//Deinitializes (closes) the modules that were opened for encryption/decryption void encryption_decryption_deinit() { mcrypt_generic_deinit(crypt_fd); mcrypt_module_close(crypt_fd); mcrypt_generic_deinit(decrypt_fd); mcrypt_module_close(decrypt_fd); }
void dump_testcase(char *algo, char *mode) { MCRYPT td; int *key_sizes, *cur_size; /* globalize this for easier access below */ strcpy(testing_algo, algo); strcpy(testing_mode, mode); td = mcrypt_module_open(algo, NULL, mode, NULL); if (td == MCRYPT_FAILED) { /* assume that this algorithm just doesn't support this mode */ return; } cur_size = key_sizes = list_key_sizes(td); if (key_sizes == NULL) { return; } while (*cur_size != 0) { dump_testcase_keysize(td, *cur_size); cur_size++; } free(key_sizes); mcrypt_module_close(td); }
void close() { if (m_td != MCRYPT_FAILED) { mcrypt_generic_deinit(m_td); mcrypt_module_close(m_td); m_td = MCRYPT_FAILED; } }
static void php_mcrypt_module_dtor(zend_resource *rsrc) /* {{{ */ { php_mcrypt *pm = (php_mcrypt *) rsrc->ptr; if (pm) { mcrypt_generic_deinit(pm->td); mcrypt_module_close(pm->td); efree(pm); pm = NULL; } }
WIN32DLL_DEFINE int mcrypt_generic_end( MCRYPT td) { if (td==NULL) return MCRYPT_UNKNOWN_ERROR; if (td->keyword_given!=NULL) internal_end_mcrypt(td); mcrypt_module_close(td); return 0; }
main() { MCRYPT td; int i; char *key; char password[20]; char block_buffer; char *IV; int keysize=19; /* 128 bits */ key=calloc(1, keysize); strcpy(password, "A_large_key"); /* Generate the key using the password */ /* mhash_keygen( KEYGEN_MCRYPT, MHASH_MD5, key, keysize, NULL, 0, password, strlen(password)); */ memmove( key, password, strlen(password)); td = mcrypt_module_open("twofish", NULL, "cfb", NULL); if (td==MCRYPT_FAILED) { return 1; } IV = malloc(mcrypt_enc_get_iv_size(td)); /* Put random data in IV. Note these are not real random data, * consider using /dev/random or /dev/urandom. */ /* srand(time(0)); */ for (i=0; i< mcrypt_enc_get_iv_size( td); i++) { IV[i]=rand(); } i=mcrypt_generic_init( td, key, keysize, IV); if (i<0) { mcrypt_perror(i); return 1; } /* Encryption in CFB is performed in bytes */ while ( fread (&block_buffer, 1, 1, stdin) == 1 ) { mcrypt_generic (td, &block_buffer, 1); /* Comment above and uncomment this to decrypt */ /* mdecrypt_generic (td, &block_buffer, 1); */ fwrite ( &block_buffer, 1, 1, stdout); } mcrypt_generic_deinit(td); mcrypt_module_close(td); return 0; }
static void cipher_free(PX_Cipher * c) { MCRYPT ctx = (MCRYPT) c->ptr; if (c->pstat) mcrypt_generic_end(ctx); else mcrypt_module_close(ctx); px_free(c); }
void grg_tmpfile_close (const GRG_CTX gctx, GRG_TMPFILE tf) { if (!tf) return; close (tf->tmpfd); mcrypt_module_close (tf->crypt); grg_free (gctx, tf->key, tf->dKey); grg_unsafe_free (tf->IV); grg_unsafe_free (tf); tf = NULL; }
int encrypt_buffer(void* buf, int buf_len, char* key, int key_len) { MCRYPT td = mcrypt_module_open("rijndael-128", NULL, "cbc", NULL); int blocksize = mcrypt_enc_get_block_size(td); if(buf_len % blocksize != 0) { return -1; } mcrypt_generic_init(td, key, key_len, IV); mcrypt_generic(td, buf, buf_len); mcrypt_generic_deinit (td); mcrypt_module_close(td); return 0; }
