Exemple #1
0
ndn_Error
ndn_AesAlgorithm_decrypt128Cbc
  (const uint8_t *key, size_t keyLength, const uint8_t *initialVector,
   size_t initialVectorLength, const uint8_t *encryptedData,
   size_t encryptedDataLength, uint8_t *plainData, size_t *plainDataLength)
{
  EVP_CIPHER_CTX ctx;
  int outLength1, outLength2;

  if (keyLength != ndn_AES_128_BLOCK_SIZE)
    return NDN_ERROR_Incorrect_key_size;
  if (initialVectorLength != ndn_AES_128_BLOCK_SIZE)
    return NDN_ERROR_Incorrect_initial_vector_size;

  EVP_DecryptInit
    (&ctx, EVP_aes_128_cbc(), (const unsigned char*)key,
     (const unsigned char*)initialVector);

  EVP_DecryptUpdate
    (&ctx, (unsigned char*)plainData, &outLength1,
     (const unsigned char*)encryptedData, encryptedDataLength);
  EVP_DecryptFinal
    (&ctx, (unsigned char*)plainData + outLength1, &outLength2);

  EVP_CIPHER_CTX_cleanup(&ctx);
  *plainDataLength = outLength1 + outLength2;

  return NDN_ERROR_success;
}
Exemple #2
0
std::string decrypt_aes256(const std::string& cipher,const std::string& key,const std::string& iv)
{
	std::string plain;
	plain.resize((cipher.size()/AES_BLOCK_SIZE+1)*AES_BLOCK_SIZE);
	EVP_CIPHER_CTX* ctx=nullptr;
	try
	{
		std::string error_str="Decryption failed.";
		ctx=EVP_CIPHER_CTX_new();
		if(key.size()!=AES256_KEY_SIZE)
			throw std::runtime_error(error_str);
		int temp_length;
		int temp_unaligned_length;
		if(ctx==nullptr)
			throw std::runtime_error(error_str);
		if(EVP_CIPHER_CTX_set_padding(ctx,1)==0)
			throw std::runtime_error(error_str);
		if(EVP_DecryptInit(ctx,EVP_aes_256_cbc(),(uint8_t*)key.data(),(uint8_t*)iv.data())==0)
			throw std::runtime_error(error_str);
		if(EVP_DecryptUpdate(ctx,(uint8_t*)plain.data(),&temp_length,(uint8_t*)cipher.data(),cipher.size())==0)
			throw std::runtime_error(error_str);
		if(EVP_DecryptFinal(ctx,(uint8_t*)plain.data()+temp_length,&temp_unaligned_length)==0)
			throw std::runtime_error(error_str);
		plain.resize(temp_length+temp_unaligned_length);
	}
	catch(...)
	{
		aes_cleanup(ctx);
		throw;
	}
	aes_cleanup(ctx);
	return plain;
}
Exemple #3
0
DBT *decrypt(DBT * data)
{
    DBT *decrypted;
    unsigned char *safepasswd;

    int olen, tlen;

    FUNC;
    decrypted = s_malloc(sizeof(DBT));
    decrypted->data = s_malloc(data->size);
    safepasswd = safepassword();

    EVP_CIPHER_CTX ctx;
    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit(&ctx, EVP_bf_cbc(), safepasswd, config->iv);

    if (EVP_DecryptUpdate
        (&ctx, decrypted->data, &olen, data->data, data->size) != 1) {
        die_cryptoerr("Unexpected fatal error while decrypting.\n");
    }

    if (EVP_DecryptFinal(&ctx, decrypted->data + olen, &tlen) != 1) {
        die_cryptoerr("Unexpected fatal error in decrypt final.\n");
    }
    olen += tlen;
    EVP_CIPHER_CTX_cleanup(&ctx);
    decrypted->size = olen;
    free(safepasswd);
    EFUNC;
    return decrypted;
}
Exemple #4
0
long decrypt(const EVP_CIPHER *cipher_type, unsigned char **data_plain, unsigned char *data_cipher, long data_cipher_size, unsigned char *key, unsigned char *iv)
{
        EVP_CIPHER_CTX cipher_ctx;
        *data_plain = malloc(data_cipher_size);
        long data_plain_size = 0;
        int ret;

        //decrypt the cipher with extracted key
        EVP_CIPHER_CTX_init(&cipher_ctx);
        if(EVP_DecryptInit_ex(&cipher_ctx, cipher_type, NULL, key, iv)==0)
        {
                printf("EVP_DecryptInit returned error\n");
                return -1;
        }
        if(EVP_DecryptUpdate(&cipher_ctx, *data_plain, &ret, data_cipher, data_cipher_size)==0)
        {
                printf("EVP_DecryptUpdate returned error\n");
                return -1;
        }
        data_plain_size+=ret;
        if(EVP_DecryptFinal(&cipher_ctx, *data_plain+data_plain_size, &ret)==0)
        {
                printf("EVP_DecryptFinal returned error\n");
                return -1;
        }
        return data_plain_size+ret;
}
Exemple #5
0
static int
ldecrypt (lua_State *L) {
	size_t len = 0;
	const char *text = lua_tolstring (L, 1, &len);
	const char *key = lua_tostring (L, 2);

	EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
	unsigned char iv[16] = { 0 };
	char *output = malloc (len);
	int olen1;
	int olen2;

	EVP_DecryptInit (ctx, EVP_aes_128_cbc(), (unsigned char *)key, iv);
	EVP_DecryptUpdate (ctx, (unsigned char *)output, &olen1, (const unsigned char *)text, len);
	int ok = EVP_DecryptFinal (ctx, (unsigned char *)(output + olen1), &olen2);
	if (!ok) {
		free (output);
		EVP_CIPHER_CTX_free (ctx);
		return 0;
	}
	
	lua_pushlstring (L, output, olen1 + olen2);
	free (output);
	EVP_CIPHER_CTX_free (ctx);
	return 1;
}
const char* decrypt(unsigned char* inbuff, int inbuff_len, unsigned char* key, unsigned char* iv)
{
    EVP_CIPHER_CTX  ctx;
    EVP_CIPHER_CTX_init(&ctx);
    EVP_DecryptInit(&ctx, EVP_bf_cbc(), key, iv);

    unsigned char* outbuf = (unsigned char *)malloc(sizeof(unsigned char) * BUF_SIZE);
    memset(outbuf, 0, BUF_SIZE);

    int olen=0, tlen=0;
    if (EVP_DecryptUpdate(&ctx, outbuf, &olen, inbuff, inbuff_len) != 1) {
        LOGE("Error in decrypt update");
        return 0;
    }

    if (EVP_DecryptFinal(&ctx, outbuf + olen, &tlen) != 1) {
        LOGE("Error in decrypt final");
        return 0;
    }

    EVP_CIPHER_CTX_cleanup(&ctx);

    outbuf[olen+tlen-1] = '\0';
    return (const char*) outbuf;
}
Exemple #7
0
// decrypt buffer
static int cryptoDec(struct s_crypto *ctx, unsigned char *dec_buf, const int dec_len, const unsigned char *enc_buf, const int enc_len, const int hmac_len, const int iv_len) {
	unsigned char iv[crypto_MAXIVSIZE];
	unsigned char hmac[hmac_len];
	const int hdr_len = (hmac_len + iv_len);
	int cr_len;
	int len;

	if(iv_len > crypto_MAXIVSIZE) { return 0; }
	if(enc_len < hdr_len) { return 0; }
	if(dec_len < enc_len) { return 0; }

	if(!cryptoHMAC(ctx, hmac, hmac_len, &enc_buf[hmac_len], (enc_len - hmac_len))) { return 0; }
	if(memcmp(hmac, enc_buf, hmac_len) != 0) { return 0; }

	memset(iv, 0, crypto_MAXIVSIZE);
	memcpy(iv, &enc_buf[hmac_len], iv_len);

	if(!EVP_DecryptInit_ex(&ctx->dec_ctx, NULL, NULL, NULL, iv)) { return 0; }
	if(!EVP_DecryptUpdate(&ctx->dec_ctx, dec_buf, &len, &enc_buf[hdr_len], (enc_len - hdr_len))) { return 0; }
	cr_len = len;
	if(!EVP_DecryptFinal(&ctx->dec_ctx, &dec_buf[cr_len], &len)) { return 0; }
	cr_len += len;
	
	return cr_len;
}
bool AesCbcCipher::decrypt(const Vuc& in, Vuc& out)
{
    // according to the openssl docs:
    // the amount of data written may be as large as (in.size() + cipher_block_size - 1)
    size_t outSize = in.size() + AES_BLOCK_SIZE - 1;
    // the output buffer must also be a multiple of blocksize
    if ((outSize % AES_BLOCK_SIZE) != 0)
        outSize = ((outSize / AES_BLOCK_SIZE) + 1) * AES_BLOCK_SIZE;
    out.resize(outSize, 0);

    // init the cipher; must keep track of the number of bytes produced
    ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free> ctx(EVP_CIPHER_CTX_new());
    EVP_DecryptInit(ctx.get(), getCipher(), &key_[0], &iv_[0]);

    // do the decrypt
    int nBytes = 0;
    EVP_DecryptUpdate(ctx.get(), &out[0], &nBytes, &in[0], in.size());
    int nTotalBytes = nBytes;
    if (!EVP_DecryptFinal(ctx.get(), &out[nBytes], &nBytes))
        return false;   // padding incorrect
    nTotalBytes += nBytes;

    // the actual output size is in nTotalBytes
    assert(nTotalBytes);
    Vuc(out.begin(), out.begin()+nTotalBytes).swap(out); // shrink to fit
    return true;
}
Exemple #9
0
enum snmp_code
snmp_pdu_decrypt(const struct snmp_pdu *pdu)
{
	int32_t err, olen;
	uint8_t iv[SNMP_PRIV_AES_IV_SIZ];
	const EVP_CIPHER *ctype;
	EVP_CIPHER_CTX ctx;

	err = snmp_pdu_cipher_init(pdu, pdu->scoped_len, &ctype, iv);
	if (err < 0)
		return (SNMP_CODE_EDECRYPT);
	else if (err == 0)
		return (SNMP_CODE_OK);

	if (EVP_DecryptInit(&ctx, ctype, pdu->user.priv_key, iv) != 1 ||
	    EVP_CIPHER_CTX_set_padding(&ctx, 0) != 1)
		return (SNMP_CODE_EDECRYPT);

	if (EVP_DecryptUpdate(&ctx, pdu->scoped_ptr, &olen, pdu->scoped_ptr,
	    pdu->scoped_len) != 1 ||
	    EVP_DecryptFinal(&ctx, pdu->scoped_ptr + olen, &olen) != 1) {
		EVP_CIPHER_CTX_cleanup(&ctx);
		return (SNMP_CODE_EDECRYPT);
	}

