/** Decrypt a buffer. * @param cipher cipher ID * @param enc encrypted buffer * @param enc_size number of bytes in @p enc * @param plain on return contains plain text data * @param plain_size size in bytes of @p plain * @return number of bytes that were in the encrypted buffer (this can be shorter if the data * did not exactly fit the AES block size. */ size_t BufferDecryptor::decrypt(int cipher, const void *enc, size_t enc_size, void *plain, size_t plain_size) { #ifdef HAVE_LIBCRYPTO if (keys_.find(cipher) == keys_.end()) { generate_key(cipher); } const EVP_CIPHER *evp_cipher = cipher_by_id(cipher); const size_t iv_size = EVP_CIPHER_iv_length(evp_cipher); const unsigned char *iv = (const unsigned char *)enc; unsigned char *enc_m = (unsigned char *)enc + iv_size; enc_size -= iv_size; EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); if ( ! EVP_DecryptInit(ctx, evp_cipher, (const unsigned char *)keys_[cipher].c_str(), iv)) { EVP_CIPHER_CTX_free(ctx); throw std::runtime_error("Could not initialize cipher context"); } int outl = plain_size; if ( ! EVP_DecryptUpdate(ctx, (unsigned char *)plain, &outl, enc_m, enc_size)) { EVP_CIPHER_CTX_free(ctx); throw std::runtime_error("DecryptUpdate failed"); } int plen = 0; if ( ! EVP_DecryptFinal(ctx, (unsigned char *)plain + outl, &plen) ) { EVP_CIPHER_CTX_free(ctx); throw std::runtime_error("DecryptFinal failed"); } outl += plen; EVP_CIPHER_CTX_free(ctx); return outl; #else throw std::runtime_error("Decryption support not available"); #endif }
int spider_decrypt(void) { unsigned char outbuf[LOG_MAX]; int olen,tlen,n; char inbuff[LOG_MAX + EVP_MAX_BLOCK_LENGTH]; char baz[LOG_MAX + EVP_MAX_BLOCK_LENGTH]; EVP_CIPHER_CTX ctx; int i; // hmmm. how are we going to chop this back into lines and populate // the log array? if (logfp) { fclose(logfp); } logfp = fopen(LogPath, "rb"); if (logfp == NULL) { fprintf(stderr, "logfp: %s\n", strerror(errno)); exit(1); } EVP_CIPHER_CTX_init(&ctx); EVP_DecryptInit(&ctx, EVP_bf_cbc(), KEY, IV); while ((n = fread(inbuff, 1, LOG_MAX + EVP_MAX_BLOCK_LENGTH, logfp)) > 0) { if (EVP_DecryptUpdate(&ctx, outbuf, &olen, inbuff, n) != 1) { return 0; } snprintf(baz, olen+1, "%s", outbuf); bzero(&inbuff, LOG_MAX + EVP_MAX_BLOCK_LENGTH); } if ((i = EVP_DecryptFinal(&ctx, outbuf+olen, &tlen)) != 1) { return 0; } bzero(baz, sizeof(baz)); snprintf(baz, tlen+1, "%s", outbuf+olen); printf("%s", baz); EVP_CIPHER_CTX_cleanup(&ctx); return 1; }
static int EVP_Update_loop(void *args) { loopargs_t *tempargs = *(loopargs_t **)args; unsigned char *buf = tempargs->buf; EVP_CIPHER_CTX *ctx = tempargs->ctx; int outl, count; if (decrypt) for (count = 0; COND(nb_iter); count++) EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); else for (count = 0; COND(nb_iter); count++) EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); if (decrypt) EVP_DecryptFinal_ex(ctx, buf, &outl); else EVP_EncryptFinal_ex(ctx, buf, &outl); return count; }
