crypt.c 8.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414
  1. /*
  2. * crypt.c -- handles:
  3. * psybnc crypt()
  4. * File encryption
  5. *
  6. */
  7. #include "common.h"
  8. #include "crypt.h"
  9. #include "settings.h"
  10. #include "misc.h"
  11. #include "base64.h"
  12. #include "src/crypto/crypto.h"
  13. #include <stdarg.h>
  14. #define CRYPT_BLOCKSIZE AES_BLOCK_SIZE
  15. #define CRYPT_KEYBITS 256
  16. #define CRYPT_KEYSIZE (CRYPT_KEYBITS >> 3)
  17. AES_KEY e_key, d_key;
  18. unsigned char *
  19. encrypt_binary(const char *keydata, unsigned char *in, size_t *inlen)
  20. {
  21. size_t len = *inlen;
  22. int blocks = 0, block = 0;
  23. unsigned char *out = NULL;
  24. /* First pad indata to CRYPT_BLOCKSIZE multiple */
  25. if (len % CRYPT_BLOCKSIZE) /* more than 1 block? */
  26. len += (CRYPT_BLOCKSIZE - (len % CRYPT_BLOCKSIZE));
  27. out = (unsigned char *) my_calloc(1, len + 1);
  28. egg_memcpy(out, in, *inlen);
  29. *inlen = len;
  30. if (!keydata || !*keydata) {
  31. /* No key, no encryption */
  32. egg_memcpy(out, in, len);
  33. } else {
  34. char key[CRYPT_KEYSIZE + 1] = "";
  35. strlcpy(key, keydata, sizeof(key));
  36. AES_set_encrypt_key((const unsigned char *) key, CRYPT_KEYBITS, &e_key);
  37. /* Now loop through the blocks and crypt them */
  38. blocks = len / CRYPT_BLOCKSIZE;
  39. for (block = blocks - 1; block >= 0; block--)
  40. AES_encrypt(&out[block * CRYPT_BLOCKSIZE], &out[block * CRYPT_BLOCKSIZE], &e_key);
  41. }
  42. out[len] = 0;
  43. return out;
  44. }
  45. unsigned char *
  46. decrypt_binary(const char *keydata, unsigned char *in, size_t *len)
  47. {
  48. int blocks = 0, block = 0;
  49. unsigned char *out = NULL;
  50. *len -= *len % CRYPT_BLOCKSIZE;
  51. out = (unsigned char *) my_calloc(1, *len + 1);
  52. egg_memcpy(out, in, *len);
  53. if (!keydata || !*keydata) {
  54. /* No key, no decryption */
  55. } else {
  56. /* Init/fetch key */
  57. char key[CRYPT_KEYSIZE + 1] = "";
  58. strlcpy(key, keydata, sizeof(key));
  59. AES_set_decrypt_key((const unsigned char *) key, CRYPT_KEYBITS, &d_key);
  60. /* Now loop through the blocks and crypt them */
  61. blocks = *len / CRYPT_BLOCKSIZE;
  62. for (block = blocks - 1; block >= 0; block--)
  63. AES_decrypt(&out[block * CRYPT_BLOCKSIZE], &out[block * CRYPT_BLOCKSIZE], &d_key);
  64. }
  65. return out;
  66. }
  67. char *encrypt_string(const char *keydata, char *in)
  68. {
  69. size_t len = 0;
  70. unsigned char *bdata = NULL;
  71. char *res = NULL;
  72. len = strlen(in);
  73. bdata = encrypt_binary(keydata, (unsigned char *) in, &len);
  74. if (keydata && *keydata) {
  75. res = b64enc(bdata, len);
  76. free(bdata);
  77. return res;
  78. } else {
  79. return (char *) bdata;
  80. }
  81. }
  82. char *decrypt_string(const char *keydata, char *in)
  83. {
  84. size_t len = strlen(in);
  85. char *buf = NULL, *res = NULL;
  86. if (keydata && *keydata) {
  87. buf = b64dec((const unsigned char *) in, &len);
  88. res = (char *) decrypt_binary(keydata, (unsigned char *) buf, &len);
  89. free(buf);
  90. return res;
  91. } else {
  92. res = (char *) my_calloc(1, len + 1);
  93. strcpy(res, in);
  94. return res;
  95. }
  96. }
  97. void encrypt_cmd_pass(char *in, char *out)
  98. {
  99. char *tmp = NULL;
  100. if (strlen(in) > MAXPASSLEN)
  101. in[MAXPASSLEN] = 0;
  102. tmp = encrypt_string(in, in);
  103. strcpy(out, "+");
  104. strlcat(out, tmp, MAXPASSLEN + 1);
  105. out[MAXPASSLEN] = 0;
