Mercurial > hg > dav / annotate

libidav/crypto.c@e0358fa1a3b1 (annotated)

libidav/crypto.c

Sun, 08 Aug 2021 12:45:31 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sun, 08 Aug 2021 12:45:31 +0200
changeset 731
e0358fa1a3b1
parent 728
35a421f441d5
child 747
efbd59642577
permissions
-rw-r--r--

implement secretstore unlock command

40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
1 /*
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
3 *
404
5c08b8e14df8 updates copyright notice
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 367
diff changeset
4 * Copyright 2018 Olaf Wintermann. All rights reserved.
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
5 *
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
6 * Redistribution and use in source and binary forms, with or without
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
7 * modification, are permitted provided that the following conditions are met:
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
8 *
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
9 * 1. Redistributions of source code must retain the above copyright
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
10 * notice, this list of conditions and the following disclaimer.
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
11 *
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
12 * 2. Redistributions in binary form must reproduce the above copyright
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
13 * notice, this list of conditions and the following disclaimer in the
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
14 * documentation and/or other materials provided with the distribution.
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
15 *
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
26 * POSSIBILITY OF SUCH DAMAGE.
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
27 */
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
28
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
29 #include <stdio.h>
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
30 #include <stdlib.h>
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
31 #include <string.h>
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
32 #include <unistd.h>
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
33 #include <fcntl.h>
506
ceed7714846a fixes crash in dav-sync archive command when trying to remove resources from the db
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 505
diff changeset
34 #include "utils.h"
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
35
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
36 #include "crypto.h"
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
37
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
38 /* -------------------- OpenSSL Crypto Functions -------------------- */
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
39 #ifdef DAV_USE_OPENSSL
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
40
625
e1a85fbf68f9 add more dav-sync pull tests
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 624
diff changeset
41 #if OPENSSL_VERSION_NUMBER < 0x10000000L
261
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
42
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
43 static EVP_CIPHER_CTX* create_evp_cipher_ctx() {
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
44 EVP_CIPHER_CTX *ctx = malloc(sizeof(EVP_CIPHER_CTX));
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
45 EVP_CIPHER_CTX_init(ctx);
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
46 return ctx;
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
47 }
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
48
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
49 static void free_evp_cipher_ctx(EVP_CIPHER_CTX *ctx) {
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
50 EVP_CIPHER_CTX_cleanup(ctx);
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
51 free(ctx);
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
52 }
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
53
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
54 #define EVP_CIPHER_CTX_new() create_evp_cipher_ctx()
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
55 #define EVP_CIPHER_CTX_free(ctx) free_evp_cipher_ctx(ctx)
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
56
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
57 #endif
f60d742a62a0 fixes build with ancient openssl
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 260
diff changeset
58
470
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
59 int dav_rand_bytes(unsigned char *buf, size_t len) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
60 return !RAND_bytes(buf, len);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
61 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
62
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
63 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
207
de23f8881e9f fixed hash verification and head requests
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 185
diff changeset
64 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
65 SHA256_Init(&dec->sha256);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
66 dec->stream = stream;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
67 dec->write = write_func;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
68 dec->key = key;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
69 dec->init = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
70 dec->ivpos = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
71
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
72 return dec;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
73 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
74
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
75 void aes_decrypter_init(AESDecrypter *dec) {
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
76 //EVP_CIPHER_CTX_init(&dec->ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
77 dec->ctx = EVP_CIPHER_CTX_new();
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
78 dec->init = 1;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
79 if(dec->key->type == DAV_KEY_AES128) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
80 EVP_DecryptInit_ex(
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
81 dec->ctx,
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
82 EVP_aes_128_cbc(),
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
83 NULL,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
84 dec->key->data,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
85 dec->ivtmp);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
86 } else if(dec->key->type == DAV_KEY_AES256) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
87 EVP_DecryptInit_ex(
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
88 dec->ctx,
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
89 EVP_aes_256_cbc(),
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
90 NULL,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
91 dec->key->data,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
92 dec->ivtmp);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
93 } else {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
94 fprintf(stderr, "unknown key type\n");
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
95 exit(-1);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
96 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
97 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
98
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
99 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
100 int len = s*n;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
101 if(!dec->init) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
102 size_t n = 16 - dec->ivpos;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
103 size_t cp = n > len ? len : n;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
104 memcpy(dec->ivtmp + dec->ivpos, buf, cp);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
105 dec->ivpos += cp;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
106 if(dec->ivpos >= 16) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
107 aes_decrypter_init(dec);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
108 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
109 if(len == cp) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
110 return len;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
111 } else {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
112 buf = (char*)buf + cp;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
113 len -= cp;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
114 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
115 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
116
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
117 int outlen = len + 16;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
118 unsigned char *out = malloc(outlen);
470
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
119 EVP_DecryptUpdate(dec->ctx, out, &outlen, buf, len);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
120 ssize_t wlen = dec->write(out, 1, outlen, dec->stream);
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
121 SHA256_Update(&dec->sha256, out, wlen);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
122 free(out);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
123 return (s*n) / s;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
124 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
125
207
de23f8881e9f fixed hash verification and head requests
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 185
diff changeset
126 void aes_decrypter_shutdown(AESDecrypter *dec) {
237
fd9135bc7580 fixed crash when encrypted streams are empty
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 207
diff changeset
127 if(dec->init) {
fd9135bc7580 fixed crash when encrypted streams are empty
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 207
diff changeset
128 void *out = malloc(128);
fd9135bc7580 fixed crash when encrypted streams are empty
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 207
diff changeset
129 int len = 0;
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
130 EVP_DecryptFinal_ex(dec->ctx, out, &len);
237
fd9135bc7580 fixed crash when encrypted streams are empty
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 207
diff changeset
131 dec->write(out, 1, len, dec->stream);
fd9135bc7580 fixed crash when encrypted streams are empty
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 207
diff changeset
132 SHA256_Update(&dec->sha256, out, len);
fd9135bc7580 fixed crash when encrypted streams are empty
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 207
diff changeset
133 free(out);
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
134 //EVP_CIPHER_CTX_cleanup(&dec->ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
135 EVP_CIPHER_CTX_free(dec->ctx);
237
fd9135bc7580 fixed crash when encrypted streams are empty
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 207
diff changeset
136 }
207
de23f8881e9f fixed hash verification and head requests
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 185
diff changeset
137 }
de23f8881e9f fixed hash verification and head requests
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 185
diff changeset
138
de23f8881e9f fixed hash verification and head requests
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 185
diff changeset
139 void aes_decrypter_close(AESDecrypter *dec) {
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
140 free(dec);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
141 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
142
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
143
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
144 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
145 unsigned char *iv = malloc(16);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
146 if(!RAND_bytes(iv, 16)) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
147 free(iv);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
148 return NULL;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
149 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
150
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
151 AESEncrypter *enc = malloc(sizeof(AESEncrypter));
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
152 SHA256_Init(&enc->sha256);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
153 enc->stream = stream;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
154 enc->read = read_func;
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
155 enc->seek = seek_func;
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
156 enc->tmp = NULL;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
157 enc->tmplen = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
158 enc->tmpoff = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
159 enc->end = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
160 enc->iv = iv;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
161 enc->ivlen = 16;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
162
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
163 //EVP_CIPHER_CTX_init(&enc->ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
164 enc->ctx = EVP_CIPHER_CTX_new();
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
165 if(key->type == DAV_KEY_AES128) {
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
166 EVP_EncryptInit_ex(enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
167 } else if(key->type == DAV_KEY_AES256) {
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
168 EVP_EncryptInit_ex(enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
169 } else {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
170 fprintf(stderr, "unknown key type\n");
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
171 exit(-1);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
172 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
173 return enc;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
174 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
175
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
176 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
177 size_t len = s*n;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
178 if(enc->tmp) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
179 size_t tmp_diff = enc->tmplen - enc->tmpoff;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
