void cmd_start_crypt_in(struct ctrl_command *cmd)
{
#ifdef HAVE_LIBCRYPTO
if (in_state.crypt)
send_error("can't start decryption - already started!");
if (!in_state.crypt_state.cipher)
send_error("can't start decryption - no cipher set!");
if (!in_state.crypt_state.key)
send_error("can't start decryption - no key set!");
in_state.crypt = 1;
if (!EVP_DecryptInit(&in_state.crypt_state.ctx,
in_state.crypt_state.cipher, NULL, NULL))
send_error("can't start decryption - DecryptInit (1) failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
/*
* XXX - ugly hack to work around OpenSSL bug
* if/when OpenSSL fix it, or give proper workaround
* use that, and force minimum OpenSSL version
*
* Without this hack, BF/256 will fail.
*/
/* cast to avoid warning */
*(unsigned int *)( &in_state.crypt_state.ctx.cipher->flags)
|= EVP_CIPH_VARIABLE_LENGTH;
if (!EVP_CIPHER_CTX_set_key_length(&in_state.crypt_state.ctx,
in_state.crypt_state.keylen))
send_error("can't start decryption - set_key_length failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
in_state.crypt_state.ivlen =
EVP_CIPHER_CTX_iv_length(&in_state.crypt_state.ctx);
if (in_state.crypt_state.ivlen)
in_state.crypt_state.iv = calloc(in_state.crypt_state.ivlen, 1);
if (in_state.crypt_state.rounds)
{
if (!EVP_CIPHER_CTX_ctrl(&in_state.crypt_state.ctx,
EVP_CTRL_SET_RC5_ROUNDS,
in_state.crypt_state.rounds,
NULL))
send_error("can't start decryption - SET_RC5_ROUNDS failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
}
if (!EVP_DecryptInit(&in_state.crypt_state.ctx,
NULL,
in_state.crypt_state.key,
in_state.crypt_state.iv))
send_error("can't start decryption - DecryptInit (2) failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
#else
send_error("can't start decryption - no OpenSSL support!");
#endif
}
void
cmd_start_crypt_in(struct ctrl_command *cmd)
{
#ifdef HAVE_LIBCRYPTO
if (in_state.crypt)
send_error("can't start decryption - already started!");
if (!in_state.crypt_state.cipher)
send_error("can't start decryption - no cipher set!");
if (!in_state.crypt_state.key)
send_error("can't start decryption - no key set!");
in_state.crypt = 1;
if (!EVP_DecryptInit(&in_state.crypt_state.ctx,
in_state.crypt_state.cipher, NULL, NULL))
send_error("can't start decryption - DecryptInit (1) failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
if (!EVP_CIPHER_CTX_set_key_length(&in_state.crypt_state.ctx,
in_state.crypt_state.keylen))
send_error("can't start decryption - set_key_length failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
in_state.crypt_state.ivlen =
EVP_CIPHER_CTX_iv_length(&in_state.crypt_state.ctx);
if (in_state.crypt_state.ivlen)
in_state.crypt_state.iv = calloc(in_state.crypt_state.ivlen, 1);
if (in_state.crypt_state.rounds)
{
if (!EVP_CIPHER_CTX_ctrl(&in_state.crypt_state.ctx,
EVP_CTRL_SET_RC5_ROUNDS,
in_state.crypt_state.rounds,
NULL))
send_error("can't start decryption - SET_RC5_ROUNDS failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
}
if (!EVP_DecryptInit(&in_state.crypt_state.ctx,
NULL,
in_state.crypt_state.key,
in_state.crypt_state.iv))
send_error("can't start decryption - DecryptInit (2) failed: %s!",
ERR_error_string(ERR_get_error(), NULL));
#else
send_error("can't start decryption - no OpenSSL support!");
#endif
}
wi_cipher_t * wi_cipher_init_with_key(wi_cipher_t *cipher, wi_cipher_type_t type, wi_data_t *key, wi_data_t *iv) {
unsigned char *key_buffer, *iv_buffer;
cipher->type = type;
cipher->cipher = _wi_cipher_cipher(cipher);
key_buffer = (unsigned char *) wi_data_bytes(key);
iv_buffer = iv ? (unsigned char *) wi_data_bytes(iv) : NULL;
if(EVP_EncryptInit(&cipher->encrypt_ctx, cipher->cipher, NULL, NULL) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
if(EVP_DecryptInit(&cipher->decrypt_ctx, cipher->cipher, NULL, NULL) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
