/*
* CBC decryption routine
* size of 'input' has to be multiple of 16
* 'input' contains cleartext on exit
* 'iv' must hold the same 16 byte initialization vector
* that has been used to encrypt the cleartext
*/
int decryptCBC(unsigned char *input, int len, unsigned char *key, int klen,
unsigned char *iv)
{
int i;
unsigned char w[32 * 15] = {0};
unsigned char k[32] = {0};
unsigned char piv[16];
unsigned char tpiv[16];
if (input == 0 || key == 0 || iv == 0) {
return 0;
}
memcpy(piv, iv, 16);
memcpy(k, key, min(klen, 32));
KeyExpansion(k, w, 8);
for (i = 0; i < len; i += 16) {
int n;
memcpy(tpiv, &input[i], 16);
decryptBlock(&input[i], &input[i], w, 14);
for (n = 0; n < 16; n++) {
input[i+n] ^= piv[n];
}
memcpy(piv, tpiv, 16);
}
return 1;
}
//Decrypts cipher with AES cipher
void AES::decrypt(int keySize, uint64_t numBytes, uint8_t*& data, uint8_t* key) {
int size=numBytes-16; //don't worry about iv
uint8_t* decrypted=new uint8_t[size];
for(int i=0;i<size;i++) //copy over data
decrypted[i]=data[i+16];
uint8_t* expandedKey=expandKey(keySize,key); //generate expanded key
for(int i=0;i<(int) numBytes/16;i++) { //decrypt each block
decryptBlock(keySize,decrypted+i*16,expandedKey);
}
/*
int padding=decrypted[size-1]; //len of padding
uint8_t* unpadded=new uint8_t[numBytes-padding];
for(int i=0;i<(int)numBytes-padding;i++)
unpadded[i]=decrypted[i];
delete decrypted;
data=unpadded;*/
data=decrypted;
}
static int
doDecrypt(FILE *logfp, FILE *eifp, FILE *outfp)
{
off64_t blkEnd;
off64_t currOffs = 0;
int r = 1;
int fd;
struct stat buf;
while(1) {
/* process block */
if(initCrypt(eifp) != 0)
goto done;
/* set blkEnd to size of logfp and proceed. */
if((fd = fileno(logfp)) == -1) {
r = -1;
goto done;
}
if((r = fstat(fd, &buf)) != 0) goto done;
blkEnd = buf.st_size;
r = eiGetEND(eifp, &blkEnd);
if(r != 0 && r != 1) goto done;
decryptBlock(logfp, outfp, blkEnd, &currOffs);
gcry_cipher_close(gcry_chd);
}
r = 0;
done: return r;
}
u_char * Blowfish::decode(const u_char *message, u_int Size)
{
u_int resSize = Size;
u_char* result = new u_char[resSize];
for (u_int i = 0; i < Size; i++)
result[i] = message[i];
for (u_int i = 0; i < resSize; i += 8)
{
decryptBlock((u_int*)(result+i), (u_int*)(result+i+4));
}
return result;
}
static int
doDecrypt(FILE *logfp, FILE *eifp, FILE *outfp)
{
off64_t blkEnd;
off64_t currOffs = 0;
int r;
while(1) {
/* process block */
if(initCrypt(eifp) != 0)
goto done;
if((r = eiGetEND(eifp, &blkEnd)) != 0) goto done;
decryptBlock(logfp, outfp, blkEnd, &currOffs);
gcry_cipher_close(gcry_chd);
}
r = 0;
done: return r;
}
/*
* ECB decryption routine
* size of 'input' has to be multiple of 16
* 'input' contains cleartext on exit
*/
int decrypt(unsigned char *input, int len, unsigned char *key, int klen)
{
int i;
unsigned char w[32 * 15] = {0};
unsigned char k[32] = {0};
if (input == 0 || key == 0) {
return 0;
}
memcpy(k, key, min(klen, 32));
KeyExpansion(k, w, 8);
for (i = 0; i < len; i += 16) {
decryptBlock(&input[i], &input[i], w, 14);
}
return 1;
}
//Decrypts stream with AES cipher
void AES::decryptStream (int keySize, std::istream* in, std::ostream* out, uint8_t* key) {
uint8_t* expandedKey=expandKey(keySize,key); //generate expanded key
uint8_t block[16];
in->read((char*)block,16); //skips first 16 bytes of iv
while(!in->eof()) {
in->read((char*)block,16);
decryptBlock(keySize,block,expandedKey);
in->get(); //check if next is eof
if(!in->eof()) {
out->write((char*)block,16);
}
else {
out->write((char*)block,16-block[15]);
}
in->unget(); //go back
}
}
QString QtAes::decrypt(const QString &input) const
{
// from base64
QByteArray base64Array;
