libidav/crypto.c

Sat, 14 Dec 2019 09:45:39 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sat, 14 Dec 2019 09:45:39 +0100
changeset 697
32f439d70127
parent 692
56b66fe2b4f5
child 728
35a421f441d5
permissions
-rw-r--r--

add documentation for secret store commands

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright 2018 Olaf Wintermann. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   1. Redistributions of source code must retain the above copyright
 *      notice, this list of conditions and the following disclaimer.
 *
 *   2. Redistributions in binary form must reproduce the above copyright
 *      notice, this list of conditions and the following disclaimer in the
 *      documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include "utils.h"

#include "crypto.h"

/* -------------------- OpenSSL Crypto Functions -------------------- */
#ifdef DAV_USE_OPENSSL

#if OPENSSL_VERSION_NUMBER < 0x10000000L

static EVP_CIPHER_CTX* create_evp_cipher_ctx() {
    EVP_CIPHER_CTX *ctx = malloc(sizeof(EVP_CIPHER_CTX));
    EVP_CIPHER_CTX_init(ctx);
    return ctx;
}

static void free_evp_cipher_ctx(EVP_CIPHER_CTX *ctx) {
    EVP_CIPHER_CTX_cleanup(ctx);
    free(ctx);
}

#define EVP_CIPHER_CTX_new() create_evp_cipher_ctx()
#define EVP_CIPHER_CTX_free(ctx) free_evp_cipher_ctx(ctx)

#endif

int dav_rand_bytes(unsigned char *buf, size_t len) {
    return !RAND_bytes(buf, len);
}

AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
    AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
    SHA256_Init(&dec->sha256);
    dec->stream = stream;
    dec->write = write_func;
    dec->key = key;
    dec->init = 0;
    dec->ivpos = 0;
    
    return dec;
}

void aes_decrypter_init(AESDecrypter *dec) {
    //EVP_CIPHER_CTX_init(&dec->ctx);
    dec->ctx = EVP_CIPHER_CTX_new();
    dec->init = 1;
    if(dec->key->type == DAV_KEY_AES128) {
        EVP_DecryptInit_ex(
                dec->ctx,
                EVP_aes_128_cbc(),
                NULL,
                dec->key->data,
                dec->ivtmp);
    } else if(dec->key->type == DAV_KEY_AES256) {
        EVP_DecryptInit_ex(
                dec->ctx,
                EVP_aes_256_cbc(),
                NULL,
                dec->key->data,
                dec->ivtmp);
    } else {
        fprintf(stderr, "unknown key type\n");
        exit(-1);
    }
}

size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
    int len = s*n;
    if(!dec->init) {
        size_t n = 16 - dec->ivpos;
        size_t cp = n > len ? len : n;
        memcpy(dec->ivtmp + dec->ivpos, buf, cp);
        dec->ivpos += cp;
        if(dec->ivpos >= 16) {
            aes_decrypter_init(dec);
        }
        if(len == cp) {
            return len;
        } else {
            buf = (char*)buf + cp;
            len -= cp;
        }
    }
    
    int outlen = len + 16;
    unsigned char *out = malloc(outlen);
    EVP_DecryptUpdate(dec->ctx, out, &outlen, buf, len);
    ssize_t wlen = dec->write(out, 1, outlen, dec->stream);
    SHA256_Update(&dec->sha256, out, wlen);
    free(out);
    return (s*n) / s;
}

void aes_decrypter_shutdown(AESDecrypter *dec) {
    if(dec->init) {
        void *out = malloc(128);
        int len = 0;
        EVP_DecryptFinal_ex(dec->ctx, out, &len);
        dec->write(out, 1, len, dec->stream);
        SHA256_Update(&dec->sha256, out, len);
        free(out);
        //EVP_CIPHER_CTX_cleanup(&dec->ctx);
        EVP_CIPHER_CTX_free(dec->ctx);
    }
}

void aes_decrypter_close(AESDecrypter *dec) {
    free(dec);
}


AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
    unsigned char *iv = malloc(16);
    if(!RAND_bytes(iv, 16)) {
        free(iv);
        return NULL;
    }
    
    AESEncrypter *enc = malloc(sizeof(AESEncrypter));
    SHA256_Init(&enc->sha256);
    enc->stream = stream;
    enc->read = read_func;
    enc->seek = seek_func;
    enc->tmp = NULL;
    enc->tmplen = 0;
    enc->tmpoff = 0;
    enc->end = 0;
    enc->iv = iv;
    enc->ivlen = 16;
    
    //EVP_CIPHER_CTX_init(&enc->ctx);
    enc->ctx = EVP_CIPHER_CTX_new();
    if(key->type == DAV_KEY_AES128) {
        EVP_EncryptInit_ex(enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv);
    } else if(key->type == DAV_KEY_AES256) {
        EVP_EncryptInit_ex(enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv);
    } else {
        fprintf(stderr, "unknown key type\n");
        exit(-1);
    }
    return enc;
}

size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
    size_t len = s*n;
    if(enc->tmp) {
        size_t tmp_diff = enc->tmplen - enc->tmpoff;
        size_t cp_len = tmp_diff > len ? len : tmp_diff;
        memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
        enc->tmpoff += cp_len;
        if(enc->tmpoff >= enc->tmplen) {
            free(enc->tmp);
            enc->tmp = NULL;
            enc->tmplen = 0;
            enc->tmpoff = 0;
        }
        return cp_len / s;
    }
    
    if(enc->end) {
        return 0;
    }
    
    void *in = malloc(len);
    size_t in_len = enc->read(in, 1, len, enc->stream);
    