int decrypt_file(const char *path, const char *fileName, unsigned char *key) { int outlen, inlen; FILE *file, *temp; file = fopen(fileName,"r+b"); if(file == NULL) { return -2; } char tempName[PATH_SIZE]; cnct(path,"TemP.TemP",tempName); temp = fopen(tempName,"wb"); unsigned char iv[8] = "DAJ-7l2"; /* вектор инициализации */ unsigned char inbuf[BUF_SIZE], outbuf[BUF_SIZE]; EVP_CIPHER_CTX ctx; const EVP_CIPHER * cipher; EVP_CIPHER_CTX_init(&ctx); cipher = EVP_bf_cbc(); EVP_DecryptInit(&ctx, cipher, key, iv); while(1) { inlen = fread(inbuf, 1, BUF_SIZE, file); if(inlen <= 0) break; if(!EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen)) return 1; fwrite(outbuf, 1, outlen, temp); } if(!EVP_DecryptFinal(&ctx, outbuf, &outlen)) return 1; fwrite(outbuf, 1, outlen, temp); EVP_CIPHER_CTX_cleanup(&ctx); fclose(file); fclose(temp); remove(fileName); rename(tempName,fileName); return 0; }
int decrypt(const char *passphrase) { unsigned char key[EVP_MAX_KEY_LENGTH]; unsigned char iv[EVP_MAX_IV_LENGTH]; unsigned char salt[8] = {0}; unsigned char inbuf[256]; unsigned char outbuf[256 + EVP_MAX_BLOCK_LENGTH]; int nread, nwrite; int outlen; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); genKeyIV(0, passphrase, salt, key, iv); EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, iv); for (;;) { if ((nread = read(STDIN_FILENO, inbuf, 255)) < 0) { perror("Fail to read"); return -1; } else if (nread == 0) break; if (!EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, nread)) { fprintf(stderr, "Fail to EncryptUpdate!\n"); EVP_CIPHER_CTX_cleanup(&ctx); return -1; } if ((nwrite = write(STDOUT_FILENO, outbuf, outlen)) < 0) { perror("Fail to write"); return -1; } } if (!EVP_DecryptFinal_ex(&ctx, outbuf, &outlen)) { EVP_CIPHER_CTX_cleanup(&ctx); return -1; } if (write(STDOUT_FILENO, outbuf, outlen) < 0) { perror("Fail to write"); return -1; } EVP_CIPHER_CTX_cleanup(&ctx); return 0; }
int decrypt_str(unsigned char *buffer, const char *data, size_t dataLen, const char *key, size_t *outLen) { EVP_CIPHER_CTX *ctx; // TODO Bad unsigned char iv[16] = {0}; int outlen1, outlen2; if (!(ctx = EVP_CIPHER_CTX_new())) return 0; if (EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv) != 1) return 2; if (EVP_DecryptUpdate(ctx, buffer, &outlen1, data, dataLen) != 1) return 3; if (EVP_DecryptFinal_ex(ctx, buffer + outlen1, &outlen2) != 1) return 4; *outLen = outlen1 + outlen2; return 1; }
int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *iv, unsigned char *plaintext) { EVP_CIPHER_CTX *ctx; int len; int plaintext_len; /* Create and initialise the context */ if (!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); /* Initialise the decryption operation. IMPORTANT - ensure you use a key * and IV size appropriate for your cipher * In this example we are using 256 bit AES (i.e. a 256 bit key). The * IV size for *most* modes is the same as the block size. For AES this * is 128 bits */ if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) handleErrors(); /* Provide the message to be decrypted, and obtain the plaintext output. * EVP_DecryptUpdate can be called multiple times if necessary */ if (1 !=EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext,ciphertext_len)) handleErrors(); plaintext_len = len; /* Finalise the decryption. Further plaintext bytes may be written at * this stage. */ if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) handleErrors(); plaintext_len += len; /* Clean up */ EVP_CIPHER_CTX_free(ctx); return plaintext_len; }
