = outlen; 650 status = CCCryptorUpdate(enc->ctx, in, in_len, out + ivl, avail, &outlen); 651 // TODO: check if this still works 652 /* 653 if(in_len != len) { 654 size_t newoutlen = 16; 655 status = CCCryptorFinal(enc->ctx, out + ivl + outlen, 16, &newoutlen); 656 outlen += newoutlen; 657 enc->end = 1; 658 } 659 */ 660 } else { 661 out = malloc(32); 662 CCCryptorStatus status; 663 size_t avail = outlen; 664 status = CCCryptorFinal(enc->ctx, out, 32, &outlen); 665 enc->end = 1; 666 } 667 enc->tmp = (char*)out; 668 enc->tmplen = outlen + ivl; 669 enc->tmpoff = 0; 670 671 if(enc->ivlen > 0) { 672 enc->ivlen = 0; 673 } 674 675 free(in); 676 677 return aes_read(buf, s, n, enc); 678 } 679 680 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) { 681 if(origin != SEEK_SET || offset != 0 || !enc->seek) { 682 return CURL_SEEKFUNC_CANTSEEK; 683 } 684 685 enc->ivlen = 16; 686 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) { 687 return CURL_SEEKFUNC_FAIL; 688 } 689 return CURL_SEEKFUNC_OK; 690 } 691 692 void aes_encrypter_close(AESEncrypter *enc) { 693 if(enc->tmp) { 694 free(enc->tmp); 695 } 696 if(enc->iv) { 697 free(enc->iv); 698 } 699 // TODO: cleanup cryptor 700 free(enc); 701 } 702 703 char* aes_encrypt(const char *in, size_t len, DavKey *key) { 704 unsigned char iv[16]; 705 if(dav_rand_bytes(iv, 16)) { 706 return NULL; 707 } 708 709 CCCryptorRef cryptor; 710 CCCryptorStatus status; 711 if(key->type == DAV_KEY_AES128) { 712 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor); 713 } else if(key->type == DAV_KEY_AES256) { 714 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor); 715 } else { 716 return NULL; 717 } 718 719 if(status != kCCSuccess) { 720 return NULL; 721 } 722 723 int buflen = len + 64; 724 char *buf = calloc(1, buflen); 725 memcpy(buf, iv, 16); 726 727 int pos = 16; 728 size_t avail = buflen - 16; 729 size_t moved; 730 char *out = buf + 16; 731 732 status = CCCryptorUpdate(cryptor, in, 733 len, out, avail, 734 &moved); 735 if(status != kCCSuccess) { 736 free(buf); 737 return NULL; 738 } 739 740 pos += moved; 741 avail -= moved; 742 out += moved; 743 744 status = CCCryptorFinal(cryptor, out, avail, &moved); 745 if(status != kCCSuccess) { 746 free(buf); 747 return NULL; 748 } 749 750 pos += moved; 751 752 char *b64enc = util_base64encode(buf, pos); 753 free(buf); 754 755 return b64enc; 756 } 757 758 char* aes_decrypt(const char *in, size_t *len, DavKey *key) { 759 int inlen; 760 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen); 761 762 CCCryptorRef cryptor; 763 CCCryptorStatus status; 764 if(key->type == DAV_KEY_AES128) { 765 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor); 766 } else if(key->type == DAV_KEY_AES256) { 767 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor); 768 } else { 769 free(buf); 770 return NULL; 771 } 772 773 if(status != kCCSuccess) { 774 free(buf); 775 return NULL; 776 } 777 778 char *out = malloc(inlen + 1); 779 size_t outavail = inlen; 780 size_t outlen = 0; 781 782 unsigned char *inbuf = buf + 16; 783 inlen -= 16; 784 785 size_t moved = 0; 786 status = CCCryptorUpdate(cryptor, inbuf, inlen, out, outavail, &moved); 787 if(status != kCCSuccess) { 788 free(buf); 789 free(out); 790 // TODO cryptor 791 return NULL; 792 } 