gchar* remmina_crypt_decrypt(const gchar *str) { guchar* buf; gsize buf_len; gcry_error_t err; gcry_cipher_hd_t hd; if (!str || str[0] == '\0') return NULL; if (!remmina_crypt_init(&hd)) return NULL; buf = g_base64_decode(str, &buf_len); err = gcry_cipher_decrypt(hd, buf, buf_len, NULL, 0); if (err) { g_print("gcry_cipher_decrypt failure: %s\n", gcry_strerror(err)); g_free(buf); gcry_cipher_close(hd); return NULL; } gcry_cipher_close(hd); /* Just in case */ buf[buf_len - 1] = '\0'; return (gchar*) buf; }
/** * ntfs_fek_release */ static void ntfs_fek_release(ntfs_fek *fek) { if (fek->des_gcry_cipher_hd_ptr) gcry_cipher_close(*fek->des_gcry_cipher_hd_ptr); gcry_cipher_close(fek->gcry_cipher_hd); free(fek); }
static void dCMAC(guint8 *pK, guint8 *ws, const guint8 *pN, guint16 SizeN, const guint8 *pC, guint16 SizeC) { gcry_cipher_hd_t cipher_hd; guint8 *work; guint8 *ptr; guint16 SizeT = SizeN + SizeC; guint16 worksize = SizeT; /* worksize must be an integral multiple of 16 */ if (SizeT & 0xf) { worksize += 0x10 - (worksize & 0xf); } work = (guint8 *)g_malloc(worksize); if (work == NULL) { return; } memcpy(work, pN, SizeN); if (pC != NULL) { memcpy(&work[SizeN], pC, SizeC); } /* * pad the data if necessary, and XOR Q or D, depending on * whether data was padded or not */ if (worksize != SizeT) { work[SizeT] = 0x80; for (ptr = &work[SizeT+1]; ptr < &work[worksize]; ptr++) *ptr = 0; ptr= &work[worksize-0x10]; BLK_XOR(ptr, instance.Q); } else { ptr = &work[worksize-0x10]; BLK_XOR(ptr, instance.D); } /* open the cipher */ if (gcry_cipher_open(&cipher_hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC,0)){/* GCRY_CIPHER_CBC_MAC)) { */ g_free(work); return; } if (gcry_cipher_setkey(cipher_hd, pK, EAX_SIZEOF_KEY)) { g_free(work); gcry_cipher_close(cipher_hd); return; } if (gcry_cipher_setiv(cipher_hd, ws, EAX_SIZEOF_KEY)) { g_free(work); gcry_cipher_close(cipher_hd); return; } if (gcry_cipher_encrypt(cipher_hd, work, worksize, work, worksize)) { g_free(work); gcry_cipher_close(cipher_hd); return; } memcpy(ws, ptr, EAX_SIZEOF_KEY); g_free(work); gcry_cipher_close(cipher_hd); return; }
static void CTR(const guint8 *ws, guint8 *pK, guint8 *pN, guint16 SizeN) { gcry_cipher_hd_t cipher_hd; guint8 ctr[EAX_SIZEOF_KEY]; BLK_CPY(ctr, ws); ctr[12] &= 0x7f; ctr[14] &= 0x7f; /* open the cipher */ if (gcry_cipher_open(&cipher_hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0)) { return; } if (gcry_cipher_setkey(cipher_hd, pK, EAX_SIZEOF_KEY)) { gcry_cipher_close(cipher_hd); return; } if (gcry_cipher_setctr(cipher_hd, ctr, EAX_SIZEOF_KEY)) { gcry_cipher_close(cipher_hd); return; } if (gcry_cipher_encrypt(cipher_hd, pN, SizeN, pN, SizeN)) { gcry_cipher_close(cipher_hd); return; } gcry_cipher_close(cipher_hd); return; }
static void bench_aead_decrypt_do_bench (struct bench_obj *obj, void *buf, size_t buflen, const char *nonce, size_t noncelen) { gcry_cipher_hd_t hd = obj->priv; int err; char tag[16] = { 0, }; gcry_cipher_setiv (hd, nonce, noncelen); gcry_cipher_final (hd); err = gcry_cipher_decrypt (hd, buf, buflen, buf, buflen); if (err) { fprintf (stderr, PGM ": gcry_cipher_encrypt failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } err = gcry_cipher_checktag (hd, tag, sizeof (tag)); if (gpg_err_code (err) == GPG_ERR_CHECKSUM) err = gpg_error (GPG_ERR_NO_ERROR); if (err) { fprintf (stderr, PGM ": gcry_cipher_gettag failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } }
static void bench_gcm_decrypt_do_bench (struct bench_obj *obj, void *buf, size_t buflen) { gcry_cipher_hd_t hd = obj->priv; int err; char tag[16] = { 0, }; char nonce[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88, }; gcry_cipher_setiv (hd, nonce, sizeof (nonce)); err = gcry_cipher_decrypt (hd, buf, buflen, buf, buflen); if (err) { fprintf (stderr, PGM ": gcry_cipher_encrypt failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } err = gcry_cipher_checktag (hd, tag, sizeof (tag)); if (gpg_err_code (err) == GPG_ERR_CHECKSUM) err = gpg_error (GPG_ERR_NO_ERROR); if (err) { fprintf (stderr, PGM ": gcry_cipher_gettag failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } }
/* destroy partner */ static void PianoDestroyPartner (PianoPartner_t *partner) { free (partner->user); free (partner->password); free (partner->device); free (partner->authToken); gcry_cipher_close (partner->in); gcry_cipher_close (partner->out); memset (partner, 0, sizeof (*partner)); }
static void bench_ccm_authenticate_do_bench (struct bench_obj *obj, void *buf, size_t buflen) { gcry_cipher_hd_t hd = obj->priv; int err; char tag[8] = { 0, }; char nonce[11] = { 0x80, 0x01, }; u64 params[3]; char data = 0xff; gcry_cipher_setiv (hd, nonce, sizeof (nonce)); /* Set CCM lengths */ params[0] = sizeof (data); /*datalen */ params[1] = buflen; /*aadlen */ params[2] = sizeof (tag); err = gcry_cipher_ctl (hd, GCRYCTL_SET_CCM_LENGTHS, params, sizeof (params)); if (err) { fprintf (stderr, PGM ": gcry_cipher_ctl failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } err = gcry_cipher_authenticate (hd, buf, buflen); if (err) { fprintf (stderr, PGM ": gcry_cipher_authenticate failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } err = gcry_cipher_encrypt (hd, &data, sizeof (data), &data, sizeof (data)); if (err) { fprintf (stderr, PGM ": gcry_cipher_encrypt failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } err = gcry_cipher_gettag (hd, tag, sizeof (tag)); if (err) { fprintf (stderr, PGM ": gcry_cipher_gettag failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } }
void test_libgcrypt_serpent_ecb() { gcry_cipher_hd_t encctx; gcry_cipher_open(&encctx, GCRY_CIPHER_SERPENT256, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(encctx, enckey, 32); gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(encctx); gcry_cipher_hd_t decctx; gcry_cipher_open(&decctx, GCRY_CIPHER_SERPENT256, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(decctx, enckey, 32); gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(decctx); }
void test_libgcrypt_rijndael_ecb() { gcry_cipher_hd_t encctx; gcry_cipher_open(&encctx, GCRY_CIPHER_RIJNDAEL256, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(encctx, enckey, 32); gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(encctx); gcry_cipher_hd_t decctx; gcry_cipher_open(&decctx, GCRY_CIPHER_RIJNDAEL256, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(decctx, enckey, 32); gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(decctx); }
static int bench_encrypt_init (struct bench_obj *obj) { struct bench_cipher_mode *mode = obj->priv; gcry_cipher_hd_t hd; int err, keylen; obj->min_bufsize = BUF_START_SIZE; obj->max_bufsize = BUF_END_SIZE; obj->step_size = BUF_STEP_SIZE; obj->num_measure_repetitions = num_measurement_repetitions; err = gcry_cipher_open (&hd, mode->algo, mode->mode, 0); if (err) { fprintf (stderr, PGM ": error opening cipher `%s'\n", gcry_cipher_algo_name (mode->algo)); exit (1); } keylen = gcry_cipher_get_algo_keylen (mode->algo); if (keylen) { char key[keylen]; int i; for (i = 0; i < keylen; i++) key[i] = 0x33 ^ (11 - i); err = gcry_cipher_setkey (hd, key, keylen); if (err) { fprintf (stderr, PGM ": gcry_cipher_setkey failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } } else { fprintf (stderr, PGM ": failed to get key length for algorithm `%s'\n", gcry_cipher_algo_name (mode->algo)); gcry_cipher_close (hd); exit (1); } obj->priv = hd; return 0; }
