/* initialize piano handle
* @param piano handle
* @return nothing
*/
PianoReturn_t PianoInit (PianoHandle_t *ph, const char *partnerUser,
const char *partnerPassword, const char *device, const char *inkey,
const char *outkey) {
memset (ph, 0, sizeof (*ph));
ph->partner.user = strdup (partnerUser);
ph->partner.password = strdup (partnerPassword);
ph->partner.device = strdup (device);
if (gcry_cipher_open (&ph->partner.in, GCRY_CIPHER_BLOWFISH,
GCRY_CIPHER_MODE_ECB, 0) != GPG_ERR_NO_ERROR) {
return PIANO_RET_GCRY_ERR;
}
if (gcry_cipher_setkey (ph->partner.in, (const unsigned char *) inkey,
strlen (inkey)) != GPG_ERR_NO_ERROR) {
return PIANO_RET_GCRY_ERR;
}
if (gcry_cipher_open (&ph->partner.out, GCRY_CIPHER_BLOWFISH,
GCRY_CIPHER_MODE_ECB, 0) != GPG_ERR_NO_ERROR) {
return PIANO_RET_GCRY_ERR;
}
if (gcry_cipher_setkey (ph->partner.out, (const unsigned char *) outkey,
strlen (outkey)) != GPG_ERR_NO_ERROR) {
return PIANO_RET_GCRY_ERR;
}
return PIANO_RET_OK;
}
static int des3_1_set_key(struct crypto_struct *cipher, void *key, void *IV) {
if (cipher->key == NULL) {
if (alloc_key(cipher) < 0) {
return -1;
}
if (gcry_cipher_open(&cipher->key[0], GCRY_CIPHER_DES,
GCRY_CIPHER_MODE_CBC, 0)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_setkey(cipher->key[0], key, 8)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_setiv(cipher->key[0], IV, 8)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_open(&cipher->key[1], GCRY_CIPHER_DES,
GCRY_CIPHER_MODE_CBC, 0)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_setkey(cipher->key[1], key + 8, 8)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_setiv(cipher->key[1], IV + 8, 8)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_open(&cipher->key[2], GCRY_CIPHER_DES,
GCRY_CIPHER_MODE_CBC, 0)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_setkey(cipher->key[2], key + 16, 8)) {
SAFE_FREE(cipher->key);
return -1;
}
if (gcry_cipher_setiv(cipher->key[2], IV + 16, 8)) {
SAFE_FREE(cipher->key);
return -1;
}
}
return 0;
}
void test_libgcrypt_serpent_ecb()
{
gcry_cipher_hd_t encctx;
gcry_cipher_open(&encctx, GCRY_CIPHER_SERPENT256, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(encctx, enckey, 32);
gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(encctx);
gcry_cipher_hd_t decctx;
gcry_cipher_open(&decctx, GCRY_CIPHER_SERPENT256, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(decctx, enckey, 32);
gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(decctx);
}
void test_libgcrypt_3des_ecb()
{
gcry_cipher_hd_t encctx;
gcry_cipher_open(&encctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(encctx, enckey, 24);
gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(encctx);
gcry_cipher_hd_t decctx;
gcry_cipher_open(&decctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(decctx, enckey, 24);
gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(decctx);
}
void test_libgcrypt_rijndael_ecb()
{
gcry_cipher_hd_t encctx;
gcry_cipher_open(&encctx, GCRY_CIPHER_RIJNDAEL256, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(encctx, enckey, 32);
gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(encctx);
gcry_cipher_hd_t decctx;
gcry_cipher_open(&decctx, GCRY_CIPHER_RIJNDAEL256, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(decctx, enckey, 32);
gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(decctx);
}
void test_libgcrypt_blowfish_ecb()
{
gcry_cipher_hd_t encctx;
gcry_cipher_open(&encctx, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(encctx, enckey, 16);
gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(encctx);
gcry_cipher_hd_t decctx;
gcry_cipher_open(&decctx, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(decctx, enckey, 16);
gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen);
gcry_cipher_close(decctx);
}
std::string crypt_plugin::do_crypto( unsigned short len )
{
char *b, *r, *buff;
std::string out;
gcry_cipher_hd_t hand;
gcry_cipher_open( &hand, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS );
gcry_cipher_setiv( hand, NULL, 0 );
b = new char[16];
gcry_randomize( b, 16, GCRY_STRONG_RANDOM );
gcry_cipher_setkey( hand, b, 16 );
buff = new char[len];
r = new char[len+1];
gcry_randomize( r, len, GCRY_STRONG_RANDOM );
gcry_cipher_encrypt( hand, buff, len, r, len );
delete b;
memset( r, 0, len+1 );
for( unsigned int i = 0; i < len; i++ ) {
int k = 1 + (int) (92.0 * ((float)buff[i] / 256.0));
if( k < 0 )
k *= -1;
r[i] = k+34;
}
gcry_cipher_close(hand);
out = r;
delete buff;
delete r;
return out;
}
int aes_ctr (char* key, int keyLength, char* inFile, long fileLength, char*
ctrInit, int blockLength,
char** outFile){
gcry_error_t err;
gcry_cipher_hd_t aeshd;
err = gcry_cipher_open(&aeshd, GCRY_CIPHER_AES256,
GCRY_CIPHER_MODE_CTR,
GCRY_CIPHER_SECURE);
if(err){return CIPHER_OPEN_ERROR;}
err = gcry_cipher_setkey(aeshd, key, keyLength);
if(err){return CIPHER_SETKEY_ERROR;}
err = gcry_cipher_setctr(aeshd, ctrInit, blockLength);
if(err){return CIPHER_SETCTR_ERROR;}
*outFile = (char*)(malloc(fileLength * sizeof(char)));
DPRINT("going to enc/dec now\n");
err = gcry_cipher_encrypt(aeshd, *outFile, fileLength, inFile, fileLength);
if(err){return CIPHER_ENCRYPT_ERROR;}
DPRINT("done with enc/dec\n");
gcry_cipher_close(aeshd);
return NONE;
}
struct aes256ctr* aes256ctr_init(const char *key)
{
struct aes256ctr *ac;
gcry_error_t err;
if (! (ac = gcry_malloc_secure(sizeof(struct aes256ctr))))
return NULL;
err = gcry_cipher_open(&ac->ch, GCRY_CIPHER_AES256,
GCRY_CIPHER_MODE_CTR, GCRY_CIPHER_SECURE);
if (gcry_err_code(err))
goto error;
err = gcry_cipher_setkey(ac->ch, key, CIPHER_KEY_SIZE);
if (gcry_err_code(err))
goto error;
err = gcry_cipher_setctr(ac->ch, NULL, 0);
if (gcry_err_code(err))
goto error;
ac->idx = CIPHER_BLOCK_SIZE;
return ac;
error:
gcry_free(ac);
return NULL;
}
gcry_error_t decryptFile(FILE *infile, unsigned char *IV, unsigned char *key, FILE *outfile) {
gcry_error_t error;
gcry_cipher_hd_t hd;
unsigned char inbuffer[16];
unsigned char obp[16];
unsigned char *outbuffer = NULL;
int eof = 0;
int n;
int strength = getCipherStrength();
int algorithm = strength == 256 ? GCRY_CIPHER_AES256 : GCRY_CIPHER_AES128;
size_t keylength = strength == 256 ? 32 : 16;
error = gcry_cipher_open(&hd, algorithm, GCRY_CIPHER_MODE_OFB, 0);
if (error != GPG_ERR_NO_ERROR)
return error;
error = gcry_cipher_setkey(hd, key, keylength);
if (error != GPG_ERR_NO_ERROR)
return error;
error = gcry_cipher_setiv(hd, IV, 16);
if (error != GPG_ERR_NO_ERROR)
return error;
while (!eof) {
n = fread(inbuffer, 1, 16, infile);
if (n > 0 && n < 16)
return gcry_error_from_errno(EPIPE);
if (n == 0) {
if (outbuffer == NULL)
return gcry_error_from_errno(EINVAL);
n = 16 - (int)outbuffer[15];
eof = 1;
}
if (outbuffer != NULL)
fwrite(outbuffer, 1, n, outfile);
outbuffer = obp;
error = gcry_cipher_decrypt(hd, outbuffer, 16, inbuffer, 16);
if (error != GPG_ERR_NO_ERROR)
return error;
}
return GPG_ERR_NO_ERROR;
}
/**
* @brief Decipher a buffer using AES-128 with CBC.