_wi_cipher_configure_cipher(cipher);
if(EVP_EncryptInit(&cipher->encrypt_ctx, cipher->cipher, key_buffer, iv_buffer) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
if(EVP_DecryptInit(&cipher->decrypt_ctx, cipher->cipher, key_buffer, iv_buffer) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
cipher->key = wi_retain(key);
cipher->iv = wi_retain(iv);
return cipher;
}
ndn_Error
ndn_AesAlgorithm_decrypt128Cbc
(const uint8_t *key, size_t keyLength, const uint8_t *initialVector,
size_t initialVectorLength, const uint8_t *encryptedData,
size_t encryptedDataLength, uint8_t *plainData, size_t *plainDataLength)
{
EVP_CIPHER_CTX ctx;
int outLength1, outLength2;
if (keyLength != ndn_AES_128_BLOCK_SIZE)
return NDN_ERROR_Incorrect_key_size;
if (initialVectorLength != ndn_AES_128_BLOCK_SIZE)
return NDN_ERROR_Incorrect_initial_vector_size;
EVP_DecryptInit
(&ctx, EVP_aes_128_cbc(), (const unsigned char*)key,
(const unsigned char*)initialVector);
EVP_DecryptUpdate
(&ctx, (unsigned char*)plainData, &outLength1,
(const unsigned char*)encryptedData, encryptedDataLength);
EVP_DecryptFinal
(&ctx, (unsigned char*)plainData + outLength1, &outLength2);
EVP_CIPHER_CTX_cleanup(&ctx);
*plainDataLength = outLength1 + outLength2;
return NDN_ERROR_success;
}
std::string decrypt_aes256(const std::string& cipher,const std::string& key,const std::string& iv)
{
std::string plain;
plain.resize((cipher.size()/AES_BLOCK_SIZE+1)*AES_BLOCK_SIZE);
EVP_CIPHER_CTX* ctx=nullptr;
try
{
std::string error_str="Decryption failed.";
ctx=EVP_CIPHER_CTX_new();
if(key.size()!=AES256_KEY_SIZE)
throw std::runtime_error(error_str);
int temp_length;
int temp_unaligned_length;
if(ctx==nullptr)
throw std::runtime_error(error_str);
if(EVP_CIPHER_CTX_set_padding(ctx,1)==0)
throw std::runtime_error(error_str);
if(EVP_DecryptInit(ctx,EVP_aes_256_cbc(),(uint8_t*)key.data(),(uint8_t*)iv.data())==0)
throw std::runtime_error(error_str);
if(EVP_DecryptUpdate(ctx,(uint8_t*)plain.data(),&temp_length,(uint8_t*)cipher.data(),cipher.size())==0)
throw std::runtime_error(error_str);
if(EVP_DecryptFinal(ctx,(uint8_t*)plain.data()+temp_length,&temp_unaligned_length)==0)
throw std::runtime_error(error_str);
plain.resize(temp_length+temp_unaligned_length);
}
catch(...)
{
aes_cleanup(ctx);
throw;
}
aes_cleanup(ctx);
return plain;
}
DBT *decrypt(DBT * data)
{
DBT *decrypted;
unsigned char *safepasswd;
int olen, tlen;
FUNC;
decrypted = s_malloc(sizeof(DBT));
decrypted->data = s_malloc(data->size);
safepasswd = safepassword();
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_DecryptInit(&ctx, EVP_bf_cbc(), safepasswd, config->iv);
if (EVP_DecryptUpdate
(&ctx, decrypted->data, &olen, data->data, data->size) != 1) {
die_cryptoerr("Unexpected fatal error while decrypting.\n");
}
if (EVP_DecryptFinal(&ctx, decrypted->data + olen, &tlen) != 1) {
die_cryptoerr("Unexpected fatal error in decrypt final.\n");
}
olen += tlen;
EVP_CIPHER_CTX_cleanup(&ctx);
decrypted->size = olen;
free(safepasswd);
EFUNC;
return decrypted;
}
int Init_GCM(JNIEnv* env, jobject obj, jbyteArray key, jbyteArray iv, jint mode) {
jbyte* keyBytes = (*env)->GetByteArrayElements(env, key, NULL);
if (!keyBytes) {
return CRYPTO_FAILURE;
}
jbyte* ivBytes = (*env)->GetByteArrayElements(env, iv, NULL);
if (!ivBytes) {
(*env)->ReleaseByteArrayElements(env, key, keyBytes, JNI_ABORT);
return CRYPTO_FAILURE;
}
GCM_JNI_CTX* ctx = Create_GCM_JNI_CTX(keyBytes, ivBytes);
Set_GCM_JNI_CTX(env, obj, ctx);
(*env)->ReleaseByteArrayElements(env, key, keyBytes, JNI_ABORT);
(*env)->ReleaseByteArrayElements(env, iv, ivBytes, JNI_ABORT);
if (mode == GCM_ENCRYPT_MODE) {
if (!EVP_EncryptInit(ctx->cipherCtx, EVP_aes_128_gcm(), ctx->key, ctx->iv)) {
return CRYPTO_FAILURE;
}
} else if (mode == GCM_DECRYPT_MODE) {
