void CryptoProxy::encrypt(CryptoKey* key, const ByteVector& data, ByteVector& encryptedData) { if ((data.length() % 16) > 0) throw runtime_error("encrypt: incorrect data length"); encryptedData = data; //Crypto encrypts in-place // NOTE: do not reserve block for padding, specify final = FALSE instead //encryptedData.append(0x00, 16); // add one extra block as MS wants it for padding const DWORD bytesToEncrypt = static_cast<DWORD>(data.size()); DWORD dataSize = bytesToEncrypt; try { TOE(CryptEncrypt(*key, 0, FALSE/*final*/, 0/*flags*/, &encryptedData.front(), &dataSize, static_cast<DWORD>(encryptedData.size())), "CryptEncrypt 1st"); } catch (WinApiError& e) { // larger buffer is required?? if (e.getErr() == ERROR_MORE_DATA) { encryptedData.append(0x00, dataSize - encryptedData.size()); // try again, no second catch this time dataSize = bytesToEncrypt; //set again to input data length TOE(CryptEncrypt(*key, 0, FALSE/*final*/, 0/*flags*/, &encryptedData.front(), &dataSize, static_cast<DWORD>(encryptedData.size())), "CryptEncrypt 2nd"); } else throw; // another error -> re-throw } // strip the padding encryptedData.resize(bytesToEncrypt); }
void IpmiPayload::deserializeEncryptedRmcpp(ByteVector& outData, const ByteVector& key, const ByteVector& in, size_t& pos) { // deserialize payload deserializeRmcpp(outData, in, pos); // strip IV from payload ByteVector iv(outData.c_ptr(), 16); outData.erase(outData.begin(), outData.begin() + 16); // decrypt payload ByteVector decryptedPayload; CryptoProxy::getInstance()->decrypt(key, iv, outData, decryptedPayload); // verify padding byte_t padLength = decryptedPayload[decryptedPayload.length() - 1]; const byte_t* pad = decryptedPayload.c_ptr(decryptedPayload.length() - padLength -1); for (byte_t i = 1; i <= padLength; ++i, ++pad) { if (*pad != i) throw runtime_error("Incorrect padding on incoming encrypted message"); } // strip padding outData.assign(decryptedPayload.begin(), decryptedPayload.end() - padLength -1); }
void CryptoProxy::selfTest() { // test HMAC MD 5 ByteVector key; ByteVector data; ByteVector digest; // case 1 key.assign(16, 0x0b); data.copy((byte_t*)"Hi There", 8); const byte_t dig1[] = { 0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, 0x13, 0xf4, 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d }; hmac(CryptoProxy::HMAC_MD5, data, key, digest); LOG_LODEBUG << "MD5 1: " << (memcmp(digest.c_ptr(), dig1, 16) == 0 ? "OK" : "FAILED"); // case 2 key.copy((byte_t*)"Jefe", 4); data.copy((byte_t*)"what do ya want for nothing?", 28); const byte_t dig2[] = { 0x75, 0x0c, 0x78, 0x3e, 0x6a, 0xb0, 0xb5, 0x03, 0xea, 0xa8, 0x6e, 0x31, 0x0a, 0x5d, 0xb7, 0x38 }; hmac(CryptoProxy::HMAC_MD5, data, key, digest); LOG_LODEBUG << "MD5 2: " << (memcmp(digest.c_ptr(), dig2, 16) == 0 ? "OK" : "FAILED"); // case 3 key.assign(16, 0xaa); data.assign(50, 0xdd); const byte_t dig3[] = {0x56, 0xbe, 0x34, 0x52, 0x1d, 0x14, 0x4c, 0x88, 0xdb, 0xb8, 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6}; hmac(CryptoProxy::HMAC_MD5, data, key, digest); LOG_LODEBUG << "MD5 3: " << (memcmp(digest.c_ptr(), dig3, 16) == 0 ? "OK" : "FAILED"); // test