180 size_t cp_len = tmp_diff > len ? len : tmp_diff;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
181 memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
182 enc->tmpoff += cp_len;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
183 if(enc->tmpoff >= enc->tmplen) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
184 free(enc->tmp);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
185 enc->tmp = NULL;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
186 enc->tmplen = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
187 enc->tmpoff = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
188 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
189 return cp_len / s;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
190 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
191
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
192 if(enc->end) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
193 return 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
194 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
195
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
196 void *in = malloc(len);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
197 size_t in_len = enc->read(in, 1, len, enc->stream);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
198
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
199 SHA256_Update(&enc->sha256, in, in_len);
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
200
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
201 unsigned char *out = NULL;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
202 int outlen = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
203 size_t ivl = enc->ivlen;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
204 if(in_len != 0) {
459
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
205 outlen = len + 32;
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
206 out = malloc(outlen + ivl);
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
207 if(ivl > 0) {
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
208 memcpy(out, enc->iv, ivl);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
209 }
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
210 EVP_EncryptUpdate(enc->ctx, out + ivl, &outlen, in, in_len);
728
35a421f441d5 add stream API
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 692
diff changeset
211 // I think we don't need this
35a421f441d5 add stream API
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 692
diff changeset
212 /*
459
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
213 if(in_len != len) {
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
214 int newoutlen = 16;
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
215 EVP_EncryptFinal_ex(enc->ctx, out + ivl + outlen, &newoutlen);
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
216 outlen += newoutlen;
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
217 enc->end = 1;
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
218 }
728
35a421f441d5 add stream API
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 692
diff changeset
219 */
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
220 } else {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
221 out = malloc(16);
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
222 EVP_EncryptFinal_ex(enc->ctx, out, &outlen);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
223 enc->end = 1;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
224 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
225 enc->tmp = (char*)out;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
226 enc->tmplen = outlen + ivl;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
227 enc->tmpoff = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
228
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
229 if(enc->ivlen > 0) {
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
230 enc->ivlen = 0;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
231 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
232
459
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
233 free(in);
2c112cbaa08e aes encrypter: fixes case where EVP_EncryptFinal_ex was not called at the stream end
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 404
diff changeset
234
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
235 return aes_read(buf, s, n, enc);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
236 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
237
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
238 void aes_encrypter_close(AESEncrypter *enc) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
239 if(enc->tmp) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
240 free(enc->tmp);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
241 }
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
242 if(enc->iv) {
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
243 free(enc->iv);
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
244 }
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
245 //EVP_CIPHER_CTX_cleanup(&enc->ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
246 EVP_CIPHER_CTX_free(enc->ctx);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
247 free(enc);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
248 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
249
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
250 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) {
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
251 if(origin != SEEK_SET || offset != 0 || !enc->seek) {
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
252 return CURL_SEEKFUNC_CANTSEEK;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
253 }
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
254
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
255 enc->ivlen = 16;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
256 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
257 return CURL_SEEKFUNC_FAIL;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
258 }
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
259 return CURL_SEEKFUNC_OK;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
260 }
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
261
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
262
505
481802342fdf ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 488
diff changeset
263 char* aes_encrypt(const char *in, size_t len, DavKey *key) {
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
264 unsigned char iv[16];
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
265 if(!RAND_bytes(iv, 16)) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
266 return NULL;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
267 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
268
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
269 //EVP_CIPHER_CTX ctx;
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
270 //EVP_CIPHER_CTX_init(&ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
271 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
272 if(key->type == DAV_KEY_AES128) {
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
273 EVP_EncryptInit_ex(
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
274 ctx,
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
275 EVP_aes_128_cbc(),
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
276 NULL,
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
277 (unsigned char*)key->data,
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
278 iv);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
279 } else if(key->type == DAV_KEY_AES256) {
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
280 EVP_EncryptInit_ex(
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
281 ctx,
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
282 EVP_aes_256_cbc(),
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
283 NULL,
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
284 (unsigned char*)key->data,
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
285 iv);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
286 } else {
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
287 //EVP_CIPHER_CTX_cleanup(&ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
288 EVP_CIPHER_CTX_free(ctx);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
289 return NULL;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
290 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
291
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
292 //int len = strlen(in);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
293 int buflen = len + 64;
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
294 unsigned char *buf = calloc(1, buflen);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
295 memcpy(buf, iv, 16);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
296
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
297 int l = buflen - 16;
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
298 EVP_EncryptUpdate(ctx, buf + 16, &l, (unsigned char*)in, len);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
299
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
300 int f = 0;
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
301 EVP_EncryptFinal_ex(ctx, buf + 16 + l, &f);
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
302 char *out = util_base64encode((char*)buf, 16 + l + f);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
303 free(buf);
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
304 EVP_CIPHER_CTX_free(ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
305 //EVP_CIPHER_CTX_cleanup(&ctx);
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
306
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
307 return out;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
308 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
309
505
481802342fdf ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 488
diff changeset
310 char* aes_decrypt(const char *in, size_t *length, DavKey *key) {
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
311 int len;
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
312 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
313
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
314 //EVP_CIPHER_CTX ctx;
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
315 //EVP_CIPHER_CTX_init(&ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
316 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
317 if(key->type == DAV_KEY_AES128) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
318 EVP_DecryptInit_ex(
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
319 ctx,
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
320 EVP_aes_128_cbc(),
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
321 NULL,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
322 key->data,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
323 buf);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
324 } else if(key->type == DAV_KEY_AES256) {
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
325 EVP_DecryptInit_ex(
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
326 ctx,
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
327 EVP_aes_256_cbc(),
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
328 NULL,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
329 key->data,
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
330 buf);
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
331 } else {
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
332 //EVP_CIPHER_CTX_cleanup(&ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
333 EVP_CIPHER_CTX_free(ctx);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
334 return NULL;
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
335 }
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
336
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
337 unsigned char *out = malloc(len + 1);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
338 int outlen = len;
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
339 unsigned char *in_buf = buf + 16;
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
340 int inlen = len - 16;
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
341 int f = 0;
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
342
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
343 EVP_DecryptUpdate(ctx, out, &outlen, in_buf, inlen);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
344 EVP_DecryptFinal_ex(ctx, out + outlen, &f);
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
345 out[outlen + f] = '\0';
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
346 free(buf);
260
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
347 //EVP_CIPHER_CTX_cleanup(&ctx);
26f5f817429e fixes build with openssl 1.1
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 237
diff changeset
348 EVP_CIPHER_CTX_free(ctx);
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
349
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
350 *length = outlen + f;
43
03076907b58a added file name encryption
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 40
diff changeset
351 return (char*)out;
40
a95ee94b9204 supports whitespace in paths
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
352 }
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
353
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
354
354
067ea2315a8a moves auth prompt functionality to libidav
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 349
diff changeset
355 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf){
155
b85248a8aee2 fixed some cases of incompatible types in crypto functions
Mike Becker <universe@uap-core.de>
parents: 150
diff changeset
356 SHA256_Final((unsigned char*)buf, sha256);
150
37fb12574acd added checksums for encrypted resources
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 75
diff changeset
357 }
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
358
367
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
359 char* dav_create_hash(const char *data, size_t len) {
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
360 unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
624
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
361 DAV_SHA_CTX ctx;
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
362 SHA256_Init(&ctx);
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
363 SHA256_Update(&ctx, data, len);
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
364 SHA256_Final(hash, &ctx);
367
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