if (!EVP_DecryptInit(ctx->cipherCtx, EVP_aes_128_gcm(), ctx->key, ctx->iv)) {
return CRYPTO_FAILURE;
}
} else {
return CRYPTO_FAILURE;
}
return CRYPTO_SUCCESS;
}
const char* decrypt(unsigned char* inbuff, int inbuff_len, unsigned char* key, unsigned char* iv)
{
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_DecryptInit(&ctx, EVP_bf_cbc(), key, iv);
unsigned char* outbuf = (unsigned char *)malloc(sizeof(unsigned char) * BUF_SIZE);
memset(outbuf, 0, BUF_SIZE);
int olen=0, tlen=0;
if (EVP_DecryptUpdate(&ctx, outbuf, &olen, inbuff, inbuff_len) != 1) {
LOGE("Error in decrypt update");
return 0;
}
if (EVP_DecryptFinal(&ctx, outbuf + olen, &tlen) != 1) {
LOGE("Error in decrypt final");
return 0;
}
EVP_CIPHER_CTX_cleanup(&ctx);
outbuf[olen+tlen-1] = '\0';
return (const char*) outbuf;
}
static int
ldecrypt (lua_State *L) {
size_t len = 0;
const char *text = lua_tolstring (L, 1, &len);
const char *key = lua_tostring (L, 2);
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
unsigned char iv[16] = { 0 };
char *output = malloc (len);
int olen1;
int olen2;
EVP_DecryptInit (ctx, EVP_aes_128_cbc(), (unsigned char *)key, iv);
EVP_DecryptUpdate (ctx, (unsigned char *)output, &olen1, (const unsigned char *)text, len);
int ok = EVP_DecryptFinal (ctx, (unsigned char *)(output + olen1), &olen2);
if (!ok) {
free (output);
EVP_CIPHER_CTX_free (ctx);
return 0;
}
lua_pushlstring (L, output, olen1 + olen2);
free (output);
EVP_CIPHER_CTX_free (ctx);
return 1;
}
enum snmp_code
snmp_pdu_decrypt(const struct snmp_pdu *pdu)
{
int32_t err, olen;
uint8_t iv[SNMP_PRIV_AES_IV_SIZ];
const EVP_CIPHER *ctype;
EVP_CIPHER_CTX ctx;
err = snmp_pdu_cipher_init(pdu, pdu->scoped_len, &ctype, iv);
if (err < 0)
return (SNMP_CODE_EDECRYPT);
else if (err == 0)
return (SNMP_CODE_OK);
if (EVP_DecryptInit(&ctx, ctype, pdu->user.priv_key, iv) != 1 ||
EVP_CIPHER_CTX_set_padding(&ctx, 0) != 1)
return (SNMP_CODE_EDECRYPT);
if (EVP_DecryptUpdate(&ctx, pdu->scoped_ptr, &olen, pdu->scoped_ptr,
pdu->scoped_len) != 1 ||
EVP_DecryptFinal(&ctx, pdu->scoped_ptr + olen, &olen) != 1) {
EVP_CIPHER_CTX_cleanup(&ctx);
return (SNMP_CODE_EDECRYPT);
}
EVP_CIPHER_CTX_cleanup(&ctx);
return (SNMP_CODE_OK);
}
bool AesCbcCipher::decrypt(const Vuc& in, Vuc& out)
{
// according to the openssl docs:
// the amount of data written may be as large as (in.size() + cipher_block_size - 1)
size_t outSize = in.size() + AES_BLOCK_SIZE - 1;
// the output buffer must also be a multiple of blocksize
if ((outSize % AES_BLOCK_SIZE) != 0)
outSize = ((outSize / AES_BLOCK_SIZE) + 1) * AES_BLOCK_SIZE;
out.resize(outSize, 0);
// init the cipher; must keep track of the number of bytes produced
ScopedOpenSSL<EVP_CIPHER_CTX, EVP_CIPHER_CTX_free> ctx(EVP_CIPHER_CTX_new());
EVP_DecryptInit(ctx.get(), getCipher(), &key_[0], &iv_[0]);
// do the decrypt
int nBytes = 0;
EVP_DecryptUpdate(ctx.get(), &out[0], &nBytes, &in[0], in.size());
int nTotalBytes = nBytes;
if (!EVP_DecryptFinal(ctx.get(), &out[nBytes], &nBytes))
return false; // padding incorrect
nTotalBytes += nBytes;
// the actual output size is in nTotalBytes
assert(nTotalBytes);
Vuc(out.begin(), out.begin()+nTotalBytes).swap(out); // shrink to fit
return true;
}
int data_decrypt(unsigned char *src, unsigned char *dst, int len, struct peer *p)
{
int tlen, olen;
if (encryption_disabled){
memcpy(dst,src,len);
return len;
}
if (!ctx_initialized) {
EVP_CIPHER_CTX_init (&ctx);
ctx_initialized = 1;
}
EVP_DecryptInit (&ctx, EVP_bf_cbc (), p->key, p->iv);
if (EVP_DecryptUpdate (&ctx, dst, &olen, src, len) != 1)
{
fprintf (stderr,"error in decrypt update\n");
olen = -1;
goto cleanup;
}
if (EVP_DecryptFinal (&ctx, dst + olen, &tlen) != 1)
{
fprintf (stderr,"error in decrypt final\n");
olen = -1;
goto cleanup;
}
olen += tlen;
cleanup:
EVP_CIPHER_CTX_cleanup(&ctx);
return olen;
}
/** Decrypt.