793 794 outlen += moved; 795 outavail -= moved; 796 797 status = CCCryptorFinal(cryptor, out + outlen, outavail, &moved); 798 if(status != kCCSuccess) { 799 free(buf); 800 free(out); 801 // TODO cryptor 802 return NULL; 803 } 804 805 outlen += moved; 806 out[outlen] = 0; 807 808 *len = outlen; 809 return out; 810 } 811 812 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) { 813 CC_SHA256_Final(buf, sha256); 814 } 815 816 char* dav_create_hash(const char *data, size_t len) { 817 unsigned char hash[DAV_SHA256_DIGEST_LENGTH]; 818 CC_SHA256((const unsigned char*)data, len, hash); 819 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH); 820 } 821 822 DAV_SHA_CTX* dav_hash_init(void) { 823 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX)); 824 CC_SHA256_Init(ctx); 825 return ctx; 826 } 827 828 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) { 829 CC_SHA256_Update(ctx, data, len); 830 } 831 832 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) { 833 CC_SHA256_Final(buf, ctx); 834 free(ctx); 835 } 836 837 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) { 838 if(!password) { 839 return NULL; 840 } 841 size_t len = strlen(password); 842 if(len == 0) { 843 return NULL; 844 } 845 846 // setup key data and length 847 unsigned char keydata[32]; 848 int keylen = 32; 849 switch(enc) { 850 case DAV_KEY_AES128: keylen = 16; break; 851 case DAV_KEY_AES256: keylen = 32; break; 852 default: return NULL; 853 } 854 855 // generate key 856 switch(pwfunc) { 857 case DAV_PWFUNC_PBKDF2_SHA256: { 858 int result = CCKeyDerivationPBKDF( 859 kCCPBKDF2, 860 password, 861 len, 862 salt, 863 saltlen, 864 kCCPRFHmacAlgSHA256, 865 DAV_CRYPTO_ITERATION_COUNT, 866 keydata, 867 keylen); 868 if(result) { 869 return NULL; 870 } 871 break; 872 } 873 case DAV_PWFUNC_PBKDF2_SHA512: { 874 int result = CCKeyDerivationPBKDF( 875 kCCPBKDF2, 876 password, 877 len, 878 salt, 879 saltlen, 880 kCCPRFHmacAlgSHA512, 881 DAV_CRYPTO_ITERATION_COUNT, 882 keydata, 883 keylen); 884 if(result) { 885 return NULL; 886 } 887 break; 888 } 889 default: return NULL; 890 } 891 892 // create DavKey with generated data 893 DavKey *key = malloc(sizeof(DavKey)); 894 key->data = malloc(keylen); 895 key->length = keylen; 896 key->name = NULL; 897 key->type = enc; 898 memcpy(key->data, keydata, keylen); 899 return key; 900 } 901 902 #endif 903 904 /* -------------------- Windows Crypto Functions -------------------- */ 905 #ifdef DAV_CRYPTO_CNG 906 907 static void cng_cleanup(BCRYPT_ALG_HANDLE hAesAlg, BCRYPT_KEY_HANDLE hKey, BCRYPT_HASH_HANDLE hHash, void *pbObject) { 908 if(hAesAlg) { 909 BCryptCloseAlgorithmProvider(hAesAlg,0); 910 } 911 if(hKey) { 912 BCryptDestroyKey(hKey); 913 } 914 if(hHash) { 915 BCryptDestroyHash(hHash); 916 } 917 if(pbObject) { 918 free(pbObject); 919 } 920 } 921 922 static int cng_init_key(BCRYPT_ALG_HANDLE *alg, BCRYPT_KEY_HANDLE *key, void **keyobj, DavKey *aesKey) { 923 BCRYPT_ALG_HANDLE hAesAlg = NULL; 924 BCRYPT_KEY_HANDLE hKey = NULL; 925 926 void *pbKeyObject = NULL; 927 ULONG keyObjectLength = 0; 928 929 ULONG result = 0; 930 931 // check DavKey and get AES key length 932 if(!aesKey) { 933 return 1; 934 } 935 936 ULONG aesKeyLength = 0; 937 if(aesKey->type == DAV_KEY_AES128) { 938 aesKeyLength = 16; 939 } else if(aesKey->type == DAV_KEY_AES256) { 940 aesKeyLength = 32; 941 } 942 if(aesKeyLength > aesKey->length || !aesKey->data) { 943 // invalid DavKey 944 return 1; 945 } 946 947 // initialize BCrypt stuff 948 if(BCryptOpenAlgorithmProvider(&hAesAlg, BCRYPT_AES_ALGORITHM, NULL, 0)) { 949 fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n"); 950 return 1; 951 } 952 953 if(BCryptGetProperty(hAesAlg, BCRYPT_OBJECT_LENGTH, (PUCHAR)&keyObjectLength, sizeof(DWORD), &result, 0)) { 954 fprintf(stderr, "Error: BCrypt: Cannot get BCRYPT_OBJECT_LENGTH\n"); 955 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject); 956 return 1; 957 } 958 959 if(BCryptSetProperty(hAesAlg, BCRYPT_CHAINING_MODE, (PBYTE)BCRYPT_CHAIN_MODE_CBC, sizeof(BCRYPT_CHAIN_MODE_CBC), 0)) { 960 fprintf(stderr, "Error: BCrypt: Cannot set CBC mode\n"); 961 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject); 962 return 1; 963 } 964 965 pbKeyObject = calloc(1, keyObjectLength); 966 if(!pbKeyObject) { 967 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject); 968 return 1; 969 } 970 971 // init key 972 if(BCryptGenerateSymmetricKey(hAesAlg, &hKey, pbKeyObject, keyObjectLength, aesKey->data, aesKeyLength, 0)) { 973 fprintf(stderr, "Error: BCrypt: Cannot set key\n"); 974 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject); 975 return 1; 976 } 977 978 *alg = hAesAlg; 979 *key = hKey; 980 *keyobj = pbKeyObject; 981 982 return 0; 983 } 984 985 static int cng_hash_init(WinBCryptSHACTX *ctx) { 986 if(BCryptOpenAlgorithmProvider(&ctx->hAlg, BCRYPT_SHA256_ALGORITHM, NULL, 0)) { 987 fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n"); 988 return 1; 989 } 990 991 ULONG hashObjectLen; 992 ULONG result; 993 if(BCryptGetProperty(ctx->hAlg, BCRYPT_OBJECT_LENGTH, (PBYTE)&hashObjectLen, sizeof(DWORD), &result, 0)) { 994 cng_cleanup(ctx->hAlg, NULL, NULL, NULL); 995 return 1; 996 } 997 998 ctx->pbHashObject = calloc(1, hashObjectLen); 999 1000 if(BCryptCreateHash(ctx->hAlg, &ctx->hHash, ctx->pbHashObject, hashObjectLen, NULL, 0, 0)) { 1001 cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject); 1002 return 1; 1003 } 1004 1005 return 0; 1006 } 1007 1008 1009 int dav_rand_bytes(unsigned char *buf, size_t len) { 1010 if(BCryptGenRandom(NULL, (unsigned char*)buf, (ULONG)len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) { 1011 return 1; 1012 } 1013 return 0; 1014 } 1015 1016 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) { 1017 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter)); 1018 if(!dec) { 1019 return NULL; 1020 } 1021 if(cng_hash_init(&dec->sha256)) { 1022 free(dec); 1023 return NULL; 1024 } 1025 1026 dec->stream = stream; 1027 dec->write = write_func; 1028 dec->key = key; 1029 dec->init = 0; 1030 dec->ivpos = 0; 1031 1032 return dec; 1033 } 1034 1035 static void aes_decrypter_init(AESDecrypter *dec) { 1036 if(cng_init_key(&dec->ctx.hAlg, &dec->ctx.hKey, &dec->ctx.pbKeyObject, dec->key)) { 1037 fprintf(stderr, "Error: cng_init_key failed\n"); 1038 exit(-1); 1039 } 1040 // copy iv 1041 memcpy(dec->ctx.pbIV, dec->ivtmp, 16); 1042 } 1043 1044 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) { 1045 int len = s*n; 1046 if(!dec->init) { 1047 dec->init = 1; 1048 1049 size_t n = 16 - dec->ivpos; 1050 size_t cp = n > len ? len : n; 1051 memcpy(dec->ivtmp + dec->ivpos, buf, cp); 1052 dec->ivpos += cp; 1053 if(dec->ivpos >= 16) { 1054 aes_decrypter_init(dec); 1055 } 1056 if(len == cp) { 1057 return len; 1058 } else { 1059 buf = (char*)buf + cp; 1060 len -= cp; 1061 } 1062 } 1063 1064 // the cipher text must be a multiply of 16 1065 // remaining bytes are stored in ctx.buf and must be added to cibuf 1066 // the next time 1067 size_t cbufalloc = len + 64; 1068 ULONG clen = 0; 1069 char *cbuf = malloc(cbufalloc); 1070 1071 // add previous remaining bytes 1072 if(dec->ctx.buflen > 0) { 1073 memcpy(cbuf, dec->ctx.buf, dec->ctx.buflen); 1074 clen = dec->ctx.buflen; 1075 } 1076 // add current bytes 1077 memcpy(cbuf + clen, buf, len); 1078 clen += len; 1079 1080 // check if the message fits the blocksize 1081 int remaining = clen % 16; 1082 if(remaining == 0) { 1083 // decrypt last block next time, or in aes_decrypter_shutdown 1084 // this makes sure, that shutdown always decrypts the last block 1085 // with BCRYPT_BLOCK_PADDING flag 1086 remaining = 16; 1087 } 1088 1089 // add remaining bytes to ctx.buf for the next aes_write run 1090 clen -= remaining; 1091 memcpy(dec->ctx.buf, cbuf + clen, remaining); 1092 dec->ctx.buflen = remaining; 1093 1094 // ready to decrypt the message 1095 ULONG outlen = clen + 32; 1096 1097 // decrypt 1098 if(clen > 0) { 1099 unsigned char* out = malloc(outlen); 1100 1101 ULONG enc_len = 0; 1102 ULONG status = BCryptDecrypt(dec->ctx.hKey, cbuf, clen, NULL, dec->ctx.pbIV, 16, out, outlen, &enc_len, 0); 1103 if(status > 0) { 1104 fprintf(stderr, "Error: BCryptDecrypt failed: 0x%X\n", status); 1105 free(out); 1106 free(cbuf); 1107 return 0; 1108 } 1109 outlen = enc_len; 1110 1111 // write decrypted data to the output stream and update the hash 1112 dec->write(out, 1, outlen, dec->stream); 1113 BCryptHashData(dec->sha256.hHash, out, outlen, 0); 1114 1115 free(out); 1116 } 1117 1118 free(cbuf); 1119 1120 return (s*n) / s; 1121 } 1122 1123 void aes_decrypter_shutdown(AESDecrypter *dec) { 1124 if(dec->init && dec->ctx.buflen > 0) { 1125 ULONG outlen = 64; 1126 char out[64]; 1127 if(BCryptDecrypt(dec->ctx.hKey, dec->ctx.buf, dec->ctx.buflen, NULL, dec->ctx.pbIV, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) { 1128 fprintf(stderr, "Error: BCryptDecrypt failed\n"); 1129 return; 1130 } 1131 dec->write(out, 1, outlen, dec->stream); 1132 BCryptHashData(dec->sha256.hHash, out, outlen, 0); 1133 } 1134 } 1135 1136 void aes_decrypter_close(AESDecrypter *dec) { 1137 cng_cleanup(dec->ctx.hAlg, dec->ctx.hKey, NULL, dec->ctx.pbKeyObject); 1138 cng_cleanup(dec->sha256.hAlg, NULL, dec->sha256.hHash, dec->sha256.pbHashObject); 1139 free(dec); 1140 } 1141 1142 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) { 1143 unsigned char *iv = malloc(16); 1144 if(dav_rand_bytes(iv, 16)) { 1145 free(iv); 1146 return NULL; 1147 } 1148 1149 AESEncrypter *enc = calloc(1, sizeof(AESEncrypter)); 1150 if(cng_hash_init(&enc->sha256)) { 1151 free(iv); 1152 free(enc); 1153 return NULL; 1154 } 1155 1156 enc->stream = stream; 1157 enc->read = read_func; 1158 enc->seek = seek_func; 1159 enc->tmp = NULL; 1160 enc->tmplen = 0; 1161 enc->tmpoff = 0; 1162 enc->end = 0; 1163 enc->iv = iv; 