00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013 #ifdef HAVE_CONFIG_H
00014 # include <config.h>
00015 #endif
00016
00017
00018 #include "cryptkeysym_p.h"
00019 #include <gwenhywfar/misc.h>
00020 #include <gwenhywfar/debug.h>
00021 #include <gwenhywfar/cryptdefs.h>
00022 #include <gwenhywfar/text.h>
00023
00024
00025
00026 GWEN_INHERIT(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM)
00027
00028
00029
00030
00031
00032
00033 int GWEN_Crypt_KeySym_Encipher(GWEN_CRYPT_KEY *k,
00034 const uint8_t *pInData,
00035 uint32_t inLen,
00036 uint8_t *pOutData,
00037 uint32_t *pOutLen) {
00038 GWEN_CRYPT_KEY_SYM *xk;
00039 gcry_error_t err;
00040
00041 assert(k);
00042 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00043 assert(xk);
00044
00045 err=gcry_cipher_encrypt(xk->algoHandle, pOutData, inLen, pInData, inLen);
00046 if (err) {
00047 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_encrypt(): %s", gcry_strerror(err));
00048 return GWEN_ERROR_GENERIC;
00049 }
00050 *pOutLen=inLen;
00051
00052 return 0;
00053 }
00054
00055
00056
00057 int GWEN_Crypt_KeySym_Decipher(GWEN_CRYPT_KEY *k,
00058 const uint8_t *pInData,
00059 uint32_t inLen,
00060 uint8_t *pOutData,
00061 uint32_t *pOutLen) {
00062 GWEN_CRYPT_KEY_SYM *xk;
00063 gcry_error_t err;
00064
00065 assert(k);
00066 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00067 assert(xk);
00068
00069 err=gcry_cipher_decrypt(xk->algoHandle, pOutData, inLen, pInData, inLen);
00070 if (err) {
00071 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_decrypt(): %s", gcry_strerror(err));
00072 return GWEN_ERROR_GENERIC;
00073 }
00074 *pOutLen=inLen;
00075
00076 return 0;
00077 }
00078
00079
00080
00081 GWENHYWFAR_CB
00082 void GWEN_Crypt_KeySym_freeData(void *bp, void *p) {
00083 GWEN_CRYPT_KEY_SYM *xk;
00084
00085 xk=(GWEN_CRYPT_KEY_SYM*) p;
00086 if (xk->keyData && xk->keyLen) {
00087 memset(xk->keyData, 0, xk->keyLen);
00088 free(xk->keyData);
00089 }
00090 xk->keyData=NULL;
00091 xk->keyLen=0;
00092 if (xk->algoValid)
00093 gcry_cipher_close(xk->algoHandle);
00094 GWEN_FREE_OBJECT(xk);
00095 }
00096
00097
00098
00099 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_dup(const GWEN_CRYPT_KEY *k) {
00100 GWEN_CRYPT_KEY *nk;
00101 GWEN_CRYPT_KEY_SYM *xk;
00102
00103 assert(k);
00104 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00105 assert(xk);
00106
00107 nk=GWEN_Crypt_KeySym_fromData(GWEN_Crypt_Key_GetCryptAlgoId(k),
00108 GWEN_Crypt_Key_GetKeySize(k),
00109 xk->mode,
00110 xk->algo,
00111 GCRY_CIPHER_SECURE,
00112 xk->keyData,
00113 xk->keyLen);
00114 return nk;
00115 }
00116
00117
00118
00119 enum gcry_cipher_modes GWEN_Crypt_KeySym__MyMode2GMode(GWEN_CRYPT_CRYPTMODE mode) {
00120 switch(mode) {
00121 case GWEN_Crypt_CryptMode_Unknown: return GCRY_CIPHER_MODE_NONE;
00122 case GWEN_Crypt_CryptMode_None: return GCRY_CIPHER_MODE_NONE;
00123 case GWEN_Crypt_CryptMode_Ecb: return GCRY_CIPHER_MODE_ECB;
00124 case GWEN_Crypt_CryptMode_Cfb: return GCRY_CIPHER_MODE_CFB;
00125 case GWEN_Crypt_CryptMode_Cbc: return GCRY_CIPHER_MODE_CBC;
00126 }
00127
