Beispiel #1
0
void free_connection(connection_t *c) {
	if(!c)
		return;

	cipher_close(c->incipher);
	digest_close(c->indigest);
	cipher_close(c->outcipher);
	digest_close(c->outdigest);

	sptps_stop(&c->sptps);
	ecdsa_free(c->ecdsa);
	rsa_free(c->rsa);

	free(c->hischallenge);

	buffer_clear(&c->inbuf);
	buffer_clear(&c->outbuf);

	io_del(&c->io);

	if(c->socket > 0)
		closesocket(c->socket);

	free(c->name);
	free(c->hostname);

	if(c->config_tree)
		exit_configuration(&c->config_tree);

	free(c);
}
static void
encode_seskey( DEK *dek, DEK **seskey, byte *enckey )
{
    CIPHER_HANDLE hd;
    byte buf[33];

    assert ( dek->keylen <= 32 );
    if(!*seskey)
      {
	*seskey=xmalloc_clear(sizeof(DEK));
	(*seskey)->keylen=dek->keylen;
	(*seskey)->algo=dek->algo;
	make_session_key(*seskey);
	/*log_hexdump( "thekey", c->key, c->keylen );*/
      }

    buf[0] = (*seskey)->algo;
    memcpy( buf + 1, (*seskey)->key, (*seskey)->keylen );
    
    hd = cipher_open( dek->algo, CIPHER_MODE_CFB, 1 );
    cipher_setkey( hd, dek->key, dek->keylen );
    cipher_setiv( hd, NULL, 0 );
    cipher_encrypt( hd, buf, buf, (*seskey)->keylen + 1 );
    cipher_close( hd );

    memcpy( enckey, buf, (*seskey)->keylen + 1 );
    wipememory( buf, sizeof buf ); /* burn key */
}
Beispiel #3
0
/****************
 * This filter is used to en/de-cipher data with a conventional algorithm
 */
int
cipher_filter( void *opaque, int control,
               IOBUF a, byte *buf, size_t *ret_len)
{
    size_t size = *ret_len;
    cipher_filter_context_t *cfx = opaque;
    int rc=0;

    if( control == IOBUFCTRL_UNDERFLOW ) { /* decrypt */
        rc = -1; /* not yet used */
    }
    else if( control == IOBUFCTRL_FLUSH ) { /* encrypt */
        assert(a);
        if( !cfx->header ) {
            write_header( cfx, a );
        }
        if( cfx->mdc_hash )
            md_write( cfx->mdc_hash, buf, size );
        cipher_encrypt( cfx->cipher_hd, buf, buf, size);
        if( iobuf_write( a, buf, size ) )
            rc = G10ERR_WRITE_FILE;
    }
    else if( control == IOBUFCTRL_FREE ) {
        if( cfx->mdc_hash ) {
            byte *hash;
            int hashlen = md_digest_length( md_get_algo( cfx->mdc_hash ) );
            byte temp[22];

            assert( hashlen == 20 );
            /* we must hash the prefix of the MDC packet here */
            temp[0] = 0xd3;
            temp[1] = 0x14;
            md_putc( cfx->mdc_hash, temp[0] );
            md_putc( cfx->mdc_hash, temp[1] );

            md_final( cfx->mdc_hash );
            hash = md_read( cfx->mdc_hash, 0 );
            memcpy(temp+2, hash, 20);
            cipher_encrypt( cfx->cipher_hd, temp, temp, 22 );
            md_close( cfx->mdc_hash );
            cfx->mdc_hash = NULL;
            if( iobuf_write( a, temp, 22 ) )
                log_error("writing MDC packet failed\n" );
        }
        cipher_close(cfx->cipher_hd);
    }
    else if( control == IOBUFCTRL_DESC ) {
        *(char**)buf = "cipher_filter";
    }
    return rc;
}
Beispiel #4
0
int
main(int argc, char **argv)
{
    int encode=0;
    CIPHER_HANDLE hd;
    char buf[4096];
    int n, size=4096;
    int algo;

#ifdef HAVE_DOSISH_SYSTEM
    setmode( fileno(stdin), O_BINARY );
    setmode( fileno(stdout), O_BINARY );
#endif

    i18n_init();
    if( argc > 1 && !strcmp(argv[1], "-e") ) {
	encode++;
	argc--; argv++;
    }
    else if( argc > 1 && !strcmp(argv[1], "-E") ) {
	encode++;
	argc--; argv++;
	size = 10;
    }
    else if( argc > 1 && !strcmp(argv[1], "-d") ) {
	argc--; argv++;
    }
    else if( argc > 1 && !strcmp(argv[1], "-D") ) {
	argc--; argv++;
	size = 10;
    }
    if( argc != 3 )
	my_usage();
    argc--; argv++;
    algo = string_to_cipher_algo( *argv );
    argc--; argv++;

    hd = cipher_open( algo, CIPHER_MODE_CFB, 0 );
    cipher_setkey( hd, *argv, strlen(*argv) );
    cipher_setiv( hd, NULL, 0 );
    while( (n = fread( buf, 1, size, stdin )) > 0 ) {
	if( encode )
	    cipher_encrypt( hd, buf, buf, n );
	else
	    cipher_decrypt( hd, buf, buf, n );
	if( fwrite( buf, 1, n, stdout) != n )
	    log_fatal("write error\n");
    }
    cipher_close(hd);
    return 0;
}