void test_libgcrypt_blowfish_ecb() { gcry_cipher_hd_t encctx; gcry_cipher_open(&encctx, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(encctx, enckey, 16); gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(encctx); gcry_cipher_hd_t decctx; gcry_cipher_open(&decctx, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(decctx, enckey, 16); gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(decctx); }
void test_libgcrypt_3des_ecb() { gcry_cipher_hd_t encctx; gcry_cipher_open(&encctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(encctx, enckey, 24); gcry_cipher_encrypt(encctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(encctx); gcry_cipher_hd_t decctx; gcry_cipher_open(&decctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(decctx, enckey, 24); gcry_cipher_decrypt(decctx, buffer, bufferlen, buffer, bufferlen); gcry_cipher_close(decctx); }
/** * ntfs_des_test */ static BOOL ntfs_des_test(void) { const u8 known_des_key[8] = { 0x27, 0xd1, 0x93, 0x09, 0xcb, 0x78, 0x93, 0x1f }; const u8 known_des_encrypted_data[8] = { 0xdc, 0xf7, 0x68, 0x2a, 0xaf, 0x48, 0x53, 0x0f }; const u8 known_decrypted_data[8] = { 0xd8, 0xd9, 0x15, 0x23, 0x5b, 0x88, 0x0e, 0x09 }; u8 test_decrypted_data[8]; int res; gcry_error_t err; gcry_cipher_hd_t gcry_cipher_hd; err = gcry_cipher_open(&gcry_cipher_hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); if (err != GPG_ERR_NO_ERROR) { ntfs_log_error("Failed to open des cipher (error 0x%x).\n", err); return FALSE; } err = gcry_cipher_setkey(gcry_cipher_hd, known_des_key, sizeof(known_des_key)); if (err != GPG_ERR_NO_ERROR) { ntfs_log_error("Failed to set des key (error 0x%x.\n", err); gcry_cipher_close(gcry_cipher_hd); return FALSE; } /* * Apply DES decryption (ntfs actually uses encryption when decrypting). */ err = gcry_cipher_encrypt(gcry_cipher_hd, test_decrypted_data, sizeof(test_decrypted_data), known_des_encrypted_data, sizeof(known_des_encrypted_data)); gcry_cipher_close(gcry_cipher_hd); if (err) { ntfs_log_error("Failed to des decrypt test data (error " "0x%x).\n", err); return FALSE; } res = !memcmp(test_decrypted_data, known_decrypted_data, sizeof(known_decrypted_data)); ntfs_log_error("Testing whether des decryption works: %s\n", res ? "SUCCESS" : "FAILED"); return res; }
static gboolean remmina_crypt_init(gcry_cipher_hd_t *phd) { guchar* secret; gcry_error_t err; gsize secret_len; secret = g_base64_decode(remmina_pref.secret, &secret_len); if (secret_len < 32) { g_print("secret corrupted\n"); g_free(secret); return FALSE; } err = gcry_cipher_open(phd, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0); if (err) { g_print("gcry_cipher_open failure: %s\n", gcry_strerror(err)); g_free(secret); return FALSE; } err = gcry_cipher_setkey((*phd), secret, 24); if (err) { g_print("gcry_cipher_setkey failure: %s\n", gcry_strerror(err)); g_free(secret); gcry_cipher_close((*phd)); return FALSE; } err = gcry_cipher_setiv((*phd), secret + 24, 8); if (err) { g_print("gcry_cipher_setiv failure: %s\n", gcry_strerror(err)); g_free(secret); gcry_cipher_close((*phd)); return FALSE; } g_free(secret); return TRUE; }
static gboolean gst_hls_demux_decrypt_start (GstHLSDemux * demux, const guint8 * key_data, const guint8 * iv_data) { gcry_error_t err = 0; gboolean ret = FALSE; err = gcry_cipher_open (&demux->aes_ctx, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, 0); if (err) goto out; err = gcry_cipher_setkey (demux->aes_ctx, key_data, 16); if (err) goto out; err = gcry_cipher_setiv (demux->aes_ctx, iv_data, 16); if (!err) ret = TRUE; out: if (!ret) if (demux->aes_ctx) gcry_cipher_close (demux->aes_ctx); return ret; }