	EVP_CIPHER_CTX_cleanup(&ctx);
	return (SNMP_CODE_OK);
}
CK_RV PKCS11_Encryption_OpenSSL::DecryptFinal(Cryptoki_Session_Context* pSessionCtx, CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen)
{
    OPENSSL_HEADER();

    OpenSSLEncryptData *pDec;
    
    if(pSessionCtx == NULL || pSessionCtx->DecryptionCtx == NULL) return CKR_SESSION_CLOSED;

    pDec = (OpenSSLEncryptData*)pSessionCtx->DecryptionCtx;

    if(pDec->IsSymmetric)
    {
        int outLen = *pulLastPartLen;
        
        OPENSSL_CHECKRESULT(EVP_DecryptFinal((EVP_CIPHER_CTX*)pDec->Key->ctx, pLastPart, &outLen));
        
        *pulLastPartLen = outLen;

        OPENSSL_CHECKRESULT(EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX*)pDec->Key->ctx));
    }
    else
    {
        EVP_PKEY_CTX_free((EVP_PKEY_CTX*)pDec->Key->ctx);
        
        *pulLastPartLen = 0;
    }

    OPENSSL_CLEANUP();

    TINYCLR_SSL_FREE(pDec);
    pSessionCtx->DecryptionCtx = NULL;

    OPENSSL_RETURN();
}    
Exemple #11
0
int Crypto::decrypt(unsigned char* input, int insize, unsigned char* output, int& outsize)
{
   if (-1 != m_iCoderType)
      return -1;

   unsigned char* ip = input;
   unsigned char* op = output;

   for (int ts = insize; ts > 0; )
   {
      int unitsize = (ts < g_iDecBlockSize) ? ts : g_iDecBlockSize;

      int len;
      if (EVP_DecryptUpdate(&m_CTX, op, &len, ip, unitsize) != 1)
      {
         printf("error in decrypt update\n");
         return 0;
      }

      ip += unitsize;
      op += len;

      if (EVP_DecryptFinal(&m_CTX, op, &len) != 1)
      {
         printf("error in decrypt final\n");
         return 0;
      }

      op += len;
      ts -= unitsize;
   }

   outsize = op - output;
   return 1;
}
Exemple #12
0
int data_decrypt(unsigned char *src, unsigned char *dst, int len, struct peer *p)
{
	int tlen, olen;

	if (encryption_disabled){
		memcpy(dst,src,len);
		return len;
	}
	
	if (!ctx_initialized) {
		EVP_CIPHER_CTX_init (&ctx);
		ctx_initialized = 1;
	}

	EVP_DecryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv);
	if (EVP_DecryptUpdate (&ctx, dst, &olen, src, len) != 1)
	{
		fprintf (stderr,"error in decrypt update\n");
		olen = -1;
		goto cleanup;
	}

	if (EVP_DecryptFinal (&ctx, dst + olen, &tlen) != 1)
	{
		fprintf (stderr,"error in decrypt final\n");
		olen = -1;
		goto cleanup;
	}
	olen += tlen;

cleanup:
	EVP_CIPHER_CTX_cleanup(&ctx);	
	return olen;
}
Exemple #13
0
/** Decrypt.
 * Do the decryption.
 * @return size of the plain text message.
 */
size_t
WorldInfoMessageDecryptor::decrypt()
{
  if ( (plain_buffer == NULL) || (plain_buffer_length == 0) ||
       (crypt_buffer == NULL) || (crypt_buffer_length == 0) ) {
    throw MissingParameterException("Buffer(s) not set for decryption");
  }

#ifdef HAVE_LIBCRYPTO
  EVP_CIPHER_CTX ctx;
  if ( ! EVP_DecryptInit(&ctx, EVP_aes_128_ecb(), key, iv) ) {
    throw MessageDecryptionException("Could not initialize cipher context");
  }

  int outl = plain_buffer_length;
  if ( ! EVP_DecryptUpdate(&ctx,
			   (unsigned char *)plain_buffer, &outl,
			   (unsigned char *)crypt_buffer, crypt_buffer_length) ) {
    throw MessageDecryptionException("DecryptUpdate failed");
  }

  int plen = 0;
  if ( ! EVP_DecryptFinal(&ctx, (unsigned char *)plain_buffer + outl, &plen) ) {
    throw MessageDecryptionException("DecryptFinal failed");
  }
  outl += plen;

  return outl;
#else
  // Plain-text copy-through for debugging.
  memcpy(plain_buffer, crypt_buffer, crypt_buffer_length);
  return crypt_buffer_length;
#endif
}
ndn_Error
ndn_AesAlgorithm_decrypt128Ecb
  (const uint8_t *key, size_t keyLength, const uint8_t *encryptedData,
   size_t encryptedDataLength, uint8_t *plainData, size_t *plainDataLength)
{
  EVP_CIPHER_CTX *ctx;
  int outLength1, outLength2;

  if (keyLength != ndn_AES_128_BLOCK_SIZE)
    return NDN_ERROR_Incorrect_key_size;

  ctx = EVP_CIPHER_CTX_new();
  if (!ctx)
    return NDN_ERROR_Error_in_decrypt_operation;

