void encrypt_buf(struct encryption_ctx *ctx, char *buf, int *len) {
if (_method == EncryptionTable) {
table_encrypt(buf, *len);
} else {
if (ctx->status == STATUS_EMPTY) {
int iv_len = encryption_iv_len[_method];
unsigned char iv[EVP_MAX_IV_LENGTH];
memset(iv, 0, iv_len);
RAND_bytes(iv, iv_len);
init_cipher(ctx, iv, iv_len, 1);
int out_len = *len + EVP_CIPHER_CTX_block_size(ctx->ctx);
unsigned char *cipher_text = malloc(out_len);
EVP_CipherUpdate(ctx->ctx, cipher_text, &out_len, buf, *len);
memcpy(buf, iv, iv_len);
memcpy(buf + iv_len, cipher_text, out_len);
*len = iv_len + out_len;
free(cipher_text);
} else {
int out_len = *len + EVP_CIPHER_CTX_block_size(ctx->ctx);
unsigned char *cipher_text = malloc(out_len);
EVP_CipherUpdate(ctx->ctx, cipher_text, &out_len, buf, *len);
memcpy(buf, cipher_text, out_len);
*len = out_len;
free(cipher_text);
}
}
}
soter_status_t soter_sym_aead_decrypt_update(soter_sym_ctx_t *ctx, const void* cipher_data, const size_t cipher_data_length, void* plain_data, size_t* plain_data_length){
if(plain_data==NULL || (*plain_data_length)<(cipher_data_length+EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx))-1)){
(*plain_data_length)=cipher_data_length+EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx))-1;
return SOTER_BUFFER_TOO_SMALL;
}
return soter_sym_ctx_update(ctx, cipher_data, cipher_data_length, plain_data, plain_data_length, false);
}
int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
const EVP_CIPHER *cipher, ENGINE *impl)
{
static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
#ifdef OPENSSL_FIPS
if (FIPS_mode()) {
/* If we have an ENGINE need to allow non FIPS */
if ((impl || ctx->cctx.engine)
&& !(ctx->cctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) {
EVPerr(EVP_F_CMAC_INIT, EVP_R_DISABLED_FOR_FIPS);
return 0;
}
/*
* Other algorithm blocking will be done in FIPS_cmac_init, via
* FIPS_cipherinit().
*/
if (!impl && !ctx->cctx.engine)
return FIPS_cmac_init(ctx, key, keylen, cipher, NULL);
}
#endif
/* All zeros means restart */
if (!key && !cipher && !impl && keylen == 0) {
/* Not initialised */
if (ctx->nlast_block == -1)
return 0;
if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
return 0;
sgx_memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
ctx->nlast_block = 0;
return 1;
}
/* Initialiase context */
if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
return 0;
/* Non-NULL key means initialisation complete */
if (key) {
int bl;
if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
return 0;
if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
return 0;
if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
return 0;
bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
return 0;
make_kn(ctx->k1, ctx->tbl, bl);
make_kn(ctx->k2, ctx->k1, bl);
OPENSSL_cleanse(ctx->tbl, bl);
/* Reset context again ready for first data block */
if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
return 0;
/* Zero tbl so resume works */
sgx_memset(ctx->tbl, 0, bl);
ctx->nlast_block = 0;
}
return 1;
}
// 입력 파라미터: byte *msg; int msg_len; byte *key;
// 출력 파라미터: byte **enc_msg; int *enc_msg_len;
int encryptAES(byte *msg, int msg_len, byte *key, byte **enc_msg, int *enc_msg_len )
{
int result = TRUE;
int templen;
// EVP 객체를 이용한 AES 암호화
// ctx(암호화에 사용되는 데이터들이 저장되는 임시 저장소) 초기화
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
// 초기화: 암호 알고리즘 할당, 키 할당, IV 할당
EVP_EncryptInit_ex(&ctx, EVP_des_ofb(), NULL, key, IVseedConstant);
// 초기화 끝난 후에 암호문 저장될 메모리 할당
*enc_msg = malloc( msg_len + EVP_CIPHER_CTX_block_size(&ctx) );
if( enc_msg == NULL )
return FALSE;
// 업데이트: 메시지 암호화(마지막 블록 제외)
if(!EVP_EncryptUpdate(&ctx, *enc_msg, enc_msg_len, msg, msg_len))
result = FALSE;
// 종료: 마지막 블록 암호화
if(!EVP_EncryptFinal_ex(&ctx, enc_msg+(*enc_msg_len), &templen))
result = FALSE;
EVP_CIPHER_CTX_cleanup(&ctx);
return result;
}
/*
* call-seq:
* cipher.update(data [, buffer]) -> string or buffer
*
* Encrypts data in a streaming fashion. Hand consecutive blocks of data
* to the +update+ method in order to encrypt it. Returns the encrypted
* data chunk. When done, the output of Cipher#final should be additionally
* added to the result.