    SHA256_Update(&enc->sha256, in, in_len);
    
    unsigned char *out = NULL;
    int outlen = 0;
    size_t ivl = enc->ivlen;
    if(in_len != 0) {
        outlen = len + 32;
        out = malloc(outlen + ivl);
        if(ivl > 0) {
            memcpy(out, enc->iv, ivl);
        }
        EVP_EncryptUpdate(enc->ctx, out + ivl, &outlen, in, in_len);
        if(in_len != len) {
            int newoutlen = 16;
            EVP_EncryptFinal_ex(enc->ctx, out + ivl + outlen, &newoutlen);
            outlen += newoutlen;
            enc->end = 1;
        }
    } else {
        out = malloc(16);
        EVP_EncryptFinal_ex(enc->ctx, out, &outlen);
        enc->end = 1;
    }
    enc->tmp = (char*)out;
    enc->tmplen = outlen + ivl;
    enc->tmpoff = 0;
    
    if(enc->ivlen > 0) {
        enc->ivlen = 0;
    }
    
    free(in);
    
    return aes_read(buf, s, n, enc);
}

void aes_encrypter_close(AESEncrypter *enc) {
    if(enc->tmp) {
        free(enc->tmp);
    }
    if(enc->iv) {
        free(enc->iv);
    }
    //EVP_CIPHER_CTX_cleanup(&enc->ctx);
    EVP_CIPHER_CTX_free(enc->ctx);
    free(enc);
}

int aes_encrypter_reset(AESEncrypter  *enc, curl_off_t offset, int origin) {
    if(origin != SEEK_SET || offset != 0 || !enc->seek) {
        return CURL_SEEKFUNC_CANTSEEK;
    }
    
    enc->ivlen = 16;
    if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
        return CURL_SEEKFUNC_FAIL;
    }
    return CURL_SEEKFUNC_OK;
}


char* aes_encrypt(const char *in, size_t len, DavKey *key) {
    unsigned char iv[16];
    if(!RAND_bytes(iv, 16)) {
        return NULL;
    }
    
    //EVP_CIPHER_CTX ctx;
    //EVP_CIPHER_CTX_init(&ctx);
    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
    if(key->type == DAV_KEY_AES128) {
        EVP_EncryptInit_ex(
                ctx,
                EVP_aes_128_cbc(),
                NULL,
                (unsigned char*)key->data,
                iv);
    } else if(key->type == DAV_KEY_AES256) {
        EVP_EncryptInit_ex(
                ctx,
                EVP_aes_256_cbc(),
                NULL,
                (unsigned char*)key->data,
                iv);
    } else {
        //EVP_CIPHER_CTX_cleanup(&ctx);
        EVP_CIPHER_CTX_free(ctx);
        return NULL;
    }
    
    //int len = strlen(in);
    int buflen = len + 64;
    unsigned char *buf = calloc(1, buflen);
    memcpy(buf, iv, 16);
    
    int l = buflen - 16;
    EVP_EncryptUpdate(ctx, buf + 16, &l, (unsigned char*)in, len);
    
    int f = 0;
    EVP_EncryptFinal_ex(ctx, buf + 16 + l, &f);
    char *out = util_base64encode((char*)buf, 16 + l + f);
    free(buf);
    EVP_CIPHER_CTX_free(ctx);
    //EVP_CIPHER_CTX_cleanup(&ctx);
    
    return out;
}

char* aes_decrypt(const char *in, size_t *length, DavKey *key) {
    int len;
    unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len);
    
    //EVP_CIPHER_CTX ctx;
    //EVP_CIPHER_CTX_init(&ctx);
    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
    if(key->type == DAV_KEY_AES128) {
        EVP_DecryptInit_ex(
                ctx,
                EVP_aes_128_cbc(),
                NULL,
                key->data,
                buf);
    } else if(key->type == DAV_KEY_AES256) {
        EVP_DecryptInit_ex(
                ctx,
                EVP_aes_256_cbc(),
                NULL,
                key->data,
                buf);
    } else {
        //EVP_CIPHER_CTX_cleanup(&ctx);
        EVP_CIPHER_CTX_free(ctx);
        return NULL;
    }
    
    unsigned char *out = malloc(len + 1);
    int outlen = len;
    unsigned char *in_buf = buf + 16;
    int inlen = len - 16;
    int f = 0; 
    
    EVP_DecryptUpdate(ctx, out, &outlen, in_buf, inlen);
    EVP_DecryptFinal_ex(ctx, out + outlen, &f);
    out[outlen + f] = '\0';
    free(buf);
    //EVP_CIPHER_CTX_cleanup(&ctx);
    EVP_CIPHER_CTX_free(ctx);
    
    *length = outlen + f;
    return (char*)out;
}


void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf){
    SHA256_Final((unsigned char*)buf, sha256);
}

char* dav_create_hash(const char *data, size_t len) {
    unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
    DAV_SHA_CTX ctx;
    SHA256_Init(&ctx);
    SHA256_Update(&ctx, data, len);
    SHA256_Final(hash, &ctx);
    return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
}

DAV_SHA_CTX* dav_hash_init(void) {
    DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
    SHA256_Init(ctx);
    return ctx;
}

void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
    SHA256_Update(ctx, data, len);
}

void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
    SHA256_Final(buf, ctx);
    free(ctx);
}

