OSStatus
AES_CTR_Init(
AES_CTR_Context * inContext,
const uint8_t inKey[ kAES_CTR_Size ],
const uint8_t inNonce[ kAES_CTR_Size ] )
{
#if( AES_UTILS_USE_COMMON_CRYPTO )
OSStatus err;
inContext->cryptor = NULL;
err = CCCryptorCreate( kCCEncrypt, kCCAlgorithmAES128, kCCOptionECBMode, inKey, kAES_CTR_Size, NULL,
&inContext->cryptor );
check_noerr( err );
if( err ) return( err );
#elif( AES_UTILS_USE_GLADMAN_AES )
aes_init();
aes_encrypt_key128( inKey, &inContext->ctx );
#elif( AES_UTILS_USE_USSL )
aes_setkey_enc( &inContext->ctx, (unsigned char *) inKey, kAES_CTR_Size * 8 );
#else
AES_set_encrypt_key( inKey, kAES_CTR_Size * 8, &inContext->key );
#endif
memcpy( inContext->ctr, inNonce, kAES_CTR_Size );
inContext->used = 0;
inContext->legacy = false;
return( kNoErr );
}
static void AES_Operation(CCOperation operation, void* key, size_t keySize,
FILE *fpInput, FILE *fpOutput)
{
CCCryptorRef cryptorRef;
CCCryptorStatus rc;
rc = CCCryptorCreate(operation, kCCAlgorithmAES128, 0, key, keySize, NULL, &cryptorRef);
assert(rc == kCCSuccess);
char rawData[128/8];
size_t bytesRead;
while((bytesRead = fread(rawData, 1, sizeof(rawData), fpInput)) > 0)
{
char convertedData[128/8];
size_t dataOutMoved;
if(bytesRead < sizeof(rawData))
bzero(&rawData[bytesRead], sizeof(rawData) - bytesRead);
rc = CCCryptorUpdate(cryptorRef, rawData, sizeof(rawData), convertedData, sizeof(convertedData), &dataOutMoved);
assert(rc == kCCSuccess);
//assert(dataOutMoved == sizeof(convertedData));
if(dataOutMoved != sizeof(convertedData))
printf("Data out moved (%d) != converted (%d)\n", dataOutMoved, convertedData);
if(dataOutMoved > 0)
fwrite(convertedData, dataOutMoved, 1, fpOutput);
}
CCCryptorRelease(cryptorRef);
}
OSStatus
AES_CBCFrame_Init(
AES_CBCFrame_Context * inContext,
const uint8_t inKey[ kAES_CBCFrame_Size ],
const uint8_t inIV[ kAES_CBCFrame_Size ],
Boolean inEncrypt )
{
#if( AES_UTILS_USE_COMMON_CRYPTO )
OSStatus err;
inContext->cryptor = NULL;
err = CCCryptorCreate( inEncrypt ? kCCEncrypt : kCCDecrypt, kCCAlgorithmAES128, 0, inKey, kAES_CTR_Size,
NULL, &inContext->cryptor );
check_noerr( err );
if( err ) return( err );
#elif( AES_UTILS_USE_GLADMAN_AES )
aes_init();
if( inEncrypt ) aes_encrypt_key128( inKey, &inContext->ctx.encrypt );
else aes_decrypt_key128( inKey, &inContext->ctx.decrypt );
inContext->encrypt = inEncrypt;
#elif( AES_UTILS_USE_USSL )
if( inEncrypt ) aes_setkey_enc( &inContext->ctx, (unsigned char *) inKey, kAES_CBCFrame_Size * 8 );
else aes_setkey_dec( &inContext->ctx, (unsigned char *) inKey, kAES_CBCFrame_Size * 8 );
inContext->encrypt = inEncrypt;
#else
if( inEncrypt ) AES_set_encrypt_key( inKey, kAES_CBCFrame_Size * 8, &inContext->key );
else AES_set_decrypt_key( inKey, kAES_CBCFrame_Size * 8, &inContext->key );
inContext->mode = inEncrypt ? AES_ENCRYPT : AES_DECRYPT;
#endif
memcpy( inContext->iv, inIV, kAES_CBCFrame_Size );
return( kNoErr );
}
selene_error_t *sln_cryptor_osx_cc_create(selene_t *s, int encrypt,
sln_cipher_e type, const char *key,
const char *iv,
sln_cryptor_t **p_enc) {
CCCryptorStatus rv;
CCCryptorRef cryptor;
size_t keylen;
CCAlgorithm alg;
CCOperation op;
if (encrypt) {
op = kCCEncrypt;
} else {
op = kCCDecrypt;
}
switch (type) {
case SLN_CIPHER_AES_128_CBC:
alg = kCCAlgorithmAES128;
keylen = kCCKeySizeAES128;
break;
case SLN_CIPHER_AES_256_CBC:
/* TODO: it is not clear from the docs why this is named AES-128, but if
* you
* pass in a key size that is for AES-256, it works (?????) as if it was
* in AES-256 mode (!!!!!)