00128 return GCRY_CIPHER_MODE_NONE;
00129 }
00130
00131
00132
00133 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_Generate(GWEN_CRYPT_CRYPTALGOID cryptAlgoId, int keySize,
00134 GWEN_CRYPT_CRYPTMODE mode,
00135 int algo,
00136 unsigned int flags,
00137 int quality) {
00138 GWEN_CRYPT_KEY *k;
00139 GWEN_CRYPT_KEY_SYM *xk;
00140 int kbytes;
00141 uint8_t *keyData;
00142 gcry_error_t err;
00143 enum gcry_random_level q;
00144
00145 k=GWEN_Crypt_Key_new(cryptAlgoId, keySize);
00146 assert(k);
00147 GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_SYM, xk);
00148 GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k, xk, GWEN_Crypt_KeySym_freeData);
00149 GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeySym_Encipher);
00150 GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeySym_Decipher);
00151
00152 switch(quality) {
00153 case 0: q=GCRY_WEAK_RANDOM; break;
00154 case 1: q=GCRY_STRONG_RANDOM; break;
00155 case 2:
00156 default: q=GCRY_VERY_STRONG_RANDOM; break;
00157 }
00158
00159
00160 err=gcry_cipher_open(&xk->algoHandle, algo, GWEN_Crypt_KeySym__MyMode2GMode(mode), flags);
00161 if (err) {
00162 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_open(): %s", gcry_strerror(err));
00163 GWEN_Crypt_Key_free(k);
00164 return NULL;
00165 }
00166 xk->algoValid=1;
00167 xk->mode=mode;
00168
00169 kbytes=keySize/8;
00170 if (keySize % 8)
00171 kbytes++;
00172 keyData=gcry_random_bytes(kbytes, q);
00173
00174
00175 xk->keyData=keyData;
00176 xk->keyLen=kbytes;
00177
00178
00179 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00180 if (err) {
00181 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00182 GWEN_Crypt_Key_free(k);
00183 return NULL;
00184 }
00185
00186 return k;
00187 }
00188
00189
00190
00191 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_fromData(GWEN_CRYPT_CRYPTALGOID cryptAlgoId, int keySize,
00192 GWEN_CRYPT_CRYPTMODE mode,
00193 int algo,
00194 unsigned int flags,
00195 const uint8_t *kd, uint32_t kl) {
00196 GWEN_CRYPT_KEY *k;
00197 GWEN_CRYPT_KEY_SYM *xk;
00198 gcry_error_t err;
00199
00200 if (kl!=gcry_cipher_get_algo_keylen(algo)) {
00201 DBG_ERROR(GWEN_LOGDOMAIN, "Invalid key length (is %d, should be %d)",
00202 (int)kl, (int)gcry_cipher_get_algo_keylen(algo));
00203 return NULL;
00204 }
00205
00206 k=GWEN_Crypt_Key_new(cryptAlgoId, keySize);
00207 assert(k);
00208 GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_SYM, xk);
00209 GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k, xk, GWEN_Crypt_KeySym_freeData);
00210 GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeySym_Encipher);
00211 GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeySym_Decipher);
00212
00213
00214 err=gcry_cipher_open(&xk->algoHandle, algo, GWEN_Crypt_KeySym__MyMode2GMode(mode), flags);
00215 if (err) {
00216 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_open(): %s", gcry_strerror(err));
00217 GWEN_Crypt_Key_free(k);
00218 return NULL;
00219 }
00220 xk->algoValid=1;
00221 xk->mode=mode;
00222 xk->algo=algo;
00223
00224
00225 if (kd==NULL || kl==0) {
00226 DBG_INFO(GWEN_LOGDOMAIN, "No key data");
