Ejemplo n.º 1
1
int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
                  pem_password_cb *callback, void *u)
{
    int ok;
    int keylen;
    long len = *plen;
    int ilen = (int) len;       /* EVP_DecryptUpdate etc. take int lengths */
    EVP_CIPHER_CTX *ctx;
    unsigned char key[EVP_MAX_KEY_LENGTH];
    char buf[PEM_BUFSIZE];

#if LONG_MAX > INT_MAX
    /* Check that we did not truncate the length */
    if (len > INT_MAX) {
        PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_HEADER_TOO_LONG);
        return 0;
    }
#endif

    if (cipher->cipher == NULL)
        return 1;
    if (callback == NULL)
        keylen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
    else
        keylen = callback(buf, PEM_BUFSIZE, 0, u);
    if (keylen <= 0) {
        PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
        return 0;
    }
#ifdef CHARSET_EBCDIC
    /* Convert the pass phrase from EBCDIC */
    ebcdic2ascii(buf, buf, keylen);
#endif

    if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
                        (unsigned char *)buf, keylen, 1, key, NULL))
        return 0;

    ctx = EVP_CIPHER_CTX_new();
    if (ctx == NULL)
        return 0;

    ok = EVP_DecryptInit_ex(ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
    if (ok)
        ok = EVP_DecryptUpdate(ctx, data, &ilen, data, ilen);
    if (ok) {
        /* Squirrel away the length of data decrypted so far. */
        *plen = ilen;
        ok = EVP_DecryptFinal_ex(ctx, &(data[ilen]), &ilen);
    }
    if (ok)
        *plen += ilen;
    else
        PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);

    EVP_CIPHER_CTX_free(ctx);
    OPENSSL_cleanse((char *)buf, sizeof(buf));
    OPENSSL_cleanse((char *)key, sizeof(key));
    return ok;
}
Ejemplo n.º 2
0
// ----------------------------------------------------------------------------
bool Crypto::decryptConnectionRequest(BareNetworkString& ns)
{
    std::vector<uint8_t> pt(ns.m_buffer.size() - 4, 0);

    if (EVP_DecryptInit_ex(m_decrypt, NULL, NULL, NULL, NULL) != 1)
        return false;

    int dlen;
    if (!EVP_CIPHER_CTX_ctrl(m_decrypt, EVP_CTRL_GCM_SET_TAG, 4,
        ns.m_buffer.data()))
        return false;

    if (EVP_DecryptUpdate(m_decrypt, pt.data(), &dlen, ns.m_buffer.data() + 4,
        (int)(ns.m_buffer.size() - 4)) != 1)
        return false;

    if (EVP_DecryptFinal_ex(m_decrypt, unused_16_blocks.data(), &dlen) > 0)
    {
        assert(dlen == 0);
        std::swap(ns.m_buffer, pt);
        return true;
    }

    return false;
}   // decryptConnectionRequest
Ejemplo n.º 3
0
    r_int32 AESCipher::decrypt(const unsigned char* raw, const size_t& rawLen, unsigned char* dest, size_t* destLen) 
    {
        if (*destLen < rawLen)
        {
            return CIPHER_STATUS_BUFFER_ERROR;
        }

        int ret = 0;

        int p_len = rawLen;
        int f_len = 0;
        
        if (!EVP_DecryptInit_ex(&m_dctx, NULL, NULL, NULL, NULL))
        {
            return CIPHER_STATUS_UNKNOWN_ERROR;
        }

        if (!EVP_DecryptUpdate(&m_dctx, dest, &p_len, raw, rawLen))
        {
            return CIPHER_STATUS_UNKNOWN_ERROR;
        } 

        if (!EVP_DecryptFinal_ex(&m_dctx, dest+p_len, &f_len))
        {
            return CIPHER_STATUS_UNKNOWN_ERROR;
        }

        *destLen = p_len + f_len;
        
        return CIPHER_STATUS_OK;
    }
Ejemplo n.º 4
0
bool OldDecrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext, const unsigned char chKey[32], const unsigned char chIV[16])
{
    // plaintext will always be equal to or lesser than length of ciphertext
    int nLen = vchCiphertext.size();
    int nPLen = nLen, nFLen = 0;

    vchPlaintext = CKeyingMaterial(nPLen);

    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();

    if (!ctx) return false;

    bool fOk = true;

