static int fuzzEnvelope( const char *fuzzFileName )
{
CRYPT_ENVELOPE cryptEnvelope;
BYTE buffer[ 4096 ];
int length, bytesIn, status;
/* Create the envelope */
status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED,
CRYPT_FORMAT_AUTO );
if( cryptStatusError( status ) )
return( status );
/* We're ready to go, start the forkserver and read the mutable data */
#ifndef __WINDOWS__
__afl_manual_init();
#endif /* !__WINDOWS__ */
length = readFileData( fuzzFileName, fuzzFileName, buffer, 4096, 64,
TRUE );
if( length < 64 )
return( CRYPT_ERROR_READ );
/* Process the input file */
( void ) cryptPushData( cryptEnvelope, buffer, length, &bytesIn );
cryptDestroyEnvelope( cryptEnvelope );
return( CRYPT_OK );
}
unsigned __stdcall envelopeDataThread( void *arg )
#endif /* Different threading models */
{
static const char *envData = "qwertyuiopasdfghjklzxcvbnm";
BYTE fileBuffer[ BUFFER_SIZE ];
const unsigned uThread = ( unsigned ) arg;
const time_t startTime = time( NULL );
int count, status;
printf( "Thread %d started.\n", uThread );
fflush( stdout );
filenameFromTemplate( fileBuffer, CERT_FILE_TEMPLATE, 13 );
for( count = 0; count < 150; count++ )
{
CRYPT_ENVELOPE cryptEnvelope;
CRYPT_CERTIFICATE cryptCert;
BYTE envBuffer[ BUFFER_SIZE ];
int bytesCopied;
/* Create the cert and envelope and add the cert to the envelope */
status = importCertFile( &cryptCert, fileBuffer );
if( cryptStatusOK( status ) )
status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED,
CRYPT_FORMAT_CRYPTLIB );
if( cryptStatusOK( status ) )
status = cryptSetAttribute( cryptEnvelope,
CRYPT_ENVINFO_PUBLICKEY, cryptCert );
if( cryptStatusError( status ) )
break;
/* Envelope data and destroy the envelope */
status = cryptPushData( cryptEnvelope, envData, strlen( envData ),
&bytesCopied );
if( cryptStatusOK( status ) )
status = cryptPushData( cryptEnvelope, NULL, 0, NULL );
if( cryptStatusOK( status ) )
status = cryptPopData( cryptEnvelope, envBuffer, BUFFER_SIZE,
&bytesCopied );
if( cryptStatusOK( status ) )
status = cryptDestroyEnvelope( cryptEnvelope );
if( cryptStatusError( status ) )
break;
printf( "%c", uThread + '0' );
}
printf( "Thread %u exited after %d seconds.\n", uThread,
time( NULL ) - startTime );
fflush( stdout );
#ifdef UNIX_THREADS
pthread_exit( NULL );
#else
_endthreadex( 0 );
#endif /* Different threading models */
return( 0 );
}
unsigned __stdcall encTest( void *arg )
{
CRYPT_ENVELOPE cryptEnvelope;
CRYPT_CERTIFICATE cryptCert;
BYTE buffer[ 1024 ];
const int count = *( ( int * ) arg );
int bytesCopied, i, status;
printf( "EncTest %d.\n", count );
for( i = 0; i < count; i++ )
{
FILE *filePtr;
int certSize;
if( ( filePtr = fopen( "testdata/cert5.der", "rb" ) ) != NULL )
{
certSize = fread( buffer, 1, 1024, filePtr );
fclose( filePtr );
}
status = cryptImportCert( buffer, certSize, CRYPT_UNUSED,
&certificate );
if( cryptStatusOK( status ) )
status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED,
CRYPT_FORMAT_CMS );
if( cryptStatusOK( status ) )
status = cryptSetAttribute( cryptEnvelope,
CRYPT_ENVINFO_PUBLICKEY, cryptCert );
if( cryptStatusOK( status ) )
status = cryptPushData( cryptEnvelope, buffer, 200,
&bytesCopied );
if( cryptStatusOK( status ) )
status = cryptFlushData( cryptEnvelope );
if( cryptStatusOK( status ) )
status = cryptPopData( cryptEnvelope, buffer, 1024,
&bytesCopied );
if( cryptStatusOK( status ) )
status = cryptDestroyCert( cryptCert );
if( cryptStatusOK( status ) )
status = cryptDestroyEnvelope( cryptEnvelope );
if( cryptStatusError( status ) )
{
_endthreadex( status );
return( 0 );
}
}
_endthreadex( 0 );
return( 0 );
}
unsigned __stdcall signTest( void *arg )
{
CRYPT_KEYSET cryptKeyset;
CRYPT_CONTEXT privateKeyContext;
