Mercurial > hg > idav / file comparison

comparison: libidav/crypto.c

libidav/crypto.c

changeset 1
b5bb7b3cd597
equal deleted inserted replaced
0:2483f517c562 1:b5bb7b3cd597
1 /*
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
3 *
4 * Copyright 2018 Olaf Wintermann. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <string.h>
32 #include <fcntl.h>
33
34 #ifndef _WIN32
35 #include <unistd.h>
36 #endif
37
38 #include "utils.h"
39
40 #include "crypto.h"
41
42 /* -------------------- OpenSSL Crypto Functions -------------------- */
43 #ifdef DAV_USE_OPENSSL
44
45 #if OPENSSL_VERSION_NUMBER < 0x10000000L
46
47 static EVP_CIPHER_CTX* create_evp_cipher_ctx() {
48 EVP_CIPHER_CTX *ctx = malloc(sizeof(EVP_CIPHER_CTX));
49 EVP_CIPHER_CTX_init(ctx);
50 return ctx;
51 }
52
53 static void free_evp_cipher_ctx(EVP_CIPHER_CTX *ctx) {
54 EVP_CIPHER_CTX_cleanup(ctx);
55 free(ctx);
56 }
57
58 #define EVP_CIPHER_CTX_new() create_evp_cipher_ctx()
59 #define EVP_CIPHER_CTX_free(ctx) free_evp_cipher_ctx(ctx)
60
61 #endif
62
63 int dav_rand_bytes(unsigned char *buf, size_t len) {
64 return !RAND_bytes(buf, len);
65 }
66
67 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
68 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
69 SHA256_Init(&dec->sha256);
70 dec->stream = stream;
71 dec->write = write_func;
72 dec->key = key;
73 dec->init = 0;
74 dec->ivpos = 0;
75
76 return dec;
77 }
78
79 void aes_decrypter_init(AESDecrypter *dec) {
80 //EVP_CIPHER_CTX_init(&dec->ctx);
81 dec->ctx = EVP_CIPHER_CTX_new();
82 dec->init = 1;
83 if(dec->key->type == DAV_KEY_AES128) {
84 EVP_DecryptInit_ex(
85 dec->ctx,
86 EVP_aes_128_cbc(),
87 NULL,
88 dec->key->data,
89 dec->ivtmp);
90 } else if(dec->key->type == DAV_KEY_AES256) {
91 EVP_DecryptInit_ex(
92 dec->ctx,
93 EVP_aes_256_cbc(),
94 NULL,
95 dec->key->data,
96 dec->ivtmp);
97 } else {
98 fprintf(stderr, "unknown key type\n");
99 exit(-1);
100 }
101 }
102
103 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
104 int len = s*n;
105 if(!dec->init) {
106 size_t n = 16 - dec->ivpos;
107 size_t cp = n > len ? len : n;
108 memcpy(dec->ivtmp + dec->ivpos, buf, cp);
109 dec->ivpos += cp;
110 if(dec->ivpos >= 16) {
111 aes_decrypter_init(dec);
112 }
113 if(len == cp) {
114 return len;
115 } else {
116 buf = (char*)buf + cp;
117 len -= cp;
118 }
119 }
120
121 int outlen = len + 16;
122 unsigned char *out = malloc(outlen);
123 EVP_DecryptUpdate(dec->ctx, out, &outlen, buf, len);
124 ssize_t wlen = dec->write(out, 1, outlen, dec->stream);
125 SHA256_Update(&dec->sha256, out, wlen);
126 free(out);
127 return (s*n) / s;
128 }
129
130 void aes_decrypter_shutdown(AESDecrypter *dec) {
131 if(dec->init) {
132 void *out = malloc(128);
133 int len = 0;
134 EVP_DecryptFinal_ex(dec->ctx, out, &len);
135 dec->write(out, 1, len, dec->stream);
136 SHA256_Update(&dec->sha256, out, len);
137 free(out);
138 //EVP_CIPHER_CTX_cleanup(&dec->ctx);
139 EVP_CIPHER_CTX_free(dec->ctx);
140 }
141 }
142
143 void aes_decrypter_close(AESDecrypter *dec) {
144 free(dec);
145 }
146
147
148 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
149 unsigned char *iv = malloc(16);
150 if(!RAND_bytes(iv, 16)) {
151 free(iv);
152 return NULL;
153 }
154
155 AESEncrypter *enc = malloc(sizeof(AESEncrypter));
156 SHA256_Init(&enc->sha256);
157 enc->stream = stream;
158 enc->read = read_func;
159 enc->seek = seek_func;
160 enc->tmp = NULL;
161 enc->tmplen = 0;
162 enc->tmpoff = 0;
163 enc->end = 0;
164 enc->iv = iv;
165 enc->ivlen = 16;
166
167 //EVP_CIPHER_CTX_init(&enc->ctx);
168 enc->ctx = EVP_CIPHER_CTX_new();
169 if(key->type == DAV_KEY_AES128) {
170 EVP_EncryptInit_ex(enc->ctx, EVP_aes_128_cbc(), NULL, key->data, enc->iv);
171 } else if(key->type == DAV_KEY_AES256) {
172 EVP_EncryptInit_ex(enc->ctx, EVP_aes_256_cbc(), NULL, key->data, enc->iv);
173 } else {
174 fprintf(stderr, "unknown key type\n");
175 exit(-1);
176 }
177 return enc;
178 }
179
180 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
181 size_t len = s*n;
182 if(enc->tmp) {
183 size_t tmp_diff = enc->tmplen - enc->tmpoff;
184 size_t cp_len = tmp_diff > len ? len : tmp_diff;
185 memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
186 enc->tmpoff += cp_len;
187 if(enc->tmpoff >= enc->tmplen) {
188 free(enc->tmp);
189 enc->tmp = NULL;
190 enc->tmplen = 0;
191 enc->tmpoff = 0;
192 }
193 return cp_len / s;
194 }
195
196 if(enc->end) {
197 return 0;
198 }
199
200 void *in = malloc(len);
201 size_t in_len = enc->read(in, 1, len, enc->stream);
202
203 SHA256_Update(&enc->sha256, in, in_len);
204
205 unsigned char *out = NULL;
206 int outlen = 0;
207 size_t ivl = enc->ivlen;
208 if(in_len != 0) {
209 outlen = len + 32;
210 out = malloc(outlen + ivl);
211 if(ivl > 0) {
212 memcpy(out, enc->iv, ivl);
213 }
