libidav/crypto.c@08adb4f87160
libidav/crypto.c
Thu, 15 Oct 2015 15:01:50 +0200
- author
- Mike Becker <universe@uap-core.de>
- date
- Thu, 15 Oct 2015 15:01:50 +0200
- changeset 169
- 08adb4f87160
- parent 155
- b85248a8aee2
- child 183
- c238e0017257
- permissions
- -rw-r--r--
more updates to ucx
/* * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright 2015 Olaf Wintermann. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <openssl/rand.h> #include <libidav/utils.h> #include "crypto.h" AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) { AESDecrypter *dec = malloc(sizeof(AESDecrypter)); SHA256_Init(&dec->sha256); dec->stream = stream; dec->write = write_func; dec->key = key; dec->init = 0; dec->ivpos = 0; return dec; } void aes_decrypter_init(AESDecrypter *dec) { EVP_CIPHER_CTX_init(&dec->ctx); dec->init = 1; if(dec->key->type == DAV_KEY_AES128) { EVP_DecryptInit_ex( &dec->ctx, EVP_aes_128_cbc(), NULL, dec->key->data, dec->ivtmp); } else if(dec->key->type == DAV_KEY_AES256) { EVP_DecryptInit_ex( &dec->ctx, EVP_aes_256_cbc(), NULL, dec->key->data, dec->ivtmp); } else { fprintf(stderr, "unknown key type\n"); exit(-1); } } size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) { int len = s*n; if(!dec->init) { size_t n = 16 - dec->ivpos; size_t cp = n > len ? len : n; memcpy(dec->ivtmp + dec->ivpos, buf, cp); dec->ivpos += cp; if(dec->ivpos >= 16) { aes_decrypter_init(dec); } if(len == cp) { return len; } else { buf = (char*)buf + cp; len -= cp; } } int outlen = len + 16; unsigned char *out = malloc(outlen); EVP_DecryptUpdate(&dec->ctx, out, &len, buf, len); ssize_t wlen = dec->write(out, 1, len, dec->stream); SHA256_Update(&dec->sha256, out, wlen); free(out); return (s*n) / s; } void aes_decrypter_close(AESDecrypter *dec) { void *out = malloc(128); int len = 0; EVP_DecryptFinal_ex(&dec->ctx, out, &len); dec->write(out, 1, len, dec->stream); free(out); EVP_CIPHER_CTX_cleanup(&dec->ctx); free(dec); } AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func) { unsigned char *iv = malloc(16); if(!RAND_bytes(iv, 16)) { free(iv); return NULL; } AESEncrypter *enc = malloc(sizeof(AESEncrypter)); SHA256_Init(&enc->sha256); enc->stream = stream; enc->read = read_func; enc->tmp = NULL; enc->tmplen = 0; enc->tmpoff = 0; enc->end = 0; enc->iv = iv; enc->ivlen = 16; EVP_CIPHER_CTX_init(&enc->ctx); if(key->type == DAV_KEY_AES128) { EVP_EncryptInit_ex(&enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv); } else if(key->type == DAV_KEY_AES256) { EVP_EncryptInit_ex(&enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv); } else { fprintf(stderr, "unknown key type\n"); exit(-1); } return enc; } size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) { size_t len = s*n; if(enc->tmp) { size_t tmp_diff = enc->tmplen - enc->tmpoff; size_t cp_len = tmp_diff > len ? len : tmp_diff; memcpy(buf, enc->tmp + enc->tmpoff, cp_len); enc->tmpoff += cp_len; if(enc->tmpoff >= enc->tmplen) { free(enc->tmp); enc->tmp = NULL; enc->tmplen = 0; enc->tmpoff = 0; } return cp_len / s; } if(enc->end) { return 0; } void *in = malloc(len); size_t in_len = enc->read(in, 1, len, enc->stream); SHA256_Update(&enc->sha256, in, in_len); unsigned char *out = NULL; int outlen = 0; size_t ivl = enc->ivlen; if(in_len != 0) { outlen = len + 16; out = malloc(outlen + ivl); if(enc->iv) { memcpy(out, enc->iv, ivl); } EVP_EncryptUpdate(&enc->ctx, out + ivl, &outlen, in, in_len); free(in); } else { out = malloc(16); EVP_EncryptFinal_ex(&enc->ctx, out, &outlen); enc->end = 1; free(in); } enc->tmp = (char*)out; enc->tmplen = outlen + ivl; enc->tmpoff = 0; if(enc->iv) { free(enc->iv); enc->iv = NULL; enc->ivlen = 0; } return aes_read(buf, s, n, enc); } void aes_encrypter_close(AESEncrypter *enc) { if(enc->tmp) { free(enc->tmp); } if(enc->iv) { free(enc->iv); } EVP_CIPHER_CTX_cleanup(&enc->ctx); free(enc); } char* aes_encrypt(char *in, size_t len, DavKey *key) { unsigned char iv[16]; if(!RAND_bytes(iv, 16)) { return NULL; } EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); if(key->type == DAV_KEY_AES128) { EVP_EncryptInit_ex( &ctx, EVP_aes_128_cbc(), NULL, (unsigned char*)key->data, iv); } else if(key->type == DAV_KEY_AES256) { EVP_EncryptInit_ex( &ctx, EVP_aes_256_cbc(), NULL, (unsigned char*)key->data, iv); } else { EVP_CIPHER_CTX_cleanup(&ctx); return NULL; } //int len = strlen(in); int buflen = len + 64; unsigned char *buf = calloc(1, buflen); memcpy(buf, iv, 16); int l = buflen - 16; EVP_EncryptUpdate(&ctx, buf + 16, &l, (unsigned char*)in, len); int f = 0; EVP_EncryptFinal_ex(&ctx, buf + 16 + l, &f); char *out = util_base64encode((char*)buf, 16 + l + f); free(buf); EVP_CIPHER_CTX_cleanup(&ctx); return out; } char* aes_decrypt(char *in, size_t *length, DavKey *key) { int len; unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len); EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); if(key->type == DAV_KEY_AES128) { EVP_DecryptInit_ex( &ctx, EVP_aes_128_cbc(), NULL, key->data, buf); } else if(key->type == DAV_KEY_AES256) { EVP_DecryptInit_ex( &ctx, EVP_aes_256_cbc(), NULL, key->data, buf); } else { EVP_CIPHER_CTX_cleanup(&ctx); return NULL; } unsigned char *out = malloc(len + 1); int outlen = len; unsigned char *in_buf = buf + 16; int inlen = len - 16; int f = 0; EVP_DecryptUpdate(&ctx, out, &outlen, in_buf, inlen); EVP_DecryptFinal_ex(&ctx, out + outlen, &f); out[outlen + f] = '\0'; free(buf); EVP_CIPHER_CTX_cleanup(&ctx); *length = outlen + f; return (char*)out; } void dav_get_hash(SHA256_CTX *sha256, char *buf) { #ifdef __sun SHA256Final((unsigned char*)buf, sha256); #else SHA256_Final((unsigned char*)buf, sha256); #endif }