extern void io_release(IO_HANDLE ptr) { io_private_t *io_ptr = ptr; if (!io_ptr) return (errno = EBADF , (void)NULL); if (io_ptr->buffer_crypt) { if (io_ptr->buffer_crypt->stream) gcry_free(io_ptr->buffer_crypt->stream); gcry_free(io_ptr->buffer_crypt); } if (io_ptr->buffer_ecc) { if (io_ptr->buffer_ecc->stream) free(io_ptr->buffer_ecc->stream); free(io_ptr->buffer_ecc); } if (io_ptr->cipher_init) gcry_cipher_close(io_ptr->cipher_handle); if (io_ptr->hash_init) gcry_md_close(io_ptr->hash_handle); if (io_ptr->lzma_init) lzma_end(&io_ptr->lzma_handle); gcry_free(io_ptr); io_ptr = NULL; return; }
static void encrypt_seskey (DEK *dek, DEK **seskey, byte *enckey) { gcry_cipher_hd_t hd; byte buf[33]; assert ( dek->keylen <= 32 ); if (!*seskey) { *seskey=xmalloc_clear(sizeof(DEK)); (*seskey)->keylen=dek->keylen; (*seskey)->algo=dek->algo; make_session_key(*seskey); /*log_hexdump( "thekey", c->key, c->keylen );*/ } /* The encrypted session key is prefixed with a one-octet algorithm id. */ buf[0] = (*seskey)->algo; memcpy( buf + 1, (*seskey)->key, (*seskey)->keylen ); /* We only pass already checked values to the following fucntion, thus we consider any failure as fatal. */ if (openpgp_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1)) BUG (); if (gcry_cipher_setkey (hd, dek->key, dek->keylen)) BUG (); gcry_cipher_setiv (hd, NULL, 0); gcry_cipher_encrypt (hd, buf, (*seskey)->keylen + 1, NULL, 0); gcry_cipher_close (hd); memcpy( enckey, buf, (*seskey)->keylen + 1 ); wipememory( buf, sizeof buf ); /* burn key */ }
Gc_rc gc_cipher_close (gc_cipher_handle handle) { gcry_cipher_close (handle); return GC_OK; }
static void bench_encrypt_free (struct bench_obj *obj) { gcry_cipher_hd_t hd = obj->priv; gcry_cipher_close (hd); }
int init_decrypt_ctx(struct decrypt_ctx *ctx, struct psafe3_pro *pro, struct safe_sec *sec) { gcry_error_t gerr; assert(ctx != NULL); assert(pro != NULL); assert(sec != NULL); gerr = gcry_cipher_open(&ctx->cipher, GCRY_CIPHER_TWOFISH, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); if (gerr != GPG_ERR_NO_ERROR) goto err_cipher; ctx->gerr = gcry_cipher_setkey(ctx->cipher, sec->rand_k, 32); if (gerr != GPG_ERR_NO_ERROR) goto err_cipher; ctx->gerr = gcry_cipher_setiv(ctx->cipher, pro->iv, 16); if (gerr != GPG_ERR_NO_ERROR) goto err_cipher; gerr = gcry_md_open(&ctx->hmac, GCRY_MD_SHA256, GCRY_MD_FLAG_SECURE|GCRY_MD_FLAG_HMAC); if (gerr != GPG_ERR_NO_ERROR) goto err_hmac; gerr = gcry_md_setkey(ctx->hmac, sec->rand_l, 32); if (gerr != GPG_ERR_NO_ERROR) goto err_hmac; return 0; err_hmac: gcry_cipher_close(ctx->cipher); err_cipher: ctx->gerr = gerr; return -1; }
static int doDecrypt(FILE *logfp, FILE *eifp, FILE *outfp) { off64_t blkEnd; off64_t currOffs = 0; int r = 1; int fd; struct stat buf; while(1) { /* process block */ if(initCrypt(eifp) != 0) goto done; /* set blkEnd to size of logfp and proceed. */ if((fd = fileno(logfp)) == -1) { r = -1; goto done; } if((r = fstat(fd, &buf)) != 0) goto done; blkEnd = buf.st_size; r = eiGetEND(eifp, &blkEnd); if(r != 0 && r != 1) goto done; decryptBlock(logfp, outfp, blkEnd, &currOffs); gcry_cipher_close(gcry_chd); } r = 0; done: return r; }
int aes_ctr (char* key, int keyLength, char* inFile, long fileLength, char* ctrInit, int blockLength, char** outFile){ gcry_error_t err; gcry_cipher_hd_t aeshd; err = gcry_cipher_open(&aeshd, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CTR, GCRY_CIPHER_SECURE); if(err){return CIPHER_OPEN_ERROR;} err = gcry_cipher_setkey(aeshd, key, keyLength); if(err){return CIPHER_SETKEY_ERROR;} err = gcry_cipher_setctr(aeshd, ctrInit, blockLength); if(err){return CIPHER_SETCTR_ERROR;} *outFile = (char*)(malloc(fileLength * sizeof(char))); DPRINT("going to enc/dec now\n"); err = gcry_cipher_encrypt(aeshd, *outFile, fileLength, inFile, fileLength); if(err){return CIPHER_ENCRYPT_ERROR;} DPRINT("done with enc/dec\n"); gcry_cipher_close(aeshd); return NONE; }