*
* === Parameters
* +data+ is a nonempty string.
* +buffer+ is an optional string to store the result.
*/
static VALUE
ossl_cipher_update(int argc, VALUE *argv, VALUE self)
{
EVP_CIPHER_CTX *ctx;
unsigned char *in;
long in_len, out_len;
VALUE data, str;
rb_scan_args(argc, argv, "11", &data, &str);
StringValue(data);
in = (unsigned char *)RSTRING_PTR(data);
if ((in_len = RSTRING_LEN(data)) == 0)
ossl_raise(rb_eArgError, "data must not be empty");
GetCipher(self, ctx);
out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
if (out_len <= 0) {
ossl_raise(rb_eRangeError,
"data too big to make output buffer: %ld bytes", in_len);
}
if (NIL_P(str)) {
str = rb_str_new(0, out_len);
} else {
StringValue(str);
rb_str_resize(str, out_len);
}
if (!ossl_cipher_update_long(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
ossl_raise(eCipherError, NULL);
assert(out_len < RSTRING_LEN(str));
rb_str_set_len(str, out_len);
return str;
}
static int
do_cipher(EVP_CIPHER_CTX *cipher_ctx, const u8 *in, size_t in_len,
u8 **out, size_t *out_len)
{
const u8 *end;
u8 *p;
size_t bl, done, left, total;
*out = p = (u8 *) malloc(in_len + EVP_CIPHER_CTX_key_length(cipher_ctx));
*out_len = total = 0;
bl = EVP_CIPHER_CTX_block_size(cipher_ctx);
end = in + in_len;
while (in < end) {
if ((left = end - in) > bl)
left = bl;
if (!EVP_CipherUpdate(cipher_ctx,
p + total, (int *) &done,
(u8 *) in, (int)left))
goto fail;
total += done;
in += left;
}
if (1 || total < in_len) {
if (!EVP_CipherFinal(cipher_ctx, p + total, (int *) &done))
goto fail;
total += done;
}
*out_len = total;
return 0;
fail: free(p);
return SC_ERROR_INTERNAL;
}
bool AesPasswordCipher::decrypt(const uint8_t* input, size_t input_size, std::vector<uint8_t>& output) {
if(!evpCipher)
evpCipher.reset(EVP_CIPHER_CTX_new());
if(EVP_DecryptInit_ex(evpCipher.get(), EVP_aes_128_cbc(), nullptr, key, key + 16) <= 0)
return false;
int bytesWritten = 0;
size_t totalLength = 0;
int blockSize = EVP_CIPHER_CTX_block_size(evpCipher.get());
output.resize(input_size + blockSize);
if(EVP_DecryptUpdate(evpCipher.get(), &output[0], &bytesWritten, input, input_size) <= 0)
return false;
totalLength += bytesWritten;
if(EVP_DecryptFinal_ex(evpCipher.get(), &output[0] + totalLength, &bytesWritten) <= 0)
return false;
totalLength += bytesWritten;
output.resize(totalLength);
return true;
}
void encryptfile(FILE * fpin,FILE* fpout,unsigned char* key, unsigned char* iv)
{
//Using openssl EVP to encrypt a file
const unsigned bufsize = 4096;
unsigned char* read_buf = malloc(bufsize);
unsigned char* cipher_buf ;
unsigned blocksize;
int out_len;
EVP_CIPHER_CTX ctx;
EVP_CipherInit(&ctx,EVP_aes_256_cbc(),key,iv,1);
blocksize = EVP_CIPHER_CTX_block_size(&ctx);
cipher_buf = malloc(bufsize+blocksize);
// read file and write encrypted file until eof
while(1)
{