*/
alg = kCCAlgorithmAES128;
keylen = kCCKeySizeAES256;
break;
case SLN_CIPHER_RC4:
alg = kCCAlgorithmRC4;
keylen = SLN_CIPHER_RC4_128_KEY_LENGTH;
break;
default:
return selene_error_createf(SELENE_ENOTIMPL,
"Unsupported cipher type: %d", type);
}
rv = CCCryptorCreate(op, alg, 0, key, keylen, iv, &cryptor);
if (rv != kCCSuccess) {
return selene_error_createf(
SELENE_EIO, "CCCryptorCreate failed CCCryptorStatus=%d", rv);
} else {
sln_cryptor_t *enc = sln_alloc(s, sizeof(sln_cryptor_t));
enc->s = s;
enc->baton = cryptor;
enc->type = type;
*p_enc = enc;
}
return SELENE_SUCCESS;
}
crypt_aes_p crypt_aes_create(void* key, void* iv, size_t size) {
assert(size == 16);
struct crypt_aes_t *d = (struct crypt_aes_t*)malloc(sizeof(struct crypt_aes_t));
memcpy(d->key, key, 16);
memcpy(d->iv, iv, 16);
OSStatus err = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, key, 16, iv, &d->cryptor);
if (err != noErr)
return NULL;
return d;
}
static void transformAES_CBC(CCOperation operation, const CryptoAlgorithmAesCbcParams& parameters, const CryptoKeyAES& key, const CryptoOperationData& data, std::unique_ptr<PromiseWrapper> promise)
{
static_assert(sizeof(parameters.iv) == kCCBlockSizeAES128, "Initialization vector size must be the same as algorithm block size");
size_t keyLengthInBytes = key.key().size();
if (keyLengthInBytes != 16 && keyLengthInBytes != 24 && keyLengthInBytes != 32) {
promise->reject(nullptr);
return;
}
CCCryptorRef cryptor;
#if PLATFORM(IOS) || __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090
CCAlgorithm aesAlgorithm = kCCAlgorithmAES;
#else
CCAlgorithm aesAlgorithm = kCCAlgorithmAES128;
#endif
CCCryptorStatus status = CCCryptorCreate(operation, aesAlgorithm, kCCOptionPKCS7Padding, key.key().data(), keyLengthInBytes, parameters.iv.data(), &cryptor);
if (status) {
promise->reject(nullptr);
return;
}
Vector<uint8_t> result(CCCryptorGetOutputLength(cryptor, data.second, true));
size_t bytesWritten;
status = CCCryptorUpdate(cryptor, data.first, data.second, result.data(), result.size(), &bytesWritten);
if (status) {
promise->reject(nullptr);
return;
}
uint8_t* p = result.data() + bytesWritten;
status = CCCryptorFinal(cryptor, p, result.end() - p, &bytesWritten);
p += bytesWritten;
if (status) {
promise->reject(nullptr);
return;
}
ASSERT(p <= result.end());
result.shrink(p - result.begin());
CCCryptorRelease(cryptor);
promise->fulfill(result);
}
int32_t mz_crypt_aes_set_decrypt_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
if (aes == NULL || key == NULL || key_length == 0)
return MZ_PARAM_ERROR;
mz_crypt_aes_reset(handle);
aes->error = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, 0, key, key_length, NULL, &aes->crypt);
if (aes->error != kCCSuccess)
return MZ_HASH_ERROR;
return MZ_OK;
}
static int
init_cc_key(int encp, CCAlgorithm alg, CCOptions opts, const void *key,
size_t keylen, const void *iv, CCCryptorRef *ref)
{
CCOperation op = encp ? kCCEncrypt : kCCDecrypt;
