Skip to content
Snippets Groups Projects
Commit 8ff1c3e2 authored by Nick Mathewson's avatar Nick Mathewson :game_die:
Browse files

Refactor block ciphers; add 3des 

svn:r196
parent 799dafb8
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/common/crypto.c
+ 113
150
View file @ 8ff1c3e2
......@@ -36,6 +36,42 @@
#define RETURN_SSL_OUTCOME(exp) return !(exp)
#endif
static inline int
crypto_cipher_iv_length(int type) {
switch(type)
{
case CRYPTO_CIPHER_IDENTITY: return 0;
case CRYPTO_CIPHER_DES: return 8;
case CRYPTO_CIPHER_RC4: return 16;
case CRYPTO_CIPHER_3DES: return 8;
default: assert(0); return -1;
}
}
static inline int
crypto_cipher_key_length(int type) {
switch(type)
{
case CRYPTO_CIPHER_IDENTITY: return 0;
case CRYPTO_CIPHER_DES: return 8;
case CRYPTO_CIPHER_RC4: return 16;
case CRYPTO_CIPHER_3DES: return 16;
default: assert(0); return -1;
}
}
static inline EVP_CIPHER *
crypto_cipher_evp_cipher(int type, int enc) {
switch(type)
{
case CRYPTO_CIPHER_IDENTITY: return EVP_enc_null();
case CRYPTO_CIPHER_DES: return EVP_des_ofb();
case CRYPTO_CIPHER_RC4: return EVP_rc4();
case CRYPTO_CIPHER_3DES: return EVP_des_ede_ofb();
default: return NULL;
}
}
int crypto_global_init()
{
ERR_load_crypto_strings();
......@@ -144,6 +180,7 @@ crypto_create_init_cipher(int cipher_type, char *key, char *iv, int encrypt_mode
crypto_cipher_env_t *crypto_new_cipher_env(int type)
{
crypto_cipher_env_t *env;
int iv_len, key_len;
env = (crypto_cipher_env_t *)malloc(sizeof(crypto_cipher_env_t));
if (!env)
......@@ -153,102 +190,54 @@ crypto_cipher_env_t *crypto_new_cipher_env(int type)
env->key = NULL;
env->iv = NULL;
env->aux = NULL;
iv_len = crypto_cipher_iv_length(type);
key_len = crypto_cipher_key_length(type);
switch(type) {
case CRYPTO_CIPHER_IDENTITY:
env->aux = (unsigned char *)malloc(sizeof(EVP_CIPHER_CTX));
if (!env->aux) {
free((void *)env);
return NULL;
}
EVP_CIPHER_CTX_init((EVP_CIPHER_CTX *)env->aux);
break;
case CRYPTO_CIPHER_DES:
env->aux = (unsigned char *)malloc(sizeof(EVP_CIPHER_CTX));
if (!env->aux) {
free((void *)env);
return NULL;
}
env->key = (unsigned char *)malloc(8);
if (!env->key) {
free((void *)env->aux);
free((void *)env);
return NULL;
}
env->iv = (unsigned char *)malloc(8);
if (!env->iv) {
free((void *)env->key);
free((void *)env->aux);
return NULL;
}
EVP_CIPHER_CTX_init((EVP_CIPHER_CTX *)env->aux);
break;
case CRYPTO_CIPHER_RC4:
if (! crypto_cipher_evp_cipher(type,0))
/* This is not an openssl cipher */
goto err;
else {
env->aux = (unsigned char *)malloc(sizeof(EVP_CIPHER_CTX));
if (!env->aux) {
free((void *)env);
return NULL;
}
env->key = (unsigned char *)malloc(16);
if (!env->key) {
free((void *)env->aux);
free((void *)env);
return NULL;
}
env->iv = (unsigned char *)malloc(16);
if (!env->iv) {
free((void *)env->key);
free((void *)env->aux);
return NULL;
}
break;
EVP_CIPHER_CTX_init((EVP_CIPHER_CTX *)env->aux);
default:
free((void *)env);
return NULL;
break;
}
return env;
if (iv_len && !(env->iv = (unsigned char *)malloc(iv_len)))
goto err;
if (key_len && !(env->key = (unsigned char *)malloc(key_len)))
goto err;
err:
if (env->key)
free(env->key);
if (env->iv)
free(env->iv);
if (env->aux)
free(env->aux);
if (env)
free(env);
return NULL;
}
void crypto_free_cipher_env(crypto_cipher_env_t *env)
{
assert(env);
switch(env->type) {
case CRYPTO_CIPHER_IDENTITY:
if (env->aux) {
EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX *)env->aux);
free((void *)env->aux);
}
break;
case CRYPTO_CIPHER_DES:
if (env->aux) {
EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX *)env->aux);
free((void *)env->aux);
}
if (env->key)
free((void *)env->key);
if (env->iv)
free((void *)env->iv);
break;
case CRYPTO_CIPHER_RC4:
if (env->aux) {
EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX *)env->aux);
free((void *)env->aux);
}
if (env->key)
free((void *)env->key);
if (env->iv)
free((void *)env->iv);
break;
default:
