예제 #1
0
static int
decrypt_token (CcnetProcessor *processor)
{
    USE_PRIV;
    int hex_len, encrypted_len, token_len; 
    char *encrypted_token = NULL;
    SeafileCrypt *crypt = NULL;
    unsigned char key[16], iv[16];
    char *token = NULL;
    int ret = 0;

    /* raw data is half the length of hexidecimal */
    hex_len = strlen(priv->token);
    if (hex_len % 2 != 0) {
        seaf_warning ("[check tx slave v3] invalid length of encrypted token\n"); 
        ret = -1;
        goto out;
    }

    encrypted_len = hex_len / 2;
    encrypted_token = g_malloc (encrypted_len);
    hex_to_rawdata (priv->token,
                    (unsigned char *)encrypted_token,
                    encrypted_len);

    EVP_BytesToKey (EVP_aes_128_cbc(), /* cipher mode */
                    EVP_sha1(),        /* message digest */
                    NULL,              /* slat */
                    (unsigned char*)priv->session_key,
                    strlen(priv->session_key),
                    1,   /* iteration times */
                    key, /* the derived key */
                    iv); /* IV, initial vector */

    crypt = seafile_crypt_new (1, key, iv);
    
    if (seafile_decrypt (&token, &token_len, encrypted_token,
                         encrypted_len, crypt) < 0) {
        seaf_warning ("[check tx slave v3] failed to decrypt token\n");
        ret = -1;
        goto out;
    }

    g_free (priv->token);
    /* we can use the decrypted data directly, since the trailing null byte is
     * also included when encrypting in the client */
    priv->token = token;

out:
    g_free (crypt);
    g_free (encrypted_token);
    
    return ret;
}
예제 #2
0
파일: cipher.cpp 프로젝트: psi-im/cutestuff
static const EVP_CIPHER * typeToCIPHER(Cipher::Type t)
{
	if(t == Cipher::TripleDES)
		return EVP_des_ede3_cbc();
	else if(t == Cipher::AES_128)
		return EVP_aes_128_cbc();
	else if(t == Cipher::AES_256)
		return EVP_aes_256_cbc();
	else
		return 0;
}
예제 #3
0
파일: pem_lib.c 프로젝트: RobinWuDev/Qt
static const EVP_CIPHER* cipher_by_name(const char *name) {
  if (strcmp(name, "DES-CBC") == 0) {
    return EVP_des_cbc();
  } else if (strcmp(name, "AES-128-CBC") == 0) {
    return EVP_aes_128_cbc();
  } else if (strcmp(name,  "AES-256-CBC") == 0) {
    return EVP_aes_256_cbc();
  } else {
    return NULL;
  }
}
예제 #4
0
static gboolean
gst_hls_demux_decrypt_start (GstHLSDemux * demux, const guint8 * key_data,
    const guint8 * iv_data)
{
  EVP_CIPHER_CTX_init (&demux->aes_ctx);
  if (!EVP_DecryptInit_ex (&demux->aes_ctx, EVP_aes_128_cbc (), NULL, key_data,
          iv_data))
    return FALSE;
  EVP_CIPHER_CTX_set_padding (&demux->aes_ctx, 0);
  return TRUE;
}
예제 #5
0
static const EVP_CIPHER * _wi_cipher_cipher(wi_cipher_t *cipher) {
	switch(cipher->type) {
		case WI_CIPHER_AES128:		return EVP_aes_128_cbc();
		case WI_CIPHER_AES192:		return EVP_aes_192_cbc();
		case WI_CIPHER_AES256:		return EVP_aes_256_cbc();
		case WI_CIPHER_BF128:		return EVP_bf_cbc();
		case WI_CIPHER_3DES192:		return EVP_des_ede3_cbc();
	}
	
	return NULL;
}
int decrypt_and_verify_secrets(CPOR_key *key, unsigned char *input, size_t input_len, unsigned char *plaintext, size_t *plaintext_len, unsigned char *authenticator, size_t authenticator_len) {

    EVP_CIPHER_CTX ctx;
    EVP_CIPHER *cipher = NULL;
    unsigned char mac[EVP_MAX_MD_SIZE];
    size_t mac_size = EVP_MAX_MD_SIZE;
    int len;

    if(!key || !key->k_enc || !key->k_mac || !input || !input_len || !plaintext || !plaintext_len || !authenticator || !authenticator_len) return 0;

    OpenSSL_add_all_algorithms();
    memset(mac, 0, mac_size);