00227 GWEN_Crypt_Key_free(k);
00228 return NULL;
00229 }
00230
00231
00232 xk->keyData=(uint8_t*) malloc(kl);
00233 assert(xk->keyData);
00234 memmove(xk->keyData, kd, kl);
00235 xk->keyLen=kl;
00236
00237
00238 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00239 if (err) {
00240 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00241 GWEN_Crypt_Key_free(k);
00242 return NULL;
00243 }
00244
00245 return k;
00246 }
00247
00248
00249
00250 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_fromDb(GWEN_CRYPT_CRYPTALGOID cryptAlgoId,
00251 GWEN_CRYPT_CRYPTMODE mode,
00252 int algo,
00253 unsigned int flags,
00254 const char *gname,
00255 GWEN_DB_NODE *db) {
00256 gcry_error_t err;
00257 GWEN_CRYPT_KEY *k;
00258 GWEN_CRYPT_KEY_SYM *xk;
00259 unsigned int nbits;
00260 GWEN_DB_NODE *dbR;
00261 unsigned int len;
00262 const char *p;
00263
00264 dbR=GWEN_DB_GetGroup(db, GWEN_PATH_FLAGS_NAMEMUSTEXIST, gname);
00265 if (dbR==NULL) {
00266 DBG_ERROR(GWEN_LOGDOMAIN, "DB does not contain an %s key (no %s group)",
00267 gname, gname);
00268 return NULL;
00269 }
00270
00271 k=GWEN_Crypt_Key_fromDb(db);
00272 if (k==NULL) {
00273 DBG_INFO(GWEN_LOGDOMAIN, "here");
00274 return NULL;
00275 }
00276 if (GWEN_Crypt_Key_GetCryptAlgoId(k)!=cryptAlgoId) {
00277 DBG_ERROR(GWEN_LOGDOMAIN, "DB does not contain an RSA key");
00278 GWEN_Crypt_Key_free(k);
00279 return NULL;
00280 }
00281 nbits=GWEN_Crypt_Key_GetKeySize(k)*8;
00282
00283
00284 GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_SYM, xk);
00285 GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k, xk, GWEN_Crypt_KeySym_freeData);
00286 GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeySym_Encipher);
00287 GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeySym_Decipher);
00288
00289
00290 err=gcry_cipher_open(&xk->algoHandle, algo, GWEN_Crypt_KeySym__MyMode2GMode(mode), flags);
00291 if (err) {
00292 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_open(): %s", gcry_strerror(err));
00293 GWEN_Crypt_Key_free(k);
00294 return NULL;
00295 }
00296 xk->algoValid=1;
00297 xk->mode=mode;
00298 xk->algo=algo;
00299
00300
00301 p=GWEN_DB_GetBinValue(dbR, "keyData", 0, NULL, 0, &len);
00302 if (p==NULL || len==0) {
00303 DBG_INFO(GWEN_LOGDOMAIN, "No key data");
00304 GWEN_Crypt_Key_free(k);
00305 return NULL;
00306 }
00307
00308
00309 xk->keyData=(uint8_t*) malloc(len);
00310 assert(xk->keyData);
00311 memmove(xk->keyData, p, len);
00312 xk->keyLen=len;
00313
00314
00315 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00316 if (err) {
00317 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00318 GWEN_Crypt_Key_free(k);
00319 return NULL;
00320 }
00321
00322 return k;
00323 }
00324
00325
00326
00327 int GWEN_Crypt_KeySym_toDb(const GWEN_CRYPT_KEY *k, GWEN_DB_NODE *db, const char *gname) {
00328 GWEN_CRYPT_KEY_SYM *xk;
00329 GWEN_DB_NODE *dbR;
00330 int rv;
00331
00332 assert(k);
00333 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00334 assert(xk);
00335
00336
00337 rv=GWEN_Crypt_Key_toDb(k, db);
00338 if (rv)
00339 return rv;
00340
00341