int decrypt (int infd, int outfd) { unsigned char outbuf[IP_SIZE]; int olen, tlen, n; unsigned char inbuff[OP_SIZE]; EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); //EVP_CIPHER_CTX_init (ctx); EVP_DecryptInit (ctx, EVP_bf_cbc (), key, iv); for (;;) { bzero (&inbuff, OP_SIZE); if ((n = read (infd, inbuff, OP_SIZE)) == -1) { perror ("read error"); break; } else if (n == 0) break; bzero (&outbuf, IP_SIZE); if (EVP_DecryptUpdate (ctx, outbuf, &olen, inbuff, n) != 1) { printf ("error in decrypt update\n"); return 0; } if (EVP_DecryptFinal (ctx, outbuf + olen, &tlen) != 1) { printf ("error in decrypt final\n"); return 0; } olen += tlen; if ((n = write (outfd, outbuf, olen)) == -1) perror ("write error"); } //EVP_CIPHER_CTX_cleanup (ctx); return 1; }
size32_t aesDecrypt(MemoryBuffer &out, size32_t inSz, const void *inBytes, size32_t keyLen, const char *key, const char *iv) { if (0 == inSz) return 0; OwnedEVPCipherCtx ctx(EVP_CIPHER_CTX_new()); if (!ctx) throw makeEVPException(0, "Failed EVP_CIPHER_CTX_new"); const size32_t cipherBlockSz = 128; // from man page - "should have sufficient room for (inl + cipher_block_size) bytes unless the cipher block size is 1 in which case inl bytes is sufficient" size32_t outMaxSz = (cipherBlockSz==1) ? inSz : (inSz + cipherBlockSz/8); size32_t startSz = out.length(); byte *outPtr = (byte *)out.reserveTruncate(outMaxSz); /* Initialise the decryption operation. IMPORTANT - ensure you use a key * and IV size appropriate for your cipher * In this example we are using 256 bit AES (i.e. a 256 bit key). The * IV size for *most* modes is the same as the block size. For AES this * is 128 bits * */ if (!iv) iv = staticAesIV; if (1 != EVP_DecryptInit_ex(ctx, getAesCipher(keyLen), nullptr, (const unsigned char *)key, (const unsigned char *)iv)) throw makeEVPException(0, "Failed EVP_DecryptInit_ex"); /* Provide the message to be decrypted, and obtain the plaintext output. * EVP_DecryptUpdate can be called multiple times if necessary */ int outSz; if (1 != EVP_DecryptUpdate(ctx, outPtr, &outSz, (const unsigned char *)inBytes, inSz)) throw makeEVPException(0, "Failed EVP_DecryptUpdate"); int plaintext_len = outSz; /* Finalise the decryption. Further plaintext bytes may be written at * this stage. */ if (1 != EVP_DecryptFinal_ex(ctx, outPtr + outSz, &outSz)) throw makeEVPException(0, "Failed EVP_DecryptFinal_ex"); plaintext_len += outSz; out.setLength(startSz+plaintext_len); // truncate length of 'out' to final size return (size32_t)plaintext_len; }
//The partner decryption function to above unsigned char *blowfish_dec(unsigned char *key, unsigned char* data, int size) { unsigned char* out = malloc(size); int outlen; int tmplen; unsigned char iv[] = {0}; //TODO maybe not this? EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); EVP_DecryptInit_ex(&ctx, EVP_bf_ecb(), NULL, key, iv); EVP_CIPHER_CTX_set_padding(&ctx, 0); EVP_DecryptUpdate(&ctx, out, &outlen, data, size); if(!EVP_DecryptFinal_ex(&ctx, out + outlen, &tmplen)) { ssl_error("Didn't do decrypt final"); } outlen += tmplen; EVP_CIPHER_CTX_cleanup(&ctx); return out; }
array::array* aes_decrypt(array::array* data, array::array* iv, array::array* key) { byte* ivec = new byte[iv->length]; memcpy(ivec, iv->data, iv->length); byte* outdata = new byte[data->length * 2]; int outLen1 = 0, outLen2 = 0; EVP_CIPHER_CTX ctx; EVP_DecryptInit(&ctx,EVP_aes_256_cbc(),key->data,ivec); EVP_DecryptUpdate(&ctx,outdata, &outLen1, data->data, data->length); EVP_DecryptFinal(&ctx,outdata + outLen1, &outLen2); delete[] ivec; array::array* lol = array::create(outLen1 + outLen2, outdata); delete[] outdata; return lol; }
BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags) { BYTE* pPlainText; int cbOut, cbFinal; WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock; if (dwFlags != CRYPTPROTECTMEMORY_SAME_PROCESS) return FALSE; if (!g_ProtectedMemoryBlocks) return FALSE; pMemBlock = (WINPR_PROTECTED_MEMORY_BLOCK*) ListDictionary_GetItemValue(g_ProtectedMemoryBlocks, pData); if (!pMemBlock) return FALSE; /* AES Decryption */ cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1; pPlainText = (BYTE*) malloc(cbOut); EVP_DecryptInit_ex(&(pMemBlock->dec), NULL, NULL, NULL, NULL); EVP_DecryptUpdate(&(pMemBlock->dec), pPlainText, &cbOut, pMemBlock->pData, pMemBlock->cbData); EVP_DecryptFinal_ex(&(pMemBlock->dec), pPlainText + cbOut, &cbFinal); CopyMemory(pMemBlock->pData, pPlainText, pMemBlock->cbData); SecureZeroMemory(pPlainText, pMemBlock->cbData); free(pPlainText); ListDictionary_Remove(g_ProtectedMemoryBlocks, pData); /* AES Cleanup */ EVP_CIPHER_CTX_cleanup(&(pMemBlock->enc)); EVP_CIPHER_CTX_cleanup(&(pMemBlock->dec)); free(pMemBlock); return TRUE; }
static char * decipher_evp (const unsigned char *key, int keylen, const unsigned char *ciphertext, int cipherlen, const EVP_CIPHER *type, int *outlen, int ivsize) { unsigned char *outbuf; unsigned char *iv = NULL; unsigned long errcode; int outlen2; EVP_CIPHER_CTX a; EVP_CIPHER_CTX_init(&a); EVP_CIPHER_CTX_set_padding(&a, 0); if (ivsize > 0) iv = new_malloc(ivsize); outbuf = new_malloc(cipherlen + 1024); if (ivsize > 0) memcpy(iv, ciphertext, ivsize); EVP_DecryptInit_ex(&a, type, NULL, NULL, iv); EVP_CIPHER_CTX_set_key_length(&a, keylen); EVP_CIPHER_CTX_set_padding(&a, 0); EVP_DecryptInit_ex(&a, NULL, NULL, key, NULL); if (EVP_DecryptUpdate(&a, outbuf, outlen, ciphertext, cipherlen) != 1) yell("EVP_DecryptUpdate died."); if (EVP_DecryptFinal_ex(&a, outbuf + (*outlen), &outlen2) != 1) yell("EVP_DecryptFinal_Ex died."); *outlen += outlen2; EVP_CIPHER_CTX_cleanup(&a); ERR_load_crypto_strings(); while ((errcode = ERR_get_error())) { char r[256]; ERR_error_string_n(errcode, r, 256); yell("ERROR: %s", r); } if (ivsize > 0) new_free(&iv); return outbuf; }
int decrypt_sym(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *iv, unsigned char *plaintext) { EVP_CIPHER_CTX *ctx; int len; int plaintext_len; if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) handleErrors(); if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) handleErrors(); plaintext_len = len; if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) handleErrors(); plaintext_len += len; EVP_CIPHER_CTX_free(ctx); return plaintext_len; }
/** * AES-ECB-PKCS5Padding解密 * * LUA示例: * local codec = require('codec') * local src = [[...]] --BASE64密文 * local key = [[...]] --16位数字串 * local bs = codec.base64_decode(src) * local dst = codec.aes_decrypt(bs, key) */ static int codec_aes_decrypt(lua_State *L) { size_t len; const char *src = luaL_checklstring(L, 1, &len); char *key = luaL_checkstring(L, 2); EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); int ret = EVP_DecryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL, (unsigned char *)key, NULL); if(ret != 1) { EVP_CIPHER_CTX_cleanup(&ctx); return luaL_error(L, "EVP decrypt init error"); } int n, wn; char dst[len]; memset(dst, 0, len); ret = EVP_DecryptUpdate(&ctx, (unsigned char *)dst, &wn, (unsigned char *)src, len); if(ret != 1) { EVP_CIPHER_CTX_cleanup(&ctx); return luaL_error(L, "EVP decrypt update error"); } n = wn; ret = EVP_DecryptFinal_ex(&ctx, (unsigned char *)(dst + n), &wn); if(ret != 1) { EVP_CIPHER_CTX_cleanup(&ctx); return luaL_error(L, "EVP decrypt final error"); } EVP_CIPHER_CTX_cleanup(&ctx); n += wn; lua_pushlstring(L, dst, n); return 1; }