#if OPENSSL_VERSION_NUMBER < 0x10100000L
static int crypto_pw2key_error = 0;
DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
    if(!crypto_pw2key_error) {
        fprintf(stderr, "Error: password key derivation not supported on this platform: openssl to old\n");
        crypto_pw2key_error = 1;
    }
    return 0;
}

#else
DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
    if(!password) {
        return NULL;
    }
    size_t len = strlen(password);
    if(len == 0) {
        return NULL;
    }
    
    // setup key data and length
    unsigned char keydata[32];
    int keylen = 32;
    switch(enc) {
        case DAV_KEY_AES128: keylen = 16; break;
        case DAV_KEY_AES256: keylen = 32; break;
        default: return NULL;
    }
    
    // generate key
    switch(pwfunc) {
        case DAV_PWFUNC_PBKDF2_SHA256: {
            PKCS5_PBKDF2_HMAC(
                    password,
                    len,
                    salt,
                    saltlen,
                    DAV_CRYPTO_ITERATION_COUNT,
                    EVP_sha256(),
                    keylen,
                    keydata);
            break;
        }
        case DAV_PWFUNC_PBKDF2_SHA512: {
            PKCS5_PBKDF2_HMAC(
                    password,
                    len,
                    salt,
                    saltlen,
                    DAV_CRYPTO_ITERATION_COUNT,
                    EVP_sha512(),
                    keylen,
                    keydata);
            break;
        }
        default: return NULL;
    }
    
    // create DavKey with generated data
    DavKey *key = malloc(sizeof(DavKey));
    key->data = malloc(keylen);
    key->length = keylen;
    key->name = NULL;
    key->type = enc;
    memcpy(key->data, keydata, keylen);
    return key;
}
#endif

#endif


/* -------------------- Apple Crypto Functions -------------------- */
#ifdef DAV_CRYPTO_COMMON_CRYPTO

#define RANDOM_BUFFER_LENGTH 256
static char randbuf[RANDOM_BUFFER_LENGTH];
static int rbufpos = RANDOM_BUFFER_LENGTH;

int dav_rand_bytes(unsigned char *buf, size_t len) {
    if(len + rbufpos > RANDOM_BUFFER_LENGTH) {
        int devr = open("/dev/urandom", O_RDONLY);
        if(devr == -1) {
            return 1;
        }
        
        if(read(devr, randbuf, RANDOM_BUFFER_LENGTH) < RANDOM_BUFFER_LENGTH) {
            close(devr);
            return 1;
        }
        
        rbufpos = 0;
        if(len > RANDOM_BUFFER_LENGTH) {
            int err = 0;
            if(read(devr, buf, len) < len) {
                err = 1;
            }
            close(devr);
            return err;
        }
        
        close(devr);
    }
    
    char *r = randbuf;
    memcpy(buf, r + rbufpos, len);
    rbufpos += len;
    
    return 0;
}

AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
    AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
    CC_SHA256_Init(&dec->sha256);
    dec->stream = stream;
    dec->write = write_func;
    dec->key = key;
    dec->init = 0;
    dec->ivpos = 0;
    
    return dec;
}


void aes_decrypter_init(AESDecrypter *dec) {
    //EVP_CIPHER_CTX_init(&dec->ctx);
    dec->init = 1;
    
    CCCryptorRef cryptor;
    CCCryptorStatus status;
    if(dec->key->type == DAV_KEY_AES128) {
        status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor);
    } else if(dec->key->type == DAV_KEY_AES256) {
        status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor);
    } else {
        fprintf(stderr, "unknown key type\n");
        exit(-1);
    }
    dec->ctx = cryptor;
}

size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
    int len = s*n;
    if(!dec->init) {
        size_t n = 16 - dec->ivpos;
        size_t cp = n > len ? len : n;
        memcpy(dec->ivtmp + dec->ivpos, buf, cp);
        dec->ivpos += cp;
        if(dec->ivpos >= 16) {
            aes_decrypter_init(dec);
        }
        if(len == cp) {
            return len;
        } else {
            buf = (char*)buf + cp;
            len -= cp;
        }
    }
    
    int outlen = len + 16;
    unsigned char *out = malloc(outlen);
    
    CCCryptorStatus status;
    size_t avail = outlen;
    size_t moved = 0;
    status = CCCryptorUpdate(dec->ctx, buf, len, out, avail, &moved);
    
    ssize_t wlen = dec->write(out, 1, moved, dec->stream);
    CC_SHA256_Update(&dec->sha256, out, wlen);
    free(out);
    return (s*n) / s;
}

void aes_decrypter_shutdown(AESDecrypter *dec) {
    if(dec->init) {
        void *out = malloc(128);
        size_t len = 0;
        //EVP_DecryptFinal_ex(dec->ctx, out, &len);
        CCCryptorFinal(dec->ctx, out, 128, &len);
        
        
        dec->write(out, 1, len, dec->stream);
        CC_SHA256_Update(&dec->sha256, out, len);
        free(out);
        //EVP_CIPHER_CTX_cleanup(&dec->ctx);
        //EVP_CIPHER_CTX_free(dec->ctx);
    }
}

void aes_decrypter_close(AESDecrypter *dec) {
    
}

AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
    unsigned char *iv = malloc(16);
    if(dav_rand_bytes(iv, 16)) {
        return NULL;
    }
    