    /* Verify the HMAC-SHA1 */
    if(!HMAC(EVP_sha1(), key->k_mac, key->k_mac_size, input, input_len, mac, (unsigned int *)&mac_size)) goto cleanup;
    if(authenticator_len != mac_size) goto cleanup;
    if(memcmp(mac, authenticator, mac_size) != 0) goto cleanup;


    EVP_CIPHER_CTX_init(&ctx);
    switch(key->k_enc_size) {
    case 16:
        cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
        break;
    case 24:
        cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
        break;
    case 32:
        cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
        break;
    default:
        return 0;
    }
    if(!EVP_DecryptInit(&ctx, cipher, key->k_enc, NULL)) goto cleanup;

    *plaintext_len = 0;

    if(!EVP_DecryptUpdate(&ctx, plaintext, (int *)plaintext_len, input, input_len)) goto cleanup;
    EVP_DecryptFinal(&ctx, plaintext + *plaintext_len, &len);

    *plaintext_len += len;

    EVP_CIPHER_CTX_cleanup(&ctx);

    return 1;

cleanup:
    *plaintext_len = 0;

    return 0;

}
예제 #7
0
void EVP_CIPHER_do_all_sorted(void (*callback)(const EVP_CIPHER *cipher,
                                               const char *name,
                                               const char *unused, void *arg),
                              void *arg) {
  callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg);
  callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg);
  callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg);
  callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg);
  callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg);
  callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg);
  callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg);
  callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg);
  callback(EVP_aes_256_xts(), "AES-256-XTS", NULL, arg);
  callback(EVP_des_cbc(), "DES-CBC", NULL, arg);
  callback(EVP_des_ecb(), "DES-ECB", NULL, arg);
  callback(EVP_des_ede(), "DES-EDE", NULL, arg);
  callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg);
  callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg);
  callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg);
  callback(EVP_rc4(), "RC4", NULL, arg);

  // OpenSSL returns everything twice, the second time in lower case.
  callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg);
  callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg);
  callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg);
  callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg);
  callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg);
  callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg);
  callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg);
  callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg);
  callback(EVP_aes_256_xts(), "aes-256-xts", NULL, arg);
  callback(EVP_des_cbc(), "des-cbc", NULL, arg);
  callback(EVP_des_ecb(), "des-ecb", NULL, arg);
  callback(EVP_des_ede(), "des-ede", NULL, arg);
  callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg);
  callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg);
  callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg);
  callback(EVP_rc4(), "rc4", NULL, arg);
}
예제 #8
0
void *encfs_common_get_salt(char *ciphertext)
{
	char *ctcopy = strdup(ciphertext);
	char *keeptr = ctcopy;
	int i;
	char *p;
	static encfs_common_custom_salt cs;
	ctcopy += 7;
	p = strtokm(ctcopy, "*");
	cs.keySize = atoi(p);
	switch(cs.keySize)
	{
		case 128:
			cs.blockCipher = EVP_aes_128_cbc();
			cs.streamCipher = EVP_aes_128_cfb();
			break;

		case 192:
			cs.blockCipher = EVP_aes_192_cbc();
			cs.streamCipher = EVP_aes_192_cfb();
			break;
		case 256:
		default:
			cs.blockCipher = EVP_aes_256_cbc();
			cs.streamCipher = EVP_aes_256_cfb();
			break;
	}
	cs.keySize = cs.keySize / 8;
	p = strtokm(NULL, "*");
	cs.iterations = atoi(p);
	p = strtokm(NULL, "*");
	cs.cipher = atoi(p);
	p = strtokm(NULL, "*");
	cs.saltLen = atoi(p);
	p = strtokm(NULL, "*");
	for (i = 0; i < cs.saltLen; i++)
		cs.salt[i] =
			atoi16[ARCH_INDEX(p[i * 2])] * 16 +
			atoi16[ARCH_INDEX(p[i * 2 + 1])];
	p = strtokm(NULL, "*");
	cs.dataLen = atoi(p);
	p = strtokm(NULL, "*");
	for (i = 0; i < cs.dataLen; i++)
		cs.data[i] =
			atoi16[ARCH_INDEX(p[i * 2])] * 16 +
			atoi16[ARCH_INDEX(p[i * 2 + 1])];

	cs.ivLength = EVP_CIPHER_iv_length( cs.blockCipher );
	MEM_FREE(keeptr);
	return (void *) &cs;
}
예제 #9
0
static const EVP_CIPHER *getAesCipher(size32_t keyLen)
{
    switch (keyLen)
    {
    case 128/8:
        return EVP_aes_128_cbc();
    case 192/8:
        return EVP_aes_192_cbc();
    case 256/8:
        return EVP_aes_256_cbc();
    default:
        throw makeStringException(0, "Invalid AES key size, must be 128, 192 or 256 bit");
    }
}
int encrypt_and_authentucate_secrets(CPOR_key *key, unsigned char *input, size_t input_len, unsigned char *ciphertext, size_t *ciphertext_len, unsigned char *authenticator, size_t *authenticator_len) {