int64_t f_mcrypt_get_key_size(CStrRef cipher, CStrRef module) { MCRYPT td = mcrypt_module_open((char*)cipher.data(), (char*)MCG(algorithms_dir).data(), (char*)module.data(), (char*)MCG(modes_dir).data()); if (td == MCRYPT_FAILED) { raise_warning(MCRYPT_OPEN_MODULE_FAILED); return false; } int64_t ret = mcrypt_enc_get_key_size(td); mcrypt_module_close(td); return ret; }
Variant f_mcrypt_get_iv_size(const String& cipher, const String& mode) { MCRYPT td = mcrypt_module_open((char*)cipher.data(), (char*)MCG(algorithms_dir).data(), (char*)mode.data(), (char*)MCG(modes_dir).data()); if (td == MCRYPT_FAILED) { raise_warning(MCRYPT_OPEN_MODULE_FAILED); return false; } int64_t ret = mcrypt_enc_get_iv_size(td); mcrypt_module_close(td); return ret; }
static int htc_aes_crypt(FILE *in, FILE *out, char *key, char *iv, unsigned char chunks_in, htc_aes_progress_t callback, htc_aes_crypt_t crypt_func) { char buf[HTC_AES_READBUF], orig_iv[HTC_AES_KEYSIZE]; unsigned int pos, size, chunks, bytes, chunksdone = 0; unsigned int count = HTC_AES_READBUF_ROUNDS + 1; unsigned int chunk_size = (((int)chunks_in)<<HTC_AES_CHUNK_SIZE); MCRYPT td; /* Get size of zip data. */ pos = ftell(in); fseek(in, 0, SEEK_END); size = ftell(in) - pos; fseek(in, pos, SEEK_SET); chunks = get_num_chunks(size, chunk_size); td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, NULL, MCRYPT_CBC, NULL); if(td == MCRYPT_FAILED) { perror("failed to open mcrypt module"); return 0; } memcpy(orig_iv, iv, HTC_AES_KEYSIZE); while((bytes = fread(buf, sizeof(char), sizeof(buf), in)) > 0) { if(callback) callback(ftell(in), size); if(chunksdone < chunks) { if((ftell(in) - bytes - pos) % chunk_size == 0) { count = 0; memcpy(iv, orig_iv, HTC_AES_KEYSIZE); } if(count < HTC_AES_READBUF_ROUNDS) { crypt_func(td, buf, sizeof(buf), key, iv); count++; } else if(count == HTC_AES_READBUF_ROUNDS) { chunksdone++; count++; } } fwrite(buf, sizeof(char), sizeof(buf), out); } mcrypt_module_close(td); return 1; }
Variant HHVM_FUNCTION(mcrypt_get_key_size, const String& cipher, const String& module) { MCRYPT td = mcrypt_module_open((char*)cipher.data(), (char*)MCG(algorithms_dir).data(), (char*)module.data(), (char*)MCG(modes_dir).data()); if (td == MCRYPT_FAILED) { MCRYPT_OPEN_MODULE_FAILED("mcrypt_get_key_size"); return false; } int64_t ret = mcrypt_enc_get_key_size(td); mcrypt_module_close(td); return ret; }
static void php_mcrypt_filter_dtor(php_stream_filter *thisfilter) { if (thisfilter && Z_PTR(thisfilter->abstract)) { php_mcrypt_filter_data *data = (php_mcrypt_filter_data*) Z_PTR(thisfilter->abstract); if (data->block_buffer) { pefree(data->block_buffer, data->persistent); } mcrypt_generic_deinit(data->module); mcrypt_module_close(data->module); pefree(data, data->persistent); } }
int encrypt(void* buffer, int buffer_len, /* Because the plaintext could include null bytes*/ char* IV, char* key, int key_len) { MCRYPT td = mcrypt_module_open("rijndael-128", NULL, "cbc", NULL); int blocksize = mcrypt_enc_get_block_size(td); if (buffer_len % blocksize != 0) { return 1; } mcrypt_generic_init(td, key, key_len, IV); mcrypt_generic(td, buffer, buffer_len); mcrypt_generic_deinit(td); mcrypt_module_close(td); return 0; }