1164 enc->ivlen = 0; 1165 1166 if(cng_init_key(&enc->ctx.hAlg, &enc->ctx.hKey, &enc->ctx.pbKeyObject, key)) { 1167 fprintf(stderr, "Error: cng_init_key failed\n"); 1168 exit(-1); 1169 } 1170 1171 enc->ctx.buflen = 0; 1172 memcpy(enc->ctx.pbIV, iv, 16); 1173 1174 return enc; 1175 } 1176 1177 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) { 1178 size_t len = s*n; 1179 size_t nread = 0; 1180 1181 if(enc->tmp) { 1182 // the temp buffer contains bytes that are already encrypted, but 1183 // the last aes_read had not enough read buffer space 1184 1185 // in case we have a tmp buf, we just return this 1186 size_t tmp_diff = enc->tmplen - enc->tmpoff; 1187 size_t cp_len = tmp_diff > len ? len : tmp_diff; 1188 memcpy(buf, enc->tmp + enc->tmpoff, cp_len); 1189 enc->tmpoff += cp_len; 1190 if(enc->tmpoff >= enc->tmplen) { 1191 free(enc->tmp); 1192 enc->tmp = NULL; 1193 enc->tmplen = 0; 1194 enc->tmpoff = 0; 1195 } 1196 return cp_len / s; 1197 } 1198 1199 if(enc->ivlen < 16) { 1200 size_t copy_iv_len = 16 - enc->ivlen; 1201 copy_iv_len = len > copy_iv_len ? copy_iv_len : len; 1202 1203 memcpy(buf, enc->iv, copy_iv_len); 1204 (char*)buf += copy_iv_len; 1205 len -= copy_iv_len; 1206 nread = copy_iv_len; 1207 1208 enc->ivlen += copy_iv_len; 1209 1210 if(len == 0) { 1211 return copy_iv_len / s; 1212 } 1213 } 1214 1215 if(enc->end) { 1216 return 0; 1217 } 1218 1219 size_t remaining = len % 16; 1220 len -= remaining; 1221 1222 if(len > 256) { 1223 len -= 16; // optimization for avoiding tmp buffer usage 1224 } 1225 1226 size_t inalloc = len; 1227 ULONG inlen = 0; 1228 unsigned char *in = malloc(inalloc); 1229 1230 // fill the input buffer 1231 while(inlen < inalloc) { 1232 size_t r = enc->read(in + inlen, 1, inalloc - inlen, enc->stream); 1233 if(r == 0) { 1234 enc->end = 1; 1235 break; 1236 } 1237 inlen += r; 1238 } 1239 1240 if(inlen == 0) { 1241 return nread / s; 1242 } 1243 1244 // hash read data 1245 BCryptHashData(enc->sha256.hHash, in, inlen, 0); 1246 1247 // create output buffer 1248 ULONG outalloc = inlen + 16; 1249 ULONG outlen = 0; 1250 char *out = malloc(outalloc); 1251 1252 // encrypt 1253 int flags = 0; 1254 if(inlen % 16 != 0) { 1255 enc->end = 1; 1256 } 1257 if(enc->end) { 1258 flags = BCRYPT_BLOCK_PADDING; 1259 } 1260 if(BCryptEncrypt(enc->ctx.hKey, in, inlen, NULL, enc->ctx.pbIV, 16, out, outalloc, &outlen, flags)) { 1261 fprintf(stderr, "Error: BCryptEncrypt failed\n"); 1262 } 1263 1264 // check if the output fits in buf, if not, save the remaining bytes in tmp 1265 if(outlen > len) { 1266 size_t tmplen = outlen - len; 1267 char *tmp = malloc(tmplen); 1268 memcpy(tmp, out+len, tmplen); 1269 1270 enc->tmp = tmp; 1271 enc->tmplen = tmplen; 1272 enc->tmpoff = 0; 1273 1274 outlen = len; 1275 } 1276 1277 // fill read buffer and return 1278 memcpy(buf, out, outlen); 1279 nread += outlen; 1280 1281 free(in); 1282 free(out); 1283 1284 return nread / s; 1285 } 1286 1287 void aes_encrypter_close(AESEncrypter *enc) { 1288 enc->end = 1; 1289 } 1290 1291 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) { 1292 if(origin != SEEK_SET || offset != 0 || !enc->seek) { 1293 return CURL_SEEKFUNC_CANTSEEK; 1294 } 1295 1296 enc->ivlen = 0; 1297 memcpy(enc->ctx.pbIV, enc->iv, 16); 1298 