AES CBC 128 ByteVector plainText; ByteVector encryptedText; ByteVector decryptedText; // case 1 - one block const byte_t key1[] = {0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06}; const byte_t iv1[] = {0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30, 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41}; const byte_t cipher1[] = {0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8, 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a}; plainText.copy((byte_t*)"Single block msg", 16); encrypt(ByteVector(key1, 16), ByteVector(iv1, 16), plainText, encryptedText); LOG_LODEBUG << "AES 1: length " << (encryptedText.length() == 16 ? "OK" : "FAILED"); LOG_LODEBUG << "AES 1: content " << (memcmp(encryptedText.c_ptr(), cipher1, 16) == 0 ? "OK" : "FAILED"); decrypt(ByteVector(key1, 16), ByteVector(iv1, 16), encryptedText, decryptedText); LOG_LODEBUG << "AES 1: decrypt " << (memcmp(decryptedText.c_ptr(), plainText.c_ptr(), 16) == 0 ? "OK" : "FAILED"); // case 2 - two blocks const byte_t key2[] = {0xc2, 0x86, 0x69, 0x6d, 0x88, 0x7c, 0x9a, 0xa0, 0x61, 0x1b, 0xbb, 0x3e, 0x20, 0x25, 0xa4, 0x5a}; const byte_t iv2[] = {0x56, 0x2e, 0x17, 0x99, 0x6d, 0x09, 0x3d, 0x28, 0xdd, 0xb3, 0xba, 0x69, 0x5a, 0x2e, 0x6f, 0x58}; const byte_t cipher2[] = {0xd2, 0x96, 0xcd, 0x94, 0xc2, 0xcc, 0xcf, 0x8a, 0x3a, 0x86, 0x30, 0x28, 0xb5, 0xe1, 0xdc, 0x0a, 0x75, 0x86, 0x60, 0x2d, 0x25, 0x3c, 0xff, 0xf9, 0x1b, 0x82, 0x66, 0xbe, 0xa6, 0xd6, 0x1a, 0xb1}; plainText.clear(); for (byte_t i = 0; i < 32; plainText += i++); encrypt(ByteVector(key2, 16), ByteVector(iv2, 16), plainText, encryptedText); LOG_LODEBUG << "AES 2: length " << (encryptedText.length() == 32 ? "OK" : "FAILED"); LOG_LODEBUG << "AES 2: content " << (memcmp(encryptedText.c_ptr(), cipher2, 32) == 0 ? "OK" : "FAILED"); decrypt(ByteVector(key2, 16), ByteVector(iv2, 16), encryptedText, decryptedText); LOG_LODEBUG << "AES 2: decrypt " << (memcmp(decryptedText.c_ptr(), plainText.c_ptr(), 32) == 0 ? "OK" : "FAILED"); // case 3 - three blocks const byte_t key3[] = {0x6c, 0x3e, 0xa0, 0x47, 0x76, 0x30, 0xce, 0x21, 0xa2, 0xce, 0x33, 0x4a, 0xa7, 0x46, 0xc2, 0xcd}; const byte_t iv3[] = {0xc7, 0x82, 0xdc, 0x4c, 0x09, 0x8c, 0x66, 0xcb, 0xd9, 0xcd, 0x27, 0xd8, 0x25, 0x68, 0x2c, 0x81}; const byte_t cipher3[] = {0xd0, 0xa0, 0x2b, 0x38, 0x36, 0x45, 0x17, 0x53, 0xd4, 0x93, 0x66, 0x5d, 0x33, 0xf0, 0xe8, 0x86, 0x2d, 0xea, 0x54, 0xcd, 0xb2, 0x93, 0xab, 0xc7, 0x50, 0x69, 0x39, 0x27, 0x67, 0x72, 0xf8, 0xd5, 0x02, 0x1c, 0x19, 0x21, 0x6b, 0xad, 0x52, 0x5c, 0x85, 0x79, 0x69, 0x5d, 0x83, 0xba, 0x26, 0x84}; plainText.copy((byte_t*)"This is a 48-byte message (exactly 3 AES blocks)", 48); encrypt(ByteVector(key3, 16), ByteVector(iv3, 16), plainText, encryptedText); LOG_LODEBUG << "AES 3: length " << (encryptedText.length() == 48 ? "OK" : "FAILED"); LOG_LODEBUG << "AES 3: content " << (memcmp(encryptedText.c_ptr(), cipher3, 48) == 0 ? "OK" : "FAILED"); decrypt(ByteVector(key3, 16), ByteVector(iv3, 16), encryptedText, decryptedText); LOG_LODEBUG << "AES 3: decrypt " << (memcmp(decryptedText.c_ptr(), plainText.c_ptr(), 48) == 0 ? "OK" : "FAILED"); }