void pki_evp::encryptKey(const char *password)
{
int outl, keylen;
EVP_PKEY *pkey1 = NULL;
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *cipher = EVP_des_ede3_cbc();
unsigned char iv[EVP_MAX_IV_LENGTH], *punenc, *punenc1;
unsigned char ckey[EVP_MAX_KEY_LENGTH];
char ownPassBuf[MAX_PASS_LENGTH];
/* This key has its own, private password */
if (ownPass == ptPrivate) {
int ret;
pass_info p(XCA_TITLE, tr("Please enter the password to protect the private key: '%1'").
arg(getIntName()));
ret = MainWindow::passWrite(ownPassBuf, MAX_PASS_LENGTH, 0, &p);
if (ret < 0)
throw errorEx("Password input aborted", class_name);
} else if (ownPass == ptBogus) { // BOGUS password
ownPassBuf[0] = '\0';
} else {
if (password) {
/* use the password parameter if this is a common password */
strncpy(ownPassBuf, password, MAX_PASS_LENGTH);
} else {
int ret = 0;
memcpy(ownPassBuf, passwd, MAX_PASS_LENGTH);
pass_info p(XCA_TITLE, tr("Please enter the database password for encrypting the key"));
while (md5passwd(ownPassBuf) != passHash &&
sha512passwd(ownPassBuf, passHash) != passHash )
{
ret = MainWindow::passRead(ownPassBuf, MAX_PASS_LENGTH, 0,&p);
if (ret < 0)
throw errorEx("Password input aborted", class_name);
}
}
}
/* Prepare Encryption */
memset(iv, 0, EVP_MAX_IV_LENGTH);
RAND_pseudo_bytes(iv,8); /* Generate a salt */
EVP_BytesToKey(cipher, EVP_sha1(), iv, (unsigned char *)ownPassBuf,
strlen(ownPassBuf), 1, ckey, NULL);
EVP_CIPHER_CTX_init (&ctx);
pki_openssl_error();
/* reserve space for unencrypted and encrypted key */
keylen = i2d_PrivateKey(key, NULL);
encKey.resize(keylen + EVP_MAX_KEY_LENGTH + 8);
punenc1 = punenc = (unsigned char *)OPENSSL_malloc(keylen);
check_oom(punenc);
keylen = i2d_PrivateKey(key, &punenc1);
pki_openssl_error();
memcpy(encKey.data(), iv, 8); /* store the iv */
/*
* Now DER version of privkey is in punenc
* and privkey is still in key
*/
/* do the encryption */
/* store key right after the iv */
EVP_EncryptInit(&ctx, cipher, ckey, iv);
unsigned char *penc = (unsigned char *)encKey.data() +8;
EVP_EncryptUpdate(&ctx, penc, &outl, punenc, keylen);
int encKey_len = outl;
EVP_EncryptFinal(&ctx, penc + encKey_len, &outl);
encKey.resize(encKey_len + outl +8);
/* Cleanup */
EVP_CIPHER_CTX_cleanup(&ctx);
/* wipe out the memory */
memset(punenc, 0, keylen);
OPENSSL_free(punenc);
pki_openssl_error();
pkey1 = priv2pub(key);
check_oom(pkey1);
EVP_PKEY_free(key);
key = pkey1;
pki_openssl_error();
//CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF);
//printf("Encrypt: encKey_len=%d\n", encKey_len);
return;
}
static void f_scandir_cb(uv_work_t* req, int status) {
f_t* f = (f_t*)req->loop->data;
f_scandir_response_t response = req->data;
f->stats.tasks_pending--;
if (response->dents == NULL) {
f->stats.errors++;
} else {
set_to_path(f->buf, response->path);
size_t root_len = sl_get_length(f->buf);
size_t off = 0;
while (off < response->dents->length) {
struct dirent* dent = (struct dirent*)(response->dents->buf + off);
sl_set_length(f->buf, root_len);
check_oom(sl_append_f(f->buf, dent->d_name, get_namlen(dent)));
check_oom(sl_null_terminate_f(f->buf));
visit(f);
switch (dent->d_type) {
case DT_UNKNOWN:
case DT_DIR:
case DT_LNK:
if (should_walk(f, f->buf->buf)) {
f_scandir(req->loop, strdup(f->buf->buf));
}
}
off += dent->d_reclen;
}
sl_free(response->dents);
}
(void)status;
free(req);
free(response->path);
free(response);
}
void pki_evp::veryOldFromData(unsigned char *p, int size )
{
unsigned char *sik, *pdec, *pdec1, *sik1;
int outl, decsize;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char ckey[EVP_MAX_KEY_LENGTH];
memset(iv, 0, EVP_MAX_IV_LENGTH);
RSA *rsakey;
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *cipher = EVP_des_ede3_cbc();
sik = (unsigned char *)OPENSSL_malloc(size);
check_oom(sik);
pki_openssl_error();
pdec = (unsigned char *)OPENSSL_malloc(size);
if (pdec == NULL ) {
OPENSSL_free(sik);
check_oom(pdec);
}
pdec1=pdec;
sik1=sik;
memcpy(iv, p, 8); /* recover the iv */
/* generate the key */
EVP_BytesToKey(cipher, EVP_sha1(), iv, (unsigned char *)oldpasswd,
strlen(oldpasswd), 1, ckey,NULL);
/* we use sha1 as message digest,
* because an md5 version of the password is
* stored in the database...
