sgx_status_t sgx_aes_gcm_close(sgx_aes_state_handle_t aes_gcm_state)
{
if (aes_gcm_state != NULL) {
EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)aes_gcm_state);
}
return SGX_SUCCESS;
}
void
tr_rc4_free (tr_rc4_ctx_t handle)
{
if (handle == NULL)
return;
EVP_CIPHER_CTX_free (handle);
}
static int
aes_ctr_release(archive_crypto_ctx *ctx)
{
EVP_CIPHER_CTX_free(ctx->ctx);
memset(ctx->key, 0, ctx->key_len);
memset(ctx->nonce, 0, sizeof(ctx->nonce));
return 0;
}
sgx_status_t sgx_aes_gcm128_enc_init(const uint8_t *key, const uint8_t *iv, uint32_t iv_len, const uint8_t *aad,
uint32_t aad_len, sgx_aes_state_handle_t* aes_gcm_state)
{
if ((aad_len >= INT_MAX) || (key == NULL) || (iv_len != SGX_AESGCM_IV_SIZE) || ((aad_len > 0) && (aad == NULL))
|| (iv == NULL) || (aes_gcm_state == NULL))
{
return SGX_ERROR_INVALID_PARAMETER;
}
int len = 0;
sgx_status_t ret = SGX_ERROR_UNEXPECTED;
EVP_CIPHER_CTX * pState = NULL;
do {
// Create and initialise the context
//
if (!(pState = EVP_CIPHER_CTX_new())) {
ret = SGX_ERROR_OUT_OF_MEMORY;
break;
}
// Initialize ctx with AES-128 GCM
//
if (!EVP_EncryptInit_ex(pState, EVP_aes_128_gcm(), NULL, NULL, NULL)) {
break;
}
// Set IV len
//
if (!EVP_CIPHER_CTX_ctrl(pState, EVP_CTRL_AEAD_SET_IVLEN, iv_len, NULL)) {
break;
}
// Initialize encryption key and IV
//
if (!EVP_EncryptInit_ex(pState, NULL, NULL, (unsigned char*)key, iv)) {
break;
}
// Provide AAD data if exist
//
if (NULL != aad) {
if (!EVP_EncryptUpdate(pState, NULL, &len, aad, aad_len)) {
break;
}
}
*aes_gcm_state = (EVP_CIPHER_CTX*)pState;
ret = SGX_SUCCESS;
} while (0);
if (ret != SGX_SUCCESS) {
if (pState != NULL) {
EVP_CIPHER_CTX_free(pState);
}
}
return ret;
}
static int
aes_ctr_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc) /* init key */
{
/*
* variable "c" is leaked from this scope, but is later freed
* in aes_ctr_cleanup
*/
aes_ctr_ctx *c;
const EVP_CIPHER *aes_cipher;
(void) enc;
switch(EVP_CIPHER_CTX_key_length(ctx)) {
case 16:
aes_cipher = EVP_aes_128_ecb();
break;
case 24:
aes_cipher = EVP_aes_192_ecb();
break;
case 32:
aes_cipher = EVP_aes_256_ecb();
break;
default:
return 0;
}
c = malloc(sizeof(*c));
if(c == NULL)
return 0;
#ifdef HAVE_OPAQUE_STRUCTS
c->aes_ctx = EVP_CIPHER_CTX_new();
#else
c->aes_ctx = malloc(sizeof(EVP_CIPHER_CTX));
#endif
if(c->aes_ctx == NULL) {
free(c);
return 0;
}
if(EVP_EncryptInit(c->aes_ctx, aes_cipher, key, NULL) != 1) {
#ifdef HAVE_OPAQUE_STRUCTS
EVP_CIPHER_CTX_free(c->aes_ctx);
#else
free(c->aes_ctx);
#endif
free(c);
return 0;
}
EVP_CIPHER_CTX_set_padding(c->aes_ctx, 0);
memcpy(c->ctr, iv, AES_BLOCK_SIZE);
EVP_CIPHER_CTX_set_app_data(ctx, c);
return 1;
}
bool Wallet::writeSecurityImage(const QPixmap* pixmap, const QString& outputFilePath) {
// aes requires a couple 128-bit keys (ckey and ivec). For now, I'll just
// use the md5 of the salt as the ckey (md5 is 128-bit), and ivec will be
// a constant. We can review this later - there are ways to generate keys
// from a password that may be better.