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) { 1299 return CURL_SEEKFUNC_FAIL; 1300 } 1301 return CURL_SEEKFUNC_OK; 1302 } 1303 1304 char* aes_encrypt(const char *in, size_t len, DavKey *key) { 1305 // create random IV 1306 char iv[16]; 1307 if(dav_rand_bytes(iv, 16)) { 1308 return NULL; 1309 } 1310 1311 // initialize bcrypt stuff 1312 BCRYPT_ALG_HANDLE hAlg = NULL; 1313 BCRYPT_KEY_HANDLE hKey = NULL; 1314 void *pbKeyObject = NULL; 1315 if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) { 1316 return NULL; 1317 } 1318 1319 // create output buffer 1320 ULONG outlen = len + 128; 1321 char *out = malloc(outlen); 1322 1323 // the output must start with the IV 1324 memcpy(out, iv, 16); 1325 char *encbuf = out + 16; 1326 ULONG enclen = outlen - 16; 1327 ULONG encoutlen = 0; 1328 1329 // encrypt 1330 if(BCryptEncrypt(hKey, (PUCHAR)in, len, NULL, (PUCHAR)iv, 16, encbuf, enclen, &encoutlen, BCRYPT_BLOCK_PADDING)) { 1331 fprintf(stderr, "Error: BCryptEncrypt failed\n"); 1332 cng_cleanup(hAlg, hKey, NULL, pbKeyObject); 1333 free(out); 1334 return NULL; 1335 } 1336 1337 outlen = encoutlen + 16; // length of encrypted data + 16 bytes IV 1338 1339 // base64 encode 1340 char *outstr = util_base64encode(out, outlen); 1341 1342 cng_cleanup(hAlg, hKey, NULL, pbKeyObject); 1343 free(out); 1344 1345 return outstr; 1346 } 1347 1348 char* aes_decrypt(const char *in, size_t *len, DavKey *key) { 1349 BCRYPT_ALG_HANDLE hAlg = NULL; 1350 BCRYPT_KEY_HANDLE hKey = NULL; 1351 void *pbKeyObject = NULL; 1352 if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) { 1353 return NULL; 1354 } 1355 1356 int inlen; 1357 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen); 1358 if(inlen < 16 || !buf) { 1359 cng_cleanup(hAlg, hKey, NULL, pbKeyObject); 1360 if(buf) { 1361 free(buf); 1362 } 1363 return NULL; 1364 } 1365 1366 // encrypted data starts with IV 1367 char iv[16]; 1368 memcpy(iv, buf, 16); 1369 1370 // decrypt data 1371 char *data = buf + 16; // encrypted data starts after IV 1372 size_t datalen = inlen - 16; 1373 1374 // create output buffer 1375 ULONG outlen = inlen; 1376 char *out = malloc(outlen + 1); 1377 1378 // decrypt 1379 if(BCryptDecrypt(hKey, data, datalen, NULL, iv, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) { 1380 cng_cleanup(hAlg, hKey, NULL, pbKeyObject); 1381 free(out); 1382 free(buf); 1383 return NULL; 1384 } 1385 1386 // decrypt finished, return 1387 out[outlen] = 0; 1388 *len = (size_t)outlen; 1389 return out; 1390 } 1391 1392 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) { 1393 BCryptFinishHash(sha256->hHash, buf, DAV_SHA256_DIGEST_LENGTH, 0); 1394 } 1395 1396 1397 char* dav_create_hash(const char *data, size_t len) { 1398 unsigned char hash[DAV_SHA256_DIGEST_LENGTH]; 1399 DAV_SHA_CTX *ctx = dav_hash_init(); 1400 if(ctx) { 1401 dav_hash_update(ctx, data, len); 1402 dav_hash_final(ctx, hash); 1403 } 1404 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH); 1405 } 1406 1407 DAV_SHA_CTX* dav_hash_init(void) { 1408 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX)); 1409 if(!ctx) { 1410 return NULL; 1411 } 1412 if(cng_hash_init(ctx)) { 1413 free(ctx); 1414 return NULL; 1415 } 1416 return ctx; 1417 } 1418 1419 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) { 1420 BCryptHashData(ctx->hHash, (PUCHAR)data, len, 0); 1421 } 1422 1423 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) { 1424 BCryptFinishHash(ctx->hHash, (PUCHAR)buf, DAV_SHA256_DIGEST_LENGTH, 0); 1425 1426 // cleanup 1427 cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject); 1428 free(ctx); 1429 } 1430 1431 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) { 1432 if(!password) { 1433 return NULL; 1434 } 1435 size_t len = strlen(password); 1436 if(len == 0) { 1437 return NULL; 1438 } 1439 1440 // setup key data and length 1441 unsigned char keydata[128]; 1442 int keylen = 32; 1443 switch(enc) { 1444 case DAV_KEY_AES128: keylen = 16; break; 1445 case DAV_KEY_AES256: keylen = 32; break; 1446 default: return NULL; 1447 } 1448 1449 LPCWSTR algid; 1450 switch(pwfunc) { 1451 case DAV_PWFUNC_PBKDF2_SHA256: algid = BCRYPT_SHA256_ALGORITHM; break; 1452 case DAV_PWFUNC_PBKDF2_SHA512: algid = BCRYPT_SHA512_ALGORITHM; break; 1453 default: return NULL; 1454 } 1455 1456 // open algorithm provider 1457 BCRYPT_ALG_HANDLE hAlg; 1458 ULONG status = BCryptOpenAlgorithmProvider(&hAlg, algid, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG); 1459 if(status > 0) { 1460 fprintf(stderr, "Error: dav_pw2key: BCryptOpenAlgorithmProvider failed: 0x%X\n", (unsigned int)status); 1461 return NULL; 1462 } 1463 1464 // derive key 1465 status = BCryptDeriveKeyPBKDF2( 1466 hAlg, 1467 (PUCHAR)password, 1468 len, 1469 (PUCHAR)salt, 1470 saltlen, 1471 DAV_CRYPTO_ITERATION_COUNT, 1472 keydata, 1473 128, 1474 0); 1475 1476 BCryptCloseAlgorithmProvider(hAlg,0); 1477 1478 if(status) { 1479 fprintf(stderr, "Error: dav_pw2key: BCryptDeriveKeyPBKDF2 failed: 0x%X\n", (unsigned int)status); 1480 return NULL; 1481 } 1482 1483 // create DavKey with generated data 1484 DavKey *key = malloc(sizeof(DavKey)); 1485 key->data = malloc(keylen); 1486 key->length = keylen; 1487 key->name = NULL; 1488 key->type = enc; 1489 memcpy(key->data, keydata, keylen); 1490 return key; 1491 } 1492 #endif 1493 1494 1495 1496 CxBuffer* aes_encrypt_buffer(CxBuffer *in, DavKey *key) { 1497 CxBuffer *encbuf = cxBufferCreate(NULL, in->size, cxDefaultAllocator, CX_BUFFER_FREE_CONTENTS|CX_BUFFER_AUTO_EXTEND); 1498 if(!encbuf) { 1499 return NULL; 1500 } 1501 1502 AESEncrypter *enc = aes_encrypter_new( 1503 key, 1504 in, 1505 (dav_read_func)cxBufferRead, 1506 NULL); 1507 if(!enc) { 1508 cxBufferFree(encbuf); 1509 return NULL; 1510 } 1511 1512 char buf[1024]; 1513 size_t r; 1514 while((r = aes_read(buf, 1, 1024, enc)) > 0) { 1515 cxBufferWrite(buf, 1, r, encbuf); 1516 } 1517 aes_encrypter_close(enc); 1518 1519 encbuf->pos = 0; 1520 return encbuf; 1521 } 1522 1523 CxBuffer* aes_decrypt_buffer(CxBuffer *in, DavKey *key) { 1524 CxBuffer *decbuf = cxBufferCreate(NULL, in->size, cxDefaultAllocator, CX_BUFFER_FREE_CONTENTS|CX_BUFFER_AUTO_EXTEND); 1525 if(!decbuf) { 1526 return NULL; 1527 } 1528 AESDecrypter *dec = aes_decrypter_new( 1529 key, 1530 decbuf, 1531 (dav_write_func)cxBufferWrite); 1532 if(!dec) { 1533 cxBufferFree(decbuf); 1534 return NULL; 1535 } 1536 1537 aes_write(in->space, 1, in->size, dec); 1538 aes_decrypter_shutdown(dec); 1539 aes_decrypter_close(dec); 1540 decbuf->pos = 0; 1541 return decbuf; 1542 } 1543

UNIXworkcode

UNIXwork`code`