* Do the decryption.
* @return size of the plain text message.
*/
size_t
WorldInfoMessageDecryptor::decrypt()
{
if ( (plain_buffer == NULL) || (plain_buffer_length == 0) ||
(crypt_buffer == NULL) || (crypt_buffer_length == 0) ) {
throw MissingParameterException("Buffer(s) not set for decryption");
}
#ifdef HAVE_LIBCRYPTO
EVP_CIPHER_CTX ctx;
if ( ! EVP_DecryptInit(&ctx, EVP_aes_128_ecb(), key, iv) ) {
throw MessageDecryptionException("Could not initialize cipher context");
}
int outl = plain_buffer_length;
if ( ! EVP_DecryptUpdate(&ctx,
(unsigned char *)plain_buffer, &outl,
(unsigned char *)crypt_buffer, crypt_buffer_length) ) {
throw MessageDecryptionException("DecryptUpdate failed");
}
int plen = 0;
if ( ! EVP_DecryptFinal(&ctx, (unsigned char *)plain_buffer + outl, &plen) ) {
throw MessageDecryptionException("DecryptFinal failed");
}
outl += plen;
return outl;
#else
// Plain-text copy-through for debugging.
memcpy(plain_buffer, crypt_buffer, crypt_buffer_length);
return crypt_buffer_length;
#endif
}
ndn_Error
ndn_AesAlgorithm_decrypt128Ecb
(const uint8_t *key, size_t keyLength, const uint8_t *encryptedData,
size_t encryptedDataLength, uint8_t *plainData, size_t *plainDataLength)
{
EVP_CIPHER_CTX *ctx;
int outLength1, outLength2;
if (keyLength != ndn_AES_128_BLOCK_SIZE)
return NDN_ERROR_Incorrect_key_size;
ctx = EVP_CIPHER_CTX_new();
if (!ctx)
return NDN_ERROR_Error_in_decrypt_operation;
EVP_DecryptInit(ctx, EVP_aes_128_ecb(), (const unsigned char*)key, 0);
EVP_DecryptUpdate
(ctx, (unsigned char*)plainData, &outLength1,
(const unsigned char*)encryptedData, encryptedDataLength);
EVP_DecryptFinal
(ctx, (unsigned char*)plainData + outLength1, &outLength2);
EVP_CIPHER_CTX_free(ctx);
*plainDataLength = outLength1 + outLength2;
return NDN_ERROR_success;
}
/**
* @brief Performs basic Encrypt-then-MAC style Authenticated Encryption.
*
* @param[in] ekey a buffer holding the ENC key
* @param[in] ekey_len len of ekey buffer
* @param[in] mkey a buffer holding the MAC key
* @param[in] mkey_len len of mkey buffer
* @param[in] ctxt a buffer holding the ciphertext
* @param[in] ctxt_len length of ciphertext
* @param[in] mac a buffer holding the MAC
* @param[in] mac_len length of MAC
* @param[in] iv an iv (optional)
* @param[in] iv_len length of iv (optional)
* @param[out] output an allocated buffer, will hold the plaintext
* @param[in,out] output_len length of buffer, will hold length of plaintext
* @return 0 on success, non-zero on error
**/
int verify_then_decrypt(const unsigned char *ekey, size_t ekey_len,
const unsigned char *mkey, size_t mkey_len,
const unsigned char *ctxt, size_t ctxt_len,
const unsigned char *mac, size_t mac_len,
const unsigned char *iv, size_t iv_len,
unsigned char *output, size_t *output_len)
{
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER *cipher = NULL;
unsigned char auth[EVP_MAX_MD_SIZE];
size_t auth_len = EVP_MAX_MD_SIZE;
int len;
if (!ekey || !ekey_len || !mkey || !mkey_len ||
!ctxt || !ctxt_len || !mac || !mac_len || !output || !output_len)
return -1;
OpenSSL_add_all_algorithms();
memset(auth, 0, auth_len);
// Verify the HMAC-SHA1
if (!HMAC(EVP_sha1(), mkey, mkey_len, ctxt, ctxt_len,
auth, (unsigned int *) &auth_len))
goto cleanup;
if (auth_len != mac_len) goto cleanup;
if (memcmp(mac, auth, mac_len) != 0) goto cleanup;
EVP_CIPHER_CTX_init(ctx);
switch(ekey_len){
case 16:
cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
break;
case 24:
cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
break;
case 32:
cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
break;
default:
return -1;
}
if (*output_len < ctxt_len) goto cleanup;
*output_len = 0;
if (!EVP_DecryptInit(ctx, cipher, ekey, iv)) goto cleanup;
if (!EVP_DecryptUpdate(ctx, output, (int *) output_len,
ctxt, ctxt_len)) goto cleanup;
EVP_DecryptFinal(ctx, output + *output_len, &len);
*output_len += len;
EVP_CIPHER_CTX_cleanup(ctx);
return 0;
cleanup:
*output_len = 0;
return 1;
}