365 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
366 }
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
367
520
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
368 DAV_SHA_CTX* dav_hash_init(void) {
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
369 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
370 SHA256_Init(ctx);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
371 return ctx;
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
372 }
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
373
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
374 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
375 SHA256_Update(ctx, data, len);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
376 }
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
377
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
378 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
379 SHA256_Final(buf, ctx);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
380 free(ctx);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
381 }
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
382
624
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
383 #if OPENSSL_VERSION_NUMBER < 0x10100000L
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
384 static int crypto_pw2key_error = 0;
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
385 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
386 if(!crypto_pw2key_error) {
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
387 fprintf(stderr, "Error: password key derivation not supported on this platform: openssl to old\n");
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
388 crypto_pw2key_error = 1;
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
389 }
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
390 return 0;
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
391 }
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
392
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
393 #else
515
2465dd550bb5 fixes signedness of salt in dav_pw2key()
Mike Becker <universe@uap-core.de>
parents: 506
diff changeset
394 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
470
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
395 if(!password) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
396 return NULL;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
397 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
398 size_t len = strlen(password);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
399 if(len == 0) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
400 return NULL;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
401 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
402
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
403 // setup key data and length
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
404 unsigned char keydata[32];
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
405 int keylen = 32;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
406 switch(enc) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
407 case DAV_KEY_AES128: keylen = 16; break;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
408 case DAV_KEY_AES256: keylen = 32; break;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
409 default: return NULL;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
410 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
411
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
412 // generate key
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
413 switch(pwfunc) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
414 case DAV_PWFUNC_PBKDF2_SHA256: {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
415 PKCS5_PBKDF2_HMAC(
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
416 password,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
417 len,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
418 salt,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
419 saltlen,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
420 DAV_CRYPTO_ITERATION_COUNT,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
421 EVP_sha256(),
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
422 keylen,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
423 keydata);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
424 break;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
425 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
426 case DAV_PWFUNC_PBKDF2_SHA512: {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
427 PKCS5_PBKDF2_HMAC(
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
428 password,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
429 len,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
430 salt,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
431 saltlen,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
432 DAV_CRYPTO_ITERATION_COUNT,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
433 EVP_sha512(),
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
434 keylen,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
435 keydata);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
436 break;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
437 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
438 default: return NULL;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
439 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
440
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
441 // create DavKey with generated data
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
442 DavKey *key = malloc(sizeof(DavKey));
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
443 key->data = malloc(keylen);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
444 key->length = keylen;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
445 key->name = NULL;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
446 key->type = enc;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
447 memcpy(key->data, keydata, keylen);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
448 return key;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
449 }
624
27985062cd2c fix build on Solaris 10
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 520
diff changeset
450 #endif
470
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
451
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
452 #endif
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
453
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
454
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
455 /* -------------------- Apple Crypto Functions -------------------- */
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
456 #ifdef DAV_CRYPTO_COMMON_CRYPTO
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
457
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
458 #define RANDOM_BUFFER_LENGTH 256
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
459 static char randbuf[RANDOM_BUFFER_LENGTH];
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
460 static int rbufpos = RANDOM_BUFFER_LENGTH;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
461
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
462 int dav_rand_bytes(unsigned char *buf, size_t len) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
463 if(len + rbufpos > RANDOM_BUFFER_LENGTH) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
464 int devr = open("/dev/urandom", O_RDONLY);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
465 if(devr == -1) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
466 return 1;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
467 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
468
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
469 if(read(devr, randbuf, RANDOM_BUFFER_LENGTH) < RANDOM_BUFFER_LENGTH) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
470 close(devr);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
471 return 1;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
472 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
473
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
474 rbufpos = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
475 if(len > RANDOM_BUFFER_LENGTH) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
476 int err = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
477 if(read(devr, buf, len) < len) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
478 err = 1;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
479 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
480 close(devr);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
481 return err;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
482 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
483
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
484 close(devr);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
485 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
486
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
487 char *r = randbuf;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
488 memcpy(buf, r + rbufpos, len);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
489 rbufpos += len;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
490
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
491 return 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
492 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
493
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
494 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
495 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
496 CC_SHA256_Init(&dec->sha256);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
497 dec->stream = stream;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
498 dec->write = write_func;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
499 dec->key = key;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
500 dec->init = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
501 dec->ivpos = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
502
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
503 return dec;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
504 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
505
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
506
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
507 void aes_decrypter_init(AESDecrypter *dec) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
508 //EVP_CIPHER_CTX_init(&dec->ctx);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
509 dec->init = 1;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
510
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
511 CCCryptorRef cryptor;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
512 CCCryptorStatus status;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
513 if(dec->key->type == DAV_KEY_AES128) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
514 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
515 } else if(dec->key->type == DAV_KEY_AES256) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
516 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
517 } else {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
518 fprintf(stderr, "unknown key type\n");
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
519 exit(-1);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
520 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
521 dec->ctx = cryptor;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
522 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
523
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
524 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
525 int len = s*n;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
526 if(!dec->init) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
527 size_t n = 16 - dec->ivpos;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
528 size_t cp = n > len ? len : n;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
529 memcpy(dec->ivtmp + dec->ivpos, buf, cp);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
530 dec->ivpos += cp;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
531 if(dec->ivpos >= 16) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
532 aes_decrypter_init(dec);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
533 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
534 if(len == cp) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
535 return len;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
536 } else {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
537 buf = (char*)buf + cp;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
538 len -= cp;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
539 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
540 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
541
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
542 int outlen = len + 16;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
543 unsigned char *out = malloc(outlen);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
544
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
545 CCCryptorStatus status;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
546 size_t avail = outlen;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
547 size_t moved = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
548 status = CCCryptorUpdate(dec->ctx, buf, len, out, avail, &moved);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
549
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
550 ssize_t wlen = dec->write(out, 1, moved, dec->stream);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
551 CC_SHA256_Update(&dec->sha256, out, wlen);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
552 free(out);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
553 return (s*n) / s;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
554 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
555
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
556 void aes_decrypter_shutdown(AESDecrypter *dec) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
557 if(dec->init) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
558 void *out = malloc(128);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
559 size_t len = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
560 //EVP_DecryptFinal_ex(dec->ctx, out, &len);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
561 CCCryptorFinal(dec->ctx, out, 128, &len);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
562
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
563
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
564 dec->write(out, 1, len, dec->stream);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
565 CC_SHA256_Update(&dec->sha256, out, len);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
566 free(out);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
567 //EVP_CIPHER_CTX_cleanup(&dec->ctx);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
568 //EVP_CIPHER_CTX_free(dec->ctx);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
569 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
570 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
571
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
572 void aes_decrypter_close(AESDecrypter *dec) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
573
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
574 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
575
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
576 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
577 unsigned char *iv = malloc(16);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
578 if(dav_rand_bytes(iv, 16)) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
579 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
580 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
581
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
582 CCCryptorRef cryptor;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
583 CCCryptorStatus status;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
584 if(key->type == DAV_KEY_AES128) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
585 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
586 } else if(key->type == DAV_KEY_AES256) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
587 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
588 } else {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
589 free(iv);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
590 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
591 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
592
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
593 AESEncrypter *enc = malloc(sizeof(AESEncrypter));
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
594 enc->ctx = cryptor;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
595 CC_SHA256_Init(&enc->sha256);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
596 enc->stream = stream;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
597 enc->read = read_func;
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
598 enc->seek = seek_func;
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
599 enc->tmp = NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
600 enc->tmplen = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
601 enc->tmpoff = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
602 enc->end = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
603 enc->iv = iv;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
604 enc->ivlen = 16;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
605
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
606 return enc;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
607 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
608
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
609 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
610 size_t len = s*n;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
611 if(enc->tmp) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
612 size_t tmp_diff = enc->tmplen - enc->tmpoff;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
613 size_t cp_len = tmp_diff > len ? len : tmp_diff;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
614 memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
615 enc->tmpoff += cp_len;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
616 if(enc->tmpoff >= enc->tmplen) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
617 free(enc->tmp);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
618 enc->tmp = NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
619 enc->tmplen = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
620 enc->tmpoff = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
621 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
622 return cp_len / s;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
623 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
624
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
625 if(enc->end) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
626 return 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
627 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
628
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
629 void *in = malloc(len);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
630 size_t in_len = enc->read(in, 1, len, enc->stream);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
631
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
632 CC_SHA256_Update(&enc->sha256, in, in_len);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
633
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
634 unsigned char *out = NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
635 size_t outlen = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
636 size_t ivl = enc->ivlen;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
637 if(in_len != 0) {
462
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
638 outlen = len + 32;
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
639 out = malloc(outlen + ivl);
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
640 if(ivl > 0) {
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
641 memcpy(out, enc->iv, ivl);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
642 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
643
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
644 CCCryptorStatus status;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
645 size_t avail = outlen;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
646 status = CCCryptorUpdate(enc->ctx, in, in_len, out + ivl, avail, &outlen);
728
35a421f441d5 add stream API
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 692
diff changeset
647 // TODO: check if this still works
35a421f441d5 add stream API
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 692
diff changeset
648 /*
462
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
649 if(in_len != len) {
488
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
650 size_t newoutlen = 16;
462
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
651 status = CCCryptorFinal(enc->ctx, out + ivl + outlen, 16, &newoutlen);
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
652 outlen += newoutlen;
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
653 enc->end = 1;
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
654 }
728
35a421f441d5 add stream API
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 692
diff changeset
655 */
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
656 } else {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
657 out = malloc(32);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
658 CCCryptorStatus status;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
659 size_t avail = outlen;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
660 status = CCCryptorFinal(enc->ctx, out, 32, &outlen);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
661 enc->end = 1;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
662 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
663 enc->tmp = (char*)out;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
664 enc->tmplen = outlen + ivl;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
665 enc->tmpoff = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
666
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
667 if(enc->ivlen > 0) {
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
668 enc->ivlen = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
669 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
670
462
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
671 free(in);
efda9aa1bbad applies aes stream fix to macos implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 459
diff changeset
672
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
673 return aes_read(buf, s, n, enc);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
674 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
675
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
676 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) {
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
677 if(origin != SEEK_SET || offset != 0 || !enc->seek) {
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
678 return CURL_SEEKFUNC_CANTSEEK;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
679 }
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
680
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
681 enc->ivlen = 16;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
682 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
683 return CURL_SEEKFUNC_FAIL;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
684 }
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
685 return CURL_SEEKFUNC_OK;
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
686 }
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
687
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
688 void aes_encrypter_close(AESEncrypter *enc) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
689 if(enc->tmp) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
690 free(enc->tmp);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
691 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
692 if(enc->iv) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
693 free(enc->iv);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
694 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
695 // TODO: cleanup cryptor
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
696 free(enc);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
697 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
698
505
481802342fdf ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 488
diff changeset
699 char* aes_encrypt(const char *in, size_t len, DavKey *key) {
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
700 unsigned char iv[16];
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
701 if(dav_rand_bytes(iv, 16)) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
702 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
703 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
704
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
705 CCCryptorRef cryptor;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
706 CCCryptorStatus status;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
707 if(key->type == DAV_KEY_AES128) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
708 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
709 } else if(key->type == DAV_KEY_AES256) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
710 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
711 } else {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
712 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
713 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
714
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
715 if(status != kCCSuccess) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
716 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
717 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
718
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
719 int buflen = len + 64;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
720 char *buf = calloc(1, buflen);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
721 memcpy(buf, iv, 16);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
722
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
723 int pos = 16;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
724 size_t avail = buflen - 16;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
725 size_t moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
726 char *out = buf + 16;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
727
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
728 status = CCCryptorUpdate(cryptor, in,
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
729 len, out, avail,
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
730 &moved);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
731 if(status != kCCSuccess) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
732 free(buf);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
733 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
734 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
735
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
736 pos += moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
737 avail -= moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
738 out += moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
739
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
740 status = CCCryptorFinal(cryptor, out, avail, &moved);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
741 if(status != kCCSuccess) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
742 free(buf);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
743 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
744 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
745
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
746 pos += moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
747
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
748 char *b64enc = util_base64encode(buf, pos);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
749 free(buf);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
750
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
751 return b64enc;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
752 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
753
505
481802342fdf ucx update
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 488
diff changeset
754 char* aes_decrypt(const char *in, size_t *len, DavKey *key) {
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
755 int inlen;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
756 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
757
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
758 CCCryptorRef cryptor;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
759 CCCryptorStatus status;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
760 if(key->type == DAV_KEY_AES128) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
761 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
762 } else if(key->type == DAV_KEY_AES256) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
763 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
764 } else {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
765 free(buf);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
766 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
767 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
768
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
769 if(status != kCCSuccess) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
770 free(buf);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
771 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
772 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
773
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
774 char *out = malloc(inlen + 1);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
775 size_t outavail = inlen;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
776 size_t outlen = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
777
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
778 unsigned char *inbuf = buf + 16;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
779 inlen -= 16;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
780
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
781 size_t moved = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
782 status = CCCryptorUpdate(cryptor, inbuf, inlen, out, outavail, &moved);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
783 if(status != kCCSuccess) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
784 free(buf);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
785 free(out);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
786 // TODO cryptor
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
787 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
788 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
789
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
790 outlen += moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
791 outavail -= moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
792
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
793 status = CCCryptorFinal(cryptor, out + outlen, outavail, &moved);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
794 if(status != kCCSuccess) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
795 free(buf);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
796 free(out);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
797 // TODO cryptor
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
798 return NULL;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
799 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
800
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
801 outlen += moved;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
802 out[outlen] = 0;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
803
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
804 *len = outlen;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
805 return out;
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
806 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
807
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
808 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) {
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
809 CC_SHA256_Final(buf, sha256);
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
810 }
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
811
367
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
812 char* dav_create_hash(const char *data, size_t len) {
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
813 unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
814 CC_SHA256((const unsigned char*)data, len, hash);
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
815 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
816 }
4a6a59f89f9f adds dav-sync config for autodetecting tag changes
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 354
diff changeset
817
520
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
818 DAV_SHA_CTX* dav_hash_init(void) {
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
819 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
820 CC_SHA256_Init(ctx);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
821 return ctx;
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
822 }
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
823
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
824 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
825 CC_SHA256_Update(ctx, data, len);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
826 }
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
827
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
828 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
829 CC_SHA256_Final(buf, ctx);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
830 free(ctx);
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
831 }
da2b0cc44e4f adds xml attribute support and xattr property
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 515
diff changeset
832
515
2465dd550bb5 fixes signedness of salt in dav_pw2key()
Mike Becker <universe@uap-core.de>
parents: 506
diff changeset
833 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
488
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
834 if(!password) {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
835 return NULL;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
836 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
837 size_t len = strlen(password);
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
838 if(len == 0) {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
839 return NULL;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
840 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
841
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
842 // setup key data and length
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
843 unsigned char keydata[32];
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
844 int keylen = 32;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
845 switch(enc) {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
846 case DAV_KEY_AES128: keylen = 16; break;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
847 case DAV_KEY_AES256: keylen = 32; break;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
848 default: return NULL;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
849 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
850
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
851 // generate key
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
852 switch(pwfunc) {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
853 case DAV_PWFUNC_PBKDF2_SHA256: {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
854 int result = CCKeyDerivationPBKDF(
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
855 kCCPBKDF2,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
856 password,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
857 len,
515
2465dd550bb5 fixes signedness of salt in dav_pw2key()
Mike Becker <universe@uap-core.de>
parents: 506
diff changeset
858 salt,
488
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
859 saltlen,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
860 kCCPRFHmacAlgSHA256,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
861 DAV_CRYPTO_ITERATION_COUNT,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
862 keydata,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
863 keylen);
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
864 if(result) {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
865 return NULL;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
866 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
867 break;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
868 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
869 case DAV_PWFUNC_PBKDF2_SHA512: {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
870 int result = CCKeyDerivationPBKDF(
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
871 kCCPBKDF2,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
872 password,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
873 len,
515
2465dd550bb5 fixes signedness of salt in dav_pw2key()
Mike Becker <universe@uap-core.de>
parents: 506
diff changeset
874 salt,
488
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
875 saltlen,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
876 kCCPRFHmacAlgSHA512,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
877 DAV_CRYPTO_ITERATION_COUNT,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
878 keydata,
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
879 keylen);
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
880 if(result) {
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
881 return NULL;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
882 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
883 break;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
884 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
885 default: return NULL;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
886 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
887
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
888 // create DavKey with generated data
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
889 DavKey *key = malloc(sizeof(DavKey));
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
890 key->data = malloc(keylen);
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
891 key->length = keylen;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
892 key->name = NULL;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
893 key->type = enc;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
894 memcpy(key->data, keydata, keylen);
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
895 return key;
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
896 }
29b979ca8750 adds dav_pw2key commoncrypto implementation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 478
diff changeset
897
349
0b4ecadaf3f9 ports openssl code to commoncrypto (macos)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 267
diff changeset
898 #endif
470
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
899
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
900 /* -------------------- Windows Crypto Functions -------------------- */
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
901 #ifdef DAV_CRYPTO_CNG
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
902
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
903 static void cng_cleanup(BCRYPT_ALG_HANDLE hAesAlg, BCRYPT_KEY_HANDLE hKey, BCRYPT_HASH_HANDLE hHash, void *pbObject) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
904 if(hAesAlg) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
905 BCryptCloseAlgorithmProvider(hAesAlg,0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
906 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
907 if(hKey) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
908 BCryptDestroyKey(hKey);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
909 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
910 if(hHash) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
911 BCryptDestroyHash(hHash);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
912 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
913 if(pbObject) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
914 free(pbObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
915 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
916 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
917
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
918 static int cng_init_key(BCRYPT_ALG_HANDLE *alg, BCRYPT_KEY_HANDLE *key, void **keyobj, DavKey *aesKey) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
919 BCRYPT_ALG_HANDLE hAesAlg = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
920 BCRYPT_KEY_HANDLE hKey = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
921
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
922 void *pbKeyObject = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
923 ULONG keyObjectLength = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
924
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
925 ULONG result = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
926
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
927 // check DavKey and get AES key length
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
928 if(!aesKey) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
929 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
930 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
931
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
932 ULONG aesKeyLength = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
933 if(aesKey->type == DAV_KEY_AES128) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
934 aesKeyLength = 16;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
935 } else if(aesKey->type == DAV_KEY_AES256) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
936 aesKeyLength = 32;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
937 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
938 if(aesKeyLength > aesKey->length || !aesKey->data) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
939 // invalid DavKey
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
940 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
941 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
942
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
943 // initialize BCrypt stuff
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
944 if(BCryptOpenAlgorithmProvider(&hAesAlg, BCRYPT_AES_ALGORITHM, NULL, 0)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
945 fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
946 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
947 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
948
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
949 if(BCryptGetProperty(hAesAlg, BCRYPT_OBJECT_LENGTH, (PUCHAR)&keyObjectLength, sizeof(DWORD), &result, 0)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
950 fprintf(stderr, "Error: BCrypt: Cannot get BCRYPT_OBJECT_LENGTH\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
951 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
952 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
953 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
954
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
955 if(BCryptSetProperty(hAesAlg, BCRYPT_CHAINING_MODE, (PBYTE)BCRYPT_CHAIN_MODE_CBC, sizeof(BCRYPT_CHAIN_MODE_CBC), 0)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
956 fprintf(stderr, "Error: BCrypt: Cannot set CBC mode\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
957 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
958 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
959 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
960
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
961 pbKeyObject = calloc(1, keyObjectLength);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
962 if(!pbKeyObject) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
963 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
964 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
965 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
966
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
967 // init key
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
968 if(BCryptGenerateSymmetricKey(hAesAlg, &hKey, pbKeyObject, keyObjectLength, aesKey->data, aesKeyLength, 0)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
969 fprintf(stderr, "Error: BCrypt: Cannot set key\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
970 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
971 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
972 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
973
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
974 *alg = hAesAlg;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
975 *key = hKey;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
976 *keyobj = pbKeyObject;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
977
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
978 return 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
979 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
980
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
981 static int cng_hash_init(WinBCryptSHACTX *ctx) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
982 if(BCryptOpenAlgorithmProvider(&ctx->hAlg, BCRYPT_SHA256_ALGORITHM, NULL, 0)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
983 fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
984 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
985 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
986
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
987 ULONG hashObjectLen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
988 ULONG result;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
989 if(BCryptGetProperty(ctx->hAlg, BCRYPT_OBJECT_LENGTH, (PBYTE)&hashObjectLen, sizeof(DWORD), &result, 0)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
990 cng_cleanup(ctx->hAlg, NULL, NULL, NULL);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
991 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
992 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
993
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
994 ctx->pbHashObject = calloc(1, hashObjectLen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
995
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
996 if(BCryptCreateHash(ctx->hAlg, &ctx->hHash, ctx->pbHashObject, hashObjectLen, NULL, 0, 0)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
997 cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
998 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
999 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1000
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1001 return 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1002 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1003
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1004
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1005 int dav_rand_bytes(unsigned char *buf, size_t len) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1006 if(BCryptGenRandom(NULL, (unsigned char*)buf, (ULONG)len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1007 return 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1008 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1009 return 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1010 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1011
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1012 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1013 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1014 if(!dec) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1015 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1016 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1017 if(cng_hash_init(&dec->sha256)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1018 free(dec);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1019 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1020 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1021
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1022 dec->stream = stream;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1023 dec->write = write_func;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1024 dec->key = key;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1025 dec->init = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1026 dec->ivpos = 0;
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1027
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1028 return dec;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1029 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1030
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1031 static void aes_decrypter_init(AESDecrypter *dec) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1032 if(cng_init_key(&dec->ctx.hAlg, &dec->ctx.hKey, &dec->ctx.pbKeyObject, dec->key)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1033 fprintf(stderr, "Error: cng_init_key failed\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1034 exit(-1);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1035 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1036 // copy iv
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1037 memcpy(dec->ctx.pbIV, dec->ivtmp, 16);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1038 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1039
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1040 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1041 int len = s*n;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1042 if(!dec->init) {
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1043 dec->init = 1;
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1044
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1045 size_t n = 16 - dec->ivpos;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1046 size_t cp = n > len ? len : n;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1047 memcpy(dec->ivtmp + dec->ivpos, buf, cp);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1048 dec->ivpos += cp;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1049 if(dec->ivpos >= 16) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1050 aes_decrypter_init(dec);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1051 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1052 if(len == cp) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1053 return len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1054 } else {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1055 buf = (char*)buf + cp;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1056 len -= cp;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1057 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1058 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1059
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1060 // the cipher text must be a multiply of 16
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1061 // remaining bytes are stored in ctx.buf and must be added to cibuf
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1062 // the next time
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1063 size_t cbufalloc = len + 64;
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1064 ULONG clen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1065 char *cbuf = malloc(cbufalloc);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1066
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1067 // add previous remaining bytes
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1068 if(dec->ctx.buflen > 0) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1069 memcpy(cbuf, dec->ctx.buf, dec->ctx.buflen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1070 clen = dec->ctx.buflen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1071 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1072 // add current bytes
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1073 memcpy(cbuf + clen, buf, len);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1074 clen += len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1075
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1076 // check if the message fits the blocksize
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1077 int remaining = clen % 16;
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1078 if(remaining == 0) {
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1079 // decrypt last block next time, or in aes_decrypter_shutdown
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1080 // this makes sure, that shutdown always decrypts the last block
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1081 // with BCRYPT_BLOCK_PADDING flag
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1082 remaining = 16;
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1083 }
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1084
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1085 // add remaining bytes to ctx.buf for the next aes_write run
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1086 clen -= remaining;
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1087 memcpy(dec->ctx.buf, cbuf + clen, remaining);
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1088 dec->ctx.buflen = remaining;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1089
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1090 // ready to decrypt the message
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1091 ULONG outlen = clen + 32;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1092 unsigned char *out = malloc(outlen);
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1093
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1094 // decrypt
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1095 if(clen > 0) {
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1096 ULONG enc_len = 0;
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1097 ULONG status = BCryptDecrypt(dec->ctx.hKey, cbuf, clen, NULL, dec->ctx.pbIV, 16, out, outlen, &enc_len, 0);
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1098 if(status > 0) {
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1099 fprintf(stderr, "Error: BCryptDecrypt failed: 0x%X\n", status);
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1100 free(out);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1101 free(cbuf);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1102 return 0;
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1103 }
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1104 outlen = enc_len;
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1105 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1106
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1107 // write decrypted data to the output stream and update the hash
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1108 dec->write(out, 1, outlen, dec->stream);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1109 BCryptHashData(dec->sha256.hHash, out, outlen, 0);
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1110
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1111 free(out);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1112 free(cbuf);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1113
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1114 return (s*n) / s;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1115 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1116
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1117 void aes_decrypter_shutdown(AESDecrypter *dec) {
689
b1f7d83f6e69 fix aes decrypter stream
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 688
diff changeset
1118 if(dec->init && dec->ctx.buflen > 0) {
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1119 ULONG outlen = 64;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1120 char out[64];
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1121 if(BCryptDecrypt(dec->ctx.hKey, dec->ctx.buf, dec->ctx.buflen, NULL, dec->ctx.pbIV, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1122 fprintf(stderr, "Error: BCryptDecrypt failed\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1123 return;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1124 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1125 dec->write(out, 1, outlen, dec->stream);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1126 BCryptHashData(dec->sha256.hHash, out, outlen, 0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1127 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1128 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1129
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1130 void aes_decrypter_close(AESDecrypter *dec) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1131 cng_cleanup(dec->ctx.hAlg, dec->ctx.hKey, NULL, dec->ctx.pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1132 cng_cleanup(dec->sha256.hAlg, NULL, dec->sha256.hHash, dec->sha256.pbHashObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1133 free(dec);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1134 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1135
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1136 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1137 unsigned char *iv = malloc(16);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1138 if(dav_rand_bytes(iv, 16)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1139 free(iv);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1140 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1141 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1142