int bytes_read = fread(read_buf,sizeof(unsigned char),bufsize,fpin);
EVP_CipherUpdate(&ctx,cipher_buf,&out_len,read_buf, bytes_read);
fwrite(cipher_buf,sizeof(unsigned char),out_len,fpout);
if(bytes_read < bufsize)
{
break;//EOF
}
}
EVP_CipherFinal(&ctx,cipher_buf,&out_len);
fwrite(cipher_buf,sizeof(unsigned char),out_len,fpout);
free(cipher_buf);
free(read_buf);
}
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
{
int i, bl, lb;
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !ctx->cctx.engine)
return FIPS_cmac_final(ctx, out, poutlen);
#endif
if (ctx->nlast_block == -1)
return 0;
bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
*poutlen = (size_t)bl;
if (!out)
return 1;
lb = ctx->nlast_block;
/* Is last block complete? */
if (lb == bl)
{
for (i = 0; i < bl; i++)
out[i] = ctx->last_block[i] ^ ctx->k1[i];
}
else
{
ctx->last_block[lb] = 0x80;
if (bl - lb > 1)
memset(ctx->last_block + lb + 1, 0, bl - lb - 1);
for (i = 0; i < bl; i++)
out[i] = ctx->last_block[i] ^ ctx->k2[i];
}
if (!EVP_Cipher(&ctx->cctx, out, out, bl))
{
OPENSSL_cleanse(out, bl);
return 0;
}
return 1;
}
std::string problem07() {
std::ifstream instream;
instream.open(rootdir + "res/p7.txt", std::ios::in);
if (!instream.is_open()) {
std::cerr << "Can't open p7.txt\n";
return std::string("p07 failed.\n");
}
std::string in{};
std::string line;
while(std::getline(instream, line)) {
in += line;
}
BinaryBlob b7 = BinaryBlob(in, 64);
int num_bytes = b7.size();
int act_num_bytes = 0, tot_bytes = 0;
unsigned char key[] = "YELLOW SUBMARINE";
EVP_CIPHER_CTX* my_cipher_ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit_ex(my_cipher_ctx, EVP_aes_128_ecb(), NULL, key, NULL);
unsigned char* out = (unsigned char *) malloc(num_bytes * 2 + EVP_CIPHER_CTX_block_size(my_cipher_ctx));
if (!out)
return "p7 - OOM\n";
EVP_DecryptUpdate(my_cipher_ctx, out, &act_num_bytes, b7.getRawBuf(), num_bytes);
tot_bytes += act_num_bytes;
EVP_DecryptFinal_ex(my_cipher_ctx, out + act_num_bytes, &act_num_bytes);
tot_bytes += act_num_bytes;
EVP_CIPHER_CTX_free(my_cipher_ctx);
BinaryBlob s7 = BinaryBlob(out, tot_bytes);
return s7.ascii();
}
int
XCBC_Final(XCBC_CTX *xctx,
uint8_t *out)
{
int bl, n, outl;
bl = EVP_CIPHER_CTX_block_size(xctx->ctx);
/* xctx->r = M[n] */
if (xctx->size == bl) {
for (n = 0; n < bl; n++)
xctx->m[n] = xctx->r[n] ^ xctx->e[n] ^ xctx->k2[n];
} else {
for (n = xctx->size; n < bl; n++)
xctx->r[n] = (n == xctx->size) ? 0x80 : 0x00;
for (n = 0; n < bl; n++) {
xctx->m[n] = xctx->r[n] ^ xctx->e[n] ^ xctx->k3[n];
}
}
OPENSSL_try(EVP_CipherUpdate(xctx->ctx,
xctx->e, &outl,
xctx->m, bl),
"cipher update error (finalizing)", return0);
memcpy(out, xctx->e, bl);
return 1;
return0:
return 0;
}
/*
* call-seq:
* cipher.update(data [, buffer]) -> string or buffer
*
* === Parameters
* +data+ is a nonempty string.
* +buffer+ is an optional string to store the result.