int openssl_decrypt(struct emvpn_socket *v, uint8_t *to, uint8_t *from, int len)
{
int clen, flen = 0;
EVP_CIPHER_CTX_init(&dec);
EVP_DecryptInit(&dec, EVP_aes_256_cbc(), v->key.key, v->key.iv);
EVP_DecryptUpdate(&dec, to, &clen, from, len);
EVP_DecryptFinal_ex(&dec, to + clen, &flen);
return clen + (flen % 16) ;
}
EVP_CIPHER_CTX* CreateCTX(GByte* pabyKey, GByte* pabyIV, bool bDecrypt)
{
EVP_CIPHER_CTX* pstCTX = new EVP_CIPHER_CTX;
const EVP_CIPHER * cipher = NULL;
EVP_CIPHER_CTX_init(pstCTX);
wxGISAppConfig oConfig = GetConfig();
if(oConfig.IsOk())
{
wxString sMode = oConfig.Read(enumGISHKCU, wxString(wxT("wxGISCommon/crypt/mode")), wxString(ERR));
#ifndef OPENSSL_NO_AES
if(sMode.IsSameAs(wxString(wxT("AES")), false))
cipher = EVP_aes_256_cfb();
#endif
#ifndef OPENSSL_NO_IDEA
if(sMode.IsSameAs(wxString(wxT("IDEA")), false))
cipher = EVP_idea_cbc();
#endif
#ifndef OPENSSL_NO_RC2
if(sMode.IsSameAs(wxString(wxT("RC2")), false))
cipher = EVP_rc2_cbc();
#endif
#ifndef OPENSSL_NO_BF
if(sMode.IsSameAs(wxString(wxT("BF")), false))
cipher = EVP_bf_cbc();
#endif
#ifndef OPENSSL_NO_CAST
if(sMode.IsSameAs(wxString(wxT("CAST5")), false))
cipher = EVP_cast5_cbc();
#endif
#ifndef OPENSSL_NO_DES
if(NULL == cipher || sMode.IsSameAs(wxString(ERR)) || sMode.IsSameAs(wxString(wxT("DES")), false))
cipher = EVP_des_cfb();
#endif
}
else
#ifndef OPENSSL_NO_DES
cipher = EVP_des_cfb();
#else
return NULL;
#endif
if(NULL == cipher)
return NULL;
bool bResult;
if(bDecrypt)
bResult = EVP_EncryptInit(pstCTX, cipher, pabyKey, pabyIV);
else
bResult = EVP_DecryptInit(pstCTX, cipher, pabyKey, pabyIV);
if(!bResult)
return NULL;
return pstCTX;
}
/*
* This function decrypts a string after it has been received on a socket.
* It performs previous checking on the format and may discard the
* message and return an error if the format mismatch. We can avoid a
* decryption if the format mismatches.
*
* @return It returns the plaintext length or -1 if a generic error occured,
* -2 if the format is not the one expected and 0 in case of disconnection.
* It leaves the decrypted message in **plain ( which is allocated).
*/
int decrypt_msg(int sk, char format, unsigned char** plain, unsigned char* shared_secret)
{
EVP_CIPHER_CTX* ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned int iv_len = EVP_MAX_IV_LENGTH;
unsigned char* msg = NULL;//msg has to set free in this function
unsigned int msg_len;
char recv_format;
int outlen, outtot = 0, ret;
*plain = NULL;
ctx = (EVP_CIPHER_CTX*)calloc(1, sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(ctx);
if ((msg_len = recv_msg(sk, &msg, &recv_format)) <= 0) {
ret = msg_len;
goto fail;
}
if (recv_format != format) {
ret = -2;
goto fail;
}
*plain = (unsigned char*)calloc(1, msg_len - iv_len);
memcpy(iv, msg, iv_len);
if (EVP_DecryptInit(ctx, EVP_aes_256_cbc(), shared_secret, iv) == 0) {
ret = -1;
goto fail;
}
if (EVP_DecryptUpdate(ctx, *plain, &outlen, msg + iv_len, msg_len - iv_len) == 0) {
ret = -1;
goto fail;
}
outtot = outlen;
if (EVP_DecryptFinal(ctx, *plain + outtot, &outlen) == 0) {
ret = -1;
goto fail;
}
outtot += outlen;
EVP_CIPHER_CTX_cleanup(ctx);
free(ctx);
free(msg);
return outtot;
fail: EVP_CIPHER_CTX_cleanup(ctx);
free(ctx);
if (*plain != NULL) {
free(*plain);
}
if (msg != NULL) {
free(msg);
}
return ret;
}
int Crypto::initDec(unsigned char key[16], unsigned char iv[8])
{
memcpy(m_pcKey, key, 16);
memcpy(m_pcIV, iv, 8);
EVP_CIPHER_CTX_init(&m_CTX);
EVP_DecryptInit(&m_CTX, EVP_bf_cbc(), m_pcKey, m_pcIV);
m_iCoderType = -1;
return 0;
}
int main(void) {
unsigned char ot[1024]; // open text
unsigned char st[1024]; // sifrovany text
unsigned char key[EVP_MAX_KEY_LENGTH] = "Super tajny klic"; // klic pro sifrovani
unsigned char iv[EVP_MAX_IV_LENGTH] = "vector unknown"; // inicializacni vektor
const char * filename = "Mad_scientist_cbc.bmp";
const char * outfilename = "Mad_scientist_cbc_dec.bmp";
int otLength = 0;
int stLength = 0;
int tmpLength = 0;
int readlen = 0;
char header[14];