    CCCryptorRef cryptor;
    CCCryptorStatus status;
    if(key->type == DAV_KEY_AES128) {
        status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
    } else if(key->type == DAV_KEY_AES256) {
        status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
    } else {
        free(iv);
        return NULL;
    }
    
    AESEncrypter *enc = malloc(sizeof(AESEncrypter));
    enc->ctx = cryptor;
    CC_SHA256_Init(&enc->sha256);
    enc->stream = stream;
    enc->read = read_func;
    enc->seek = seek_func;
    enc->tmp = NULL;
    enc->tmplen = 0;
    enc->tmpoff = 0;
    enc->end = 0;
    enc->iv = iv;
    enc->ivlen = 16;
    
    return enc;
}

size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
    size_t len = s*n;
    if(enc->tmp) {
        size_t tmp_diff = enc->tmplen - enc->tmpoff;
        size_t cp_len = tmp_diff > len ? len : tmp_diff;
        memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
        enc->tmpoff += cp_len;
        if(enc->tmpoff >= enc->tmplen) {
            free(enc->tmp);
            enc->tmp = NULL;
            enc->tmplen = 0;
            enc->tmpoff = 0;
        }
        return cp_len / s;
    }
    
    if(enc->end) {
        return 0;
    }
    
    void *in = malloc(len);
    size_t in_len = enc->read(in, 1, len, enc->stream);
    
    CC_SHA256_Update(&enc->sha256, in, in_len);
    
    unsigned char *out = NULL;
    size_t outlen = 0;
    size_t ivl = enc->ivlen;
    if(in_len != 0) {
        outlen = len + 32;
        out = malloc(outlen + ivl);
        if(ivl > 0) {
            memcpy(out, enc->iv, ivl);
        }
        
        CCCryptorStatus status;
        size_t avail = outlen;
        status = CCCryptorUpdate(enc->ctx, in, in_len, out + ivl, avail, &outlen);
        if(in_len != len) {
            size_t newoutlen = 16;
            status = CCCryptorFinal(enc->ctx, out + ivl + outlen, 16, &newoutlen);
            outlen += newoutlen;
            enc->end = 1;
        }
    } else {
        out = malloc(32);
        CCCryptorStatus status;
        size_t avail = outlen;
        status = CCCryptorFinal(enc->ctx, out, 32, &outlen);
        enc->end = 1;
    }
    enc->tmp = (char*)out;
    enc->tmplen = outlen + ivl;
    enc->tmpoff = 0;
    
    if(enc->ivlen > 0) {
        enc->ivlen = 0;
    }
    
    free(in);
    
    return aes_read(buf, s, n, enc);
}

int aes_encrypter_reset(AESEncrypter  *enc, curl_off_t offset, int origin) {
    if(origin != SEEK_SET || offset != 0 || !enc->seek) {
        return CURL_SEEKFUNC_CANTSEEK;
    }
    
    enc->ivlen = 16;
    if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
        return CURL_SEEKFUNC_FAIL;
    }
    return CURL_SEEKFUNC_OK;
}

void aes_encrypter_close(AESEncrypter *enc) {
    if(enc->tmp) {
        free(enc->tmp);
    }
    if(enc->iv) {
        free(enc->iv);
    }
    // TODO: cleanup cryptor
    free(enc);
}

char* aes_encrypt(const char *in, size_t len, DavKey *key) {
    unsigned char iv[16];
    if(dav_rand_bytes(iv, 16)) {
        return NULL;
    }
    
    CCCryptorRef cryptor;
    CCCryptorStatus status;
    if(key->type == DAV_KEY_AES128) {
        status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
    } else if(key->type == DAV_KEY_AES256) {
        status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
    } else {
        return NULL;
    }
    
    if(status != kCCSuccess) {
        return NULL;
    }
    
    int buflen = len + 64;
    char *buf = calloc(1, buflen);
    memcpy(buf, iv, 16);
    
    int pos = 16;
    size_t avail = buflen - 16;
    size_t moved;
    char *out = buf + 16;
    
    status = CCCryptorUpdate(cryptor, in,
         len, out, avail,
         &moved);
    if(status != kCCSuccess) {
        free(buf);
        return NULL;
    }
    
    pos += moved;
    avail -= moved;
    out += moved;
    
    status = CCCryptorFinal(cryptor, out, avail, &moved);
    if(status != kCCSuccess) {
        free(buf);
        return NULL;
    }
    
    pos += moved;
    
    char *b64enc = util_base64encode(buf, pos);
    free(buf);
    
    return b64enc;
}

char* aes_decrypt(const char *in, size_t *len, DavKey *key) {
    int inlen;
    unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen);
    
    CCCryptorRef cryptor;
    CCCryptorStatus status;
    if(key->type == DAV_KEY_AES128) {
        status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor);
    } else if(key->type == DAV_KEY_AES256) {
        status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor);
    } else {
        free(buf);
        return NULL;
    }
    
    if(status != kCCSuccess) {
        free(buf);
        return NULL;
    }
    
    char *out = malloc(inlen + 1);
    size_t outavail = inlen;
    size_t outlen = 0;
    
    unsigned char *inbuf = buf + 16;
    inlen -= 16;
    
    size_t moved = 0;
    status = CCCryptorUpdate(cryptor, inbuf, inlen, out, outavail, &moved);
    if(status != kCCSuccess) {
        free(buf);
        free(out);
        // TODO cryptor
        return NULL;
    }
    
    outlen += moved;
    outavail -= moved;
    
    status = CCCryptorFinal(cryptor, out + outlen, outavail, &moved);
    if(status != kCCSuccess) {
        free(buf);
        free(out);
        // TODO cryptor
        return NULL;
    }
    
    outlen += moved;
    out[outlen] = 0;
    
