const char* encrypt(const char* unhexed, const char* key) { int size = strlen(unhexed); int spaces = 0; if (size % 16) { spaces = 16 - (size % 16); } size += spaces; char* buffer = new char[size+1]; // TODO: memory check // Add spaces to the end to make size divisible by block size for (; spaces > 0; spaces--) { buffer[size-spaces] = ' '; } // Create reader CRijndael reader; reader.MakeKey(key, CRijndael::sm_chain0, 16, 16); reader.Encrypt(unhexed, buffer, size, CRijndael::CFB); // Convert to hex char* result = new char[size*2+1]; CharStr2HexStr((unsigned char*)buffer, result, size); delete [] buffer; return result; }
int ejoy_decrypt_auth_token(const char* token, unsigned int token_sz, const char* svr_pass, unsigned int svr_pass_sz, const char* svr_sig, unsigned int svr_sig_sz, struct ejoy_token* t) { if (token_sz != 160) { //token长度无效 return 1; } char ts[128]; memcpy(ts, token, 128); char tss[16]; fromhex(token+128, tss, 16); MD5_CTX md5; MD5Init(&md5); char decrypt[16]; MD5Update(&md5, (unsigned char*)ts, 128); MD5Update(&md5, (unsigned char*)svr_sig, svr_sig_sz); MD5Final(&md5, (unsigned char*)decrypt); for (int i = 0; i < 16; i++) { if (tss[i] != decrypt[i]) { //token验证失败 return 1; } } char tsss[64]; fromhex(token, tsss, 64); CRijndael oRijndael; oRijndael.MakeKey((char*)svr_pass, NULL, svr_pass_sz, svr_pass_sz); char ret[64]; oRijndael.Decrypt(tsss, ret, 64, CRijndael::ECB); char temp[3][64] = {0}; int index = 0; int pos = 0; for (int i = 0; i < 64; i++) { if (ret[i] == '\n') { index++; pos = 0; } else { temp[index][pos++] = ret[i]; } } //token验证成功 memcpy(t->uid, temp[0], sizeof(t->uid)); t->timestamp = atol(temp[1]); t->randomkey = atol(temp[2]); return 0; }
bool CStdCrypt::getKey(BYTE *pKey, size_t cbKeyLen) { if (!m_valid || cbKeyLen < sizeof(ExternalKey)) return false; ExternalKey tmp = { 0 }; memcpy(&tmp.m_key, m_key, KEY_LENGTH); tmp.m_crc32 = crc32(0xAbbaDead, (LPCBYTE)m_password.GetString(), m_password.GetLength()); getRandomBytes(tmp.slack, sizeof(tmp.slack)); BYTE tmpHash[32]; slow_hash(m_password, m_password.GetLength(), tmpHash); CRijndael tmpAes; tmpAes.MakeKey(tmpHash, tmpAes.sm_chain0, KEY_LENGTH, BLOCK_SIZE); tmpAes.Encrypt(&tmp, pKey, sizeof(tmp)); return true; }
SAFEARRAY* Functions::LoadDecryptResource(LPCWSTR resource) { CRijndael oRijndael; char* outBuf; oRijndael.MakeKey(string(IntNet::akey1 + IntNet::akey2 + CLR::akey3 + CLR::akey4).c_str(), "", 32, 16); outBuf = oRijndael.Decrypt((const char*) LockResource(LoadResource(NULL, FindResource(NULL, resource, L"NT"))), SizeofResource(NULL, FindResource(NULL, resource, L"NT"))); SAFEARRAYBOUND bounds; bounds.cElements = SizeofResource(NULL, FindResource(NULL, resource, L"NT")); // # of indexes bounds.lLbound = 0; SAFEARRAY* psaz = SafeArrayCreate(VT_UI1, 1, &bounds); BYTE* real_array = (BYTE*)psaz->pvData; memcpy(real_array, outBuf, SizeofResource(NULL, FindResource(NULL, resource, L"NT"))); free(outBuf); return psaz; }
