bool AesCbcCipher::decrypt(const Vuc& in, Vuc& out)
{
// according to the openssl docs:
// the amount of data written may be as large as (in.size() + cipher_block_size - 1)
size_t outSize = in.size() + AES_BLOCK_SIZE - 1;
// the output buffer must also be a multiple of blocksize
if ((outSize % AES_BLOCK_SIZE) != 0)
outSize = ((outSize / AES_BLOCK_SIZE) + 1) * AES_BLOCK_SIZE;
out.resize(outSize, 0);
// init the cipher; must keep track of the number of bytes produced
ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free> ctx(EVP_CIPHER_CTX_new());
EVP_DecryptInit(ctx.get(), getCipher(), &key_[0], &iv_[0]);
// do the decrypt
int nBytes = 0;
EVP_DecryptUpdate(ctx.get(), &out[0], &nBytes, &in[0], in.size());
int nTotalBytes = nBytes;
if (!EVP_DecryptFinal(ctx.get(), &out[nBytes], &nBytes))
return false; // padding incorrect
nTotalBytes += nBytes;
// the actual output size is in nTotalBytes
assert(nTotalBytes);
Vuc(out.begin(), out.begin()+nTotalBytes).swap(out); // shrink to fit
return true;
}
JNIEXPORT jlong JNICALL Java_com_intel_diceros_crypto_engines_AESOpensslEngine_initWorkingKey(
JNIEnv *env, jobject object, jbyteArray key, jboolean forEncryption,
jint mode, jint padding, jbyteArray IV, jlong cipherContext) {
CipherContext* cipherCtx = (CipherContext*) cipherContext;
cipherCtx = preInitContext(env, cipherCtx, mode, key, IV);
(*env)->GetByteArrayRegion(env, key, 0, cipherCtx->keyLength, cipherCtx->key);
(*env)->GetByteArrayRegion(env, IV, 0, cipherCtx->ivLength, cipherCtx->iv);
cryptInit cryptInitFunc = getCryptInitFunc(forEncryption);
EVP_CIPHER* cipher = getCipher(mode, cipherCtx->keyLength);
if (cipher != NULL) {
cryptInitFunc(cipherCtx->opensslCtx, cipher, NULL,
(unsigned char *) cipherCtx->key, (unsigned char *) cipherCtx->iv);
} else {
THROW(env, "java/lang/IllegalArgumentException", "unsupportted mode or key size");
}
if (padding == PADDING_NOPADDING) {
EVP_CIPHER_CTX_set_padding(cipherCtx->opensslCtx, 0);
} else if (padding == PADDING_PKCS5PADDING) {
EVP_CIPHER_CTX_set_padding(cipherCtx->opensslCtx, 1);
}
return (long) cipherCtx;
}
bool AlgorithmName::getCipher(WideString& cipher) const
{
std::string temp;
if(getCipher(temp))
{
cipher = TextConvert::NarrowToWide(temp);
return true;
}
cipher = L"";
return false;
}
AlgorithmName::AlgorithmName(const WideString& algorithm, bool cipherOnly)
: m_normal(TextConvert::WideToNarrow(normalizeAlgorithm(algorithm)))
{
ASSERT( !algorithm.empty() );
// We'd prefer to throw in the ctor, but its a limitation, not a feature!
// Actually, we need to narmalize first (in case of throw), so maybe it is a feature.
NarrowString cipher;
getCipher(cipher);
if(cipherOnly && m_normal != cipher)
throw NoSuchAlgorithmException(m_normal + " not available");
}
int encryptM(void)
{
int cnt = 0;
char buffer[MAXWORDLENGHT];
int i = 0;
while(fgets(buffer,MAXWORDLENGHT,stdin) != NULL && i > -1)
{
i = 0;
while(i < MAXWORDLENGHT && buffer[i] != '\n' && buffer[i] != EOF && buffer[i] != '\0'){
(void) fputs(getCipher(buffer[i]), stdout);
if(i % 10 == 0){
(void) fputs(".", stdout);
}else{
(void) fputs(" ", stdout);}
i++;
}
//reads until EOF or ENTER-key Pressed
if( buffer[i] == '\n' || buffer[i] == EOF)
{
i = -1;
}
}
return cnt;
}
// Encryption functions
bool BotanSymmetricAlgorithm::encryptInit(const SymmetricKey* key, const std::string mode /* = "cbc" */, const ByteString& IV /* = ByteString()*/, bool padding /* = true */)
{
// Call the superclass initialiser
if (!SymmetricAlgorithm::encryptInit(key, mode, IV, padding))
{
return false;
}
// Check the IV
if ((IV.size() > 0) && (IV.size() != getBlockSize()))
{
ERROR_MSG("Invalid IV size (%d bytes, expected %d bytes)", IV.size(), getBlockSize());
ByteString dummy;
SymmetricAlgorithm::encryptFinal(dummy);
return false;
}
ByteString iv;
if (IV.size() > 0)
{
iv = IV;
}
else
{
iv.wipe(getBlockSize());
}
// Set the padding mode (PCKS7 or NoPadding)
if (padding)
{
currentPaddingMode = "PKCS7";
}
else
{
currentPaddingMode = "NoPadding";
}
// Determine the cipher
std::string cipherName = getCipher();
if (cipherName == "")
{
ERROR_MSG("Invalid encryption cipher");
ByteString dummy;
SymmetricAlgorithm::encryptFinal(dummy);
return false;
}
// Allocate the context
try
{
Botan::SymmetricKey botanKey = Botan::SymmetricKey(key->getKeyBits().const_byte_str(), key->getKeyBits().size());
Botan::InitializationVector botanIV = Botan::InitializationVector(IV.const_byte_str(), IV.size());
if (mode == "ecb")
{
cryption = new Botan::Pipe(Botan::get_cipher(cipherName, botanKey, Botan::ENCRYPTION));
}
else
{
cryption = new Botan::Pipe(Botan::get_cipher(cipherName, botanKey, botanIV, Botan::ENCRYPTION));
}
cryption->start_msg();
}
catch (...)
{
ERROR_MSG("Failed to create the encryption token");
ByteString dummy;
SymmetricAlgorithm::encryptFinal(dummy);
delete cryption;
cryption = NULL;
return false;
}
return true;
}
std::string ServerBase::decryptMessage( const std::string& key, const char* message, int length )
{
m_cryptBuffer.resize(length,0);
getCipher().decrypt(&m_cryptBuffer[0],message,length,key);
return std::string(&m_cryptBuffer[0]);
}