    EVP_CIPHER_CTX_init(ctx);
    if (fOk) fOk = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0;
    if (fOk) fOk = EVP_DecryptUpdate(ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen) != 0;
    if (fOk) fOk = EVP_DecryptFinal_ex(ctx, (&vchPlaintext[0]) + nPLen, &nFLen) != 0;
    EVP_CIPHER_CTX_cleanup(ctx);

    EVP_CIPHER_CTX_free(ctx);

    if (!fOk) return false;

    vchPlaintext.resize(nPLen + nFLen);
    return true;
}
Ejemplo n.º 5
0
bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext)
{
    if (!fKeySet)
        return false;

    // plaintext will always be equal to or lesser than length of ciphertext
    int nLen = vchCiphertext.size();
    int nPLen = nLen, nFLen = 0;

    vchPlaintext = CKeyingMaterial(nPLen);

    EVP_CIPHER_CTX ctx;

    bool fOk = true;

    EVP_CIPHER_CTX_init(&ctx);
    if (fOk) fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV);
    if (fOk) fOk = EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen);
    if (fOk) fOk = EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0])+nPLen, &nFLen);
    EVP_CIPHER_CTX_cleanup(&ctx);

    if (!fOk) return false;

    vchPlaintext.resize(nPLen + nFLen);
    return true;
}
bool DecryptAES256(const SecureString& sKey, const std::string& sCiphertext, const std::string& sIV, SecureString& sPlaintext)
{
    // plaintext will always be equal to or lesser than length of ciphertext
    int nLen = sCiphertext.size();
    int nPLen = nLen, nFLen = 0;

    // Verify key sizes
    if(sKey.size() != 32 || sIV.size() != AES_BLOCK_SIZE) {
        LogPrintf("crypter DecryptAES256 - Invalid key or block size\n");
        return false;
    }

    sPlaintext.resize(nPLen);

    EVP_CIPHER_CTX ctx;

    bool fOk = true;

    EVP_CIPHER_CTX_init(&ctx);
    if (fOk) fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, (const unsigned char*) &sKey[0], (const unsigned char*) &sIV[0]);
    if (fOk) fOk = EVP_DecryptUpdate(&ctx, (unsigned char *) &sPlaintext[0], &nPLen, (const unsigned char *) &sCiphertext[0], nLen);
    if (fOk) fOk = EVP_DecryptFinal_ex(&ctx, (unsigned char *) (&sPlaintext[0])+nPLen, &nFLen);
    EVP_CIPHER_CTX_cleanup(&ctx);

    if (!fOk) return false;

    sPlaintext.resize(nPLen + nFLen);
    return true;
}
Ejemplo n.º 7
0
size_t AES::CbcDecrypt256(const char *pIn, int iInLen, char *pOut, char *pKey, char *pIv)
{
    EVP_CIPHER_CTX *ctx;

    if(!(ctx = EVP_CIPHER_CTX_new())) 
    {
        //Error for create
        return 0;
    }
    //Init Encrypt
    if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, pIv))
    {
        return 0;
    }
    int iLen, iPlainLen;
    if(1 != EVP_DecryptUpdate(ctx, pOut, &iLen, pIn, iInLen))
    {
        return 0;
    }
    iPlainLen = iLen;


    if(1 != EVP_DecryptFinal_ex(ctx, pOut + iPlainLen, &iLen))
    {
        return 0;
    }

    iPlainLen += iLen;

    EVP_CIPHER_CTX_free(ctx);

    return iPlainLen;

}
Ejemplo n.º 8
0
int unwrap_v2_header(char *passphrase, cencrypted_v2_pwheader *header, uint8_t *aes_key, uint8_t *hmacsha1_key)
{
  /* derived key is a 3DES-EDE key */
  uint8_t derived_key[192/8];
  EVP_CIPHER_CTX ctx;
  uint8_t *TEMP1;
  int outlen, tmplen;

  PKCS5_PBKDF2_HMAC_SHA1(passphrase, strlen(passphrase), (unsigned char*)header->kdf_salt, 20,
			 PBKDF2_ITERATION_COUNT, sizeof(derived_key), derived_key);

  print_hex(stderr, derived_key, 192/8);