    EVP_CIPHER_CTX ctx;
    EVP_CIPHER *cipher = NULL;
    int len;

    if(!key || !key->k_enc || !key->k_mac || !input || !input_len || !ciphertext || !ciphertext_len || !authenticator || !authenticator_len) return 0;

    OpenSSL_add_all_algorithms();

    EVP_CIPHER_CTX_init(&ctx);
    switch(key->k_enc_size) {
    case 16:
        cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
        break;
    case 24:
        cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
        break;
    case 32:
        cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
        break;
    default:
        return 0;
    }
    //TODO: Fix the NULL IV
    if(!EVP_EncryptInit(&ctx, cipher, key->k_enc, NULL)) goto cleanup;

    *ciphertext_len = 0;

    if(!EVP_EncryptUpdate(&ctx, ciphertext, (int *)ciphertext_len, input, input_len)) goto cleanup;
    EVP_EncryptFinal(&ctx, ciphertext + *ciphertext_len, &len);

    *ciphertext_len += len;

    *authenticator_len = 0;
    /* Do the HMAC-SHA1 */
    if(!HMAC(EVP_sha1(), key->k_mac, key->k_mac_size, ciphertext, *ciphertext_len,
             authenticator, (unsigned int *)authenticator_len)) goto cleanup;

    EVP_CIPHER_CTX_cleanup(&ctx);

    return 1;

cleanup:
    *ciphertext_len = 0;
    *authenticator_len = 0;

    return 0;

}
예제 #11
0
파일: openssl.c 프로젝트: KaneRoot/COSE-C
bool AES_CBC_MAC_Validate(COSE_MacMessage * pcose, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
{
	const EVP_CIPHER * pcipher = NULL;
	EVP_CIPHER_CTX ctx;
	int cbOut;
	byte rgbIV[16] = { 0 };
	byte rgbTag[16] = { 0 };
	bool f = false;
	unsigned int i;

	switch (cbKey*8) {
	case 128:
		pcipher = EVP_aes_128_cbc();
		break;

	case 256:
		pcipher = EVP_aes_256_cbc();
		break;

	default:
		FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
	}

	//  Setup and run the OpenSSL code

	EVP_CIPHER_CTX_init(&ctx);
	CHECK_CONDITION(EVP_EncryptInit_ex(&ctx, pcipher, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);

	TSize /= 8;

	for (i = 0; i < (unsigned int) cbAuthData / 16; i++) {
		CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, pbAuthData+(i*16), 16), COSE_ERR_CRYPTO_FAIL);
	}
	if (cbAuthData % 16 != 0) {
		CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, pbAuthData + (i * 16), cbAuthData % 16), COSE_ERR_CRYPTO_FAIL);
		CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, rgbIV, 16 - (cbAuthData % 16)), COSE_ERR_CRYPTO_FAIL);
	}

	cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
	CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);

	for (i = 0; i < (unsigned int)TSize; i++) f |= (cn->v.bytes[i] != rgbTag[i]);

	EVP_CIPHER_CTX_cleanup(&ctx);
	return !f;

errorReturn:
	EVP_CIPHER_CTX_cleanup(&ctx);
	return false;
}
const EVP_CIPHER * Aes128EncriptionStrategy::getType(EncriptionBlockType mode){
	const EVP_CIPHER * type;
	switch(mode){
		case CBC:
			type = EVP_aes_128_cbc(); break;
		case OFB:
			type = EVP_aes_128_ofb(); break;
		case CFB:
			type = EVP_aes_128_cfb8(); break;
		case ECB:
			type = EVP_aes_128_ecb(); break;
	}
	return type;
}
예제 #13
0
int decrypt(char *message, uint32_t message_size, char *password, char *plaintext){
  EVP_CIPHER_CTX *ctx;
  int len;
  int plaintext_len;
  char key[KEY_SIZE_BYTES];
  int status = generateKey(password, SALT, key);
  if(!status){
    return -1;
  }
  const char *ciphertext = getEncryptedBody(message);


