crypt.c 8.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415
  1. /*
  2. * crypt.c -- handles:
  3. * psybnc crypt()
  4. * File encryption
  5. *
  6. */
  7. #include "common.h"
  8. #include "crypt.h"
  9. #include "settings.h"
  10. #include "misc.h"
  11. #include "base64.h"
  12. #include "src/crypto/crypto.h"
  13. #include <stdarg.h>
  14. #define CRYPT_BLOCKSIZE AES_BLOCK_SIZE
  15. #define CRYPT_KEYBITS 256
  16. #define CRYPT_KEYSIZE (CRYPT_KEYBITS >> 3)
  17. AES_KEY e_key, d_key;
  18. unsigned char *
  19. encrypt_binary(const char *keydata, unsigned char *in, size_t *inlen)
  20. {
  21. size_t len = *inlen;
  22. int blocks = 0, block = 0;
  23. unsigned char *out = NULL;
  24. /* First pad indata to CRYPT_BLOCKSIZE multiple */
  25. if (len % CRYPT_BLOCKSIZE) /* more than 1 block? */
  26. len += (CRYPT_BLOCKSIZE - (len % CRYPT_BLOCKSIZE));
  27. out = (unsigned char *) my_calloc(1, len + 1);
  28. egg_memcpy(out, in, *inlen);
  29. *inlen = len;
  30. if (!keydata || !*keydata) {
  31. /* No key, no encryption */
  32. egg_memcpy(out, in, len);
  33. } else {
  34. char key[CRYPT_KEYSIZE + 1] = "";
  35. strlcpy(key, keydata, sizeof(key));
  36. AES_set_encrypt_key((const unsigned char *) key, CRYPT_KEYBITS, &e_key);
  37. /* Now loop through the blocks and crypt them */
  38. blocks = len / CRYPT_BLOCKSIZE;
  39. for (block = blocks - 1; block >= 0; block--)
  40. AES_encrypt(&out[block * CRYPT_BLOCKSIZE], &out[block * CRYPT_BLOCKSIZE], &e_key);
  41. }
  42. out[len] = 0;
  43. return out;
  44. }
  45. unsigned char *
  46. decrypt_binary(const char *keydata, unsigned char *in, size_t *len)
  47. {
  48. int blocks = 0, block = 0;
  49. unsigned char *out = NULL;
  50. *len -= *len % CRYPT_BLOCKSIZE;
  51. out = (unsigned char *) my_calloc(1, *len + 1);
  52. egg_memcpy(out, in, *len);
  53. if (!keydata || !*keydata) {
  54. /* No key, no decryption */
  55. } else {
  56. /* Init/fetch key */
  57. char key[CRYPT_KEYSIZE + 1] = "";
  58. strlcpy(key, keydata, sizeof(key));
  59. AES_set_decrypt_key((const unsigned char *) key, CRYPT_KEYBITS, &d_key);
  60. /* Now loop through the blocks and crypt them */
  61. blocks = *len / CRYPT_BLOCKSIZE;
  62. for (block = blocks - 1; block >= 0; block--)
  63. AES_decrypt(&out[block * CRYPT_BLOCKSIZE], &out[block * CRYPT_BLOCKSIZE], &d_key);
  64. }
  65. return out;
  66. }
  67. char *encrypt_string(const char *keydata, char *in)
  68. {
  69. size_t len = 0;
  70. unsigned char *bdata = NULL;
  71. char *res = NULL;
  72. len = strlen(in);
  73. bdata = encrypt_binary(keydata, (unsigned char *) in, &len);
  74. if (keydata && *keydata) {
  75. res = b64enc(bdata, len);
  76. free(bdata);
  77. return res;
  78. } else {
  79. return (char *) bdata;
  80. }
  81. }
  82. char *decrypt_string(const char *keydata, char *in)
  83. {
  84. size_t len = strlen(in);
  85. char *buf = NULL, *res = NULL;
  86. if (keydata && *keydata) {
  87. buf = b64dec((const unsigned char *) in, &len);
  88. res = (char *) decrypt_binary(keydata, (unsigned char *) buf, &len);
  89. free(buf);
  90. return res;
  91. } else {
  92. res = (char *) my_calloc(1, len + 1);
  93. strcpy(res, in);
  94. return res;
  95. }
  96. }
  97. void encrypt_cmd_pass(char *in, char *out)
  98. {
  99. char *tmp = NULL;
  100. if (strlen(in) > MAXPASSLEN)
  101. in[MAXPASSLEN] = 0;
  102. tmp = encrypt_string(in, in);
  103. strcpy(out, "+");
  104. strlcat(out, tmp, MAXPASSLEN + 1);
  105. out[MAXPASSLEN] = 0;
  106. free(tmp);
