![]() ![]() | ![]() |
Update crypto support to last openssl 1.1.0
1: /************************************************************************* 2: * (C) 2010 AITNET ltd - Sofia/Bulgaria - <misho@aitnet.org> 3: * by Michael Pounov <misho@elwix.org> 4: * 5: * $Author: misho $ 6: * $Id: crypt.c,v 1.10.10.1 2019/10/08 12:58:55 misho Exp $ 7: * 8: ************************************************************************** 9: The ELWIX and AITNET software is distributed under the following 10: terms: 11: 12: All of the documentation and software included in the ELWIX and AITNET 13: Releases is copyrighted by ELWIX - Sofia/Bulgaria <info@elwix.org> 14: 15: Copyright 2004 - 2014 16: by Michael Pounov <misho@elwix.org>. All rights reserved. 17: 18: Redistribution and use in source and binary forms, with or without 19: modification, are permitted provided that the following conditions 20: are met: 21: 1. Redistributions of source code must retain the above copyright 22: notice, this list of conditions and the following disclaimer. 23: 2. Redistributions in binary form must reproduce the above copyright 24: notice, this list of conditions and the following disclaimer in the 25: documentation and/or other materials provided with the distribution. 26: 3. All advertising materials mentioning features or use of this software 27: must display the following acknowledgement: 28: This product includes software developed by Michael Pounov <misho@elwix.org> 29: ELWIX - Embedded LightWeight unIX and its contributors. 30: 4. Neither the name of AITNET nor the names of its contributors 31: may be used to endorse or promote products derived from this software 32: without specific prior written permission. 33: 34: THIS SOFTWARE IS PROVIDED BY AITNET AND CONTRIBUTORS ``AS IS'' AND 35: ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 36: IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 37: ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 38: FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 39: DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 40: OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 41: HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 42: LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 43: OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 44: SUCH DAMAGE. 45: */ 46: #include "global.h" 47: 48: 49: /* 50: * ioCipher() - Cipher wrapper for all supported crypto algorythms 51: * 52: * @pInput = input buffer 53: * @inLen = input buffer len 54: * @ppOutput = output allocated buffe, must be e_free after use 55: * @Cipher = cipher engine, like EVP_bf_cbc() or etc... 56: * @pKey = key 57: * @pIV = IV, salt (8 bytes) 58: * @nMode = Mode 0 - decrypting or 1 - encrypting 59: * return: 0 not present data or error!; >0 number of processed and returned bytes into ppOutput 60: */ 61: int 62: ioCipher(u_char *pInput, int inLen, u_char **ppOutput, const EVP_CIPHER *Cipher, 63: u_char *pKey, u_char *pIV, int nMode) 64: { 65: EVP_CIPHER_CTX ctx; 66: int chunk, buflen, outlen = 0; 67: u_char *pos, *buf = NULL; 68: 69: if (!pInput || !inLen || !ppOutput || nMode & 0xFFFFFFFE) 70: return 0; 71: buf = e_malloc(inLen + EVP_MAX_BLOCK_LENGTH); 72: if (!buf) { 73: LOGERR; 74: goto end; 75: } else 76: memset(buf, 0, inLen + EVP_MAX_BLOCK_LENGTH); 77: 78: EVP_CIPHER_CTX_init(&ctx); 79: EVP_CipherInit_ex(&ctx, Cipher, NULL, pKey, pIV, nMode); 80: 81: for (outlen = 0, buflen = -1, pos = pInput; inLen; outlen += buflen) { 82: chunk = inLen > 7 ? 