*/
int crypt_aes_dec(crypt_context_t *context, char *encBuffer, char *outBuffer, unsigned int buffLen, char *iniVector) {
int rv;
ASSERT(context, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n");
ASSERT(encBuffer, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n");
ASSERT(outBuffer, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n");
ASSERT(iniVector, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n");
ASSERT(context->initialised, rv, CRYPT_FAILED, "crypt_aes_dec: Context is not initialised.\n");
gcry_error_t gcryError;
gcry_cipher_hd_t gcryCipherHd = NULL;
size_t keyLength = gcry_cipher_get_algo_keylen(GCRY_CIPHER_AES128);
size_t blkLength = gcry_cipher_get_algo_blklen(GCRY_CIPHER_AES128);
gcryError = gcry_cipher_open(&gcryCipherHd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, 0);
ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError));
gcryError = gcry_cipher_setkey(gcryCipherHd, context->secretKey, keyLength);
ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError));
gcryError = gcry_cipher_setiv(gcryCipherHd, iniVector, blkLength);
ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError));
gcryError = gcry_cipher_decrypt(gcryCipherHd, outBuffer, buffLen, encBuffer, buffLen);
ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError));
_err:
if(gcryCipherHd)
gcry_cipher_close(gcryCipherHd);
return rv;
}
int init_decrypt_ctx(struct decrypt_ctx *ctx, struct psafe3_pro *pro,
struct safe_sec *sec)
{
gcry_error_t gerr;
assert(ctx != NULL);
assert(pro != NULL);
assert(sec != NULL);
gerr = gcry_cipher_open(&ctx->cipher, GCRY_CIPHER_TWOFISH,
GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE);
if (gerr != GPG_ERR_NO_ERROR) goto err_cipher;
ctx->gerr = gcry_cipher_setkey(ctx->cipher, sec->rand_k, 32);
if (gerr != GPG_ERR_NO_ERROR) goto err_cipher;
ctx->gerr = gcry_cipher_setiv(ctx->cipher, pro->iv, 16);
if (gerr != GPG_ERR_NO_ERROR) goto err_cipher;
gerr = gcry_md_open(&ctx->hmac, GCRY_MD_SHA256,
GCRY_MD_FLAG_SECURE|GCRY_MD_FLAG_HMAC);
if (gerr != GPG_ERR_NO_ERROR) goto err_hmac;
gerr = gcry_md_setkey(ctx->hmac, sec->rand_l, 32);
if (gerr != GPG_ERR_NO_ERROR) goto err_hmac;
return 0;
err_hmac:
gcry_cipher_close(ctx->cipher);
err_cipher:
ctx->gerr = gerr;
return -1;
}
netmd_error netmd_secure_setup_download(netmd_dev_handle *dev,
unsigned char *contentid,
unsigned char *key_encryption_key,
unsigned char *sessionkey)
{
unsigned char cmdhdr[] = { 0x00, 0x00 };
unsigned char data[32] = { 0x01, 0x01, 0x01, 0x01 /* ... */};
unsigned char cmd[sizeof(cmdhdr) + sizeof(data)];
unsigned char iv[8] = { 0 };
gcry_cipher_hd_t handle;
netmd_response response;
netmd_error error;
memcpy(data + 4, contentid, 20);
memcpy(data + 24, key_encryption_key, 8);
gcry_cipher_open(&handle, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0);
gcry_cipher_setkey(handle, sessionkey, 8);
gcry_cipher_setiv(handle, iv, 8);
gcry_cipher_encrypt(handle, data, sizeof(data), NULL, 0);
gcry_cipher_close(handle);
memcpy(cmd, cmdhdr, sizeof(cmdhdr));
memcpy(cmd + sizeof(cmdhdr), data, 32);
error = netmd_exch_secure_msg(dev, 0x22, cmd, sizeof(cmd), &response);
netmd_check_response_bulk(&response, cmdhdr, sizeof(cmdhdr), &error);
return error;
}
/****************
* Make a session key and put it into DEK
*/
void
make_session_key( DEK *dek )
{
gcry_cipher_hd_t chd;
int i, rc;
dek->keylen = openpgp_cipher_get_algo_keylen (dek->algo);
if (openpgp_cipher_open (&chd, dek->algo, GCRY_CIPHER_MODE_CFB,
(GCRY_CIPHER_SECURE
| (dek->algo >= 100 ?