214 EVP_EncryptUpdate(enc->ctx, out + ivl, &outlen, in, in_len);
215 // I think we don't need this
216 /*
217 if(in_len != len) {
218 int newoutlen = 16;
219 EVP_EncryptFinal_ex(enc->ctx, out + ivl + outlen, &newoutlen);
220 outlen += newoutlen;
221 enc->end = 1;
222 }
223 */
224 } else {
225 out = malloc(16);
226 EVP_EncryptFinal_ex(enc->ctx, out, &outlen);
227 enc->end = 1;
228 }
229 enc->tmp = (char*)out;
230 enc->tmplen = outlen + ivl;
231 enc->tmpoff = 0;
232
233 if(enc->ivlen > 0) {
234 enc->ivlen = 0;
235 }
236
237 free(in);
238
239 return aes_read(buf, s, n, enc);
240 }
241
242 void aes_encrypter_close(AESEncrypter *enc) {
243 if(enc->tmp) {
244 free(enc->tmp);
245 }
246 if(enc->iv) {
247 free(enc->iv);
248 }
249 //EVP_CIPHER_CTX_cleanup(&enc->ctx);
250 EVP_CIPHER_CTX_free(enc->ctx);
251 free(enc);
252 }
253
254 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) {
255 if(origin != SEEK_SET || offset != 0 || !enc->seek) {
256 return CURL_SEEKFUNC_CANTSEEK;
257 }
258
259 enc->ivlen = 16;
260 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
261 return CURL_SEEKFUNC_FAIL;
262 }
263 return CURL_SEEKFUNC_OK;
264 }
265
266
267 char* aes_encrypt(const char *in, size_t len, DavKey *key) {
268 unsigned char iv[16];
269 if(!RAND_bytes(iv, 16)) {
270 return NULL;
271 }
272
273 //EVP_CIPHER_CTX ctx;
274 //EVP_CIPHER_CTX_init(&ctx);
275 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
276 if(key->type == DAV_KEY_AES128) {
277 EVP_EncryptInit_ex(
278 ctx,
279 EVP_aes_128_cbc(),
280 NULL,
281 (unsigned char*)key->data,
282 iv);
283 } else if(key->type == DAV_KEY_AES256) {
284 EVP_EncryptInit_ex(
285 ctx,
286 EVP_aes_256_cbc(),
287 NULL,
288 (unsigned char*)key->data,
289 iv);
290 } else {
291 //EVP_CIPHER_CTX_cleanup(&ctx);
292 EVP_CIPHER_CTX_free(ctx);
293 return NULL;
294 }
295
296 //int len = strlen(in);
297 int buflen = len + 64;
298 unsigned char *buf = calloc(1, buflen);
299 memcpy(buf, iv, 16);
300
301 int l = buflen - 16;
302 EVP_EncryptUpdate(ctx, buf + 16, &l, (unsigned char*)in, len);
303
304 int f = 0;
305 EVP_EncryptFinal_ex(ctx, buf + 16 + l, &f);
306 char *out = util_base64encode((char*)buf, 16 + l + f);
307 free(buf);
308 EVP_CIPHER_CTX_free(ctx);
309 //EVP_CIPHER_CTX_cleanup(&ctx);
310
311 return out;
312 }
313
314 char* aes_decrypt(const char *in, size_t *length, DavKey *key) {
315 int len;
316 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &len);
317
318 //EVP_CIPHER_CTX ctx;
319 //EVP_CIPHER_CTX_init(&ctx);
320 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
321 if(key->type == DAV_KEY_AES128) {
322 EVP_DecryptInit_ex(
323 ctx,
324 EVP_aes_128_cbc(),
325 NULL,
326 key->data,
327 buf);
328 } else if(key->type == DAV_KEY_AES256) {
329 EVP_DecryptInit_ex(
330 ctx,
331 EVP_aes_256_cbc(),
332 NULL,
333 key->data,
334 buf);
335 } else {
336 //EVP_CIPHER_CTX_cleanup(&ctx);
337 EVP_CIPHER_CTX_free(ctx);
338 return NULL;
339 }
340
341 unsigned char *out = malloc(len + 1);
342 int outlen = len;
343 unsigned char *in_buf = buf + 16;
344 int inlen = len - 16;
345 int f = 0;
346
347 EVP_DecryptUpdate(ctx, out, &outlen, in_buf, inlen);
348 EVP_DecryptFinal_ex(ctx, out + outlen, &f);
349 out[outlen + f] = '\0';
350 free(buf);
351 //EVP_CIPHER_CTX_cleanup(&ctx);
352 EVP_CIPHER_CTX_free(ctx);
353
354 *length = outlen + f;
355 return (char*)out;
356 }
357
358
359 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf){
360 SHA256_Final((unsigned char*)buf, sha256);
361 }
362
363 char* dav_create_hash(const char *data, size_t len) {
364 unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
365 DAV_SHA_CTX ctx;
366 SHA256_Init(&ctx);
367 SHA256_Update(&ctx, data, len);
368 SHA256_Final(hash, &ctx);
369 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
370 }
371
372 DAV_SHA_CTX* dav_hash_init(void) {
373 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
374 SHA256_Init(ctx);
375 return ctx;
376 }
377
378 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
379 SHA256_Update(ctx, data, len);
380 }
381
382 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
383 SHA256_Final(buf, ctx);
384 free(ctx);
385 }
386
387 #if OPENSSL_VERSION_NUMBER < 0x10100000L
388 static int crypto_pw2key_error = 0;
389 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
390 if(!crypto_pw2key_error) {
391 fprintf(stderr, "Error: password key derivation not supported on this platform: openssl to old\n");
392 crypto_pw2key_error = 1;
393 }
394 return 0;
395 }
396
397 #else
398 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
399 if(!password) {
400 return NULL;
401 }
402 size_t len = strlen(password);
403 if(len == 0) {
404 return NULL;
405 }
406
407 // setup key data and length
408 unsigned char keydata[32];
409 int keylen = 32;
410 switch(enc) {
