bool Crypto::checkAlgorithms() { if (gcry_cipher_algo_info(GCRY_CIPHER_AES256, GCRYCTL_TEST_ALGO, nullptr, nullptr) != 0) { m_errorStr = "GCRY_CIPHER_AES256 not found."; qWarning("Crypto::checkAlgorithms: %s", qPrintable(m_errorStr)); return false; } if (gcry_cipher_algo_info(GCRY_CIPHER_TWOFISH, GCRYCTL_TEST_ALGO, nullptr, nullptr) != 0) { m_errorStr = "GCRY_CIPHER_TWOFISH not found."; qWarning("Crypto::checkAlgorithms: %s", qPrintable(m_errorStr)); return false; } if (gcry_cipher_algo_info(GCRY_CIPHER_SALSA20, GCRYCTL_TEST_ALGO, nullptr, nullptr) != 0) { m_errorStr = "GCRY_CIPHER_SALSA20 not found."; qWarning("Crypto::checkAlgorithms: %s", qPrintable(m_errorStr)); return false; } if (gcry_md_test_algo(GCRY_MD_SHA256) != 0) { m_errorStr = "GCRY_MD_SHA256 not found."; qWarning("Crypto::checkAlgorithms: %s", qPrintable(m_errorStr)); return false; } return true; }
int real_crypto(My_crypto* obj, const unsigned char key[], const unsigned key_len, const unsigned char input[], const unsigned in_len, unsigned char output[], int choose) //choose == 1 enc, == 2 dec { int cipher = obj->_cipher; //fprintf(stderr, "cipher=%i\n", cipher); guint* real_keylen = g_new0(guint, 1); gcry_cipher_algo_info(cipher, GCRYCTL_GET_KEYLEN, NULL, real_keylen); //fprintf(stderr, "real_keylen=%i\n", *real_keylen); gchar* real_key = g_new0(gchar, *real_keylen); int i; for (i = 0; i < *real_keylen; i++) real_key[i] = key[i % key_len]; if (gcry_cipher_setkey(obj->_cipherhd, real_key, *real_keylen) != GPG_ERR_NO_ERROR) { gcry_cipher_close(obj->_cipherhd); obj->_cipherhd = NULL; } unsigned int blocksize; gcry_cipher_algo_info(obj->_cipher, GCRYCTL_GET_BLKLEN, NULL, &blocksize); //guchar* salts = g_malloc0( 1 * blocksize); //gcry_cipher_setiv(cipherhd, salts, blocksize); //gcry_cipher_encrypt(cipherhd, salts, 1 * blocksize, NULL, 0); //fprintf(stderr, "salts = %s\n", salts); gchar* iv = g_new0(gchar, blocksize); memset(iv, 0, blocksize); gcry_cipher_setiv(obj->_cipherhd, iv, blocksize); unsigned out_len = in_len; //fprintf(stderr, "in_len=%i\n", in_len); //fprintf(stderr, "choose=%i\n", choose); if(choose==1) gcry_cipher_encrypt(obj->_cipherhd, output, out_len, input, in_len); else if(choose==2) gcry_cipher_decrypt(obj->_cipherhd, output, out_len, input, in_len); *real_keylen = 0; g_free(real_keylen); memset(real_key, 0, *real_keylen); g_free(real_key); memset(iv, 0, blocksize); g_free(iv); return 0; }
/** \brief return the key length */ size_t skey_ciph_t::get_key_len() const throw() { size_t key_len; // get the block length if( gcry_cipher_algo_info( get_gcry_cipher_algo(), GCRYCTL_GET_KEYLEN, NULL, &key_len ) ) DBG_ASSERT( 0 ); return key_len; }
/* This functions returns the blocklength of the algorithm ALGO counted in octets. On error 0 is returned. This is a convenience functions which should be preferred over gcry_cipher_algo_info because it allows for proper type checking. */ size_t gcry_cipher_get_algo_blklen (int algo) { size_t n; if (gcry_cipher_algo_info( algo, GCRYCTL_GET_BLKLEN, NULL, &n)) n = 0; return n; }
void SymmetricCipherGcrypt::init() { gcry_error_t error; error = gcry_cipher_open(&m_ctx, m_algo, m_mode, 0); Q_ASSERT(error == 0); // TODO: real error checking size_t blockSizeT; error = gcry_cipher_algo_info(m_algo, GCRYCTL_GET_BLKLEN, Q_NULLPTR, &blockSizeT); Q_ASSERT(error == 0); m_blockSize = blockSizeT; }
SymmetricCipherGcrypt::SymmetricCipherGcrypt(SymmetricCipher::Algorithm algo, SymmetricCipher::Mode mode, SymmetricCipher::Direction direction) : m_algo(gcryptAlgo(algo)) , m_mode(gcryptMode(mode)) , m_direction(direction) , m_blockSize(-1) { Q_ASSERT(Crypto::initalized()); gcry_error_t error; error = gcry_cipher_open(&m_ctx, m_algo, m_mode, 0); Q_ASSERT(error == 0); // TODO: real error checking size_t blockSizeT; error = gcry_cipher_algo_info(m_algo, GCRYCTL_GET_BLKLEN, Q_NULLPTR, &blockSizeT); Q_ASSERT(error == 0); m_blockSize = blockSizeT; }