int symmetric_decrypt(char* ciphertext, char* plaintext,char* key,int enctextsize) { int nc; /* amount of bytes [de]crypted at each step */ int nctot; /* total amount of encrypted bytes */ int pt_len; /* plain text size */ int ct_len; /* encrypted text size */ int ct_ptr; /* first available entry in the buffer */ int msg_len; /* message length */ int k_size; /* Context allocation */ EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX)); /* Context initialization */ EVP_CIPHER_CTX_init(ctx); /* Context setup for encryption */ EVP_DecryptInit(ctx, EVP_des_ecb(), NULL, NULL); /* Decryption key setup */ EVP_DecryptInit(ctx, NULL, key, NULL); /* Encryption */ nc = 0; nctot = 0; ct_ptr = 0; EVP_DecryptUpdate(ctx, &plaintext[ct_ptr], &nc, ciphertext, enctextsize); ct_ptr += nc; nctot += nc; EVP_DecryptFinal(ctx, &plaintext[ct_ptr], &nc); nctot += nc; return nctot; }
int aes_decrypt(EVP_CIPHER_CTX *d, int in,int out) { int inlen=0,flen=0,outlen=0; char inbuf[SIZE+AES_BLOCK_SIZE]; /****** CHECK ???? ****/ char outbuf[SIZE+AES_BLOCK_SIZE]; if(!EVP_DecryptInit_ex(d, NULL, NULL, NULL, NULL)) { perror("\n Eror in DECinit:"); return 1; } while((inlen = read(in,inbuf,SIZE)) >0) { if(!EVP_DecryptUpdate(d,(unsigned char*)outbuf, &outlen,(unsigned char*)inbuf,inlen)) { perror("\n Error,DECRYPT_UPDATE:"); return 1; } if((write(out,outbuf,outlen)) != outlen) { perror("\n ERROR,Writing dec bytes:"); return 1; } } if(!EVP_DecryptFinal_ex(d,(unsigned char*)outbuf,&flen)) { perror("\n Error,DECRYPT_FINAL:"); return 1; } if((write(out,outbuf,flen)) != flen) { perror("\n ERROR,Writng FINAL dec bytes:"); return 1; } return 0; }
int Crypt::dec_data(uint8_t *cipher_text, int cipher_text_len, uint8_t *plain_text, uint64_t k_nas_enc) { EVP_CIPHER_CTX *ctx; int len; int plain_text_len; if (!(ctx = EVP_CIPHER_CTX_new())) { handle_crypt_error(); } if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) { handle_crypt_error(); } if (1 != EVP_DecryptUpdate(ctx, plain_text, &len, cipher_text, cipher_text_len)) { handle_crypt_error(); } plain_text_len = len; if (1 != EVP_DecryptFinal_ex(ctx, plain_text + len, &len)) { handle_crypt_error(); } plain_text_len += len; EVP_CIPHER_CTX_free(ctx); return plain_text_len; }
bool RarVolume::DecryptBuf(const uint8 in[16], uint8 out[16]) { #ifdef HAVE_OPENSSL uint8 outbuf[32]; int outlen = 0; if (!EVP_DecryptUpdate((EVP_CIPHER_CTX*)m_context, outbuf, &outlen, in, 16)) return false; memcpy(out, outbuf + outlen, 16); debug("decrypted: %s", *Util::FormatBuffer((const char*)out, 16)); return true; #elif defined(HAVE_NETTLE) aes_decrypt((aes_ctx*)m_context, 16, out, in); for (int i = 0; i < 16; i++) { out[i] ^= m_decryptIV[i]; } memcpy(m_decryptIV, in, 16); debug("decrypted: %s", *Util::FormatBuffer((const char*)out, 16)); return true; #else return false; #endif }
