lob_t local_decrypt(local_t local, lob_t outer)
{
uint8_t secret[crypto_box_BEFORENMBYTES];
lob_t inner, tmp;
// * `KEY` - 32 bytes, the sending exchange's ephemeral public key
// * `NONCE` - 24 bytes, randomly generated
// * `CIPHERTEXT` - the inner packet bytes encrypted using secretbox() using the `NONCE` as the nonce and the shared secret (derived from the recipients endpoint key and the included ephemeral key) as the key
// * `AUTH` - 16 bytes, the calculated onetimeauth(`KEY` + `INNER`, SHA256(`NONCE` + secret)) using the shared secret derived from both endpoint keys, the hashing is to minimize the chance that the same key input is ever used twice
if(outer->body_len <= (32+24+crypto_secretbox_MACBYTES+16)) return NULL;
tmp = lob_new();
if(!lob_body(tmp,NULL,outer->body_len-(32+24+crypto_secretbox_MACBYTES+16))) return lob_free(tmp);
// get the shared secret
crypto_box_beforenm(secret, outer->body, local->secret);
// decrypt the inner
if(crypto_secretbox_open_easy(tmp->body,
outer->body+32+24,
tmp->body_len+crypto_secretbox_MACBYTES,
outer->body+32,
secret) != 0) return lob_free(tmp);
// load inner packet
inner = lob_parse(tmp->body,tmp->body_len);
lob_free(tmp);
return inner;
}
/*
* Function: decrypt_file
* ----------------------
* Decrypt a file by reading in chunks of data, decrypting those chunks, and
* writing the decrypted chunks to a new file.
*/
result
decrypt_file(char *efname, char *pfname, unsigned char *k)
{
size_t rsize;
size_t wsize;
size_t r;
unsigned char ebuf[BUFBYTES + MACBYTES];
unsigned char pbuf[BUFBYTES];
unsigned char n[NONCEBYTES];
FILE *pfile;
FILE *efile;
pfile = open_file(pfname, "wb");
if (pfile == NULL) { return FAIL; }
efile = open_file(efname, "rb");
if (efile == NULL) { fclose(pfile); return FAIL; }
// Read the nonce from the file.
rsize = fread(n, sizeof(char), NONCEBYTES, efile);
if (rsize != NONCEBYTES)
{
fprintf(stderr, "Could not read nonce from file.\n");
fclose(pfile);
fclose(efile);
return FAIL;
}
// Decrypt the data in the file in chunks.
while (feof(efile) == 0)
{
rsize = fread(ebuf, sizeof(char), BUFBYTES + MACBYTES, efile);
r = crypto_secretbox_open_easy(pbuf, ebuf, rsize, n, k);
if (r != 0)
{
fprintf(stderr, "Could not decrypt data.\n");
fclose(pfile);
fclose(efile);
return FAIL;
}
// The decrypted bytes no longer include the MAC bytes.
wsize = fwrite(pbuf, sizeof(char), rsize - MACBYTES, pfile);
if (wsize <= 0)
{
fprintf(stderr, "Could not write decrypted data to file.\n");
fclose(pfile);
fclose(efile);
return FAIL;
}
}
fclose(pfile);
fclose(efile);
return SUCCESS;
}
lob_t ephemeral_decrypt(ephemeral_t ephem, lob_t outer)
{
crypto_secretbox_open_easy(outer->body+16+24,
outer->body+16+24,
outer->body_len-(16+24),
outer->body+16,
ephem->deckey);
return lob_parse(outer->body+16+24, outer->body_len-(16+24+crypto_secretbox_MACBYTES));
}
bool Decrypt( const uint8_t * encryptedMessage, int encryptedMessageLength,
uint8_t * decryptedMessage, int & decryptedMessageLength,
const uint8_t * nonce, const uint8_t * key )
{
uint8_t actual_nonce[crypto_secretbox_NONCEBYTES];
memset( actual_nonce, 0, sizeof( actual_nonce ) );
memcpy( actual_nonce, nonce, NonceBytes );
if ( crypto_secretbox_open_easy( decryptedMessage, encryptedMessage, encryptedMessageLength, actual_nonce, key ) != 0 )
return false;
decryptedMessageLength = encryptedMessageLength - MacBytes;
return true;
}
static int luasymmetric_decrypt( lua_State * const L ) {
size_t ciphertext_len;
size_t key_len;
const char * const ciphertext = luaL_checklstring( L, 1, &ciphertext_len );
const char * const key = luaL_checklstring( L, 2, &key_len );
if( key_len != crypto_secretbox_KEYBYTES ) {
lua_pushliteral( L, "key should be " stringify( crypto_secretbox_KEYBYTES ) " bytes" );
return lua_error( L );
}
if( ciphertext_len < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES ) {
lua_pushnil( L );
return 1;
}
const size_t message_len = ciphertext_len - crypto_secretbox_NONCEBYTES - crypto_secretbox_MACBYTES;
char * const message = malloc( message_len );
if( message == NULL ) {
lua_pushliteral( L, "out of memory" );
return lua_error( L );
}
const int ok = crypto_secretbox_open_easy( message,
ciphertext + crypto_secretbox_NONCEBYTES, ciphertext_len - crypto_secretbox_NONCEBYTES,
ciphertext, key );
if( ok == 0 ) {
lua_pushlstring( L, message, message_len );
}
else {
lua_pushnil( L );
}