  EVP_CIPHER_CTX_init(&ctx);
  /* result of the decryption operation shouldn't be bigger than ciphertext */
  TEMP1 = malloc(header->encrypted_keyblob_size);
  /* uses PKCS#7 padding for symmetric key operations by default */
  EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv);

  if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) {
    fprintf(stderr, "internal error (1) during key unwrap operation!\n");
    return(-1);
  }
  if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) {
    fprintf(stderr, "internal error (2) during key unwrap operation!\n");
    return(-1);
  }
  outlen += tmplen;
  EVP_CIPHER_CTX_cleanup(&ctx);
  memcpy(aes_key, TEMP1, 16);
  memcpy(hmacsha1_key, TEMP1, 20);

  return(0);
}
Ejemplo n.º 9
0
int DecryptString(char type, char *in, char *out, unsigned char *key, int cipherlen)
{
    int plainlen = 0, tmplen;
    unsigned char iv[32] =
        { 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8 };
    EVP_CIPHER_CTX ctx;

    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit_ex(&ctx, CfengineCipher(type), NULL, key, iv);

    if (!EVP_DecryptUpdate(&ctx, out, &plainlen, in, cipherlen))
    {
        CfOut(cf_error, "", "!! Decrypt FAILED");
        EVP_CIPHER_CTX_cleanup(&ctx);
        return -1;
    }

    if (!EVP_DecryptFinal_ex(&ctx, out + plainlen, &tmplen))
    {
        unsigned long err = ERR_get_error();

        CfOut(cf_error, "", "decryption FAILED at final of %d: %s\n", cipherlen, ERR_error_string(err, NULL));
        EVP_CIPHER_CTX_cleanup(&ctx);
        return -1;
    }

    plainlen += tmplen;

    EVP_CIPHER_CTX_cleanup(&ctx);

    return plainlen;
}
Ejemplo n.º 10
0
bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext)
{
    if (!fKeySet)
        return false;

    // plaintext will always be equal to or lesser than length of ciphertext
    int nLen = vchCiphertext.size();
    int nPLen = nLen, nFLen = 0;

    vchPlaintext = CKeyingMaterial(nPLen);

    bool fOk = true;

    EVP_CIPHER_CTX *ctx= EVP_CIPHER_CTX_new();
    if(!ctx)
        throw std::runtime_error("Error allocating cipher context");

    if (fOk) fOk = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV);
    if (fOk) fOk = EVP_DecryptUpdate(ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen);
    if (fOk) fOk = EVP_DecryptFinal_ex(ctx, (&vchPlaintext[0])+nPLen, &nFLen);
    EVP_CIPHER_CTX_free(ctx);

    if (!fOk) return false;

    vchPlaintext.resize(nPLen + nFLen);
    return true;
}
Ejemplo n.º 11
0
/**
 * Decrypt cipher data
 **/
QByteArray OpensslAES::decrypt(const QByteArray &cipherData)
{
    if (!m_isValid)
        return QByteArray();

    /* plaintext will always be equal to or lesser than length of ciphertext*/
    int p_len = cipherData.size(), f_len = 0;
    unsigned char *plaintext = (unsigned char *)malloc(p_len);

    if (!EVP_DecryptInit_ex(&m_decoder, 0, 0, 0, 0)) {
        printf("ERROR in EVP_DecryptInit_ex\n");
        return QByteArray();
    }

    if (!EVP_DecryptUpdate(&m_decoder, plaintext, &p_len,
                           (const unsigned char*)cipherData.constData(), cipherData.size())) {
        printf("ERROR in EVP_DecryptUpdate\n");
        return QByteArray();
    }

    if (!EVP_DecryptFinal_ex(&m_decoder, plaintext+p_len, &f_len)) {
        printf("ERROR in EVP_DecryptFinal_ex\n");
        return QByteArray();
    }

    return QByteArray((const char*)plaintext, p_len + f_len);
}
Ejemplo n.º 12
0
bool msl::decrypt_aes256(const void* cipher,const size_t size,const std::string& key,const std::string& iv,std::string& plain)
{
	bool success=false;
	ERR_load_crypto_strings();
	OpenSSL_add_all_algorithms();
	EVP_CIPHER_CTX* ctx=EVP_CIPHER_CTX_new();
	uint8_t* temp_data=new uint8_t[(size/16+1)*16];

	int temp_length;
	int temp_unaligned_length;

	if(ctx!=nullptr&&
		EVP_DecryptInit_ex(ctx,EVP_aes_256_cbc(),nullptr,(uint8_t*)key.c_str(),(uint8_t*)iv.c_str())!=0&&
		EVP_DecryptUpdate(ctx,temp_data,&temp_length,(uint8_t*)cipher,size)!=0&&
		EVP_DecryptFinal_ex(ctx,temp_data+temp_length,&temp_unaligned_length)!=0)
	{
		plain=std::string((char*)temp_data,temp_length+temp_unaligned_length);
		success=true;
	}

