void enc_key_init(int method, const char *pass) { if (method <= TABLE || method >= CIPHER_NUM) { LOGE("enc_key_init(): Illegal method"); return; } #if defined(USE_CRYPTO_OPENSSL) OpenSSL_add_all_algorithms(); #endif uint8_t iv[MAX_IV_LENGTH]; const cipher_kt_t *cipher = get_cipher_type(method); if (cipher == NULL) { LOGE("Cipher %s not found in crypto library", supported_ciphers[method]); FATAL("Cannot initialize cipher"); } const digest_type_t *md = get_digest_type("MD5"); if (md == NULL) { FATAL("MD5 Digest not found in crypto library"); } enc_key_len = bytes_to_key(cipher, md, (const uint8_t *) pass, enc_key, iv); if (enc_key_len == 0) { FATAL("Cannot generate key and IV"); } enc_iv_len = cipher_iv_size(cipher); }
void enc_key_init(int method, const char *pass) { if (method <= TABLE || method >= CIPHER_NUM) { LOGE("enc_key_init(): Illegal method"); return; } #if defined(USE_CRYPTO_OPENSSL) OpenSSL_add_all_algorithms(); #endif #if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC) cipher_kt_t cipher_info; #endif uint8_t iv[MAX_IV_LENGTH]; const cipher_kt_t *cipher = get_cipher_type(method); if (cipher == NULL) { do { #if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC) if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) { cipher_info.base = NULL; cipher_info.key_length = supported_ciphers_key_size[method] * 8; cipher_info.iv_size = supported_ciphers_iv_size[method]; cipher = (const cipher_kt_t *) &cipher_info; break; } #endif LOGE("Cipher %s not found in crypto library", supported_ciphers[method]); FATAL("Cannot initialize cipher"); } while (0); } const digest_type_t *md = get_digest_type("MD5"); if (md == NULL) { FATAL("MD5 Digest not found in crypto library"); } enc_key_len = bytes_to_key(cipher, md, (const uint8_t *) pass, enc_key, iv); if (enc_key_len == 0) { FATAL("Cannot generate key and IV"); } if (method == RC4_MD5) { enc_iv_len = 16; } else { enc_iv_len = cipher_iv_size(cipher); } enc_method = method; }
struct data* do_encrypt(const struct data* in, const enum cipher cipher, const enum cipher_mode mode, const char* password) { assert(password); assert(in); EVP_CIPHER_CTX* ctx = malloc(sizeof(EVP_CIPHER_CTX)); assert(ctx); EVP_CIPHER_CTX_init(ctx); size_t keyLength = get_key_length(cipher); unsigned char* key = malloc(keyLength + EVP_MAX_IV_LENGTH); unsigned char* iv = malloc(keyLength); assert(key && iv); const EVP_CIPHER* cipherType = get_cipher_type(cipher, mode); assert(EVP_BytesToKey(cipherType, EVP_md5(), NULL, (const unsigned char*) password, strlen(password), 1, key, iv)); size_t bufferLength = in->len + AES_BLOCK_SIZE + EVP_MAX_IV_LENGTH; unsigned char* buffer = malloc(bufferLength); assert(buffer); size_t length = 0; int lengthDelta; assert(EVP_EncryptInit_ex(ctx, cipherType, NULL, key, iv)); assert(EVP_EncryptUpdate(ctx, buffer, &lengthDelta, in->bytes, in->len)); length = lengthDelta; assert(EVP_EncryptFinal_ex(ctx, buffer + length, &lengthDelta)); length += lengthDelta; EVP_CIPHER_CTX_cleanup(ctx); struct data* out = malloc(sizeof(struct data)); out->bytes = buffer; out->len = length; return out; }