unsigned char ivec[16];
unsigned char ckey[32];
initializeAESKeys(ivec, ckey, _salt);
int tempSize, outSize;
QByteArray inputFileBuffer;
QBuffer buffer(&inputFileBuffer);
buffer.open(QIODevice::WriteOnly);
// another spot where we are assuming only jpgs
pixmap->save(&buffer, "jpg");
// reserve enough capacity for encrypted bytes
unsigned char* outputFileBuffer = new unsigned char[inputFileBuffer.size() + AES_BLOCK_SIZE];
EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
// TODO: add error handling!!!
if (!EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, ckey, ivec)) {
qCDebug(commerce) << "encrypt init failure";
delete[] outputFileBuffer;
return false;
}
if (!EVP_EncryptUpdate(ctx, outputFileBuffer, &tempSize, (unsigned char*)inputFileBuffer.data(), inputFileBuffer.size())) {
qCDebug(commerce) << "encrypt update failure";
delete[] outputFileBuffer;
return false;
}
outSize = tempSize;
if (!EVP_EncryptFinal_ex(ctx, outputFileBuffer + outSize, &tempSize)) {
qCDebug(commerce) << "encrypt final failure";
delete[] outputFileBuffer;
return false;
}
outSize += tempSize;
EVP_CIPHER_CTX_free(ctx);
qCDebug(commerce) << "encrypted buffer size" << outSize;
QByteArray output((const char*)outputFileBuffer, outSize);
// now APPEND to the file,
QByteArray b64output = output.toBase64();
QFile outputFile(outputFilePath);
outputFile.open(QIODevice::Append);
outputFile.write(IMAGE_HEADER);
outputBase64WithNewlines(outputFile, b64output);
outputFile.write(IMAGE_FOOTER);
outputFile.close();
delete[] outputFileBuffer;
return true;
}
int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *aad,
int aad_len, unsigned char *key, unsigned char *iv,
unsigned char *ciphertext, unsigned char *tag)
{
EVP_CIPHER_CTX *ctx;
int len;
int ciphertext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
/* Initialise the encryption operation. */
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL))
handleErrors();
/* Set IV length if default 12 bytes (96 bits) is not appropriate */
if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, 16, NULL))
handleErrors();
/* Initialise key and IV */
if(1 != EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) handleErrors();
/* Provide any AAD data. This can be called zero or more times as
* required
*/
/*
if(1 != EVP_EncryptUpdate(ctx, NULL, &len, aad, aad_len))
handleErrors();
*/
/* Provide the message to be encrypted, and obtain the encrypted output.
* EVP_EncryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
handleErrors();
ciphertext_len = len;
/* Finalise the encryption. Normally ciphertext bytes may be written at
* this stage, but this does not occur in GCM mode
*/
if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) handleErrors();
ciphertext_len += len;
/* Get the tag */
/*
if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag))
handleErrors();
*/
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return ciphertext_len;
}
static void aes_cleanup(EVP_CIPHER_CTX* ctx)
{
EVP_CIPHER_CTX_free(ctx);
#if(OPENSSL_VERSION_NUMBER<0x10000000L)
ERR_remove_state(0);
#elif(OPENSSL_VERSION_NUMBER<0x10100000L)
ERR_remove_thread_state(NULL);
#endif
}
int decryptccm(unsigned char *ciphertext, int ciphertext_len, unsigned char *tag, unsigned char *key, unsigned char *iv,
unsigned char *plaintext)
{
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
int ret;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors("Create and initialise the context");
/* Initialise the decryption operation. */
if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_ccm(), NULL, NULL, NULL))
handleErrors("Initialise the decryption operation.");
/* Setting IV len to 7. Not strictly necessary as this is the default
* but shown here for the purposes of this example */
if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, 7, NULL))
handleErrors("Setting IV len to 7. ");
/* Set expected tag value. */
if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, 14, tag))
handleErrors("Set expected tag value.");
/* Initialise key and IV */
if(1 != EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
handleErrors("Initialise key and IV");
/* Provide the total ciphertext length
*/
if(1 != EVP_DecryptUpdate(ctx, NULL, &len, NULL, ciphertext_len))
handleErrors("rovide the total ciphertext length");
/* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary
*/