	delete[] temp_data;
	EVP_CIPHER_CTX_free(ctx);
	ERR_free_strings();
	EVP_cleanup();
	ERR_remove_state(0);
	CRYPTO_cleanup_all_ex_data();
	return success;
}
Ejemplo n.º 13
0
JNIEXPORT int JNICALL Java_com_facebook_crypto_cipher_NativeGCMCipher_nativeDecryptFinal(
  JNIEnv* env,
  jobject obj,
  jbyteArray macTag,
  jint tagLength) {

  int bytesWritten = 0;
  char temp[1];

  EVP_CIPHER_CTX* ctx = Get_Cipher_CTX(env, obj);
  if (!ctx) {
    return CRYPTO_FAILURE;
  }

  jbyte* tagBytes = (*env)->GetByteArrayElements(env, macTag, NULL);
  if (!tagBytes) {
    return CRYPTO_FAILURE;
  }

  int retCode = CRYPTO_SUCCESS;
  if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tagLength, tagBytes)) {
    retCode = CRYPTO_FAILURE;
  }

  if (!retCode || !EVP_DecryptFinal_ex(ctx, temp, &bytesWritten)) {
    retCode = CRYPTO_FAILURE;
  }

  (*env)->ReleaseByteArrayElements(env, macTag, tagBytes, JNI_ABORT);

  return retCode;
}
Ejemplo n.º 14
0
static bool lib_decryptArray(const EVP_CIPHER *type, const QByteArray &buf, const QByteArray &key, const QByteArray &iv, bool pad, QByteArray *out)
{
	QByteArray result(buf.size()+type->block_size);
	int len;
	EVP_CIPHER_CTX c;

	unsigned char *ivp = NULL;
	if(!iv.isEmpty())
		ivp = (unsigned char *)iv.data();
	EVP_CIPHER_CTX_init(&c);
	//EVP_CIPHER_CTX_set_padding(&c, pad ? 1: 0);
	if(!EVP_DecryptInit_ex(&c, type, NULL, (unsigned char *)key.data(), ivp))
		return false;
	if(!pad) {
		if(!EVP_EncryptUpdate(&c, (unsigned char *)result.data(), &len, (unsigned char *)buf.data(), buf.size()))
			return false;
	}
	else {
		if(!EVP_DecryptUpdate(&c, (unsigned char *)result.data(), &len, (unsigned char *)buf.data(), buf.size()))
			return false;
	}
	result.resize(len);
	if(pad) {
		QByteArray last(type->block_size);
		if(!EVP_DecryptFinal_ex(&c, (unsigned char *)last.data(), &len))
			return false;
		last.resize(len);
		ByteStream::appendArray(&result, last);
	}

	memset(&c, 0, sizeof(EVP_CIPHER_CTX));
	*out = result;
	return true;
}
Ejemplo n.º 15
0
/* 7.3.43 */
int SAF_SymmDecryptFinal(
	void *hKeyHandle,
	unsigned char *pucOutData,
	unsigned int *puiOutDataLen)
{
	int ret = SAR_UnknownErr;
	SAF_KEY *hkey = (SAF_KEY *)hKeyHandle;
	int outlen;

	if (!hKeyHandle || !pucOutData || !puiOutDataLen) {
		SAFerr(SAF_F_SAF_SYMMDECRYPTFINAL, ERR_R_PASSED_NULL_PARAMETER);
		return SAR_IndataErr;
	}

	if (!hkey->cipher_ctx) {
		SAFerr(SAF_F_SAF_SYMMDECRYPTFINAL, SAF_R_DECRYPT_NOT_INITIALIZED);
		return SAR_NotInitializeErr;
	}

	if (!EVP_DecryptFinal_ex(hkey->cipher_ctx, pucOutData, &outlen)) {
		SAFerr(SAF_F_SAF_SYMMDECRYPTFINAL, ERR_R_EVP_LIB);
		goto end;
	}
	*puiOutDataLen = (unsigned int)outlen;

	ret = SAR_OK;

end:
	EVP_CIPHER_CTX_free(hkey->cipher_ctx);
	hkey->cipher_ctx = NULL;
	return ret;
}
Ejemplo n.º 16
0
uint32_t decrypt(const BYTE *password, const BYTE* data, uint32_t len, BYTE* ans, encrypt_function function) {
	EVP_CIPHER_CTX ctx;
	uint32_t keyl = 0, ivl = 0;
	uint32_t outl = 0, templ = 0;
	char *out = calloc(len, sizeof(char));
	keyl = EVP_CIPHER_key_length(function());
	ivl = EVP_CIPHER_iv_length(function());
    BYTE key[keyl];
    BYTE iv[ivl];