*/
static VALUE
ossl_cipher_update(int argc, VALUE *argv, VALUE self)
{
EVP_CIPHER_CTX *ctx;
char *in;
int in_len, out_len;
VALUE data, str;
rb_scan_args(argc, argv, "11", &data, &str);
StringValue(data);
in = RSTRING_PTR(data);
if ((in_len = RSTRING_LEN(data)) == 0)
rb_raise(rb_eArgError, "data must not be empty");
GetCipher(self, ctx);
out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
if (NIL_P(str)) {
str = rb_str_new(0, out_len);
} else {
StringValue(str);
rb_str_resize(str, out_len);
}
if (!EVP_CipherUpdate(ctx, RSTRING_PTR(str), &out_len, in, in_len))
ossl_raise(eCipherError, NULL);
assert(out_len < RSTRING_LEN(str));
rb_str_set_len(str, out_len);
return str;
}
int
XCBC_Init(XCBC_CTX *xctx,
const uint8_t const *k)
{
int bl, outl;
EVP_CIPHER_CTX *ctx;
uint8_t k1[XCBC_MAX_BLOCK_LENGTH];
ctx = xctx->ctx;
EVP_CIPHER_CTX_init(ctx);
OPENSSL_try(EVP_CipherInit_ex(ctx, EVP_aes_128_ecb(), NULL, k, NULL, 1),
"cipher init error", return0);
bl = EVP_CIPHER_CTX_block_size((const EVP_CIPHER_CTX *)ctx);
OPENSSL_try(EVP_CipherUpdate(ctx, k1, &outl, ks1, bl),
"cipher update error (k1)", return0);
OPENSSL_try(EVP_CipherUpdate(ctx, xctx->k2, &outl, ks2, bl),
"cipher update error (k2)", return0);
OPENSSL_try(EVP_CipherUpdate(ctx, xctx->k3, &outl, ks3, bl),
"cipher update error (k3)", return0);
OPENSSL_try(EVP_CipherInit_ex(ctx, NULL, NULL, k1, NULL, -1),
"cipher reset error", return0);
memset(xctx->e, 0, bl);
xctx->size = 0;
return 1;
return0:
return 0;
}
unsigned char * aes_oneshot_encrypt( unsigned char * key, int key_len,
unsigned char * salt, int salt_len,
unsigned char * data, int data_len,
int * out_len)
{
int nalloc = 0;
int npartial = 0;
int nfinal = 0;
unsigned char * encrypted = 0;
unsigned char key_buff[SHA256_DIGEST_LENGTH];
unsigned char iv_buff[SHA256_DIGEST_LENGTH];
*out_len = 0;
SHA256( key, key_len, key_buff );
SHA256( salt, salt_len, iv_buff );
EVP_CIPHER_CTX ctx;
EVP_EncryptInit(&ctx, EVP_aes_256_cbc(), key_buff, iv_buff);
nalloc = data_len + EVP_CIPHER_CTX_block_size(&ctx);
encrypted = malloc( nalloc );
EVP_EncryptUpdate(&ctx, encrypted, &npartial, data, data_len);
EVP_EncryptFinal_ex(&ctx, encrypted+npartial, &nfinal);
*out_len = npartial + nfinal;
return encrypted;
}
soter_status_t soter_sym_ctx_final(soter_sym_ctx_t *ctx,
void* out_data,
size_t* out_data_length,
bool encrypt){
if((ctx->alg&SOTER_SYM_PADDING_MASK)!=0){
if((*out_data_length)<EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx))){
(*out_data_length)=EVP_CIPHER_CTX_block_size(&(ctx->evp_sym_ctx));
return SOTER_BUFFER_TOO_SMALL;
}
}
if(encrypt){
SOTER_CHECK(EVP_EncryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)out_data_length)!=0);
} else {
SOTER_CHECK(EVP_DecryptFinal(&(ctx->evp_sym_ctx), out_data, (int*)out_data_length)!=0);
}
return SOTER_SUCCESS;
}
STDMETHODIMP CBCipher::get_BlockSize(short *pVal)
{
if(!m_ctx.cipher)return SetErrorInfo(s_strAlgoError);
*pVal = EVP_CIPHER_CTX_block_size(&m_ctx);
return S_OK;
}
int
CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
const EVP_CIPHER *cipher, ENGINE *impl)
{
static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
/* All zeros means restart */
if (!key && !cipher && !impl && keylen == 0) {
/* Not initialised */
if (ctx->nlast_block == -1)
return 0;
if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
return 0;
memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
ctx->nlast_block = 0;
return 1;
}
/* Initialiase context */
if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
return 0;
/* Non-NULL key means initialisation complete */
if (key) {
int bl;
if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
return 0;
if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
return 0;
if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
return 0;
bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
return 0;
make_kn(ctx->k1, ctx->tbl, bl);
make_kn(ctx->k2, ctx->k1, bl);
OPENSSL_cleanse(ctx->tbl, bl);
/* Reset context again ready for first data block */
if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
return 0;
/* Zero tbl so resume works */
memset(ctx->tbl, 0, bl);
ctx->nlast_block = 0;
}
return 1;
}
// virtual
U32 LLBlowfishCipher::encrypt(const U8* src, U32 src_len, U8* dst, U32 dst_len)
{
if (!src || !src_len || !dst || !dst_len) return 0;
if (src_len > dst_len) return 0;
// OpenSSL uses "cipher contexts" to hold encryption parameters.
