void blufi_dh_negotiate_data_handler(uint8_t *data, int len, uint8_t **output_data, int *output_len, bool *need_free) { int ret; uint8_t type = data[0]; if (blufi_sec == NULL) { BLUFI_ERROR("BLUFI Security is not initialized"); return; } switch (type) { case SEC_TYPE_DH_PARAM_LEN: blufi_sec->dh_param_len = ((data[1]<<8)|data[2]); if (blufi_sec->dh_param) { free(blufi_sec->dh_param); } blufi_sec->dh_param = (uint8_t *)malloc(blufi_sec->dh_param_len); if (blufi_sec->dh_param == NULL) { return; } break; case SEC_TYPE_DH_PARAM_DATA: memcpy(blufi_sec->dh_param, &data[1], blufi_sec->dh_param_len); ret = mbedtls_dhm_read_params(&blufi_sec->dhm, &blufi_sec->dh_param, &blufi_sec->dh_param[blufi_sec->dh_param_len]); if (ret) { BLUFI_ERROR("%s read param failed %d\n", __func__, ret); return; } ret = mbedtls_dhm_make_public(&blufi_sec->dhm, (int) mbedtls_mpi_size( &blufi_sec->dhm.P ), blufi_sec->self_public_key, blufi_sec->dhm.len, myrand, NULL); if (ret) { BLUFI_ERROR("%s make public failed %d\n", __func__, ret); return; } mbedtls_dhm_calc_secret( &blufi_sec->dhm, blufi_sec->share_key, SHARE_KEY_BIT_LEN, &blufi_sec->share_len, NULL, NULL); mbedtls_md5(blufi_sec->share_key, blufi_sec->share_len, blufi_sec->psk); mbedtls_aes_setkey_enc(&blufi_sec->aes, blufi_sec->psk, 128); /* alloc output data */ *output_data = &blufi_sec->self_public_key[0]; *output_len = blufi_sec->dhm.len; *need_free = false; break; case SEC_TYPE_DH_P: break; case SEC_TYPE_DH_G: break; case SEC_TYPE_DH_PUBLIC: break; } }
kaa_error_t aes_encrypt_decrypt_block(int mode, const uint8_t *input, uint8_t *output, const uint8_t *key) { if (input == NULL) { return KAA_ERR_BADPARAM; } if (mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT) { return KAA_ERR_BADPARAM; } static bool initialized = false; static mbedtls_aes_context aes_ctx; if (!initialized) { mbedtls_aes_init(&aes_ctx); initialized = true; } /* KAA_SESSION_KEY_LENGTH * 8 - size in bits */ if (mode == MBEDTLS_AES_ENCRYPT) { mbedtls_aes_setkey_enc(&aes_ctx, key, KAA_SESSION_KEY_LENGTH * 8); } else { mbedtls_aes_setkey_dec(&aes_ctx, key, KAA_SESSION_KEY_LENGTH * 8); } mbedtls_aes_crypt_ecb(&aes_ctx, mode, input, output); return KAA_ERR_NONE; }
bool esp32_fs_crypt_init(void) { uint8_t tmp[32]; uint32_t addr = 0; for (addr = 0; addr < spi_flash_get_chip_size(); addr += 32) { mgos_wdt_feed(); if (spi_flash_read(addr, tmp, sizeof(tmp)) != ESP_OK) { LOG(LL_ERROR, ("SPI read error at 0x%x", addr)); return false; } int j; for (j = 0; j < sizeof(tmp); j++) { if (tmp[j] != 0xff) break; } if (j < sizeof(tmp)) continue; /* Found a suitably empty location, now decrypt it. */ if (spi_flash_read_encrypted(addr, tmp, sizeof(tmp)) != ESP_OK) { LOG(LL_ERROR, ("SPI encrypted read error at 0x%x", addr)); return false; } /* Now in tmp we have 32 x 0xff processed with the flash encryption key. */ mbedtls_aes_init(&s_aes_ctx_enc); mbedtls_aes_setkey_enc(&s_aes_ctx_enc, tmp, 256); mbedtls_aes_init(&s_aes_ctx_dec); mbedtls_aes_setkey_dec(&s_aes_ctx_dec, tmp, 256); LOG(LL_INFO, ("FS encryption key set up, seed @ 0x%x", addr)); return true; } LOG(LL_ERROR, ("Could not a suitable seed area for FS encryption")); return false; }
