crypt.c 7.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352
  1. /*
  2. * crypt.c -- handles:
  3. * psybnc crypt()
  4. * File encryption
  5. *
  6. */
  7. #include "common.h"
  8. #include "crypt.h"
  9. #include "settings.h"
  10. #include "misc.h"
  11. #include "base64.h"
  12. #include "src/crypto/crypto.h"
  13. #include <stdarg.h>
  14. #define CRYPT_BLOCKSIZE AES_BLOCK_SIZE
  15. #define CRYPT_KEYBITS 256
  16. #define CRYPT_KEYSIZE (CRYPT_KEYBITS >> 3)
  17. AES_KEY e_key, d_key;
  18. unsigned char *
  19. encrypt_binary(const char *keydata, unsigned char *in, size_t *inlen)
  20. {
  21. size_t len = *inlen;
  22. int blocks = 0, block = 0;
  23. unsigned char *out = NULL;
  24. /* First pad indata to CRYPT_BLOCKSIZE multiple */
  25. if (len % CRYPT_BLOCKSIZE) /* more than 1 block? */
  26. len += (CRYPT_BLOCKSIZE - (len % CRYPT_BLOCKSIZE));
  27. out = (unsigned char *) my_calloc(1, len + 1);
  28. egg_memcpy(out, in, *inlen);
  29. *inlen = len;
  30. if (!keydata || !*keydata) {
  31. /* No key, no encryption */
  32. egg_memcpy(out, in, len);
  33. } else {
  34. char key[CRYPT_KEYSIZE + 1] = "";
  35. strlcpy(key, keydata, sizeof(key));
  36. AES_set_encrypt_key((const unsigned char *) key, CRYPT_KEYBITS, &e_key);
  37. /* Now loop through the blocks and crypt them */
  38. blocks = len / CRYPT_BLOCKSIZE;
  39. for (block = blocks - 1; block >= 0; block--)
  40. AES_encrypt(&out[block * CRYPT_BLOCKSIZE], &out[block * CRYPT_BLOCKSIZE], &e_key);
  41. OPENSSL_cleanse(key, sizeof(key));
  42. OPENSSL_cleanse(&e_key, sizeof(e_key));
  43. }
  44. out[len] = 0;
  45. return out;
  46. }
  47. unsigned char *
  48. decrypt_binary(const char *keydata, unsigned char *in, size_t *len)
  49. {
  50. int blocks = 0, block = 0;
  51. unsigned char *out = NULL;
  52. *len -= *len % CRYPT_BLOCKSIZE;
  53. out = (unsigned char *) my_calloc(1, *len + 1);
  54. egg_memcpy(out, in, *len);
  55. if (!keydata || !*keydata) {
  56. /* No key, no decryption */
  57. } else {
  58. /* Init/fetch key */
  59. char key[CRYPT_KEYSIZE + 1] = "";
  60. strlcpy(key, keydata, sizeof(key));
  61. AES_set_decrypt_key((const unsigned char *) key, CRYPT_KEYBITS, &d_key);
  62. /* Now loop through the blocks and crypt them */
  63. blocks = *len / CRYPT_BLOCKSIZE;
  64. for (block = blocks - 1; block >= 0; block--)
  65. AES_decrypt(&out[block * CRYPT_BLOCKSIZE], &out[block * CRYPT_BLOCKSIZE], &d_key);
  66. OPENSSL_cleanse(key, sizeof(key));
  67. OPENSSL_cleanse(&d_key, sizeof(d_key));
  68. }
  69. return out;
  70. }
  71. char *encrypt_string(const char *keydata, char *in)
  72. {
  73. size_t len = 0;
  74. unsigned char *bdata = NULL;
  75. char *res = NULL;
  76. len = strlen(in);
  77. bdata = encrypt_binary(keydata, (unsigned char *) in, &len);
  78. if (keydata && *keydata) {
  79. res = b64enc(bdata, len);
  80. OPENSSL_cleanse(bdata, len);
  81. free(bdata);
  82. return res;
  83. } else {
  84. return (char *) bdata;
  85. }
  86. }
  87. char *decrypt_string(const char *keydata, char *in)
  88. {
  89. size_t len = strlen(in);
  90. char *buf = NULL, *res = NULL;