  107. }
  108. static char *user_key(struct userrec *u)
  109. {
  110. /* FIXME: fix after 1.2.3 */
  111. return u->handle;
  112. }
  113. char *encrypt_pass(struct userrec *u, char *in)
  114. {
  115. char *tmp = NULL, buf[101] = "", *ret = NULL;
  116. size_t ret_size = 0;
  117. if (strlen(in) > MAXPASSLEN)
  118. in[MAXPASSLEN] = 0;
  119. simple_snprintf(buf, sizeof(buf), "%s-%s", settings.salt2, in);
  120. tmp = encrypt_string(user_key(u), buf);
  121. OPENSSL_cleanse(buf, sizeof(buf));
  122. ret_size = strlen(tmp) + 1 + 1;
  123. ret = (char *) my_calloc(1, ret_size);
  124. simple_snprintf(ret, ret_size, "+%s", tmp);
  125. free(tmp);
  126. return ret;
  127. }
  128. char *decrypt_pass(struct userrec *u)
  129. {
  130. char *tmp = NULL, *p = NULL, *ret = NULL, *pass = NULL;
  131. pass = (char *) get_user(&USERENTRY_PASS, u);
  132. if (pass && pass[0] == '+') {
  133. tmp = decrypt_string(user_key(u), &pass[1]);
  134. if ((p = strchr(tmp, '-')))
  135. ret = strdup(++p);
  136. free(tmp);
  137. }
  138. if (!ret)
  139. ret = (char *) my_calloc(1, 1);
  140. return ret;
  141. }
  142. /*
  143. static char *passkey()
  144. {
  145. static char key[SHA1_HASH_LENGTH + 1] = "";
  146. if (key[0])
  147. return key;
  148. char *tmp = my_calloc(1, 512);
  149. simple_sprintf(tmp, "%s-%s.%s!%s", settings.salt1, settings.salt2, settings.packname, settings.bdhash);
  150. key = SHA1(tmp);
  151. free(tmp);
  152. egg_bzero(tmp, 512);
  153. return key;
  154. }
  155. void encrypt_pass_new(char *s1, char *s2)
  156. {
  157. char *tmp = NULL;
  158. if (strlen(s1) > MAXPASSLEN)
  159. s1[MAXPASSLEN] = 0;
  160. tmp = encrypt_string(s1, passkey);
  161. strcpy(s2, "+");
  162. strlcat(s2, tmp, MAXPASSLEN + 1);
  163. s2[MAXPASSLEN] = 0;
  164. free(tmp);
  165. }
  166. */
  167. int lfprintf (FILE *stream, const char *format, ...)
  168. {
  169. va_list va;
  170. char buf[2048] = "", *ln = NULL, *nln = NULL, *tmp = NULL;
  171. int res;
  172. va_start(va, format);
  173. egg_vsnprintf(buf, sizeof buf, format, va);
  174. va_end(va);
  175. ln = buf;
  176. while (ln && *ln) {
  177. if ((nln = strchr(ln, '\n')))
  178. *nln++ = 0;
  179. tmp = encrypt_string(settings.salt1, ln);
  180. res = fprintf(stream, "%s\n", tmp);
  181. free(tmp);
  182. if (res == EOF)
  183. return EOF;
  184. ln = nln;
  185. }
  186. return 0;
  187. }
  188. void Encrypt_File(char *infile, char *outfile)
  189. {
  190. FILE *f = NULL, *f2 = NULL;
  191. bool std = 0;
  192. if (!strcmp(outfile, "STDOUT"))
  193. std = 1;
  194. f = fopen(infile, "r");
  195. if(!f)
  196. return;
  197. if (!std) {
  198. f2 = fopen(outfile, "w");
  199. if (!f2)
  200. return;
  201. } else {
  202. printf("----------------------------------START----------------------------------\n");
  203. }
  204. char *buf = (char *) my_calloc(1, 1024);
  205. while (fgets(buf, 1024, f) != NULL) {
  206. remove_crlf(buf);
  207. if (std)
  208. printf("%s\n", encrypt_string(settings.salt1, buf));
  209. else
  210. lfprintf(f2, "%s\n", buf);
  211. buf[0] = 0;
  212. }
  213. free(buf);
  214. if (std)
  215. printf("-----------------------------------END-----------------------------------\n");
  216. fclose(f);
  217. if (f2)
  218. fclose(f2);
  219. }
  220. void Decrypt_File(char *infile, char *outfile)
  221. {
  222. FILE *f = NULL, *f2 = NULL;
  223. bool std = 0;
  224. if (!strcmp(outfile, "STDOUT"))
  225. std = 1;
  226. f = fopen(infile, "r");
  227. if (!f)
  228. return;
  229. if (!std) {