  /* Create and initialise the context */
  if(!(ctx = EVP_CIPHER_CTX_new())){
    return -1;
  } 
  

  /* Initialise the decryption operation. IMPORTANT - ensure you use a key
   * and IV size appropriate for your cipher
   * In this example we are using 256 bit AES (i.e. a 256 bit key). The
   * IV size for *most* modes is the same as the block size. For AES this
   * is 128 bits */
  if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, (unsigned char *) key, (unsigned char *) message)){
    return -1;
  }

  /* Provide the message to be decrypted, and obtain the plaintext output.
   * EVP_DecryptUpdate can be called multiple times if necessary
   */
  if(1 != EVP_DecryptUpdate(ctx, (unsigned char *) plaintext, &len, (unsigned char *) ciphertext, message_size - IV_SIZE_BYTES)){
    return -1;
  }

  plaintext_len = len;

  /* Finalise the decryption. Further plaintext bytes may be written at
   * this stage.
   */
  if(1 != EVP_DecryptFinal_ex(ctx, (unsigned char *) plaintext + len, &len)){
    return -1;
  } 
  plaintext_len += len;

  /* Clean up */
  EVP_CIPHER_CTX_free(ctx);

  return plaintext_len;
}
예제 #14
0
파일: aes-pipe.c 프로젝트: flihp/aes-pipe
int
aes_init (crypt_data_t* crypt_data, crypt_init_t crypt_init)
{
    const EVP_CIPHER* cipher = 0;

    switch (crypt_data->keysize) {
    case 16:
        cipher = EVP_aes_128_cbc ();
        break;
    case 24:
        cipher = EVP_aes_192_cbc ();
        break;
    case 32:
        cipher = EVP_aes_256_cbc ();
        break;
    default:
        fprintf (stderr, "Invalid key size.\n");
        return -1;
    }

    EVP_CIPHER_CTX_init (&crypt_data->ctx);
    if (!crypt_init (&crypt_data->ctx,
                     cipher,
                     NULL,
                     crypt_data->keybuf,
                     crypt_data->ivbuf)) {
        fprintf (stderr, "OpenSSL initialization failed.\n");
        return 1;
    }
    if (verbose) {
        fprintf (stderr,
                 "EVP Initialized\n  Algorithm: %s\n",
                 EVP_CIPHER_name (EVP_CIPHER_CTX_cipher (&crypt_data->ctx)));
        fprintf (stderr, "  IV:  ");
        pp_buf (stderr, crypt_data->ivbuf, crypt_data->ivsize, 16, 2);
        fprintf (stderr, "  Key: ");
        pp_buf (stderr, crypt_data->keybuf, crypt_data->keysize, 16, 2);
    }
    crypt_data->buf_size = INBUFSIZE;
    crypt_data->out_buf =
        (char*)malloc (crypt_data->buf_size +
                       EVP_CIPHER_CTX_block_size (&crypt_data->ctx));
    crypt_data->in_buf = (char*)malloc (crypt_data->buf_size);
    if (!crypt_data->out_buf || !crypt_data->in_buf) {
        fprintf (stderr, "Unable to allocate memory.\n");
        return 1;
    }
    return 0;
}
예제 #15
0
/* token -> AES encrypt with session key -> rawdata_to_hex -> output  */
static char *
encrypt_token (CcnetProcessor *processor, const char *token)
{
    CcnetPeer *peer = NULL;
    char *enc_out = NULL;
    SeafileCrypt *crypt = NULL;
    unsigned char key[16], iv[16];
    int len;
    char *output = NULL;

    if (!token)
        goto out;

    peer = ccnet_get_peer(seaf->ccnetrpc_client, processor->peer_id);
    if (!peer || !peer->session_key) {
        seaf_warning ("[check tx v3] peer or peer session key not exist\n");
        goto out;
    }

    EVP_BytesToKey (EVP_aes_128_cbc(), /* cipher mode */
                    EVP_sha1(),        /* message digest */
                    NULL,              /* slat */
                    (unsigned char*)peer->session_key,
                    strlen(peer->session_key),
                    1,   /* iteration times */
                    key, /* the derived key */
                    iv); /* IV, initial vector */

    crypt = seafile_crypt_new (CURRENT_ENC_VERSION, key, iv);
    