  EVP_DecryptInit(ctx, EVP_aes_128_ecb(), (const unsigned char*)key, 0);

  EVP_DecryptUpdate
    (ctx, (unsigned char*)plainData, &outLength1,
     (const unsigned char*)encryptedData, encryptedDataLength);
  EVP_DecryptFinal
    (ctx, (unsigned char*)plainData + outLength1, &outLength2);

  EVP_CIPHER_CTX_free(ctx);
  *plainDataLength = outLength1 + outLength2;

  return NDN_ERROR_success;
}
Exemple #15
0
/** 
 * @brief Performs basic Encrypt-then-MAC style Authenticated Encryption.
 *
 * @param[in] ekey            a buffer holding the ENC key
 * @param[in] ekey_len        len of ekey buffer
 * @param[in] mkey            a buffer holding the MAC key
 * @param[in] mkey_len        len of mkey buffer
 * @param[in] ctxt            a buffer holding the ciphertext
 * @param[in] ctxt_len        length of ciphertext
 * @param[in] mac             a buffer holding the MAC
 * @param[in] mac_len         length of MAC
 * @param[in] iv              an iv (optional)
 * @param[in] iv_len          length of iv (optional)
 * @param[out] output         an allocated buffer, will hold the plaintext
 * @param[in,out] output_len  length of buffer, will hold length of plaintext
 * @return 0 on success, non-zero on error
 **/
int verify_then_decrypt(const unsigned char *ekey, size_t ekey_len, 
                        const unsigned char *mkey, size_t mkey_len,
                        const unsigned char *ctxt, size_t ctxt_len,
                        const unsigned char *mac, size_t mac_len,
                        const unsigned char *iv, size_t iv_len,
                        unsigned char *output, size_t *output_len)
{
    EVP_CIPHER_CTX *ctx;
    ctx = EVP_CIPHER_CTX_new();
    EVP_CIPHER *cipher = NULL;
    unsigned char auth[EVP_MAX_MD_SIZE];
    size_t auth_len = EVP_MAX_MD_SIZE;
    int len;
    
    if (!ekey || !ekey_len || !mkey || !mkey_len || 
        !ctxt || !ctxt_len || !mac || !mac_len || !output || !output_len)
        return -1;
    
    OpenSSL_add_all_algorithms();
    memset(auth, 0, auth_len);

    // Verify the HMAC-SHA1
    if (!HMAC(EVP_sha1(), mkey, mkey_len, ctxt, ctxt_len, 
              auth, (unsigned int *) &auth_len))
        goto cleanup;
    if (auth_len != mac_len) goto cleanup;
    if (memcmp(mac, auth, mac_len) != 0) goto cleanup;

    EVP_CIPHER_CTX_init(ctx);
    switch(ekey_len){
        case 16:
            cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
            break;
        case 24:
            cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
            break;
        case 32:
            cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
            break;
        default:
            return -1;
    }
    if (*output_len < ctxt_len) goto cleanup;
    *output_len = 0;

    if (!EVP_DecryptInit(ctx, cipher, ekey, iv)) goto cleanup;
    if (!EVP_DecryptUpdate(ctx, output, (int *) output_len, 
                           ctxt, ctxt_len)) goto cleanup;
    EVP_DecryptFinal(ctx, output + *output_len, &len);
    *output_len += len;
    
    EVP_CIPHER_CTX_cleanup(ctx);
    return 0;
    
cleanup:
    *output_len = 0;
    return 1;
}
/*
 * This function decrypts a string after it has been received on a socket.
 * It performs previous checking on the format and may discard the 
 * message and return an error if the format mismatch. We can avoid a 
 * decryption if the format mismatches.
 * 
 * @return It returns the plaintext length or -1 if a generic error occured,
 * -2 if the format is not the one expected and 0 in case of disconnection.
 * It leaves the decrypted message in **plain ( which is allocated).
 */
int decrypt_msg(int sk, char format, unsigned char** plain, unsigned char* shared_secret)
{
	EVP_CIPHER_CTX* ctx;
	unsigned char iv[EVP_MAX_IV_LENGTH];
	unsigned int iv_len = EVP_MAX_IV_LENGTH;
	unsigned char* msg = NULL;//msg has to set free in this function
	unsigned int msg_len;
	char recv_format;
	int outlen, outtot = 0, ret;
	*plain = NULL;
	ctx = (EVP_CIPHER_CTX*)calloc(1, sizeof(EVP_CIPHER_CTX));
	EVP_CIPHER_CTX_init(ctx);
	
	if ((msg_len = recv_msg(sk, &msg, &recv_format)) <= 0) {
		ret = msg_len;
		goto fail;
	}
	
	if (recv_format != format) {
		ret = -2;
		goto fail;
	}
	
	*plain = (unsigned char*)calloc(1, msg_len - iv_len);
	memcpy(iv, msg, iv_len);
	if (EVP_DecryptInit(ctx, EVP_aes_256_cbc(), shared_secret, iv) == 0) {
		ret = -1;
		goto fail;
	}
	if (EVP_DecryptUpdate(ctx, *plain, &outlen, msg + iv_len, msg_len - iv_len) == 0) {
		ret = -1;
		goto fail;
	}
	outtot = outlen;
	if (EVP_DecryptFinal(ctx, *plain + outtot, &outlen) == 0) {
		ret = -1;
		goto fail;
	}
	outtot += outlen;
	