explicit_bzero( message, message_len );
free( message );
return 1;
}
int
shick_crypto_dec_message(const SC_CHAR recipient_secret_key[crypto_box_SECRETKEYBYTES],
const SC_CHAR sender_public_key[crypto_box_PUBLICKEYBYTES],
const SC_ENC_SYM_KEY encrypted_symmetric_key,
const SC_CHAR* ciphertext,
const SC_LEN ciphertext_len,
const SC_CHAR nonce[crypto_box_NONCEBYTES],
SC_CHAR* message) {
int failed = 0;
SC_CHAR buffer[sizeof(SC_SYM_KEY)];
SC_SYM_KEY* sym_key;
// Decrypt symmetric key
failed = crypto_box_open_easy(buffer, (SC_CHAR*) &encrypted_symmetric_key, sizeof encrypted_symmetric_key, nonce, sender_public_key, recipient_secret_key);
if (failed) return SC_DEC_ASYM_FAILED;
// Decrypt message with symmetric key
sym_key = (SC_SYM_KEY*) buffer;
failed = crypto_secretbox_open_easy(message, ciphertext, ciphertext_len, sym_key->nonce, sym_key->key);
if (failed) return SC_DEC_SYM_FAILED;
return 0;
}
BOOL SodiumDecryptFile(LPTSTR password)
{
ULONG numread;
BOOL bErrorFlag;
HLOCAL hFileBuffer = NULL;
HLOCAL hCipherBuffer = NULL;
YENCFILE encFileStrct;
if (SetFilePointer(hFileIn, 0, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER)
{
MessageBox(NULL, L"Cannot set file pointer", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
if (!ReadFile(hFileIn, &encFileStrct, sizeof(YENCFILE), &numread, NULL))
{
MessageBox(NULL, L"Cannot read file into memory", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
if (sodium_memcmp(encFileStrct.cbSignature, pszSignature, MAX_SIGNATURE))
{
MessageBox(NULL, L"This is not an encrypted file", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
if (encFileStrct.algorithm != YC_SCRYPT_SALSA_POLY)
{
MessageBox(NULL, L"Encryption method not available", L"Decryption error", MB_ICONEXCLAMATION);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
hCipherBuffer = LocalAlloc(LPTR, (encFileStrct.rawSize + crypto_secretbox_MACBYTES) * sizeof(BYTE));
if (!hCipherBuffer) {
MessageBox(NULL, L"Cannot allocate memory", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
if (!ReadFile(hFileIn, hCipherBuffer, encFileStrct.rawSize + crypto_secretbox_MACBYTES, &numread, NULL)) {
MessageBox(NULL, L"Cannot read file into memory", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
// For now read byes must equal filesize
assert((encFileStrct.rawSize + crypto_secretbox_MACBYTES) == numread);
// Wide password to multibyte password
size_t nConvChars;
char c_szPassword[100]; //TODO This might not be enough
wcstombs_s(&nConvChars, c_szPassword, password, wcslen(password) + 1);
// DERIVE KEY
BYTE key[crypto_secretbox_KEYBYTES];
if (crypto_pwhash_scryptsalsa208sha256(key, crypto_secretbox_KEYBYTES, c_szPassword, strlen(c_szPassword), encFileStrct.cbPasswordSalt,
encFileStrct.dwOps,
encFileStrct.dwMemory) != 0) {
MessageBox(NULL, L"Operation takes too much system resources", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
hFileBuffer = LocalAlloc(LPTR, encFileStrct.rawSize * sizeof(char));
if (!hFileBuffer) {
MessageBox(NULL, L"Cannot allocate memory", L"Encryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
if (crypto_secretbox_open_easy((LPBYTE)hFileBuffer, (LPBYTE)hCipherBuffer, encFileStrct.rawSize + crypto_secretbox_MACBYTES, encFileStrct.cbNonce, key) != 0) {
MessageBox(NULL, L"Decryption failed, please try again", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
LPCWSTR szOriginalFileName = fileNameStripExt(szFile);
// WRITE
HANDLE hFileOut = CreateFile(
szOriginalFileName, // Name of the write
GENERIC_WRITE, // Open for writing
0, // Do not share
NULL, // Default security
CREATE_NEW, // Create new file only
FILE_ATTRIBUTE_NORMAL, // Normal file
NULL); // No attr. template
if (hFileOut == INVALID_HANDLE_VALUE) {
MessageBox(NULL, L"Cannot open file", L"Decryption error", MB_ICONERROR);
bErrorFlag = FALSE;
goto dec_exit_on_failure;
}
bErrorFlag = WriteFile(
hFileOut, // Open file handle
hFileBuffer, // Start of data to write
encFileStrct.rawSize, // Number of bytes to write
&numread, // Number of bytes that were written
NULL); // No overlapped structure'
CloseHandle(hFileOut);
dec_exit_on_failure:
// Override sensitive in memory
sodium_memzero(password, wcslen(password) * sizeof(TCHAR));
sodium_memzero(c_szPassword, strlen(c_szPassword) * sizeof(BYTE));
sodium_memzero(key, crypto_secretbox_KEYBYTES);
LocalFree(hFileBuffer);
LocalFree(hCipherBuffer);
return bErrorFlag;
}