int main() { MCRYPT m; if ((m = mcrypt_module_open("rijndael-128", NULL, "cbc", NULL)) == MCRYPT_FAILED) { printf("MCRYPT failed\n"); return 0; } int key_len = strlen(vector) - mcrypt_enc_get_iv_size(m); unsigned char* key = malloc(key_len); unsigned char* iv = malloc(mcrypt_enc_get_iv_size(m)); memcpy(key, &vector, key_len); memcpy(iv, &vector[key_len], mcrypt_enc_get_iv_size(m)); if (mcrypt_generic_init(m, key, strlen(key), iv) < 0) { printf("init failed\n"); return 0; } if (mdecrypt_generic(m, code, strlen(code))) { printf("decrypt failed\n"); return 0; } if (mcrypt_generic_deinit(m) < 0) { printf("deinit failed\n"); return 0; } mcrypt_module_close(m); printf ("[*] Vector: "); for (int i = 0; i < strlen(vector); i++) { printf("%02x", vector[i] & 0xff); } printf ("\n[*] Vector Length: %d\n", strlen(vector)); printf ("[*] Key: "); for (int i = 0; i < strlen(key); i++) { printf("%02x", key[i] & 0xff); } printf ("\n[*] Key Length: %d\n", key_len); printf ("[*] IV: "); for (int i = 0; i < strlen(iv); i++) { printf("%02x", iv[i] & 0xff); } printf ("\n[*] IV Length: %d\n", strlen(iv)); printf("\n[+] Shellcode: \n\n"); for (int i = 0; i < strlen(code); i++) { printf("\\x%x", code[i] & 0xff); } printf("\n"); int (*ret)() = (int(*)())code; ret(); return 0; }
Variant HHVM_FUNCTION(mcrypt_get_cipher_name, const String& cipher) { MCRYPT td = mcrypt_module_open((char*)cipher.data(), (char*)MCG(algorithms_dir).data(), (char*)"ecb", (char*)MCG(modes_dir).data()); if (td == MCRYPT_FAILED) { td = mcrypt_module_open((char*)cipher.data(), (char*)MCG(algorithms_dir).data(), (char*)"stream", (char*)MCG(modes_dir).data()); if (td == MCRYPT_FAILED) { MCRYPT_OPEN_MODULE_FAILED("mcrypt_get_cipher_name"); return false; } } char *cipher_name = mcrypt_enc_get_algorithms_name(td); mcrypt_module_close(td); String ret(cipher_name, CopyString); mcrypt_free(cipher_name); return ret; }
Variant f_mcrypt_get_cipher_name(CStrRef cipher) { MCRYPT td = mcrypt_module_open((char*)cipher.data(), (char*)MCG(algorithms_dir).data(), (char*)"ecb", (char*)MCG(modes_dir).data()); if (td == MCRYPT_FAILED) { td = mcrypt_module_open((char*)cipher.data(), (char*)MCG(algorithms_dir).data(), (char*)"stream", (char*)MCG(modes_dir).data()); if (td == MCRYPT_FAILED) { raise_warning(MCRYPT_OPEN_MODULE_FAILED); return false; } } char *cipher_name = mcrypt_enc_get_algorithms_name(td); mcrypt_module_close(td); String ret(cipher_name, CopyString); mcrypt_free(cipher_name); return ret; }
/* {{{ php_mcrypt_filter_create * Instantiate mcrypt filter */ static php_stream_filter *php_mcrypt_filter_create(const char *filtername, zval *filterparams, int persistent) { int encrypt = 1, iv_len, key_len, keyl, result; const char *cipher = filtername + sizeof("mcrypt.") - 1; zval *tmpzval; MCRYPT mcrypt_module; char *iv = NULL, *key = NULL; char *algo_dir = INI_STR("mcrypt.algorithms_dir"); char *mode_dir = INI_STR("mcrypt.modes_dir"); char *mode = "cbc"; php_mcrypt_filter_data *data; if (strncasecmp(filtername, "mdecrypt.", sizeof("mdecrypt.") - 1) == 0) { encrypt = 0; cipher += sizeof("de") - 1; } else if (strncasecmp(filtername, "mcrypt.", sizeof("mcrypt.") - 1) != 0) { /* Should never happen */ return NULL; } if (!filterparams || Z_TYPE_P(filterparams) != IS_ARRAY) { php_error_docref(NULL, E_WARNING, "Filter parameters for %s must be an array", filtername); return NULL; } if ((tmpzval = zend_hash_str_find(Z_ARRVAL_P(filterparams), ZEND_STRL("mode")))) { if (Z_TYPE_P(tmpzval) == IS_STRING) { mode = Z_STRVAL_P(tmpzval); } else { php_error_docref(NULL, E_WARNING, "mode is not a string, ignoring"); } } if ((tmpzval=zend_hash_str_find(Z_ARRVAL_P(filterparams), ZEND_STRL("algorithms_dir")))) { if (Z_TYPE_P(tmpzval) == IS_STRING) { algo_dir = Z_STRVAL_P(tmpzval); } else { php_error_docref(NULL, E_WARNING, "algorithms_dir is not a string, ignoring"); } } if ((tmpzval=zend_hash_str_find(Z_ARRVAL_P(filterparams), ZEND_STRL("modes_dir")))) { if (Z_TYPE_P(tmpzval) == IS_STRING) { mode_dir = Z_STRVAL_P(tmpzval); } else { php_error_docref(NULL, E_WARNING, "modes_dir is not a string, ignoring"); } } if ((tmpzval = zend_hash_str_find(Z_ARRVAL_P(filterparams), ZEND_STRL("key"))) && Z_TYPE_P(tmpzval) == IS_STRING) { key = Z_STRVAL_P(tmpzval); key_len = (int)Z_STRLEN_P(tmpzval); } else { php_error_docref(NULL, E_WARNING, "key not specified or is not a string"); return NULL; } mcrypt_module = mcrypt_module_open((char *)cipher, algo_dir, mode, mode_dir); if (mcrypt_module == MCRYPT_FAILED) { php_error_docref(NULL, E_WARNING, "Could not open encryption module"); return NULL; } iv_len = mcrypt_enc_get_iv_size(mcrypt_module); keyl = mcrypt_enc_get_key_size(mcrypt_module); if (keyl < key_len) { key_len = keyl; } if (!(tmpzval = zend_hash_str_find(Z_ARRVAL_P(filterparams), ZEND_STRL("iv"))) || Z_TYPE_P(tmpzval) != IS_STRING) { php_error_docref(NULL, E_WARNING, "Filter parameter[iv] not provided or not of type: string"); mcrypt_module_close(mcrypt_module); return NULL; } iv = emalloc(iv_len + 1); if ((size_t)iv_len <= Z_STRLEN_P(tmpzval)) { memcpy(iv, Z_STRVAL_P(tmpzval), iv_len); } else { memcpy(iv, Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval)); memset(iv + Z_STRLEN_P(tmpzval), 0, iv_len - Z_STRLEN_P(tmpzval)); } result = mcrypt_generic_init(mcrypt_module, key, key_len, iv); efree(iv); if (result < 0) { switch (result) { case -3: php_error_docref(NULL, E_WARNING, "Key length incorrect"); break; case -4: php_error_docref(NULL, E_WARNING, "Memory allocation error"); break; case -1: default: php_error_docref(NULL, E_WARNING, "Unknown error"); break; } mcrypt_module_close(mcrypt_module); return NULL; } data = pemalloc(sizeof(php_mcrypt_filter_data), persistent); data->module = mcrypt_module; data->encrypt = encrypt; if (mcrypt_enc_is_block_mode(mcrypt_module)) { data->blocksize = mcrypt_enc_get_block_size(mcrypt_module); data->block_buffer = pemalloc(data->blocksize, persistent); } else { data->blocksize = 0; data->block_buffer = NULL; } data->block_used = 0; data->persistent = persistent; return php_stream_filter_alloc(&php_mcrypt_filter_ops, data, persistent); }