    *len = outlen;
    return out;
}

void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) {
    CC_SHA256_Final(buf, sha256);
}

char* dav_create_hash(const char *data, size_t len) {
    unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
    CC_SHA256((const unsigned char*)data, len, hash);
    return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
}

DAV_SHA_CTX* dav_hash_init(void) {
    DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
    CC_SHA256_Init(ctx);
    return ctx;
}

void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
    CC_SHA256_Update(ctx, data, len);
}

void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
    CC_SHA256_Final(buf, ctx);
    free(ctx);
}

DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
    if(!password) {
        return NULL;
    }
    size_t len = strlen(password);
    if(len == 0) {
        return NULL;
    }
    
    // setup key data and length
    unsigned char keydata[32];
    int keylen = 32;
    switch(enc) {
        case DAV_KEY_AES128: keylen = 16; break;
        case DAV_KEY_AES256: keylen = 32; break;
        default: return NULL;
    }
    
    // generate key
    switch(pwfunc) {
        case DAV_PWFUNC_PBKDF2_SHA256: {
            int result = CCKeyDerivationPBKDF(
                    kCCPBKDF2,
                    password,
                    len,
                    salt,
                    saltlen,
                    kCCPRFHmacAlgSHA256,
                    DAV_CRYPTO_ITERATION_COUNT,
                    keydata,
                    keylen);
            if(result) {
                return NULL;
            }
            break;
        }
        case DAV_PWFUNC_PBKDF2_SHA512: {
            int result = CCKeyDerivationPBKDF(
                    kCCPBKDF2,
                    password,
                    len,
                    salt,
                    saltlen,
                    kCCPRFHmacAlgSHA512,
                    DAV_CRYPTO_ITERATION_COUNT,
                    keydata,
                    keylen);
            if(result) {
                return NULL;
            }
            break;
        }
        default: return NULL;
    }
    
    // create DavKey with generated data
    DavKey *key = malloc(sizeof(DavKey));
    key->data = malloc(keylen);
    key->length = keylen;
    key->name = NULL;
    key->type = enc;
    memcpy(key->data, keydata, keylen);
    return key;
}

#endif

/* -------------------- Windows Crypto Functions -------------------- */
#ifdef DAV_CRYPTO_CNG

static void cng_cleanup(BCRYPT_ALG_HANDLE hAesAlg, BCRYPT_KEY_HANDLE hKey, BCRYPT_HASH_HANDLE hHash, void *pbObject) {
    if(hAesAlg) {
        BCryptCloseAlgorithmProvider(hAesAlg,0);
    }
    if(hKey) {
        BCryptDestroyKey(hKey);
    }
    if(hHash) {
        BCryptDestroyHash(hHash);
    }
    if(pbObject) {
        free(pbObject);
    }
}

static int cng_init_key(BCRYPT_ALG_HANDLE *alg, BCRYPT_KEY_HANDLE *key, void **keyobj, DavKey *aesKey) {
    BCRYPT_ALG_HANDLE hAesAlg = NULL;
    BCRYPT_KEY_HANDLE hKey    = NULL;
    
    void *pbKeyObject     = NULL;
    ULONG keyObjectLength = 0;
    
    ULONG result = 0;
    
    // check DavKey and get AES key length
    if(!aesKey) {
        return 1;
    }
    
    ULONG aesKeyLength = 0;
    if(aesKey->type == DAV_KEY_AES128) {
        aesKeyLength = 16;
    } else if(aesKey->type == DAV_KEY_AES256) {
        aesKeyLength = 32;
    }
    if(aesKeyLength > aesKey->length || !aesKey->data) {
        // invalid DavKey
        return 1;
    }
    
    // initialize BCrypt stuff
    if(BCryptOpenAlgorithmProvider(&hAesAlg, BCRYPT_AES_ALGORITHM, NULL, 0)) {
        fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n");
        return 1;
    }
    
    if(BCryptGetProperty(hAesAlg, BCRYPT_OBJECT_LENGTH, (PUCHAR)&keyObjectLength, sizeof(DWORD), &result, 0)) {
        fprintf(stderr, "Error: BCrypt: Cannot get BCRYPT_OBJECT_LENGTH\n");
        cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
        return 1;
    }
    
    if(BCryptSetProperty(hAesAlg, BCRYPT_CHAINING_MODE, (PBYTE)BCRYPT_CHAIN_MODE_CBC, sizeof(BCRYPT_CHAIN_MODE_CBC), 0)) {
        fprintf(stderr, "Error: BCrypt: Cannot set CBC mode\n");
        cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
        return 1;
    }
    
    pbKeyObject = calloc(1, keyObjectLength);
    if(!pbKeyObject) {
        cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
        return 1;
    }
    
    // init key
    if(BCryptGenerateSymmetricKey(hAesAlg, &hKey, pbKeyObject, keyObjectLength, aesKey->data, aesKeyLength, 0)) {
        fprintf(stderr, "Error: BCrypt: Cannot set key\n");
        cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
        return 1;
    }
    
    *alg = hAesAlg;
    *key = hKey;
    *keyobj = pbKeyObject;
    
    return 0;
}

static int cng_hash_init(WinBCryptSHACTX *ctx) {
    if(BCryptOpenAlgorithmProvider(&ctx->hAlg, BCRYPT_SHA256_ALGORITHM, NULL, 0)) {
        fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n");
        return 1;
    }
    