ret = EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len);
plaintext_len = len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
if(ret > 0)
{
/* Success */
return plaintext_len;
}
else
{
/* Verify failed */
return -1;
}
}
static LUA_FUNCTION(openssl_cipher_ctx_free)
{
EVP_CIPHER_CTX *ctx = CHECK_OBJECT(1, EVP_CIPHER_CTX, "openssl.evp_cipher_ctx");
lua_pushnil(L);
lua_rawsetp(L, LUA_REGISTRYINDEX, ctx);
EVP_CIPHER_CTX_cleanup(ctx);
EVP_CIPHER_CTX_free(ctx);
return 0;
}
void
aes_cipher_free(aes_cnt_cipher_t *cipher_)
{
if (!cipher_)
return;
EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_;
EVP_CIPHER_CTX_cleanup(cipher);
EVP_CIPHER_CTX_free(cipher);
}
/* Test copying of contexts */
static void test_ctx_replace(EVP_CIPHER_CTX **pctx)
{
/* Make copy of context and replace original */
EVP_CIPHER_CTX *ctx_copy;
ctx_copy = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_copy(ctx_copy, *pctx);
EVP_CIPHER_CTX_free(*pctx);
*pctx = ctx_copy;
}
int crypto_encrypt_final(CipherContext *ctx, char *ciphertext) {
int ciphertext_len;
if (EVP_EncryptFinal_ex(ctx, (unsigned char *)ciphertext, &ciphertext_len) != 1)
crypto_handle_error();
EVP_CIPHER_CTX_free(ctx);
return ciphertext_len;
}
/** Decrypt a buffer.
* @param cipher cipher ID
* @param enc encrypted buffer
* @param enc_size number of bytes in @p enc
* @param plain on return contains plain text data
* @param plain_size size in bytes of @p plain
* @return number of bytes that were in the encrypted buffer (this can be shorter if the data
* did not exactly fit the AES block size.
*/
size_t
BufferDecryptor::decrypt(int cipher, const void *enc, size_t enc_size, void *plain, size_t plain_size)
{
#ifdef HAVE_LIBCRYPTO
if (keys_.find(cipher) == keys_.end()) {
generate_key(cipher);
}
const EVP_CIPHER *evp_cipher = cipher_by_id(cipher);
const size_t iv_size = EVP_CIPHER_iv_length(evp_cipher);
const unsigned char *iv = (const unsigned char *)enc;
unsigned char *enc_m = (unsigned char *)enc + iv_size;
enc_size -= iv_size;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if ( ! EVP_DecryptInit(ctx, evp_cipher, (const unsigned char *)keys_[cipher].c_str(), iv))
{
EVP_CIPHER_CTX_free(ctx);
throw std::runtime_error("Could not initialize cipher context");
}
int outl = plain_size;
if ( ! EVP_DecryptUpdate(ctx,
(unsigned char *)plain, &outl, enc_m, enc_size))
{
EVP_CIPHER_CTX_free(ctx);
throw std::runtime_error("DecryptUpdate failed");
}
int plen = 0;
if ( ! EVP_DecryptFinal(ctx, (unsigned char *)plain + outl, &plen) ) {
EVP_CIPHER_CTX_free(ctx);
throw std::runtime_error("DecryptFinal failed");
}
outl += plen;
EVP_CIPHER_CTX_free(ctx);
return outl;
#else
throw std::runtime_error("Decryption support not available");
#endif
}
static krb5_error_code
AES_PRF(krb5_context context,
krb5_crypto crypto,
const krb5_data *in,
krb5_data *out)
{
struct _krb5_checksum_type *ct = crypto->et->checksum;
krb5_error_code ret;
Checksum result;
krb5_keyblock *derived;
result.cksumtype = ct->type;
ret = krb5_data_alloc(&result.checksum, ct->checksumsize);
if (ret) {
krb5_set_error_message(context, ret, N_("malloc: out memory", ""));
return ret;
}
ret = (*ct->checksum)(context, NULL, in->data, in->length, 0, &result);
if (ret) {
krb5_data_free(&result.checksum);
return ret;
}
if (result.checksum.length < crypto->et->blocksize)
krb5_abortx(context, "internal prf error");
derived = NULL;
ret = krb5_derive_key(context, crypto->key.key,
crypto->et->type, "prf", 3, &derived);
if (ret)
krb5_abortx(context, "krb5_derive_key");
ret = krb5_data_alloc(out, crypto->et->blocksize);
if (ret)
krb5_abortx(context, "malloc failed");
{
const EVP_CIPHER *c = (*crypto->et->keytype->evp)();
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new(); /* ivec all zero */
if (ctx == NULL)
krb5_abortx(context, "malloc failed");
EVP_CipherInit_ex(ctx, c, NULL, derived->keyvalue.data, NULL, 1);
EVP_Cipher(ctx, out->data, result.checksum.data,
crypto->et->blocksize);
EVP_CIPHER_CTX_free(ctx);
}
krb5_data_free(&result.checksum);
krb5_free_keyblock(context, derived);
return ret;
}
tr_rc4_ctx_t
tr_rc4_new (void)
{
EVP_CIPHER_CTX * handle = EVP_CIPHER_CTX_new ();
if (check_result (EVP_CipherInit_ex (handle, EVP_rc4 (), NULL, NULL, NULL, -1)))
return handle;
EVP_CIPHER_CTX_free (handle);
return NULL;
}
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
* @param ctx The block context to use.