    /* encrypt the token with session key, including the trailing null byte */
    if (seafile_encrypt (&enc_out, &len, token, strlen(token) + 1, crypt) < 0) {
        seaf_warning ("[check tx v3] failed to encrypt token\n");
        goto out;
    }

    output = g_malloc (len * 2 + 1);
    rawdata_to_hex ((unsigned char *)enc_out, output, len);
    output[len * 2] = '\0';

    
out:
    g_free (crypt);
    g_free (enc_out);
    if (peer)
        g_object_unref(peer);

    return output;
}
예제 #16
0
int AesFileEnc::do_crypt(FILE *in, FILE *out, int do_encrypt, unsigned char* key)
{
	/* Allow enough space in output buffer for additional block */
	unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
	int inlen, outlen;
	EVP_CIPHER_CTX ctx;

	std::cout << "tutaj";
	//	std::cout <<key<<std::endl;
	//unsigned char key[] = "0123456789abcdeF";
	std::cout <<key<< std::endl;


	//unsigned char iv[] = "1234567887654321";
	EVP_CIPHER_CTX_init(&ctx);
	
			EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
				do_encrypt);
			
	unsigned char *iv = this->iv(EVP_CIPHER_CTX_iv_length(&ctx));	
			std::cout<< this->keyLength << std::endl;
			std::cout<< EVP_CIPHER_CTX_iv_length(&ctx) <<std::endl;
			OPENSSL_assert(EVP_CIPHER_CTX_key_length(&ctx) == this->keyLength);
			//OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx) == this->keyLength);
			EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
	
			for(;;)
					{
					inlen = fread(inbuf, 1, 1024, in);
					if(inlen <= 0) break;
					if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
							{
	
							EVP_CIPHER_CTX_cleanup(&ctx);
							return 0;
							}
					fwrite(outbuf, 1, outlen, out);
					}
			if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))
					{

					EVP_CIPHER_CTX_cleanup(&ctx);
					return 0;
					}
			fwrite(outbuf, 1, outlen, out);

			EVP_CIPHER_CTX_cleanup(&ctx);
			return 1;
			}
예제 #17
0
/*
 * AES libcrypto
 */
static int sb_aes_init(struct sb_image_ctx *ictx, uint8_t *iv, int enc)
{
	EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx;
	int ret;

	/* If there is no init vector, init vector is all zeroes. */
	if (!iv)
		iv = ictx->image_key;

	EVP_CIPHER_CTX_init(ctx);
	ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), ictx->image_key, iv, enc);
	if (ret == 1)
		EVP_CIPHER_CTX_set_padding(ctx, 0);
	return ret;
}
예제 #18
0
	explicit Cipher(Name name = N_AES128_CBC)
		: cipher_(0)
	{
		EVP_CIPHER_CTX_init(&ctx_);
		switch (name) {
		case N_AES128_CBC: cipher_ = EVP_aes_128_cbc(); break;
		case N_AES192_CBC: cipher_ = EVP_aes_192_cbc(); break;
		case N_AES256_CBC: cipher_ = EVP_aes_256_cbc(); break;
		case N_AES128_ECB: cipher_ = EVP_aes_128_ecb(); break;
		case N_AES192_ECB: cipher_ = EVP_aes_192_ecb(); break;
		case N_AES256_ECB: cipher_ = EVP_aes_256_ecb(); break;
		default:
			throw cybozu::Exception("crypto:Cipher:Cipher:name") << (int)name;
		}
	}
예제 #19
0
char* decryptToArray(FILE *ifp,char ckey[], char ivec[]) {

    fseek(ifp, 0L, SEEK_END); int fsize = ftell(ifp);

    fseek(ifp, 0L, SEEK_SET);

    int outLen1 = 0; int outLen2 = 0; unsigned char *indata = malloc(fsize);
    unsigned char *outdata = malloc(fsize);