void cipher_context_init(cipher_ctx_t *evp, int method, int enc) { if (method <= TABLE || method >= CIPHER_NUM) { LOGE("cipher_context_init(): Illegal method"); return; } const char *ciphername = supported_ciphers[method]; const cipher_kt_t *cipher = get_cipher_type(method); #if defined(USE_CRYPTO_OPENSSL) if (cipher == NULL) { LOGE("Cipher %s not found in OpenSSL library", ciphername); FATAL("Cannot initialize cipher"); } EVP_CIPHER_CTX_init(evp); if (!EVP_CipherInit_ex(evp, cipher, NULL, NULL, NULL, enc)) { LOGE("Cannot initialize cipher %s", ciphername); exit(EXIT_FAILURE); } if (!EVP_CIPHER_CTX_set_key_length(evp, enc_key_len)) { EVP_CIPHER_CTX_cleanup(evp); LOGE("Invalid key length: %d", enc_key_len); exit(EXIT_FAILURE); } if (method > RC4) { EVP_CIPHER_CTX_set_padding(evp, 1); } #elif defined(USE_CRYPTO_POLARSSL) if (cipher == NULL) { LOGE("Cipher %s not found in PolarSSL library", ciphername); FATAL("Cannot initialize PolarSSL cipher"); } if (cipher_init_ctx(evp, cipher) != 0) { FATAL("Cannot initialize PolarSSL cipher context"); } #endif }
void cipher_context_init(cipher_ctx_t *ctx, int method, int enc) { if (method <= TABLE || method >= CIPHER_NUM) { LOGE("cipher_context_init(): Illegal method"); return; } if (method >= SALSA20) { enc_iv_len = supported_ciphers_iv_size[method]; return; } const char *ciphername = supported_ciphers[method]; #if defined(USE_CRYPTO_APPLECC) cipher_cc_t *cc = &ctx->cc; cc->cryptor = NULL; cc->cipher = supported_ciphers_applecc[method]; if (cc->cipher == kCCAlgorithmInvalid) { cc->valid = kCCContextInvalid; } else { cc->valid = kCCContextValid; if (cc->cipher == kCCAlgorithmRC4) { cc->mode = kCCModeRC4; cc->padding = ccNoPadding; } else { cc->mode = kCCModeCFB; cc->padding = ccPKCS7Padding; } return; } #endif cipher_evp_t *evp = &ctx->evp; const cipher_kt_t *cipher = get_cipher_type(method); #if defined(USE_CRYPTO_OPENSSL) if (cipher == NULL) { LOGE("Cipher %s not found in OpenSSL library", ciphername); FATAL("Cannot initialize cipher"); } EVP_CIPHER_CTX_init(evp); if (!EVP_CipherInit_ex(evp, cipher, NULL, NULL, NULL, enc)) { LOGE("Cannot initialize cipher %s", ciphername); exit(EXIT_FAILURE); } if (!EVP_CIPHER_CTX_set_key_length(evp, enc_key_len)) { EVP_CIPHER_CTX_cleanup(evp); LOGE("Invalid key length: %d", enc_key_len); exit(EXIT_FAILURE); } if (method > RC4_MD5) { EVP_CIPHER_CTX_set_padding(evp, 1); } #elif defined(USE_CRYPTO_POLARSSL) if (cipher == NULL) { LOGE("Cipher %s not found in PolarSSL library", ciphername); FATAL("Cannot initialize PolarSSL cipher"); } if (cipher_init_ctx(evp, cipher) != 0) { FATAL("Cannot initialize PolarSSL cipher context"); } #elif defined(USE_CRYPTO_MBEDTLS) // XXX: mbedtls_cipher_setup future change // NOTE: Currently also clears structure. In future versions you will be required to call // mbedtls_cipher_init() on the structure first. // void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); if (cipher == NULL) { LOGE("Cipher %s not found in mbed TLS library", ciphername); FATAL("Cannot initialize mbed TLS cipher"); } mbedtls_cipher_init(evp); if (mbedtls_cipher_setup(evp, cipher) != 0) { FATAL("Cannot initialize mbed TLS cipher context"); } #endif }