unsigned int offset = 0;
EVP_CIPHER_CTX ctx; // struktura pro kontext
FILE * fin = fopen(filename,"rb");
FILE * fout = fopen(outfilename,"w+b");
if(!fin){
printf("File not found");
}
fread(header,1,14,fin);
fwrite(header,1,14,fout);
offset = (unsigned int)*(&header[10]);
offset -= 14;
while(offset > 1024){
fread(ot,1,1024,fin);
fwrite(ot,1,1024,fout);
offset -= 1024;
}
fread(ot,1,offset,fin);
fwrite(ot,1,offset,fout);
EVP_DecryptInit(&ctx, EVP_des_cbc(), key, iv); // nastaveni kontextu pro sifrovani
do{
readlen = fread(ot,1,1024,fin);
EVP_DecryptUpdate(&ctx, st, &stLength, ot, readlen); // sifrovani ot
fwrite(st,1,stLength,fout);
}while(readlen == 1024);
EVP_DecryptFinal(&ctx, &st[stLength], &tmpLength); // ziskani sifrovaneho textu z kontextu
fwrite(&st[stLength],1,tmpLength,fout);
stLength += tmpLength;
fclose(fin);
fclose(fout);
exit(0);
}
int symmetric_decrypt(char* ciphertext, char* plaintext,char* key,int enctextsize)
{
int nc; /* amount of bytes [de]crypted at each step */
int nctot; /* total amount of encrypted bytes */
int pt_len; /* plain text size */
int ct_len; /* encrypted text size */
int ct_ptr; /* first available entry in the buffer */
int msg_len; /* message length */
int k_size;
/* Context allocation */
EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX));
/* Context initialization */
EVP_CIPHER_CTX_init(ctx);
/* Context setup for encryption */
EVP_DecryptInit(ctx, EVP_des_ecb(), NULL, NULL);
/* Decryption key setup */
EVP_DecryptInit(ctx, NULL, key, NULL);
/* Encryption */
nc = 0;
nctot = 0;
ct_ptr = 0;
EVP_DecryptUpdate(ctx, &plaintext[ct_ptr], &nc, ciphertext, enctextsize);
ct_ptr += nc;
nctot += nc;
EVP_DecryptFinal(ctx, &plaintext[ct_ptr], &nc);
nctot += nc;
return nctot;
}
int decrypt_and_verify_secrets(CPOR_key *key, unsigned char *input, size_t input_len, unsigned char *plaintext, size_t *plaintext_len, unsigned char *authenticator, size_t authenticator_len) {
EVP_CIPHER_CTX ctx;
EVP_CIPHER *cipher = NULL;
unsigned char mac[EVP_MAX_MD_SIZE];
size_t mac_size = EVP_MAX_MD_SIZE;
int len;
if(!key || !key->k_enc || !key->k_mac || !input || !input_len || !plaintext || !plaintext_len || !authenticator || !authenticator_len) return 0;
OpenSSL_add_all_algorithms();
memset(mac, 0, mac_size);
/* Verify the HMAC-SHA1 */
if(!HMAC(EVP_sha1(), key->k_mac, key->k_mac_size, input, input_len, mac, (unsigned int *)&mac_size)) goto cleanup;
if(authenticator_len != mac_size) goto cleanup;
if(memcmp(mac, authenticator, mac_size) != 0) goto cleanup;
EVP_CIPHER_CTX_init(&ctx);
switch(key->k_enc_size) {
case 16:
cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
break;
case 24:
cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
break;
case 32:
cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
break;
default:
return 0;
}
if(!EVP_DecryptInit(&ctx, cipher, key->k_enc, NULL)) goto cleanup;
*plaintext_len = 0;
if(!EVP_DecryptUpdate(&ctx, plaintext, (int *)plaintext_len, input, input_len)) goto cleanup;
EVP_DecryptFinal(&ctx, plaintext + *plaintext_len, &len);
*plaintext_len += len;
EVP_CIPHER_CTX_cleanup(&ctx);
return 1;
cleanup:
*plaintext_len = 0;
return 0;
}
void pki_evp::veryOldFromData(unsigned char *p, int size )
{
unsigned char *sik, *pdec, *pdec1, *sik1;
int outl, decsize;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char ckey[EVP_MAX_KEY_LENGTH];
memset(iv, 0, EVP_MAX_IV_LENGTH);
RSA *rsakey;
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *cipher = EVP_des_ede3_cbc();
sik = (unsigned char *)OPENSSL_malloc(size);
check_oom(sik);
pki_openssl_error();
pdec = (unsigned char *)OPENSSL_malloc(size);
if (pdec == NULL ) {
OPENSSL_free(sik);
check_oom(pdec);
}
pdec1=pdec;
sik1=sik;
memcpy(iv, p, 8); /* recover the iv */
/* generate the key */
EVP_BytesToKey(cipher, EVP_sha1(), iv, (unsigned char *)oldpasswd,
strlen(oldpasswd), 1, ckey,NULL);
/* we use sha1 as message digest,
* because an md5 version of the password is
* stored in the database...