    ULONG hashObjectLen;
    ULONG result;
    if(BCryptGetProperty(ctx->hAlg, BCRYPT_OBJECT_LENGTH, (PBYTE)&hashObjectLen, sizeof(DWORD), &result, 0)) {
        cng_cleanup(ctx->hAlg, NULL, NULL, NULL);
        return 1;
    }
    
    ctx->pbHashObject = calloc(1, hashObjectLen);
    
    if(BCryptCreateHash(ctx->hAlg, &ctx->hHash, ctx->pbHashObject, hashObjectLen, NULL, 0, 0)) {
        cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject);
        return 1;
    }
    
    return 0;
}


int dav_rand_bytes(unsigned char *buf, size_t len) {
    if(BCryptGenRandom(NULL, (unsigned char*)buf, (ULONG)len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) {
        return 1;
    }
    return 0;
}

AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
    AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
    if(!dec) {
        return NULL;
    }
    if(cng_hash_init(&dec->sha256)) {
        free(dec);
        return NULL;
    }
    
    dec->stream = stream;
    dec->write = write_func;
    dec->key = key;
    dec->init = 0;
    dec->ivpos = 0;
      
    return dec;
}

static void aes_decrypter_init(AESDecrypter *dec) {
    if(cng_init_key(&dec->ctx.hAlg, &dec->ctx.hKey, &dec->ctx.pbKeyObject, dec->key)) {
        fprintf(stderr, "Error: cng_init_key failed\n");
        exit(-1);
    }
    // copy iv
    memcpy(dec->ctx.pbIV, dec->ivtmp, 16);
}

size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
    int len = s*n;
    if(!dec->init) {
        dec->init = 1;
        
        size_t n = 16 - dec->ivpos;
        size_t cp = n > len ? len : n;
        memcpy(dec->ivtmp + dec->ivpos, buf, cp);
        dec->ivpos += cp;
        if(dec->ivpos >= 16) {
            aes_decrypter_init(dec);
        }
        if(len == cp) {
            return len;
        } else {
            buf = (char*)buf + cp;
            len -= cp;
        }
    }
    
    // the cipher text must be a multiply of 16
    // remaining bytes are stored in ctx.buf and must be added to cibuf
    // the next time
    size_t cbufalloc = len + 64;
    ULONG clen = 0;
    char *cbuf = malloc(cbufalloc);
    
    // add previous remaining bytes
    if(dec->ctx.buflen > 0) {
        memcpy(cbuf, dec->ctx.buf, dec->ctx.buflen);
        clen = dec->ctx.buflen;
    }
    // add current bytes
    memcpy(cbuf + clen, buf, len);
    clen += len;
    
    // check if the message fits the blocksize
    int remaining = clen % 16;
    if(remaining == 0) {
        // decrypt last block next time, or in aes_decrypter_shutdown
        // this makes sure, that shutdown always decrypts the last block
        // with BCRYPT_BLOCK_PADDING flag
        remaining = 16;
    }
    
    // add remaining bytes to ctx.buf for the next aes_write run
    clen -= remaining;
    memcpy(dec->ctx.buf, cbuf + clen, remaining);
    dec->ctx.buflen = remaining;
    
    // ready to decrypt the message
    ULONG outlen = clen + 32;
    unsigned char *out = malloc(outlen);
       
    // decrypt
    if(clen > 0) {
        ULONG enc_len = 0;
        ULONG status = BCryptDecrypt(dec->ctx.hKey, cbuf, clen, NULL, dec->ctx.pbIV, 16, out, outlen, &enc_len, 0);
        if(status > 0) {
            fprintf(stderr, "Error: BCryptDecrypt failed: 0x%X\n", status);
            free(out);
            free(cbuf);
            return 0;
        }      
        outlen = enc_len;
    }
    
    // write decrypted data to the output stream and update the hash
    dec->write(out, 1, outlen, dec->stream);
    BCryptHashData(dec->sha256.hHash, out, outlen, 0);
    
    free(out);
    free(cbuf);
    
    return (s*n) / s;
}

void aes_decrypter_shutdown(AESDecrypter *dec) {
    if(dec->init && dec->ctx.buflen > 0) { 
        ULONG outlen = 64;
        char out[64];
        if(BCryptDecrypt(dec->ctx.hKey, dec->ctx.buf, dec->ctx.buflen, NULL, dec->ctx.pbIV, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) {
            fprintf(stderr, "Error: BCryptDecrypt failed\n");
            return;
        }
        dec->write(out, 1, outlen, dec->stream);
        BCryptHashData(dec->sha256.hHash, out, outlen, 0);
    }
}

void aes_decrypter_close(AESDecrypter *dec) {
    cng_cleanup(dec->ctx.hAlg, dec->ctx.hKey, NULL, dec->ctx.pbKeyObject);
    cng_cleanup(dec->sha256.hAlg, NULL, dec->sha256.hHash, dec->sha256.pbHashObject);
    free(dec);
}

AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
    unsigned char *iv = malloc(16);
    if(dav_rand_bytes(iv, 16)) {
        free(iv);
        return NULL;
    }
    