/** * 功能描述:3DES解密 * @param pData:原始数据 * @param ilen: 原始数据长度 * @param ppDecryptData: 解密后数据 * @return -1: 失败, 其他: 解密数据长度 **/ int TripleDESDecrypt(const char* pData, int ilen, char** ppDecryptData) { /*密钥*/ unsigned char key[24] = {43,14,54,109,109,8,84,87,116,30,19,68,35,51,83,72,16,2,83,48,117,85,9,80}; /*初始化向量*/ unsigned char iv[8] = {111,121,47,42,75,34,33,124}; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); int rc = EVP_EncryptInit_ex(&ctx,EVP_des_ede3_cbc(),NULL,key,iv); if (rc != 1) { EVP_CIPHER_CTX_cleanup(&ctx); return -1; } int outlen = ilen + 1; *ppDecryptData = (char*)malloc(outlen); memset(*ppDecryptData, 0 , outlen); rc = EVP_DecryptUpdate(&ctx, (unsigned char*)(*ppDecryptData), &outlen, (unsigned char*)pData, ilen); if(rc != 1) { EVP_CIPHER_CTX_cleanup(&ctx); free(*ppDecryptData); return -1; } int outlentmp = 0; rc = EVP_DecryptFinal_ex(&ctx, (unsigned char*)(*ppDecryptData) + outlen,&outlentmp); if(rc != 1) { EVP_CIPHER_CTX_cleanup(&ctx); free(*ppDecryptData); return -1; } outlen += outlentmp; EVP_CIPHER_CTX_cleanup(&ctx); return outlen; }
int decrypt_data(const void *in, int inlen, void *out, int *outlen, const void *iv, const void *key) { int len; ERR_clear_error(); cryptutil_init(); /* In this we are using 256 bit AES (i.e. a 256 bit key). The * IV size for *most* modes is the same as the block size. For AES this * is 128 bits */ if(EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, iv) != 1) { log_crypt_err("Not able to initialize decrypt context for AES-256"); return 0; } /* Provide the cypher text to be decrypted, and obtain the plaintext output */ if(EVP_DecryptUpdate(&ctx, out, &len, in, inlen) != 1) { log_crypt_err("Not able to decrypt using AES-256"); return 0; } *outlen = len; /* Finalise the encryption. Further ciphertext bytes may be written at * this stage. */ if(EVP_DecryptFinal_ex(&ctx, out + len, &len) != 1) { log_crypt_err("Not able to finalize encryption using AES-256"); return 0; } *outlen += len; return 1; }
/** * @brief AES256 data decryption * @see el_aes256_create_key() * @see el_aes256_encrypt_data() * @param key The key generated by el_aes256_create_key() * @param out Output buffer containing the decrypted data * @param in Input buffer containing the encrypted data * @param in_len The size of encrypted data buffer * @return The size of decrypted data buffer (output) or -1 on error */ int el_aes256_decrypt_data( const unsigned char *key, unsigned char *out, const unsigned char *in, size_t in_len) { EVP_CIPHER_CTX e_ctx; unsigned char hmac[EVP_MAX_MD_SIZE]; unsigned int mdlen; int mlen, flen; const unsigned char *enctext = in + EVP_MAX_MD_SIZE + EVP_MAX_IV_LENGTH; const unsigned char *iv = in + EVP_MAX_MD_SIZE; if (!HMAC(EVP_sha256(), key, EVP_MAX_KEY_LENGTH, in + EVP_MAX_MD_SIZE, in_len - EVP_MAX_MD_SIZE, hmac, &mdlen)) return -1; /* Switch to constant-time comparison function */ if (memcmp(in, hmac, mdlen)) return -2; EVP_CIPHER_CTX_init(&e_ctx); if (!EVP_DecryptInit_ex(&e_ctx, EVP_aes_256_cbc(), NULL, key, iv)) { EVP_CIPHER_CTX_cleanup(&e_ctx); return -3; } if (!EVP_DecryptUpdate(&e_ctx, out, &mlen, enctext, in_len - EVP_MAX_MD_SIZE - EVP_MAX_IV_LENGTH)) { EVP_CIPHER_CTX_cleanup(&e_ctx); return -4; } EVP_DecryptFinal_ex(&e_ctx, out + mlen, &flen); EVP_CIPHER_CTX_cleanup(&e_ctx); return mlen + flen; }