  91. if (keydata && *keydata) {
  92. buf = b64dec((const unsigned char *) in, &len);
  93. res = (char *) decrypt_binary(keydata, (unsigned char *) buf, &len);
  94. OPENSSL_cleanse(buf, len);
  95. free(buf);
  96. return res;
  97. } else {
  98. res = (char *) my_calloc(1, len + 1);
  99. strlcpy(res, in, len + 1);
  100. return res;
  101. }
  102. }
  103. char *salted_sha1(const char *in, const char* saltin)
  104. {
  105. char *tmp = NULL, buf[101] = "", *ret = NULL;
  106. size_t ret_size = 0;
  107. /* Create a 5 byte salt */
  108. char salt[SHA1_SALT_LEN + 1] = "";
  109. if (saltin) {
  110. strlcpy(salt, saltin, sizeof(salt));
  111. } else {
  112. make_rand_str(salt, sizeof(salt) - 1);
  113. }
  114. /* SHA1 the salt+password */
  115. simple_snprintf(buf, sizeof(buf), STR("%s%s"), salt, in);
  116. tmp = SHA1(buf);
  117. ret_size = SHA1_SALTED_LEN + 1;
  118. ret = (char *) my_calloc(1, ret_size);
  119. simple_snprintf(ret, ret_size, STR("+%s$%s"), salt, tmp);
  120. /* Wipe cleartext pass from sha1 buffers/tmp */
  121. SHA1(NULL);
  122. return ret;
  123. }
  124. int lfprintf (FILE *stream, const char *format, ...)
  125. {
  126. va_list va;
  127. char buf[2048] = "", *ln = NULL, *nln = NULL, *tmp = NULL;
  128. int res;
  129. va_start(va, format);
  130. egg_vsnprintf(buf, sizeof buf, format, va);
  131. va_end(va);
  132. ln = buf;
  133. const char salt1[] = SALT1;
  134. while (ln && *ln) {
  135. if ((nln = strchr(ln, '\n')))
  136. *nln++ = 0;
  137. tmp = encrypt_string(salt1, ln);
  138. res = fprintf(stream, "%s\n", tmp);
  139. free(tmp);
  140. if (res == EOF)
  141. return EOF;
  142. ln = nln;
  143. }
  144. return 0;
  145. }
  146. void Encrypt_File(char *infile, char *outfile)
  147. {
  148. FILE *f = NULL, *f2 = NULL;
  149. bool std = 0;
  150. if (!strcmp(outfile, "STDOUT"))
  151. std = 1;
  152. f = fopen(infile, "r");
  153. if(!f)
  154. return;
  155. if (!std) {
  156. f2 = fopen(outfile, "w");
  157. if (!f2)
  158. return;
  159. } else {
  160. printf(STR("----------------------------------START----------------------------------\n"));
  161. }
  162. char *buf = (char *) my_calloc(1, 1024);
  163. const char salt1[] = SALT1;
  164. while (fgets(buf, 1024, f) != NULL) {
  165. remove_crlf(buf);
  166. if (std)
  167. printf("%s\n", encrypt_string(salt1, buf));
  168. else
  169. lfprintf(f2, "%s\n", buf);
  170. buf[0] = 0;
  171. }
  172. free(buf);
  173. if (std)
  174. printf(STR("-----------------------------------END-----------------------------------\n"));
  175. fclose(f);
  176. if (f2)
  177. fclose(f2);
  178. }
  179. void Decrypt_File(char *infile, char *outfile)
  180. {
  181. FILE *f = NULL, *f2 = NULL;
  182. bool std = 0;
  183. if (!strcmp(outfile, "STDOUT"))
  184. std = 1;
  185. f = fopen(infile, "r");
  186. if (!f)
  187. return;
  188. if (!std) {
  189. f2 = fopen(outfile, "w");
  190. if (!f2)
  191. return;
  192. } else {
  193. printf(STR("----------------------------------START----------------------------------\n"));
  194. }
  195. char *buf = (char *) my_calloc(1, 2048);