00342 dbR=GWEN_DB_GetGroup(db, GWEN_DB_FLAGS_OVERWRITE_GROUPS, gname);
00343 assert(dbR);
00344
00345 GWEN_DB_SetBinValue(dbR, GWEN_DB_FLAGS_OVERWRITE_VARS,
00346 "keyData", xk->keyData, xk->keyLen);
00347
00348 return 0;
00349 }
00350
00351
00352
00353 int GWEN_Crypt_KeySym_SetKeyData(GWEN_CRYPT_KEY *k, const uint8_t *kd, uint32_t kl) {
00354 GWEN_CRYPT_KEY_SYM *xk;
00355 gcry_error_t err;
00356
00357 if (!kd || !kl) {
00358 DBG_ERROR(GWEN_LOGDOMAIN, "Empty keydata not allowed");
00359 return GWEN_ERROR_INVALID;
00360 }
00361
00362 assert(k);
00363 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00364 assert(xk);
00365
00366 if (xk->keyData && xk->keyLen) {
00367 memset(xk->keyData, 0, xk->keyLen);
00368 free(xk->keyData);
00369 }
00370
00371
00372 xk->keyData=(uint8_t*)malloc(kl);
00373 assert(xk->keyData);
00374 memmove(xk->keyData, kd, kl);
00375 xk->keyLen=kl;
00376
00377
00378 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00379 if (err) {
00380 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00381 GWEN_Crypt_Key_free(k);
00382 return GWEN_ERROR_GENERIC;
00383 }
00384
00385 return 0;
00386 }
00387
00388
00389
00390 uint8_t *GWEN_Crypt_KeySym_GetKeyDataPtr(const GWEN_CRYPT_KEY *k) {
00391 GWEN_CRYPT_KEY_SYM *xk;
00392
00393 assert(k);
00394 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00395 assert(xk);
00396
00397 return xk->keyData;
00398 }
00399
00400
00401
00402 uint32_t GWEN_Crypt_KeySym_GetKeyDataLen(const GWEN_CRYPT_KEY *k) {
00403 GWEN_CRYPT_KEY_SYM *xk;
00404
00405 assert(k);
00406 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00407 assert(xk);
00408
00409 return xk->keyLen;
00410 }
00411
00412
00413
00414
00415 GWEN_CRYPT_KEY *GWEN_Crypt_KeyDes3K_Generate(GWEN_CRYPT_CRYPTMODE mode,
00416 int keySize,
00417 int quality){
00418 uint8_t kd[16];
00419 GWEN_CRYPT_KEY *k;
00420
00421 GWEN_Crypt_Random(quality, kd, 16);
00422 k=GWEN_Crypt_KeyDes3K_fromData(mode, keySize, kd, 16);
00423 memset(kd, 0, 16);
00424
00425 return k;
00426 }
00427
00428
00429
00430 GWEN_CRYPT_KEY *GWEN_Crypt_KeyDes3K_fromData(GWEN_CRYPT_CRYPTMODE mode, int keySize,
00431 const uint8_t *kd, uint32_t kl) {
00432 if (kl==16) {
00433 uint8_t new_kd[24];
00434 GWEN_CRYPT_KEY *k;
00435
00436
00437 memmove(new_kd, kd, 16);
00438 memmove(new_kd+16, new_kd, 8);
00439 k=GWEN_Crypt_KeySym_fromData(GWEN_Crypt_CryptAlgoId_Des3K, 24,
00440 mode, GCRY_CIPHER_3DES, GCRY_CIPHER_SECURE, new_kd, 24);
00441 memset(new_kd, 0, 24);
00442 return k;
00443 }
00444 else
00445 return GWEN_Crypt_KeySym_fromData(GWEN_Crypt_CryptAlgoId_Des3K, keySize,
00446 mode, GCRY_CIPHER_3DES, GCRY_CIPHER_SECURE, kd, kl);
00447 }
00448
00449
00450
00451 GWEN_CRYPT_KEY *GWEN_Crypt_KeyDes3K_fromDb(GWEN_CRYPT_CRYPTMODE mode,
00452 GWEN_DB_NODE *db) {
00453 return GWEN_Crypt_KeySym_fromDb(GWEN_Crypt_CryptAlgoId_Des3K, mode,
00454 GCRY_CIPHER_3DES, GCRY_CIPHER_SECURE, "des3k", db);
00455 }
00456
00457
00458
00459 int GWEN_Crypt_KeyDes3K_toDb(const GWEN_CRYPT_KEY *k, GWEN_DB_NODE *db) {
00460 return GWEN_Crypt_KeySym_toDb(k, db, "des3k");
00461 }
00462
00463
00464