* @return Returns APR_ENOTIMPL if not supported.
*/
static apr_status_t crypto_block_cleanup(apr_crypto_block_t *ctx)
{
if (ctx->initialised) {
EVP_CIPHER_CTX_free(ctx->cipherCtx);
ctx->initialised = 0;
}
return APR_SUCCESS;
}
static int entersafe_cipher_apdu(sc_card_t *card, sc_apdu_t *apdu,
u8 *key, size_t keylen,
u8 *buff, size_t buffsize)
{
EVP_CIPHER_CTX * ctx = NULL;
u8 iv[8]={0};
int len;
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
assert(card);
assert(apdu);
assert(key);
assert(buff);
/* padding as 0x80 0x00 0x00...... */
memset(buff,0,buffsize);
buff[0]=apdu->lc;
memcpy(buff+1,apdu->data,apdu->lc);
buff[apdu->lc+1]=0x80;
ctx = EVP_CIPHER_CTX_new();
if (ctx == NULL)
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_OUT_OF_MEMORY);
EVP_CIPHER_CTX_set_padding(ctx,0);
if(keylen == 8)
EVP_EncryptInit_ex(ctx, EVP_des_ecb(), NULL, key, iv);
else if (keylen == 16)
EVP_EncryptInit_ex(ctx, EVP_des_ede(), NULL, key, iv);
else
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INTERNAL);
len = apdu->lc;
if(!EVP_EncryptUpdate(ctx, buff, &len, buff, buffsize)){
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "entersafe encryption error.");
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INTERNAL);
}
apdu->lc = len;
EVP_CIPHER_CTX_free(ctx);
if(apdu->lc!=buffsize)
{
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "entersafe build cipher apdu failed.");
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_INTERNAL);
}
apdu->data=buff;
apdu->datalen=apdu->lc;
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_SUCCESS);
}
/*
* Encrypt/Decrypt a buffer based on password and algor, result in a
* OPENSSL_malloc'ed buffer
*/
unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor,
const char *pass, int passlen,
const unsigned char *in, int inlen,
unsigned char **data, int *datalen, int en_de)
{
unsigned char *out = NULL;
int outlen, i;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if (ctx == NULL) {
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
/* Decrypt data */
if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
algor->parameter, ctx, en_de)) {
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
goto err;
}
if ((out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(ctx)))
== NULL) {
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EVP_CipherUpdate(ctx, out, &i, in, inlen)) {
OPENSSL_free(out);
out = NULL;
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB);
goto err;
}
outlen = i;
if (!EVP_CipherFinal_ex(ctx, out + i, &i)) {
OPENSSL_free(out);
out = NULL;
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
goto err;
}
outlen += i;
if (datalen)
*datalen = outlen;
if (data)
*data = out;
err:
EVP_CIPHER_CTX_free(ctx);
return out;
}
void RarVolume::DecryptFree()
{
if (m_context)
{
#ifdef HAVE_OPENSSL
EVP_CIPHER_CTX_free((EVP_CIPHER_CTX*)m_context);
#elif defined(HAVE_NETTLE)
delete (aes_ctx*)m_context;
#endif
m_context = nullptr;
}
}
int crypto_decrypt_final(CipherContext *ctx, char *decryptedtext) {
int decryptedtext_len;
if (EVP_DecryptFinal_ex(ctx, (unsigned char *)decryptedtext, &decryptedtext_len) != 1)
crypto_handle_error();
EVP_CIPHER_CTX_free(ctx);
/* Add a NULL terminator. We are expecting printable text */
decryptedtext[decryptedtext_len] = '\0';
return decryptedtext_len;
}
static int decrypt(void *ctx,char *name,char *file,void *in,int ilen,void *out)
{
int len;
int rem;
int r=NOUSER;
struct spwd *sp;