/** * @brief Decipher a buffer using AES-128 with CBC. */ int crypt_aes_dec(crypt_context_t *context, char *encBuffer, char *outBuffer, unsigned int buffLen, char *iniVector) { int rv; ASSERT(context, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n"); ASSERT(encBuffer, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n"); ASSERT(outBuffer, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n"); ASSERT(iniVector, rv, CRYPT_FAILED, "crypt_aes_dec: Argument is NULL.\n"); ASSERT(context->initialised, rv, CRYPT_FAILED, "crypt_aes_dec: Context is not initialised.\n"); gcry_error_t gcryError; gcry_cipher_hd_t gcryCipherHd = NULL; size_t keyLength = gcry_cipher_get_algo_keylen(GCRY_CIPHER_AES128); size_t blkLength = gcry_cipher_get_algo_blklen(GCRY_CIPHER_AES128); gcryError = gcry_cipher_open(&gcryCipherHd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, 0); ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError)); gcryError = gcry_cipher_setkey(gcryCipherHd, context->secretKey, keyLength); ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError)); gcryError = gcry_cipher_setiv(gcryCipherHd, iniVector, blkLength); ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError)); gcryError = gcry_cipher_decrypt(gcryCipherHd, outBuffer, buffLen, encBuffer, buffLen); ASSERT(!gcryError, rv, CRYPT_FAILED, "crypt_aes_dec: %s: %s\n", gcry_strsource(gcryError), gcry_strerror(gcryError)); _err: if(gcryCipherHd) gcry_cipher_close(gcryCipherHd); return rv; }
std::string crypt_plugin::do_crypto( unsigned short len ) { char *b, *r, *buff; std::string out; gcry_cipher_hd_t hand; gcry_cipher_open( &hand, GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS ); gcry_cipher_setiv( hand, NULL, 0 ); b = new char[16]; gcry_randomize( b, 16, GCRY_STRONG_RANDOM ); gcry_cipher_setkey( hand, b, 16 ); buff = new char[len]; r = new char[len+1]; gcry_randomize( r, len, GCRY_STRONG_RANDOM ); gcry_cipher_encrypt( hand, buff, len, r, len ); delete b; memset( r, 0, len+1 ); for( unsigned int i = 0; i < len; i++ ) { int k = 1 + (int) (92.0 * ((float)buff[i] / 256.0)); if( k < 0 ) k *= -1; r[i] = k+34; } gcry_cipher_close(hand); out = r; delete buff; delete r; return out; }
netmd_error netmd_secure_commit_track(netmd_dev_handle *dev, uint16_t track, unsigned char* sessionkey) { unsigned char cmdhdr[] = {0x00, 0x10, 0x01}; unsigned char cmd[sizeof(cmdhdr) + sizeof(track) + 8]; unsigned char *buf; gcry_cipher_hd_t handle; unsigned char hash[8] = { 0 }; netmd_response response; netmd_error error; buf = cmd; memcpy(buf, cmdhdr, sizeof(cmdhdr)); buf += sizeof(cmdhdr); netmd_copy_word_to_buffer(&buf, track, 0); gcry_cipher_open(&handle, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); gcry_cipher_setkey(handle, sessionkey, 8); gcry_cipher_encrypt(handle, buf, sizeof(hash), hash, sizeof(hash)); buf += sizeof(hash); gcry_cipher_close(handle); error = netmd_exch_secure_msg(dev, 0x48, cmd, sizeof(cmd), &response); netmd_check_response_bulk(&response, cmdhdr, sizeof(cmdhdr), &error); netmd_check_response_word(&response, track, &error); return error; }