  196. const char salt1[] = SALT1;
  197. while (fgets(buf, 2048, f) != NULL) {
  198. char *temps = NULL;
  199. remove_crlf(buf);
  200. temps = (char *) decrypt_string(salt1, buf);
  201. if (!std)
  202. fprintf(f2, "%s\n",temps);
  203. else
  204. printf("%s\n", temps);
  205. free(temps);
  206. buf[0] = 0;
  207. }
  208. free(buf);
  209. if (std)
  210. printf(STR("-----------------------------------END-----------------------------------\n"));
  211. fclose(f);
  212. if (f2)
  213. fclose(f2);
  214. }
  215. char *MD5(const char *string)
  216. {
  217. static int n = 0;
  218. static char ret[5][MD5_HASH_LENGTH + 1];
  219. //Cleanse the current buffer
  220. if (!string) {
  221. OPENSSL_cleanse(ret[n], MD5_HASH_LENGTH + 1);
  222. return NULL;
  223. }
  224. char* md5string = ret[n++];
  225. unsigned char md5out[MD5_HASH_LENGTH + 1] = "";
  226. MD5_CTX ctx;
  227. MD5_Init(&ctx);
  228. MD5_Update(&ctx, string, strlen(string));
  229. MD5_Final(md5out, &ctx);
  230. btoh(md5out, MD5_DIGEST_LENGTH, md5string, MD5_HASH_LENGTH + 1);
  231. OPENSSL_cleanse(&ctx, sizeof(ctx));
  232. if (n == 5) n = 0;
  233. return md5string;
  234. }
  235. int md5cmp(const char *hash, const char *string) {
  236. int n = strcmp(hash, MD5(string));
  237. MD5(NULL);
  238. return n;
  239. }
  240. char *
  241. MD5FILE(const char *bin)
  242. {
  243. FILE *f = NULL;
  244. if (!(f = fopen(bin, "rb")))
  245. return "";
  246. static char md5string[MD5_HASH_LENGTH + 1] = "";
  247. unsigned char md5out[MD5_HASH_LENGTH + 1] = "", buffer[1024] = "";
  248. MD5_CTX ctx;
  249. size_t binsize = 0, len = 0;
  250. MD5_Init(&ctx);
  251. while ((len = fread(buffer, 1, sizeof buffer, f))) {
  252. binsize += len;
  253. MD5_Update(&ctx, buffer, len);
  254. }
  255. MD5_Final(md5out, &ctx);
  256. btoh(md5out, MD5_DIGEST_LENGTH, md5string, sizeof(md5string));
  257. OPENSSL_cleanse(&ctx, sizeof(ctx));
  258. return md5string;
  259. }
  260. char *SHA1(const char *string)
  261. {
  262. static int n = 0;
  263. static char ret[5][SHA_HASH_LENGTH + 1];
  264. //Cleanse the current buffer
  265. if (!string) {
  266. OPENSSL_cleanse(ret[n], SHA_HASH_LENGTH + 1);
  267. return NULL;
  268. }
  269. char* sha1string = ret[n++];
  270. unsigned char sha1out[SHA_HASH_LENGTH + 1] = "";
  271. SHA_CTX ctx;
  272. SHA1_Init(&ctx);
  273. SHA1_Update(&ctx, string, strlen(string));
  274. SHA1_Final(sha1out, &ctx);
  275. btoh(sha1out, SHA_DIGEST_LENGTH, sha1string, SHA_HASH_LENGTH + 1);
  276. OPENSSL_cleanse(&ctx, sizeof(ctx));
  277. if (n == 5) n = 0;
  278. return sha1string;
  279. }
  280. int sha1cmp(const char *hash, const char *string) {
  281. int n = strcmp(hash, SHA1(string));
  282. SHA1(NULL);
  283. return n;
  284. }
  285. void btoh(const unsigned char *md, size_t md_len, char *buf, const size_t buf_len)
  286. {
  287. #define doblock(n) simple_snprintf(&(buf[(i + n) << 1]), buf_len - ((i + n) << 1), "%02x", md[i + n]);
  288. for (size_t i = 0; i < md_len; i+=4) {
  289. doblock(0);
  290. doblock(1);
  291. doblock(2);
  292. doblock(3);
  293. }
  294. }