base64Array.append(input);
QByteArray inArray = QByteArray::fromBase64(base64Array);
// decrypt every block
QByteArray outArray;
const unsigned char *inbuffer = (const unsigned char *)inArray.data();
int remain = inArray.length();
while(remain > 0) {
decryptBlock(inbuffer, outArray);
remain -= AES_BLOCK_SIZE;
inbuffer += AES_BLOCK_SIZE;
}
// DONE
return QString::fromUtf8(outArray);
}
void PayloadConfidentialBlock::decrypt(dtn::data::Bundle& bundle, const dtn::security::SecurityKey &long_key)
{
// list of block to delete if the process is successful
std::list<const dtn::data::Block*> erasure_list;
// load the RSA key
RSA *rsa_key = long_key.getRSA();
try {
// array for the current symmetric AES key
unsigned char key[ibrcommon::AES128Stream::key_size_in_bytes];
// correlator of the first PCB
dtn::data::Number correlator = 0;
bool decrypt_related = false;
// iterate through all blocks
for (dtn::data::Bundle::iterator it = bundle.begin(); it != bundle.end(); ++it)
{
try {
dynamic_cast<const PayloadIntegrityBlock&>(**it);
// add this block to the erasure list for later deletion
erasure_list.push_back(&**it);
} catch (const std::bad_cast&) { };
try {
const PayloadConfidentialBlock &pcb = dynamic_cast<const PayloadConfidentialBlock&>(**it);
// get salt and key
uint32_t salt = getSalt(pcb._ciphersuite_params);
// decrypt related blocks
if (decrypt_related)
{
// try to decrypt the block
try {
decryptBlock(bundle, it, salt, key);
// success! add this block to the erasue list
erasure_list.push_back(&**it);
} catch (const ibrcommon::Exception&) {
IBRCOMMON_LOGGER_TAG("PayloadConfidentialBlock", critical) << "tag verfication failed, reversing decryption..." << IBRCOMMON_LOGGER_ENDL;
decryptBlock(bundle, it, salt, key);
// abort the decryption and discard the bundle?
throw ibrcommon::Exception("decrypt of correlated block reversed, tag verfication failed");
}
}
// if security destination does match the key, then try to decrypt the payload
else if (pcb.isSecurityDestination(bundle, long_key.reference) &&
(pcb._ciphersuite_id == SecurityBlock::PCB_RSA_AES128_PAYLOAD_PIB_PCB))
{
// try to decrypt the symmetric AES key
if (!getKey(pcb._ciphersuite_params, key, ibrcommon::AES128Stream::key_size_in_bytes, rsa_key))
{
IBRCOMMON_LOGGER_TAG("PayloadConfidentialBlock", critical) << "could not get symmetric key decrypted" << IBRCOMMON_LOGGER_ENDL;
throw ibrcommon::Exception("decrypt failed - could not get symmetric key decrypted");
}
// try to decrypt the payload
if (!decryptPayload(bundle, key, salt))
{
// reverse decryption
IBRCOMMON_LOGGER_TAG("PayloadConfidentialBlock", critical) << "tag verfication failed, reversing decryption..." << IBRCOMMON_LOGGER_ENDL;
decryptPayload(bundle, key, salt);
throw ibrcommon::Exception("decrypt reversed - tag verfication failed");
}
// success! add this block to the erasue list
erasure_list.push_back(&**it);
// check if first PCB has a correlator
if (pcb._ciphersuite_flags & CONTAINS_CORRELATOR)
{
// ... and decrypt all correlated block with the same key
decrypt_related = true;
// store the correlator
correlator = pcb._correlator;
}
else
{
// no correlated blocks should exists
// stop here with decryption
break;
}
}
else
{
// exit here, because we can not decrypt the first PCB.
throw ibrcommon::Exception("unable to decrypt the first PCB");
}
} catch (const std::bad_cast&) { };
}
// delete all block in the erasure list
for (std::list<const dtn::data::Block* >::const_iterator it = erasure_list.begin(); it != erasure_list.end(); ++it)
{
bundle.remove(**it);
}
} catch (const std::exception&) {
long_key.free(rsa_key);
throw;
}
long_key.free(rsa_key);
}
