00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013 #ifdef HAVE_CONFIG_H
00014 # include <config.h>
00015 #endif
00016
00017
00018 #include "cryptkeysym_p.h"
00019 #include <gwenhywfar/misc.h>
00020 #include <gwenhywfar/debug.h>
00021 #include <gwenhywfar/cryptdefs.h>
00022 #include <gwenhywfar/text.h>
00023
00024
00025
00026 GWEN_INHERIT(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM)
00027
00028
00029
00030
00031
00032
00033 int GWEN_Crypt_KeySym_Encipher(GWEN_CRYPT_KEY *k,
00034 const uint8_t *pInData,
00035 uint32_t inLen,
00036 uint8_t *pOutData,
00037 uint32_t *pOutLen) {
00038 GWEN_CRYPT_KEY_SYM *xk;
00039 gcry_error_t err;
00040
00041 assert(k);
00042 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00043 assert(xk);
00044
00045 err=gcry_cipher_encrypt(xk->algoHandle, pOutData, inLen, pInData, inLen);
00046 if (err) {
00047 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_encrypt(): %s", gcry_strerror(err));
00048 return GWEN_ERROR_GENERIC;
00049 }
00050 *pOutLen=inLen;
00051
00052 return 0;
00053 }
00054
00055
00056
00057 int GWEN_Crypt_KeySym_Decipher(GWEN_CRYPT_KEY *k,
00058 const uint8_t *pInData,
00059 uint32_t inLen,
00060 uint8_t *pOutData,
00061 uint32_t *pOutLen) {
00062 GWEN_CRYPT_KEY_SYM *xk;
00063 gcry_error_t err;
00064
00065 assert(k);
00066 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00067 assert(xk);
00068
00069 err=gcry_cipher_decrypt(xk->algoHandle, pOutData, inLen, pInData, inLen);
00070 if (err) {
00071 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_decrypt(): %s", gcry_strerror(err));
00072 return GWEN_ERROR_GENERIC;
00073 }
00074 *pOutLen=inLen;
00075
00076 return 0;
00077 }
00078
00079
00080
00081 GWENHYWFAR_CB
00082 void GWEN_Crypt_KeySym_freeData(GWEN_UNUSED void *bp, void *p) {
00083 GWEN_CRYPT_KEY_SYM *xk;
00084
00085 xk=(GWEN_CRYPT_KEY_SYM*) p;
00086 if (xk->keyData && xk->keyLen) {
00087 memset(xk->keyData, 0, xk->keyLen);
00088 free(xk->keyData);
00089 }
00090 xk->keyData=NULL;
00091 xk->keyLen=0;
00092 if (xk->algoValid)
00093 gcry_cipher_close(xk->algoHandle);
00094 GWEN_FREE_OBJECT(xk);
00095 }
00096
00097
00098
00099 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_dup(const GWEN_CRYPT_KEY *k) {
00100 GWEN_CRYPT_KEY *nk;
00101 GWEN_CRYPT_KEY_SYM *xk;
00102
00103 assert(k);
00104 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00105 assert(xk);
00106
00107 nk=GWEN_Crypt_KeySym_fromData(GWEN_Crypt_Key_GetCryptAlgoId(k),
00108 GWEN_Crypt_Key_GetKeySize(k),
00109 xk->mode,
00110 xk->algo,
00111 GCRY_CIPHER_SECURE,
00112 xk->keyData,
00113 xk->keyLen);
00114 return nk;
00115 }
00116
00117
00118
00119 enum gcry_cipher_modes GWEN_Crypt_KeySym__MyMode2GMode(GWEN_CRYPT_CRYPTMODE mode) {
00120 switch(mode) {
00121 case GWEN_Crypt_CryptMode_Unknown: return GCRY_CIPHER_MODE_NONE;
00122 case GWEN_Crypt_CryptMode_None: return GCRY_CIPHER_MODE_NONE;
00123 case GWEN_Crypt_CryptMode_Ecb: return GCRY_CIPHER_MODE_ECB;
00124 case GWEN_Crypt_CryptMode_Cfb: return GCRY_CIPHER_MODE_CFB;
00125 case GWEN_Crypt_CryptMode_Cbc: return GCRY_CIPHER_MODE_CBC;
00126 }
00127