*/
EVP_CIPHER_CTX_init (&ctx);
EVP_DecryptInit( &ctx, cipher, ckey, iv);
EVP_DecryptUpdate( &ctx, pdec , &outl, p + 8, size -8 );
decsize = outl;
EVP_DecryptFinal( &ctx, pdec + decsize , &outl );
decsize += outl;
pki_openssl_error();
memcpy(sik, pdec, decsize);
if (key->type == EVP_PKEY_RSA) {
rsakey=d2i_RSAPrivateKey(NULL,(const unsigned char **)&pdec, decsize);
if (pki_ign_openssl_error()) {
rsakey = d2i_RSA_PUBKEY(NULL, (const unsigned char **)&sik, decsize);
}
pki_openssl_error();
if (rsakey) EVP_PKEY_assign_RSA(key, rsakey);
}
OPENSSL_free(sik1);
OPENSSL_free(pdec1);
EVP_CIPHER_CTX_cleanup(&ctx);
pki_openssl_error();
encryptKey();
}
/*
* Function: aesIsFast
* Purpose: Test if AES performance is sufficient to require encryption
* Parameters: none
* Returns: boolean: (true) if AES performance is acceptable, (false) otherwise
* Exceptions: InvalidKeyException if EVP_DecryptInit fails, OutOfMemoryError
* if memory allocation fails.
*/
static jboolean android_security_cts_EncryptionTest_aesIsFast(JNIEnv *env, jobject)
{
EVP_CIPHER_CTX ctx;
uint8_t *buf;
uint8_t key[EVP_CIPHER_key_length(TEST_EVP_CIPHER)];
uint8_t iv[EVP_CIPHER_iv_length(TEST_EVP_CIPHER)];
memset(key, 0x42, sizeof(key));
memset(iv, 0x11, sizeof(iv));
EVP_CIPHER_CTX_init(&ctx);
if (!EVP_DecryptInit(&ctx, TEST_EVP_CIPHER, key, iv)) {
jniThrowException(env, "java/security/InvalidKeyException",
"EVP_DecryptInit failed");
return false;
}
buf = new (std::nothrow) uint8_t[TEST_BUFSIZE +
EVP_CIPHER_block_size(TEST_EVP_CIPHER)];
if (!buf) {
jniThrowException(env, "java/lang/OutOfMemoryError",
"Failed to allocate test buffer");
return false;
}
memset(buf, 0xF0, TEST_BUFSIZE);
int len;
uint64_t t = ns();
for (int i = 0; i < TEST_ITERATIONS; ++i) {
EVP_DecryptUpdate(&ctx, buf, &len, buf, TEST_BUFSIZE);
}
t = ns() - t;
delete[] buf;
unsigned long ms = (unsigned long)(t / 1000000);
double speed =
(double)(TEST_ITERATIONS * TEST_BUFSIZE / (1024 * 1024)) * 1000.0 / ms;
ALOGE("EncryptionTest::aesIsFast: %u iterations in %lu ms (%.01lf MiB/s) "
"(threshold %u ms)", TEST_ITERATIONS, ms, speed, TEST_THRESHOLD);
return ms < TEST_THRESHOLD;
}
char* decryptToArray(FILE *ifp,char ckey[], char ivec[]) {
fseek(ifp, 0L, SEEK_END); int fsize = ftell(ifp);
fseek(ifp, 0L, SEEK_SET);
int outLen1 = 0; int outLen2 = 0; unsigned char *indata = malloc(fsize);
unsigned char *outdata = malloc(fsize);
fread(indata,sizeof(char),fsize, ifp);//Read Entire File
EVP_CIPHER_CTX ctx; EVP_DecryptInit(&ctx,EVP_aes_128_cbc(),ckey,ivec);
EVP_DecryptUpdate(&ctx,outdata,&outLen1,indata,fsize);
EVP_DecryptFinal(&ctx,outdata + outLen1,&outLen2);
return(outdata); }
QByteArray JulyAES256::decrypt(const QByteArray &data, const QByteArray &password)
{
int outLen=0;
QByteArray dataBuff;dataBuff.resize(data.size()+AES_BLOCK_SIZE);
EVP_CIPHER_CTX evpCipherCtx;
EVP_CIPHER_CTX_init(&evpCipherCtx);
EVP_DecryptInit(&evpCipherCtx,EVP_aes_256_cbc(),(const unsigned char*)sha256(password).data(),(const unsigned char*)sha256("JulyAES"+password).data());