411 case DAV_KEY_AES128: keylen = 16; break;
412 case DAV_KEY_AES256: keylen = 32; break;
413 default: return NULL;
414 }
415
416 // generate key
417 switch(pwfunc) {
418 case DAV_PWFUNC_PBKDF2_SHA256: {
419 PKCS5_PBKDF2_HMAC(
420 password,
421 len,
422 salt,
423 saltlen,
424 DAV_CRYPTO_ITERATION_COUNT,
425 EVP_sha256(),
426 keylen,
427 keydata);
428 break;
429 }
430 case DAV_PWFUNC_PBKDF2_SHA512: {
431 PKCS5_PBKDF2_HMAC(
432 password,
433 len,
434 salt,
435 saltlen,
436 DAV_CRYPTO_ITERATION_COUNT,
437 EVP_sha512(),
438 keylen,
439 keydata);
440 break;
441 }
442 default: return NULL;
443 }
444
445 // create DavKey with generated data
446 DavKey *key = malloc(sizeof(DavKey));
447 key->data = malloc(keylen);
448 key->length = keylen;
449 key->name = NULL;
450 key->type = enc;
451 memcpy(key->data, keydata, keylen);
452 return key;
453 }
454 #endif
455
456 #endif
457
458
459 /* -------------------- Apple Crypto Functions -------------------- */
460 #ifdef DAV_CRYPTO_COMMON_CRYPTO
461
462 #define RANDOM_BUFFER_LENGTH 256
463 static char randbuf[RANDOM_BUFFER_LENGTH];
464 static int rbufpos = RANDOM_BUFFER_LENGTH;
465
466 int dav_rand_bytes(unsigned char *buf, size_t len) {
467 if(len + rbufpos > RANDOM_BUFFER_LENGTH) {
468 int devr = open("/dev/urandom", O_RDONLY);
469 if(devr == -1) {
470 return 1;
471 }
472
473 if(read(devr, randbuf, RANDOM_BUFFER_LENGTH) < RANDOM_BUFFER_LENGTH) {
474 close(devr);
475 return 1;
476 }
477
478 rbufpos = 0;
479 if(len > RANDOM_BUFFER_LENGTH) {
480 int err = 0;
481 if(read(devr, buf, len) < len) {
482 err = 1;
483 }
484 close(devr);
485 return err;
486 }
487
488 close(devr);
489 }
490
491 char *r = randbuf;
492 memcpy(buf, r + rbufpos, len);
493 rbufpos += len;
494
495 return 0;
496 }
497
498 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
499 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
500 CC_SHA256_Init(&dec->sha256);
501 dec->stream = stream;
502 dec->write = write_func;
503 dec->key = key;
504 dec->init = 0;
505 dec->ivpos = 0;
506
507 return dec;
508 }
509
510
511 void aes_decrypter_init(AESDecrypter *dec) {
512 //EVP_CIPHER_CTX_init(&dec->ctx);
513 dec->init = 1;
514
515 CCCryptorRef cryptor;
516 CCCryptorStatus status;
517 if(dec->key->type == DAV_KEY_AES128) {
518 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor);
519 } else if(dec->key->type == DAV_KEY_AES256) {
520 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, dec->key->data, dec->key->length, dec->ivtmp, &cryptor);
521 } else {
522 fprintf(stderr, "unknown key type\n");
523 exit(-1);
524 }
525 dec->ctx = cryptor;
526 }
527
528 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
529 int len = s*n;
530 if(!dec->init) {
531 size_t n = 16 - dec->ivpos;
532 size_t cp = n > len ? len : n;
533 memcpy(dec->ivtmp + dec->ivpos, buf, cp);
534 dec->ivpos += cp;
535 if(dec->ivpos >= 16) {
536 aes_decrypter_init(dec);
537 }
538 if(len == cp) {
539 return len;
540 } else {
541 buf = (char*)buf + cp;
542 len -= cp;
543 }
544 }
545
546 int outlen = len + 16;
547 unsigned char *out = malloc(outlen);
548
549 CCCryptorStatus status;
550 size_t avail = outlen;
551 size_t moved = 0;
552 status = CCCryptorUpdate(dec->ctx, buf, len, out, avail, &moved);
553
554 ssize_t wlen = dec->write(out, 1, moved, dec->stream);
555 CC_SHA256_Update(&dec->sha256, out, wlen);
556 free(out);
557 return (s*n) / s;
558 }
559
560 void aes_decrypter_shutdown(AESDecrypter *dec) {
561 if(dec->init) {
562 void *out = malloc(128);
563 size_t len = 0;
564 //EVP_DecryptFinal_ex(dec->ctx, out, &len);
565 CCCryptorFinal(dec->ctx, out, 128, &len);
566
567
568 dec->write(out, 1, len, dec->stream);
569 CC_SHA256_Update(&dec->sha256, out, len);
570 free(out);
571 //EVP_CIPHER_CTX_cleanup(&dec->ctx);
572 //EVP_CIPHER_CTX_free(dec->ctx);
573 }
574 }
575
576 void aes_decrypter_close(AESDecrypter *dec) {
577
578 }
579
580 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
581 unsigned char *iv = malloc(16);
582 if(dav_rand_bytes(iv, 16)) {
583 return NULL;
584 }
585
586 CCCryptorRef cryptor;
587 CCCryptorStatus status;
588 if(key->type == DAV_KEY_AES128) {
589 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
590 } else if(key->type == DAV_KEY_AES256) {
591 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
592 } else {
593 free(iv);
594 return NULL;
595 }
596
597 AESEncrypter *enc = malloc(sizeof(AESEncrypter));
598 enc->ctx = cryptor;
599 CC_SHA256_Init(&enc->sha256);
600 enc->stream = stream;
601 enc->read = read_func;
602 enc->seek = seek_func;
603 enc->tmp = NULL;
604 enc->tmplen = 0;
605 enc->tmpoff = 0;
606 enc->end = 0;
607 enc->iv = iv;
608 enc->ivlen = 16;
609
610 return enc;
611 }
612
613 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
614 size_t len = s*n;
615 if(enc->tmp) {