	/* Getting keys and iv */ 
	// Salt is setting in NULL
    EVP_BytesToKey(function(), EVP_md5(), NULL, password, strlen(password), 1, key, iv);

	/* Initialize context */
	EVP_CIPHER_CTX_init(&ctx);
	EVP_DecryptInit_ex(&ctx, function(), NULL, key, iv); 
	EVP_DecryptUpdate(&ctx, out, &outl, data, len); 
	EVP_DecryptFinal_ex(&ctx, out + outl, &templ);
	outl +=templ;
	memcpy(ans, out, outl);
	
	/* Clean context struct */ 
	EVP_CIPHER_CTX_cleanup(&ctx);
	free(out);
	return outl;
}
Ejemplo n.º 17
0
int DecryptString(char type, const char *in, char *out, unsigned char *key, int cipherlen)
{
    int plainlen = 0, tmplen;
    unsigned char iv[32] =
        { 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8, 1, 2, 3, 4, 5, 6, 7, 8 };
    EVP_CIPHER_CTX ctx;

    if (key == NULL)
        ProgrammingError("DecryptString: session key == NULL");

    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit_ex(&ctx, CfengineCipher(type), NULL, key, iv);

    if (!EVP_DecryptUpdate(&ctx, out, &plainlen, in, cipherlen))
    {
        Log(LOG_LEVEL_ERR, "Failed to decrypt string");
        EVP_CIPHER_CTX_cleanup(&ctx);
        return -1;
    }

    if (!EVP_DecryptFinal_ex(&ctx, out + plainlen, &tmplen))
    {
        unsigned long err = ERR_get_error();

        Log(LOG_LEVEL_ERR, "Failed to decrypt at final of cipher length %d. (EVP_DecryptFinal_ex: %s)", cipherlen, ERR_error_string(err, NULL));
        EVP_CIPHER_CTX_cleanup(&ctx);
        return -1;
    }

    plainlen += tmplen;

    EVP_CIPHER_CTX_cleanup(&ctx);

    return plainlen;
}
Ejemplo n.º 18
0
static int aesDecrypt(char* input, int inlen, char* output, int* outlen) {
    int c_len;
    int f_len;
    EVP_CIPHER_CTX ctx;

    if (input == NULL || inlen <= 0 || output == NULL || *outlen <= 0) {
        return -1;
    }

    EVP_CIPHER_CTX_init(&ctx);

    if (EVP_DecryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL, key, NULL) != 1) {
        return -2;
    }

    if (EVP_DecryptUpdate(&ctx, (unsigned char*)output, &c_len, (const unsigned char*)input,
                          inlen) != 1) {
        return -3;
    }

    if (EVP_DecryptFinal_ex(&ctx, (unsigned char*)(output + c_len), &f_len) != 1) {
        return -4;
    }

    EVP_CIPHER_CTX_cleanup(&ctx);

    *outlen = c_len + f_len;
    return 0;
}
Ejemplo n.º 19
0
rstatus_t dyn_aes_decrypt(unsigned char *enc_msg, size_t enc_msg_len, struct mbuf *mbuf, unsigned char *aes_key) {
	if (ENCRYPTION) {
		size_t dec_len   = 0;
		size_t block_len = 0;

		ASSERT(mbuf != NULL && mbuf->last == mbuf->pos);

		//if(!EVP_DecryptInit_ex(aes_decrypt_ctx, aes_cipher, NULL, aes_key, aes_iv)) {
		if(!EVP_DecryptInit_ex(aes_decrypt_ctx, aes_cipher, NULL, aes_key, aes_key)) {
			return DN_ERROR;
		}

		if(!EVP_DecryptUpdate(aes_decrypt_ctx, mbuf->pos, (int*) &block_len, enc_msg, (int)enc_msg_len)) {
			return DN_ERROR;
		}
		dec_len += block_len;

		if(!EVP_DecryptFinal_ex(aes_decrypt_ctx, mbuf->pos + dec_len, (int*) &block_len)) {
			return DN_ERROR;
		}
		dec_len += block_len;
		mbuf->last = mbuf->pos + dec_len;