0 : GCRY_CIPHER_ENABLE_SYNC))) )
BUG();
gcry_randomize (dek->key, dek->keylen, GCRY_STRONG_RANDOM );
for (i=0; i < 16; i++ )
{
rc = gcry_cipher_setkey (chd, dek->key, dek->keylen);
if (!rc)
{
gcry_cipher_close (chd);
return;
}
if (gpg_err_code (rc) != GPG_ERR_WEAK_KEY)
BUG();
log_info(_("weak key created - retrying\n") );
/* Renew the session key until we get a non-weak key. */
gcry_randomize (dek->key, dek->keylen, GCRY_STRONG_RANDOM);
}
log_fatal (_("cannot avoid weak key for symmetric cipher; "
"tried %d times!\n"), i);
}
netmd_error netmd_secure_commit_track(netmd_dev_handle *dev, uint16_t track,
unsigned char* sessionkey)
{
unsigned char cmdhdr[] = {0x00, 0x10, 0x01};
unsigned char cmd[sizeof(cmdhdr) + sizeof(track) + 8];
unsigned char *buf;
gcry_cipher_hd_t handle;
unsigned char hash[8] = { 0 };
netmd_response response;
netmd_error error;
buf = cmd;
memcpy(buf, cmdhdr, sizeof(cmdhdr));
buf += sizeof(cmdhdr);
netmd_copy_word_to_buffer(&buf, track, 0);
gcry_cipher_open(&handle, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(handle, sessionkey, 8);
gcry_cipher_encrypt(handle, buf, sizeof(hash), hash, sizeof(hash));
buf += sizeof(hash);
gcry_cipher_close(handle);
error = netmd_exch_secure_msg(dev, 0x48, cmd, sizeof(cmd), &response);
netmd_check_response_bulk(&response, cmdhdr, sizeof(cmdhdr), &error);
netmd_check_response_word(&response, track, &error);
return error;
}
static gboolean webKitMediaClearKeyDecryptorSetupCipher(WebKitMediaCommonEncryptionDecrypt* self)
{
WebKitMediaClearKeyDecryptPrivate* priv = WEBKIT_MEDIA_CK_DECRYPT_GET_PRIVATE(WEBKIT_MEDIA_CK_DECRYPT(self));
gcry_error_t error;
ASSERT(priv->key);
if (!priv->key) {
GST_ERROR_OBJECT(self, "Decryption key not provided");
return false;
}
error = gcry_cipher_open(&(priv->handle), GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, GCRY_CIPHER_SECURE);
if (error) {
GST_ERROR_OBJECT(self, "Failed to create AES 128 CTR cipher handle: %s", gpg_strerror(error));
return false;
}
GstMapInfo keyMap;
if (!gst_buffer_map(priv->key.get(), &keyMap, GST_MAP_READ)) {
GST_ERROR_OBJECT(self, "Failed to map decryption key");
return false;
}
ASSERT(keyMap.size == CLEARKEY_SIZE);
error = gcry_cipher_setkey(priv->handle, keyMap.data, keyMap.size);
gst_buffer_unmap(priv->key.get(), &keyMap);
if (error) {
GST_ERROR_OBJECT(self, "gcry_cipher_setkey failed: %s", gpg_strerror(error));
return false;
}
return true;
}
gcry_cipher_hd_t
gkm_aes_key_get_cipher (GkmAesKey *self, int mode)
{
gcry_cipher_hd_t cih;
gcry_error_t gcry;
int algorithm;
g_return_val_if_fail (GKM_IS_AES_KEY (self), NULL);
algorithm = algorithm_for_length (self->n_value);
g_return_val_if_fail (algorithm != 0, NULL);
gcry = gcry_cipher_open (&cih, algorithm, mode, 0);
if (gcry != 0) {
g_warning ("couldn't open %s cipher: %s",
gcry_cipher_algo_name (algorithm), gcry_strerror (gcry));
return NULL;
}
/* Setup the key */
gcry = gcry_cipher_setkey (cih, self->value, self->n_value);
g_return_val_if_fail (gcry == 0, NULL);
return cih;
}
static void dCMAC(guint8 *pK, guint8 *ws, const guint8 *pN, guint16 SizeN, const guint8 *pC, guint16 SizeC)
{
gcry_cipher_hd_t cipher_hd;
guint8 *work;
guint8 *ptr;
guint16 SizeT = SizeN + SizeC;
guint16 worksize = SizeT;
/* worksize must be an integral multiple of 16 */
if (SizeT & 0xf) {