int main() { MCRYPT td, td2; int i, t, imax; int j, jmax, ivsize; int x = 0, siz; char **names; char **modes; char *text; unsigned char *IV; unsigned char *key; int keysize; names = mcrypt_list_algorithms (ALGORITHMS_DIR, &jmax); modes = mcrypt_list_modes (MODES_DIR, &imax); if (names==NULL || modes==NULL) { fprintf(stderr, "Error getting algorithms/modes\n"); exit(1); } for (j=0;j<jmax;j++) { printf( "Algorithm: %s... ", names[j]); if (mcrypt_module_self_test( names[j], ALGORITHMS_DIR)==0) { printf( "ok\n"); } else { x=1; printf( "\n"); } printf( "Modes:\n"); for (i=0;i<imax;i++) { td = mcrypt_module_open(names[j], ALGORITHMS_DIR, modes[i], MODES_DIR); td2 = mcrypt_module_open(names[j], ALGORITHMS_DIR, modes[i], MODES_DIR); if (td != MCRYPT_FAILED && td2 != MCRYPT_FAILED) { keysize = mcrypt_enc_get_key_size(td); key = calloc(1, keysize); if (key==NULL) exit(1); for (t=0;t<keysize;t++) key[t] = (t % 255) + 13; ivsize = mcrypt_enc_get_iv_size(td); if (ivsize>0) { IV = calloc( 1, ivsize); if (IV==NULL) exit(1); for (t=0;t<ivsize;t++) IV[t] = (t*2 % 255) + 15; } if (mcrypt_generic_init( td, key, keysize, IV) < 0) { fprintf(stderr, "Failed to Initialize algorithm!\n"); return -1; } if (mcrypt_enc_is_block_mode(td)!=0) siz = (strlen(TEXT) / mcrypt_enc_get_block_size(td))*mcrypt_enc_get_block_size(td); else siz = strlen(TEXT); text = calloc( 1, siz); if (text==NULL) exit(1); memmove( text, TEXT, siz); mcrypt_generic( td, text, siz); if (mcrypt_generic_init( td2, key, keysize, IV) < 0) { fprintf(stderr, "Failed to Initialize algorithm!\n"); return -1; } mdecrypt_generic( td2, text, siz); if ( memcmp( text, TEXT, siz) == 0) { printf( " %s: ok\n", modes[i]); } else { printf( " %s: failed\n", modes[i]); x=1; } mcrypt_generic_deinit(td); mcrypt_generic_deinit(td2); mcrypt_module_close(td); mcrypt_module_close(td2); free(text); free(key); if (ivsize>0) free(IV); } } printf("\n"); } mcrypt_free_p(names, jmax); mcrypt_free_p(modes, imax); if (x>0) fprintf(stderr, "\nProbably some of the algorithms listed above failed. " "Try not to use these algorithms, and file a bug report to [email protected]\n\n"); return x; }
static void cached_cipher_deinit(struct cached_cipher * cipher) { if(cipher->valid) mcrypt_generic_deinit(cipher->cipher); mcrypt_module_close(cipher->cipher); }
int main(int argc, char **argv) { int dev,cnt,sock; unsigned char buf_frame[1536+sizeof(struct ether_header)]; unsigned char *buf = buf_frame+sizeof(struct ether_header); struct ether_header *header = (struct ether_header*) buf_frame; #ifndef __NetBSD__ struct ifreq ifr; #endif MCRYPT td; char *key; int blocksize=0; int keysize = 32; /* 256 bits == 32 bytes */ char enc_state[1024]; int enc_state_size; char* tun_device = "/dev/net/tun"; char* dev_name="tun%d"; if(getenv("TUN_DEVICE")) { tun_device = getenv("TUN_DEVICE"); } if(getenv("DEV_NAME")) { dev_name = getenv("DEV_NAME"); } if(getenv("MCRYPT_KEYFILE")) { if (getenv("MCRYPT_KEYSIZE")) { keysize=atoi(getenv("MCRYPT_KEYSIZE"))/8; } key = calloc(1, keysize); FILE* keyf = fopen(getenv("MCRYPT_KEYFILE"), "r"); if (!keyf) { perror("fopen keyfile"); return 10; } memset(key, 0, keysize); fread(key, 1, keysize, keyf); fclose(keyf); char* algo="twofish"; char* mode="cbc"; if (getenv("MCRYPT_ALGO")) { algo = getenv("MCRYPT_ALGO"); } if (getenv("MCRYPT_MODE")) { mode = getenv("MCRYPT_MODE"); } td = mcrypt_module_open(algo, NULL, mode, NULL); if (td==MCRYPT_FAILED) { fprintf(stderr, "mcrypt_module_open failed algo=%s mode=%s keysize=%d\n", algo, mode, keysize); return 