CRYPT_ENVELOPE cryptEnvelope;
BYTE buffer[ 1024 ];
const int count = *( ( int * ) arg );
int bytesCopied, i, status;
printf( "SignTest %d.\n", count );
for( i = 0; i < count; i++ )
{
status = cryptKeysetOpen( &cryptKeyset, CRYPT_UNUSED,
CRYPT_KEYSET_FILE, TEST_PRIVKEY_FILE,
CRYPT_KEYOPT_READONLY);
if( cryptStatusOK( status ) )
status = cryptGetPrivateKey( cryptKeyset, &privateKeyContext,
CRYPT_KEYID_NAME, RSA_PRIVKEY_LABEL,
TEST_PRIVKEY_PASSWORD );
if( cryptStatusOK( status ) )
status = cryptCreateEnvelope( &cryptEnvelope, CRYPT_UNUSED,
CRYPT_FORMAT_CMS );
if( cryptStatusOK( status ) )
status = cryptSetAttribute( cryptEnvelope,
CRYPT_ENVINFO_SIGNATURE,
privateKeyContext );
if( cryptStatusOK( status ) )
status = cryptPushData( cryptEnvelope, "message", 7,
&bytesCopied );
if( cryptStatusOK( status ) )
status = cryptFlushData( cryptEnvelope );
if( cryptStatusOK( status ) )
status = cryptPopData( cryptEnvelope, buffer, 1024,
&bytesCopied );
if( cryptStatusOK( status ) )
status = cryptDestroyContext( privateKeyContext );
if( cryptStatusOK( status ) )
status = cryptKeysetClose( cryptKeyset );
if( cryptStatusOK( status ) )
status = cryptDestroyEnvelope( cryptEnvelope );
if( cryptStatusError( status ) )
{
_endthreadex( status );
return( 0 );
}
}
_endthreadex( 0 );
return( 0 );
}
static int testTSP( const CRYPT_SESSION cryptSession,
const BOOLEAN isServer,
const BOOLEAN isRecycledConnection,
const BOOLEAN useAltHash,
const BOOLEAN localSession )
{
int status;
/* If we're the client, wait for the server to finish initialising */
if( localSession && !isServer && waitMutex() == CRYPT_ERROR_TIMEOUT )
{
printf( "Timed out waiting for server to initialise, line %d.\n",
__LINE__ );
return( FALSE );
}
/* If we're the client, create a message imprint to timestamp */
if( !isServer )
{
CRYPT_CONTEXT hashContext;
/* Create the hash value to add to the TSP request */
status = cryptCreateContext( &hashContext, CRYPT_UNUSED,
useAltHash ? CRYPT_ALGO_SHA256 : \
CRYPT_ALGO_SHA1 );
if( cryptStatusError( status ) )
return( FALSE );
cryptEncrypt( hashContext, "12345678", 8 );
cryptEncrypt( hashContext, "", 0 );
if( isRecycledConnection )
{
/* If we're moving further data over an existing connection,
delete the message imprint from the previous run */
status = cryptDeleteAttribute( cryptSession,
CRYPT_SESSINFO_TSP_MSGIMPRINT );
if( cryptStatusError( status ) )
{
printf( "cryptDeleteAttribute() failed with error code %d, "
"line %d.\n", status, __LINE__ );
return( FALSE );
}
}
status = cryptSetAttribute( cryptSession,
CRYPT_SESSINFO_TSP_MSGIMPRINT,
hashContext );
if( cryptStatusError( status ) )
{
printf( "cryptSetAttribute() failed with error code %d, line "
"%d.\n", status, __LINE__ );
return( FALSE );
}
cryptDestroyContext( hashContext );
/* If it's a local session, wait for the server to finish
initialising */
if( localSession && waitMutex() == CRYPT_ERROR_TIMEOUT )
{
printf( "Timed out waiting for server to initialise, line %d.\n",
__LINE__ );
return( FALSE );
}
}
else
{
/* We're the server, if this is the first connect tell the client
that we're ready to go */
if( localSession && !isRecycledConnection )
releaseMutex();
}
/* Activate the session and timestamp the message */
#if TSP_SERVER_NO == 11
cryptSetAttribute( cryptSession, CRYPT_OPTION_NET_READTIMEOUT, 30 );
#endif /* Very slow TSP */
status = cryptSetAttribute( cryptSession, CRYPT_SESSINFO_ACTIVE, TRUE );
if( isServer )
printConnectInfo( cryptSession );
if( cryptStatusError( status ) )
{
printExtError( cryptSession, isServer ? \
"SVR: Attempt to activate TSP server session" : \
"Attempt to activate TSP client session", status,
__LINE__ );
if( !isServer && isServerDown( cryptSession, status ) )
{