/* * Non-public function wrapped by mbedtls_ctr_drbg_seed(). Necessary to allow * NIST tests to succeed (which require known length fixed entropy) */ int mbedtls_ctr_drbg_seed_entropy_len( mbedtls_ctr_drbg_context *ctx, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len, size_t entropy_len ) { int ret; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE ); mbedtls_aes_init( &ctx->aes_ctx ); ctx->f_entropy = f_entropy; ctx->p_entropy = p_entropy; ctx->entropy_len = entropy_len; ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL; /* * Initialize with an empty key */ mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ); if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) return( ret ); return( 0 ); }
struct crypto_cipher * fast_crypto_cipher_init(enum crypto_cipher_alg alg, const uint8_t *iv, const uint8_t *key, size_t key_len) { struct fast_crypto_cipher *ctx; ctx = (struct fast_crypto_cipher *)os_zalloc(sizeof(*ctx)); if (ctx == NULL) { return NULL; } ctx->alg = alg; switch (alg) { case CRYPTO_CIPHER_ALG_RC4: if (key_len > sizeof(ctx->u.rc4.key)) { os_free(ctx); return NULL; } ctx->u.rc4.keylen = key_len; os_memcpy(ctx->u.rc4.key, key, key_len); break; case CRYPTO_CIPHER_ALG_AES: mbedtls_aes_init(&(ctx->u.aes.ctx_enc)); mbedtls_aes_setkey_enc(&(ctx->u.aes.ctx_enc), key, 256); mbedtls_aes_init(&(ctx->u.aes.ctx_dec)); mbedtls_aes_setkey_dec(&(ctx->u.aes.ctx_dec), key, 256); os_memcpy(ctx->u.aes.cbc, iv, AES_BLOCK_SIZE); break; #ifdef CONFIG_DES3 case CRYPTO_CIPHER_ALG_3DES: if (key_len != 24) { os_free(ctx); return NULL; } des3_key_setup(key, &ctx->u.des3.key); os_memcpy(ctx->u.des3.cbc, iv, 8); break; #endif #ifdef CONFIG_DES case CRYPTO_CIPHER_ALG_DES: if (key_len != 8) { os_free(ctx); return NULL; } des_key_setup(key, ctx->u.des.ek, ctx->u.des.dk); os_memcpy(ctx->u.des.cbc, iv, 8); break; #endif default: os_free(ctx); return NULL; } return (struct crypto_cipher *)ctx; }
/** * fast_aes_wrap - Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394) * @kek: 16-octet Key encryption key (KEK) * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 * bytes * @plain: Plaintext key to be wrapped, n * 64 bits * @cipher: Wrapped key, (n + 1) * 64 bits * Returns: 0 on success, -1 on failure */ int fast_aes_wrap(const uint8_t *kek, int n, const uint8_t *plain, uint8_t *cipher) { uint8_t *a, *r, b[16]; int32_t i, j; int32_t ret = 0; mbedtls_aes_context ctx; a = cipher; r = cipher + 8; /* 1) Initialize variables. */ os_memset(a, 0xa6, 8); os_memcpy(r, plain, 8 * n); mbedtls_aes_init(&ctx); ret = mbedtls_aes_setkey_enc(&ctx, kek, 128); if (ret < 0) { mbedtls_aes_free(&ctx); return ret; } /* 2) Calculate intermediate values. * For j = 0 to 5 * For i=1 to n * B = AES(K, A | R[i]) * A = MSB(64, B) ^ t where t = (n*j)+i * R[i] = LSB(64, B) */ for (j = 0; j <= 5; j++) { r = cipher + 8; for (i = 1; i <= n; i++) { os_memcpy(b, a, 8); os_memcpy(b + 8, r, 8); mbedtls_aes_encrypt(&ctx, b, b); os_memcpy(a, b, 8); a[7] ^= n * j + i; os_memcpy(r, b + 8, 8); r += 8; } } mbedtls_aes_free(&ctx); /* 3) Output the results. * * These are already in @cipher due to the location of temporary * variables. */ return 0; }