11; } blocksize = mcrypt_enc_get_block_size(td); //block_buffer = malloc(blocksize); mcrypt_generic_init( td, key, keysize, NULL); enc_state_size = sizeof enc_state; mcrypt_enc_get_state(td, enc_state, &enc_state_size); } if(argc<=2) { fprintf(stderr, "Usage: tap_mcrypt plaintext_interface destination_mac_address\n" "Example: tap_mcrypt wlan0 ff:ff:ff:ff:ff:ff\n" " (note that ff:ff:ff:ff:ff:ff may work bad in Wi-Fi)\n" " Environment variables:\n" " TUN_DEVICE /dev/net/tun\n" " DEV_NAME name of the device, default tun%%d\n" " SOURCE_MAC_ADDRESS -- by default use interface's one\n" " \n" " MCRYPT_KEYFILE -- turn on encryption, read key from this file\n" " MCRYPT_KEYSIZE -- key size in bits, default 256\n" " MCRYPT_ALGO -- algorithm, default is twofish. aes256 is called rijndael-256\n" " MCRYPT_MODE -- mode, default is CBC\n" ); exit(1); } char* interface = argv[1]; char* dest_mac = argv[2]; if((dev = open(tun_device, O_RDWR)) < 0) { fprintf(stderr,"open(%s) failed: %s\n", tun_device, strerror(errno)); exit(2); } #ifndef __NetBSD__ memset(&ifr, 0, sizeof(ifr)); ifr.ifr_flags = IFF_TAP | IFF_NO_PI; strncpy(ifr.ifr_name, dev_name, IFNAMSIZ); if(ioctl(dev, TUNSETIFF, (void*) &ifr) < 0) { perror("ioctl(TUNSETIFF) failed"); exit(3); } { struct ifreq ifr_tun; strncpy(ifr_tun.ifr_name, ifr.ifr_name, IFNAMSIZ); if((sock = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)))==-1) { perror("socket() failed"); exit(4); } if (ioctl(sock, SIOCGIFFLAGS, &ifr_tun) < 0) { perror("ioctl SIOCGIFFLAGS"); } ifr_tun.ifr_mtu=1408; if(ioctl(sock, SIOCSIFMTU, (void*) &ifr_tun) < 0) { perror("ioctl(SIOCSIFMTU) failed"); } close(sock); } #endif if((sock = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)))==-1) { perror("socket() failed"); exit(4); } char source_mac[6]; int card_index; struct sockaddr_ll device; memset(&device, 0, sizeof(device)); init_MAC_addr(sock, interface, source_mac, &card_index); device.sll_ifindex=card_index; device.sll_family = AF_PACKET; memcpy(device.sll_addr, source_mac, 6); device.sll_halen = htons(6); parseMac(dest_mac, header->ether_dhost); memcpy(header->ether_shost, source_mac, 6); header->ether_type = htons(0x08F4); if(fork()) while(1) { cnt=read(dev,(void*)buf,1518); //printpacket("sent", buf, cnt); if (blocksize) { cnt = ((cnt-1)/blocksize+1)*blocksize; // pad to block size mcrypt_generic (td, buf, cnt); mcrypt_enc_set_state (td, enc_state, enc_state_size); } //printpacket("encr", buf, cnt); sendto(sock, buf_frame, cnt+sizeof(struct ether_header),0,(struct sockaddr *)&device, sizeof device); } else while(1) { size_t size = sizeof device; cnt=recvfrom(sock,buf_frame,1536,0,(struct sockaddr *)&device,&size); if(device.sll_ifindex != card_index) { continue; /* Not our interface */ } if(header->ether_type != htons(0x08F4)) { continue; /* Not our protocol type */ } cnt-=sizeof(struct ether_header); //printpacket("recv", buf, cnt); if (blocksize) { cnt = ((cnt-1)/blocksize+1)*blocksize; // pad to block size mdecrypt_generic (td, buf, cnt); mcrypt_enc_set_state (td, enc_state, enc_state_size); } //printpacket("decr", buf, cnt); write(dev,(void*)buf,cnt); } if (blocksize) { mcrypt_generic_deinit (td); mcrypt_module_close(td); } }