void enc_key_init(int method, const char *pass) { if (method <= TABLE || method >= CIPHER_NUM) { LOGE("enc_key_init(): Illegal method"); return; } // Inilitialize cache cache_create(&iv_cache, 256, NULL); #if defined(USE_CRYPTO_OPENSSL) OpenSSL_add_all_algorithms(); #endif uint8_t iv[MAX_IV_LENGTH]; cipher_kt_t *cipher; cipher_kt_t cipher_info; if (method == SALSA20 || method == CHACHA20 || method == CHACHA20IETF) { if (sodium_init() == -1) { FATAL("Failed to initialize sodium"); } // Fake cipher cipher = (cipher_kt_t *)&cipher_info; #if defined(USE_CRYPTO_OPENSSL) cipher->key_len = supported_ciphers_key_size[method]; cipher->iv_len = supported_ciphers_iv_size[method]; #endif #if defined(USE_CRYPTO_POLARSSL) cipher->base = NULL; cipher->key_length = supported_ciphers_key_size[method] * 8; cipher->iv_size = supported_ciphers_iv_size[method]; #endif #if defined(USE_CRYPTO_MBEDTLS) // XXX: key_length changed to key_bitlen in mbed TLS 2.0.0 cipher->base = NULL; cipher->key_bitlen = supported_ciphers_key_size[method] * 8; cipher->iv_size = supported_ciphers_iv_size[method]; #endif } else { cipher = (cipher_kt_t *)get_cipher_type(method); } if (cipher == NULL) { do { #if defined(USE_CRYPTO_POLARSSL) && defined(USE_CRYPTO_APPLECC) if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) { cipher_info.base = NULL; cipher_info.key_length = supported_ciphers_key_size[method] * 8; cipher_info.iv_size = supported_ciphers_iv_size[method]; cipher = (cipher_kt_t *)&cipher_info; break; } #endif #if defined(USE_CRYPTO_MBEDTLS) && defined(USE_CRYPTO_APPLECC) // XXX: key_length changed to key_bitlen in mbed TLS 2.0.0 if (supported_ciphers_applecc[method] != kCCAlgorithmInvalid) { cipher_info.base = NULL; cipher_info.key_bitlen = supported_ciphers_key_size[method] * 8; cipher_info.iv_size = supported_ciphers_iv_size[method]; cipher = (cipher_kt_t *)&cipher_info; break; } #endif LOGE("Cipher %s not found in crypto library", supported_ciphers[method]); FATAL("Cannot initialize cipher"); } while (0); } const digest_type_t *md = get_digest_type("MD5"); if (md == NULL) { FATAL("MD5 Digest not found in crypto library"); } enc_key_len = bytes_to_key(cipher, md, (const uint8_t *)pass, enc_key, iv); if (enc_key_len == 0) { FATAL("Cannot generate key and IV"); } if (method == RC4_MD5) { enc_iv_len = 16; } else { enc_iv_len = cipher_iv_size(cipher); } enc_method = method; }
void cipher_context_init(cipher_ctx_t *ctx, int method, int enc) { if (method <= TABLE || method >= CIPHER_NUM) { LOGE("cipher_context_init(): Illegal method"); return; } const char *ciphername = supported_ciphers[method]; #if defined(USE_CRYPTO_APPLECC) cipher_cc_t *cc = &ctx->cc; cc->cryptor = NULL; cc->cipher = supported_ciphers_applecc[method]; if (cc->cipher == kCCAlgorithmInvalid) { cc->valid = kCCContextInvalid; } else { cc->valid = kCCContextValid; if (cc->cipher == kCCAlgorithmRC4) { cc->mode = kCCModeRC4; cc->padding = ccNoPadding; } else { cc->mode = kCCModeCFB; cc->padding = ccPKCS7Padding; } return; } #endif cipher_evp_t *evp = &ctx->evp; const cipher_kt_t *cipher = get_cipher_type(method); #if defined(USE_CRYPTO_OPENSSL) if (cipher == NULL) { LOGE("Cipher %s not found in OpenSSL library", ciphername); FATAL("Cannot initialize cipher"); } EVP_CIPHER_CTX_init(evp); if (!EVP_CipherInit_ex(evp, cipher, NULL, NULL, NULL, enc)) { LOGE("Cannot initialize cipher %s", ciphername); exit(EXIT_FAILURE); } if (!EVP_CIPHER_CTX_set_key_length(evp, enc_key_len)) { EVP_CIPHER_CTX_cleanup(evp); LOGE("Invalid key length: %d", enc_key_len); exit(EXIT_FAILURE); } if (method > RC4_MD5) { EVP_CIPHER_CTX_set_padding(evp, 1); } #elif defined(USE_CRYPTO_POLARSSL) if (cipher == NULL) { LOGE("Cipher %s not found in PolarSSL library", ciphername); FATAL("Cannot initialize PolarSSL cipher"); } if (cipher_init_ctx(evp, cipher) != 0) { FATAL("Cannot initialize PolarSSL cipher context"); } #endif }