jlong JNICALL Java_net_md_15_bungee_jni_cipher_NativeCipherImpl_init(JNIEnv* env, jobject obj, jboolean forEncryption, jbyteArray key) { jsize keyLen = env->GetArrayLength(key); jbyte *keyBytes = env->GetByteArrayElements(key, NULL); crypto_context *crypto = (crypto_context*) malloc(sizeof (crypto_context)); mbedtls_aes_init(&crypto->cipher); mbedtls_aes_setkey_enc(&crypto->cipher, (byte*) keyBytes, keyLen * 8); crypto->key = (byte*) malloc(keyLen); memcpy(crypto->key, keyBytes, keyLen); crypto->mode = (forEncryption) ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT; env->ReleaseByteArrayElements(key, keyBytes, JNI_ABORT); return (jlong) crypto; }
int AESContext::setKeyEnc(State & state, mbedtls_aes_context * context){ Stack * stack = state.stack; if (stack->is<LUA_TSTRING>(1)){ const std::string key = stack->toLString(1); unsigned int realBits = key.length() * 8; unsigned int keyBits; if (stack->is<LUA_TNUMBER>(2)){ keyBits = stack->to<int>(2); if (keyBits > realBits){ keyBits = realBits; } } else{ keyBits = realBits; } stack->push<int>(mbedtls_aes_setkey_enc(context, reinterpret_cast<const unsigned char*>(key.c_str()), keyBits)); return 1; } return 0; }
static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx, const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] ) { unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char *p = tmp; int i, j; memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN ); for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { /* * Increase counter */ for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- ) if( ++ctx->counter[i - 1] != 0 ) break; /* * Crypt counter block */ mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p ); p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ ) tmp[i] ^= data[i]; /* * Update key and counter */ mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ); memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE ); return( 0 ); }
int mbedtls_aes_self_test(int verbose) { (void)verbose; /* 128-bit Key 2b7e151628aed2a6abf7158809cf4f3c */ const uint8_t key_128b[16] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c}; mbedtls_aes_context aes; int retval = 0; uint8_t input[16] = {0}; uint8_t output[16] = {0}; uint8_t decrypt[16] = {0}; strcpy((char *)input, (const char *)"hw_aes_test"); mbedtls_aes_init(&aes); retval = mbedtls_aes_setkey_enc(&aes, (const unsigned char *)key_128b, 128); VerifyOrExit(retval != 0, retval = -1); retval = mbedtls_aes_setkey_dec(&aes, (const unsigned char *)key_128b, 128); VerifyOrExit(retval != 0, retval = -1); retval = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_ENCRYPT, input, output); VerifyOrExit(retval != 0, retval = -1); retval = mbedtls_aes_crypt_ecb(&aes, MBEDTLS_AES_DECRYPT, output, decrypt); VerifyOrExit(retval != 0, retval = -1); mbedtls_aes_free(&aes); exit: return retval; }
/** * Block symmetric ciphers. * Please note that linker-override is possible, but dynamic override is generally * preferable to avoid clobbering all symmetric support. * * @param uint8_t* Buffer containing plaintext. * @param int Length of plaintext. * @param uint8_t* Target buffer for ciphertext. * @param int Length of output. * @param uint8_t* Buffer containing the symmetric key. * @param int Length of the key, in bits. * @param uint8_t* IV. Caller's responsibility to use correct size. * @param Cipher The cipher by which to encrypt. * @param uint32_t Options to the