worksize += 0x10 - (worksize & 0xf);
}
work = (guint8 *)g_malloc(worksize);
if (work == NULL) {
return;
}
memcpy(work, pN, SizeN);
if (pC != NULL) {
memcpy(&work[SizeN], pC, SizeC);
}
/*
* pad the data if necessary, and XOR Q or D, depending on
* whether data was padded or not
*/
if (worksize != SizeT) {
work[SizeT] = 0x80;
for (ptr = &work[SizeT+1]; ptr < &work[worksize]; ptr++)
*ptr = 0;
ptr= &work[worksize-0x10];
BLK_XOR(ptr, instance.Q);
} else {
ptr = &work[worksize-0x10];
BLK_XOR(ptr, instance.D);
}
/* open the cipher */
if (gcry_cipher_open(&cipher_hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC,0)){/* GCRY_CIPHER_CBC_MAC)) { */
g_free(work);
return;
}
if (gcry_cipher_setkey(cipher_hd, pK, EAX_SIZEOF_KEY)) {
g_free(work);
gcry_cipher_close(cipher_hd);
return;
}
if (gcry_cipher_setiv(cipher_hd, ws, EAX_SIZEOF_KEY)) {
g_free(work);
gcry_cipher_close(cipher_hd);
return;
}
if (gcry_cipher_encrypt(cipher_hd, work, worksize, work, worksize)) {
g_free(work);
gcry_cipher_close(cipher_hd);
return;
}
memcpy(ws, ptr, EAX_SIZEOF_KEY);
g_free(work);
gcry_cipher_close(cipher_hd);
return;
}
static void CTR(const guint8 *ws, guint8 *pK, guint8 *pN, guint16 SizeN)
{
gcry_cipher_hd_t cipher_hd;
guint8 ctr[EAX_SIZEOF_KEY];
BLK_CPY(ctr, ws);
ctr[12] &= 0x7f;
ctr[14] &= 0x7f;
/* open the cipher */
if (gcry_cipher_open(&cipher_hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0)) {
return;
}
if (gcry_cipher_setkey(cipher_hd, pK, EAX_SIZEOF_KEY)) {
gcry_cipher_close(cipher_hd);
return;
}
if (gcry_cipher_setctr(cipher_hd, ctr, EAX_SIZEOF_KEY)) {
gcry_cipher_close(cipher_hd);
return;
}
if (gcry_cipher_encrypt(cipher_hd, pN, SizeN, pN, SizeN)) {
gcry_cipher_close(cipher_hd);
return;
}
gcry_cipher_close(cipher_hd);
return;
}
static gboolean
gst_hls_demux_decrypt_start (GstHLSDemux * demux, const guint8 * key_data,
const guint8 * iv_data)
{
gcry_error_t err = 0;
gboolean ret = FALSE;
err =
gcry_cipher_open (&demux->aes_ctx, GCRY_CIPHER_AES128,
GCRY_CIPHER_MODE_CBC, 0);
if (err)
goto out;
err = gcry_cipher_setkey (demux->aes_ctx, key_data, 16);
if (err)
goto out;
err = gcry_cipher_setiv (demux->aes_ctx, iv_data, 16);
if (!err)
ret = TRUE;
out:
if (!ret)
if (demux->aes_ctx)
gcry_cipher_close (demux->aes_ctx);
return ret;
}
static void
encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey)
{
gcry_cipher_hd_t hd;
byte buf[33];
assert ( dek->keylen <= 32 );
if (!*seskey)
{
*seskey=xmalloc_clear(sizeof(DEK));
(*seskey)->keylen=dek->keylen;
(*seskey)->algo=dek->algo;
make_session_key(*seskey);
/*log_hexdump( "thekey", c->key, c->keylen );*/
}
/* The encrypted session key is prefixed with a one-octet algorithm id. */
buf[0] = (*seskey)->algo;
memcpy( buf + 1, (*seskey)->key, (*seskey)->keylen );
/* We only pass already checked values to the following fucntion,
thus we consider any failure as fatal. */
if (openpgp_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1))
BUG ();
if (gcry_cipher_setkey (hd, dek->key, dek->keylen))
BUG ();
gcry_cipher_setiv (hd, NULL, 0);
gcry_cipher_encrypt (hd, buf, (*seskey)->keylen + 1, NULL, 0);
gcry_cipher_close (hd);
memcpy( enckey, buf, (*seskey)->keylen + 1 );
wipememory( buf, sizeof buf ); /* burn key */
}
guchar *
egg_openssl_decrypt_block (const gchar *dekinfo,
const gchar *password,
gssize n_password,
GBytes *data,