CCCryptorStatus ret;
if (*ref) {
if (key == NULL && iv) {
CCCryptorReset(*ref, iv);
return 1;
}
CCCryptorRelease(*ref);
}
if (key) {
ret = CCCryptorCreate(op, alg, opts, key, keylen, iv, ref);
if (ret)
return 0;
}
return 1;
}
OSStatus AES_ECB_Init( AES_ECB_Context *inContext, uint32_t inMode, const uint8_t inKey[ kAES_ECB_Size ] )
{
#if( AES_UTILS_USE_COMMON_CRYPTO )
OSStatus err;
inContext->cryptor = NULL;
err = CCCryptorCreate( inMode, kCCAlgorithmAES128, kCCOptionECBMode, inKey, kAES_ECB_Size, NULL, &inContext->cryptor );
check_noerr( err );
if( err ) return( err );
#elif( AES_UTILS_USE_GLADMAN_AES )
aes_init();
if( inMode == kAES_ECB_Mode_Encrypt ) aes_encrypt_key128( inKey, &inContext->ctx.encrypt );
else aes_decrypt_key128( inKey, &inContext->ctx.decrypt );
inContext->encrypt = inMode;
#elif( AES_UTILS_USE_USSL )
if( inMode == kAES_ECB_Mode_Encrypt ) aes_setkey_enc( &inContext->ctx, (unsigned char *) inKey, kAES_ECB_Size * 8 );
else aes_setkey_dec( &inContext->ctx, (unsigned char *) inKey, kAES_ECB_Size * 8 );
inContext->mode = inMode;
#else
AES_set_encrypt_key( inKey, kAES_ECB_Size * 8, &inContext->key );
inContext->cryptFunc = ( inMode == kAES_ECB_Mode_Encrypt ) ? AES_encrypt : AES_decrypt;
#endif
return( kNoErr );
}
/*
* Test harness for CCCryptor with lots of options.
*/
CCCryptorStatus doCCCrypt(
bool forEncrypt,
CCAlgorithm encrAlg,
bool doCbc,
bool doPadding,
const void *keyBytes, size_t keyLen,
const void *iv,
bool randUpdates,
bool inPlace, /* !doPadding only */
size_t ctxSize, /* if nonzero, we allocate ctx */
bool askOutSize,
const uint8_t *inText, size_t inTextLen,
uint8_t **outText, size_t *outTextLen) /* both returned, WE malloc */
{
CCCryptorRef cryptor = NULL;
CCCryptorStatus crtn;
CCOperation op = forEncrypt ? kCCEncrypt : kCCDecrypt;
CCOptions options = 0;
uint8_t *outBuf = NULL; /* mallocd output buffer */
uint8_t *outp; /* running ptr into outBuf */
const uint8 *inp; /* running ptr into inText */
size_t outLen; /* bytes remaining in outBuf */
size_t toMove; /* bytes remaining in inText */
size_t thisMoveOut; /* output from CCCryptUpdate()/CCCryptFinal() */
size_t outBytes; /* total bytes actually produced in outBuf */
char ctx[CC_MAX_CTX_SIZE]; /* for CCCryptorCreateFromData() */
uint8_t *textMarker = NULL; /* 8 bytes of marker here after expected end of
* output */
char *ctxMarker = NULL; /* ditto for caller-provided context */
unsigned dex;
size_t askedOutSize; /* from the lib */
size_t thisOutLen; /* dataOutAvailable we use */
if(ctxSize > CC_MAX_CTX_SIZE) {
printf("***HEY! Adjust CC_MAX_CTX_SIZE!\n");
exit(1);
}
if(!doCbc) {
options |= kCCOptionECBMode;
}
if(doPadding) {
options |= kCCOptionPKCS7Padding;
}
/* just hack this one */
outLen = inTextLen;
if(forEncrypt) {
outLen += MAX_BLOCK_SIZE;
}
outBuf = (uint8_t *)malloc(outLen + MARKER_LENGTH);
memset(outBuf, 0xEE, outLen + MARKER_LENGTH);
/* library should not touch this memory */
textMarker = outBuf + outLen;