  106. free(tmp);
  107. }
  108. static char *user_key(struct userrec *u)
  109. {
  110. /* FIXME: fix after 1.2.3 */
  111. return u->handle;
  112. }
  113. char *encrypt_pass(struct userrec *u, char *in)
  114. {
  115. char *tmp = NULL, buf[101] = "", *ret = NULL;
  116. size_t ret_size = 0;
  117. if (strlen(in) > MAXPASSLEN)
  118. in[MAXPASSLEN] = 0;
  119. simple_snprintf(buf, sizeof(buf), "%s-%s", settings.salt2, in);
  120. tmp = encrypt_string(user_key(u), buf);
  121. ret_size = strlen(tmp) + 1 + 1;
  122. ret = (char *) my_calloc(1, ret_size);
  123. simple_snprintf(ret, ret_size, "+%s", tmp);
  124. free(tmp);
  125. return ret;
  126. }
  127. char *decrypt_pass(struct userrec *u)
  128. {
  129. char *tmp = NULL, *p = NULL, *ret = NULL, *pass = NULL;
  130. pass = (char *) get_user(&USERENTRY_PASS, u);
  131. if (pass && pass[0] == '+') {
  132. tmp = decrypt_string(user_key(u), &pass[1]);
  133. if ((p = strchr(tmp, '-')))
  134. ret = strdup(++p);
  135. free(tmp);
  136. }
  137. if (!ret)
  138. ret = (char *) my_calloc(1, 1);
  139. return ret;
  140. }
  141. /*
  142. static char *passkey()
  143. {
  144. static char key[SHA1_HASH_LENGTH + 1] = "";
  145. if (key[0])
  146. return key;
  147. char *tmp = my_calloc(1, 512);
  148. simple_sprintf(tmp, "%s-%s.%s!%s", settings.salt1, settings.salt2, settings.packname, settings.bdhash);
  149. key = SHA1(tmp);
  150. free(tmp);
  151. egg_bzero(tmp, 512);
  152. return key;
  153. }
  154. void encrypt_pass_new(char *s1, char *s2)
  155. {
  156. char *tmp = NULL;
  157. if (strlen(s1) > MAXPASSLEN)
  158. s1[MAXPASSLEN] = 0;
  159. tmp = encrypt_string(s1, passkey);
  160. strcpy(s2, "+");
  161. strlcat(s2, tmp, MAXPASSLEN + 1);
  162. s2[MAXPASSLEN] = 0;
  163. free(tmp);
  164. }
  165. */
  166. int lfprintf (FILE *stream, const char *format, ...)
  167. {
  168. va_list va;
  169. char buf[2048] = "", *ln = NULL, *nln = NULL, *tmp = NULL;
  170. int res;
  171. va_start(va, format);
  172. egg_vsnprintf(buf, sizeof buf, format, va);
  173. va_end(va);
  174. ln = buf;
  175. while (ln && *ln) {
  176. if ((nln = strchr(ln, '\n')))
  177. *nln++ = 0;
  178. tmp = encrypt_string(settings.salt1, ln);
  179. res = fprintf(stream, "%s\n", tmp);
  180. free(tmp);
  181. if (res == EOF)
  182. return EOF;
  183. ln = nln;
  184. }
  185. return 0;
  186. }
  187. void Encrypt_File(char *infile, char *outfile)
  188. {
  189. FILE *f = NULL, *f2 = NULL;
  190. bool std = 0;
  191. if (!strcmp(outfile, "STDOUT"))
  192. std = 1;
  193. f = fopen(infile, "r");
  194. if(!f)
  195. return;
  196. if (!std) {
  197. f2 = fopen(outfile, "w");
  198. if (!f2)
  199. return;
  200. } else {
  201. printf("----------------------------------START----------------------------------\n");
  202. }
  203. char *buf = (char *) my_calloc(1, 1024);
  204. while (fgets(buf, 1024, f) != NULL) {
  205. remove_crlf(buf);
  206. if (std)
  207. printf("%s\n", encrypt_string(settings.salt1, buf));
  208. else
  209. lfprintf(f2, "%s\n", buf);
  210. buf[0] = 0;
  211. }
  212. free(buf);
  213. if (std)
  214. printf("-----------------------------------END-----------------------------------\n");
  215. fclose(f);
  216. if (f2)
  217. fclose(f2);
  218. }
  219. void Decrypt_File(char *infile, char *outfile)
  220. {
  221. FILE *f = NULL, *f2 = NULL;
  222. bool std = 0;
  223. if (!strcmp(outfile, "STDOUT"))
  224. std = 1;
  225. f = fopen(infile, "r");
  226. if (!f)
  227. return;
  228. if (!std) {