EVP_CIPHER_CTX context;
EVP_CIPHER_CTX_init(&context);
// We want a blowfish cyclic block chain cipher, but need to set
// the key length before we pass in a key, so call EncryptInit
// first with NULLs.
EVP_EncryptInit_ex(&context, EVP_bf_cbc(), NULL, NULL, NULL);
EVP_CIPHER_CTX_set_key_length(&context, (int)mSecretSize);
// Complete initialization. Per EVP_EncryptInit man page, the
// cipher pointer must be NULL. Apparently initial_vector must
// be 8 bytes for blowfish, as this is the block size.
unsigned char initial_vector[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
EVP_EncryptInit_ex(&context, NULL, NULL, mSecret, initial_vector);
int blocksize = EVP_CIPHER_CTX_block_size(&context);
int keylen = EVP_CIPHER_CTX_key_length(&context);
int iv_length = EVP_CIPHER_CTX_iv_length(&context);
lldebugs << "LLBlowfishCipher blocksize " << blocksize
<< " keylen " << keylen
<< " iv_len " << iv_length
<< llendl;
int output_len = 0;
int temp_len = 0;
if (!EVP_EncryptUpdate(&context,
dst,
&output_len,
src,
src_len))
{
llwarns << "LLBlowfishCipher::encrypt EVP_EncryptUpdate failure" << llendl;
goto ERROR;
}
// There may be some final data left to encrypt if the input is
// not an exact multiple of the block size.
if (!EVP_EncryptFinal_ex(&context, (unsigned char*)(dst + output_len), &temp_len))
{
llwarns << "LLBlowfishCipher::encrypt EVP_EncryptFinal failure" << llendl;
goto ERROR;
}
output_len += temp_len;
EVP_CIPHER_CTX_cleanup(&context);
return output_len;
ERROR:
EVP_CIPHER_CTX_cleanup(&context);
return 0;
}
int
_krb5_evp_encrypt_iov(krb5_context context,
struct _krb5_key_data *key,
struct krb5_crypto_iov *iov,
int niov,
krb5_boolean encryptp,
int usage,
void *ivec)
{
size_t blocksize, blockmask, wholeblocks;
struct _krb5_evp_schedule *ctx = key->schedule->data;
unsigned char tmp[EVP_MAX_BLOCK_LENGTH];
EVP_CIPHER_CTX *c;
struct _krb5_evp_iov_cursor cursor;
c = encryptp ? &ctx->ectx : &ctx->dctx;
blocksize = EVP_CIPHER_CTX_block_size(c);
blockmask = ~(blocksize - 1);
if (ivec)
EVP_CipherInit_ex(c, NULL, NULL, NULL, ivec, -1);
else
EVP_CipherInit_ex(c, NULL, NULL, NULL, zero_ivec, -1);
_krb5_evp_iov_cursor_init(&cursor, iov, niov);
while (!_krb5_evp_iov_cursor_done(&cursor)) {
/* Number of bytes of data in this iovec that are in whole blocks */
wholeblocks = cursor.current.length & ~blockmask;
if (wholeblocks != 0) {
EVP_Cipher(c, cursor.current.data,
cursor.current.data, wholeblocks);
_krb5_evp_iov_cursor_advance(&cursor, wholeblocks);
}
/* If there's a partial block of data remaining in the current
* iovec, steal enough from subsequent iovecs to form a whole block */
if (cursor.current.length > 0 && cursor.current.length < blocksize) {
/* Build up a block's worth of data in tmp, leaving the cursor
* pointing at where we started */
_krb5_evp_iov_cursor_fillbuf(&cursor, tmp, blocksize, NULL);
EVP_Cipher(c, tmp, tmp, blocksize);
/* Copy the data in tmp back into the iovecs that it came from,
* advancing the cursor */
_krb5_evp_iov_cursor_fillvec(&cursor, tmp, blocksize);
}
}
return 0;
}
static int kek_unwrap_key(unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx)
{