616 size_t tmp_diff = enc->tmplen - enc->tmpoff;
617 size_t cp_len = tmp_diff > len ? len : tmp_diff;
618 memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
619 enc->tmpoff += cp_len;
620 if(enc->tmpoff >= enc->tmplen) {
621 free(enc->tmp);
622 enc->tmp = NULL;
623 enc->tmplen = 0;
624 enc->tmpoff = 0;
625 }
626 return cp_len / s;
627 }
628
629 if(enc->end) {
630 return 0;
631 }
632
633 void *in = malloc(len);
634 size_t in_len = enc->read(in, 1, len, enc->stream);
635
636 CC_SHA256_Update(&enc->sha256, in, in_len);
637
638 unsigned char *out = NULL;
639 size_t outlen = 0;
640 size_t ivl = enc->ivlen;
641 if(in_len != 0) {
642 outlen = len + 32;
643 out = malloc(outlen + ivl);
644 if(ivl > 0) {
645 memcpy(out, enc->iv, ivl);
646 }
647
648 CCCryptorStatus status;
649 size_t avail = outlen;
650 status = CCCryptorUpdate(enc->ctx, in, in_len, out + ivl, avail, &outlen);
651 // TODO: check if this still works
652 /*
653 if(in_len != len) {
654 size_t newoutlen = 16;
655 status = CCCryptorFinal(enc->ctx, out + ivl + outlen, 16, &newoutlen);
656 outlen += newoutlen;
657 enc->end = 1;
658 }
659 */
660 } else {
661 out = malloc(32);
662 CCCryptorStatus status;
663 size_t avail = outlen;
664 status = CCCryptorFinal(enc->ctx, out, 32, &outlen);
665 enc->end = 1;
666 }
667 enc->tmp = (char*)out;
668 enc->tmplen = outlen + ivl;
669 enc->tmpoff = 0;
670
671 if(enc->ivlen > 0) {
672 enc->ivlen = 0;
673 }
674
675 free(in);
676
677 return aes_read(buf, s, n, enc);
678 }
679
680 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) {
681 if(origin != SEEK_SET || offset != 0 || !enc->seek) {
682 return CURL_SEEKFUNC_CANTSEEK;
683 }
684
685 enc->ivlen = 16;
686 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
687 return CURL_SEEKFUNC_FAIL;
688 }
689 return CURL_SEEKFUNC_OK;
690 }
691
692 void aes_encrypter_close(AESEncrypter *enc) {
693 if(enc->tmp) {
694 free(enc->tmp);
695 }
696 if(enc->iv) {
697 free(enc->iv);
698 }
699 // TODO: cleanup cryptor
700 free(enc);
701 }
702
703 char* aes_encrypt(const char *in, size_t len, DavKey *key) {
704 unsigned char iv[16];
705 if(dav_rand_bytes(iv, 16)) {
706 return NULL;
707 }
708
709 CCCryptorRef cryptor;
710 CCCryptorStatus status;
711 if(key->type == DAV_KEY_AES128) {
712 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
713 } else if(key->type == DAV_KEY_AES256) {
714 status = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, iv, &cryptor);
715 } else {
716 return NULL;
717 }
718
719 if(status != kCCSuccess) {
720 return NULL;
721 }
722
723 int buflen = len + 64;
724 char *buf = calloc(1, buflen);
725 memcpy(buf, iv, 16);
726
727 int pos = 16;
728 size_t avail = buflen - 16;
729 size_t moved;
730 char *out = buf + 16;
731
732 status = CCCryptorUpdate(cryptor, in,
733 len, out, avail,
734 &moved);
735 if(status != kCCSuccess) {
736 free(buf);
737 return NULL;
738 }
739
740 pos += moved;
741 avail -= moved;
742 out += moved;
743
744 status = CCCryptorFinal(cryptor, out, avail, &moved);
745 if(status != kCCSuccess) {
746 free(buf);
747 return NULL;
748 }
749
750 pos += moved;
751
752 char *b64enc = util_base64encode(buf, pos);
753 free(buf);
754
755 return b64enc;
756 }
757
758 char* aes_decrypt(const char *in, size_t *len, DavKey *key) {
759 int inlen;
760 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen);
761
762 CCCryptorRef cryptor;
763 CCCryptorStatus status;
764 if(key->type == DAV_KEY_AES128) {
765 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor);
766 } else if(key->type == DAV_KEY_AES256) {
767 status = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, kCCOptionPKCS7Padding, key->data, key->length, buf, &cryptor);
768 } else {
769 free(buf);
770 return NULL;
771 }
772
773 if(status != kCCSuccess) {
774 free(buf);
775 return NULL;
776 }
777
778 char *out = malloc(inlen + 1);
779 size_t outavail = inlen;
780 size_t outlen = 0;
781
782 unsigned char *inbuf = buf + 16;
783 inlen -= 16;
784
785 size_t moved = 0;
786 status = CCCryptorUpdate(cryptor, inbuf, inlen, out, outavail, &moved);
787 if(status != kCCSuccess) {
788 free(buf);
789 free(out);
790 // TODO cryptor
791 return NULL;
792 }
793
794 outlen += moved;
795 outavail -= moved;
796
797 status = CCCryptorFinal(cryptor, out + outlen, outavail, &moved);
798 if(status != kCCSuccess) {
799 free(buf);
800 free(out);
801 // TODO cryptor
802 return NULL;
803 }
804
805 outlen += moved;
806 out[outlen] = 0;
807
808 *len = outlen;
809 return out;
810 }
811
812 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) {
813 CC_SHA256_Final(buf, sha256);
814 }
815
816 char* dav_create_hash(const char *data, size_t len) {
817 unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
818 CC_SHA256((const unsigned char*)data, len, hash);
819 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