memset(textMarker, MARKER_BYTE, MARKER_LENGTH);
/* subsequent errors to errOut: */
if(inPlace) {
memmove(outBuf, inText, inTextLen);
inp = outBuf;
}
else {
inp = inText;
}
if(!randUpdates) {
/* one shot */
if(askOutSize) {
crtn = CCCrypt(op, encrAlg, options,
keyBytes, keyLen, iv,
inp, inTextLen,
outBuf, 0, &askedOutSize);
if(crtn != kCCBufferTooSmall) {
printf("***Did not get kCCBufferTooSmall as expected\n");
printf(" alg %d inTextLen %lu cbc %d padding %d keyLen %lu\n",
(int)encrAlg, (unsigned long)inTextLen, (int)doCbc, (int)doPadding,
(unsigned long)keyLen);
printCCError("CCCrypt", crtn);
crtn = -1;
goto errOut;
}
outLen = askedOutSize;
}
crtn = CCCrypt(op, encrAlg, options,
keyBytes, keyLen, iv,
inp, inTextLen,
outBuf, outLen, &outLen);
if(crtn) {
printCCError("CCCrypt", crtn);
goto errOut;
}
*outText = outBuf;
*outTextLen = outLen;
goto errOut;
}
/* random multi updates */
if(ctxSize) {
size_t ctxSizeCreated;
if(askOutSize) {
crtn = CCCryptorCreateFromData(op, encrAlg, options,
keyBytes, keyLen, iv,
ctx, 0 /* ctxSize */,
&cryptor, &askedOutSize);
if(crtn != kCCBufferTooSmall) {
printf("***Did not get kCCBufferTooSmall as expected\n");
printCCError("CCCryptorCreateFromData", crtn);
crtn = -1;
goto errOut;
}
ctxSize = askedOutSize;
}
crtn = CCCryptorCreateFromData(op, encrAlg, options,
keyBytes, keyLen, iv,
ctx, ctxSize, &cryptor, &ctxSizeCreated);
if(crtn) {
printCCError("CCCryptorCreateFromData", crtn);
return crtn;
}
ctxMarker = ctx + ctxSizeCreated;
memset(ctxMarker, MARKER_BYTE, MARKER_LENGTH);
}
else {
crtn = CCCryptorCreate(op, encrAlg, options,
keyBytes, keyLen, iv,
&cryptor);
if(crtn) {
printCCError("CCCryptorCreate", crtn);
return crtn;
}
}
toMove = inTextLen; /* total to go */
outp = outBuf;
outBytes = 0; /* bytes actually produced in outBuf */
while(toMove) {
uint32 thisMoveIn; /* input to CCryptUpdate() */
thisMoveIn = genRand(1, toMove);
logSize(("###ptext segment len %lu\n", (unsigned long)thisMoveIn));
if(askOutSize) {
thisOutLen = CCCryptorGetOutputLength(cryptor, thisMoveIn, false);
}
else {
thisOutLen = outLen;
}
crtn = CCCryptorUpdate(cryptor, inp, thisMoveIn,
outp, thisOutLen, &thisMoveOut);
if(crtn) {
printCCError("CCCryptorUpdate", crtn);
goto errOut;
}
inp += thisMoveIn;
toMove -= thisMoveIn;
outp += thisMoveOut;
outLen -= thisMoveOut;
outBytes += thisMoveOut;
}
if(doPadding) {
/* Final is not needed if padding is disabled */
if(askOutSize) {
thisOutLen = CCCryptorGetOutputLength(cryptor, 0, true);
}
else {
thisOutLen = outLen;
}
crtn = CCCryptorFinal(cryptor, outp, thisOutLen, &thisMoveOut);
}
else {
thisMoveOut = 0;
crtn = kCCSuccess;
}
if(crtn) {
printCCError("CCCryptorFinal", crtn);
goto errOut;
}
outBytes += thisMoveOut;
*outText = outBuf;
*outTextLen = outBytes;
crtn = kCCSuccess;
for(dex=0; dex<MARKER_LENGTH; dex++) {
if(textMarker[dex] != MARKER_BYTE) {
printf("***lib scribbled on our textMarker memory (op=%s)!\n",
forEncrypt ? "encrypt" : "decrypt");