    AESEncrypter *enc = calloc(1, sizeof(AESEncrypter));
    if(cng_hash_init(&enc->sha256)) {
        free(iv);
        free(enc);
        return NULL;
    }
    
    enc->stream = stream;
    enc->read = read_func;
    enc->seek = seek_func;
    enc->tmp = NULL;
    enc->tmplen = 0;
    enc->tmpoff = 0;
    enc->end = 0;
    enc->iv = iv;
    enc->ivlen = 0;
    
    if(cng_init_key(&enc->ctx.hAlg, &enc->ctx.hKey, &enc->ctx.pbKeyObject, key)) {
        fprintf(stderr, "Error: cng_init_key failed\n");
        exit(-1);
    }
    
    enc->ctx.buflen = 0;
    memcpy(enc->ctx.pbIV, iv, 16);
    
    return enc;
}

size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
    size_t len = s*n;
    size_t nread = 0; 
    
    if(enc->tmp) {
        // the temp buffer contains bytes that are already encrypted, but
        // the last aes_read had not enough read buffer space
        
        // in case we have a tmp buf, we just return this 
        size_t tmp_diff = enc->tmplen - enc->tmpoff;
        size_t cp_len = tmp_diff > len ? len : tmp_diff;
        memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
        enc->tmpoff += cp_len;
        if(enc->tmpoff >= enc->tmplen) {
            free(enc->tmp);
            enc->tmp = NULL;
            enc->tmplen = 0;
            enc->tmpoff = 0;
        }
        return cp_len / s;
    }
    
    if(enc->ivlen < 16) {
        size_t copy_iv_len = 16 - enc->ivlen;
        copy_iv_len = len > copy_iv_len ? copy_iv_len : len;
        
        memcpy(buf, enc->iv, copy_iv_len);
        buf += copy_iv_len;
        len -= copy_iv_len;
        nread = copy_iv_len;
        
        enc->ivlen += copy_iv_len;
        
        if(len == 0) {
            return copy_iv_len / s;
        }
    }
    
    if(enc->end) {
        return 0;
    }
    
    size_t remaining = len % 16;
    len -= remaining;
    
    if(len > 256) {
        len -= 16; // optimization for avoiding tmp buffer usage
    }
    
    size_t inalloc = len;
    ULONG  inlen = 0;
    unsigned char *in = malloc(inalloc);
    
    // fill the input buffer
    while(inlen < inalloc) {
        size_t r = enc->read(in + inlen, 1, inalloc - inlen, enc->stream);
        if(r == 0) {
            enc->end = 1;
            break;
        }
        inlen += r;
    }
    
    if(inlen == 0) {
        return nread / s;
    }
    
    // hash read data
    BCryptHashData(enc->sha256.hHash, in, inlen, 0);
    
    // create output buffer
    ULONG outalloc = inlen + 16;
    ULONG outlen = 0;
    char *out = malloc(outalloc);
    
    // encrypt
    int flags = 0;
    if(inlen % 16 != 0) {
        enc->end = 1;
    }
    if(enc->end) {
        flags = BCRYPT_BLOCK_PADDING;
    }
    if(BCryptEncrypt(enc->ctx.hKey, in, inlen, NULL, enc->ctx.pbIV, 16, out, outalloc, &outlen, flags)) {
        fprintf(stderr, "Error: BCryptEncrypt failed\n");
    }
    
    // check if the output fits in buf, if not, save the remaining bytes in tmp
    if(outlen > len) {
        size_t tmplen = outlen - len;
        char *tmp = malloc(tmplen);
        memcpy(tmp, out+len, tmplen);
        
        enc->tmp = tmp;
        enc->tmplen = tmplen;
        enc->tmpoff = 0;
        
        outlen = len;
    }
    
    // fill read buffer and return
    memcpy(buf, out, outlen);
    nread += outlen;
    
    free(in);
    free(out);
    
    return nread / s;
}

void aes_encrypter_close(AESEncrypter *enc) {
    enc->end = 1;
}

int aes_encrypter_reset(AESEncrypter  *enc, curl_off_t offset, int origin) {
    if(origin != SEEK_SET || offset != 0 || !enc->seek) {
        return CURL_SEEKFUNC_CANTSEEK;
    }
    
    enc->ivlen = 0;
    memcpy(enc->ctx.pbIV, enc->iv, 16);
    if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
        return CURL_SEEKFUNC_FAIL;
    }
    return CURL_SEEKFUNC_OK;
}

char* aes_encrypt(const char *in, size_t len, DavKey *key) {
    // create random IV
    char iv[16];
    if(dav_rand_bytes(iv, 16)) {
        return NULL;
    }
    
    // initialize bcrypt stuff
    BCRYPT_ALG_HANDLE hAlg = NULL;
    BCRYPT_KEY_HANDLE hKey = NULL;
    void *pbKeyObject = NULL;
    if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) {
        return NULL;
    }
    
    // create output buffer
    ULONG outlen = len + 128;
    char *out = malloc(outlen);
    
    // the output must start with the IV
    memcpy(out, iv, 16);
    char *encbuf = out + 16;
    ULONG enclen = outlen - 16;
    ULONG encoutlen = 0;
    