	EVP_CIPHER_CTX_cleanup(ctx);
	free(ctx);
	free(msg);
	return outtot;
	
fail:	EVP_CIPHER_CTX_cleanup(ctx);
	free(ctx);
	if (*plain != NULL) {
		free(*plain);
	}
	if (msg != NULL) {
		free(msg);
	}
	return ret;
	
}
Exemple #17
0
soter_status_t soter_sym_aead_ctx_final(soter_sym_ctx_t *ctx,bool encrypt){
  uint8_t out_data[16];
  size_t out_data_length=0;
  if(encrypt){
    SOTER_CHECK(EVP_EncryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)&out_data_length)!=0 && out_data_length==0);
  } else {
    SOTER_CHECK(EVP_DecryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)&out_data_length)!=0 && out_data_length==0);
  }    
  return SOTER_SUCCESS;
}
Exemple #18
0
static void sl_decrypt (void){
  /* input types */
  char *ctype;
  unsigned char *outbuf, *iiv, *ikey, *idata;
  SLang_BString_Type *iv, *key, *data;
  /* internal types */
  EVP_CIPHER_CTX ctx;
  const EVP_CIPHER *cipher;
  int outlen, tmplen, dlen, i;
  /* output types */
  SLang_BString_Type *output;

  if (SLang_Num_Function_Args != 4 ||
      SLang_pop_slstring(&ctype) == -1 ){
    return; }

  cipher = EVP_get_cipherbyname(ctype);
  if (!cipher){
    SLang_verror(SL_UNDEFINED_NAME,"could not find cipher %s",ctype);
    return;
  }
  
  if (SLang_pop_bstring(&iv) == -1 ||
      SLang_pop_bstring(&key) == -1 ||
      SLang_pop_bstring(&data) == -1 ){
    return; }

  iiv = SLbstring_get_pointer (iv,&i);
  ikey = SLbstring_get_pointer (key,&i);
  idata = SLbstring_get_pointer (data,&dlen);

  outbuf = (char*)malloc(dlen+EVP_CIPHER_block_size(cipher));

  EVP_CIPHER_CTX_init(&ctx);
  EVP_DecryptInit_ex(&ctx, cipher, NULL, ikey, iiv);
  
  if (!EVP_DecryptUpdate(&ctx, outbuf, &outlen, idata, dlen)){
    return; /*emit an error here*/
  }
  if (!EVP_DecryptFinal(&ctx, outbuf + outlen, &tmplen)){
    return; /*emit an error here*/
  }
  outlen+=tmplen;

  output = SLbstring_create (outbuf, outlen);
  
  SLang_push_bstring(output);
  SLbstring_free(output);
  SLbstring_free(data);
  SLbstring_free(key);
  SLbstring_free(iv);
  free(outbuf);
}
Exemple #19
0
int main(void) {
 
  unsigned char ot[1024];  // open text
  unsigned char st[1024];  // sifrovany text
  unsigned char key[EVP_MAX_KEY_LENGTH] = "Super tajny klic";  // klic pro sifrovani
  unsigned char iv[EVP_MAX_IV_LENGTH] = "vector unknown";  // inicializacni vektor
  const char * filename = "Mad_scientist_cbc.bmp";
  const char * outfilename = "Mad_scientist_cbc_dec.bmp";

  int otLength = 0;
  int stLength = 0;
  int tmpLength = 0;
  int readlen = 0;
  char header[14];
  unsigned int offset = 0;
 
  EVP_CIPHER_CTX ctx; // struktura pro kontext
 
	FILE * fin = fopen(filename,"rb");
	FILE * fout = fopen(outfilename,"w+b");
	if(!fin){
		printf("File not found");
	}

	fread(header,1,14,fin);
	fwrite(header,1,14,fout);
	offset = (unsigned int)*(&header[10]);
	offset -= 14;

	while(offset > 1024){
		fread(ot,1,1024,fin);
		fwrite(ot,1,1024,fout);
		offset -= 1024;
	}
	fread(ot,1,offset,fin);
	fwrite(ot,1,offset,fout);
	

 EVP_DecryptInit(&ctx, EVP_des_cbc(), key, iv);  // nastaveni kontextu pro sifrovani
  do{
	  readlen = fread(ot,1,1024,fin);
	  EVP_DecryptUpdate(&ctx,  st, &stLength, ot, readlen);  // sifrovani ot
	  fwrite(st,1,stLength,fout);
  }while(readlen == 1024);
  
  EVP_DecryptFinal(&ctx, &st[stLength], &tmpLength);  // ziskani sifrovaneho textu z kontextu
  fwrite(&st[stLength],1,tmpLength,fout);
  stLength += tmpLength;

  fclose(fin);
  fclose(fout);
  exit(0);
 }
int decrypt_and_verify_secrets(CPOR_key *key, unsigned char *input, size_t input_len, unsigned char *plaintext, size_t *plaintext_len, unsigned char *authenticator, size_t authenticator_len) {