puts( " (Server could be down, faking it and continuing...)\n" );
cryptDestroySession( cryptSession );
return( CRYPT_ERROR_FAILED );
}
cryptDestroySession( cryptSession );
return( FALSE );
}
/* There's not much more we can do in the client at this point since the
TSP data is only used internally by cryptlib, OTOH if we get to here
then we've received a valid response from the TSA so all is OK */
if( !isServer )
{
CRYPT_ENVELOPE cryptEnvelope;
BYTE buffer[ BUFFER_SIZE ];
int bytesCopied;
status = cryptGetAttribute( cryptSession, CRYPT_SESSINFO_RESPONSE,
&cryptEnvelope );
if( cryptStatusError( status ) )
{
printExtError( cryptSession, "Attempt to process returned "
"timestamp", status, __LINE__ );
return( FALSE );
}
status = cryptPopData( cryptEnvelope, buffer, BUFFER_SIZE,
&bytesCopied );
if( cryptStatusError( status ) )
{
printf( "cryptPopData() failed with error code %d, line %d.\n",
status, __LINE__ );
return( FALSE );
}
printf( "Timestamp data size = %d bytes.\n", bytesCopied );
debugDump( "tstinfo", buffer, bytesCopied );
cryptDestroyEnvelope( cryptEnvelope );
}
return( TRUE );
}
main(int argc, char **argv){
int ret; /* Return code */
int i; /* Loop iterator */
int bytesCopied; /* Bytes output by cryptlib enc/dec ops */
int reqAttrib; /* Crypt required attributed */
CRYPT_ENVELOPE dataEnv; /* Envelope for enc/dec */
CRYPT_KEYSET keyset; /* GPG keyset */
CRYPT_CONTEXT symContext; /* Key context */
char *keyPtr; /* Pointer to key */
char label[100]; /* Private key label */
int labelLength; /* Length of label */
char passbuf[1024]; /* Buffer for GPG key passphrase */
struct termios ts, ots; /* Strutures for saving/modifying term attribs */
char *clrDataPtr; /* Pointer to clear text */
int clrDataSize; /* Size of clear text */
int clrDataFd; /* Pointer to clear text file */
char *encDataPtr; /* Pointer to encrypted data */
int encDataSize; /* Size of encrypted data */
int encDataFd; /* Pointer to encrypted text file */
struct stat encDataFileInfo; /* fstat return for encrypted data file */
struct passwd *userInfo; /* Password info for input user */
char *keyFile; /* GPG key ring file name */
uid_t ownerID = getuid();
struct passwd *owner_pws = getpwuid(ownerID);
char* owner_pwname = owner_pws->pw_name;//get the user login name;
char* owner_pwdir = owner_pws->pw_dir;
char *fileKeyName;
*fileKeyName = malloc(strlen(owner_pwname)+strlen(argv[2]+10));
strcpy(fileKeyName,argv[2]);
strcat(fileKeyName,".enc.");
strcat(fileKeyName,owner_pwname);
strcat(fileKeyName,".key");
printf("%s\n",fileKeyName);
char *outputFileKeyName = malloc(strlen(argv[1])+strlen(argv[2])+20);
strcpy(outputFileKeyName,argv[2]);
strcat(outputFileKeyName,".enc.");
strcat(outputFileKeyName,argv[1]);
strcat(outputFileKeyName,".key");
printf("%s\n",outputFileKeyName);
/*==============================================
Check Check Check Check Check Check
==============================================
*/
if (argc!=3) {printf("Wrong number of arguments\n");exit(1);}
char *fileName = malloc(strlen(argv[2])+5);
strcpy(fileName,argv[2]);
strcat(fileName,".enc");
fileChecker(fileName);
/*=============================================
Open DATAFILE and get data
=============================================
*/
encDataFd=open(fileKeyName,O_RDONLY);
if (encDataFd<=0){perror("open encData1");exit(encDataFd);}
ret=fstat(encDataFd,&encDataFileInfo);
if (ret!=0){perror("fstat encDataFd");exit(ret);}
encDataSize=encDataFileInfo.st_size;
encDataPtr=malloc(encDataFileInfo.st_size);
if (encDataPtr==NULL){perror("malloc encData");exit(__LINE__);}
ret=read(encDataFd,encDataPtr,encDataSize);
if (ret!=encDataSize){perror("read encData");exit(ret);}
close(encDataFd);
/*==============================================