    fread(indata,sizeof(char),fsize, ifp);//Read Entire File

    EVP_CIPHER_CTX ctx; EVP_DecryptInit(&ctx,EVP_aes_128_cbc(),ckey,ivec);
    EVP_DecryptUpdate(&ctx,outdata,&outLen1,indata,fsize);
    EVP_DecryptFinal(&ctx,outdata + outLen1,&outLen2);
    return(outdata); }
예제 #20
0
파일: crypto.cpp 프로젝트: timn/fawkes
/** Get cipher by name constants.
 * @param cipher cipher name
 * @return cipher engine
 */
const EVP_CIPHER *
cipher_by_name(const char *cipher)
{
  if (strcmp(cipher, LN_aes_128_ecb) == 0) {
    return EVP_aes_128_ecb();
  } else if (strcmp(cipher, LN_aes_128_cbc) == 0) {
    return EVP_aes_128_cbc();
  } else if (strcmp(cipher, LN_aes_256_ecb) == 0) {
    return EVP_aes_256_ecb();
  } else if (strcmp(cipher, LN_aes_256_cbc) == 0) {
    return EVP_aes_256_cbc();
  } else {
    throw std::runtime_error("Unknown cipher type");
  }
}
예제 #21
0
/* convert SSH v2 key in OpenSSL PEM format */
static int
sshkey_private_pem_to_blob(struct sshkey *key, struct sshbuf *blob,
    const char *_passphrase, const char *comment)
{
	int success, r;
	int blen, len = strlen(_passphrase);
	u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL;
	const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL;
	const u_char *bptr;
	BIO *bio = NULL;

	if (len > 0 && len <= 4)
		return SSH_ERR_PASSPHRASE_TOO_SHORT;
	if ((bio = BIO_new(BIO_s_mem())) == NULL)
		return SSH_ERR_ALLOC_FAIL;

	switch (key->type) {
	case KEY_DSA:
		success = PEM_write_bio_DSAPrivateKey(bio, key->dsa,
		    cipher, passphrase, len, NULL, NULL);
		break;
	case KEY_ECDSA:
		success = PEM_write_bio_ECPrivateKey(bio, key->ecdsa,
		    cipher, passphrase, len, NULL, NULL);
		break;
	case KEY_RSA:
		success = PEM_write_bio_RSAPrivateKey(bio, key->rsa,
		    cipher, passphrase, len, NULL, NULL);
		break;
	default:
		success = 0;
		break;
	}
	if (success == 0) {
		r = SSH_ERR_LIBCRYPTO_ERROR;
		goto out;
	}
	if ((blen = BIO_get_mem_data(bio, &bptr)) <= 0) {
		r = SSH_ERR_INTERNAL_ERROR;
		goto out;
	}
	if ((r = sshbuf_put(blob, bptr, blen)) != 0)
		goto out;
	r = 0;
 out:
	BIO_free(bio);
	return r;
}
예제 #22
0
vod_status_t 
aes_cbc_encrypt_init(
	aes_cbc_encrypt_context_t** context,
	request_context_t* request_context,
	write_callback_t callback,
	void* callback_context,
	const u_char* key,
	const u_char* iv)
{
	aes_cbc_encrypt_context_t* state;
	vod_pool_cleanup_t *cln;

	state = vod_alloc(request_context->pool, sizeof(*state));
	if (state == NULL)
	{
		vod_log_debug0(VOD_LOG_DEBUG_LEVEL, request_context->log, 0,
			"aes_cbc_encrypt_init: vod_alloc failed");
		return VOD_ALLOC_FAILED;
	}

	cln = vod_pool_cleanup_add(request_context->pool, 0);
	if (cln == NULL)
	{
		vod_log_debug0(VOD_LOG_DEBUG_LEVEL, request_context->log, 0,
			"aes_cbc_encrypt_init: vod_pool_cleanup_add failed");
		return VOD_ALLOC_FAILED;
	}

	cln->handler = (vod_pool_cleanup_pt)aes_cbc_encrypt_cleanup;
	cln->data = state;	

	state->callback = callback;
	state->callback_context = callback_context;
	state->request_context = request_context;

	EVP_CIPHER_CTX_init(&state->cipher);
	
	if (1 != EVP_EncryptInit_ex(&state->cipher, EVP_aes_128_cbc(), NULL, key, iv))
	{
		vod_log_error(VOD_LOG_ERR, request_context->log, 0,
			"aes_cbc_encrypt_init: EVP_EncryptInit_ex failed");
		return VOD_ALLOC_FAILED;
	}
	
	*context = state;

	return VOD_OK;
}
예제 #23
0
/* CMAC-AES128: generate hash of known digest value and compare to known
   precomputed correct hash
*/
static int FIPS_cmac_aes128_test()
{
    unsigned char key[16] = { 0x2b,0x7e,0x15,0x16, 0x28,0xae,0xd2,0xa6,
                              0xab,0xf7,0x15,0x88, 0x09,0xcf,0x4f,0x3c,
                            };
    unsigned char data[] = "Sample text";
    unsigned char kaval[EVP_MAX_MD_SIZE] =
    {   0x16,0x83,0xfe,0xac, 0x52,0x9b,0xae,0x23,
        0xd7,0xd5,0x66,0xf5, 0xd2,0x8d,0xbd,0x2a,
    };

    unsigned char *out = NULL;
    size_t outlen;
    CMAC_CTX *ctx = CMAC_CTX_new();
    int r = 0;