00128 return GCRY_CIPHER_MODE_NONE;
00129 }
00130
00131
00132
00133 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_Generate(GWEN_CRYPT_CRYPTALGOID cryptAlgoId, int keySize,
00134 GWEN_CRYPT_CRYPTMODE mode,
00135 int algo,
00136 unsigned int flags,
00137 int quality) {
00138 GWEN_CRYPT_KEY *k;
00139 GWEN_CRYPT_KEY_SYM *xk;
00140 int kbytes;
00141 uint8_t *keyData;
00142 gcry_error_t err;
00143 enum gcry_random_level q;
00144
00145 k=GWEN_Crypt_Key_new(cryptAlgoId, keySize);
00146 assert(k);
00147 GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_SYM, xk);
00148 GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k, xk, GWEN_Crypt_KeySym_freeData);
00149 GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeySym_Encipher);
00150 GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeySym_Decipher);
00151
00152 switch(quality) {
00153 case 0: q=GCRY_WEAK_RANDOM; break;
00154 case 1: q=GCRY_STRONG_RANDOM; break;
00155 case 2:
00156 default: q=GCRY_VERY_STRONG_RANDOM; break;
00157 }
00158
00159
00160 err=gcry_cipher_open(&xk->algoHandle, algo, GWEN_Crypt_KeySym__MyMode2GMode(mode), flags);
00161 if (err) {
00162 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_open(): %s", gcry_strerror(err));
00163 GWEN_Crypt_Key_free(k);
00164 return NULL;
00165 }
00166 xk->algoValid=1;
00167 xk->mode=mode;
00168
00169 #if 0
00170 kbytes=keySize/8;
00171 if (keySize % 8)
00172 kbytes++;
00173 #else
00174 kbytes=keySize;
00175 #endif
00176 keyData=gcry_random_bytes(kbytes, q);
00177
00178
00179 xk->keyData=keyData;
00180 xk->keyLen=kbytes;
00181
00182
00183 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00184 if (err) {
00185 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00186 GWEN_Crypt_Key_free(k);
00187 return NULL;
00188 }
00189
00190 return k;
00191 }
00192
00193
00194
00195 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_fromData(GWEN_CRYPT_CRYPTALGOID cryptAlgoId, int keySize,
00196 GWEN_CRYPT_CRYPTMODE mode,
00197 int algo,
00198 unsigned int flags,
00199 const uint8_t *kd, uint32_t kl) {
00200 GWEN_CRYPT_KEY *k;
00201 GWEN_CRYPT_KEY_SYM *xk;
00202 gcry_error_t err;
00203
00204 #if 0
00205 if (kl!=gcry_cipher_get_algo_keylen(algo)) {
00206 DBG_ERROR(GWEN_LOGDOMAIN, "Invalid key length (is %d, should be %d)",
00207 (int)kl, (int)gcry_cipher_get_algo_keylen(algo));
00208 return NULL;
00209 }
00210 #endif
00211
00212 k=GWEN_Crypt_Key_new(cryptAlgoId, keySize);
00213 assert(k);
00214 GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_SYM, xk);
00215 GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k, xk, GWEN_Crypt_KeySym_freeData);
00216 GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeySym_Encipher);
00217 GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeySym_Decipher);
00218
00219
00220 err=gcry_cipher_open(&xk->algoHandle, algo, GWEN_Crypt_KeySym__MyMode2GMode(mode), flags);
00221 if (err) {
00222 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_open(): %s", gcry_strerror(err));
00223 GWEN_Crypt_Key_free(k);
00224 return NULL;
00225 }
00226 xk->algoValid=1;
00227 xk->mode=mode;
00228 xk->algo=algo;
00229
00230