Cryptlib initialization
==============================================
*/
//cryptInit();
//ret=cryptAddRandom( NULL , CRYPT_RANDOM_SLOWPOLL);
//checkCryptNormal(ret,"cryptAddRandom",__LINE__);
/*=================================================
Decrypt the key
=================================================
*/
keyFile=malloc( strlen(owner_pwdir )
+ strlen("/.gnupg/secring.gpg") + 1);
if (keyFile==NULL){perror("malloc");exit(__LINE__);}
strcpy(keyFile,owner_pwdir);
strcat(keyFile,"/.gnupg/secring.gpg");
printf("Getting secret key from <%s>\n",keyFile);
//Decrypt key
cryptInit();
ret=cryptAddRandom( NULL , CRYPT_RANDOM_SLOWPOLL);
checkCryptNormal(ret,"cryptAddRandom",__LINE__);
ret=cryptKeysetOpen(&keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile, CRYPT_KEYOPT_READONLY);
free(keyFile);
checkCryptNormal(ret,"cryptKeysetOpen",__LINE__);
ret=cryptCreateEnvelope(&dataEnv, CRYPT_UNUSED, CRYPT_FORMAT_AUTO);
checkCryptNormal(ret,"cryptCreateEnvelope",__LINE__);
ret=cryptSetAttribute(dataEnv, CRYPT_ENVINFO_KEYSET_DECRYPT, keyset);
checkCryptNormal(ret,"cryptSetAttribute",__LINE__);
ret=cryptPushData(dataEnv,encDataPtr,encDataSize,&bytesCopied);
/* Expect non-zero return -- indicates need private key */
ret=cryptGetAttribute(dataEnv, CRYPT_ATTRIBUTE_CURRENT, &reqAttrib);
if (reqAttrib != CRYPT_ENVINFO_PRIVATEKEY)
{printf("Decrypt error\n");exit(ret);}
ret=cryptGetAttributeString(dataEnv, CRYPT_ENVINFO_PRIVATEKEY_LABEL, label, &labelLength);
label[labelLength]='\0';
checkCryptNormal(ret,"cryptGetAttributeString",__LINE__);
/*===============================================
Get the passphrase
===============================================
*/
tcgetattr(STDIN_FILENO, &ts);
ots = ts;
ts.c_lflag &= ~ECHO;
ts.c_lflag |= ECHONL;
tcsetattr(STDIN_FILENO, TCSAFLUSH, &ts);
tcgetattr(STDIN_FILENO, &ts);
if (ts.c_lflag & ECHO) {
fprintf(stderr, "Failed to turn off echo\n");
tcsetattr(STDIN_FILENO, TCSANOW, &ots);
exit(1);
}
printf("Enter password for <%s>: ",label);
fflush(stdout);
fgets(passbuf, 1024, stdin);
tcsetattr(STDIN_FILENO, TCSANOW, &ots);
ret=cryptSetAttributeString(dataEnv, CRYPT_ENVINFO_PASSWORD,
passbuf, strlen(passbuf)-1);
if (ret != CRYPT_OK) {
if (ret=CRYPT_ERROR_WRONGKEY) {
printf("Wrong Key\n");
exit(ret);
}else{
printf("cryptSetAttributeString line %d returned <%d>\n",__LINE__,ret);
exit(ret);
}
}
ret=cryptFlushData(dataEnv);
checkCryptNormal(ret,"cryptFlushData",__LINE__);
clrDataSize=KEYSIZE;
clrDataPtr=malloc(clrDataSize);
if (clrDataPtr==NULL){perror("malloc");exit(__LINE__);}
bzero(clrDataPtr,clrDataSize);
ret=cryptPopData(dataEnv,clrDataPtr,clrDataSize,&bytesCopied);
checkCryptNormal(ret,"cryptPopData",__LINE__);
ret=cryptDestroyEnvelope(dataEnv);
checkCryptNormal(ret,"cryptDestroyEnvelope",__LINE__);
cryptKeysetClose(keyset);
checkCryptNormal(ret,"cryptKeysetClose",__LINE__);
printf("Bytes decrypted <%d>\n",bytesCopied);
for (i=0;i<bytesCopied;i++){printf("%c",clrDataPtr[i]);}
ret=cryptEnd();
checkCryptNormal(ret,"cryptEnd",__LINE__);
/*====================================================
Part2 Encrypt the key with user's private key
====================================================
*/
/*==============================================
Cryptlib initialization
==============================================
*/
cryptInit();
ret=cryptAddRandom( NULL , CRYPT_RANDOM_SLOWPOLL);
checkCryptNormal(ret,"cryptAddRandom",__LINE__);
/*====================================================
Get key file name
====================================================
*/
keyFile=malloc( strlen(owner_pwdir )
+ strlen("/.gnupg/pubring.gpg") + 1);
if (keyFile==NULL){perror("malloc");exit(__LINE__);}
strcpy(keyFile,owner_pwdir);