		EVP_CIPHER_CTX_cleanup(aes_decrypt_ctx);

		return (int) dec_len;
	}

	mbuf_copy(mbuf, enc_msg, enc_msg_len);
	return (int) enc_msg_len;

}
Ejemplo n.º 20
0
/**
* @brief Decrypt *len bytes of ciphertext.
*
* Code adapted from: http://saju.net.in/code/misc/openssl_aes.c.txt
*
* @param e
* @param plaintext_buf
* @param plaintext_buf_len
* @param ciphertext
* @param ciphertext_len
*
* @return Size of decrypted data on success; -1 on failure
*/
int aes_decrypt(EVP_CIPHER_CTX *e, 
				unsigned char *plaintext_buf, int plaintext_buf_len,
				unsigned char *ciphertext, int ciphertext_len) {
	/* because we have padding ON, we must have an extra cipher block size of memory */
	int p_len = ciphertext_len, f_len = 0;
	if (plaintext_buf_len < p_len + AES_BLOCK_SIZE) {
		ERROR("ERROR: plaintext buffer too small");
		return -1;
	}
	
	if (EVP_DecryptInit_ex(e, NULL, NULL, NULL, NULL) != 1) {
		ERROR("ERROR initializing decryption");
		return -1;
	}
	if (EVP_DecryptUpdate(e, plaintext_buf, &p_len, ciphertext, ciphertext_len) != 1) {
		ERROR("ERROR decrypting");
		return-1;
	}
	if (EVP_DecryptFinal_ex(e, plaintext_buf+p_len, &f_len) != 1) {
		ERROR("ERROR decrypting");
		return -1;
	}
	
	return p_len + f_len;;
}
Ejemplo n.º 21
0
rstatus_t
aes_decrypt(unsigned char *enc_msg, size_t enc_msg_len, unsigned char **dec_msg, unsigned char *aes_key) {
	size_t dec_len   = 0;
	size_t block_len = 0;

	*dec_msg = (unsigned char*) malloc(enc_msg_len);
	if(*dec_msg == NULL)
		return DN_ERROR;

	//if(!EVP_DecryptInit_ex(aes_decrypt_ctx, aes_cipher, NULL, aes_key, aes_iv)) {
	if(!EVP_DecryptInit_ex(aes_decrypt_ctx, aes_cipher, NULL, aes_key, aes_key)) {
		return DN_ERROR;
	}

	if(!EVP_DecryptUpdate(aes_decrypt_ctx, (unsigned char*) *dec_msg, (int*) &block_len, enc_msg, (int) enc_msg_len)) {
		return DN_ERROR;
	}
	dec_len += block_len;

	if(!EVP_DecryptFinal_ex(aes_decrypt_ctx, (unsigned char*) *dec_msg + dec_len, (int*) &block_len)) {
		return DN_ERROR;
	}
	dec_len += block_len;

	//EVP_CIPHER_CTX_cleanup(aesDecryptCtx);

	return (int)dec_len;
}
Ejemplo n.º 22
0
uint8* decrypt_key(const char* filesystem, uint8* passphrase) {
  int i = 0;
  EVP_CIPHER_CTX ctx;
  uint8 data[0x30];
  int outlen, tmplen = 0;
  
  FILE* fd = fopen(filesystem, "rb");
  if (fd == NULL) {
    fprintf(stderr, "error opening file: %s", filesystem);
    return NULL;
  }
  
  uint8* buffer = (uint8*) malloc(BUF_SIZE);
  if(buffer == NULL) {
  	fprintf(stderr, "unable to allocate memory\n");
  	fclose(fd);
  	return NULL;
  }
  
  fread(buffer, 1, sizeof(encrcdsa_header), fd);
  
  uint32 blocks = 0;
  fread(&blocks, 1, sizeof(uint32), fd);
  FLIPENDIAN(blocks);
  
  fread(buffer, 1, sizeof(encrcdsa_block) * blocks, fd);
  fread(buffer, 1, 0x80, fd);
  
  uint32 skip = 0;
  fread(&skip, 1, sizeof(uint32), fd);
  FLIPENDIAN(skip);
  fread(buffer, 1, skip-3, fd);
		
  uint8* out = malloc(0x30);
  free(buffer);

  for (i = 0; i < 0x20; i++) {
    if (fread(data, 1, 0x30, fd) <= 0) {
      fprintf(stderr, "Error reading filesystem image");
      free(out);
      return NULL;
    }
    
    if(data[0] == 0) break;