gsize *n_decrypted)
{
gcry_cipher_hd_t ch;
guchar *key = NULL;
guchar *iv = NULL;
int gcry, ivlen;
int algo = 0;
int mode = 0;
guchar *decrypted;
if (!parse_dekinfo (dekinfo, &algo, &mode, &iv))
return FALSE;
ivlen = gcry_cipher_get_algo_blklen (algo);
/* We assume the iv is at least as long as at 8 byte salt */
g_return_val_if_fail (ivlen >= 8, FALSE);
/* IV is already set from the DEK info */
if (!egg_symkey_generate_simple (algo, GCRY_MD_MD5, password,
n_password, iv, 8, 1, &key, NULL)) {
g_free (iv);
return NULL;
}
gcry = gcry_cipher_open (&ch, algo, mode, 0);
g_return_val_if_fail (!gcry, NULL);
gcry = gcry_cipher_setkey (ch, key, gcry_cipher_get_algo_keylen (algo));
g_return_val_if_fail (!gcry, NULL);
egg_secure_free (key);
/* 16 = 128 bits */
gcry = gcry_cipher_setiv (ch, iv, ivlen);
g_return_val_if_fail (!gcry, NULL);
g_free (iv);
/* Allocate output area */
*n_decrypted = g_bytes_get_size (data);
decrypted = egg_secure_alloc (*n_decrypted);
gcry = gcry_cipher_decrypt (ch, decrypted, *n_decrypted,
g_bytes_get_data (data, NULL),
g_bytes_get_size (data));
if (gcry) {
egg_secure_free (decrypted);
g_return_val_if_reached (NULL);
}
gcry_cipher_close (ch);
return decrypted;
}
void init(aes_type type,std::string const &key)
{
if(key.size()*8!=unsigned(type)) {
throw booster::invalid_argument("Invalid key size");
}
key_ = key;
type_ = type;
int algo=0;
switch(type) {
case aes128:
algo = GCRY_CIPHER_AES128;
break;
case aes192:
algo = GCRY_CIPHER_AES192;
break;
case aes256:
algo = GCRY_CIPHER_AES256;
break;
default:
throw booster::invalid_argument("Invalid encryption method");
}
enc_ = 0;
dec_ = 0;
char iv_enc[16];
char iv_dec[16]= {0};
urandom_device rnd;
rnd.generate(iv_enc,sizeof(iv_enc));
if( gcry_cipher_open(&enc_,algo,GCRY_CIPHER_MODE_CBC,0)
|| gcry_cipher_open(&dec_,algo,GCRY_CIPHER_MODE_CBC,0)
|| gcry_cipher_setkey(enc_,key_.c_str(),key.size())
|| gcry_cipher_setkey(dec_,key_.c_str(),key.size())
|| gcry_cipher_setiv(enc_,iv_enc,16)
|| gcry_cipher_setiv(dec_,iv_dec,16)
)
{
if(enc_)
gcry_cipher_close(enc_);
if(dec_)
gcry_cipher_close(dec_);
throw booster::runtime_error("Failed to create AES encryptor");
}
}
static void run_gcrypt_aes128(uint8_t *output,
const uint8_t *input, unsigned size)
{
static gcry_cipher_hd_t aes;
if (!aes)
gcry_cipher_open(&aes, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(aes, hardcoded_key, 16);
gcry_cipher_encrypt(aes, output, size, input, size);
}
/* initialize piano handle
* @param piano handle
* @return nothing
*/
void PianoInit (PianoHandle_t *ph, const char *partnerUser,
const char *partnerPassword, const char *device, const char *inkey,
const char *outkey) {
memset (ph, 0, sizeof (*ph));
ph->partner.user = strdup (partnerUser);
ph->partner.password = strdup (partnerPassword);
ph->partner.device = strdup (device);
gcry_cipher_open (&ph->partner.in, GCRY_CIPHER_BLOWFISH,
GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey (ph->partner.in, (const unsigned char *) inkey,
strlen (inkey));
gcry_cipher_open (&ph->partner.out, GCRY_CIPHER_BLOWFISH,
GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey (ph->partner.out, (const unsigned char *) outkey,
strlen (outkey));
}
static void run_gcrypt_cast128(uint8_t *output,
const uint8_t *input, unsigned size)
{
static gcry_cipher_hd_t cast;
