crypt.c 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248
  1. /*
  2. * crypt.c -- handles:
  3. * psybnc crypt()
  4. * File encryption
  5. *
  6. */
  7. #include "common.h"
  8. #include "crypt.h"
  9. #include "settings.h"
  10. #include "misc.h"
  11. #include "base64.h"
  12. #include "src/crypto/crypto.h"
  13. #include <stdarg.h>
  14. #include <bdlib/src/String.h>
  15. #include <bdlib/src/Stream.h>
  16. #include "EncryptedStream.h"
  17. char *encrypt_string(const char *keydata, char *in)
  18. {
  19. size_t len = 0;
  20. unsigned char *bdata = NULL;
  21. char *res = NULL;
  22. len = strlen(in);
  23. bdata = aes_encrypt_ecb_binary(keydata, (unsigned char *) in, &len);
  24. if (keydata && *keydata) {
  25. res = b64enc(bdata, len);
  26. OPENSSL_cleanse(bdata, len);
  27. free(bdata);
  28. return res;
  29. } else {
  30. return (char *) bdata;
  31. }
  32. }
  33. /**
  34. * @brief Encrypt a string with AES 256 ECB
  35. * @param key The key to encrypt with
  36. * @param data The string to encrypt
  37. * @return A new, encrypted string
  38. */
  39. bd::String encrypt_string(const bd::String& key, const bd::String& data) {
  40. if (!key) return data;
  41. size_t len = data.length();
  42. char *bdata = (char*) aes_encrypt_ecb_binary(key.c_str(), (unsigned char*) data.c_str(), &len);
  43. bd::String encrypted(bdata, len);
  44. free(bdata);
  45. return encrypted;
  46. }
  47. /**
  48. * @brief Encrypt a string with AES 256 CBC
  49. * @param key The key to encrypt with
  50. * @param data The string to encrypt
  51. * @param IV The IV to use (WARNING: This is modified inplace)
  52. * @return A new, encrypted string
  53. */
  54. bd::String encrypt_string_cbc(const bd::String& key, const bd::String& data, unsigned char* IV) {
  55. if (!key) return data;
  56. size_t len = data.length();
  57. char *bdata = (char*) aes_encrypt_cbc_binary(key.c_str(), (unsigned char*) data.c_str(), &len, IV);
  58. bd::String encrypted(bdata, len);
  59. free(bdata);
  60. return encrypted;
  61. }
  62. char *decrypt_string(const char *keydata, char *in)
  63. {
  64. size_t len = strlen(in);
  65. char *buf = NULL, *res = NULL;
  66. if (keydata && *keydata) {
  67. buf = b64dec((const unsigned char *) in, &len);
  68. res = (char *) aes_decrypt_ecb_binary(keydata, (unsigned char *) buf, &len);
  69. OPENSSL_cleanse(buf, len);
  70. free(buf);
  71. return res;
  72. } else {
  73. res = (char *) my_calloc(1, len + 1);
  74. strlcpy(res, in, len + 1);
  75. return res;
  76. }
  77. }
  78. /**
  79. * @brief Decrypt an AES 256 ECB ciphered string
  80. * @param key The key to decrypt with
  81. * @param data The string to decrypt
  82. * @return A new, decrypted string
  83. */
  84. bd::String decrypt_string(const bd::String& key, const bd::String& data) {
  85. if (!key) return data;
  86. size_t len = data.length();
  87. char *bdata = (char*) aes_decrypt_ecb_binary(key.c_str(), (unsigned char*) data.c_str(), &len);
  88. bd::String decrypted(bdata, len);
  89. OPENSSL_cleanse(bdata, len);
  90. free(bdata);
  91. return decrypted;
  92. }
  93. /**
  94. * @brief Decrypt anAES 256 CBC ciphered string
  95. * @param key The key to decrypt with
  96. * @param data The string to decrypt
  97. * @param IV The IV to use (WARNING: This is modified inplace)
  98. * @return A new, decrypted string
  99. */
  100. bd::String decrypt_string_cbc(const bd::String& key, const bd::String& data, unsigned char* IV) {
  101. if (!key) return data;
  102. size_t len = data.length();
  103. char *bdata = (char*) aes_decrypt_cbc_binary(key.c_str(), (unsigned char*) data.c_str(), &len, IV);