optionation. * @return true if the root function ought to defer. */ int __attribute__((weak)) wrapped_sym_cipher(uint8_t* in, int in_len, uint8_t* out, int out_len, uint8_t* key, int key_len, uint8_t* iv, Cipher ci, uint32_t opts) { if (cipher_deferred_handling(ci)) { // If overriden by user implementation. return _sym_overrides[ci](in, in_len, out, out_len, key, key_len, iv, ci, opts); } int8_t ret = -1; switch (ci) { #if defined(MBEDTLS_AES_C) case Cipher::SYM_AES_256_CBC: case Cipher::SYM_AES_192_CBC: case Cipher::SYM_AES_128_CBC: { mbedtls_aes_context ctx; if (opts & OP_ENCRYPT) { mbedtls_aes_setkey_enc(&ctx, key, (unsigned int) key_len); } else { mbedtls_aes_setkey_dec(&ctx, key, (unsigned int) key_len); } ret = mbedtls_aes_crypt_cbc(&ctx, _cipher_opcode(ci, opts), in_len, iv, in, out); mbedtls_aes_free(&ctx); } break; #endif #if defined(MBEDTLS_RSA_C) case Cipher::ASYM_RSA: { mbedtls_ctr_drbg_context ctr_drbg; mbedtls_ctr_drbg_init(&ctr_drbg); size_t olen = 0; mbedtls_pk_context ctx; mbedtls_pk_init(&ctx); if (opts & OP_ENCRYPT) { ret = mbedtls_pk_encrypt(&ctx, in, in_len, out, &olen, out_len, mbedtls_ctr_drbg_random, &ctr_drbg); } else { ret = mbedtls_pk_decrypt(&ctx, in, in_len, out, &olen, out_len, mbedtls_ctr_drbg_random, &ctr_drbg); } mbedtls_pk_free(&ctx); } break; #endif #if defined(MBEDTLS_BLOWFISH_C) case Cipher::SYM_BLOWFISH_CBC: { mbedtls_blowfish_context ctx; mbedtls_blowfish_setkey(&ctx, key, key_len); ret = mbedtls_blowfish_crypt_cbc(&ctx, _cipher_opcode(ci, opts), in_len, iv, in, out); mbedtls_blowfish_free(&ctx); } break; #endif #if defined(WRAPPED_SYM_NULL) case Cipher::SYM_NULL: memcpy(out, in, in_len); ret = 0; break; #endif default: break; } return ret; }
static int block_cipher_df( unsigned char *output, const unsigned char *data, size_t data_len ) { unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16]; unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN]; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE]; unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE]; unsigned char *p, *iv; mbedtls_aes_context aes_ctx; int i, j; size_t buf_len, use_len; if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ) return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 ); mbedtls_aes_init( &aes_ctx ); /* * Construct IV (16 bytes) and S in buffer * IV = Counter (in 32-bits) padded to 16 with zeroes * S = Length input string (in 32-bits) || Length of output (in 32-bits) || * data || 0x80 * (Total is padded to a multiple of 16-bytes with zeroes) */ p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE; *p++ = ( data_len >> 24 ) & 0xff; *p++ = ( data_len >> 16 ) & 0xff; *p++ = ( data_len >> 8 ) & 0xff; *p++ = ( data_len ) & 0xff; p += 3; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN; memcpy( p, data, data_len ); p[data_len] = 0x80; buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1; for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ ) key[i] = i; mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS ); /* * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data */ for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { p = buf; memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE ); use_len = buf_len; while( use_len > 0 ) { for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ ) chain[i] ^= p[i]; p += MBEDTLS_CTR_DRBG_BLOCKSIZE; use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len; mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain ); } memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE ); /* * Update IV */ buf[3]++; } /* * Do final encryption with reduced data */ mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS ); iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE; p = output; for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE ) { mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv ); memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE ); p += MBEDTLS_CTR_DRBG_BLOCKSIZE; } mbedtls_aes_free( &aes_ctx ); return( 0 ); }
int main( int argc, char *argv[] ) { int i; unsigned char tmp[200]; char title[TITLE_LEN]; todo_list todo; #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) unsigned char alloc_buf[HEAP_SIZE] = { 0 }; #endif if( argc <= 1 ) { memset( &todo, 1, sizeof( todo ) ); } else { memset( &todo, 0, sizeof( todo ) ); for( i = 1; i < argc; i++ ) { if( strcmp( argv[i], "md4" ) == 0 ) todo.md4 = 1; else if( strcmp( argv[i], "md5" ) == 0 ) todo.md5 = 1; else if( strcmp( argv[i], "ripemd160" ) == 0 ) todo.ripemd160 = 1; else if( strcmp( argv[i], "sha1" ) == 0 ) todo.sha1 = 1; else if( strcmp( argv[i], "sha256" ) == 0 ) todo.sha256 = 1; else if( strcmp( argv[i], "sha512" ) == 0 ) todo.sha512 = 1; else if( strcmp( argv[i], "arc4" ) == 0 ) todo.arc4 = 1; else if( strcmp( argv[i], "des3" ) == 0 ) todo.des3 = 1; else if( strcmp( argv[i], "des" ) == 0 ) todo.des = 1; else if( strcmp( argv[i], "aes_cbc" ) == 0 ) todo.aes_cbc = 1; else if( strcmp( argv[i], "aes_gcm" ) == 0 ) todo.aes_gcm = 1; else if( strcmp( argv[i], "aes_ccm" ) == 0 ) todo.aes_ccm = 1; else if( strcmp( argv[i], "aes_cmac" ) == 0 ) todo.aes_cmac = 1; else if( strcmp( argv[i], "des3_cmac" ) == 0 ) todo.des3_cmac = 1; else if( strcmp( argv[i], "camellia" ) == 0 ) todo.camellia = 1; else if( strcmp( argv[i], "blowfish" ) == 0 ) todo.blowfish = 1; else if( strcmp( argv[i], "havege" ) == 0 ) todo.havege = 1; else if( strcmp( argv[i], "ctr_drbg" ) == 0 ) todo.ctr_drbg = 1; else if( strcmp( argv[i], "hmac_drbg" ) == 0 ) todo.hmac_drbg = 1; else if( strcmp( argv[i], "rsa" ) == 0 ) todo.rsa = 1; else if( strcmp( argv[i], "dhm" ) == 0 ) todo.dhm = 1; else if( strcmp( argv[i], "ecdsa" ) == 0 ) todo.ecdsa = 1; else if( strcmp( argv[i], "ecdh" ) == 0 ) todo.ecdh = 1; else { mbedtls_printf( "Unrecognized option: %s\n", argv[i] ); mbedtls_printf( "Available options: " OPTIONS ); } } } mbedtls_printf( "\n" ); #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof( alloc_buf ) ); #endif memset( buf, 0xAA, sizeof( buf ) ); memset( tmp, 0xBB, sizeof( tmp ) ); #if defined(MBEDTLS_MD4_C) if( todo.md4 ) TIME_AND_TSC( "MD4", mbedtls_md4_ret( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_MD5_C) if( todo.md5 ) TIME_AND_TSC( "MD5", mbedtls_md5_ret( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_RIPEMD160_C) if( todo.ripemd160 ) TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160_ret( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_SHA1_C) if( todo.sha1 ) TIME_AND_TSC( "SHA-1", mbedtls_sha1_ret( buf, BUFSIZE, tmp ) ); #endif #if defined(MBEDTLS_SHA256_C) if( todo.sha256 ) TIME_AND_TSC( "SHA-256", mbedtls_sha256_ret( buf, BUFSIZE, tmp, 0 ) ); #endif #if defined(MBEDTLS_SHA512_C) if( todo.sha512 ) TIME_AND_TSC( "SHA-512", mbedtls_sha512_ret( buf, BUFSIZE, tmp, 0 ) ); #endif #if defined(MBEDTLS_ARC4_C) if( todo.arc4 ) { mbedtls_arc4_context arc4; mbedtls_arc4_init( &arc4 ); mbedtls_arc4_setup( &arc4, tmp, 32 ); TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) ); mbedtls_arc4_free( &arc4 ); } #endif #if defined(MBEDTLS_DES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) if( todo.des3 ) { mbedtls_des3_context des3; mbedtls_des3_init( &des3 ); mbedtls_des3_set3key_enc( &des3, tmp ); TIME_AND_TSC( "3DES", mbedtls_des3_crypt_cbc( &des3, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); mbedtls_des3_free( &des3 ); } if( todo.des ) { mbedtls_des_context des; mbedtls_des_init( &des ); mbedtls_des_setkey_enc( &des, tmp ); TIME_AND_TSC( "DES", mbedtls_des_crypt_cbc( &des, MBEDTLS_DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); mbedtls_des_free( &des ); } #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_CMAC_C) if( todo.des3_cmac ) { unsigned char output[8]; const mbedtls_cipher_info_t *cipher_info; memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); cipher_info = mbedtls_cipher_info_from_type( MBEDTLS_CIPHER_DES_EDE3_ECB ); TIME_AND_TSC( "3DES-CMAC", mbedtls_cipher_cmac( cipher_info, tmp, 192, buf, BUFSIZE, output ) ); } #endif /* MBEDTLS_CMAC_C */ #endif /* MBEDTLS_DES_C */ #if defined(MBEDTLS_AES_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) if( todo.aes_cbc ) { int keysize; mbedtls_aes_context aes; mbedtls_aes_init( &aes ); for( keysize = 128; keysize <= 256; keysize += 64 ) { mbedtls_snprintf( title, sizeof( title ), "AES-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); mbedtls_aes_setkey_enc( &aes, tmp, keysize ); TIME_AND_TSC( title, mbedtls_aes_crypt_cbc( &aes, MBEDTLS_AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } mbedtls_aes_free( &aes ); } #endif #if defined(MBEDTLS_GCM_C) if( todo.aes_gcm ) { int keysize; mbedtls_gcm_context gcm; mbedtls_gcm_init( &gcm ); for( keysize = 128; keysize <= 256; keysize += 64 ) { mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize ); TIME_AND_TSC( title, mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp, 12, NULL, 0, buf, buf, 16, tmp ) ); mbedtls_gcm_free( &gcm ); } } #endif #if defined(MBEDTLS_CCM_C) if( todo.aes_ccm ) { int keysize; mbedtls_ccm_context ccm; mbedtls_ccm_init( &ccm ); for( keysize = 128; keysize <= 256; keysize += 64 ) { mbedtls_snprintf( title, sizeof( title ), "AES-CCM-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); mbedtls_ccm_setkey( &ccm, MBEDTLS_CIPHER_ID_AES, tmp, keysize ); TIME_AND_TSC( title, mbedtls_ccm_encrypt_and_tag( &ccm, BUFSIZE, tmp, 12, NULL, 0, buf, buf, tmp, 16 ) ); mbedtls_ccm_free( &ccm ); } } #endif #if defined(MBEDTLS_CMAC_C) if( todo.aes_cmac ) { unsigned char output[16]; const mbedtls_cipher_info_t *cipher_info; mbedtls_cipher_type_t cipher_type; int keysize; for( keysize = 128, cipher_type = MBEDTLS_CIPHER_AES_128_ECB; keysize <= 256; keysize += 64, cipher_type++ ) { mbedtls_snprintf( title, sizeof( title ), "AES-CMAC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); cipher_info = mbedtls_cipher_info_from_type( cipher_type ); TIME_AND_TSC( title, mbedtls_cipher_cmac( cipher_info, tmp, keysize, buf, BUFSIZE, output ) ); } memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); TIME_AND_TSC( "AES-CMAC-PRF-128", mbedtls_aes_cmac_prf_128( tmp, 16, buf, BUFSIZE, output ) ); } #endif /* MBEDTLS_CMAC_C */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC) if( todo.camellia ) { int keysize; mbedtls_camellia_context camellia; mbedtls_camellia_init( &camellia ); for( keysize = 128; keysize <= 256; keysize += 64 ) { mbedtls_snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); mbedtls_camellia_setkey_enc( &camellia, tmp, keysize ); TIME_AND_TSC( title, mbedtls_camellia_crypt_cbc( &camellia, MBEDTLS_CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } mbedtls_camellia_free( &camellia ); } #endif #if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC) if( todo.blowfish ) { int keysize; mbedtls_blowfish_context blowfish; mbedtls_blowfish_init( &blowfish ); for( keysize = 128; keysize <= 256; keysize += 64 ) { mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); mbedtls_blowfish_setkey( &blowfish, tmp, keysize ); TIME_AND_TSC( title, mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } mbedtls_blowfish_free( &blowfish ); } #endif #if defined(MBEDTLS_HAVEGE_C) if( todo.havege ) { mbedtls_havege_state hs; mbedtls_havege_init( &hs ); TIME_AND_TSC( "HAVEGE", mbedtls_havege_random( &hs, buf, BUFSIZE ) ); mbedtls_havege_free( &hs ); } #endif #if defined(MBEDTLS_CTR_DRBG_C) if( todo.ctr_drbg ) { mbedtls_ctr_drbg_context ctr_drbg; mbedtls_ctr_drbg_init( &ctr_drbg ); if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); TIME_AND_TSC( "CTR_DRBG (NOPR)", if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) mbedtls_exit(1) ); if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) mbedtls_exit(1); mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON ); TIME_AND_TSC( "CTR_DRBG (PR)", if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) mbedtls_exit(1) ); mbedtls_ctr_drbg_free( &ctr_drbg ); }
void aes_indep_key(uint8_t * key) { mbedtls_aes_setkey_enc(&ctx, key, 128); }
static int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_bitlen ) { return mbedtls_aes_setkey_enc( (mbedtls_aes_context *) ctx, key, key_bitlen ); }
static NO_INLINE JsVar *jswrap_crypto_AEScrypt(JsVar *message, JsVar *key, JsVar *options, bool encrypt) { int err; unsigned char iv[16]; // initialisation vector memset(iv, 0, 16); CryptoMode mode = CM_CBC; if (jsvIsObject(options)) { JsVar *ivVar = jsvObjectGetChild(options, "iv", 0); if (ivVar) { jsvIterateCallbackToBytes(ivVar, iv, sizeof(iv)); jsvUnLock(ivVar); } JsVar *modeVar = jsvObjectGetChild(options, "mode", 0); if (!jsvIsUndefined(modeVar)) mode = jswrap_crypto_getMode(modeVar); jsvUnLock(modeVar); if (mode == CM_NONE) return 0; } else if (!jsvIsUndefined(options)) { jsError("'options' must be undefined, or an Object"); return 0; } mbedtls_aes_context aes; mbedtls_aes_init( &aes ); JSV_GET_AS_CHAR_ARRAY(messagePtr, messageLen, message); if (!messagePtr) return 0; JSV_GET_AS_CHAR_ARRAY(keyPtr, keyLen, key); if (!keyPtr) return 0; if (encrypt) err = mbedtls_aes_setkey_enc( &aes, (unsigned