static size_t decrypt_buffer(const unsigned char *buffer, size_t in_len, unsigned const char key[KDF_HASH_LEN], unsigned char **out) { EVP_CIPHER_CTX ctx; unsigned char *plaintext = NULL; int out_len; unsigned int hmac_len; size_t len; unsigned char hmac[SHA256_DIGEST_LENGTH]; EVP_CIPHER_CTX_init(&ctx); if (in_len < (SHA256_DIGEST_LENGTH + AES_BLOCK_SIZE * 2)) goto error; if (!HMAC(EVP_sha256(), key, KDF_HASH_LEN, (unsigned char *)(buffer + SHA256_DIGEST_LENGTH), in_len - SHA256_DIGEST_LENGTH, hmac, &hmac_len)) goto error; if (CRYPTO_memcmp(hmac, buffer, SHA256_DIGEST_LENGTH)) goto error; plaintext = xcalloc(in_len + AES_BLOCK_SIZE, 1); if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key, (unsigned char *)(buffer + SHA256_DIGEST_LENGTH))) goto error; if (!EVP_DecryptUpdate(&ctx, (unsigned char *)plaintext, &out_len, (unsigned char *)(buffer + SHA256_DIGEST_LENGTH + AES_BLOCK_SIZE), in_len - SHA256_DIGEST_LENGTH - AES_BLOCK_SIZE)) goto error; len = out_len; if (!EVP_DecryptFinal_ex(&ctx, (unsigned char *)(plaintext + out_len), &out_len)) goto error; len += out_len; EVP_CIPHER_CTX_cleanup(&ctx); *out = plaintext; return len; error: EVP_CIPHER_CTX_cleanup(&ctx); free(plaintext); *out = NULL; return 0; }
void decrypt(FILE *ifp, FILE *ofp, unsigned char ckey[]) { //Get file size fseek(ifp, 0L, SEEK_END); int fsize = ftell(ifp); //set back to normal fseek(ifp, 0L, SEEK_SET); int outLen1 = 0; int outLen2 = 0; unsigned char *indata = (unsigned char *)malloc(fsize); unsigned char *outdata = (unsigned char *)malloc(fsize); unsigned char ivec[] = "dontusethisinput"; //Read File fread(indata, sizeof(char), fsize, ifp);//Read Entire File //setup decryption EVP_CIPHER_CTX ctx; EVP_DecryptInit(&ctx, EVP_aes_128_cbc(), ckey, ivec); EVP_DecryptUpdate(&ctx, outdata, &outLen1, indata, fsize); EVP_DecryptFinal(&ctx, outdata + outLen1, &outLen2); fwrite(outdata, sizeof(char), outLen1 + outLen2, ofp); }
int s3fs::Crypto::decrypt_block(const unsigned char encrypted[], int inlen, unsigned char outbuf[]) { int outlen; int tmplen; EVP_CIPHER_CTX_init(&ctx); EVP_CIPHER_CTX_set_padding(&ctx, 1L); EVP_DecryptInit_ex(&ctx, EVP_aes_256_ctr(), NULL, key, iv); if(!EVP_DecryptUpdate(&ctx, outbuf, &outlen, encrypted, inlen)) { cerr << "An error has occurred while decrypting the encrypted text." << endl; EVP_CIPHER_CTX_cleanup(&ctx); } if(!EVP_DecryptFinal_ex(&ctx, outbuf + outlen, &tmplen)) { cerr << "An error has occurred while decrypting the encrypted text." << endl; EVP_CIPHER_CTX_cleanup(&ctx); } outlen += tmplen; EVP_CIPHER_CTX_cleanup(&ctx); return outlen; }
void decrypt(FILE *ifp, FILE *ofp, char ckey[], char ivec[]) { fseek(ifp, 0L, SEEK_END); int fsize = ftell(ifp); fseek(ifp, 0L, SEEK_SET); int outLen1 = 0; int outLen2 = 0; unsigned char *indata = malloc(fsize); unsigned char *outdata = malloc(fsize); fread(indata,sizeof(char),fsize, ifp);//Read Entire File EVP_CIPHER_CTX ctx; EVP_DecryptInit(&ctx,EVP_aes_128_cbc(),ckey,ivec); EVP_DecryptUpdate(&ctx,outdata,&outLen1,indata,fsize); EVP_DecryptFinal(&ctx,outdata + outLen1,&outLen2); fwrite(outdata,sizeof(char),outLen1 + outLen2,ofp); }
bool OldDecrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingMaterial& vchPlaintext, const unsigned char chKey[32], const unsigned char chIV[16]) { // plaintext will always be equal to or lesser than length of ciphertext int nLen = vchCiphertext.size(); int nPLen = nLen, nFLen = 0; vchPlaintext = CKeyingMaterial(nPLen); bool fOk = true; EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); assert(ctx); if (fOk) fOk = EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, chKey, chIV) != 0; if (fOk) fOk = EVP_DecryptUpdate(ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen) != 0; if (fOk) fOk = EVP_DecryptFinal_ex(ctx, (&vchPlaintext[0]) + nPLen, &nFLen) != 0; EVP_CIPHER_CTX_free(ctx); if (!fOk) return false; vchPlaintext.resize(nPLen + nFLen); return true; }