break;
if (crypto_cipher_evp_cipher(env->type,0)) {
/* This is an openssl cipher */
assert(env->aux);
EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX *)env->aux);
}
if (env->aux)
free((void *)env->aux);
if (env->iv)
free((void *)env->iv);
if (env->key)
free((void *)env->key);
free((void *)env);
return;
}
/* public key crypto */
......@@ -552,64 +541,49 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, unsigned char *from, int fro
/* symmetric crypto */
int crypto_cipher_generate_key(crypto_cipher_env_t *env)
{
int key_len;
assert(env);
switch(env->type) {
case CRYPTO_CIPHER_IDENTITY:
key_len = crypto_cipher_key_length(env->type);
if (key_len > 0)
return crypto_rand(key_len, env->key);
else if (key_len == 0)
return 0;
case CRYPTO_CIPHER_DES:
return crypto_rand(8, env->key);
case CRYPTO_CIPHER_RC4:
return crypto_rand(16, env->key);
default:
else
return -1;
}
}
int crypto_cipher_set_iv(crypto_cipher_env_t *env, unsigned char *iv)
{
int iv_len;
assert(env && iv);
switch(env->type) {
case CRYPTO_CIPHER_IDENTITY:
break;
case CRYPTO_CIPHER_DES:
if (!env->iv)
return -1;
memcpy((void *)env->iv, (void *)iv, 8);
break;
case CRYPTO_CIPHER_RC4:
if (!env->iv)
return -1;
memcpy((void *)env->iv, (void *)iv, 16);
break;
default:
iv_len = crypto_cipher_iv_length(env->type);
if (!iv_len)
return 0;
if (!env->iv)
return -1;
}
memcpy((void*)env->iv, (void*)iv, iv_len);
return 0;
}
int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key)
{
int key_len;
assert(env && key);
switch(env->type) {
case CRYPTO_CIPHER_IDENTITY:
break;
case CRYPTO_CIPHER_DES:
if (!env->key)
return -1;
memcpy((void *)env->key, (void *)key, 8);
break;
case CRYPTO_CIPHER_RC4:
if (!env->key)
return -1;
memcpy((void *)env->key, (void *)key, 16);
break;
default:
key_len = crypto_cipher_key_length(env->type);
if (!key_len)
return 0;
if (!env->key)
return -1;
}
memcpy((void*)env->key, (void*)key, key_len);
return 0;
}
......@@ -617,37 +591,27 @@ int crypto_cipher_set_key(crypto_cipher_env_t *env, unsigned char *key)
int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env)
{
assert(env);
switch(env->type) {
case CRYPTO_CIPHER_IDENTITY:
RETURN_SSL_OUTCOME(EVP_EncryptInit((EVP_CIPHER_CTX *)env->aux, EVP_enc_null(), env->key, env->iv));
case CRYPTO_CIPHER_DES:
RETURN_SSL_OUTCOME(EVP_EncryptInit((EVP_CIPHER_CTX *)env->aux, EVP_des_ofb(), env->key, env->iv));
case CRYPTO_CIPHER_RC4:
RETURN_SSL_OUTCOME(EVP_EncryptInit((EVP_CIPHER_CTX *)env->aux, EVP_rc4(), env->key, env->iv));
default:
return -1;
}
return 0;
if (crypto_cipher_evp_cipher(env->type, 1)) {
RETURN_SSL_OUTCOME(EVP_EncryptInit((EVP_CIPHER_CTX *)env->aux,
crypto_cipher_evp_cipher(env->type, 1),
env->key, env->iv));
} else {
return -1;
}
}
int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env)
{
assert(env);
switch(env->type) {
case CRYPTO_CIPHER_IDENTITY:
RETURN_SSL_OUTCOME(EVP_DecryptInit((EVP_CIPHER_CTX *)env->aux, EVP_enc_null(), env->key, env->iv));
case CRYPTO_CIPHER_DES:
RETURN_SSL_OUTCOME(EVP_DecryptInit((EVP_CIPHER_CTX *)env->aux, EVP_des_ofb(), env->key, env->iv));
case CRYPTO_CIPHER_RC4:
RETURN_SSL_OUTCOME(EVP_DecryptInit((EVP_CIPHER_CTX *)env->aux, EVP_rc4(), env->key, env->iv));
default:
if (crypto_cipher_evp_cipher(env->type, 0)) {
RETURN_SSL_OUTCOME(EVP_EncryptInit((EVP_CIPHER_CTX *)env->aux,
crypto_cipher_evp_cipher(env->type, 0),
env->key, env->iv));
} else {
return -1;
}
return 0;
}
int crypto_cipher_encrypt(crypto_cipher_env_t *env, unsigned char *from, unsigned int fromlen, unsigned char *to)
......@@ -693,4 +657,3 @@ char *crypto_perror()
{
return (char *)ERR_reason_error_string(ERR_get_error());
}
src/common/crypto.h
+ 1
0
View file @ 8ff1c3e2
......@@ -12,6 +12,7 @@
#define CRYPTO_CIPHER_IDENTITY 0
#define CRYPTO_CIPHER_DES 1
#define CRYPTO_CIPHER_RC4 2
#define CRYPTO_CIPHER_3DES 3
#define CRYPTO_PK_RSA 0
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment