|
1 /* |
|
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. |
|
3 * |
|
4 * Copyright 2013 Olaf Wintermann. All rights reserved. |
|
5 * |
|
6 * Redistribution and use in source and binary forms, with or without |
|
7 * modification, are permitted provided that the following conditions are met: |
|
8 * |
|
9 * 1. Redistributions of source code must retain the above copyright |
|
10 * notice, this list of conditions and the following disclaimer. |
|
11 * |
|
12 * 2. Redistributions in binary form must reproduce the above copyright |
|
13 * notice, this list of conditions and the following disclaimer in the |
|
14 * documentation and/or other materials provided with the distribution. |
|
15 * |
|
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
|
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
|
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
|
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
|
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
|
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
|
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
26 * POSSIBILITY OF SUCH DAMAGE. |
|
27 */ |
|
28 |
|
29 #include <stdio.h> |
|
30 #include <stdlib.h> |
|
31 #include <string.h> |
|
32 #include <openssl/rand.h> |
|
33 |
|
34 #include <libidav/utils.h> |
|
35 #include "crypto.h" |
|
36 |
|
37 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) { |
|
38 AESDecrypter *dec = malloc(sizeof(AESDecrypter)); |
|
39 dec->stream = stream; |
|
40 dec->write = write_func; |
|
41 dec->key = key; |
|
42 dec->init = 0; |
|
43 dec->ivpos = 0; |
|
44 |
|
45 return dec; |
|
46 } |
|
47 |
|
48 void aes_decrypter_init(AESDecrypter *dec) { |
|
49 EVP_CIPHER_CTX_init(&dec->ctx); |
|
50 dec->init = 1; |
|
51 if(dec->key->type == DAV_KEY_AES128) { |
|
52 EVP_DecryptInit_ex( |
|
53 &dec->ctx, |
|
54 EVP_aes_128_cbc(), |
|
55 NULL, |
|
56 dec->key->data, |
|
57 dec->ivtmp); |
|
58 } else if(dec->key->type == DAV_KEY_AES256) { |
|
59 EVP_DecryptInit_ex( |
|
60 &dec->ctx, |
|
61 EVP_aes_256_cbc(), |
|
62 NULL, |
|
63 dec->key->data, |
|
64 dec->ivtmp); |
|
65 } else { |
|
66 fprintf(stderr, "unknown key type\n"); |
|
67 exit(-1); |
|
68 } |
|
69 } |
|
70 |
|
71 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) { |
|
72 int len = s*n; |
|
73 if(!dec->init) { |
|
74 size_t n = 16 - dec->ivpos; |
|
75 size_t cp = n > len ? len : n; |
|
76 memcpy(dec->ivtmp + dec->ivpos, buf, cp); |
|
77 dec->ivpos += cp; |
|
78 if(dec->ivpos >= 16) { |
|
79 aes_decrypter_init(dec); |
|
80 } |
|
81 if(len == cp) { |
|
82 return len; |
|
83 } else { |
|
84 buf = (char*)buf + cp; |
|
85 len -= cp; |
|
86 } |
|
87 } |
|
88 |
|
89 int outlen = len + 16; |
|
90 unsigned char *out = malloc(outlen); |
|
91 EVP_DecryptUpdate(&dec->ctx, out, &len, buf, len); |
|
92 dec->write(out, 1, len, dec->stream); |
|
93 free(out); |
|
94 return (s*n) / s; |
|
95 } |
|
96 |
|
97 void aes_decrypter_close(AESDecrypter *dec) { |
|
98 void *out = malloc(128); |
|
99 int len = 0; |
|
100 EVP_DecryptFinal_ex(&dec->ctx, out, &len); |
|
101 dec->write(out, 1, len, dec->stream); |
|
102 free(out); |
|
103 EVP_CIPHER_CTX_cleanup(&dec->ctx); |
|
104 free(dec); |
|
105 } |
|
106 |
|
107 |
|
108 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func) { |
|
109 unsigned char *iv = malloc(16); |
|
110 if(!RAND_bytes(iv, 16)) { |
|
111 free(iv); |
|
112 return NULL; |
|
113 } |
|
114 |
|
115 AESEncrypter *enc = malloc(sizeof(AESEncrypter)); |
|
116 enc->stream = stream; |
|
117 enc->read = read_func; |
|
118 enc->tmp = NULL; |
|
119 enc->tmplen = 0; |
|
120 enc->tmpoff = 0; |
|
121 enc->end = 0; |
|
122 //enc->iv = iv; |
|
123 enc->iv = iv; |
|
124 enc->ivlen = 16; |
|
125 |
|
126 EVP_CIPHER_CTX_init(&enc->ctx); |
|
127 if(key->type == DAV_KEY_AES128) { |
|
128 EVP_EncryptInit_ex(&enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv); |
|
129 } else if(key->type == DAV_KEY_AES256) { |
|
130 EVP_EncryptInit_ex(&enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv); |
|
131 } else { |
|
132 fprintf(stderr, "unknown key type\n"); |
|
133 exit(-1); |
|
134 } |
|
135 return enc; |
|
136 } |
|
137 |
|
138 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) { |
|
139 size_t len = s*n; |
|
140 if(enc->tmp) { |
|
141 size_t tmp_diff = enc->tmplen - enc->tmpoff; |
|
142 size_t cp_len = tmp_diff > len ? len : tmp_diff; |
|
143 memcpy(buf, enc->tmp + enc->tmpoff, cp_len); |
|
144 enc->tmpoff += cp_len; |
|
145 if(enc->tmpoff >= enc->tmplen) { |
|
146 free(enc->tmp); |
|
147 enc->tmp = NULL; |
|
148 enc->tmplen = 0; |
|
149 enc->tmpoff = 0; |
|
150 } |
|
151 return cp_len / s; |
|
152 } |
|
153 |
|
154 if(enc->end) { |
|
155 return 0; |
|
156 } |
|
157 |
|
158 void *in = malloc(len); |
|
159 size_t in_len = enc->read(in, 1, len, enc->stream); |
|
160 |
|
161 unsigned char *out = NULL; |
|
162 int outlen = 0; |
|
163 size_t ivl = enc->ivlen; |
|
164 if(in_len != 0) { |
|
165 outlen = len + 16; |
|
166 out = malloc(outlen + ivl); |
|
167 if(enc->iv) { |
|
168 memcpy(out, enc->iv, ivl); |
|
169 } |
|
170 EVP_EncryptUpdate(&enc->ctx, out + ivl, &outlen, in, in_len); |
|
171 free(in); |
|
172 } else { |
|
173 out = malloc(16); |
|
174 EVP_EncryptFinal_ex(&enc->ctx, out, &outlen); |
|
175 enc->end = 1; |
|
176 } |
|
177 enc->tmp = (char*)out; |
|
178 enc->tmplen = outlen + ivl; |
|
179 enc->tmpoff = 0; |
|
180 |
|
181 if(enc->iv) { |
|
182 enc->iv = NULL; |
|
183 enc->ivlen = 0; |
|
184 } |
|
185 |
|
186 return aes_read(buf, s, n, enc); |
|
187 } |
|
188 |
|
189 void aes_encrypter_close(AESEncrypter *enc) { |
|
190 if(enc->tmp) { |
|
191 free(enc->tmp); |
|
192 } |
|
193 EVP_CIPHER_CTX_cleanup(&enc->ctx); |
|
194 free(enc); |
|
195 } |
|
196 |
|
197 |
|
198 char* aes_encrypt(char *in, DavKey *key) { |
|
199 char *iv = malloc(16); |
|
200 if(!RAND_bytes(iv, 16)) { |
|
201 free(iv); |
|
202 return NULL; |
|
203 } |
|
204 |
|
205 EVP_CIPHER_CTX ctx; |
|
206 EVP_CIPHER_CTX_init(&ctx); |
|
207 if(key->type == DAV_KEY_AES128) { |
|
208 EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->data, iv); |
|
209 } else if(key->type == DAV_KEY_AES256) { |
|
210 EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key->data, iv); |
|
211 } else { |
|
212 return NULL; |
|
213 } |
|
214 |
|
215 int len = strlen(in); |
|
216 int buflen = len + 64; |
|
217 char *buf = calloc(1, buflen); |
|
218 memcpy(buf, iv, 16); |
|
219 |
|
220 int l = buflen - 16; |
|
221 EVP_EncryptUpdate(&ctx, buf + 16, &l, in, len); |
|
222 |
|
223 int f = 0; |
|
224 EVP_EncryptFinal_ex(&ctx, buf + 16 + l, &f); |
|
225 char *out = util_base64encode(buf, 16 + l + f); |
|
226 free(buf); |
|
227 return out; |
|
228 } |
|
229 |
|
230 char* aes_decrypt(char *in, DavKey *key) { |
|
231 int len; |
|
232 char *buf = util_base64decode_len(in, &len); |
|
233 |
|
234 EVP_CIPHER_CTX ctx; |
|
235 EVP_CIPHER_CTX_init(&ctx); |
|
236 if(key->type == DAV_KEY_AES128) { |
|
237 EVP_DecryptInit_ex( |
|
238 &ctx, |
|
239 EVP_aes_128_cbc(), |
|
240 NULL, |
|
241 key->data, |
|
242 buf); |
|
243 } else if(key->type == DAV_KEY_AES256) { |
|
244 EVP_DecryptInit_ex( |
|
245 &ctx, |
|
246 EVP_aes_256_cbc(), |
|
247 NULL, |
|
248 key->data, |
|
249 buf); |
|
250 } else { |
|
251 return NULL; |
|
252 } |
|
253 |
|
254 char *out = malloc(len + 1); |
|
255 int outlen = len; |
|
256 char *in_buf = buf + 16; |
|
257 int inlen = len - 16; |
|
258 int f = 0; |
|
259 |
|
260 |
|
261 |
|
262 EVP_DecryptUpdate(&ctx, out, &outlen, in_buf, inlen); |
|
263 EVP_DecryptFinal_ex(&ctx, out + outlen, &f); |
|
264 out[outlen + f] = '\0'; |
|
265 free(buf); |
|
266 return out; |
|
267 } |