    ERR_clear_error();

    if (!ctx)
        goto end;
    if (!CMAC_Init(ctx,key,sizeof(key),EVP_aes_128_cbc(),NULL))
        goto end;
    if (!CMAC_Update(ctx,data,sizeof(data)-1))
        goto end;
    /* This should return 1.  If not, there's a programming error... */
    if (!CMAC_Final(ctx, out, &outlen))
        goto end;
    out = OPENSSL_malloc(outlen);
    if (!CMAC_Final(ctx, out, &outlen))
        goto end;
#if 0
    {
        char *hexout = OPENSSL_malloc(outlen * 2 + 1);
        bin2hex(out, outlen, hexout);
        printf("CMAC-AES128: res = %s\n", hexout);
        OPENSSL_free(hexout);
    }
    r = 1;
#else
    if (!memcmp(out,kaval,outlen))
        r = 1;
#endif
end:
    CMAC_CTX_free(ctx);
    if (out)
        OPENSSL_free(out);
    return r;
}
예제 #24
0
파일: libcrypto.c 프로젝트: codinn/libssh
static void evp_cipher_init(struct ssh_cipher_struct *cipher) {
    if (cipher->ctx == NULL) {
        cipher->ctx = EVP_CIPHER_CTX_new();
    }

    switch(cipher->ciphertype){
    case SSH_AES128_CBC:
        cipher->cipher = EVP_aes_128_cbc();
        break;
    case SSH_AES192_CBC:
        cipher->cipher = EVP_aes_192_cbc();
        break;
    case SSH_AES256_CBC:
        cipher->cipher = EVP_aes_256_cbc();
        break;
#ifdef HAVE_OPENSSL_EVP_AES_CTR
    case SSH_AES128_CTR:
        cipher->cipher = EVP_aes_128_ctr();
        break;
    case SSH_AES192_CTR:
        cipher->cipher = EVP_aes_192_ctr();
        break;
    case SSH_AES256_CTR:
        cipher->cipher = EVP_aes_256_ctr();
        break;
#else
    case SSH_AES128_CTR:
    case SSH_AES192_CTR:
    case SSH_AES256_CTR:
        SSH_LOG(SSH_LOG_WARNING, "This cipher is not available in evp_cipher_init");
        break;
#endif
    case SSH_3DES_CBC:
        cipher->cipher = EVP_des_ede3_cbc();
        break;
    case SSH_BLOWFISH_CBC:
        cipher->cipher = EVP_bf_cbc();
        break;
        /* ciphers not using EVP */
    case SSH_3DES_CBC_SSH1:
    case SSH_DES_CBC_SSH1:
        SSH_LOG(SSH_LOG_WARNING, "This cipher should not use evp_cipher_init");
        break;
    case SSH_NO_CIPHER:
        SSH_LOG(SSH_LOG_WARNING, "No valid ciphertype found");
        break;
    }
}
예제 #25
0
    bool crypt_openssl::decode(unsigned char *datain, int lenin, unsigned char *dataout, int lenout)
    {
        EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, NULL, NULL);
        OPENSSL_assert(EVP_CIPHER_CTX_key_length(ctx) == 16);
        OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) == 16);
        EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv);

        if(!EVP_DecryptUpdate(ctx, dataout, &lenout, datain, lenin))
        {
            return false;
        }
        if(!EVP_EncryptFinal_ex(ctx, dataout, &lenout))
        {
            return false;
        }
    }
예제 #26
0
SSH2Encryption::SSH2Encryption(const QString & algorithm)
{
    m_ctx = EVP_CIPHER_CTX_new();
    if (algorithm == "aes128-cbc") {
        m_ivLen = 16;
        m_blockSize = 16;
        m_secretLen = 16;
        m_evptype = EVP_aes_128_cbc();
    } else if (algorithm == "3des-cbc") {
        m_ivLen = 8;
        m_blockSize = 8;
        m_secretLen = 24;
        m_evptype = EVP_des_ede3_cbc();
    }