00231 if (kd==NULL || kl==0) {
00232 DBG_INFO(GWEN_LOGDOMAIN, "No key data");
00233 GWEN_Crypt_Key_free(k);
00234 return NULL;
00235 }
00236
00237
00238 xk->keyData=(uint8_t*) malloc(kl);
00239 assert(xk->keyData);
00240 memmove(xk->keyData, kd, kl);
00241 xk->keyLen=kl;
00242
00243
00244 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00245 if (err) {
00246 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00247 GWEN_Crypt_Key_free(k);
00248 return NULL;
00249 }
00250
00251 return k;
00252 }
00253
00254
00255
00256 GWEN_CRYPT_KEY *GWEN_Crypt_KeySym_fromDb(GWEN_CRYPT_CRYPTALGOID cryptAlgoId,
00257 GWEN_CRYPT_CRYPTMODE mode,
00258 int algo,
00259 unsigned int flags,
00260 const char *gname,
00261 GWEN_DB_NODE *db) {
00262 gcry_error_t err;
00263 GWEN_CRYPT_KEY *k;
00264 GWEN_CRYPT_KEY_SYM *xk;
00265 unsigned int nbits;
00266 GWEN_DB_NODE *dbR;
00267 unsigned int len;
00268 const char *p;
00269
00270 dbR=GWEN_DB_GetGroup(db, GWEN_PATH_FLAGS_NAMEMUSTEXIST, gname);
00271 if (dbR==NULL) {
00272 DBG_ERROR(GWEN_LOGDOMAIN, "DB does not contain an %s key (no %s group)",
00273 gname, gname);
00274 return NULL;
00275 }
00276
00277 k=GWEN_Crypt_Key_fromDb(db);
00278 if (k==NULL) {
00279 DBG_INFO(GWEN_LOGDOMAIN, "here");
00280 return NULL;
00281 }
00282 if (GWEN_Crypt_Key_GetCryptAlgoId(k)!=cryptAlgoId) {
00283 DBG_ERROR(GWEN_LOGDOMAIN, "DB does not contain an RSA key");
00284 GWEN_Crypt_Key_free(k);
00285 return NULL;
00286 }
00287 nbits=GWEN_Crypt_Key_GetKeySize(k)*8;
00288
00289
00290 GWEN_NEW_OBJECT(GWEN_CRYPT_KEY_SYM, xk);
00291 GWEN_INHERIT_SETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k, xk, GWEN_Crypt_KeySym_freeData);
00292 GWEN_Crypt_Key_SetEncipherFn(k, GWEN_Crypt_KeySym_Encipher);
00293 GWEN_Crypt_Key_SetDecipherFn(k, GWEN_Crypt_KeySym_Decipher);
00294
00295
00296 err=gcry_cipher_open(&xk->algoHandle, algo, GWEN_Crypt_KeySym__MyMode2GMode(mode), flags);
00297 if (err) {
00298 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_open(): %s", gcry_strerror(err));
00299 GWEN_Crypt_Key_free(k);
00300 return NULL;
00301 }
00302 xk->algoValid=1;
00303 xk->mode=mode;
00304 xk->algo=algo;
00305
00306
00307 p=GWEN_DB_GetBinValue(dbR, "keyData", 0, NULL, 0, &len);
00308 if (p==NULL || len==0) {
00309 DBG_INFO(GWEN_LOGDOMAIN, "No key data");
00310 GWEN_Crypt_Key_free(k);
00311 return NULL;
00312 }
00313
00314
00315 xk->keyData=(uint8_t*) malloc(len);
00316 assert(xk->keyData);
00317 memmove(xk->keyData, p, len);
00318 xk->keyLen=len;
00319
00320
00321 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00322 if (err) {
00323 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00324 GWEN_Crypt_Key_free(k);
00325 return NULL;
00326 }
00327
00328 return k;
00329 }
00330
00331
00332
00333 int GWEN_Crypt_KeySym_toDb(const GWEN_CRYPT_KEY *k, GWEN_DB_NODE *db, const char *gname) {
00334 GWEN_CRYPT_KEY_SYM *xk;
00335 GWEN_DB_NODE *dbR;
00336 int rv;
00337
00338 assert(k);
00339 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00340 assert(xk);
00341
00342
00343 rv=GWEN_Crypt_Key_toDb(k, db);
00344 if (rv)
00345 return rv;
00346
00347