820 }
821
822 DAV_SHA_CTX* dav_hash_init(void) {
823 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
824 CC_SHA256_Init(ctx);
825 return ctx;
826 }
827
828 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
829 CC_SHA256_Update(ctx, data, len);
830 }
831
832 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
833 CC_SHA256_Final(buf, ctx);
834 free(ctx);
835 }
836
837 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
838 if(!password) {
839 return NULL;
840 }
841 size_t len = strlen(password);
842 if(len == 0) {
843 return NULL;
844 }
845
846 // setup key data and length
847 unsigned char keydata[32];
848 int keylen = 32;
849 switch(enc) {
850 case DAV_KEY_AES128: keylen = 16; break;
851 case DAV_KEY_AES256: keylen = 32; break;
852 default: return NULL;
853 }
854
855 // generate key
856 switch(pwfunc) {
857 case DAV_PWFUNC_PBKDF2_SHA256: {
858 int result = CCKeyDerivationPBKDF(
859 kCCPBKDF2,
860 password,
861 len,
862 salt,
863 saltlen,
864 kCCPRFHmacAlgSHA256,
865 DAV_CRYPTO_ITERATION_COUNT,
866 keydata,
867 keylen);
868 if(result) {
869 return NULL;
870 }
871 break;
872 }
873 case DAV_PWFUNC_PBKDF2_SHA512: {
874 int result = CCKeyDerivationPBKDF(
875 kCCPBKDF2,
876 password,
877 len,
878 salt,
879 saltlen,
880 kCCPRFHmacAlgSHA512,
881 DAV_CRYPTO_ITERATION_COUNT,
882 keydata,
883 keylen);
884 if(result) {
885 return NULL;
886 }
887 break;
888 }
889 default: return NULL;
890 }
891
892 // create DavKey with generated data
893 DavKey *key = malloc(sizeof(DavKey));
894 key->data = malloc(keylen);
895 key->length = keylen;
896 key->name = NULL;
897 key->type = enc;
898 memcpy(key->data, keydata, keylen);
899 return key;
900 }
901
902 #endif
903
904 /* -------------------- Windows Crypto Functions -------------------- */
905 #ifdef DAV_CRYPTO_CNG
906
907 static void cng_cleanup(BCRYPT_ALG_HANDLE hAesAlg, BCRYPT_KEY_HANDLE hKey, BCRYPT_HASH_HANDLE hHash, void *pbObject) {
908 if(hAesAlg) {
909 BCryptCloseAlgorithmProvider(hAesAlg,0);
910 }
911 if(hKey) {
912 BCryptDestroyKey(hKey);
913 }
914 if(hHash) {
915 BCryptDestroyHash(hHash);
916 }
917 if(pbObject) {
918 free(pbObject);
919 }
920 }
921
922 static int cng_init_key(BCRYPT_ALG_HANDLE *alg, BCRYPT_KEY_HANDLE *key, void **keyobj, DavKey *aesKey) {
923 BCRYPT_ALG_HANDLE hAesAlg = NULL;
924 BCRYPT_KEY_HANDLE hKey = NULL;
925
926 void *pbKeyObject = NULL;
927 ULONG keyObjectLength = 0;
928
929 ULONG result = 0;
930
931 // check DavKey and get AES key length
932 if(!aesKey) {
933 return 1;
934 }
935
936 ULONG aesKeyLength = 0;
937 if(aesKey->type == DAV_KEY_AES128) {
938 aesKeyLength = 16;
939 } else if(aesKey->type == DAV_KEY_AES256) {
940 aesKeyLength = 32;
941 }
942 if(aesKeyLength > aesKey->length || !aesKey->data) {
943 // invalid DavKey
944 return 1;
945 }
946
947 // initialize BCrypt stuff
948 if(BCryptOpenAlgorithmProvider(&hAesAlg, BCRYPT_AES_ALGORITHM, NULL, 0)) {
949 fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n");
950 return 1;
951 }
952
953 if(BCryptGetProperty(hAesAlg, BCRYPT_OBJECT_LENGTH, (PUCHAR)&keyObjectLength, sizeof(DWORD), &result, 0)) {
954 fprintf(stderr, "Error: BCrypt: Cannot get BCRYPT_OBJECT_LENGTH\n");
955 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
956 return 1;
957 }
958
959 if(BCryptSetProperty(hAesAlg, BCRYPT_CHAINING_MODE, (PBYTE)BCRYPT_CHAIN_MODE_CBC, sizeof(BCRYPT_CHAIN_MODE_CBC), 0)) {
960 fprintf(stderr, "Error: BCrypt: Cannot set CBC mode\n");
961 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
962 return 1;
963 }
964
965 pbKeyObject = calloc(1, keyObjectLength);
966 if(!pbKeyObject) {
967 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
968 return 1;
969 }
970
971 // init key
972 if(BCryptGenerateSymmetricKey(hAesAlg, &hKey, pbKeyObject, keyObjectLength, aesKey->data, aesKeyLength, 0)) {
973 fprintf(stderr, "Error: BCrypt: Cannot set key\n");
974 cng_cleanup(hAesAlg, hKey, NULL, pbKeyObject);
975 return 1;
976 }
977
978 *alg = hAesAlg;
979 *key = hKey;
980 *keyobj = pbKeyObject;
981
982 return 0;
983 }
984
985 static int cng_hash_init(WinBCryptSHACTX *ctx) {
986 if(BCryptOpenAlgorithmProvider(&ctx->hAlg, BCRYPT_SHA256_ALGORITHM, NULL, 0)) {
987 fprintf(stderr, "Error: BCryptOpenAlgorithmProvider failed\n");
988 return 1;
989 }
990
991 ULONG hashObjectLen;
992 ULONG result;
993 if(BCryptGetProperty(ctx->hAlg, BCRYPT_OBJECT_LENGTH, (PBYTE)&hashObjectLen, sizeof(DWORD), &result, 0)) {
994 cng_cleanup(ctx->hAlg, NULL, NULL, NULL);
995 return 1;
996 }
997
998 ctx->pbHashObject = calloc(1, hashObjectLen);
999
1000 if(BCryptCreateHash(ctx->hAlg, &ctx->hHash, ctx->pbHashObject, hashObjectLen, NULL, 0, 0)) {
1001 cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject);
1002 return 1;
1003 }
1004
1005 return 0;