static int check_auth_cookie(request_rec *r) { const char *cookies = NULL, *auth_line = NULL; char *cookie = NULL; /* Debug. */ /*ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "check_auth_cookie called");*/ /* Get config for this directory. */ cookie_auth_config_rec *conf = ap_get_module_config(r->per_dir_config, &auth_cookie_module); /* Check we have been configured. */ if (!conf->cookie_auth_cookie) { return DECLINED; } /* Do not override real auth header, unless config instructs us to. */ if (!conf->cookie_auth_override && apr_table_get(r->headers_in, "Authorization")) { if (conf->cookie_auth_env) { unsetenv(conf->cookie_auth_env); } return DECLINED; } /* todo: protect against xxxCookieNamexxx, regex? */ /* todo: make case insensitive? */ /* Get the cookie (code from mod_log_config). */ if ((cookies = apr_table_get(r->headers_in, "Cookie"))) { char *start_cookie, *end_cookie; if ((start_cookie = ap_strstr_c(cookies, conf->cookie_auth_cookie))) { start_cookie += strlen(conf->cookie_auth_cookie) + 1; cookie = apr_pstrdup(r->pool, start_cookie); /* kill everything in cookie after ';' */ end_cookie = strchr(cookie, ';'); if (end_cookie) { *end_cookie = '\0'; } ap_unescape_url(cookie); } } /* No cookie? Nothing for us to do. */ if (!cookie) { if (conf->cookie_auth_unauth_redirect) { const char* redirect = conf->cookie_auth_unauth_redirect; compose_and_set_redirect(r, redirect); return HTTP_MOVED_TEMPORARILY; } else { return DECLINED; } } /* Debug. */ /*ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "%s=%s", conf->cookie_auth_cookie, cookie);*/ char* aux_auth_info = ""; /* Construct the fake auth_line. */ if (conf->cookie_auth_base64) { char* decoded_cookie = apr_palloc(r->pool, apr_base64_decode_len(cookie)); int decoded_cookie_length = apr_base64_decode(decoded_cookie, cookie); int valid = 1; /* if the cookie is encrypted, decrypt it in place */ if (conf->cookie_auth_encrypt) { MCRYPT td = mcrypt_module_open("rijndael-128", NULL, "cbc", NULL); int keysize = strlen(conf->cookie_auth_encrypt); int blocksize = mcrypt_enc_get_block_size(td); // We will copy the iv from the beginning of the cookie. // The iv does not need to be null-terminated, but we will // null-terminate it for convenience. int iv_length = mcrypt_enc_get_iv_size(td); char* iv = (char*) apr_palloc(r->pool, iv_length + 1); memcpy(iv, decoded_cookie, iv_length); iv[iv_length] = '\0'; // Take the iv off the beginning of the cookie decoded_cookie += iv_length; decoded_cookie_length -= iv_length; mcrypt_generic_init( td, conf->cookie_auth_encrypt, keysize, iv); // Encryption in CBC is performed in blocks, so our // decryption string will always be an integral number // of full blocks. char* decrypt_ptr = decoded_cookie; while (decoded_cookie_length >= blocksize) { mdecrypt_generic(td, decrypt_ptr, blocksize); decrypt_ptr += blocksize; decoded_cookie_length -= blocksize; } if (decoded_cookie_length != 0) { valid = 0; } mcrypt_generic_deinit (td); mcrypt_module_close(td); /*ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "mdecrypt(%s)=%s", conf->cookie_auth_cookie, decoded_cookie);*/ } /* if the cookie did not decrypt, then do nothing */ if (valid) { char* end_auth_info = strchr(decoded_cookie, '\t'); if (end_auth_info) { aux_auth_info = decoded_cookie; char* unencoded_cookie = end_auth_info + 1; *end_auth_info = 0; auth_line = apr_pstrcat(r->pool, "Basic ", ap_pbase64encode(r->pool, unencoded_cookie), NULL); } else { auth_line = apr_pstrcat(r->pool, "Basic ", ap_pbase64encode(r->pool, decoded_cookie), NULL); } } } else { // Aux auth info and cookie encrypt features only available in base64 mode ap_unescape_url(cookie); auth_line = apr_pstrcat(r->pool, "Basic ", ap_pbase64encode(r->pool, cookie), NULL); } /* If there is aux auth info, then set the env variable */ if (conf->cookie_auth_env) { apr_table_set(r->subprocess_env, conf->cookie_auth_env, aux_auth_info); } /* Debug. */ /*ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "Authorization: %s", auth_line);*/ /* If there is no aux auth info, then force a redirect if our conf directives say that we should */ if (conf->cookie_auth_env_redirect && !strlen(aux_auth_info)) { const char* redirect = conf->cookie_auth_env_redirect; compose_and_set_redirect(r, redirect); return HTTP_MOVED_TEMPORARILY; } else { /* Set fake auth_line. */ if (auth_line) { apr_table_set(r->headers_in, "Authorization", auth_line); } } /* Always return DECLINED because we don't authorize, */ /* we just set things up for the next auth module to. */ return DECLINED; }
MCryptHandle::~MCryptHandle(void) { if(td_!=MCRYPT_FAILED) mcrypt_module_close(td_); }
void emokit_deinit(emokit_device* s) { mcrypt_generic_deinit (s->td); mcrypt_module_close(s->td); }
int main() { MCRYPT td, td2; int i, t, imax; int j, jmax, ivsize; int x = 0, siz; char *text; unsigned char *IV; unsigned char *key; int keysize; td = mcrypt_module_open("idea", ALGORITHMS_DIR, "cbc", MODES_DIR); td2 = mcrypt_module_open("idea", ALGORITHMS_DIR, "cbc", MODES_DIR); if (td != MCRYPT_FAILED && td2 != MCRYPT_FAILED) { fprintf(stderr, "Created IDEA cipher.\n"); keysize = mcrypt_enc_get_key_size(td); fprintf(stderr, "Cipher key size %d.\n", keysize); key = calloc(1, keysize); if (key==NULL) exit(1); for (t=0;t<keysize;t++) key[t] = (t % 255) + 13; ivsize = mcrypt_enc_get_iv_size(td); fprintf(stderr, "IV size %d.\n", ivsize); if (ivsize>0) { IV = calloc( 1, ivsize); if (IV==NULL) exit(1); for (t=0;t<ivsize;t++) IV[t] = (t*2 % 255) + 15; } if (mcrypt_generic_init( td, key, keysize, IV) < 0) { fprintf(stderr, "Failed to Initialize algorithm!\n"); return -1; } if (mcrypt_enc_is_block_mode(td)!=0) siz = (strlen(TEXT) / mcrypt_enc_get_block_size(td))*mcrypt_enc_get_block_size(td); else siz = strlen(TEXT); text = calloc( 1, siz); if (text==NULL) exit(1); memmove( text, TEXT, siz); mcrypt_generic( td, text, siz); if (mcrypt_generic_init( td2, key, keysize, IV) < 0) { fprintf(stderr, "Failed to Initialize algorithm!\n"); return -1; } mdecrypt_generic( td2, text, siz); if ( memcmp( text, TEXT, siz) == 0) { printf( " %s: ok\n", "cbc"); } else { printf( " %s: failed\n", "cbc"); x=1; } mcrypt_generic_deinit(td); mcrypt_generic_deinit(td2); mcrypt_module_close(td); mcrypt_module_close(td2); free(text); free(key); if (ivsize>0) free(IV); } return 0; }
int epoc_deinit() { mcrypt_generic_deinit (td); mcrypt_module_close(td); return 0; }