*/
EVP_CIPHER_CTX_init (&ctx);
EVP_DecryptInit( &ctx, cipher, ckey, iv);
EVP_DecryptUpdate( &ctx, pdec , &outl, p + 8, size -8 );
decsize = outl;
EVP_DecryptFinal( &ctx, pdec + decsize , &outl );
decsize += outl;
pki_openssl_error();
memcpy(sik, pdec, decsize);
if (key->type == EVP_PKEY_RSA) {
rsakey=d2i_RSAPrivateKey(NULL,(const unsigned char **)&pdec, decsize);
if (pki_ign_openssl_error()) {
rsakey = d2i_RSA_PUBKEY(NULL, (const unsigned char **)&sik, decsize);
}
pki_openssl_error();
if (rsakey) EVP_PKEY_assign_RSA(key, rsakey);
}
OPENSSL_free(sik1);
OPENSSL_free(pdec1);
EVP_CIPHER_CTX_cleanup(&ctx);
pki_openssl_error();
encryptKey();
}
static void f_scandir_work(uv_work_t* req) {
char* path = req->data;
f_scandir_response_t response = malloc(sizeof(struct f_scandir_response_s));
check_oom(response);
response->dents = sl_alloc_f(1);
check_oom(response->dents);
response->path = path;
if (!f_scandir_impl(path, response)) {
if (response->dents != NULL) {
sl_free(response->dents);
}
response->dents = NULL;
}
req->data = response;
}
static inline void set_to_path(sl_t sl, const char* path) {
size_t path_len = strlen(path);
check_oom(sl_ensure_capacity_f(sl, path_len + 1));
sl_overwrite(sl, 0, path, path_len);
if (sl_peek(sl, path_len - 1) != '/') {
sl_set_length(sl, path_len + 1);
sl_poke(sl, path_len, '/');
} else {
sl_set_length(sl, path_len);
}
}
static inline bool f_scandir_impl(const char* path, f_scandir_response_t response) {
DIR* dir = opendir(path);
if (dir == NULL) {
return false;
}
struct dirent* dent = NULL;
int err = 0;
while (readdir_wrapper(dir, &dent, &err)) {
if (!is_dots(dent->d_name)) {
check_oom(sl_append_f(response->dents, (const char*)dent, dent->d_reclen));
}
}
bool ok = (err == 0);
closedir(dir);
return ok;
}
pki_key::pki_key(const pki_key *pk)
:pki_base(pk->desc)
{
int keylen;
unsigned char *der_key, *p;
ucount = pk->ucount;
keylen = i2d_PUBKEY(pk->key, NULL);
p = der_key = (unsigned char *)OPENSSL_malloc(keylen);
check_oom(der_key);
i2d_PUBKEY(pk->key, &p);
p = der_key;
key = d2i_PUBKEY(NULL, (const unsigned char**)&p, keylen);
OPENSSL_free(der_key);
pki_openssl_error();
}
EVP_PKEY *pki_evp::priv2pub(EVP_PKEY* key)
{
int keylen;
unsigned char *p, *p1;
EVP_PKEY *pubkey;
keylen = i2d_PUBKEY(key, NULL);
p1 = p = (unsigned char *)OPENSSL_malloc(keylen);
check_oom(p);
/* convert rsa/dsa/ec to Pubkey */
keylen = i2d_PUBKEY(key, &p);
pki_openssl_error();
p = p1;
pubkey = d2i_PUBKEY(NULL, (const unsigned char**)&p, keylen);
OPENSSL_free(p1);
pki_openssl_error();
return pubkey;
}
QString pki_key::BN2QString(BIGNUM *bn) const
{
if (bn == NULL)
return "--";
QString x="";
char zs[10];
int j;
int size = BN_num_bytes(bn);
unsigned char *buf = (unsigned char *)OPENSSL_malloc(size);
check_oom(buf);
BN_bn2bin(bn, buf);
for (j = 0; j< size; j++) {
sprintf(zs, "%02X%c",buf[j], ((j+1)%16 == 0) ? '\n' :
j<size-1 ? ':' : ' ');
x += zs;
}
OPENSSL_free(buf);
pki_openssl_error();
return x;
}
SgVector *sg_vector_new(struct SgVectorDriver drv)
{
SgVector *v = sg_vector_try_new(drv);
check_oom(v);
return v;
}
builtin_curves::builtin_curves()
{
int i, num_curves = EC_get_builtin_curves(NULL, 0);
EC_builtin_curve *curves = (EC_builtin_curve*)OPENSSL_malloc(
(int)(sizeof(EC_builtin_curve) *num_curves));
check_oom(curves);
BIGNUM *order = BN_new();
check_oom(order);
EC_get_builtin_curves(curves, num_curves);
for (i=0; i< num_curves; i++) {
size_t j;
int flag = 0, nid = curves[i].nid;
unsigned long type = 0;
for (j=0; j<ARRAY_SIZE(x962_curve_nids); j++) {