if (!cast)
gcry_cipher_open(&cast, GCRY_CIPHER_CAST5, GCRY_CIPHER_MODE_ECB, 0);
gcry_cipher_setkey(cast, hardcoded_key, 16);
gcry_cipher_encrypt(cast, output, size, input, size);
}
int elektraCryptoGcryHandleCreate (elektraCryptoHandle ** handle, KeySet * config, Key * errorKey)
{
gcry_error_t gcry_err;
unsigned char keyBuffer[64], ivBuffer[64];
size_t keyLength, ivLength;
(*handle) = NULL;
// retrieve keys from configuration
Key * key = elektraCryptoReadParamKey (config, errorKey);
Key * iv = elektraCryptoReadParamIv (config, errorKey);
if (key == NULL || iv == NULL)
{
return (-1);
}
keyLength = keyGetBinary (key, keyBuffer, sizeof (keyBuffer));
ivLength = keyGetBinary (iv, ivBuffer, sizeof (ivBuffer));
// create the handle
(*handle) = elektraMalloc (sizeof (elektraCryptoHandle));
if (*handle == NULL)
{
memset (keyBuffer, 0, sizeof (keyBuffer));
memset (ivBuffer, 0, sizeof (ivBuffer));
ELEKTRA_SET_ERROR (87, errorKey, "Memory allocation failed");
return (-1);
}
if ((gcry_err = gcry_cipher_open (*handle, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0)) != 0)
{
goto error;
}
if ((gcry_err = gcry_cipher_setkey (**handle, keyBuffer, keyLength)) != 0)
{
goto error;
}
if ((gcry_err = gcry_cipher_setiv (**handle, ivBuffer, ivLength)) != 0)
{
goto error;
}
memset (keyBuffer, 0, sizeof (keyBuffer));
memset (ivBuffer, 0, sizeof (ivBuffer));
return 1;
error:
memset (keyBuffer, 0, sizeof (keyBuffer));
memset (ivBuffer, 0, sizeof (ivBuffer));
ELEKTRA_SET_ERRORF (ELEKTRA_ERROR_CRYPTO_CONFIG_FAULT, errorKey, "Failed to create handle because: %s", gcry_strerror (gcry_err));
gcry_cipher_close (**handle);
elektraFree (*handle);
(*handle) = NULL;
return (-1);
}
static gboolean
service_encode_aes_secret (SecretSession *session,
SecretValue *value,
GVariantBuilder *builder)
{
gcry_cipher_hd_t cih;
guchar *padded;
gsize n_padded, pos;
gcry_error_t gcry;
gpointer iv;
gconstpointer secret;
gsize n_secret;
GVariant *child;
g_variant_builder_add (builder, "o", session->path);
/* Create the cipher */
gcry = gcry_cipher_open (&cih, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC, 0);
if (gcry != 0) {
g_warning ("couldn't create AES cipher: %s", gcry_strerror (gcry));
return FALSE;
}
secret = secret_value_get (value, &n_secret);
/* Perform the encoding here */
padded = pkcs7_pad_bytes_in_secure_memory (secret, n_secret, &n_padded);
g_assert (padded != NULL);
/* Setup the IV */
iv = g_malloc0 (16);
gcry_create_nonce (iv, 16);
gcry = gcry_cipher_setiv (cih, iv, 16);
g_return_val_if_fail (gcry == 0, FALSE);
/* Setup the key */
gcry = gcry_cipher_setkey (cih, session->key, session->n_key);
g_return_val_if_fail (gcry == 0, FALSE);
/* Perform the encryption */
for (pos = 0; pos < n_padded; pos += 16) {
gcry = gcry_cipher_encrypt (cih, (guchar*)padded + pos, 16, NULL, 0);
g_return_val_if_fail (gcry == 0, FALSE);
}
gcry_cipher_close (cih);
child = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), iv, 16, TRUE, g_free, iv);
g_variant_builder_add_value (builder, child);
child = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), padded, n_padded, TRUE, egg_secure_free, padded);
g_variant_builder_add_value (builder, child);
g_variant_builder_add (builder, "s", secret_value_get_content_type (value));
return TRUE;
}
/** AES-CM key derivation test vectors */