    EVP_CIPHER_CTX ctx;
    EVP_CIPHER *cipher = NULL;
    unsigned char mac[EVP_MAX_MD_SIZE];
    size_t mac_size = EVP_MAX_MD_SIZE;
    int len;

    if(!key || !key->k_enc || !key->k_mac || !input || !input_len || !plaintext || !plaintext_len || !authenticator || !authenticator_len) return 0;

    OpenSSL_add_all_algorithms();
    memset(mac, 0, mac_size);

    /* Verify the HMAC-SHA1 */
    if(!HMAC(EVP_sha1(), key->k_mac, key->k_mac_size, input, input_len, mac, (unsigned int *)&mac_size)) goto cleanup;
    if(authenticator_len != mac_size) goto cleanup;
    if(memcmp(mac, authenticator, mac_size) != 0) goto cleanup;


    EVP_CIPHER_CTX_init(&ctx);
    switch(key->k_enc_size) {
    case 16:
        cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
        break;
    case 24:
        cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
        break;
    case 32:
        cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
        break;
    default:
        return 0;
    }
    if(!EVP_DecryptInit(&ctx, cipher, key->k_enc, NULL)) goto cleanup;

    *plaintext_len = 0;

    if(!EVP_DecryptUpdate(&ctx, plaintext, (int *)plaintext_len, input, input_len)) goto cleanup;
    EVP_DecryptFinal(&ctx, plaintext + *plaintext_len, &len);

    *plaintext_len += len;

    EVP_CIPHER_CTX_cleanup(&ctx);

    return 1;

cleanup:
    *plaintext_len = 0;

    return 0;

}
Exemple #21
0
void pki_evp::veryOldFromData(unsigned char *p, int size )
{
	unsigned char *sik, *pdec, *pdec1, *sik1;
	int outl, decsize;
	unsigned char iv[EVP_MAX_IV_LENGTH];
	unsigned char ckey[EVP_MAX_KEY_LENGTH];
	memset(iv, 0, EVP_MAX_IV_LENGTH);
	RSA *rsakey;
	EVP_CIPHER_CTX ctx;
	const EVP_CIPHER *cipher = EVP_des_ede3_cbc();
	sik = (unsigned char *)OPENSSL_malloc(size);
	check_oom(sik);
	pki_openssl_error();
	pdec = (unsigned char *)OPENSSL_malloc(size);
	if (pdec == NULL ) {
		OPENSSL_free(sik);
		check_oom(pdec);
	}
	pdec1=pdec;
	sik1=sik;
	memcpy(iv, p, 8); /* recover the iv */
	/* generate the key */
	EVP_BytesToKey(cipher, EVP_sha1(), iv, (unsigned char *)oldpasswd,
		strlen(oldpasswd), 1, ckey,NULL);
	/* we use sha1 as message digest,
	 * because an md5 version of the password is
	 * stored in the database...
	 */
	EVP_CIPHER_CTX_init (&ctx);
	EVP_DecryptInit( &ctx, cipher, ckey, iv);
	EVP_DecryptUpdate( &ctx, pdec , &outl, p + 8, size -8 );
	decsize = outl;
	EVP_DecryptFinal( &ctx, pdec + decsize , &outl );
	decsize += outl;
	pki_openssl_error();
	memcpy(sik, pdec, decsize);
	if (key->type == EVP_PKEY_RSA) {
		rsakey=d2i_RSAPrivateKey(NULL,(const unsigned char **)&pdec, decsize);
		if (pki_ign_openssl_error()) {
			rsakey = d2i_RSA_PUBKEY(NULL, (const unsigned char **)&sik, decsize);
		}
		pki_openssl_error();
		if (rsakey) EVP_PKEY_assign_RSA(key, rsakey);
	}
	OPENSSL_free(sik1);
	OPENSSL_free(pdec1);
	EVP_CIPHER_CTX_cleanup(&ctx);
	pki_openssl_error();
	encryptKey();
}
Exemple #22
0
char* decryptToArray(FILE *ifp,char ckey[], char ivec[]) {

    fseek(ifp, 0L, SEEK_END); int fsize = ftell(ifp);

    fseek(ifp, 0L, SEEK_SET);

    int outLen1 = 0; int outLen2 = 0; unsigned char *indata = malloc(fsize);
    unsigned char *outdata = malloc(fsize);