/**************** * Make a session key and put it into DEK */ void make_session_key( DEK *dek ) { gcry_cipher_hd_t chd; int i, rc; dek->keylen = openpgp_cipher_get_algo_keylen (dek->algo); if (openpgp_cipher_open (&chd, dek->algo, GCRY_CIPHER_MODE_CFB, (GCRY_CIPHER_SECURE | (dek->algo >= 100 ? 0 : GCRY_CIPHER_ENABLE_SYNC))) ) BUG(); gcry_randomize (dek->key, dek->keylen, GCRY_STRONG_RANDOM ); for (i=0; i < 16; i++ ) { rc = gcry_cipher_setkey (chd, dek->key, dek->keylen); if (!rc) { gcry_cipher_close (chd); return; } if (gpg_err_code (rc) != GPG_ERR_WEAK_KEY) BUG(); log_info(_("weak key created - retrying\n") ); /* Renew the session key until we get a non-weak key. */ gcry_randomize (dek->key, dek->keylen, GCRY_STRONG_RANDOM); } log_fatal (_("cannot avoid weak key for symmetric cipher; " "tried %d times!\n"), i); }
netmd_error netmd_secure_setup_download(netmd_dev_handle *dev, unsigned char *contentid, unsigned char *key_encryption_key, unsigned char *sessionkey) { unsigned char cmdhdr[] = { 0x00, 0x00 }; unsigned char data[32] = { 0x01, 0x01, 0x01, 0x01 /* ... */}; unsigned char cmd[sizeof(cmdhdr) + sizeof(data)]; unsigned char iv[8] = { 0 }; gcry_cipher_hd_t handle; netmd_response response; netmd_error error; memcpy(data + 4, contentid, 20); memcpy(data + 24, key_encryption_key, 8); gcry_cipher_open(&handle, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0); gcry_cipher_setkey(handle, sessionkey, 8); gcry_cipher_setiv(handle, iv, 8); gcry_cipher_encrypt(handle, data, sizeof(data), NULL, 0); gcry_cipher_close(handle); memcpy(cmd, cmdhdr, sizeof(cmdhdr)); memcpy(cmd + sizeof(cmdhdr), data, 32); error = netmd_exch_secure_msg(dev, 0x22, cmd, sizeof(cmd), &response); netmd_check_response_bulk(&response, cmdhdr, sizeof(cmdhdr), &error); return error; }
static void bench_aead_authenticate_do_bench (struct bench_obj *obj, void *buf, size_t buflen, const char *nonce, size_t noncelen) { gcry_cipher_hd_t hd = obj->priv; int err; char tag[16] = { 0, }; char data = 0xff; err = gcry_cipher_setiv (hd, nonce, noncelen); if (err) { fprintf (stderr, PGM ": gcry_cipher_setiv failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } err = gcry_cipher_authenticate (hd, buf, buflen); if (err) { fprintf (stderr, PGM ": gcry_cipher_authenticate failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } gcry_cipher_final (hd); err = gcry_cipher_encrypt (hd, &data, sizeof (data), &data, sizeof (data)); if (err) { fprintf (stderr, PGM ": gcry_cipher_encrypt failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } err = gcry_cipher_gettag (hd, tag, sizeof (tag)); if (err) { fprintf (stderr, PGM ": gcry_cipher_gettag failed: %s\n", gpg_strerror (err)); gcry_cipher_close (hd); exit (1); } }
static int privatekey_decrypt(int algo, int mode, unsigned int key_len, unsigned char *iv, unsigned int iv_len, ssh_buffer data, ssh_auth_callback cb, void *userdata, const char *desc) { char passphrase[MAX_PASSPHRASE_SIZE] = {0}; unsigned char key[MAX_KEY_SIZE] = {0}; unsigned char *tmp = NULL; gcry_cipher_hd_t cipher; int rc = -1; if (!algo) { return -1; } if (cb) { rc = (*cb)(desc, passphrase, MAX_PASSPHRASE_SIZE, 0, 0, userdata); if (rc < 0) { return -1; } } else if (cb == NULL && userdata != NULL) { snprintf(passphrase, MAX_PASSPHRASE_SIZE, "%s", (char *) userdata); } if (passphrase_to_key(passphrase, strlen(passphrase), iv, key, key_len) < 0) { return -1; } if (gcry_cipher_open(&cipher, algo, mode, 0) || gcry_cipher_setkey(cipher, key, key_len) || gcry_cipher_setiv(cipher, iv, iv_len) || (tmp = malloc(ssh_buffer_get_len(data) * sizeof (char))) == NULL || gcry_cipher_decrypt(cipher, tmp, ssh_buffer_get_len(data), ssh_buffer_get(data), ssh_buffer_get_len(data))) { gcry_cipher_close(cipher); return -1; } memcpy(ssh_buffer_get(data), tmp, ssh_buffer_get_len(data)); SAFE_FREE(tmp); gcry_cipher_close(cipher); return 0; }