--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/libidav/crypto.c Mon Mar 17 18:42:01 2014 +0100
@@ -0,0 +1,267 @@
+/*
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+ *
+ * Copyright 2013 Olaf Wintermann. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/rand.h>
+
+#include <libidav/utils.h>
+#include "crypto.h"
+
+AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
+ AESDecrypter *dec = malloc(sizeof(AESDecrypter));
+ dec->stream = stream;
+ dec->write = write_func;
+ dec->key = key;
+ dec->init = 0;
+ dec->ivpos = 0;
+
+ return dec;
+}
+
+void aes_decrypter_init(AESDecrypter *dec) {
+ EVP_CIPHER_CTX_init(&dec->ctx);
+ dec->init = 1;
+ if(dec->key->type == DAV_KEY_AES128) {
+ EVP_DecryptInit_ex(
+ &dec->ctx,
+ EVP_aes_128_cbc(),
+ NULL,
+ dec->key->data,
+ dec->ivtmp);
+ } else if(dec->key->type == DAV_KEY_AES256) {
+ EVP_DecryptInit_ex(
+ &dec->ctx,
+ EVP_aes_256_cbc(),
+ NULL,
+ dec->key->data,
+ dec->ivtmp);
+ } else {
+ fprintf(stderr, "unknown key type\n");
+ exit(-1);
+ }
+}
+
+size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
+ int len = s*n;
+ if(!dec->init) {
+ size_t n = 16 - dec->ivpos;
+ size_t cp = n > len ? len : n;
+ memcpy(dec->ivtmp + dec->ivpos, buf, cp);
+ dec->ivpos += cp;
+ if(dec->ivpos >= 16) {
+ aes_decrypter_init(dec);
+ }
+ if(len == cp) {
+ return len;
+ } else {
+ buf = (char*)buf + cp;
+ len -= cp;
+ }
+ }
+
+ int outlen = len + 16;
+ unsigned char *out = malloc(outlen);
+ EVP_DecryptUpdate(&dec->ctx, out, &len, buf, len);
+ dec->write(out, 1, len, dec->stream);
+ free(out);
+ return (s*n) / s;
+}
+
+void aes_decrypter_close(AESDecrypter *dec) {
+ void *out = malloc(128);
+ int len = 0;
+ EVP_DecryptFinal_ex(&dec->ctx, out, &len);
+ dec->write(out, 1, len, dec->stream);
+ free(out);
+ EVP_CIPHER_CTX_cleanup(&dec->ctx);
+ free(dec);
+}
+
+
+AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func) {
+ unsigned char *iv = malloc(16);
+ if(!RAND_bytes(iv, 16)) {
+ free(iv);
+ return NULL;
+ }
+
+ AESEncrypter *enc = malloc(sizeof(AESEncrypter));
+ enc->stream = stream;
+ enc->read = read_func;
+ enc->tmp = NULL;
+ enc->tmplen = 0;
+ enc->tmpoff = 0;
+ enc->end = 0;
+ //enc->iv = iv;
+ enc->iv = iv;
+ enc->ivlen = 16;
+
+ EVP_CIPHER_CTX_init(&enc->ctx);
+ if(key->type == DAV_KEY_AES128) {
+ EVP_EncryptInit_ex(&enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv);
+ } else if(key->type == DAV_KEY_AES256) {
+ EVP_EncryptInit_ex(&enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv);
+ } else {
+ fprintf(stderr, "unknown key type\n");
+ exit(-1);
+ }
+ return enc;
+}
+
+size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
+ size_t len = s*n;
+ if(enc->tmp) {
+ size_t tmp_diff = enc->tmplen - enc->tmpoff;
+ size_t cp_len = tmp_diff > len ? len : tmp_diff;
+ memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
+ enc->tmpoff += cp_len;
+ if(enc->tmpoff >= enc->tmplen) {
+ free(enc->tmp);
+ enc->tmp = NULL;
+ enc->tmplen = 0;
+ enc->tmpoff = 0;
+ }
+ return cp_len / s;
+ }
+
+ if(enc->end) {
+ return 0;
+ }
+
+ void *in = malloc(len);
+ size_t in_len = enc->read(in, 1, len, enc->stream);
+
+ unsigned char *out = NULL;
+ int outlen = 0;
+ size_t ivl = enc->ivlen;
+ if(in_len != 0) {
+ outlen = len + 16;
+ out = malloc(outlen + ivl);
+ if(enc->iv) {
+ memcpy(out, enc->iv, ivl);
+ }
+ EVP_EncryptUpdate(&enc->ctx, out + ivl, &outlen, in, in_len);
+ free(in);
+ } else {
+ out = malloc(16);
+ EVP_EncryptFinal_ex(&enc->ctx, out, &outlen);
+ enc->end = 1;
+ }
+ enc->tmp = (char*)out;
+ enc->tmplen = outlen + ivl;
+ enc->tmpoff = 0;
+
+ if(enc->iv) {
+ enc->iv = NULL;
+ enc->ivlen = 0;
+ }
+
+ return aes_read(buf, s, n, enc);
+}
+
+void aes_encrypter_close(AESEncrypter *enc) {
+ if(enc->tmp) {
+ free(enc->tmp);
+ }
+ EVP_CIPHER_CTX_cleanup(&enc->ctx);
+ free(enc);
+}
+
+
+char* aes_encrypt(char *in, DavKey *key) {
+ char *iv = malloc(16);
+ if(!RAND_bytes(iv, 16)) {
+ free(iv);
+ return NULL;
+ }
+
+ EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
+ if(key->type == DAV_KEY_AES128) {
+ EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->data, iv);
+ } else if(key->type == DAV_KEY_AES256) {
+ EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key->data, iv);
+ } else {
+ return NULL;
+ }
+
+ int len = strlen(in);
+ int buflen = len + 64;
+ char *buf = calloc(1, buflen);
+ memcpy(buf, iv, 16);
+
+ int l = buflen - 16;
+ EVP_EncryptUpdate(&ctx, buf + 16, &l, in, len);
+
+ int f = 0;
+ EVP_EncryptFinal_ex(&ctx, buf + 16 + l, &f);
+ char *out = util_base64encode(buf, 16 + l + f);
+ free(buf);
+ return out;
+}
+
+char* aes_decrypt(char *in, DavKey *key) {
+ int len;
+ char *buf = util_base64decode_len(in, &len);
+
+ EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
+ if(key->type == DAV_KEY_AES128) {
+ EVP_DecryptInit_ex(
+ &ctx,
+ EVP_aes_128_cbc(),
+ NULL,
+ key->data,
+ buf);
+ } else if(key->type == DAV_KEY_AES256) {
+ EVP_DecryptInit_ex(
+ &ctx,
+ EVP_aes_256_cbc(),
+ NULL,
+ key->data,
+ buf);
+ } else {
+ return NULL;
+ }
+
+ char *out = malloc(len + 1);
+ int outlen = len;
+ char *in_buf = buf + 16;
+ int inlen = len - 16;
+ int f = 0;
+
+
+
+ EVP_DecryptUpdate(&ctx, out, &outlen, in_buf, inlen);
+ EVP_DecryptFinal_ex(&ctx, out + outlen, &f);
+ out[outlen + f] = '\0';
+ free(buf);
+ return out;
+}