static void test_derivation (void)
{
static const uint8_t key[16] =
"\xE1\xF9\x7A\x0D\x3E\x01\x8B\xE0\xD6\x4F\xA3\x2C\x06\xDE\x41\x39";
static const uint8_t salt[14] =
"\x0E\xC6\x75\xAD\x49\x8A\xFE\xEB\xB6\x96\x0B\x3A\xAB\xE6";
static const uint8_t good_cipher[16] =
"\xC6\x1E\x7A\x93\x74\x4F\x39\xEE\x10\x73\x4A\xFE\x3F\xF7\xA0\x87";
static const uint8_t good_salt[14] =
"\x30\xCB\xBC\x08\x86\x3D\x8C\x85\xD4\x9D\xB3\x4A\x9A\xE1";
static const uint8_t good_auth[94] =
"\xCE\xBE\x32\x1F\x6F\xF7\x71\x6B\x6F\xD4\xAB\x49\xAF\x25\x6A\x15"
"\x6D\x38\xBA\xA4\x8F\x0A\x0A\xCF\x3C\x34\xE2\x35\x9E\x6C\xDB\xCE"
"\xE0\x49\x64\x6C\x43\xD9\x32\x7A\xD1\x75\x57\x8E\xF7\x22\x70\x98"
"\x63\x71\xC1\x0C\x9A\x36\x9A\xC2\xF9\x4A\x8C\x5F\xBC\xDD\xDC\x25"
"\x6D\x6E\x91\x9A\x48\xB6\x10\xEF\x17\xC2\x04\x1E\x47\x40\x35\x76"
"\x6B\x68\x64\x2C\x59\xBB\xFC\x2F\x34\xDB\x60\xDB\xDF\xB2";
static const uint8_t r[6] = { 0, 0, 0, 0, 0, 0 };
gcry_cipher_hd_t prf;
uint8_t out[94];
puts ("AES-CM key derivation test...");
printf (" master key: ");
printhex (key, sizeof (key));
printf (" master salt: ");
printhex (salt, sizeof (salt));
if (gcry_cipher_open (&prf, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CTR, 0)
|| gcry_cipher_setkey (prf, key, sizeof (key)))
fatal ("Internal PRF error");
if (derive (prf, salt, r, sizeof (r), SRTP_CRYPT, out, 16))
fatal ("Internal cipher derivation error");
printf (" cipher key: ");
printhex (out, 16);
if (memcmp (out, good_cipher, 16))
fatal ("Test failed");
if (derive (prf, salt, r, sizeof (r), SRTP_SALT, out, 14))
fatal ("Internal salt derivation error");
printf (" cipher salt: ");
printhex (out, 14);
if (memcmp (out, good_salt, 14))
fatal ("Test failed");
if (derive (prf, salt, r, sizeof (r), SRTP_AUTH, out, 94))
fatal ("Internal auth key derivation error");
printf (" auth key: ");
printhex (out, 94);
if (memcmp (out, good_auth, 94))
fatal ("Test failed");
gcry_cipher_close (prf);
}
static gboolean
decrypt_buffer (EggBuffer *buffer, GkmSecret *master,
guchar salt[8], int iterations)
{
const gchar *password = NULL;
gcry_cipher_hd_t cih;
gcry_error_t gerr;
guchar *key, *iv;
gsize n_password = 0;
size_t pos;
g_assert (buffer->len % 16 == 0);
g_assert (16 == gcry_cipher_get_algo_blklen (GCRY_CIPHER_AES128));
g_assert (16 == gcry_cipher_get_algo_keylen (GCRY_CIPHER_AES128));
/* No password is set, try an null password */
if (master == NULL) {
password = NULL;
n_password = 0;
} else {
password = gkm_secret_get_password (master, &n_password);
}
if (!egg_symkey_generate_simple (GCRY_CIPHER_AES128, GCRY_MD_SHA256,
password, n_password, salt, 8, iterations, &key, &iv))
return FALSE;
gerr = gcry_cipher_open (&cih, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, 0);
if (gerr) {
g_warning ("couldn't create aes cipher context: %s",
gcry_strerror (gerr));
egg_secure_free (key);
g_free (iv);
return FALSE;
}
/* 16 = 128 bits */
gerr = gcry_cipher_setkey (cih, key, 16);
g_return_val_if_fail (!gerr, FALSE);
egg_secure_free (key);
/* 16 = 128 bits */
gerr = gcry_cipher_setiv (cih, iv, 16);
g_return_val_if_fail (!gerr, FALSE);
g_free (iv);
for (pos = 0; pos < buffer->len; pos += 16) {
/* In place encryption */
gerr = gcry_cipher_decrypt (cih, buffer->buf + pos, 16, NULL, 0);
g_return_val_if_fail (!gerr, FALSE);
}
gcry_cipher_close (cih);
return TRUE;
}