static gcry_cipher_hd_t prepare_and_encode_pkcs8_cipher (GNode *asn, const gchar *password, gsize n_password, gsize *n_block) { GNode *asn1_params = NULL; gcry_cipher_hd_t cih; guchar salt[8]; gcry_error_t gcry; guchar *key, *iv, *portion; gsize n_key, n_portion; int iterations; init_quarks (); /* Make sure the encryption algorithm works */ g_return_val_if_fail (gcry_cipher_algo_info (OID_PKCS12_PBE_3DES_SHA1, GCRYCTL_TEST_ALGO, NULL, 0), NULL); /* The encryption algorithm */ if(!egg_asn1x_set_oid_as_quark (egg_asn1x_node (asn, "encryptionAlgorithm", "algorithm", NULL), OID_PKCS12_PBE_3DES_SHA1)) g_return_val_if_reached (NULL); /* Randomize some input for the password based secret */ iterations = 1000 + (int) (1000.0 * rand () / (RAND_MAX + 1.0)); gcry_create_nonce (salt, sizeof (salt)); /* Allocate space for the key and iv */ n_key = gcry_cipher_get_algo_keylen (GCRY_CIPHER_3DES); *n_block = gcry_cipher_get_algo_blklen (GCRY_MD_SHA1); g_return_val_if_fail (n_key && *n_block, NULL); if (!egg_symkey_generate_pkcs12 (GCRY_CIPHER_3DES, GCRY_MD_SHA1, password, n_password, salt, sizeof (salt), iterations, &key, &iv)) g_return_val_if_reached (NULL); /* Now write out the parameters */ asn1_params = egg_asn1x_create (pkix_asn1_tab, "pkcs-12-PbeParams"); g_return_val_if_fail (asn1_params, NULL); if (!egg_asn1x_set_string_as_raw (egg_asn1x_node (asn1_params, "salt", NULL), salt, sizeof (salt), NULL)) g_return_val_if_reached (NULL); if (!egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn1_params, "iterations", NULL), iterations)) g_return_val_if_reached (NULL); portion = egg_asn1x_encode (asn1_params, NULL, &n_portion); if (portion == NULL) { g_warning ("couldn't encode pkcs8 params key: %s", egg_asn1x_message (asn1_params)); g_return_val_if_reached (NULL); } if (!egg_asn1x_set_raw_element (egg_asn1x_node (asn, "encryptionAlgorithm", "parameters", NULL), portion, n_portion, g_free)) g_return_val_if_reached (NULL); /* Now make a cipher that matches what we wrote out */ gcry = gcry_cipher_open (&cih, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0); g_return_val_if_fail (gcry == 0, NULL); g_return_val_if_fail (cih, NULL); gcry_cipher_setiv (cih, iv, *n_block); gcry_cipher_setkey (cih, key, n_key); g_free (iv); egg_secure_free (key); egg_asn1x_destroy (asn1_params); return cih; }
static gcry_cipher_hd_t prepare_and_encode_pkcs8_cipher (GNode *asn, const gchar *password, gsize n_password, gsize *n_block) { GNode *asn1_params = NULL; gcry_cipher_hd_t cih; guchar *salt; gsize n_salt; gcry_error_t gcry; guchar *key, *iv; gsize n_key; int iterations; init_quarks (); /* Make sure the encryption algorithm works */ g_return_val_if_fail (gcry_cipher_algo_info (gcry_cipher_map_name (g_quark_to_string (OID_PKCS12_PBE_3DES_SHA1)), GCRYCTL_TEST_ALGO, NULL, 0) == 0, NULL); /* The encryption algorithm */ if(!egg_asn1x_set_oid_as_quark (egg_asn1x_node (asn, "encryptionAlgorithm", "algorithm", NULL), OID_PKCS12_PBE_3DES_SHA1)) g_return_val_if_reached (NULL); /* Randomize some input for the password based secret */ iterations = g_random_int_range (1000, 4096); n_salt = 8; salt = g_malloc (n_salt); gcry_create_nonce (salt, n_salt); /* Allocate space for the key and iv */ n_key = gcry_cipher_get_algo_keylen (GCRY_CIPHER_3DES); *n_block = gcry_cipher_get_algo_blklen (GCRY_MD_SHA1); g_return_val_if_fail (n_key && *n_block, NULL); if (!egg_symkey_generate_pkcs12 (GCRY_CIPHER_3DES, GCRY_MD_SHA1, password, n_password, salt, sizeof (salt), iterations, &key, &iv)) g_return_val_if_reached (NULL); /* Now write out the parameters */ asn1_params = egg_asn1x_create (pkix_asn1_tab, "pkcs-12-PbeParams"); g_return_val_if_fail (asn1_params, NULL); egg_asn1x_set_string_as_raw (egg_asn1x_node (asn1_params, "salt", NULL), salt, n_salt, g_free); egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn1_params, "iterations", NULL), iterations); egg_asn1x_set_any_from (egg_asn1x_node (asn, "encryptionAlgorithm", "parameters", NULL), asn1_params); /* Now make a cipher that matches what we wrote out */ gcry = gcry_cipher_open (&cih, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0); g_return_val_if_fail (gcry == 0, NULL); g_return_val_if_fail (cih, NULL); gcry_cipher_setiv (cih, iv, *n_block); gcry_cipher_setkey (cih, key, n_key); g_free (iv); egg_secure_free (key); egg_asn1x_destroy (asn1_params); return cih; }