crtn = (CCCryptorStatus)-1;
}
}
if(ctxSize) {
for(dex=0; dex<MARKER_LENGTH; dex++) {
if(ctxMarker[dex] != MARKER_BYTE) {
printf("***lib scribbled on our ctxMarker memory (op=%s)!\n",
forEncrypt ? "encrypt" : "decrypt");
crtn = (CCCryptorStatus)-1;
}
}
}
errOut:
if(crtn) {
if(outBuf) {
free(outBuf);
}
}
if(cryptor) {
CCCryptorRelease(cryptor);
}
return crtn;
}
static wi_cipher_t * _wi_cipher_init_with_key(wi_cipher_t *cipher, wi_data_t *key, wi_data_t *iv) {
#ifdef WI_CIPHER_COMMONCRYPTO
CCCryptorStatus status;
#endif
unsigned char *key_buffer, *iv_buffer;
key_buffer = (unsigned char *) wi_data_bytes(key);
iv_buffer = iv ? (unsigned char *) wi_data_bytes(iv) : NULL;
cipher->key = wi_retain(key);
cipher->iv = wi_retain(iv);
#ifdef WI_CIPHER_OPENSSL
if(EVP_EncryptInit(&cipher->encrypt_ctx, cipher->cipher, NULL, NULL) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
if(EVP_DecryptInit(&cipher->decrypt_ctx, cipher->cipher, NULL, NULL) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
_wi_cipher_configure_cipher(cipher);
if(EVP_EncryptInit(&cipher->encrypt_ctx, cipher->cipher, key_buffer, iv_buffer) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
if(EVP_DecryptInit(&cipher->decrypt_ctx, cipher->cipher, key_buffer, iv_buffer) != 1) {
wi_error_set_openssl_error();
wi_release(cipher);
return NULL;
}
#endif
#ifdef WI_CIPHER_COMMONCRYPTO
status = CCCryptorCreate(kCCEncrypt,
cipher->algorithm,
kCCOptionPKCS7Padding,
key_buffer,
wi_data_length(cipher->key),
iv_buffer,
&cipher->encrypt_ref);
if(status != kCCSuccess) {
wi_error_set_commoncrypto_error(status);
wi_release(cipher);
return NULL;
}
status = CCCryptorCreate(kCCDecrypt,
cipher->algorithm,
kCCOptionPKCS7Padding,
key_buffer,
wi_data_length(cipher->key),
iv_buffer,
&cipher->decrypt_ref);
if(status != kCCSuccess) {
wi_error_set_commoncrypto_error(status);
wi_release(cipher);
return NULL;
}
#endif
return cipher;
}
U8_EXPORT ssize_t u8_cryptic
(int do_encrypt,const char *cname,
const unsigned char *key,int keylen,
const unsigned char *iv,int ivlen,
u8_block_reader reader,u8_block_writer writer,
void *readstate,void *writestate,
u8_context caller)
{
if (strncasecmp(cname,"rsa",3)==0) {
u8_seterr(_("RSA support NYI"),"u8_cryptic/CommonCrypto",u8_strdup(cname));
return -1;}
else {
CCCryptorRef ctx;
CCOptions options=0;
ssize_t inlen, outlen, totalin=0, totalout=0, retval=0;
unsigned char inbuf[1024], outbuf[1024];
struct U8_CCCIPHER *cipher=get_cipher(cname);
if (cipher) {
size_t blocksize=cipher->cc_blocksize;
ssize_t needivlen=cipher->cc_ivlen;
if (!((keylen<=cipher->cc_keymax)&&(keylen>=cipher->cc_keymin)))
return u8_reterr(u8_BadCryptoKey,
((caller)?(caller):((u8_context)"u8_cryptic")),
u8_mkstring("%d!=[%d,%d](%s)",keylen,
cipher->cc_keymin,cipher->cc_keymax,
cname));
if ((needivlen)&&(ivlen!=needivlen))
return u8_reterr(u8_BadCryptoIV,
((caller)?(caller):(COMMONCRYPTO_CRYPTIC)),
u8_mkstring("%d!=%d(%s)",ivlen,needivlen,cname));
if (needivlen==0) iv=NULL;
memset(&ctx,0,sizeof(ctx));
CCCryptorStatus status=CCCryptorCreate
(((do_encrypt)? (kCCEncrypt) : (kCCDecrypt)),
cipher->cc_algorithm,cipher->cc_opts,key,keylen,iv,&ctx);
u8_log(CRYPTO_LOGLEVEL,COMMONCRYPTO_CRYPTIC,
" %s cipher=%s, keylen=%d/[%d,%d], ivlen=%d, blocksize=%d\n",
((do_encrypt)?("encrypt"):("decrypt")),
cname,keylen,cipher->cc_keymin,cipher->cc_keymax,
ivlen,blocksize);
while (1) {
inlen = reader(inbuf,blocksize,readstate);
if (inlen <= 0) {
u8_log(CRYPTO_LOGLEVEL,COMMONCRYPTO_CRYPTIC,
"Finished %s(%s) with %ld in, %ld out",
((do_encrypt)?("encrypt"):("decrypt")),cname,
totalin,totalout);
break;}
if ((status=CCCryptorUpdate(ctx,inbuf,inlen,outbuf,1024,&outlen))
!=kCCSuccess) {
CCCryptorRelease(ctx);
return u8_reterr(u8_InternalCryptoError,
((caller)?(caller):((u8_context)"u8_cryptic")),
NULL);}
else {
u8_log(CRYPTO_LOGLEVEL,COMMONCRYPTO_CRYPTIC,
"%s(%s) consumed %d/%ld bytes, emitted %d/%ld bytes"
" in=<%v>\n out=<%v>",
((do_encrypt)?("encrypt"):("decrypt")),cname,
inlen,totalin,outlen,totalout+outlen,
inbuf,inlen,outbuf,outlen);
writer(outbuf,outlen,writestate);
totalout=totalout+outlen;}}
if ((status=CCCryptorFinal(ctx,outbuf,1024,&outlen))!=kCCSuccess) {
CCCryptorRelease(ctx);
return u8_reterr(u8_InternalCryptoError,
((caller)?(caller):((u8_context)"u8_cryptic")),
NULL);}
else {
writer(outbuf,outlen,writestate);
u8_log(CRYPTO_LOGLEVEL,COMMONCRYPTO_CRYPTIC,
"%s(%s) done after consuming %ld/%ld bytes, emitting %ld/%ld bytes"
"\n final out=<%v>",
((do_encrypt)?("encrypt"):("decrypt")),cname,
inlen,totalin,outlen,totalout+outlen,
outbuf,outlen);
CCCryptorRelease(ctx);
totalout=totalout+outlen;
return totalout;}}
else return u8_reterr("Unknown cipher",
((caller)?(caller):((u8_context)"u8_cryptic")),
u8_strdup(cname));
}
}
int
decryptInit(int (*writerFunc)(void *, size_t), void *h)
{
CCCryptorStatus status;
int rv;
writer = writerFunc;
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
strm.avail_in = 0;
strm.next_in = Z_NULL;
rv = inflateInit(&strm);
if (rv != Z_OK) {
printf("zlib init error\n");
return(-1);
}
getPassword();
memcpy(&header, h, sizeof(header));
if (isZero(encKey, kCCKeySizeAES256) ||
memcmp(header.keySalt, redsideSalts.keySalt, header.keySaltLen)) {
redsideSalts.keySaltLen = header.keySaltLen;
memcpy(redsideSalts.keySalt, header.keySalt, sizeof(header.keySalt));
/* AES KEY DERIVATION */
rv = CCKeyDerivationPBKDF(kCCPBKDF2,
password, strlen(password),
header.keySalt, header.keySaltLen,
kCCPRFHmacAlgSHA512,
kIterations,
encKey, kCCKeySizeAES256);
if (rv < 0) {
printf("Key derivation: error: %d\n", rv);
exit(1);
}
}
if (isZero(hmacKey, kCCKeySizeAES256) ||
memcmp(header.hmacSalt, redsideSalts.hmacSalt, sizeof(header.hmacSalt))) {
redsideSalts.hmacSaltLen = header.hmacSaltLen;
memcpy(redsideSalts.hmacSalt, header.hmacSalt, header.hmacSaltLen);
/* HMAC KEY DERIVATION */
rv = CCKeyDerivationPBKDF(kCCPBKDF2,
password, strlen(password),
header.hmacSalt, header.hmacSaltLen,
kCCPRFHmacAlgSHA512,
kIterations,
hmacKey, kCCKeySizeAES256);
if (rv < 0) {
printf("HMAC Key derivation: error: %d\n", rv);
exit(1);
}
}
CCHmacInit(&hmacContext, kCCHmacAlgSHA512, hmacKey, kCCKeySizeAES256);
CCHmacInit(&hmacContextPlain, kCCHmacAlgSHA512, hmacKey, kCCKeySizeAES256);
status = CCCryptorCreate(kCCDecrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
encKey, kCCKeySizeAES256,
header.iv,
&cryptorRef);
if (status != kCCSuccess) {
printf("cryptor init error\n");
return(-1);
}
return(0);
}
int
encryptInit(int (*writerFunc)(void *, size_t),
int (*seekerFunc)(size_t))
{
CCCryptorStatus status;
int rv;
writer = writerFunc;
seeker = seekerFunc;
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
rv = deflateInit(&strm, Z_DEFAULT_COMPRESSION);
if (rv != Z_OK) {
printf("zlib init error\n");
return(-1);
}
getPassword();
if (isZero(encKey, kCCKeySizeAES256) || isZero(hmacKey, kCCKeySizeAES256)) {
header.keySaltLen = redsideSalts.keySaltLen;
memcpy(header.keySalt, redsideSalts.keySalt, header.keySaltLen);
/* AES KEY DERIVATION */
rv = CCKeyDerivationPBKDF(kCCPBKDF2,
password, strlen(password),
header.keySalt, header.keySaltLen,
kCCPRFHmacAlgSHA512,
kIterations,
encKey, kCCKeySizeAES256);
if (rv < 0) {
printf("Key derivation: error: %d\n", rv);
exit(1);
}
header.hmacSaltLen = redsideSalts.hmacSaltLen;
memcpy(header.hmacSalt, redsideSalts.hmacSalt, header.hmacSaltLen);
/* HMAC KEY DERIVATION */
rv = CCKeyDerivationPBKDF(kCCPBKDF2,
password, strlen(password),
header.hmacSalt, header.hmacSaltLen,
kCCPRFHmacAlgSHA512,
kIterations,
hmacKey, kCCKeySizeAES256);
if (rv < 0) {
printf("HMAC Key derivation: error: %d\n", rv);
exit(1);
}
}
if (isZero(header.iv, sizeof(header.iv)))
getSalt(header.iv, sizeof(header.iv));
CCHmacInit(&hmacContext, kCCHmacAlgSHA512, hmacKey, kCCKeySizeAES256);
CCHmacInit(&hmacContextPlain, kCCHmacAlgSHA512, hmacKey, kCCKeySizeAES256);
status = CCCryptorCreate(kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
encKey, kCCKeySizeAES256,
header.iv,
&cryptorRef);
if (status != kCCSuccess) {
printf("cryptor init error\n");
return(-1);
}
seeker(sizeof(header));
return(0);
}
int main(int argc, char **argv)
{
unsigned loops = LOOPS_DEF;
unsigned bufSize = BUFSIZE_DEF;
unsigned algFirst = ALG_FIRST;
unsigned algLast = ALG_LAST;
bool ecbMode = false;
extern char *optarg;
int arg;
while ((arg = getopt(argc, argv, "a:l:b:eh")) != -1) {
switch (arg) {
case 'a':
switch(optarg[0]) {
case 'a':
algFirst = algLast = ALG_AES_128;
break;
case 'n':
algFirst = algLast = ALG_AES_192;
break;
case 'A':
algFirst = algLast = ALG_AES_256;
break;
case 'd':
algFirst = algLast = ALG_DES;
break;
case '3':
algFirst = algLast = ALG_3DES;
break;
case 'c':
algFirst = algLast = ALG_CAST;
case '4':
algFirst = algLast = ALG_RC4;
}
break;
case 'l':
loops = atoi(optarg);
break;
case 'b':
bufSize = atoi(optarg);
break;
case 'e':
ecbMode = true;
break;
case 'h':
usage(argv);
}
}
if(optind != argc) {