    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, passphrase,
        &passphrase[24]);

    EVP_DecryptUpdate(&ctx, out, &outlen, data, 0x30);
    if (EVP_DecryptFinal_ex(&ctx, out + outlen, &tmplen)) {
      return out;
    }
    
    fseek(fd, 0x238, SEEK_CUR);
  }

  fclose(fd);
  return out;
}
Ejemplo n.º 23
0
static int do_decrypt(EVP_CIPHER_CTX* aes256, pubnub_bymebl_t data, uint8_t const* key, uint8_t const* iv, pubnub_bymebl_t *msg)
{
    int len = 0;
    if (!EVP_DecryptInit_ex(aes256, EVP_aes_256_cbc(), NULL, key, iv)) {
        ERR_print_errors_cb(print_to_pubnub_log, NULL);
        PUBNUB_LOG_ERROR("Failed to initialize AES-256 decryption\n");
        return -1;
    }

    if (!EVP_DecryptUpdate(aes256, msg->ptr, &len, data.ptr, data.size)) {
        ERR_print_errors_cb(print_to_pubnub_log, NULL);
        PUBNUB_LOG_ERROR("Failed to AES-256 decrypt the mesage\n");
        return -1;
    }
    msg->size = len;

    if (!EVP_DecryptFinal_ex(aes256, msg->ptr + len, &len)) {
        ERR_print_errors_cb(print_to_pubnub_log, NULL);
        PUBNUB_LOG_ERROR("Failed to finalize AES-256 decryption\n");
        return -1;
    }
    msg->size += len;

    return 0;
}
Ejemplo n.º 24
0
void aes_gcm_decrypt(void)
{
    EVP_CIPHER_CTX *ctx;
    int outlen, tmplen, rv;
    unsigned char outbuf[1024];
    printf("AES GCM Derypt:\n");
    printf("Ciphertext:\n");
    BIO_dump_fp(stdout, gcm_ct, sizeof(gcm_ct));
    ctx = EVP_CIPHER_CTX_new();
    /* Select cipher */
    EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
    /* Set IV length, omit for 96 bits */
    EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, sizeof(gcm_iv), NULL);
    /* Specify key and IV */
    EVP_DecryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv);
    /* Zero or more calls to specify any AAD */
    EVP_DecryptUpdate(ctx, NULL, &outlen, gcm_aad, sizeof(gcm_aad));
    /* Decrypt plaintext */
    EVP_DecryptUpdate(ctx, outbuf, &outlen, gcm_ct, sizeof(gcm_ct));
    /* Output decrypted block */
    printf("Plaintext:\n");
    BIO_dump_fp(stdout, outbuf, outlen);
    /* Set expected tag value. */
    EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(gcm_tag),
                        (void *)gcm_tag);
    /* Finalise: note get no output for GCM */
    rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen);
    /*
     * Print out return value. If this is not successful authentication
     * failed and plaintext is not trustworthy.
     */
    printf("Tag Verify %s\n", rv > 0 ? "Successful!" : "Failed!");
    EVP_CIPHER_CTX_free(ctx);
}
Ejemplo n.º 25
0
int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
	{
	int i;

	i=EVP_DecryptFinal_ex(ctx,out,outl);
	EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
	return(i);
	}
Ejemplo n.º 26
0
int openssl_decrypt(struct emvpn_socket *v, uint8_t *to, uint8_t *from, int len)
{
    int clen, flen = 0;
    EVP_CIPHER_CTX_init(&dec);
    EVP_DecryptInit(&dec, EVP_aes_256_cbc(), v->key.key, v->key.iv);
    EVP_DecryptUpdate(&dec, to, &clen, from, len);
    EVP_DecryptFinal_ex(&dec, to + clen, &flen);
    return clen + (flen % 16) ;
}
Ejemplo n.º 27
0
static int apple_des3_ede_unwrap_key1(unsigned char *wrapped_key, int wrapped_key_len, unsigned char *decryptKey) 
{
    EVP_CIPHER_CTX ctx;
    unsigned char *TEMP1, *TEMP2, *CEKICV;
    unsigned char IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
    int outlen, tmplen, i;


    TEMP1 = alloca(wrapped_key_len);
    TEMP2 = alloca(wrapped_key_len);
    CEKICV = alloca(wrapped_key_len);

    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);

    if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) 
    {
	return(-1);
    }
    if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) 
    {
	/*if (header.len_wrapped_aes_key==48)*/ return(-1);
    }
    outlen += tmplen;
    EVP_CIPHER_CTX_cleanup(&ctx);

    for(i = 0; i < outlen; i++) 
    {
	TEMP2[i] = TEMP1[outlen - i - 1];
    }
    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);
    if(!EVP_DecryptUpdate(&ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) 
    {
	return(-1);
    }
    if(!EVP_DecryptFinal_ex(&ctx, CEKICV + outlen, &tmplen)) 
    {
	return(-1);
    }
    outlen += tmplen;
    EVP_CIPHER_CTX_cleanup(&ctx);
    return 0;
}
Ejemplo n.º 28
0
soter_status_t soter_sym_aead_ctx_final(soter_sym_ctx_t *ctx,bool encrypt){
  uint8_t out_data[16];
  size_t out_data_length=0;
  if(encrypt){
    SOTER_CHECK(EVP_EncryptFinal_ex(&(ctx->evp_sym_ctx), out_data, (int*)&out_data_length)!=0 && out_data_length==0);
  } else {
    SOTER_CHECK(EVP_DecryptFinal_ex(&(ctx->evp_sym_ctx), out_data, (int*)&out_data_length)!=0 && out_data_length==0);
  }    
  return SOTER_SUCCESS;
}
Ejemplo n.º 29
0
static struct json_object *
pubnub_decrypt(const char *cipher_key, const char *b64_str)
{
	int b64_len = strlen(b64_str);
	unsigned char iv[] = "0123456789012345";

	/* Pre-process (hash) encryption key */

	unsigned char cipher_hash[33];
	pubnub_sha256_cipher_key(cipher_key, cipher_hash);

	/* Convert base64 encrypted text to raw data. */

	BIO *b64f = BIO_new(BIO_f_base64());
	BIO_set_flags(b64f, BIO_FLAGS_BASE64_NO_NL);
	BIO *bmem = BIO_new_mem_buf((unsigned char *) b64_str, b64_len);
	BIO *b64 = BIO_push(b64f, bmem);
	/* b64_len is fine upper bound for raw data length... */
	unsigned char *cipher_data = (unsigned char*)malloc(b64_len);
	int cipher_len = BIO_read(b64, cipher_data, b64_len);
	BIO_free_all(b64);

	/* Decrypt the message */

	EVP_CIPHER_CTX aes256;
	EVP_CIPHER_CTX_init(&aes256);
	if (!EVP_DecryptInit_ex(&aes256, EVP_aes_256_cbc(), NULL, cipher_hash, iv)) {
		DBGMSG("DecryptInit error\n");
		return NULL;
	}

	char *message_str = (char*)malloc(cipher_len + EVP_CIPHER_block_size(EVP_aes_256_cbc()) + 1);
	int message_len = 0;
	if (!EVP_DecryptUpdate(&aes256, (unsigned char *) message_str, &message_len, cipher_data, cipher_len)) {
		DBGMSG("DecryptUpdate error\n");
		return NULL;
	}
	int message_flen;
	if (!EVP_DecryptFinal_ex(&aes256, (unsigned char *) message_str + message_len, &message_flen)) {
		DBGMSG("DecryptFinal error\n");
		return NULL;
	}
	message_len += message_flen;

	EVP_CIPHER_CTX_cleanup(&aes256);
	free(cipher_data);

	/* Conjure up JSON object */

	message_str[message_len] = 0;
	DBGMSG("dec inp: <%s>\n", message_str);
	struct json_object *message = json_tokener_parse(message_str);
	free(message_str);
	return message;
}
Ejemplo n.º 30
0
void aes_gcm_decrypt(unsigned char *key, unsigned char *iv, unsigned char *cnt, int cntlen, unsigned char *in, int inlen, unsigned char *tag, int taglen, unsigned char* out, int *outlen) {
	EVP_CIPHER_CTX *x;
	int ol1;
	x=EVP_CIPHER_CTX_new();
	EVP_DecryptInit_ex(x, EVP_aes_128_gcm(), NULL, key, iv);
	EVP_DecryptUpdate(x, 0, outlen,  cnt, cntlen);
	EVP_DecryptUpdate(x, out, &ol1,  in, inlen);
	*outlen=ol1;
	EVP_DecryptFinal_ex(x, out+(*outlen), &ol1);
	*outlen+=ol1;
}