CK_RV PKCS11_Encryption_OpenSSL::DecryptUpdate(Cryptoki_Session_Context* pSessionCtx, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { OPENSSL_HEADER(); OpenSSLEncryptData *pDec; if(pSessionCtx == NULL || pSessionCtx->DecryptionCtx == NULL) return CKR_SESSION_CLOSED; pDec = (OpenSSLEncryptData*)pSessionCtx->DecryptionCtx; if(pDec->IsSymmetric) { int outLen = *pulPartLen; OPENSSL_CHECKRESULT(EVP_DecryptUpdate((EVP_CIPHER_CTX*)pDec->Key->ctx, pPart, &outLen, pEncryptedPart, ulEncryptedPartLen)); *pulPartLen = outLen; } else { size_t outLen = *pulPartLen; OPENSSL_CHECKRESULT(EVP_PKEY_decrypt((EVP_PKEY_CTX*)pDec->Key->ctx, pPart, &outLen, pEncryptedPart, ulEncryptedPartLen)); *pulPartLen = outLen; } OPENSSL_CLEANUP(); if(retVal != CKR_OK) { TINYCLR_SSL_FREE(pDec); pSessionCtx->DecryptionCtx = NULL; } OPENSSL_RETURN(); }
void openssl_evp_symcrypt() { EVP_CIPHER_CTX ctx; int i, len1 = 0, len2 = 0, len3 = 0; unsigned char outs[MAX1_LEN], des[MAX1_LEN]; unsigned char iv[EVP_MAX_KEY_LENGTH], key[EVP_MAX_KEY_LENGTH]; unsigned char msg[MAX1_LEN] = "openssl symmetric encrypt test"; for (i = 0; i < 24; i++) key[i] = i; for (i = 0; i < 8; i++) iv[i] = i; memset(des, 0, sizeof(des)); memset(outs, 0, sizeof(outs)); OpenSSL_add_all_algorithms(); EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit(&ctx, EVP_des_ede3_cbc(), key, iv); EVP_EncryptUpdate(&ctx, outs, &len1, msg, strlen((char *)msg)); EVP_EncryptFinal(&ctx, outs + len1, &len3); len1 = len1 + len3; printf("\nEVP_SYNEncry (%s) = ", msg); for (i = 0; i < len1; i++) printf("0x%.02x ", outs[i]); EVP_CIPHER_CTX_cleanup(&ctx); EVP_CIPHER_CTX_init(&ctx); EVP_DecryptInit(&ctx, EVP_des_ede3_cbc(), key, iv); EVP_DecryptUpdate(&ctx, des, &len2, outs, len1); EVP_DecryptFinal(&ctx, des + len2, &len3); len2 += len3; printf("\nEVP_SYNDecry ("); for (i = 0; i < len1; i++) printf("0x%.02x ", outs[i]); printf(") = %s\n", des); EVP_CIPHER_CTX_cleanup(&ctx); }
// ---------------------------------------------------------------------------- NetworkString* Crypto::decryptRecieve(ENetPacket* p) { int clen = (int)(p->dataLength - 8); auto ns = std::unique_ptr<NetworkString>(new NetworkString(p->data, clen)); std::array<uint8_t, 12> iv = {}; if (NetworkConfig::get()->isClient()) memcpy(iv.data() + 4, p->data, 4); else memcpy(iv.data(), p->data, 4); uint8_t* packet_start = p->data + 8; uint8_t* tag = p->data + 4; if (EVP_DecryptInit_ex(m_decrypt, NULL, NULL, NULL, iv.data()) != 1) { throw std::runtime_error("Failed to set IV."); } if (!EVP_CIPHER_CTX_ctrl(m_decrypt, EVP_CTRL_GCM_SET_TAG, 4, tag)) { throw std::runtime_error("Failed to set tag."); } int dlen; if (EVP_DecryptUpdate(m_decrypt, ns->m_buffer.data(), &dlen, packet_start, clen) != 1) { throw std::runtime_error("Failed to decrypt."); } if (EVP_DecryptFinal_ex(m_decrypt, unused_16_blocks.data(), &dlen) > 0) { assert(dlen == 0); NetworkString* result = ns.get(); ns.release(); return result; } throw std::runtime_error("Failed to finalize decryption."); } // decryptRecieve