lob_t local_decrypt(local_t local, lob_t outer) { uint8_t secret[crypto_box_BEFORENMBYTES]; lob_t inner, tmp; // * `KEY` - 32 bytes, the sending exchange's ephemeral public key // * `NONCE` - 24 bytes, randomly generated // * `CIPHERTEXT` - the inner packet bytes encrypted using secretbox() using the `NONCE` as the nonce and the shared secret (derived from the recipients endpoint key and the included ephemeral key) as the key // * `AUTH` - 16 bytes, the calculated onetimeauth(`KEY` + `INNER`, SHA256(`NONCE` + secret)) using the shared secret derived from both endpoint keys, the hashing is to minimize the chance that the same key input is ever used twice if(outer->body_len <= (32+24+crypto_secretbox_MACBYTES+16)) return NULL; tmp = lob_new(); if(!lob_body(tmp,NULL,outer->body_len-(32+24+crypto_secretbox_MACBYTES+16))) return lob_free(tmp); // get the shared secret crypto_box_beforenm(secret, outer->body, local->secret); // decrypt the inner if(crypto_secretbox_open_easy(tmp->body, outer->body+32+24, tmp->body_len+crypto_secretbox_MACBYTES, outer->body+32, secret) != 0) return lob_free(tmp); // load inner packet inner = lob_parse(tmp->body,tmp->body_len); lob_free(tmp); return inner; }
/* * Function: decrypt_file * ---------------------- * Decrypt a file by reading in chunks of data, decrypting those chunks, and * writing the decrypted chunks to a new file. */ result decrypt_file(char *efname, char *pfname, unsigned char *k) { size_t rsize; size_t wsize; size_t r; unsigned char ebuf[BUFBYTES + MACBYTES]; unsigned char pbuf[BUFBYTES]; unsigned char n[NONCEBYTES]; FILE *pfile; FILE *efile; pfile = open_file(pfname, "wb"); if (pfile == NULL) { return FAIL; } efile = open_file(efname, "rb"); if (efile == NULL) { fclose(pfile); return FAIL; } // Read the nonce from the file. rsize = fread(n, sizeof(char), NONCEBYTES, efile); if (rsize != NONCEBYTES) { fprintf(stderr, "Could not read nonce from file.\n"); fclose(pfile); fclose(efile); return FAIL; } // Decrypt the data in the file in chunks. while (feof(efile) == 0) { rsize = fread(ebuf, sizeof(char), BUFBYTES + MACBYTES, efile); r = crypto_secretbox_open_easy(pbuf, ebuf, rsize, n, k); if (r != 0) { fprintf(stderr, "Could not decrypt data.\n"); fclose(pfile); fclose(efile); return FAIL; } // The decrypted bytes no longer include the MAC bytes. wsize = fwrite(pbuf, sizeof(char), rsize - MACBYTES, pfile); if (wsize <= 0) { fprintf(stderr, "Could not write decrypted data to file.\n"); fclose(pfile); fclose(efile); return FAIL; } } fclose(pfile); fclose(efile); return SUCCESS; }
lob_t ephemeral_decrypt(ephemeral_t ephem, lob_t outer) { crypto_secretbox_open_easy(outer->body+16+24, outer->body+16+24, outer->body_len-(16+24), outer->body+16, ephem->deckey); return lob_parse(outer->body+16+24, outer->body_len-(16+24+crypto_secretbox_MACBYTES)); }
bool Decrypt( const uint8_t * encryptedMessage, int encryptedMessageLength, uint8_t * decryptedMessage, int & decryptedMessageLength, const uint8_t * nonce, const uint8_t * key ) { uint8_t actual_nonce[crypto_secretbox_NONCEBYTES]; memset( actual_nonce, 0, sizeof( actual_nonce ) ); memcpy( actual_nonce, nonce, NonceBytes ); if ( crypto_secretbox_open_easy( decryptedMessage, encryptedMessage, encryptedMessageLength, actual_nonce, key ) != 0 ) return false; decryptedMessageLength = encryptedMessageLength - MacBytes; return true; }
static int luasymmetric_decrypt( lua_State * const L ) { size_t ciphertext_len; size_t key_len; const char * const ciphertext = luaL_checklstring( L, 1, &ciphertext_len ); const char * const key = luaL_checklstring( L, 2, &key_len ); if( key_len != crypto_secretbox_KEYBYTES ) { lua_pushliteral( L, "key should be " stringify( crypto_secretbox_KEYBYTES ) " bytes" ); return lua_error( L ); } if( ciphertext_len < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES ) { lua_pushnil( L ); return 1; } const size_t message_len = ciphertext_len - crypto_secretbox_NONCEBYTES - crypto_secretbox_MACBYTES; char * const message = malloc( message_len ); if( message == NULL ) { lua_pushliteral( L, "out of memory" ); return lua_error( L ); } const int ok = crypto_secretbox_open_easy( message, ciphertext + crypto_secretbox_NONCEBYTES, ciphertext_len - crypto_secretbox_NONCEBYTES, ciphertext, key ); if( ok == 0 ) { lua_pushlstring( L, message, message_len ); } else { lua_pushnil( L ); } explicit_bzero( message, message_len ); free( message ); return 1; }