char*)keyPtr, (unsigned int)keyLen*8 ); else err = mbedtls_aes_setkey_dec( &aes, (unsigned char*)keyPtr, (unsigned int)keyLen*8 ); if (err) { jswrap_crypto_error(err); return 0; } char *outPtr = 0; JsVar *outVar = jsvNewArrayBufferWithPtr((unsigned int)messageLen, &outPtr); if (!outPtr) { jsError("Not enough memory for result"); return 0; } switch (mode) { case CM_CBC: err = mbedtls_aes_crypt_cbc( &aes, encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT, messageLen, iv, (unsigned char*)messagePtr, (unsigned char*)outPtr ); break; case CM_CFB: err = mbedtls_aes_crypt_cfb8( &aes, encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT, messageLen, iv, (unsigned char*)messagePtr, (unsigned char*)outPtr ); break; case CM_CTR: { size_t nc_off = 0; unsigned char nonce_counter[16]; unsigned char stream_block[16]; memset(nonce_counter, 0, sizeof(nonce_counter)); memset(stream_block, 0, sizeof(stream_block)); err = mbedtls_aes_crypt_ctr( &aes, messageLen, &nc_off, nonce_counter, stream_block, (unsigned char*)messagePtr, (unsigned char*)outPtr ); break; } case CM_ECB: { size_t i = 0; while (!err && i+15 < messageLen) { err = mbedtls_aes_crypt_ecb( &aes, encrypt ? MBEDTLS_AES_ENCRYPT : MBEDTLS_AES_DECRYPT, (unsigned char*)&messagePtr[i], (unsigned char*)&outPtr[i] ); i += 16; } break; } default: err = MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; break; } mbedtls_aes_free( &aes ); if (!err) { return outVar; } else { jswrap_crypto_error(err); jsvUnLock(outVar); return 0; } }
//AES/CBC/PKCS5Padding //input可以是任意长度 //key只能是16、24、32个ASSCII字符组成的串儿 unsigned char* aes_cbc_pkcs5padding_encode(const char *input, const char *key, size_t *outputLength) { size_t keyLength = strlen(key); printf("keyLength = %zu\n", keyLength); if (keyLength != 32 && keyLength != 24 && keyLength != 16) { perror("key必须是16、24、32个ASSCII字符组成的串\n"); return NULL; } mbedtls_aes_context aes; //获取到输入的要加密的内容的长度 size_t inputLength = strlen(input); printf("input = %s, inputLength = %zu\n", input, inputLength); //看看需要分成多少个块,即使输入的数据是16的整数倍,也要补充16个字节的整数16 size_t n = inputLength / 16 + 1; //https://tools.ietf.org/html/rfc8018#appendix-B.2.5 int padding = 16 - inputLength % 8; //用于加密的的数据长度:字节数,此字节数正好等于输出的字节数 int needInputLength = 16 * n; *outputLength = needInputLength; //初始向量,一般是一个随机数组成的,长度必须是块大小,一个块是16字节,也就是16个ASCII字符 unsigned char iv[16]; memcpy(iv, key, keyLength); unsigned char *toBeEncryptBytes = (unsigned char *)calloc(needInputLength + 1, sizeof(unsigned char)); memcpy(toBeEncryptBytes, (unsigned char *)input, inputLength); //填充数据 for (int i = 0; i < padding; i++) { toBeEncryptBytes[inputLength + i] = padding; } toBeEncryptBytes[needInputLength] = '\0'; //加密后的数据长度 unsigned char *output = (unsigned char *)calloc(needInputLength, sizeof(unsigned char)); //设置加密的key,并初始化 mbedtls_aes_setkey_enc(&aes, (unsigned char*)key, keyLength * 8); //加密数据 mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, needInputLength, iv, toBeEncryptBytes, output); char outputHex[ 2 * needInputLength + 1]; memset(outputHex, 0, 2 * needInputLength + 1); bytes2HexStr(outputHex, output, needInputLength); printf("aesEncode(%s, %s)=%s\n", toBeEncryptBytes, key, outputHex); if (NULL != toBeEncryptBytes) { free(toBeEncryptBytes); toBeEncryptBytes = NULL; } return output; }