}
예제 #27
0
bool RarVolume::DecryptInit(int keyLength)
{
#ifdef HAVE_OPENSSL
	if (!(m_context = EVP_CIPHER_CTX_new())) return false;
	if (!EVP_DecryptInit((EVP_CIPHER_CTX*)m_context,
		keyLength == 128 ? EVP_aes_128_cbc() : EVP_aes_256_cbc(),
		m_decryptKey, m_decryptIV))
		return false;
	return true;
#elif defined(HAVE_NETTLE)
	m_context = new aes_ctx;
	aes_set_decrypt_key((aes_ctx*)m_context, keyLength == 128 ? 16 : 32, m_decryptKey);
	return true;
#else
	return false;
#endif
}
예제 #28
0
static wi_boolean_t _wi_cipher_set_type(wi_cipher_t *cipher, wi_cipher_type_t type) {
	cipher->type = type;
	
#ifdef WI_CIPHER_OPENSSL
	switch(cipher->type) {
		case WI_CIPHER_AES128:
			cipher->cipher = EVP_aes_128_cbc();
			return true;
			
		case WI_CIPHER_AES192:
			cipher->cipher = EVP_aes_192_cbc();
			return true;
			
		case WI_CIPHER_AES256:
			cipher->cipher = EVP_aes_256_cbc();
			return true;
			
		case WI_CIPHER_BF128:
			cipher->cipher = EVP_bf_cbc();
			return true;
			
		case WI_CIPHER_3DES192:
			cipher->cipher = EVP_des_ede3_cbc();
			return true;
			
		default:
			return false;
	}
#endif
			
#ifdef WI_CIPHER_COMMONCRYPTO
	switch(cipher->type) {
		case WI_CIPHER_AES128:
			cipher->algorithm = kCCAlgorithmAES128;
			return true;
		
		case WI_CIPHER_3DES192:
			cipher->algorithm = kCCAlgorithm3DES;
			return true;
		
		default:
			return false;
	}
#endif
}
예제 #29
0
파일: openssl.c 프로젝트: KaneRoot/COSE-C
//  We are doing CBC-MAC not CMAC at this time
bool AES_CMAC_Validate(COSE_MacMessage * pcose, int KeySize, int TagSize, const byte * pbAuthData, int cbAuthData, cose_errback * perr)
{
	CMAC_CTX * pctx = NULL;
	const EVP_CIPHER * pcipher = NULL;
	byte * rgbOut = NULL;
	size_t cbOut;
	bool f = false;
	unsigned int i;
#ifdef USE_CBOR_CONTEXT
	cn_cbor_context * context = &pcose->m_message.m_allocContext;
#endif

	pctx = CMAC_CTX_new();


	switch (KeySize) {
	case 128: pcipher = EVP_aes_128_cbc(); break;
	case 256: pcipher = EVP_aes_256_cbc(); break;
	default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
	}

	rgbOut = COSE_CALLOC(128/8, 1, context);
	CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);

	CHECK_CONDITION(CMAC_Init(pctx, pcose->pbKey, pcose->cbKey, pcipher, NULL /*impl*/) == 1, COSE_ERR_CRYPTO_FAIL);
	CHECK_CONDITION(CMAC_Update(pctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
	CHECK_CONDITION(CMAC_Final(pctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);

	cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
	CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);

	for (i = 0; i < (unsigned int)TagSize / 8; i++) f |= (cn->v.bytes[i] != rgbOut[i]);

	COSE_FREE(rgbOut, context);
	CMAC_CTX_cleanup(pctx);
	CMAC_CTX_free(pctx);
	return !f;

errorReturn:
	COSE_FREE(rgbOut, context);
	CMAC_CTX_cleanup(pctx);
	CMAC_CTX_free(pctx);
	return false;

}
예제 #30
0
파일: crypto.cpp 프로젝트: timn/fawkes
/** Get cipher for PB_ENCRYPTION_* constants.
 * @param cipher cipher ID
 * @return cipher engine
 */
const EVP_CIPHER *
cipher_by_id(int cipher)
{
  switch (cipher) {
  case PB_ENCRYPTION_AES_128_ECB:
    return EVP_aes_128_ecb();
  case PB_ENCRYPTION_AES_128_CBC:
    return EVP_aes_128_cbc();

  case PB_ENCRYPTION_AES_256_ECB:
    return EVP_aes_256_ecb();
  case PB_ENCRYPTION_AES_256_CBC:
    return EVP_aes_256_cbc();

  default:
    throw std::runtime_error("Unknown cipher type");
  }
}