usage(argv);
}
/*
* encrypt and decrypt on workBuf
* save original ptext in saveBuf, compare at end as sanity check
* for ECB only
*/
unsigned char *workBuf = (unsigned char *)malloc(bufSize);
unsigned char *saveBuf = (unsigned char *)malloc(bufSize);
if((workBuf == NULL) || (saveBuf == NULL)) {
printf("***malloc failure\n");
exit(1);
}
appGetRandomBytes(workBuf, bufSize);
memmove(saveBuf, workBuf, bufSize);
uint8_t keyBytes[MAX_KEY_SIZE];
size_t keyLength;
appGetRandomBytes(keyBytes, MAX_KEY_SIZE);
CCCryptorRef cryptor;
CCAlgorithm alg;
CCOptions options = 0;
OSStatus ortn;
if(ecbMode) {
options |= kCCOptionECBMode;
}
unsigned currAlg;
for(currAlg=algFirst; currAlg<=algLast; currAlg++) {
const char *algStr = NULL;
switch(currAlg) {
case ALG_DES:
keyLength = kCCKeySizeDES;
alg = kCCAlgorithmDES;
algStr = "DES ";
break;
case ALG_3DES:
keyLength = kCCKeySize3DES;
alg = kCCAlgorithm3DES;
algStr = "3DES";
break;
case ALG_AES_128:
keyLength = kCCKeySizeAES128;
alg = kCCAlgorithmAES128;
algStr = "AES128";
break;
case ALG_AES_192:
keyLength = kCCKeySizeAES192;
alg = kCCAlgorithmAES128;
algStr = "AES192";
break;
case ALG_AES_256:
keyLength = kCCKeySizeAES256;
alg = kCCAlgorithmAES128;
algStr = "AES256";
break;
case ALG_CAST:
keyLength = kCCKeySizeMaxCAST;
alg = kCCAlgorithmCAST;
algStr = "CAST";
break;
case ALG_RC4:
keyLength = kCCKeySizeMaxRC4;
alg = kCCAlgorithmRC4;
algStr = "RC4";
break;
}
printf("Algorithm: %s keySize: %u mode: %s loops: %u bufSize: %u\n",
algStr, (unsigned)keyLength, ecbMode ? "ECB" : "CBC",
(unsigned)loops, (unsigned)bufSize);
CFAbsoluteTime start, end;
unsigned loop;
size_t thisMoved;
/* encrypt: GO */
start = CFAbsoluteTimeGetCurrent();
ortn = CCCryptorCreate(kCCEncrypt, alg, options,
keyBytes, keyLength, NULL, &cryptor);
if(ortn) {
printCCError("CCCryptorCreate", ortn);
exit(1);
}
for(loop=0; loop<loops; loop++) {
ortn = CCCryptorUpdate(cryptor, workBuf, bufSize,
workBuf, bufSize, &thisMoved);
if(ortn) {
printCCError("CCCryptorUpdate", ortn);
exit(1);
}
}
/* no padding, CCCryptFinal not needed */
end = CFAbsoluteTimeGetCurrent();
printf(" encrypt %u * %u bytes took %gs: %g KBytes/s\n",
(unsigned)loops, (unsigned)bufSize,
end - start,
(loops * bufSize) / (end - start) / 1024.0);
/* dncrypt: GO */
start = CFAbsoluteTimeGetCurrent();
ortn = CCCryptorCreate(kCCDecrypt, alg, options,
keyBytes, keyLength, NULL, &cryptor);
if(ortn) {
printCCError("CCCryptorCreate", ortn);
exit(1);
}
for(loop=0; loop<loops; loop++) {
ortn = CCCryptorUpdate(cryptor, workBuf, bufSize,
workBuf, bufSize, &thisMoved);
if(ortn) {
printCCError("CCCryptorUpdate", ortn);
exit(1);
}
}
/* no padding, CCCryptFinal not needed */
end = CFAbsoluteTimeGetCurrent();
printf(" decrypt %u * %u bytes took %gs: %g KBytes/s\n",
(unsigned)loops, (unsigned)bufSize,
end - start,
(loops * bufSize) / (end - start) / 1024.0);
if(ecbMode) {
if(memcmp(workBuf, saveBuf, bufSize)) {
printf("***plaintext miscompare!\n");
}
}
}
return 0;
}