8 : inLen; 83: 84: if (!EVP_CipherUpdate(&ctx, buf + outlen, &buflen, pos, chunk)) { 85: EVP_CIPHER_CTX_cleanup(&ctx); 86: outlen = 0; 87: e_free(buf); 88: buf = NULL; 89: goto end; 90: } else { 91: if (nMode && !buflen) 92: break; 93: 94: pos += chunk; 95: inLen -= chunk; 96: } 97: } 98: if (!EVP_CipherFinal_ex(&ctx, buf + outlen, &buflen)) { 99: outlen = 0; 100: e_free(buf); 101: buf = NULL; 102: } else 103: outlen += buflen; 104: 105: EVP_CIPHER_CTX_cleanup(&ctx); 106: end: 107: *ppOutput = buf; 108: return outlen; 109: } 110: 111: /* 112: * io_Blowfish() - Blowfish cipher algorythm, work with ASCII hex strings 113: * 114: * @pInput = input buffer 115: * @inLen = input buffer len 116: * @ppOutput = output allocated buffe, must be e_free after use 117: * @pKey = key 118: * @pIV = IV, salt (8 bytes) 119: * @nMode = Mode 0 - decrypting or 1 - encrypting 120: * return: 0 not present data or error!; >0 number of processed and returned bytes into ppOutput 121: */ 122: int 123: io_Blowfish(u_char *pInput, int inLen, u_char **ppOutput, u_char *pKey, u_char *pIV, int nMode) 124: { 125: int len, ret; 126: register int i; 127: char bufCH[3], *str = NULL; 128: u_char *buf = NULL; 129: 130: if (!pInput || !inLen || !ppOutput || nMode & 0xFFFFFFFE) 131: return 0; 132: 133: if (nMode) { 134: len = strlen((char*) pInput); 135: str = e_strdup((char*) pInput); 136: } else { 137: len = strlen((char*) pInput) / 2; 138: str = e_malloc(len + 1); 139: if (!str) { 140: LOGERR; 141: return 0; 142: } else 143: memset(str, 0, len + 1); 144: 145: for (i = 0; i < len * 2; i += 2) { 146: strlcpy(bufCH, (char*) &pInput[i], 3); 147: str[i / 2] = (u_char) strtol(bufCH, NULL, 16); 148: } 149: } 150: 151: ret = len = ioCipher((u_char*) str, len, &buf, EVP_bf_cbc(), pKey, pIV, nMode); 152: e_free(str); 153: 154: if (nMode) { 155: ret *= 2; 156: *ppOutput = e_malloc(ret + 1); 157: if (!*ppOutput) { 158: LOGERR; 159: return 0; 160: } else 161: memset(*ppOutput, 0, ret + 1); 162: 163: for (i = 0; i < len; i++) { 164: memset(bufCH, 0, 3); 165: snprintf(bufCH, 3, "%02x", buf[i]); 166: strlcat((char*) *ppOutput, bufCH, ret + 1); 167: } 168: } else 169: if (ret && buf) 170: *ppOutput = (u_char*) e_strdup((char*) buf); 171: 172: return ret; 173: } 174: 175: /* 176: * io_ctr_AES() - Encrypt/Decrypt stream cipher CTR_AES 177: * 178: * @pInput = Input buffer with ASCII 179: * @inLen = Input buffer data length 180: * @ppOutput = Output buffer with cipher data, must be e_free after use 181: * @pKey = Key 182: * @IV = IVector/Nonce/Counter, Warning: IV must be variable, because we write there!!! 183: * return: -1 error or >-1 how many cipher blocks proceeded 184: */ 185: int 186: io_ctr_AES(u_char *pInput, int inLen, u_char **ppOutput, u_char *pKey, u_char IV[AES_BLOCK_SIZE]) 187: { 188: u_int num; 189: AES_KEY key; 190: u_char ecount_buf[AES_BLOCK_SIZE] = { 0 }; 191: int total = 0; 192: 193: if (!pInput || !inLen || !ppOutput) 194: return -1; 195: 196: *ppOutput = e_malloc(inLen); 197: if (!*ppOutput) { 198: LOGERR; 199: return -1; 200: } else 201: memset(*ppOutput, 0, inLen); 202: 203: AES_set_encrypt_key(pKey, 128, &key); 204: 205: while (inLen) { 206: num = 0; 207: memset(ecount_buf, 0, sizeof ecount_buf); 208: #if OPENSSL_VERSION_NUMBER >= 0x10100000L 209: CRYPTO_ctr128_encrypt(pInput + total, (*ppOutput) + total, 210: (inLen / (AES_BLOCK_SIZE - 1)) ? (AES_BLOCK_SIZE - 1) : inLen, 211: &key, IV, ecount_buf, &num, (block128_f) AES_encrypt); 212: #else 213: AES_ctr128_encrypt(pInput + total, (*ppOutput) + total, 214: (inLen / (AES_BLOCK_SIZE - 1)) ? (AES_BLOCK_SIZE - 1) : inLen, 215: &key, IV, ecount_buf, &num); 216: #endif 217: if (num < 1) { 218: e_free(*ppOutput); 219: *ppOutput = NULL; 220: total = -1; 221: break; 222: } else { 223: total += num; 224: inLen -= num; 225: } 226: } 227: 228: return total; 229: }