00465 int GWEN_Crypt_KeyDes3K_SetKeyData(GWEN_CRYPT_KEY *k, const uint8_t *kd, uint32_t kl) {
00466 if (kl==16) {
00467 uint8_t new_kd[24];
00468 int rv;
00469
00470
00471 memmove(new_kd, kd, 16);
00472 memmove(new_kd+16, new_kd, 8);
00473 rv=GWEN_Crypt_KeySym_SetKeyData(k, new_kd, 24);
00474 memset(new_kd, 0, 24);
00475 return rv;
00476 }
00477 else
00478 return GWEN_Crypt_KeySym_SetKeyData(k, kd, kl);
00479 }
00480
00481
00482
00483 uint8_t *GWEN_Crypt_KeyDes3K_GetKeyDataPtr(const GWEN_CRYPT_KEY *k) {
00484 return GWEN_Crypt_KeySym_GetKeyDataPtr(k);
00485 }
00486
00487
00488
00489 uint32_t GWEN_Crypt_KeyDes3K_GetKeyDataLen(const GWEN_CRYPT_KEY *k) {
00490 return GWEN_Crypt_KeySym_GetKeyDataLen(k);
00491 }
00492
00493
00494
00495 int GWEN_Crypt_KeyDes3K_SetIV(GWEN_CRYPT_KEY *k,
00496 const uint8_t *kd,
00497 uint32_t kl) {
00498 GWEN_CRYPT_KEY_SYM *xk;
00499 gcry_error_t err;
00500
00501 assert(k);
00502 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00503 assert(xk);
00504
00505 if (kd==NULL || kl==0) {
00506 const uint8_t iv[]={
00507 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
00508 };
00509 err=gcry_cipher_setiv(xk->algoHandle, iv, sizeof(iv));
00510 }
00511 else
00512 err=gcry_cipher_setiv(xk->algoHandle, kd, kl);
00513 if (err) {
00514 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setiv(): %s", gcry_strerror(err));
00515 return GWEN_ERROR_GENERIC;
00516 }
00517
00518 return 0;
00519 }
00520
00521
00522
00523
00524
00525
00526
00527 GWEN_CRYPT_KEY *GWEN_Crypt_KeyBlowFish_Generate(GWEN_CRYPT_CRYPTMODE mode,
00528 int keySize,
00529 int quality){
00530 return GWEN_Crypt_KeySym_Generate(GWEN_Crypt_CryptAlgoId_BlowFish, keySize, mode,
00531 GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_SECURE, quality);
00532 }
00533
00534
00535
00536 GWEN_CRYPT_KEY *GWEN_Crypt_KeyBlowFish_fromData(GWEN_CRYPT_CRYPTMODE mode, int keySize,
00537 const uint8_t *kd, uint32_t kl) {
00538 return GWEN_Crypt_KeySym_fromData(GWEN_Crypt_CryptAlgoId_BlowFish, keySize, mode,
00539 GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_SECURE,
00540 kd, kl);
00541 }
00542
00543
00544
00545 GWEN_CRYPT_KEY *GWEN_Crypt_KeyBlowFish_fromDb(GWEN_CRYPT_CRYPTMODE mode,
00546 GWEN_DB_NODE *db) {
00547 return GWEN_Crypt_KeySym_fromDb(GWEN_Crypt_CryptAlgoId_BlowFish, mode,
00548 GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_SECURE, "blowFish", db);
00549 }
00550
00551
00552
00553 int GWEN_Crypt_KeyBlowFish_toDb(const GWEN_CRYPT_KEY *k, GWEN_DB_NODE *db) {
00554 return GWEN_Crypt_KeySym_toDb(k, db, "blowFish");
00555 }
00556
00557
00558
00559 int GWEN_Crypt_KeyBlowFish_SetKeyData(GWEN_CRYPT_KEY *k, const uint8_t *kd, uint32_t kl) {
00560 return GWEN_Crypt_KeySym_SetKeyData(k, kd, kl);
00561 }
00562
00563
00564
00565 uint8_t *GWEN_Crypt_KeyBlowFish_GetKeyDataPtr(const GWEN_CRYPT_KEY *k) {
00566 return GWEN_Crypt_KeySym_GetKeyDataPtr(k);
00567 }
00568
00569
00570
00571 uint32_t GWEN_Crypt_KeyBlowFish_GetKeyDataLen(const GWEN_CRYPT_KEY *k) {
00572 return GWEN_Crypt_KeySym_GetKeyDataLen(k);
00573 }
00574
00575
00576
00577
00578
00579
00580
00581
00582
00583