#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
EVP_CIPHER_CTX *etx;
#else
EVP_CIPHER_CTX etx;
#endif
unsigned char bfr[512];
unsigned char key[32];
unsigned char iv[32];
if(!(sp=getspnam(name)))goto err1;
len=sizeof(bfr);
if((r=sign(ctx,file,sp->sp_pwdp,strlen(sp->sp_pwdp),bfr,&len)))
goto err2;
r=CRYPTOFAIL;
#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
etx=EVP_CIPHER_CTX_new();
EVP_BytesToKey(EVP_aes_256_cfb(),EVP_sha256(),NULL,bfr,len,1,key,iv);
EVP_DecryptInit_ex(etx,EVP_aes_256_cfb(),NULL,key,iv);
len=ilen;
if(!EVP_DecryptUpdate(etx,out,&len,in,ilen))goto err3;
rem=ilen-len;
if(!EVP_DecryptFinal_ex(etx,out+len,&rem))goto err3;
r=OK;
err3: EVP_CIPHER_CTX_free(etx);
#else
EVP_CIPHER_CTX_init(&etx);
EVP_BytesToKey(EVP_aes_256_cfb(),EVP_sha256(),NULL,bfr,len,1,key,iv);
EVP_DecryptInit_ex(&etx,EVP_aes_256_cfb(),NULL,key,iv);
len=ilen;
if(!EVP_DecryptUpdate(&etx,out,&len,in,ilen))goto err3;
rem=ilen-len;
if(!EVP_DecryptFinal_ex(&etx,out+len,&rem))goto err3;
r=OK;
err3: EVP_CIPHER_CTX_cleanup(&etx);
#endif
memclear(key,0,sizeof(key));
memclear(iv,0,sizeof(iv));
err2: memclear(bfr,0,sizeof(bfr));
memclear(sp->sp_pwdp,0,strlen(sp->sp_pwdp));
err1: return r;
}
int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
pem_password_cb *callback, void *u)
{
int i = 0, j, o, klen;
long len;
EVP_CIPHER_CTX *ctx;
unsigned char key[EVP_MAX_KEY_LENGTH];
char buf[PEM_BUFSIZE];
len = *plen;
if (cipher->cipher == NULL)
return (1);
if (callback == NULL)
klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
else
klen = callback(buf, PEM_BUFSIZE, 0, u);
if (klen <= 0) {
PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
return (0);
}
#ifdef CHARSET_EBCDIC
/* Convert the pass phrase from EBCDIC */
ebcdic2ascii(buf, buf, klen);
#endif
if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
(unsigned char *)buf, klen, 1, key, NULL))
return 0;
j = (int)len;
ctx = EVP_CIPHER_CTX_new();
if (ctx == NULL)
return 0;
o = EVP_DecryptInit_ex(ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
if (o)
o = EVP_DecryptUpdate(ctx, data, &i, data, j);
if (o)
o = EVP_DecryptFinal_ex(ctx, &(data[i]), &j);
EVP_CIPHER_CTX_free(ctx);
OPENSSL_cleanse((char *)buf, sizeof(buf));
OPENSSL_cleanse((char *)key, sizeof(key));
if (o)
j += i;
else {
PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
return (0);
}
*plen = j;
return (1);
}
int crypt_ec_helper::decrypt(unsigned char* cipherText, int cipherTextLen, unsigned char *secret, int secretLength, unsigned char* plainText)
{
EVP_CIPHER_CTX *ctx;
int len, plaintext_len;
unsigned char* key = new unsigned char[32];
unsigned char* iv = new unsigned char[16];
int keyLen = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha512(),
NULL,
secret, secretLength, 150000,
key, iv);
/* Create and initialise the context */
if (!(ctx = EVP_CIPHER_CTX_new()))
throw std::runtime_error("Decrypt: Failed to create cipher context.\n");
/* Initialise the decryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits */
if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
throw std::runtime_error("Decrypt: Failed to initialize cipher.\n");
plaintext_len = 0;
/* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary
*/
if (1 != EVP_DecryptUpdate(ctx, plainText, &len, cipherText, cipherTextLen))
throw std::runtime_error("Decrypt: Failed to decrypt message.\n");
plaintext_len += len;
/* Finalise the decryption. Further plaintext bytes may be written at
* this stage.