  104. bd::String decrypted(bdata, len);
  105. OPENSSL_cleanse(bdata, len);
  106. free(bdata);
  107. return decrypted;
  108. }
  109. int salted_sha1cmp(const char *salted_hash, const char *string) {
  110. char* cmp = salted_sha1(string, &salted_hash[1]); //Pass in the salt from the given hash
  111. int n = strcmp(salted_hash, cmp);
  112. free(cmp);
  113. return n;
  114. }
  115. char *salted_sha1(const char *in, const char* saltin)
  116. {
  117. char *tmp = NULL, buf[101] = "", *ret = NULL;
  118. size_t ret_size = 0;
  119. /* Create a 5 byte salt */
  120. char salt[SHA1_SALT_LEN + 1] = "";
  121. if (saltin) {
  122. strlcpy(salt, saltin, sizeof(salt));
  123. } else {
  124. make_rand_str(salt, sizeof(salt) - 1);
  125. }
  126. /* SHA1 the salt+password */
  127. simple_snprintf(buf, sizeof(buf), STR("%s%s"), salt, in);
  128. tmp = SHA1(buf);
  129. ret_size = SHA1_SALTED_LEN + 1;
  130. ret = (char *) my_calloc(1, ret_size);
  131. simple_snprintf(ret, ret_size, STR("+%s$%s"), salt, tmp);
  132. /* Wipe cleartext pass from sha1 buffers/tmp */
  133. SHA1(NULL);
  134. return ret;
  135. }
  136. void Encrypt_File(char *infile, char *outfile)
  137. {
  138. const char salt1[] = SALT1;
  139. bd::Stream stream_in;
  140. EncryptedStream stream_out(salt1);
  141. stream_in.loadFile(infile);
  142. stream_out << bd::String(stream_in);
  143. stream_out.writeFile(outfile);
  144. }
  145. void Decrypt_File(char *infile, char *outfile)
  146. {
  147. const char salt1[] = SALT1;
  148. bd::Stream stream_out;
  149. EncryptedStream stream_in(salt1);
  150. stream_in.loadFile(infile);
  151. stream_out << bd::String(stream_in);
  152. stream_out.writeFile(outfile);
  153. }
  154. char *MD5(const char *string)
  155. {
  156. static int n = 0;
  157. static char ret[5][MD5_HASH_LENGTH + 1];
  158. //Cleanse the current buffer
  159. if (!string) {
  160. OPENSSL_cleanse(ret[n], MD5_HASH_LENGTH + 1);
  161. return NULL;
  162. }
  163. char* md5string = ret[n++];
  164. unsigned char md5out[MD5_HASH_LENGTH + 1] = "";
  165. MD5_CTX ctx;
  166. MD5_Init(&ctx);
  167. MD5_Update(&ctx, string, strlen(string));
  168. MD5_Final(md5out, &ctx);
  169. btoh(md5out, MD5_DIGEST_LENGTH, md5string, MD5_HASH_LENGTH + 1);
  170. OPENSSL_cleanse(&ctx, sizeof(ctx));
  171. if (n == 5) n = 0;
  172. return md5string;
  173. }
  174. int md5cmp(const char *hash, const char *string) {
  175. int n = strcmp(hash, MD5(string));
  176. MD5(NULL);
  177. return n;
  178. }
  179. char *SHA1(const char *string)
  180. {
  181. static int n = 0;
  182. static char ret[5][SHA_HASH_LENGTH + 1];
  183. //Cleanse the current buffer
  184. if (!string) {
  185. OPENSSL_cleanse(ret[n], SHA_HASH_LENGTH + 1);
  186. return NULL;
  187. }
  188. char* sha1string = ret[n++];
  189. unsigned char sha1out[SHA_HASH_LENGTH + 1] = "";
  190. SHA_CTX ctx;
  191. SHA1_Init(&ctx);
  192. SHA1_Update(&ctx, string, strlen(string));
  193. SHA1_Final(sha1out, &ctx);
  194. btoh(sha1out, SHA_DIGEST_LENGTH, sha1string, SHA_HASH_LENGTH + 1);
  195. OPENSSL_cleanse(&ctx, sizeof(ctx));
  196. if (n == 5) n = 0;
  197. return sha1string;
  198. }
  199. int sha1cmp(const char *hash, const char *string) {
  200. int n = strcmp(hash, SHA1(string));
  201. SHA1(NULL);
  202. return n;
  203. }
  204. void btoh(const unsigned char *md, size_t md_len, char *buf, const size_t buf_len)
  205. {
  206. #define doblock(n) simple_snprintf(&(buf[(i + n) << 1]), buf_len - ((i + n) << 1), "%02x", md[i + n]);
  207. for (size_t i = 0; i < md_len; i+=4) {
  208. doblock(0);
  209. doblock(1);
  210. doblock(2);
  211. doblock(3);
  212. }
  213. }