size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
unsigned char *tmp;
int outl, rv = 0;
if (inlen < 2 * blocklen)
{
/* too small */
return 0;
}
if (inlen % blocklen)
{
/* Invalid size */
return 0;
}
tmp = OPENSSL_malloc(inlen);
/* setup IV by decrypting last two blocks */
if (!EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
in + inlen - 2 * blocklen, blocklen * 2)
/* Do a decrypt of last decrypted block to set IV to correct value
* output it to start of buffer so we don't corrupt decrypted block
* this works because buffer is at least two block lengths long.
*/
|| !EVP_DecryptUpdate(ctx, tmp, &outl,
tmp + inlen - blocklen, blocklen)
/* Can now decrypt first n - 1 blocks */
|| !EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen)
/* Reset IV to original value */
|| !EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL)
/* Decrypt again */
|| !EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen))
goto err;
/* Check check bytes */
if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff)
{
/* Check byte failure */
goto err;
}
if (inlen < (size_t)(tmp[0] - 4 ))
{
/* Invalid length value */
goto err;
}
*outlen = (size_t)tmp[0];
memcpy(out, tmp + 4, *outlen);
rv = 1;
err:
OPENSSL_cleanse(tmp, inlen);
OPENSSL_free(tmp);
return rv;
}
/* //////////////////////////// PRIVATE/PROTECTED //////////////////////////////////// */
OsStatus OsEncryption::init(Direction direction)
{
OsStatus retval = OS_FAILED;
#if defined(OSENCRYPTION)
release();
if (mKeyLen > 0 && mKey != NULL && mDataLen > 0 && mData != NULL)
{
ERR_clear_error();
SSLeay_add_all_algorithms();
mAlgorithm = PKCS5_pbe_set(NID_pbeWithMD5AndDES_CBC,
PKCS5_DEFAULT_ITER, mSalt, mSaltLen);
if (mAlgorithm != NULL)
{
EVP_CIPHER_CTX_init(&(mContext));
if (EVP_PBE_CipherInit(mAlgorithm->algorithm, (const char *)mKey, mKeyLen,
mAlgorithm->parameter, &(mContext), (int)direction))
{
int blockSize = EVP_CIPHER_CTX_block_size(&mContext);
int allocLen = mDataLen + mHeaderLen + blockSize + 1; // plus 1 for null terminator on decrypt
mResults = (unsigned char *)OPENSSL_malloc(allocLen);
if (mResults == NULL)
{
OsSysLog::add(FAC_AUTH, PRI_ERR, "Could not allocate cryption buffer(size=%d)",
allocLen);
}
else
{
retval = OS_SUCCESS;
}
}
else
{
OsSysLog::add(FAC_AUTH, PRI_ERR, "Could not initialize cipher");
}
}
else
{
OsSysLog::add(FAC_AUTH, PRI_ERR, "Could not initialize cryption algorithm");
}
}
else
{
OsSysLog::add(FAC_AUTH, PRI_ERR, "No encryption key(%d) or data(%d) set.\n",
mKeyLen, mDataLen);
}
#endif
return retval;
}
/*
* Encrypt/Decrypt a buffer based on password and algor, result in a
* OPENSSL_malloc'ed buffer
*/
unsigned char *PKCS12_pbe_crypt(const X509_ALGOR *algor,
const char *pass, int passlen,
const unsigned char *in, int inlen,
unsigned char **data, int *datalen, int en_de)
{
unsigned char *out = NULL;
int outlen, i;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if (ctx == NULL) {
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
/* Decrypt data */
if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
algor->parameter, ctx, en_de)) {
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
goto err;