1006 }
1007
1008
1009 int dav_rand_bytes(unsigned char *buf, size_t len) {
1010 if(BCryptGenRandom(NULL, (unsigned char*)buf, (ULONG)len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) {
1011 return 1;
1012 }
1013 return 0;
1014 }
1015
1016 AESDecrypter* aes_decrypter_new(DavKey *key, void *stream, dav_write_func write_func) {
1017 AESDecrypter *dec = calloc(1, sizeof(AESDecrypter));
1018 if(!dec) {
1019 return NULL;
1020 }
1021 if(cng_hash_init(&dec->sha256)) {
1022 free(dec);
1023 return NULL;
1024 }
1025
1026 dec->stream = stream;
1027 dec->write = write_func;
1028 dec->key = key;
1029 dec->init = 0;
1030 dec->ivpos = 0;
1031
1032 return dec;
1033 }
1034
1035 static void aes_decrypter_init(AESDecrypter *dec) {
1036 if(cng_init_key(&dec->ctx.hAlg, &dec->ctx.hKey, &dec->ctx.pbKeyObject, dec->key)) {
1037 fprintf(stderr, "Error: cng_init_key failed\n");
1038 exit(-1);
1039 }
1040 // copy iv
1041 memcpy(dec->ctx.pbIV, dec->ivtmp, 16);
1042 }
1043
1044 size_t aes_write(const void *buf, size_t s, size_t n, AESDecrypter *dec) {
1045 int len = s*n;
1046 if(!dec->init) {
1047 dec->init = 1;
1048
1049 size_t n = 16 - dec->ivpos;
1050 size_t cp = n > len ? len : n;
1051 memcpy(dec->ivtmp + dec->ivpos, buf, cp);
1052 dec->ivpos += cp;
1053 if(dec->ivpos >= 16) {
1054 aes_decrypter_init(dec);
1055 }
1056 if(len == cp) {
1057 return len;
1058 } else {
1059 buf = (char*)buf + cp;
1060 len -= cp;
1061 }
1062 }
1063
1064 // the cipher text must be a multiply of 16
1065 // remaining bytes are stored in ctx.buf and must be added to cibuf
1066 // the next time
1067 size_t cbufalloc = len + 64;
1068 ULONG clen = 0;
1069 char *cbuf = malloc(cbufalloc);
1070
1071 // add previous remaining bytes
1072 if(dec->ctx.buflen > 0) {
1073 memcpy(cbuf, dec->ctx.buf, dec->ctx.buflen);
1074 clen = dec->ctx.buflen;
1075 }
1076 // add current bytes
1077 memcpy(cbuf + clen, buf, len);
1078 clen += len;
1079
1080 // check if the message fits the blocksize
1081 int remaining = clen % 16;
1082 if(remaining == 0) {
1083 // decrypt last block next time, or in aes_decrypter_shutdown
1084 // this makes sure, that shutdown always decrypts the last block
1085 // with BCRYPT_BLOCK_PADDING flag
1086 remaining = 16;
1087 }
1088
1089 // add remaining bytes to ctx.buf for the next aes_write run
1090 clen -= remaining;
1091 memcpy(dec->ctx.buf, cbuf + clen, remaining);
1092 dec->ctx.buflen = remaining;
1093
1094 // ready to decrypt the message
1095 ULONG outlen = clen + 32;
1096
1097 // decrypt
1098 if(clen > 0) {
1099 unsigned char* out = malloc(outlen);
1100
1101 ULONG enc_len = 0;
1102 ULONG status = BCryptDecrypt(dec->ctx.hKey, cbuf, clen, NULL, dec->ctx.pbIV, 16, out, outlen, &enc_len, 0);
1103 if(status > 0) {
1104 fprintf(stderr, "Error: BCryptDecrypt failed: 0x%X\n", status);
1105 free(out);
1106 free(cbuf);
1107 return 0;
1108 }
1109 outlen = enc_len;
1110
1111 // write decrypted data to the output stream and update the hash
1112 dec->write(out, 1, outlen, dec->stream);
1113 BCryptHashData(dec->sha256.hHash, out, outlen, 0);
1114
1115 free(out);
1116 }
1117
1118 free(cbuf);
1119
1120 return (s*n) / s;
1121 }
1122
1123 void aes_decrypter_shutdown(AESDecrypter *dec) {
1124 if(dec->init && dec->ctx.buflen > 0) {
1125 ULONG outlen = 64;
1126 char out[64];
1127 if(BCryptDecrypt(dec->ctx.hKey, dec->ctx.buf, dec->ctx.buflen, NULL, dec->ctx.pbIV, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) {
1128 fprintf(stderr, "Error: BCryptDecrypt failed\n");
1129 return;
1130 }
1131 dec->write(out, 1, outlen, dec->stream);
1132 BCryptHashData(dec->sha256.hHash, out, outlen, 0);
1133 }
1134 }
1135
1136 void aes_decrypter_close(AESDecrypter *dec) {
1137 cng_cleanup(dec->ctx.hAlg, dec->ctx.hKey, NULL, dec->ctx.pbKeyObject);
1138 cng_cleanup(dec->sha256.hAlg, NULL, dec->sha256.hHash, dec->sha256.pbHashObject);
1139 free(dec);
1140 }
1141
1142 AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
1143 unsigned char *iv = malloc(16);
1144 if(dav_rand_bytes(iv, 16)) {
1145 free(iv);
1146 return NULL;
1147 }
1148
1149 AESEncrypter *enc = calloc(1, sizeof(AESEncrypter));
1150 if(cng_hash_init(&enc->sha256)) {
1151 free(iv);
1152 free(enc);
1153 return NULL;
1154 }
1155
1156 enc->stream = stream;
1157 enc->read = read_func;
1158 enc->seek = seek_func;
1159 enc->tmp = NULL;
1160 enc->tmplen = 0;
1161 enc->tmpoff = 0;
1162 enc->end = 0;
1163 enc->iv = iv;
1164 enc->ivlen = 0;
1165
1166 if(cng_init_key(&enc->ctx.hAlg, &enc->ctx.hKey, &enc->ctx.pbKeyObject, key)) {
1167 fprintf(stderr, "Error: cng_init_key failed\n");
1168 exit(-1);
1169 }
1170
1171 enc->ctx.buflen = 0;
1172 memcpy(enc->ctx.pbIV, iv, 16);
1173
1174 return enc;
1175 }
1176
1177 size_t aes_read(void *buf, size_t s, size_t n, AESEncrypter *enc) {
1178 size_t len = s*n;
1179 size_t nread = 0;
1180
1181 if(enc->tmp) {
1182 // the temp buffer contains bytes that are already encrypted, but
1183 // the last aes_read had not enough read buffer space
1184
1185 // in case we have a tmp buf, we just return this
1186 size_t tmp_diff = enc->tmplen - enc->tmpoff;
1187 size_t cp_len = tmp_diff > len ? len : tmp_diff;
1188 memcpy(buf, enc->tmp + enc->tmpoff, cp_len);
1189 enc->tmpoff += cp_len;
1190 if(enc->tmpoff >= enc->tmplen) {
1191 free(enc->tmp);
1192 enc->tmp = NULL;
1193 enc->tmplen = 0;
1194 enc->tmpoff = 0;
1195 }
1196 return cp_len / s;
1197 }
1198
1199 if(enc->ivlen < 16) {
1200 size_t copy_iv_len = 16 - enc->ivlen;
1201 copy_iv_len = len > copy_iv_len ? copy_iv_len : len;
1202
1203 memcpy(buf, enc->iv, copy_iv_len);
1204 (char*)buf += copy_iv_len;
1205 len -= copy_iv_len;
1206 nread = copy_iv_len;
1207
1208 enc->ivlen += copy_iv_len;
1209
1210 if(len == 0) {
1211 return copy_iv_len / s;
1212 }
1213 }
1214
1215 if(enc->end) {
1216 return 0;
1217 }
1218
1219 size_t remaining = len % 16;
1220 len -= remaining;
1221
1222 if(len > 256) {
1223 len -= 16; // optimization for avoiding tmp buffer usage
1224 }
1225
1226 size_t inalloc = len;
1227 ULONG inlen = 0;
1228 unsigned char *in = malloc(inalloc);
1229
1230 // fill the input buffer
1231 while(inlen < inalloc) {
1232 size_t r = enc->read(in + inlen, 1, inalloc - inlen, enc->stream);
1233 if(r == 0) {
1234 enc->end = 1;
1235 break;
1236 }
1237 inlen += r;
1238 }
1239
1240 if(inlen == 0) {
1241 return nread / s;
1242 }
1243
1244 // hash read data
1245 BCryptHashData(enc->sha256.hHash, in, inlen, 0);
1246
1247 // create output buffer
1248 ULONG outalloc = inlen + 16;
1249 ULONG outlen = 0;
1250 char *out = malloc(outalloc);
1251
1252 // encrypt
1253 int flags = 0;
1254 if(inlen % 16 != 0) {
1255 enc->end = 1;
1256 }
1257 if(enc->end) {
1258 flags = BCRYPT_BLOCK_PADDING;
1259 }
1260 if(BCryptEncrypt(enc->ctx.hKey, in, inlen, NULL, enc->ctx.pbIV, 16, out, outalloc, &outlen, flags)) {
1261 fprintf(stderr, "Error: BCryptEncrypt failed\n");
1262 }
1263
1264 // check if the output fits in buf, if not, save the remaining bytes in tmp
1265 if(outlen > len) {
1266 size_t tmplen = outlen - len;
1267 char *tmp = malloc(tmplen);
1268 memcpy(tmp, out+len, tmplen);
1269
1270 enc->tmp = tmp;
1271 enc->tmplen = tmplen;
1272 enc->tmpoff = 0;
1273
1274 outlen = len;
1275 }
1276
1277 // fill read buffer and return
1278 memcpy(buf, out, outlen);
1279 nread += outlen;
1280
1281 free(in);
1282 free(out);
1283
1284 return nread / s;
1285 }
1286
1287 void aes_encrypter_close(AESEncrypter *enc) {
1288 enc->end = 1;
1289 }
1290
1291 int aes_encrypter_reset(AESEncrypter *enc, curl_off_t offset, int origin) {
1292 if(origin != SEEK_SET || offset != 0 || !enc->seek) {
1293 return CURL_SEEKFUNC_CANTSEEK;
1294 }
1295
1296 enc->ivlen = 0;
1297 memcpy(enc->ctx.pbIV, enc->iv, 16);
1298 if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
1299 return CURL_SEEKFUNC_FAIL;
1300 }
1301 return CURL_SEEKFUNC_OK;
1302 }
1303
1304 char* aes_encrypt(const char *in, size_t len, DavKey *key) {
1305 // create random IV
1306 char iv[16];
1307 if(dav_rand_bytes(iv, 16)) {
1308 return NULL;
1309 }
1310
1311 // initialize bcrypt stuff
1312 BCRYPT_ALG_HANDLE hAlg = NULL;
1313 BCRYPT_KEY_HANDLE hKey = NULL;
1314 void *pbKeyObject = NULL;
1315 if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) {
1316 return NULL;
1317 }
1318
1319 // create output buffer
1320 ULONG outlen = len + 128;
1321 char *out = malloc(outlen);
1322
1323 // the output must start with the IV
1324 memcpy(out, iv, 16);
1325 char *encbuf = out + 16;
1326 ULONG enclen = outlen - 16;
1327 ULONG encoutlen = 0;
1328
1329 // encrypt
1330 if(BCryptEncrypt(hKey, (PUCHAR)in, len, NULL, (PUCHAR)iv, 16, encbuf, enclen, &encoutlen, BCRYPT_BLOCK_PADDING)) {
1331 fprintf(stderr, "Error: BCryptEncrypt failed\n");
1332 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
1333 free(out);
1334 return NULL;
1335 }
1336
1337 outlen = encoutlen + 16; // length of encrypted data + 16 bytes IV
1338
1339 // base64 encode
1340 char *outstr = util_base64encode(out, outlen);
1341
1342 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
1343 free(out);
1344
1345 return outstr;
1346 }
1347
1348 char* aes_decrypt(const char *in, size_t *len, DavKey *key) {
1349 BCRYPT_ALG_HANDLE hAlg = NULL;
1350 BCRYPT_KEY_HANDLE hKey = NULL;
1351 void *pbKeyObject = NULL;
1352 if(cng_init_key(&hAlg, &hKey, &pbKeyObject, key)) {
1353 return NULL;
1354 }
1355
1356 int inlen;
1357 unsigned char *buf = (unsigned char*)util_base64decode_len(in, &inlen);
1358 if(inlen < 16 || !buf) {
1359 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
1360 if(buf) {
1361 free(buf);
1362 }
1363 return NULL;
1364 }
1365
1366 // encrypted data starts with IV
1367 char iv[16];
1368 memcpy(iv, buf, 16);
1369
1370 // decrypt data
1371 char *data = buf + 16; // encrypted data starts after IV
1372 size_t datalen = inlen - 16;
1373
1374 // create output buffer
1375 ULONG outlen = inlen;
1376 char *out = malloc(outlen + 1);
1377
1378 // decrypt
1379 if(BCryptDecrypt(hKey, data, datalen, NULL, iv, 16, out, outlen, &outlen, BCRYPT_BLOCK_PADDING)) {
1380 cng_cleanup(hAlg, hKey, NULL, pbKeyObject);
1381 free(out);
1382 free(buf);
1383 return NULL;
1384 }
1385
1386 // decrypt finished, return
1387 out[outlen] = 0;
1388 *len = (size_t)outlen;
1389 return out;
1390 }
1391
1392 void dav_get_hash(DAV_SHA_CTX *sha256, unsigned char *buf) {
1393 BCryptFinishHash(sha256->hHash, buf, DAV_SHA256_DIGEST_LENGTH, 0);
1394 }
1395
1396
1397 char* dav_create_hash(const char *data, size_t len) {
1398 unsigned char hash[DAV_SHA256_DIGEST_LENGTH];
1399 DAV_SHA_CTX *ctx = dav_hash_init();
1400 if(ctx) {
1401 dav_hash_update(ctx, data, len);
1402 dav_hash_final(ctx, hash);
1403 }
1404 return util_hexstr(hash, DAV_SHA256_DIGEST_LENGTH);
1405 }
1406
1407 DAV_SHA_CTX* dav_hash_init(void) {
1408 DAV_SHA_CTX *ctx = malloc(sizeof(DAV_SHA_CTX));
1409 if(!ctx) {
1410 return NULL;
1411 }
1412 if(cng_hash_init(ctx)) {
1413 free(ctx);
1414 return NULL;
1415 }
1416 return ctx;
1417 }
1418
1419 void dav_hash_update(DAV_SHA_CTX *ctx, const char *data, size_t len) {
1420 BCryptHashData(ctx->hHash, (PUCHAR)data, len, 0);
1421 }
1422
1423 void dav_hash_final(DAV_SHA_CTX *ctx, unsigned char *buf) {
1424 BCryptFinishHash(ctx->hHash, (PUCHAR)buf, DAV_SHA256_DIGEST_LENGTH, 0);
1425
1426 // cleanup
1427 cng_cleanup(ctx->hAlg, NULL, ctx->hHash, ctx->pbHashObject);
1428 free(ctx);
1429 }
1430
1431 DavKey* dav_pw2key(const char *password, const unsigned char *salt, int saltlen, int pwfunc, int enc) {
1432 if(!password) {
1433 return NULL;
1434 }
1435 size_t len = strlen(password);
1436 if(len == 0) {
1437 return NULL;
1438 }
1439
1440 // setup key data and length
1441 unsigned char keydata[128];
1442 int keylen = 32;
1443 switch(enc) {
1444 case DAV_KEY_AES128: keylen = 16; break;
1445 case DAV_KEY_AES256: keylen = 32; break;
1446 default: return NULL;
1447 }
1448
1449 LPCWSTR algid;
1450 switch(pwfunc) {
1451 case DAV_PWFUNC_PBKDF2_SHA256: algid = BCRYPT_SHA256_ALGORITHM; break;
1452 case DAV_PWFUNC_PBKDF2_SHA512: algid = BCRYPT_SHA512_ALGORITHM; break;
1453 default: return NULL;
1454 }
1455
1456 // open algorithm provider
1457 BCRYPT_ALG_HANDLE hAlg;
1458 ULONG status = BCryptOpenAlgorithmProvider(&hAlg, algid, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG);
1459 if(status > 0) {
1460 fprintf(stderr, "Error: dav_pw2key: BCryptOpenAlgorithmProvider failed: 0x%X\n", (unsigned int)status);
1461 return NULL;
1462 }
1463
1464 // derive key
1465 status = BCryptDeriveKeyPBKDF2(
1466 hAlg,
1467 (PUCHAR)password,
1468 len,
1469 (PUCHAR)salt,
1470 saltlen,
1471 DAV_CRYPTO_ITERATION_COUNT,
1472 keydata,
1473 128,
1474 0);
1475
1476 BCryptCloseAlgorithmProvider(hAlg,0);
1477
1478 if(status) {
1479 fprintf(stderr, "Error: dav_pw2key: BCryptDeriveKeyPBKDF2 failed: 0x%X\n", (unsigned int)status);
1480 return NULL;
1481 }
1482
1483 // create DavKey with generated data
1484 DavKey *key = malloc(sizeof(DavKey));
1485 key->data = malloc(keylen);
1486 key->length = keylen;
1487 key->name = NULL;
1488 key->type = enc;
1489 memcpy(key->data, keydata, keylen);
1490 return key;
1491 }
1492 #endif
1493
1494
1495
1496 CxBuffer* aes_encrypt_buffer(CxBuffer *in, DavKey *key) {
1497 CxBuffer *encbuf = cxBufferCreate(NULL, in->size, cxDefaultAllocator, CX_BUFFER_FREE_CONTENTS|CX_BUFFER_AUTO_EXTEND);
1498 if(!encbuf) {
1499 return NULL;
1500 }
1501
1502 AESEncrypter *enc = aes_encrypter_new(
1503 key,
1504 in,
1505 (dav_read_func)cxBufferRead,
1506 NULL);
1507 if(!enc) {
1508 cxBufferFree(encbuf);
1509 return NULL;
1510 }
1511
1512 char buf[1024];
1513 size_t r;
1514 while((r = aes_read(buf, 1, 1024, enc)) > 0) {
1515 cxBufferWrite(buf, 1, r, encbuf);
1516 }
1517 aes_encrypter_close(enc);
1518
1519 encbuf->pos = 0;
1520 return encbuf;
1521 }
1522
1523 CxBuffer* aes_decrypt_buffer(CxBuffer *in, DavKey *key) {
1524 CxBuffer *decbuf = cxBufferCreate(NULL, in->size, cxDefaultAllocator, CX_BUFFER_FREE_CONTENTS|CX_BUFFER_AUTO_EXTEND);
1525 if(!decbuf) {
1526 return NULL;
1527 }
1528 AESDecrypter *dec = aes_decrypter_new(
1529 key,
1530 decbuf,
1531 (dav_write_func)cxBufferWrite);
1532 if(!dec) {
1533 cxBufferFree(decbuf);
1534 return NULL;
1535 }
1536
1537 aes_write(in->space, 1, in->size, dec);
1538 aes_decrypter_shutdown(dec);
1539 aes_decrypter_close(dec);
1540 decbuf->pos = 0;
1541 return decbuf;
1542 }

Mercurial Repository: idav

mercurial