int shick_crypto_dec_message(const SC_CHAR recipient_secret_key[crypto_box_SECRETKEYBYTES], const SC_CHAR sender_public_key[crypto_box_PUBLICKEYBYTES], const SC_ENC_SYM_KEY encrypted_symmetric_key, const SC_CHAR* ciphertext, const SC_LEN ciphertext_len, const SC_CHAR nonce[crypto_box_NONCEBYTES], SC_CHAR* message) { int failed = 0; SC_CHAR buffer[sizeof(SC_SYM_KEY)]; SC_SYM_KEY* sym_key; // Decrypt symmetric key failed = crypto_box_open_easy(buffer, (SC_CHAR*) &encrypted_symmetric_key, sizeof encrypted_symmetric_key, nonce, sender_public_key, recipient_secret_key); if (failed) return SC_DEC_ASYM_FAILED; // Decrypt message with symmetric key sym_key = (SC_SYM_KEY*) buffer; failed = crypto_secretbox_open_easy(message, ciphertext, ciphertext_len, sym_key->nonce, sym_key->key); if (failed) return SC_DEC_SYM_FAILED; return 0; }
BOOL SodiumDecryptFile(LPTSTR password) { ULONG numread; BOOL bErrorFlag; HLOCAL hFileBuffer = NULL; HLOCAL hCipherBuffer = NULL; YENCFILE encFileStrct; if (SetFilePointer(hFileIn, 0, NULL, FILE_BEGIN) == INVALID_SET_FILE_POINTER) { MessageBox(NULL, L"Cannot set file pointer", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } if (!ReadFile(hFileIn, &encFileStrct, sizeof(YENCFILE), &numread, NULL)) { MessageBox(NULL, L"Cannot read file into memory", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } if (sodium_memcmp(encFileStrct.cbSignature, pszSignature, MAX_SIGNATURE)) { MessageBox(NULL, L"This is not an encrypted file", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } if (encFileStrct.algorithm != YC_SCRYPT_SALSA_POLY) { MessageBox(NULL, L"Encryption method not available", L"Decryption error", MB_ICONEXCLAMATION); bErrorFlag = FALSE; goto dec_exit_on_failure; } hCipherBuffer = LocalAlloc(LPTR, (encFileStrct.rawSize + crypto_secretbox_MACBYTES) * sizeof(BYTE)); if (!hCipherBuffer) { MessageBox(NULL, L"Cannot allocate memory", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } if (!ReadFile(hFileIn, hCipherBuffer, encFileStrct.rawSize + crypto_secretbox_MACBYTES, &numread, NULL)) { MessageBox(NULL, L"Cannot read file into memory", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } // For now read byes must equal filesize assert((encFileStrct.rawSize + crypto_secretbox_MACBYTES) == numread); // Wide password to multibyte password size_t nConvChars; char c_szPassword[100]; //TODO This might not be enough wcstombs_s(&nConvChars, c_szPassword, password, wcslen(password) + 1); // DERIVE KEY BYTE key[crypto_secretbox_KEYBYTES]; if (crypto_pwhash_scryptsalsa208sha256(key, crypto_secretbox_KEYBYTES, c_szPassword, strlen(c_szPassword), encFileStrct.cbPasswordSalt, encFileStrct.dwOps, encFileStrct.dwMemory) != 0) { MessageBox(NULL, L"Operation takes too much system resources", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } hFileBuffer = LocalAlloc(LPTR, encFileStrct.rawSize * sizeof(char)); if (!hFileBuffer) { MessageBox(NULL, L"Cannot allocate memory", L"Encryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } if (crypto_secretbox_open_easy((LPBYTE)hFileBuffer, (LPBYTE)hCipherBuffer, encFileStrct.rawSize + crypto_secretbox_MACBYTES, encFileStrct.cbNonce, key) != 0) { MessageBox(NULL, L"Decryption failed, please try again", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } LPCWSTR szOriginalFileName = fileNameStripExt(szFile); // WRITE HANDLE hFileOut = CreateFile( szOriginalFileName, // Name of the write GENERIC_WRITE, // Open for writing 0, // Do not share NULL, // Default security CREATE_NEW, // Create new file only FILE_ATTRIBUTE_NORMAL, // Normal file NULL); // No attr. template if (hFileOut == INVALID_HANDLE_VALUE) { MessageBox(NULL, L"Cannot open file", L"Decryption error", MB_ICONERROR); bErrorFlag = FALSE; goto dec_exit_on_failure; } bErrorFlag = WriteFile( hFileOut, // Open file handle hFileBuffer, // Start of data to write encFileStrct.rawSize, // Number of bytes to write &numread, // Number of bytes that were written NULL); // No overlapped structure' CloseHandle(hFileOut); dec_exit_on_failure: // Override sensitive in memory sodium_memzero(password, wcslen(password) * sizeof(TCHAR)); sodium_memzero(c_szPassword, strlen(c_szPassword) * sizeof(BYTE)); sodium_memzero(key, crypto_secretbox_KEYBYTES); LocalFree(hFileBuffer); LocalFree(hCipherBuffer); return bErrorFlag; }