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1143 AESEncrypter *enc = calloc(1, sizeof(AESEncrypter));
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1144 if(cng_hash_init(&enc->sha256)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1145 free(iv);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1146 free(enc);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1147 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1148 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1149
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1150 enc->stream = stream;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1151 enc->read = read_func;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1152 enc->seek = seek_func;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1153 enc->tmp = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1154 enc->tmplen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1155 enc->tmpoff = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1156 enc->end = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1157 enc->iv = iv;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1158 enc->ivlen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1159
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1160 if(cng_init_key(&enc->ctx.hAlg, &enc->ctx.hKey, &enc->ctx.pbKeyObject, key)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1161 fprintf(stderr, "Error: cng_init_key failed\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1162 exit(-1);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1163 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1164
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1165 enc->ctx.buflen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1166 memcpy(enc->ctx.pbIV, iv, 16);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1167
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1168 return enc;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1169 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1170
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1171 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1172 size_t len = s*n;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1173 size_t nread = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1174
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1175 if(enc->tmp) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1176 // the temp buffer contains bytes that are already encrypted, but
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1177 // the last aes_read had not enough read buffer space
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1178
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1179 // in case we have a tmp buf, we just return this
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1180 size_t tmp_diff = enc->tmplen - enc->tmpoff;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1181 size_t cp_len = tmp_diff > len ? len : tmp_diff;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1182 memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1183 enc->tmpoff += cp_len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1184 if(enc->tmpoff >= enc->tmplen) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1185 free(enc->tmp);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1186 enc->tmp = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1187 enc->tmplen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1188 enc->tmpoff = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1189 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1190 return cp_len / s;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1191 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1192
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1193 if(enc->ivlen < 16) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1194 size_t copy_iv_len = 16 - enc->ivlen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1195 copy_iv_len = len > copy_iv_len ? copy_iv_len : len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1196
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1197 memcpy(buf, enc->iv, copy_iv_len);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1198 buf += copy_iv_len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1199 len -= copy_iv_len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1200 nread = copy_iv_len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1201
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1202 enc->ivlen += copy_iv_len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1203
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1204 if(len == 0) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1205 return copy_iv_len / s;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1206 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1207 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1208
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1209 if(enc->end) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1210 return 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1211 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1212
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1213 size_t remaining = len % 16;
690
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1214 len -= remaining;
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1215
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1216 if(len > 256) {
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1217 len -= 16; // optimization for avoiding tmp buffer usage
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1218 }
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1219
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1220 size_t inalloc = len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1221 ULONG inlen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1222 unsigned char *in = malloc(inalloc);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1223
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1224 // fill the input buffer
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1225 while(inlen < inalloc) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1226 size_t r = enc->read(in + inlen, 1, inalloc - inlen, enc->stream);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1227 if(r == 0) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1228 enc->end = 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1229 break;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1230 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1231 inlen += r;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1232 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1233
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1234 if(inlen == 0) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1235 return nread / s;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1236 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1237
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1238 // hash read data
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1239 BCryptHashData(enc->sha256.hHash, in, inlen, 0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1240
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1241 // create output buffer
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1242 ULONG outalloc = inlen + 16;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1243 ULONG outlen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1244 char *out = malloc(outalloc);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1245
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1246 // encrypt
690
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1247 int flags = 0;
692
56b66fe2b4f5 fix dav-sync deltav versioning
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 691
diff changeset
1248 if(inlen % 16 != 0) {
691
48ec0ab17011 fix encryption of files with specific length
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 690
diff changeset
1249 enc->end = 1;
48ec0ab17011 fix encryption of files with specific length
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 690
diff changeset
1250 }
48ec0ab17011 fix encryption of files with specific length
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 690
diff changeset
1251 if(enc->end) {
690
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1252 flags = BCRYPT_BLOCK_PADDING;
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1253 }
ce253cfb9127 fix aes encrypter stream (cng)
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 689
diff changeset
1254 if(BCryptEncrypt(enc->ctx.hKey, in, inlen, NULL, enc->ctx.pbIV, 16, out, outalloc, &outlen, flags)) {
688
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1255 fprintf(stderr, "Error: BCryptEncrypt failed\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1256 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1257
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1258 // check if the output fits in buf, if not, save the remaining bytes in tmp
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1259 if(outlen > len) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1260 size_t tmplen = outlen - len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1261 char *tmp = malloc(tmplen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1262 memcpy(tmp, out+len, tmplen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1263
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1264 enc->tmp = tmp;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1265 enc->tmplen = tmplen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1266 enc->tmpoff = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1267
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1268 outlen = len;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1269 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1270
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1271 // fill read buffer and return
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1272 memcpy(buf, out, outlen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1273 nread += outlen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1274
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1275 free(in);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1276 free(out);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1277
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1278 return nread / s;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1279 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1280
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1281 void aes_encrypter_close(AESEncrypter *enc) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1282 enc->end = 1;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1283 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1284
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1285 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1286 if(origin != SEEK_SET || offset != 0 || !enc->seek) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1287 return CURL_SEEKFUNC_CANTSEEK;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1288 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1289
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1290 enc->ivlen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1291 memcpy(enc->ctx.pbIV, enc->iv, 16);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1292 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1293 return CURL_SEEKFUNC_FAIL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1294 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1295 return CURL_SEEKFUNC_OK;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1296 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1297
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1298 char* aes_encrypt(const char *in, size_t len, DavKey *key) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1299 // create random IV
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1300 char iv[16];
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1301 if(dav_rand_bytes(iv, 16)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1302 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1303 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1304
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1305 // initialize bcrypt stuff
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1306 BCRYPT_ALG_HANDLE hAlg = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1307 BCRYPT_KEY_HANDLE hKey = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1308 void *pbKeyObject = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1309 if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1310 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1311 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1312
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1313 // create output buffer
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1314 ULONG outlen = len + 128;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1315 char *out = malloc(outlen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1316
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1317 // the output must start with the IV
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1318 memcpy(out, iv, 16);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1319 char *encbuf = out + 16;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1320 ULONG enclen = outlen - 16;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1321 ULONG encoutlen = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1322
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1323 // encrypt
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1324 if(BCryptEncrypt(hKey, (PUCHAR)in, len, NULL, (PUCHAR)iv, 16, encbuf, enclen, &encoutlen, BCRYPT_BLOCK_PADDING)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1325 fprintf(stderr, "Error: BCryptEncrypt failed\n");
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1326 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1327 free(out);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1328 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1329 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1330
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1331 outlen = encoutlen + 16; // length of encrypted data + 16 bytes IV
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1332
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1333 // base64 encode
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1334 char *outstr = util_base64encode(out, outlen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1335