strcat(keyFile,"/.gnupg/pubring.gpg");
printf("Getting secret key from <%s>\n",keyFile);
/*====================================================
Encrypt key with GPG public key
Email address is for recipient
===================================================
*/
ret=cryptKeysetOpen(&keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, keyFile, CRYPT_KEYOPT_READONLY);
free(keyFile);
checkCryptNormal(ret,"cryptKeysetOpen",__LINE__);
ret=cryptCreateEnvelope(&dataEnv, CRYPT_UNUSED, CRYPT_FORMAT_PGP);
checkCryptNormal(ret,"cryptCreateEnvelope",__LINE__);
ret=cryptSetAttribute(dataEnv, CRYPT_ENVINFO_KEYSET_ENCRYPT, keyset);
checkCryptNormal(ret,"cryptSetAttribute",__LINE__);
ret=cryptSetAttributeString(dataEnv, CRYPT_ENVINFO_RECIPIENT,
argv[1],strlen(argv[1]));
checkCryptNormal(ret,"cryptSetAttributeString",__LINE__);
ret=cryptSetAttribute(dataEnv, CRYPT_ENVINFO_DATASIZE, KEYSIZE);
ret=cryptPushData(dataEnv,clrDataPtr,KEYSIZE,&bytesCopied);
checkCryptNormal(ret,"cryptPushData",__LINE__);
ret=cryptFlushData(dataEnv);
checkCryptNormal(ret,"cryptFlushData",__LINE__);
encDataSize=strlen(clrDataPtr)+1+1028;
encDataPtr=malloc(encDataSize);
if (encDataPtr==NULL){perror("malloc");exit(__LINE__);}
ret=cryptPopData(dataEnv,encDataPtr,encDataSize,&bytesCopied);
printf("cryptPopData returned <%d> bytes of encrypted data\n",bytesCopied);
encDataSize=bytesCopied;
ret=cryptDestroyEnvelope(dataEnv);
checkCryptNormal(ret,"cryptDestroyEnvelope",__LINE__);
cryptKeysetClose(keyset);
checkCryptNormal(ret,"cryptKeysetClose",__LINE__);
/*==============================================
write it to output file.
==============================================
*/
printf("%s\n",outputFileKeyName);
encDataFd=open(outputFileKeyName,O_RDWR|O_CREAT|O_TRUNC,S_IRUSR|S_IWUSR);
if (encDataFd<=0){perror("open encDataFd");exit(encDataFd);}
ret=write(encDataFd,encDataPtr,bytesCopied);
if (ret!=bytesCopied){perror("write encData");exit(ret);}
close(encDataFd);
int chmodStat = chmod (outputFileKeyName, S_IWRITE| S_IREAD| S_IRGRP | S_IWGRP);
if(chmodStat<0){
perror("failed to chmod");
exit(-1);
}
free(encDataPtr);
}
int main(int argc, char const *argv[])
{
struct passwd *pws; /* info for input user */
char *pwname; /* username */
char *pwdir; /* home directory */
char *encFile;
char *encKey;
int encKeyFd; //file state
char *encKeyPtr; /* Pointer to encrypted data */
int encKeySize; /* Buffer bytes availble for decrypt */
struct stat fileStat; /* Struce for checking file attributes */
char *keyFile; /* GPG key ring file name */
char *gpgPrivateKeyPtr;
int ret; /* Return code */
int i; /* Loop iterator */
int bytesCopied; /* Bytes output by cryptlib enc/dec ops */
int reqAttrib; /* Crypt required attributed */
CRYPT_ENVELOPE dataEnv; /* Envelope for enc/dec */
CRYPT_KEYSET keyset; /* GPG keyset */
CRYPT_CONTEXT symContext; /* Key context */
char label[100]; /* Private key label */
int labelLength; /* Length of label */
char passbuf[1024]; /* Buffer for GPG key passphrase */
struct termios ts, ots; /* Strutures for saving/modifying term attribs */
char *encDataPtr; /* Pointer to encrypted data */
int encDataSize; /* Size of encrypted data */
struct passwd *userInfo; /* Password info for input user */
int encFileFd; /* Destination (Encrypted) File Descriptor */
int encFileSize; /* Bytes of encrypted data */
char * encFilePtr; /* Pointer to enc text */
char *clrFilePtr; /* Pointer to clear text */
int clrFileSize; /* Bytes of clear text */
char *clrKeyPtr;
int clrKeySize;
struct stat encFileInfo;
uid = getuid();
pws = getpwuid(uid);
pwname = pws->pw_name;//get the user login name;
pwdir = pws->pw_dir;//get the user dir path
//Check arguments number
if (argc!=2) {