const char* decrypt(const char* hexed, const char* key) { int size = strlen(hexed) / 2; if (size % 16 != 0) { fl_alert("Encrypted file is corrupt."); throw false; } char* buffer = new char[size+1]; HexStr2CharStr(hexed, (unsigned char*)buffer, size); CRijndael reader; reader.MakeKey(key, CRijndael::sm_chain0, 16, 16); char* buffer2 = new char[size+1]; buffer2[size] = 0; if (!buffer2) { fl_alert("Not enough memory to load shader source code."); throw false; } reader.Decrypt(buffer, buffer2, size, CRijndael::CFB); return buffer2; }
bool CStdCrypt::setKey(const BYTE *pKey, size_t cbKeyLen) { // full external key. decode & check password if (cbKeyLen != sizeof(ExternalKey)) return false; BYTE tmpHash[32]; slow_hash(m_password, m_password.GetLength(), tmpHash); CRijndael tmpAes; tmpAes.MakeKey(tmpHash, tmpAes.sm_chain0, KEY_LENGTH, BLOCK_SIZE); ExternalKey tmp = { 0 }; tmpAes.Decrypt(pKey, &tmp, sizeof(tmp)); if (tmp.m_crc32 != crc32(0xAbbaDead, (LPCBYTE)m_password.GetString(), m_password.GetLength())) return false; memcpy(m_key, &tmp.m_key, KEY_LENGTH); m_aes.MakeKey(m_key, "Miranda", KEY_LENGTH, BLOCK_SIZE); return m_valid = true; }
long Decrypt_data(PBYTE tsBufOut, PBYTE tsBufIn, void* g_OddCW, void* g_EvenCW) { CRijndael aes; //仅有调整字段 if(0x20 == (tsBufIn[3] & 0x30)) return -1; //载荷前面有调整字段 WORD wAdaptionLen = 0; if(0x30 == (tsBufIn[3] & 0x30)) { wAdaptionLen = tsBufIn[4]; } int DataLen = (188 - 5 - wAdaptionLen) / 16 * 16; switch(tsBufIn[3] & 0xc0) { //加扰的包才需要解扰 case 0xc0: //c0用odd key memcpy(tsBufOut, tsBufIn, 188); aes.MakeKey((char*)g_OddCW, (char*)g_OddCW, 16, 16); aes.Decrypt((char*)(&tsBufIn[0]+4+wAdaptionLen), (char*)&tsBufOut[0]+4+wAdaptionLen, DataLen); break; case 0x80: //80用even key memcpy(tsBufOut, tsBufIn, 188); aes.MakeKey((char*)g_EvenCW, (char*)g_EvenCW, 16, 16); aes.Decrypt((char*)(&tsBufIn[0]+4+wAdaptionLen), (char*)&tsBufOut[0]+4+wAdaptionLen, DataLen); break; default: break; } return 0; }
BOOL CPwCompatImpl::OpenDatabaseV1(CPwManager* pMgr, const TCHAR *pszFile) { FILE *fp; char *pVirtualFile; unsigned long uFileSize, uAllocated, uEncryptedPartSize; size_t i, j, pos; PW_DBHEADER_V1 hdr; sha256_ctx sha32; UINT8 uFinalKey[32]; DWORD dw, dw2; char *ptrTemp; char *ptrTitle; char *ptrUserName; char *ptrURL; char *ptrPassword; char *ptrAdditional; PW_TIME tNow; PW_GROUP pwTG; PW_ENTRY pwTE; _GetCurrentPwTime(&tNow); memset(&pwTG, 0, sizeof(PW_GROUP)); memset(&pwTE, 0, sizeof(PW_ENTRY)); pwTG.tCreation = tNow; pwTG.tExpire = g_pwTimeNever; pwTG.tLastAccess = tNow; pwTG.tLastMod = tNow; pwTE.tCreation = tNow; pwTE.tExpire = g_pwTimeNever; pwTE.tLastAccess = tNow; pwTE.tLastMod = tNow; ASSERT(sizeof(char) == 1); ASSERT(pszFile != NULL); if(pszFile == NULL) return FALSE; ASSERT(_tcslen(pszFile) != 0); if(_tcslen(pszFile) == 0) return FALSE; fp = NULL; _tfopen_s(&fp, pszFile, _T("rb")); if(fp == NULL) return FALSE; // Get file size fseek(fp, 0, SEEK_END); uFileSize = ftell(fp); fseek(fp, 0, SEEK_SET); if(uFileSize < sizeof(PW_DBHEADER_V1)) { fclose(fp); return FALSE; } // Allocate enough memory to hold the complete file uAllocated = uFileSize + 17; pVirtualFile = new char[uAllocated]; if(pVirtualFile == NULL) { fclose(fp); return FALSE; } pVirtualFile[uFileSize + 17 - 1] = 0; fread(pVirtualFile, 1, uFileSize, fp); fclose(fp); // Extract header structure from memory file