    // encrypt
    if(BCryptEncrypt(hKey, (PUCHAR)in, len, NULL, (PUCHAR)iv, 16, encbuf, enclen, &encoutlen, BCRYPT_BLOCK_PADDING)) {
        fprintf(stderr, "Error: BCryptEncrypt failed\n");
        cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
        free(out);
        return NULL;
    }
    
    outlen = encoutlen + 16; // length of encrypted data + 16 bytes IV
    
    // base64 encode
    char *outstr = util_base64encode(out, outlen);
    
    cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
    free(out);
    
    return outstr;
}

char* aes_decrypt(const char *in, size_t *len, DavKey *key) {
    BCRYPT_ALG_HANDLE hAlg = NULL;
    BCRYPT_KEY_HANDLE hKey = NULL;
    void *pbKeyObject = NULL;
    if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) {
        return NULL;
    }
    
    int inlen;
    unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen);
    if(inlen < 16 || !buf) {
        cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
        if(buf) {
            free(buf);
        }
        return NULL;
    }
    
    // encrypted data starts with IV
    char iv[16];
    memcpy(iv, buf, 16);
    
    // decrypt data
    char *data = buf + 16; // encrypted data starts after IV
    size_t datalen = inlen - 16;
    
    // create output buffer
    ULONG outlen = inlen;
    char *out = malloc(outlen + 1);
    
    // decrypt
    if(BCryptDecrypt(hKey, data, datalen, NULL, iv, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) {
        cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
        free(out);
        free(buf);
        return NULL;
    }
    
    // decrypt finished, return
    out[outlen] = 0;
    *len = (size_t)outlen;
    return out;
}

void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) {
    BCryptFinishHash(sha256->hHash, buf, DAV_SHA256_DIGEST_LENGTH, 0);
}


char* dav_create_hash(const char *data, size_t len) {
    unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
    DAV_SHA_CTX *ctx = dav_hash_init();
    if(ctx) {
        dav_hash_update(ctx, data, len);
        dav_hash_final(ctx, hash);
    }
    return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
}

DAV_SHA_CTX* dav_hash_init(void) {
    DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
    if(!ctx) {
        return NULL;
    }
    if(cng_hash_init(ctx)) {
        free(ctx);
        return NULL;
    }
    return ctx;
}

void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
    BCryptHashData(ctx->hHash, (PUCHAR)data, len, 0);
}

void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
    BCryptFinishHash(ctx->hHash, (PUCHAR)buf, DAV_SHA256_DIGEST_LENGTH, 0);
    
    // cleanup
    cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject);
    free(ctx);
}

DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
    if(!password) {
        return NULL;
    }
    size_t len = strlen(password);
    if(len == 0) {
        return NULL;
    }
    
    // setup key data and length
    unsigned char keydata[128];
    int keylen = 32;
    switch(enc) {
        case DAV_KEY_AES128: keylen = 16; break;
        case DAV_KEY_AES256: keylen = 32; break;
        default: return NULL;
    }
    
    LPCWSTR algid;
    switch(pwfunc) {
        case DAV_PWFUNC_PBKDF2_SHA256: algid = BCRYPT_SHA256_ALGORITHM; break;
        case DAV_PWFUNC_PBKDF2_SHA512: algid = BCRYPT_SHA512_ALGORITHM; break;
        default: return NULL;
    }
    
    // open algorithm provider
    BCRYPT_ALG_HANDLE hAlg;
    ULONG status = BCryptOpenAlgorithmProvider(&hAlg, algid, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG);
    if(status > 0) {
        fprintf(stderr, "Error: dav_pw2key: BCryptOpenAlgorithmProvider failed: 0x%X\n", (unsigned int)status);
        return NULL;
    }
    
    // derive key
    status =  BCryptDeriveKeyPBKDF2(
            hAlg,
            (PUCHAR)password,
            len,
            (PUCHAR)salt,
            saltlen,
            DAV_CRYPTO_ITERATION_COUNT,
            keydata,
            128,
            0);
    
    BCryptCloseAlgorithmProvider(hAlg,0);
    
    if(status) {
        fprintf(stderr, "Error: dav_pw2key: BCryptDeriveKeyPBKDF2 failed: 0x%X\n", (unsigned int)status);
        return NULL;
    }
    
    // create DavKey with generated data
    DavKey *key = malloc(sizeof(DavKey));
    key->data = malloc(keylen);
    key->length = keylen;
    key->name = NULL;
    key->type = enc;
    memcpy(key->data, keydata, keylen);
    return key;
}
#endif



UcxBuffer* aes_encrypt_buffer(UcxBuffer *in, DavKey *key) {
    UcxBuffer *encbuf = ucx_buffer_new(
            NULL,
            in->size+16,
            UCX_BUFFER_AUTOEXTEND);
    
    AESEncrypter *enc = aes_encrypter_new(
            key,
            in,
            (dav_read_func)ucx_buffer_read,
            NULL);
    if(!enc) {
        ucx_buffer_free(encbuf);
        return NULL;
    }
    
    char buf[1024];
    size_t r;
    while((r = aes_read(buf, 1, 1024, enc)) > 0) {
        ucx_buffer_write(buf, 1, r, encbuf);
    }
    aes_encrypter_close(enc);
    
    encbuf->pos = 0;
    return encbuf;
}

UcxBuffer* aes_decrypt_buffer(UcxBuffer *in, DavKey *key) {
    UcxBuffer *decbuf = ucx_buffer_new(
            NULL,
            in->size,
            UCX_BUFFER_AUTOEXTEND);
    AESDecrypter *dec = aes_decrypter_new(
            key,
            decbuf,
            (dav_write_func)ucx_buffer_write);
    
    aes_write(in->space, 1, in->size, dec);
    aes_decrypter_shutdown(dec);
    aes_decrypter_close(dec);
    decbuf->pos = 0;
    return decbuf;
}

mercurial