printf("slient exit\n");
exit (1);
}
//Get encrepted file
encFile = malloc(strlen(argv[1]) + 4);
strcpy(encFile, argv[1]);
strcat(encFile, ".enc");
//Get gpg encrepted key name
encKey = malloc(strlen(encFile) + strlen(pwname) +5 );
strcpy(encKey,encFile);
strcat(encKey, ".");
strcat(encKey, pwname);
strcat(encKey, ".key");
//Open gpg encrepted key
encKeyFd=open(encKey, O_RDONLY);
if (encKeyFd<=0){perror("(2) open encKeyFd2");exit(encKeyFd);}
ret=fstat(encKeyFd,&fileStat);
if (ret!=0){perror("fstat encKeyFd");exit(ret);}
encKeySize=fileStat.st_size;
encKeyPtr=malloc(encKeySize);
if (encKeyPtr==NULL){perror("malloc encData");exit(__LINE__);}
ret=read(encKeyFd,encKeyPtr,encKeySize);
if (ret!=encKeySize){perror("read encData");exit(ret);}
close(encKeyFd);
//Get the private key name
gpgPrivateKeyPtr=malloc(strlen(pwdir)
+ strlen("/.gnupg/secring.gpg") + 1);
getPrivateKeyName(gpgPrivateKeyPtr,uid);
//Decrypt key
cryptInit();
ret=cryptAddRandom( NULL , CRYPT_RANDOM_SLOWPOLL);
checkCryptNormal(ret,"cryptAddRandom",__LINE__);
ret=cryptKeysetOpen(&keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, gpgPrivateKeyPtr, CRYPT_KEYOPT_READONLY);
free(gpgPrivateKeyPtr);
checkCryptNormal(ret,"cryptKeysetOpen",__LINE__);
ret=cryptCreateEnvelope(&dataEnv, CRYPT_UNUSED, CRYPT_FORMAT_AUTO);
checkCryptNormal(ret,"cryptCreateEnvelope",__LINE__);
ret=cryptSetAttribute(dataEnv, CRYPT_ENVINFO_KEYSET_DECRYPT, keyset);
checkCryptNormal(ret,"cryptSetAttribute",__LINE__);
ret=cryptPushData(dataEnv,encKeyPtr,encKeySize,&bytesCopied);
/* Expect non-zero return -- indicates need private key */
ret=cryptGetAttribute(dataEnv, CRYPT_ATTRIBUTE_CURRENT, &reqAttrib);
if (reqAttrib != CRYPT_ENVINFO_PRIVATEKEY)
{printf("Decrypt error\n");exit(ret);}
ret=cryptGetAttributeString(dataEnv, CRYPT_ENVINFO_PRIVATEKEY_LABEL, label, &labelLength);
label[labelLength]='\0';
checkCryptNormal(ret,"cryptGetAttributeString",__LINE__);
/*===============================================
Get the passphrase
===============================================
*/
tcgetattr(STDIN_FILENO, &ts);
ots = ts;
ts.c_lflag &= ~ECHO;
ts.c_lflag |= ECHONL;
tcsetattr(STDIN_FILENO, TCSAFLUSH, &ts);
tcgetattr(STDIN_FILENO, &ts);
if (ts.c_lflag & ECHO) {
fprintf(stderr, "Failed to turn off echo\n");
tcsetattr(STDIN_FILENO, TCSANOW, &ots);
exit(1);
}
printf("Enter password for <%s>: ",label);
fflush(stdout);
fgets(passbuf, 1024, stdin);
tcsetattr(STDIN_FILENO, TCSANOW, &ots);
ret=cryptSetAttributeString(dataEnv, CRYPT_ENVINFO_PASSWORD,
passbuf, strlen(passbuf)-1);
if (ret != CRYPT_OK) {
if (ret=CRYPT_ERROR_WRONGKEY) {
printf("Wrong Key\n");
exit(ret);
}else{
printf("cryptSetAttributeString line %d returned <%d>\n",__LINE__,ret);
exit(ret);
}
}
ret=cryptFlushData(dataEnv);
checkCryptNormal(ret,"cryptFlushData",__LINE__);
clrKeySize=KEYSIZE;
clrKeyPtr=malloc(clrKeySize);
if (clrKeyPtr==NULL){perror("malloc");exit(__LINE__);}
bzero(clrKeyPtr,clrKeySize);
ret=cryptPopData(dataEnv,clrKeyPtr,clrKeySize,&bytesCopied);
checkCryptNormal(ret,"cryptPopData",__LINE__);
ret=cryptDestroyEnvelope(dataEnv);
checkCryptNormal(ret,"cryptDestroyEnvelope",__LINE__);
cryptKeysetClose(keyset);
checkCryptNormal(ret,"cryptKeysetClose",__LINE__);
printf("Bytes decrypted <%d>\n",bytesCopied);
// for (i=0;i<bytesCopied;i++){printf("%c",clrKeyPtr[i]);}
ret=cryptEnd();
checkCryptNormal(ret,"cryptEnd",__LINE__);
//read enc file
encFileFd=open(encFile, O_RDONLY);
if (encFileFd<=0){perror("(2) open encFileFd1");exit(encFileFd);}
ret=fstat(encFileFd,&encFileInfo);
if (ret!=0){perror("fstat encFileFd");exit(ret);}
encFileSize=encFileInfo.st_size;
encFilePtr=malloc(encFileSize);
if (encFilePtr==NULL){perror("malloc encData");exit(__LINE__);}