memcpy(&hdr, pVirtualFile, sizeof(PW_DBHEADER_V1)); // Check if we can open this if((hdr.dwSignature1 != PWM_DBSIG_1) || (hdr.dwSignature2 != PWM_DBSIG_2)) { _OPENDB_FAIL; } if((hdr.dwFlags & PWM_FLAG_RIJNDAEL) != 0) pMgr->SetAlgorithm(ALGO_AES); else if((hdr.dwFlags & PWM_FLAG_TWOFISH) != 0) pMgr->SetAlgorithm(ALGO_TWOFISH); else { ASSERT(FALSE); _OPENDB_FAIL; } BYTE aMasterKeyU[32]; pMgr->GetRawMasterKey(aMasterKeyU); // Hash the master password with the salt in the file sha256_begin(&sha32); sha256_hash(hdr.aMasterSeed, 16, &sha32); sha256_hash(aMasterKeyU, 32, &sha32); sha256_end((unsigned char *)uFinalKey, &sha32); mem_erase(aMasterKeyU, 32); if(pMgr->GetAlgorithm() == ALGO_AES) { CRijndael aes; // Initialize Rijndael algorithm if(aes.Init(CRijndael::CBC, CRijndael::DecryptDir, uFinalKey, CRijndael::Key32Bytes, hdr.aEncryptionIV) != RIJNDAEL_SUCCESS) { _OPENDB_FAIL; } // Decrypt! The first 48 bytes aren't encrypted (that's the header) uEncryptedPartSize = (unsigned long)aes.PadDecrypt((UINT8 *)pVirtualFile + 48, uFileSize - 48, (UINT8 *)pVirtualFile + 48); } else if(pMgr->GetAlgorithm() == ALGO_TWOFISH) { CTwofish twofish; if(twofish.Init(uFinalKey, 32, hdr.aEncryptionIV) != true) { _OPENDB_FAIL }; uEncryptedPartSize = (unsigned long)twofish.PadDecrypt( (UINT8 *)pVirtualFile + 48, uFileSize - 48, (UINT8 *)pVirtualFile + 48); }
// If bIgnoreCorrupted is TRUE the manager will try to ignore all database file // errors, i.e. try to read as much as possible instead of breaking out at the // first error. // To open a file normally, set bIgnoreCorrupted to FALSE (default). // To open a file in rescue mode, set it to TRUE. int CPwManager::OpenDatabase(const TCHAR *pszFile, _Out_opt_ PWDB_REPAIR_INFO *pRepair) { char *pVirtualFile; unsigned long uFileSize, uAllocated, uEncryptedPartSize; unsigned long pos; PW_DBHEADER hdr; sha256_ctx sha32; UINT8 uFinalKey[32]; char *p; USHORT usFieldType; DWORD dwFieldSize; PW_GROUP pwGroupTemplate; PW_ENTRY pwEntryTemplate; BOOST_STATIC_ASSERT(sizeof(char) == 1); ASSERT(pszFile != NULL); if(pszFile == NULL) return PWE_INVALID_PARAM; ASSERT(pszFile[0] != 0); if(pszFile[0] == 0) return PWE_INVALID_PARAM; // Length != 0 RESET_PWG_TEMPLATE(&pwGroupTemplate); RESET_PWE_TEMPLATE(&pwEntryTemplate); if(pRepair != NULL) { ZeroMemory(pRepair, sizeof(PWDB_REPAIR_INFO)); } FILE *fp = NULL; _tfopen_s(&fp, pszFile, _T("rb")); if(fp == NULL) return PWE_NOFILEACCESS_READ; // Get file size fseek(fp, 0, SEEK_END); uFileSize = ftell(fp); fseek(fp, 0, SEEK_SET); if(uFileSize < sizeof(PW_DBHEADER)) { fclose(fp); return PWE_INVALID_FILEHEADER; } // Allocate enough memory to hold the complete file uAllocated = uFileSize + 16 + 1 + 64 + 4; // 16 = encryption buffer space, 1+64 = string terminating NULLs, 4 unused pVirtualFile = new char[uAllocated]; if(pVirtualFile == NULL) { fclose(fp); return PWE_NO_MEM; } memset(&pVirtualFile[uFileSize + 16], 0, 1 + 64); fread(pVirtualFile, 1, uFileSize, fp); fclose(fp); // Extract header structure from memory file memcpy(&hdr, pVirtualFile, sizeof(PW_DBHEADER)); // Check if it's a KDBX file created by KeePass 2.x if((hdr.dwSignature1 == PWM_DBSIG_1_KDBX_P) && (hdr.dwSignature2 == PWM_DBSIG_2_KDBX_P)) { _OPENDB_FAIL_LIGHT; return PWE_UNSUPPORTED_KDBX; } if((hdr.dwSignature1 == PWM_DBSIG_1_KDBX_R) && (hdr.dwSignature2 == PWM_DBSIG_2_KDBX_R)) { _OPENDB_FAIL_LIGHT; return PWE_UNSUPPORTED_KDBX; } // Check if we can open this if((hdr.dwSignature1 != PWM_DBSIG_1) || (hdr.dwSignature2 != PWM_DBSIG_2)) { _OPENDB_FAIL_LIGHT; return PWE_INVALID_FILESIGNATURE; } if((hdr.dwVersion & 0xFFFFFF00) != (PWM_DBVER_DW & 0xFFFFFF00)) { if((hdr.dwVersion == 0x00020000) || (hdr.dwVersion == 0x00020001) || (hdr.dwVersion == 0x00020002)) { if(pVirtualFile != NULL) { mem_erase((unsigned char *)pVirtualFile, uAllocated); SAFE_DELETE_ARRAY(pVirtualFile); } return ((CPwCompatImpl::OpenDatabaseV2(this, pszFile) != FALSE) ? PWE_SUCCESS : PWE_UNKNOWN); } else if(hdr.dwVersion <= 0x00010002) { if(pVirtualFile != NULL) { mem_erase((unsigned char *)pVirtualFile, uAllocated); SAFE_DELETE_ARRAY(pVirtualFile); } return ((CPwCompatImpl::OpenDatabaseV1(this, pszFile) != FALSE) ? PWE_SUCCESS : PWE_UNKNOWN); } else { ASSERT(FALSE); _OPENDB_FAIL; } } if(hdr.dwGroups == 0) { _OPENDB_FAIL_LIGHT; return PWE_DB_EMPTY; } // Select algorithm if((hdr.dwFlags & PWM_FLAG_RIJNDAEL) != 0) m_nAlgorithm = ALGO_AES; else if((hdr.dwFlags & PWM_FLAG_TWOFISH) != 0) m_nAlgorithm = ALGO_TWOFISH; else { ASSERT(FALSE); _OPENDB_FAIL; } m_dwKeyEncRounds = hdr.dwKeyEncRounds; // Generate m_pTransformedMasterKey from m_pMasterKey if(_TransformMasterKey(hdr.aMasterSeed2) == FALSE) { ASSERT(FALSE); _OPENDB_FAIL; } ProtectTransformedMasterKey(false); // Hash the master password with the salt in the file sha256_begin(&sha32); sha256_hash(hdr.aMasterSeed, 16, &sha32); sha256_hash(m_pTransformedMasterKey, 32, &sha32); sha256_end((unsigned char *)uFinalKey, &sha32); ProtectTransformedMasterKey(true); if(pRepair == NULL) { // ASSERT(((uFileSize - sizeof(PW_DBHEADER)) % 16) == 0); if(((uFileSize - sizeof(PW_DBHEADER)) % 16) != 0) { _OPENDB_FAIL_LIGHT; return PWE_INVALID_FILESIZE; } } else // Repair the database { if(((uFileSize - sizeof(PW_DBHEADER)) % 16) != 0) { uFileSize -= sizeof(PW_DBHEADER); ASSERT((uFileSize & 0xF) != 0); uFileSize &= ~0xFUL; uFileSize += sizeof(PW_DBHEADER); } ASSERT(((uFileSize - sizeof(PW_DBHEADER)) % 16) == 0); pRepair->dwOriginalGroupCount = hdr.dwGroups; pRepair->dwOriginalEntryCount = hdr.dwEntries; } if(m_nAlgorithm == ALGO_AES) { CRijndael aes; // Initialize Rijndael algorithm if(aes.Init(CRijndael::CBC, CRijndael::DecryptDir, uFinalKey, CRijndael::Key32Bytes, hdr.aEncryptionIV) != RIJNDAEL_SUCCESS) { _OPENDB_FAIL_LIGHT; return PWE_CRYPT_ERROR; } // Decrypt! The first bytes aren't encrypted (that's the header) uEncryptedPartSize = (unsigned long)aes.PadDecrypt((UINT8 *)pVirtualFile + sizeof(PW_DBHEADER), uFileSize - sizeof(PW_DBHEADER), (UINT8 *)pVirtualFile + sizeof(PW_DBHEADER)); } else if(m_nAlgorithm == ALGO_TWOFISH) { CTwofish twofish; if(twofish.Init(uFinalKey, 32, hdr.aEncryptionIV) != true) { _OPENDB_FAIL }; uEncryptedPartSize = (unsigned long)twofish.PadDecrypt((UINT8 *)pVirtualFile + sizeof(PW_DBHEADER), uFileSize - sizeof(PW_DBHEADER), (UINT8 *)pVirtualFile + sizeof(PW_DBHEADER)); }