if (x962_curve_nids[j] == nid) {
flag = CURVE_X962;
break;
}
}
if (!flag) {
for (j=0; j<ARRAY_SIZE(other_curve_nids); j++) {
if (other_curve_nids[j] == nid) {
flag = CURVE_OTHER;
break;
}
}
}
if (!flag)
continue;
EC_GROUP *group = EC_GROUP_new_by_curve_name(nid);
EC_GROUP_get_order(group, order, NULL);
switch (EC_METHOD_get_field_type(EC_GROUP_method_of(group))) {
case NID_X9_62_prime_field:
type = CKF_EC_F_P;
break;
case NID_X9_62_characteristic_two_field:
type = CKF_EC_F_2M;
break;
default:
continue;
}
#undef PRINT_KNOWN_CURVES
#ifdef PRINT_KNOWN_CURVES
fprintf(stderr, "%50s %27s %20s %s\n",
curves[i].comment, OBJ_nid2sn(nid),
CCHAR(OBJ_obj2QString(OBJ_nid2obj(nid), 1)),
type == CKF_EC_F_P ? "Fp" : "F2m");
#endif
append(builtin_curve(nid, QString(curves[i].comment),
BN_num_bits(order), flag, type));
EC_GROUP_free(group);
}
BN_free(order);
}
EVP_PKEY *pki_evp::decryptKey() const
{
unsigned char *p;
const unsigned char *p1;
int outl, decsize;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char ckey[EVP_MAX_KEY_LENGTH];
EVP_PKEY *tmpkey;
EVP_CIPHER_CTX ctx;
const EVP_CIPHER *cipher = EVP_des_ede3_cbc();
char ownPassBuf[MAX_PASS_LENGTH] = "";
if (isPubKey()) {
unsigned char *q;
outl = i2d_PUBKEY(key, NULL);
p = q = (unsigned char *)OPENSSL_malloc(outl);
check_oom(q);
i2d_PUBKEY(key, &p);
p = q;
tmpkey = d2i_PUBKEY(NULL, (const unsigned char**)&p, outl);
OPENSSL_free(q);
return tmpkey;
}
/* This key has its own password */
if (ownPass == ptPrivate) {
int ret;
pass_info pi(XCA_TITLE, qApp->translate("MainWindow",
"Please enter the password to decrypt the private key: '%1'").arg(getIntName()));
ret = MainWindow::passRead(ownPassBuf, MAX_PASS_LENGTH, 0, &pi);
if (ret < 0)
throw errorEx(tr("Password input aborted"), class_name);
} else if (ownPass == ptBogus) { // BOGUS pass
ownPassBuf[0] = '\0';
} else {
memcpy(ownPassBuf, passwd, MAX_PASS_LENGTH);
//printf("Orig password: '******' len:%d\n", passwd, strlen(passwd));
while (md5passwd(ownPassBuf) != passHash &&
sha512passwd(ownPassBuf, passHash) != passHash)
{
int ret;
//printf("Passhash= '%s', new hash= '%s', passwd= '%s'\n",
//CCHAR(passHash), CCHAR(md5passwd(ownPassBuf)), ownPassBuf);
pass_info p(XCA_TITLE, tr("Please enter the database password for decrypting the key '%1'").arg(getIntName()));
ret = MainWindow::passRead(ownPassBuf, MAX_PASS_LENGTH, 0, &p);
if (ret < 0)
throw errorEx(tr("Password input aborted"), class_name);
}
}
//printf("Using decrypt Pass: %s\n", ownPassBuf);
p = (unsigned char *)OPENSSL_malloc(encKey.count());
check_oom(p);
pki_openssl_error();
p1 = p;
memset(iv, 0, EVP_MAX_IV_LENGTH);
memcpy(iv, encKey.constData(), 8); /* recover the iv */
/* generate the key */
EVP_BytesToKey(cipher, EVP_sha1(), iv, (unsigned char *)ownPassBuf,
strlen(ownPassBuf), 1, ckey,NULL);
/* we use sha1 as message digest,
* because an md5 version of the password is
* stored in the database...
*/
EVP_CIPHER_CTX_init(&ctx);
EVP_DecryptInit(&ctx, cipher, ckey, iv);
EVP_DecryptUpdate(&ctx, p , &outl,
(const unsigned char*)encKey.constData() +8, encKey.count() -8);
decsize = outl;
EVP_DecryptFinal(&ctx, p + decsize , &outl);
decsize += outl;
//printf("Decrypt decsize=%d, encKey_len=%d\n", decsize, encKey_len);
pki_openssl_error();
tmpkey = d2i_PrivateKey(key->type, NULL, &p1, decsize);
pki_openssl_error();
OPENSSL_free(p);
EVP_CIPHER_CTX_cleanup(&ctx);
pki_openssl_error();
if (EVP_PKEY_type(tmpkey->type) == EVP_PKEY_RSA)
RSA_blinding_on(tmpkey->pkey.rsa, NULL);
return tmpkey;
}