}
if ((out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(ctx)))
== NULL) {
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EVP_CipherUpdate(ctx, out, &i, in, inlen)) {
OPENSSL_free(out);
out = NULL;
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB);
goto err;
}
outlen = i;
if (!EVP_CipherFinal_ex(ctx, out + i, &i)) {
OPENSSL_free(out);
out = NULL;
PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
goto err;
}
outlen += i;
if (datalen)
*datalen = outlen;
if (data)
*data = out;
err:
EVP_CIPHER_CTX_free(ctx);
return out;
}
size_t get_ciphertext_size(size_t plaintext_len) {
size_t block_size = 0;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
if(!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, NULL, NULL)) return 0;
block_size = EVP_CIPHER_CTX_block_size(&ctx);
EVP_CIPHER_CTX_cleanup(&ctx);
return plaintext_len + block_size;
}
static int pbe_crypt(const X509_ALGOR *algor,
const uint8_t *pass_raw, size_t pass_raw_len,
const uint8_t *in, size_t in_len,
uint8_t **out, size_t *out_len,
int is_encrypt) {
uint8_t *buf;
int n, ret = 0;
EVP_CIPHER_CTX ctx;
unsigned block_size;
EVP_CIPHER_CTX_init(&ctx);
if (!pbe_cipher_init(algor->algorithm, pass_raw, pass_raw_len,
algor->parameter, &ctx, is_encrypt)) {
OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM);
return 0;
}
block_size = EVP_CIPHER_CTX_block_size(&ctx);
if (in_len + block_size < in_len) {
OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_TOO_LONG);
goto err;
}
buf = OPENSSL_malloc(in_len + block_size);
if (buf == NULL) {
OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EVP_CipherUpdate(&ctx, buf, &n, in, in_len)) {
OPENSSL_free(buf);
OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB);
goto err;
}
*out_len = n;
if (!EVP_CipherFinal_ex(&ctx, buf + n, &n)) {
OPENSSL_free(buf);
OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB);
goto err;
}
*out_len += n;
*out = buf;
ret = 1;
err:
EVP_CIPHER_CTX_cleanup(&ctx);
return ret;
}
int CBCMAC_Update(CBCMAC_CTX *ctx, const void *data, size_t datalen)
{
int block_size;
int i, n, len;
const unsigned char *in = (const unsigned char *)data;
block_size = EVP_CIPHER_CTX_block_size(&ctx->cipher_ctx);
if (ctx->worklen) {
n = block_size - ctx->worklen;
if (datalen < n) {
for (i = 0; i < datalen; i++) {
ctx->workspace[ctx->worklen + i] = in[i];
}
ctx->worklen += datalen;
return 0;
} else {
for (i = 0; i < n; i++) {
ctx->workspace[ctx->worklen + i] = in[i] ^ ctx->cbcstate[i];
}
if (!EVP_EncryptUpdate(&ctx->cipher_ctx, ctx->cbcstate, &len,
ctx->workspace, block_size)) {
return 0;
}
}
while (n < datalen) {
for (i = 0; i < block_size; i++) {
ctx->workspace[i] = in[n + i] ^ ctx->cbcstate[i];
}
n += block_size;
if (!EVP_EncryptUpdate(&ctx->cipher_ctx, ctx->cbcstate, &len,
ctx->workspace, block_size)) {
return 0;
}
}
ctx->worklen = datalen - n;
for (i = 0; i < ctx->worklen; i++) {
ctx->workspace[i] = in[n + i];
}
}
return 0;
}
int
aes_init (crypt_data_t* crypt_data, crypt_init_t crypt_init)
{
const EVP_CIPHER* cipher = 0;
switch (crypt_data->keysize) {
case 16:
cipher = EVP_aes_128_cbc ();
break;
case 24:
cipher = EVP_aes_192_cbc ();
break;