    fread(indata,sizeof(char),fsize, ifp);//Read Entire File

    EVP_CIPHER_CTX ctx; EVP_DecryptInit(&ctx,EVP_aes_128_cbc(),ckey,ivec);
    EVP_DecryptUpdate(&ctx,outdata,&outLen1,indata,fsize);
    EVP_DecryptFinal(&ctx,outdata + outLen1,&outLen2);
    return(outdata); }
QByteArray JulyAES256::decrypt(const QByteArray &data, const QByteArray &password)
{
	int outLen=0;
	QByteArray dataBuff;dataBuff.resize(data.size()+AES_BLOCK_SIZE);
	EVP_CIPHER_CTX evpCipherCtx;
	EVP_CIPHER_CTX_init(&evpCipherCtx);
	EVP_DecryptInit(&evpCipherCtx,EVP_aes_256_cbc(),(const unsigned char*)sha256(password).data(),(const unsigned char*)sha256("JulyAES"+password).data());
	EVP_DecryptUpdate(&evpCipherCtx,(unsigned char*)dataBuff.data(),&outLen,(const unsigned char*)data.data(),data.size());
	int tempLen=outLen;
	EVP_DecryptFinal(&evpCipherCtx,(unsigned char*)dataBuff.data()+tempLen,&outLen);
	tempLen+=outLen;
	EVP_CIPHER_CTX_cleanup(&evpCipherCtx);
	dataBuff.resize(tempLen);
	return dataBuff;
}
Exemple #24
0
bool Decrypt(const wxString &sText, wxString &sDecryptText)
{

	GByte *pabyKey = GetKey();
	GByte *pabyIV = GetIV();

	EVP_CIPHER_CTX* ctx = CreateCTX(pabyKey, pabyIV, true);
	if(!ctx)
	{
		wxLogError(_("Decrypt: Failed EVP_DecryptInit!"));
		CPLFree( pabyKey );
		CPLFree( pabyIV );
		return false;
	}

	int nTextBytes;
	GByte *pabyText = CPLHexToBinary( sText.mb_str(wxConvUTF8), &nTextBytes );

	int outlen;
	unsigned char outbuf[BUFSIZE];

	bool bResult = EVP_DecryptUpdate(ctx, outbuf, &outlen, pabyText, nTextBytes);
	if(!bResult)
	{
		wxLogError(_("Decrypt: Failed EVP_DecryptUpdate!"));
		CPLFree( pabyKey );
		CPLFree( pabyIV );
		CPLFree( pabyText );
		return bResult;
	}

	int nLen = outlen;
	bResult = EVP_DecryptFinal(ctx, &outbuf[outlen], &outlen);
	nLen += outlen;
	outbuf[nLen] = 0;

	CPLString szCryptText((const char*)outbuf);
	sDecryptText = wxString(szCryptText, wxConvUTF8);

	CPLFree( pabyKey );
	CPLFree( pabyIV );
	CPLFree( pabyText );

	EVP_CIPHER_CTX_cleanup(ctx);
	//EVP_CIPHER_CTX_free(ctx);

	return bResult;
}
Exemple #25
0
void *
CGI_decrypt(const char *p, int *len, const char *password) {
    EVP_CIPHER_CTX ctx;
    unsigned char md[DIGEST_SIZE];
    unsigned char iv[EVP_MAX_IV_LENGTH];
    unsigned char key[EVP_MAX_KEY_LENGTH];
    unsigned char *ret, *out;
    int offset, rlen = 0;

    if (p == 0 || *p == 0 || password == 0 || *password == 0) {
        return 0;
    }
    ret = CGI_decode_base64(p, &rlen);
    if (rlen <= DIGEST_SIZE + SALT_SIZE) {
        free(ret);
        return 0;
    }
    out = malloc(rlen + EVP_MAX_BLOCK_LENGTH);
    EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), ret,
        (unsigned char *) password, strlen(password), 1, key, iv);
    EVP_DecryptInit(&ctx, EVP_aes_256_cbc(), key, iv);
    EVP_DecryptUpdate(&ctx, out, &offset, ret + SALT_SIZE,
        rlen - SALT_SIZE);
    EVP_DecryptFinal(&ctx, out + offset, &rlen);
    rlen += offset - DIGEST_SIZE;

    /*
     * The salt is in ret, the decrypted digest and decrypted
     * data are in out, and the data length is rlen.
     */

    if (rlen > 0) {
        digest(out + DIGEST_SIZE, rlen, password, ret, md);
    }
    if (rlen > 0 && memcmp(out, md, DIGEST_SIZE) == 0) {
        memcpy(ret, out + DIGEST_SIZE, rlen);
        ret[rlen] = 0;
        if (len != 0) {
            *len = rlen;
        }
    }
    else {
        free(ret);
        ret = 0;
    }
    free(out);
    return ret;
}
Exemple #26
0
soter_status_t soter_sym_ctx_final(soter_sym_ctx_t *ctx,
				   void* out_data,
				   size_t* out_data_length,
				   bool encrypt){
  if((ctx->alg&SOTER_SYM_PADDING_MASK)!=0){
    if((*out_data_length)<EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx))){
      (*out_data_length)=EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx));
      return SOTER_BUFFER_TOO_SMALL;
    }
  }
  if(encrypt){
    SOTER_CHECK(EVP_EncryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)out_data_length)!=0);
  } else {
    SOTER_CHECK(EVP_DecryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)out_data_length)!=0);
  }    
  return SOTER_SUCCESS;
}
Exemple #27
0
string Sym_Encryption::generic_decrypt(unsigned char* k,
                                       unsigned char* cipher, int msg_ll, string iv)
{
    unsigned char* plaintext;
    int nc;
    string str;

    plaintext = (unsigned char*)malloc(msg_ll);
    bzero(plaintext, msg_ll);