  229. f2 = fopen(outfile, "w");
  230. if (!f2)
  231. return;
  232. } else {
  233. printf("----------------------------------START----------------------------------\n");
  234. }
  235. char *buf = (char *) my_calloc(1, 2048);
  236. while (fgets(buf, 2048, f) != NULL) {
  237. char *temps = NULL;
  238. remove_crlf(buf);
  239. temps = (char *) decrypt_string(settings.salt1, buf);
  240. if (!std)
  241. fprintf(f2, "%s\n",temps);
  242. else
  243. printf("%s\n", temps);
  244. free(temps);
  245. buf[0] = 0;
  246. }
  247. free(buf);
  248. if (std)
  249. printf("-----------------------------------END-----------------------------------\n");
  250. fclose(f);
  251. if (f2)
  252. fclose(f2);
  253. }
  254. char *MD5(const char *string)
  255. {
  256. static int n = 0;
  257. static char ret[5][MD5_HASH_LENGTH + 1];
  258. char* md5string = ret[n++];
  259. unsigned char md5out[MD5_HASH_LENGTH + 1] = "";
  260. MD5_CTX ctx;
  261. MD5_Init(&ctx);
  262. MD5_Update(&ctx, string, strlen(string));
  263. MD5_Final(md5out, &ctx);
  264. strlcpy(md5string, btoh(md5out, MD5_DIGEST_LENGTH), MD5_HASH_LENGTH + 1);
  265. OPENSSL_cleanse(&ctx, sizeof(ctx));
  266. if (n == 5) n = 0;
  267. return md5string;
  268. }
  269. char *
  270. MD5FILE(const char *bin)
  271. {
  272. FILE *f = NULL;
  273. if (!(f = fopen(bin, "rb")))
  274. return "";
  275. static char md5string[MD5_HASH_LENGTH + 1] = "";
  276. unsigned char md5out[MD5_HASH_LENGTH + 1] = "", buffer[1024] = "";
  277. MD5_CTX ctx;
  278. size_t binsize = 0, len = 0;
  279. MD5_Init(&ctx);
  280. while ((len = fread(buffer, 1, sizeof buffer, f))) {
  281. binsize += len;
  282. MD5_Update(&ctx, buffer, len);
  283. }
  284. MD5_Final(md5out, &ctx);
  285. strlcpy(md5string, btoh(md5out, MD5_DIGEST_LENGTH), sizeof(md5string));
  286. OPENSSL_cleanse(&ctx, sizeof(ctx));
  287. return md5string;
  288. }
  289. char *SHA1(const char *string)
  290. {
  291. static int n = 0;
  292. static char ret[5][SHA_HASH_LENGTH + 1];
  293. char* sha1string = ret[n++];
  294. unsigned char sha1out[SHA_HASH_LENGTH + 1] = "";
  295. SHA_CTX ctx;
  296. SHA1_Init(&ctx);
  297. SHA1_Update(&ctx, string, strlen(string));
  298. SHA1_Final(sha1out, &ctx);
  299. strlcpy(sha1string, btoh(sha1out, SHA_DIGEST_LENGTH), SHA_HASH_LENGTH + 1);
  300. OPENSSL_cleanse(&ctx, sizeof(ctx));
  301. if (n == 5) n = 0;
  302. return sha1string;
  303. }
  304. /* convert binary hashes to hex */
  305. char *btoh(const unsigned char *md, size_t len)
  306. {
  307. char buf[100] = "", *ret = NULL;
  308. for (size_t i = 0; i < len; i+=4) {
  309. sprintf(&(buf[i << 1]), "%02x", md[i]);
  310. sprintf(&(buf[(i + 1) << 1]), "%02x", md[i + 1]);
  311. sprintf(&(buf[(i + 2) << 1]), "%02x", md[i + 2]);
  312. sprintf(&(buf[(i + 3) << 1]), "%02x", md[i + 3]);
  313. }
  314. ret = buf;
  315. return ret;
  316. }
  317. #ifdef k
  318. void do_crypt_console()
  319. {
  320. char inbuf[1024] = "";
  321. int which = 5;
  322. char *p = NULL;
  323. printf("Crypt menu:\n");
  324. printf("-----------\n");
  325. printf("1) String\n");
  326. printf("2) File\n");
  327. printf("1) MD5\n");
  328. printf("2) SHA1\n");
  329. printf("3) AES256 (binary)\n");
  330. printf("4) AES256+base64\n");
  331. printf("5) exit\n");
  332. printf("\n");
  333. printf("[5]: ");
  334. fgets(inbuf, sizeof(inbuf), stdin);
  335. if ((p = strchr(inbuf, '\n')))
  336. *p = 0;
  337. which = atoi(inbuf);
  338. switch (which) {
  339. case
  340. }
  341. #endif