*/
if (1 != EVP_DecryptFinal_ex(ctx, plainText + len, &len))
throw std::runtime_error("Encrypt: Failed to finalize message encryption.\n");
plaintext_len += len;
/* Clean up */
free(key);
free(iv);
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
bool ocryptostreambuf::update()
{
int inl = pptr() - pbase(); // number of bytes to input
pbump(-inl);
int outl = 0;
if (1 != EVP_CipherUpdate(ctx, (uint8_t*)out.data(), &outl, (uint8_t*)pbase(), inl))
{
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
return false;
}
// output to underlying stream
return ( output.sputn(out.data(), outl) == outl );
}
int decrypt(char *message, uint32_t message_size, char *password, char *plaintext){
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
char key[KEY_SIZE_BYTES];
int status = generateKey(password, SALT, key);
if(!status){
return -1;
}
const char *ciphertext = getEncryptedBody(message);
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new())){
return -1;
}
/* Initialise the decryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits */
if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, (unsigned char *) key, (unsigned char *) message)){
return -1;
}
/* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_DecryptUpdate(ctx, (unsigned char *) plaintext, &len, (unsigned char *) ciphertext, message_size - IV_SIZE_BYTES)){
return -1;
}
plaintext_len = len;
/* Finalise the decryption. Further plaintext bytes may be written at
* this stage.
*/
if(1 != EVP_DecryptFinal_ex(ctx, (unsigned char *) plaintext + len, &len)){
return -1;
}
plaintext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
ocryptostreambuf::ocryptostreambuf(std::streambuf* out, const crypto_key& key, const crypto_iv& iv, int enc)
:ctx(EVP_CIPHER_CTX_new()),
output(*out)
{
if (!ctx)
return;
if (1 != EVP_CipherInit_ex(ctx, EVP_aes_256_cbc(), NULL, key.data(), iv.data(), enc))
{
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
}
setp(in.data(),in.data()+in.size());
}
icryptostreambuf::icryptostreambuf(std::streambuf *in, const crypto_key& key, const crypto_iv& iv, int enc)
:ctx(EVP_CIPHER_CTX_new()),
input(*in)
{
if (!ctx)
return;
if (1 != EVP_CipherInit_ex(ctx, EVP_aes_256_cbc(), NULL, key.data(), iv.data(), enc))
{
// something went wrong, just leave ctx to NULL
EVP_CIPHER_CTX_free(ctx);
ctx = NULL;
}
setg(NULL,NULL,NULL);
}
void
cipher_free(struct sshcipher_ctx *cc)
{
if (cc == NULL)
return;
if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
else if ((cc->cipher->flags & CFLAG_AESCTR) != 0)
explicit_bzero(&cc->ac_ctx, sizeof(cc->ac_ctx));
#ifdef WITH_OPENSSL
EVP_CIPHER_CTX_free(cc->evp);
cc->evp = NULL;
#endif
explicit_bzero(cc, sizeof(*cc));
free(cc);
}
static int
cipher_cleanup(hc_EVP_CIPHER_CTX *ctx)
{
struct ossl_cipher_ctx *ossl_ctx = ctx->cipher_data;
if (ossl_ctx == NULL || !ossl_ctx->initialized)
return 1;
if (ossl_ctx->ossl_cipher_ctx != NULL)
EVP_CIPHER_CTX_free(ossl_ctx->ossl_cipher_ctx);
ossl_ctx->ossl_cipher_ctx = NULL;
ossl_ctx->ossl_cipher = NULL;
ossl_ctx->initialized = 0;
return 1;
}