    EVP_DecryptInit(this->ctx, EVP_aes_128_cbc(), k, (unsigned char*)iv.data());
    EVP_DecryptUpdate(this->ctx, plaintext, &nc, cipher, msg_ll);
    EVP_DecryptFinal(this->ctx, plaintext, &nc);

    str.assign((const char *)plaintext, msg_ll);
    free (plaintext);
    return str;
}
Exemple #28
0
int decrypt_file(const char *path, const char *fileName, unsigned char *key) {
	int outlen, inlen;
	
	FILE *file, *temp;
	file = fopen(fileName,"r+b");
	if(file == NULL) {
		return -2;
	}
	char tempName[PATH_SIZE];
	cnct(path,"TemP.TemP",tempName);
	temp = fopen(tempName,"wb");

	unsigned char iv[8] = "DAJ-7l2"; /* вектор инициализации */ 
	unsigned char inbuf[BUF_SIZE], outbuf[BUF_SIZE]; 
	EVP_CIPHER_CTX ctx;
	const EVP_CIPHER * cipher;

	EVP_CIPHER_CTX_init(&ctx);
	cipher = EVP_bf_cbc();

	EVP_DecryptInit(&ctx, cipher, key, iv);

	while(1) {
		inlen = fread(inbuf, 1, BUF_SIZE, file);
		if(inlen <= 0) break;
		if(!EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
			return 1;
		fwrite(outbuf, 1, outlen, temp);
	}

	if(!EVP_DecryptFinal(&ctx, outbuf, &outlen)) 
		return 1; 
	fwrite(outbuf, 1, outlen, temp); 
	EVP_CIPHER_CTX_cleanup(&ctx);

	fclose(file);
	fclose(temp);

	remove(fileName);
	rename(tempName,fileName);
	
	return 0;
}
Exemple #29
0
/** Decrypt a buffer.
 * @param cipher cipher ID
 * @param enc encrypted buffer
 * @param enc_size number of bytes in @p enc
 * @param plain on return contains plain text data
 * @param plain_size size in bytes of @p plain
 * @return number of bytes that were in the encrypted buffer (this can be shorter if the data
 * did not exactly fit the AES block size.
 */
size_t
BufferDecryptor::decrypt(int cipher, const void *enc, size_t enc_size, void *plain, size_t plain_size)
{
#ifdef HAVE_LIBCRYPTO
  if (keys_.find(cipher) == keys_.end()) {
    generate_key(cipher);
  }

  const EVP_CIPHER *evp_cipher = cipher_by_id(cipher);

  const size_t iv_size = EVP_CIPHER_iv_length(evp_cipher);
  const unsigned char *iv = (const unsigned char *)enc;
  unsigned char *enc_m = (unsigned char *)enc + iv_size;
  enc_size -= iv_size;

  EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
  if ( ! EVP_DecryptInit(ctx, evp_cipher, (const unsigned char *)keys_[cipher].c_str(), iv))
  {
    EVP_CIPHER_CTX_free(ctx);
    throw std::runtime_error("Could not initialize cipher context");
  }

  int outl = plain_size;
  if ( ! EVP_DecryptUpdate(ctx,
			   (unsigned char *)plain, &outl, enc_m, enc_size))
  {
    EVP_CIPHER_CTX_free(ctx);
    throw std::runtime_error("DecryptUpdate failed");
  }

  int plen = 0;
  if ( ! EVP_DecryptFinal(ctx, (unsigned char *)plain + outl, &plen) ) {
    EVP_CIPHER_CTX_free(ctx);
    throw std::runtime_error("DecryptFinal failed");
  }
  outl += plen;

  EVP_CIPHER_CTX_free(ctx);
  return outl;
#else
  throw std::runtime_error("Decryption support not available");
#endif
}
int spider_decrypt(void) {
	unsigned char outbuf[LOG_MAX];
	int olen,tlen,n;
	char inbuff[LOG_MAX + EVP_MAX_BLOCK_LENGTH];
	char baz[LOG_MAX + EVP_MAX_BLOCK_LENGTH];
	EVP_CIPHER_CTX ctx;
	int i;

	// hmmm.  how are we going to chop this back into lines and populate
	// the log array?

	if (logfp) {
		fclose(logfp);
	}

	logfp = fopen(LogPath, "rb");

	if (logfp == NULL) {
		fprintf(stderr, "logfp: %s\n", strerror(errno));
		exit(1);
	}

	EVP_CIPHER_CTX_init(&ctx);

	EVP_DecryptInit(&ctx, EVP_bf_cbc(), KEY, IV);

	while ((n = fread(inbuff, 1, LOG_MAX + EVP_MAX_BLOCK_LENGTH, logfp)) > 0) {
		if (EVP_DecryptUpdate(&ctx, outbuf, &olen, inbuff, n) != 1) {
			return 0;
		}
		snprintf(baz, olen+1, "%s", outbuf);
		bzero(&inbuff, LOG_MAX + EVP_MAX_BLOCK_LENGTH);
	}

	if ((i = EVP_DecryptFinal(&ctx, outbuf+olen, &tlen)) != 1) {
		return 0;
	}
	bzero(baz, sizeof(baz));
	snprintf(baz, tlen+1, "%s", outbuf+olen);
	printf("%s", baz);
	EVP_CIPHER_CTX_cleanup(&ctx);
	return 1;
}