ret=read(encFileFd,encFilePtr,encFileSize);
if (ret!=encFileSize){perror("read encData");exit(ret);}
close(encFileFd);
//Decrypt and get the content of decrepted file
cryptInit();
ret=cryptAddRandom( NULL , CRYPT_RANDOM_SLOWPOLL);
checkCryptNormal(ret,"cryptAddRandom",__LINE__);
cryptCreateEnvelope(&dataEnv, CRYPT_UNUSED, CRYPT_FORMAT_AUTO);
checkCryptNormal(ret,"cryptCreateEnvelope",__LINE__);
cryptPushData(dataEnv,encFilePtr,encFileSize,&bytesCopied);
checkCryptNormal(ret,"cryptPushData",__LINE__);
cryptCreateContext(&symContext,CRYPT_UNUSED,SYMMETRIC_ALG);
checkCryptNormal(ret,"cryptCreateContext",__LINE__);
cryptSetAttributeString(symContext, CRYPT_CTXINFO_KEY,clrKeyPtr,clrKeySize);
checkCryptNormal(ret,"cryptSetAttributeString",__LINE__);
cryptSetAttribute(dataEnv,CRYPT_ENVINFO_SESSIONKEY,symContext);
checkCryptNormal(ret,"cryptSetAttribute",__LINE__);
ret=cryptDestroyContext(symContext);
checkCryptNormal(ret,"cryptDestroyContext",__LINE__);
cryptFlushData(dataEnv);
clrFileSize=KEYSIZE+1028;
clrFilePtr=malloc(encDataSize);
ret=cryptPopData(dataEnv,clrFilePtr,clrFileSize,&bytesCopied);
checkCryptNormal(ret,"cryptPopData",__LINE__);
ret=cryptDestroyEnvelope(dataEnv);
checkCryptNormal(ret,"cryptDestroyEnvelope",__LINE__);
printf("<%d> bytes of decrypted data\n",bytesCopied);
for (i=0;i<bytesCopied;i++){printf("%c",clrFilePtr[i]);}
printf("\n");
fflush(stdout);
ret=cryptEnd();
checkCryptNormal(ret,"cryptEnd",__LINE__);
return 0;
}
main(int argc, char **argv){
int i; /* Loop iterator */
int ret; /* Return value */
int total; /* Total key bytes */
int bytesCopied; /* Bytes output by cryptlib enc/dec ops */
int urandFd; /* Pointer to /dev/urandom */
char *keyPtr; /* Pointer to key */
CRYPT_ENVELOPE dataEnv; /* Envelope for encrypt/decrypt */
CRYPT_CONTEXT symContext; /* Key context */
char *clrDataPtr; /* Pointer to clear text */
int clrDataSize; /* Bytes of clear text */
int clrDataFd; /* Pointer to clear text file */
struct stat clrDataFileInfo; /* fstat return for clear text file */
int encDataFd; /* Pointer to encrypted text file */
char *encDataPtr; /* Pointer to encrypted data */
int encDataSize; /* Buffer bytes availble for decrypt */
struct stat encDataFileInfo; /* fstat return for encrypted data file */
if (argc!=3) {printf("Wrong number of arguments\n");exit(__LINE__);}
/*==============================================
Cryptlib initialization
==============================================
*/
cryptInit();
ret=cryptAddRandom( NULL , CRYPT_RANDOM_SLOWPOLL);
checkCryptNormal(ret,"cryptAddRandom",__LINE__);
/*=============================================
Open DATAFILE and get data
=============================================
*/
clrDataFd=open(argv[1],O_RDONLY);
if (clrDataFd<=0){perror("open clrData");exit(clrDataFd);}
ret=fstat(clrDataFd,&clrDataFileInfo);
if (ret!=0){perror("fstat clrDataFd");exit(ret);}
clrDataSize=clrDataFileInfo.st_size;
clrDataPtr=malloc(clrDataFileInfo.st_size);
if (clrDataPtr==NULL){perror("malloc clrData");exit(__LINE__);}
ret=read(clrDataFd,clrDataPtr,clrDataSize);
if (ret!=clrDataSize){perror("read clrData");exit(ret);}
close(clrDataFd);
/*==============================================
(1) Generate the key
==============================================
*/
keyPtr=malloc(KEYSIZE);
if (keyPtr==NULL){perror("malloc keyPtr");exit(__LINE__);}
urandFd=open("/dev/urandom",O_RDONLY);
if (urandFd<=0){perror("open urandFd");exit(urandFd);}
total=0;ret=0;
while (total<KEYSIZE){
ret=read(urandFd,&keyPtr[total],KEYSIZE-total);total+=ret;
if (ret < 0){perror("read urand");exit(ret);}
}
close(urandFd);
/*==============================================
(2) Encrypt data from file with the key and
write it to output file.