EVP_DecryptUpdate(&evpCipherCtx,(unsigned char*)dataBuff.data(),&outLen,(const unsigned char*)data.data(),data.size());
int tempLen=outLen;
EVP_DecryptFinal(&evpCipherCtx,(unsigned char*)dataBuff.data()+tempLen,&outLen);
tempLen+=outLen;
EVP_CIPHER_CTX_cleanup(&evpCipherCtx);
dataBuff.resize(tempLen);
return dataBuff;
}
void *
CGI_decrypt(const char *p, int *len, const char *password) {
EVP_CIPHER_CTX ctx;
unsigned char md[DIGEST_SIZE];
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char key[EVP_MAX_KEY_LENGTH];
unsigned char *ret, *out;
int offset, rlen = 0;
if (p == 0 || *p == 0 || password == 0 || *password == 0) {
return 0;
}
ret = CGI_decode_base64(p, &rlen);
if (rlen <= DIGEST_SIZE + SALT_SIZE) {
free(ret);
return 0;
}
out = malloc(rlen + EVP_MAX_BLOCK_LENGTH);
EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), ret,
(unsigned char *) password, strlen(password), 1, key, iv);
EVP_DecryptInit(&ctx, EVP_aes_256_cbc(), key, iv);
EVP_DecryptUpdate(&ctx, out, &offset, ret + SALT_SIZE,
rlen - SALT_SIZE);
EVP_DecryptFinal(&ctx, out + offset, &rlen);
rlen += offset - DIGEST_SIZE;
/*
* The salt is in ret, the decrypted digest and decrypted
* data are in out, and the data length is rlen.
*/
if (rlen > 0) {
digest(out + DIGEST_SIZE, rlen, password, ret, md);
}
if (rlen > 0 && memcmp(out, md, DIGEST_SIZE) == 0) {
memcpy(ret, out + DIGEST_SIZE, rlen);
ret[rlen] = 0;
if (len != 0) {
*len = rlen;
}
}
else {
free(ret);
ret = 0;
}
free(out);
return ret;
}
bool RarVolume::DecryptInit(int keyLength)
{
#ifdef HAVE_OPENSSL
if (!(m_context = EVP_CIPHER_CTX_new())) return false;
if (!EVP_DecryptInit((EVP_CIPHER_CTX*)m_context,
keyLength == 128 ? EVP_aes_128_cbc() : EVP_aes_256_cbc(),
m_decryptKey, m_decryptIV))
return false;
return true;
#elif defined(HAVE_NETTLE)
m_context = new aes_ctx;
aes_set_decrypt_key((aes_ctx*)m_context, keyLength == 128 ? 16 : 32, m_decryptKey);
return true;
#else
return false;
#endif
}
int aes_decrypt(EVP_CIPHER_CTX* context, const unsigned char *key, const unsigned char *iv, unsigned char *enc_msg, size_t enc_msg_len, char **dec_msg) {
size_t block_len = 0;
size_t dec_msg_len = 0;
*dec_msg = (char*)malloc(enc_msg_len);
EVP_DecryptInit(context, EVP_aes_256_cbc(), key, iv);
EVP_DecryptUpdate(context, (unsigned char*)*dec_msg, (int*)&block_len, enc_msg, (int)enc_msg_len);
dec_msg_len += block_len;
EVP_DecryptFinal_ex(context, (unsigned char*)*dec_msg + dec_msg_len, (int*)&block_len);
dec_msg_len += block_len;
(*dec_msg)[dec_msg_len] = '\0';
return enc_msg_len;
}
string Sym_Encryption::generic_decrypt(unsigned char* k,
unsigned char* cipher, int msg_ll, string iv)
{
unsigned char* plaintext;
int nc;
string str;
plaintext = (unsigned char*)malloc(msg_ll);
bzero(plaintext, msg_ll);
EVP_DecryptInit(this->ctx, EVP_aes_128_cbc(), k, (unsigned char*)iv.data());
EVP_DecryptUpdate(this->ctx, plaintext, &nc, cipher, msg_ll);
EVP_DecryptFinal(this->ctx, plaintext, &nc);
str.assign((const char *)plaintext, msg_ll);
free (plaintext);
return str;
}