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1336 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1337 free(out);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1338
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1339 return outstr;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1340 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1341
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1342 char* aes_decrypt(const char *in, size_t *len, DavKey *key) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1343 BCRYPT_ALG_HANDLE hAlg = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1344 BCRYPT_KEY_HANDLE hKey = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1345 void *pbKeyObject = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1346 if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1347 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1348 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1349
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1350 int inlen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1351 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1352 if(inlen < 16 || !buf) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1353 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1354 if(buf) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1355 free(buf);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1356 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1357 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1358 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1359
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1360 // encrypted data starts with IV
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1361 char iv[16];
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1362 memcpy(iv, buf, 16);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1363
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1364 // decrypt data
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1365 char *data = buf + 16; // encrypted data starts after IV
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1366 size_t datalen = inlen - 16;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1367
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1368 // create output buffer
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1369 ULONG outlen = inlen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1370 char *out = malloc(outlen + 1);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1371
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1372 // decrypt
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1373 if(BCryptDecrypt(hKey, data, datalen, NULL, iv, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1374 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1375 free(out);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1376 free(buf);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1377 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1378 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1379
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1380 // decrypt finished, return
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1381 out[outlen] = 0;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1382 *len = (size_t)outlen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1383 return out;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1384 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1385
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1386 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1387 BCryptFinishHash(sha256->hHash, buf, DAV_SHA256_DIGEST_LENGTH, 0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1388 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1389
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1390
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1391 char* dav_create_hash(const char *data, size_t len) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1392 unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1393 DAV_SHA_CTX *ctx = dav_hash_init();
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1394 if(ctx) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1395 dav_hash_update(ctx, data, len);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1396 dav_hash_final(ctx, hash);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1397 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1398 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1399 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1400
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1401 DAV_SHA_CTX* dav_hash_init(void) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1402 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1403 if(!ctx) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1404 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1405 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1406 if(cng_hash_init(ctx)) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1407 free(ctx);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1408 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1409 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1410 return ctx;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1411 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1412
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1413 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1414 BCryptHashData(ctx->hHash, (PUCHAR)data, len, 0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1415 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1416
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1417 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1418 BCryptFinishHash(ctx->hHash, (PUCHAR)buf, DAV_SHA256_DIGEST_LENGTH, 0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1419
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1420 // cleanup
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1421 cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1422 free(ctx);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1423 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1424
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1425 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1426 if(!password) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1427 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1428 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1429 size_t len = strlen(password);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1430 if(len == 0) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1431 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1432 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1433
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1434 // setup key data and length
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1435 unsigned char keydata[128];
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1436 int keylen = 32;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1437 switch(enc) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1438 case DAV_KEY_AES128: keylen = 16; break;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1439 case DAV_KEY_AES256: keylen = 32; break;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1440 default: return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1441 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1442
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1443 LPCWSTR algid;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1444 switch(pwfunc) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1445 case DAV_PWFUNC_PBKDF2_SHA256: algid = BCRYPT_SHA256_ALGORITHM; break;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1446 case DAV_PWFUNC_PBKDF2_SHA512: algid = BCRYPT_SHA512_ALGORITHM; break;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1447 default: return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1448 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1449
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1450 // open algorithm provider
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1451 BCRYPT_ALG_HANDLE hAlg;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1452 ULONG status = BCryptOpenAlgorithmProvider(&hAlg, algid, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1453 if(status > 0) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1454 fprintf(stderr, "Error: dav_pw2key: BCryptOpenAlgorithmProvider failed: 0x%X\n", (unsigned int)status);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1455 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1456 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1457
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1458 // derive key
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1459 status = BCryptDeriveKeyPBKDF2(
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1460 hAlg,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1461 (PUCHAR)password,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1462 len,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1463 (PUCHAR)salt,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1464 saltlen,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1465 DAV_CRYPTO_ITERATION_COUNT,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1466 keydata,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1467 128,
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1468 0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1469
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1470 BCryptCloseAlgorithmProvider(hAlg,0);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1471
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1472 if(status) {
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1473 fprintf(stderr, "Error: dav_pw2key: BCryptDeriveKeyPBKDF2 failed: 0x%X\n", (unsigned int)status);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1474 return NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1475 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1476
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1477 // create DavKey with generated data
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1478 DavKey *key = malloc(sizeof(DavKey));
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1479 key->data = malloc(keylen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1480 key->length = keylen;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1481 key->name = NULL;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1482 key->type = enc;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1483 memcpy(key->data, keydata, keylen);
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1484 return key;
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1485 }
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1486 #endif
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1487
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1488
d405d2ac78e6 replace openssl on windows with cng/bcrypt
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 625
diff changeset
1489
470
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1490 UcxBuffer* aes_encrypt_buffer(UcxBuffer *in, DavKey *key) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1491 UcxBuffer *encbuf = ucx_buffer_new(
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1492 NULL,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1493 in->size+16,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1494 UCX_BUFFER_AUTOEXTEND);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1495
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1496 AESEncrypter *enc = aes_encrypter_new(
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1497 key,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1498 in,
478
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
1499 (dav_read_func)ucx_buffer_read,
baa63fef5c5c fixes redirects
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 470
diff changeset
1500 NULL);
470
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1501 if(!enc) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1502 ucx_buffer_free(encbuf);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1503 return NULL;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1504 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1505
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1506 char buf[1024];
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1507 size_t r;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1508 while((r = aes_read(buf, 1, 1024, enc)) > 0) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1509 ucx_buffer_write(buf, 1, r, encbuf);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1510 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1511 aes_encrypter_close(enc);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1512
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1513 encbuf->pos = 0;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1514 return encbuf;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1515 }
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1516
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1517 UcxBuffer* aes_decrypt_buffer(UcxBuffer *in, DavKey *key) {
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1518 UcxBuffer *decbuf = ucx_buffer_new(
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1519 NULL,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1520 in->size,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1521 UCX_BUFFER_AUTOEXTEND);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1522 AESDecrypter *dec = aes_decrypter_new(
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1523 key,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1524 decbuf,
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1525 (dav_write_func)ucx_buffer_write);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1526
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1527 aes_write(in->space, 1, in->size, dec);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1528 aes_decrypter_shutdown(dec);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1529 aes_decrypter_close(dec);
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1530 decbuf->pos = 0;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1531 return decbuf;
6bf798ad3aec adds encrypted password store
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 462
diff changeset
1532 }

Mercurial Repository: dav

mercurial