00348 dbR=GWEN_DB_GetGroup(db, GWEN_DB_FLAGS_OVERWRITE_GROUPS, gname);
00349 assert(dbR);
00350
00351 GWEN_DB_SetBinValue(dbR, GWEN_DB_FLAGS_OVERWRITE_VARS,
00352 "keyData", xk->keyData, xk->keyLen);
00353
00354 return 0;
00355 }
00356
00357
00358
00359 int GWEN_Crypt_KeySym_SetKeyData(GWEN_CRYPT_KEY *k, const uint8_t *kd, uint32_t kl) {
00360 GWEN_CRYPT_KEY_SYM *xk;
00361 gcry_error_t err;
00362
00363 if (!kd || !kl) {
00364 DBG_ERROR(GWEN_LOGDOMAIN, "Empty keydata not allowed");
00365 return GWEN_ERROR_INVALID;
00366 }
00367
00368 assert(k);
00369 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00370 assert(xk);
00371
00372 if (xk->keyData && xk->keyLen) {
00373 memset(xk->keyData, 0, xk->keyLen);
00374 free(xk->keyData);
00375 }
00376
00377
00378 xk->keyData=(uint8_t*)malloc(kl);
00379 assert(xk->keyData);
00380 memmove(xk->keyData, kd, kl);
00381 xk->keyLen=kl;
00382
00383
00384 err=gcry_cipher_setkey(xk->algoHandle, xk->keyData, xk->keyLen);
00385 if (err) {
00386 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setkey(): %s", gcry_strerror(err));
00387 GWEN_Crypt_Key_free(k);
00388 return GWEN_ERROR_GENERIC;
00389 }
00390
00391 return 0;
00392 }
00393
00394
00395
00396 uint8_t *GWEN_Crypt_KeySym_GetKeyDataPtr(const GWEN_CRYPT_KEY *k) {
00397 GWEN_CRYPT_KEY_SYM *xk;
00398
00399 assert(k);
00400 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00401 assert(xk);
00402
00403 return xk->keyData;
00404 }
00405
00406
00407
00408 uint32_t GWEN_Crypt_KeySym_GetKeyDataLen(const GWEN_CRYPT_KEY *k) {
00409 GWEN_CRYPT_KEY_SYM *xk;
00410
00411 assert(k);
00412 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00413 assert(xk);
00414
00415 return xk->keyLen;
00416 }
00417
00418
00419
00420
00421 GWEN_CRYPT_KEY *GWEN_Crypt_KeyDes3K_Generate(GWEN_CRYPT_CRYPTMODE mode,
00422 int keySize,
00423 int quality){
00424 uint8_t kd[16];
00425 GWEN_CRYPT_KEY *k;
00426
00427 GWEN_Crypt_Random(quality, kd, 16);
00428 k=GWEN_Crypt_KeyDes3K_fromData(mode, keySize, kd, 16);
00429 memset(kd, 0, 16);
00430
00431 return k;
00432 }
00433
00434
00435
00436 GWEN_CRYPT_KEY *GWEN_Crypt_KeyDes3K_fromData(GWEN_CRYPT_CRYPTMODE mode, int keySize,
00437 const uint8_t *kd, uint32_t kl) {
00438 if (kl==16) {
00439 uint8_t new_kd[24];
00440 GWEN_CRYPT_KEY *k;
00441
00442
00443 memmove(new_kd, kd, 16);
00444 memmove(new_kd+16, new_kd, 8);
00445 k=GWEN_Crypt_KeySym_fromData(GWEN_Crypt_CryptAlgoId_Des3K, 24,
00446 mode, GCRY_CIPHER_3DES, GCRY_CIPHER_SECURE, new_kd, 24);
00447 memset(new_kd, 0, 24);
00448 return k;
00449 }
00450 else
00451 return GWEN_Crypt_KeySym_fromData(GWEN_Crypt_CryptAlgoId_Des3K, keySize,
00452 mode, GCRY_CIPHER_3DES, GCRY_CIPHER_SECURE, kd, kl);
00453 }
00454
00455
00456
00457 GWEN_CRYPT_KEY *GWEN_Crypt_KeyDes3K_fromDb(GWEN_CRYPT_CRYPTMODE mode,
00458 GWEN_DB_NODE *db) {
00459 return GWEN_Crypt_KeySym_fromDb(GWEN_Crypt_CryptAlgoId_Des3K, mode,
00460 GCRY_CIPHER_3DES, GCRY_CIPHER_SECURE, "des3k", db);
00461 }
00462
00463
00464
00465 int GWEN_Crypt_KeyDes3K_toDb(const GWEN_CRYPT_KEY *k, GWEN_DB_NODE *db) {
00466 return GWEN_Crypt_KeySym_toDb(k, db, "des3k");
00467 }