case 32:
cipher = EVP_aes_256_cbc ();
break;
default:
fprintf (stderr, "Invalid key size.\n");
return -1;
}
EVP_CIPHER_CTX_init (&crypt_data->ctx);
if (!crypt_init (&crypt_data->ctx,
cipher,
NULL,
crypt_data->keybuf,
crypt_data->ivbuf)) {
fprintf (stderr, "OpenSSL initialization failed.\n");
return 1;
}
if (verbose) {
fprintf (stderr,
"EVP Initialized\n Algorithm: %s\n",
EVP_CIPHER_name (EVP_CIPHER_CTX_cipher (&crypt_data->ctx)));
fprintf (stderr, " IV: ");
pp_buf (stderr, crypt_data->ivbuf, crypt_data->ivsize, 16, 2);
fprintf (stderr, " Key: ");
pp_buf (stderr, crypt_data->keybuf, crypt_data->keysize, 16, 2);
}
crypt_data->buf_size = INBUFSIZE;
crypt_data->out_buf =
(char*)malloc (crypt_data->buf_size +
EVP_CIPHER_CTX_block_size (&crypt_data->ctx));
crypt_data->in_buf = (char*)malloc (crypt_data->buf_size);
if (!crypt_data->out_buf || !crypt_data->in_buf) {
fprintf (stderr, "Unable to allocate memory.\n");
return 1;
}
return 0;
}
void decrypt_buf(struct encryption_ctx *ctx, char *buf, int *len) {
if (_method == EncryptionTable) {
table_decrypt(buf, *len);
} else {
if (ctx->status == STATUS_EMPTY) {
int iv_len = encryption_iv_len[_method];
init_cipher(ctx, buf, iv_len, 0);
int out_len = *len + EVP_CIPHER_CTX_block_size(ctx->ctx);
out_len -= iv_len;
unsigned char *cipher_text = malloc(out_len);
EVP_CipherUpdate(ctx->ctx, cipher_text, &out_len, buf + iv_len, *len - iv_len);
memcpy(buf, cipher_text, out_len);
*len = out_len;
free(cipher_text);
} else {
int out_len = *len + EVP_CIPHER_CTX_block_size(ctx->ctx);
unsigned char *cipher_text = malloc(out_len);
EVP_CipherUpdate(ctx->ctx, cipher_text, &out_len, buf, *len);
memcpy(buf, cipher_text, out_len);
*len = out_len;
free(cipher_text);
}
}
}
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
{
int bl;
if (in->nlast_block == -1)
return 0;
if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx))
return 0;
bl = EVP_CIPHER_CTX_block_size(&in->cctx);
memcpy(out->k1, in->k1, bl);
memcpy(out->k2, in->k2, bl);
memcpy(out->tbl, in->tbl, bl);
memcpy(out->last_block, in->last_block, bl);
out->nlast_block = in->nlast_block;
return 1;
}
static LUA_FUNCTION(openssl_cipher_ctx_info)
{
EVP_CIPHER_CTX *ctx = CHECK_OBJECT(1, EVP_CIPHER_CTX, "openssl.evp_cipher_ctx");
lua_newtable(L);
AUXILIAR_SET(L, -1, "block_size", EVP_CIPHER_CTX_block_size(ctx), integer);
AUXILIAR_SET(L, -1, "key_length", EVP_CIPHER_CTX_key_length(ctx), integer);
AUXILIAR_SET(L, -1, "iv_length", EVP_CIPHER_CTX_iv_length(ctx), integer);
AUXILIAR_SET(L, -1, "flags", EVP_CIPHER_CTX_flags(ctx), integer);
AUXILIAR_SET(L, -1, "nid", EVP_CIPHER_CTX_nid(ctx), integer);
AUXILIAR_SET(L, -1, "type", EVP_CIPHER_CTX_mode(ctx), integer);
AUXILIAR_SET(L, -1, "mode", EVP_CIPHER_CTX_type(ctx), integer);
AUXILIAR_SETOBJECT(L, EVP_CIPHER_CTX_cipher(ctx), "openssl.evp_cipher", -1, "cipher");
return 1;
}
static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
size_t bl = EVP_CIPHER_CTX_block_size(ctx);
size_t i;
EVP_CAMELLIA_KEY *dat = EVP_C_DATA(EVP_CAMELLIA_KEY,ctx);
if (len < bl)
return 1;
for (i = 0, len -= bl; i <= len; i += bl)
(*dat->block) (in + i, out + i, &dat->ks);
return 1;
}