  230. f2 = fopen(outfile, "w");
  231. if (!f2)
  232. return;
  233. } else {
  234. printf("----------------------------------START----------------------------------\n");
  235. }
  236. char *buf = (char *) my_calloc(1, 2048);
  237. while (fgets(buf, 2048, f) != NULL) {
  238. char *temps = NULL;
  239. remove_crlf(buf);
  240. temps = (char *) decrypt_string(settings.salt1, buf);
  241. if (!std)
  242. fprintf(f2, "%s\n",temps);
  243. else
  244. printf("%s\n", temps);
  245. free(temps);
  246. buf[0] = 0;
  247. }
  248. free(buf);
  249. if (std)
  250. printf("-----------------------------------END-----------------------------------\n");
  251. fclose(f);
  252. if (f2)
  253. fclose(f2);
  254. }
  255. char *MD5(const char *string)
  256. {
  257. static int n = 0;
  258. static char ret[5][MD5_HASH_LENGTH + 1];
  259. char* md5string = ret[n++];
  260. unsigned char md5out[MD5_HASH_LENGTH + 1] = "";
  261. MD5_CTX ctx;
  262. MD5_Init(&ctx);
  263. MD5_Update(&ctx, string, strlen(string));
  264. MD5_Final(md5out, &ctx);
  265. strlcpy(md5string, btoh(md5out, MD5_DIGEST_LENGTH), MD5_HASH_LENGTH + 1);
  266. OPENSSL_cleanse(&ctx, sizeof(ctx));
  267. if (n == 5) n = 0;
  268. return md5string;
  269. }
  270. char *
  271. MD5FILE(const char *bin)
  272. {
  273. FILE *f = NULL;
  274. if (!(f = fopen(bin, "rb")))
  275. return "";
  276. static char md5string[MD5_HASH_LENGTH + 1] = "";
  277. unsigned char md5out[MD5_HASH_LENGTH + 1] = "", buffer[1024] = "";
  278. MD5_CTX ctx;
  279. size_t binsize = 0, len = 0;
  280. MD5_Init(&ctx);
  281. while ((len = fread(buffer, 1, sizeof buffer, f))) {
  282. binsize += len;
  283. MD5_Update(&ctx, buffer, len);
  284. }
  285. MD5_Final(md5out, &ctx);
  286. strlcpy(md5string, btoh(md5out, MD5_DIGEST_LENGTH), sizeof(md5string));
  287. OPENSSL_cleanse(&ctx, sizeof(ctx));
  288. return md5string;
  289. }
  290. char *SHA1(const char *string)
  291. {
  292. static int n = 0;
  293. static char ret[5][SHA_HASH_LENGTH + 1];
  294. char* sha1string = ret[n++];
  295. unsigned char sha1out[SHA_HASH_LENGTH + 1] = "";
  296. SHA_CTX ctx;
  297. SHA1_Init(&ctx);
  298. SHA1_Update(&ctx, string, strlen(string));
  299. SHA1_Final(sha1out, &ctx);
  300. strlcpy(sha1string, btoh(sha1out, SHA_DIGEST_LENGTH), SHA_HASH_LENGTH + 1);
  301. OPENSSL_cleanse(&ctx, sizeof(ctx));
  302. if (n == 5) n = 0;
  303. return sha1string;
  304. }
  305. /* convert binary hashes to hex */
  306. char *btoh(const unsigned char *md, size_t len)
  307. {
  308. char buf[100] = "", *ret = NULL;
  309. for (size_t i = 0; i < len; i+=4) {
  310. sprintf(&(buf[i << 1]), "%02x", md[i]);
  311. sprintf(&(buf[(i + 1) << 1]), "%02x", md[i + 1]);
  312. sprintf(&(buf[(i + 2) << 1]), "%02x", md[i + 2]);
  313. sprintf(&(buf[(i + 3) << 1]), "%02x", md[i + 3]);
  314. }
  315. ret = buf;
  316. return ret;
  317. }
  318. #ifdef k
  319. void do_crypt_console()
  320. {
  321. char inbuf[1024] = "";
  322. int which = 5;
  323. char *p = NULL;
  324. printf("Crypt menu:\n");
  325. printf("-----------\n");
  326. printf("1) String\n");
  327. printf("2) File\n");
  328. printf("1) MD5\n");
  329. printf("2) SHA1\n");
  330. printf("3) AES256 (binary)\n");
  331. printf("4) AES256+base64\n");
  332. printf("5) exit\n");
  333. printf("\n");
  334. printf("[5]: ");
  335. fgets(inbuf, sizeof(inbuf), stdin);
  336. if ((p = strchr(inbuf, '\n')))
  337. *p = 0;
  338. which = atoi(inbuf);
  339. switch (which) {
  340. case
  341. }
  342. #endif