==============================================
*/
ret=cryptCreateEnvelope(&dataEnv, CRYPT_UNUSED, CRYPT_FORMAT_CRYPTLIB);
checkCryptNormal(ret,"cryptCreateEnvelope",__LINE__);
ret=cryptCreateContext(&symContext, CRYPT_UNUSED, SYMMETRIC_ALG);
checkCryptNormal(ret,"cryptCreateContext",__LINE__);
ret=cryptSetAttributeString(symContext, CRYPT_CTXINFO_KEY,keyPtr,KEYSIZE);
checkCryptNormal(ret,"cryptSetAttributeString",__LINE__);
ret=cryptSetAttribute(dataEnv, CRYPT_ENVINFO_SESSIONKEY, symContext);
checkCryptNormal(ret,"cryptSetAttribute",__LINE__);
ret=cryptDestroyContext(symContext);
checkCryptNormal(ret,"cryptDestroyContext",__LINE__);
ret=cryptSetAttribute(dataEnv, CRYPT_ENVINFO_DATASIZE,
clrDataSize);
checkCryptNormal(ret,"cryptSetAttribute",__LINE__);
ret=cryptPushData(dataEnv,clrDataPtr,clrDataSize,&bytesCopied);
checkCryptNormal(ret,"cryptAddRandom",__LINE__);
cryptFlushData(dataEnv);
encDataSize=clrDataFileInfo.st_size+2048;
encDataPtr=malloc(encDataSize);
if (encDataPtr==NULL){perror("malloc encData");exit(__LINE__);}
ret=cryptPopData(dataEnv,encDataPtr,encDataSize,&bytesCopied);
checkCryptNormal(ret,"cryptPopData",__LINE__);
printf("<%d> bytes of encrypted data\n",bytesCopied);
ret=cryptDestroyEnvelope(dataEnv);
checkCryptNormal(ret,"cryptDestroyEnvelope",__LINE__);
encDataFd=open(argv[2],O_RDWR|O_CREAT|O_TRUNC,S_IRUSR|S_IWUSR);
if (encDataFd<=0){perror("open encDataFd");exit(encDataFd);}
ret=write(encDataFd,encDataPtr,bytesCopied);
if (ret!=bytesCopied){perror("write encData");exit(ret);}
close(encDataFd);
free(encDataPtr);
/*======================================================
Get decrypted data from file and write to stdout
======================================================
*/
encDataFd=open(argv[2],O_RDONLY);
if (encDataFd<=0){perror("(2) open encDataFd");exit(encDataFd);}
ret=fstat(encDataFd,&encDataFileInfo);
if (ret!=0){perror("fstat encDataFd");exit(ret);}
encDataSize=encDataFileInfo.st_size;
encDataPtr=malloc(encDataSize);
if (encDataPtr==NULL){perror("malloc encData");exit(__LINE__);}
ret=read(encDataFd,encDataPtr,encDataSize);
if (ret!=encDataSize){perror("read encData");exit(ret);}
close(encDataFd);
cryptCreateEnvelope(&dataEnv, CRYPT_UNUSED, CRYPT_FORMAT_AUTO);
checkCryptNormal(ret,"cryptCreateEnvelope",__LINE__);
cryptPushData(dataEnv,encDataPtr,encDataSize,&bytesCopied);
checkCryptNormal(ret,"cryptPushData",__LINE__);
cryptCreateContext(&symContext,CRYPT_UNUSED,SYMMETRIC_ALG);
checkCryptNormal(ret,"cryptCreateContext",__LINE__);
cryptSetAttributeString(symContext, CRYPT_CTXINFO_KEY,keyPtr,KEYSIZE);
checkCryptNormal(ret,"cryptSetAttributeString",__LINE__);
cryptSetAttribute(dataEnv,CRYPT_ENVINFO_SESSIONKEY,symContext);
checkCryptNormal(ret,"cryptSetAttribute",__LINE__);
ret=cryptDestroyContext(symContext);
checkCryptNormal(ret,"cryptDestroyContext",__LINE__);
cryptFlushData(dataEnv);
ret=cryptPopData(dataEnv,clrDataPtr,clrDataSize,&bytesCopied);
checkCryptNormal(ret,"cryptPopData",__LINE__);
ret=cryptDestroyEnvelope(dataEnv);
checkCryptNormal(ret,"cryptDestroyEnvelope",__LINE__);
printf("<%d> bytes of decrypted data\n",bytesCopied);
for (i=0;i<bytesCopied;i++){printf("%c",clrDataPtr[i]);}
printf("\n");
fflush(stdout);
ret=cryptEnd();
checkCryptNormal(ret,"cryptEnd",__LINE__);
}