00468
00469
00470
00471 int GWEN_Crypt_KeyDes3K_SetKeyData(GWEN_CRYPT_KEY *k, const uint8_t *kd, uint32_t kl) {
00472 if (kl==16) {
00473 uint8_t new_kd[24];
00474 int rv;
00475
00476
00477 memmove(new_kd, kd, 16);
00478 memmove(new_kd+16, new_kd, 8);
00479 rv=GWEN_Crypt_KeySym_SetKeyData(k, new_kd, 24);
00480 memset(new_kd, 0, 24);
00481 return rv;
00482 }
00483 else
00484 return GWEN_Crypt_KeySym_SetKeyData(k, kd, kl);
00485 }
00486
00487
00488
00489 uint8_t *GWEN_Crypt_KeyDes3K_GetKeyDataPtr(const GWEN_CRYPT_KEY *k) {
00490 return GWEN_Crypt_KeySym_GetKeyDataPtr(k);
00491 }
00492
00493
00494
00495 uint32_t GWEN_Crypt_KeyDes3K_GetKeyDataLen(const GWEN_CRYPT_KEY *k) {
00496 return GWEN_Crypt_KeySym_GetKeyDataLen(k);
00497 }
00498
00499
00500
00501 int GWEN_Crypt_KeyDes3K_SetIV(GWEN_CRYPT_KEY *k,
00502 const uint8_t *kd,
00503 uint32_t kl) {
00504 GWEN_CRYPT_KEY_SYM *xk;
00505 gcry_error_t err;
00506
00507 assert(k);
00508 xk=GWEN_INHERIT_GETDATA(GWEN_CRYPT_KEY, GWEN_CRYPT_KEY_SYM, k);
00509 assert(xk);
00510
00511 if (kd==NULL || kl==0) {
00512 const uint8_t iv[]={
00513 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
00514 };
00515 err=gcry_cipher_setiv(xk->algoHandle, iv, sizeof(iv));
00516 }
00517 else
00518 err=gcry_cipher_setiv(xk->algoHandle, kd, kl);
00519 if (err) {
00520 DBG_INFO(GWEN_LOGDOMAIN, "gcry_cipher_setiv(): %s", gcry_strerror(err));
00521 return GWEN_ERROR_GENERIC;
00522 }
00523
00524 return 0;
00525 }
00526
00527
00528
00529
00530
00531
00532
00533 GWEN_CRYPT_KEY *GWEN_Crypt_KeyBlowFish_Generate(GWEN_CRYPT_CRYPTMODE mode,
00534 int keySize,
00535 int quality){
00536 return GWEN_Crypt_KeySym_Generate(GWEN_Crypt_CryptAlgoId_BlowFish, keySize, mode,
00537 GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_SECURE, quality);
00538 }
00539
00540
00541
00542 GWEN_CRYPT_KEY *GWEN_Crypt_KeyBlowFish_fromData(GWEN_CRYPT_CRYPTMODE mode, int keySize,
00543 const uint8_t *kd, uint32_t kl) {
00544 return GWEN_Crypt_KeySym_fromData(GWEN_Crypt_CryptAlgoId_BlowFish, keySize, mode,
00545 GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_SECURE,
00546 kd, kl);
00547 }
00548
00549
00550
00551 GWEN_CRYPT_KEY *GWEN_Crypt_KeyBlowFish_fromDb(GWEN_CRYPT_CRYPTMODE mode,
00552 GWEN_DB_NODE *db) {
00553 return GWEN_Crypt_KeySym_fromDb(GWEN_Crypt_CryptAlgoId_BlowFish, mode,
00554 GCRY_CIPHER_BLOWFISH, GCRY_CIPHER_SECURE, "blowFish", db);
00555 }
00556
00557
00558
00559 int GWEN_Crypt_KeyBlowFish_toDb(const GWEN_CRYPT_KEY *k, GWEN_DB_NODE *db) {
00560 return GWEN_Crypt_KeySym_toDb(k, db, "blowFish");
00561 }
00562
00563
00564
00565 int GWEN_Crypt_KeyBlowFish_SetKeyData(GWEN_CRYPT_KEY *k, const uint8_t *kd, uint32_t kl) {
00566 return GWEN_Crypt_KeySym_SetKeyData(k, kd, kl);
00567 }
00568
00569
00570
00571 uint8_t *GWEN_Crypt_KeyBlowFish_GetKeyDataPtr(const GWEN_CRYPT_KEY *k) {
00572 return GWEN_Crypt_KeySym_GetKeyDataPtr(k);
00573 }
00574
00575
00576
00577 uint32_t GWEN_Crypt_KeyBlowFish_GetKeyDataLen(const GWEN_CRYPT_KEY *k) {
00578 return GWEN_Crypt_KeySym_GetKeyDataLen(k);
00579 }
00580
00581
00582
00583
00584
00585
00586
00587
00588
00589