X-Git-Url: http://www.average.org/gitweb/?p=pam_pcsc_cr.git;a=blobdiff_plain;f=ossl_crypto.c;h=4b475a4fcbe807d0e0d0894027873764861dba12;hp=61c6504cf0e0688c3193793dc28f50f5797cad3f;hb=724570ad4aaaa5eb67fe0e808d638321d522eba7;hpb=582620961e80e33514b39ab76648be761fd55368 diff --git a/ossl_crypto.c b/ossl_crypto.c index 61c6504..4b475a4 100644 --- a/ossl_crypto.c +++ b/ossl_crypto.c @@ -1,53 +1,95 @@ +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif +#include +#include #include #include #include "crypto_if.h" -static int ossl_encrypt(void *pt, int ptlen, void *key, int keylen, - void *ct, int *ctlen) +static const char *ossl_init(void) { - EVP_CIPHER_CTX ctx; - unsigned char iv[16] = {0}; - int outlen1, outlen2; + ERR_load_crypto_strings(); + return "openssl"; +} - EVP_EncryptInit(&ctx, EVP_aes_256_cbc(), key, iv); - EVP_EncryptUpdate(&ctx, ct, &outlen1, pt, ptlen); - EVP_EncryptFinal(&ctx, ct + outlen1, &outlen2); - if (outlen1 + outlen2 > *ctlen) return -1; - *ctlen = outlen1 + outlen2; +static unsigned long ossl_encrypt(void *key, int keylen, void *iv, + void *pt, void *ct, int tlen) +{ + EVP_CIPHER_CTX ctx; + int outlen1, outlen2; + unsigned char hkey[16]; - return 0; + if (EVP_BytesToKey(EVP_aes_128_cbc(), EVP_sha1(), + NULL, key, keylen, 5, hkey, NULL) != 16) return 1UL; + if (!EVP_EncryptInit(&ctx, EVP_aes_128_cbc(), hkey, iv)) + return ERR_get_error(); + if (!EVP_EncryptUpdate(&ctx, ct, &outlen1, pt, tlen)) + return ERR_get_error(); + if (!EVP_EncryptFinal(&ctx, ct + outlen1, &outlen2)) + return ERR_get_error(); + if (outlen1 + outlen2 != tlen) { + printf("enc tlen =%d outlen1=%d outlen2=%d\n", + tlen, outlen1, outlen2); + // return 1UL; + } + return 0UL; } -static int ossl_decrypt() +static unsigned long ossl_decrypt(void *key, int keylen, void *iv, + void *ct, void *pt, int tlen) { - return 0; + EVP_CIPHER_CTX ctx; + int outlen1, outlen2; + unsigned char hkey[16]; + + if (EVP_BytesToKey(EVP_aes_128_cbc(), EVP_sha1(), + NULL, key, keylen, 5, hkey, NULL) != 16) return 1UL; + if (!EVP_DecryptInit(&ctx, EVP_aes_128_cbc(), hkey, iv)) + return ERR_get_error(); + if (!EVP_DecryptUpdate(&ctx, ct, &outlen1, pt, tlen)) + return ERR_get_error(); + if (!EVP_DecryptFinal(&ctx, ct + outlen1, &outlen2)) + return ERR_get_error(); + if (outlen1 + outlen2 != tlen) { + printf("dec tlen =%d outlen1=%d outlen2=%d\n", + tlen, outlen1, outlen2); + // return 1UL; + } + return 0UL; } -static int ossl_hash() +static unsigned long ossl_hash(void *pt, int tlen, void *tag, int *taglen) { - return 0; + SHA_CTX sctx; + + if (!SHA1_Init(&sctx)) return ERR_get_error(); + if (!SHA1_Update(&sctx, pt, tlen)) return ERR_get_error(); + if (!SHA1_Final(tag, &sctx)) return ERR_get_error(); + *taglen = 20; + return 0UL; } -static int ossl_hmac() +static unsigned long ossl_hmac(void *pt, int tlen, void *key, int keylen, + void *tag, int *taglen) { - return 0; + if (!HMAC(EVP_sha1(), key, keylen, pt, tlen, + tag, (unsigned int *)taglen)) + return ERR_get_error(); + return 0UL; } -// result = HMAC(EVP_sha256(), key, 999, data, 888, NULL, NULL); -// EVP_MD * - -// HMAC_CTX hctx; -// HMAC_CTX_init(&hctx); -// if (HMAC_Init(&hctx, key, keylen, EVP_sha1())) success; -// if (HMAC_Update(&hctx, data, datalen)) success; -// if (HMAC_Final(&hctx, &digest, &digestlen)) success -// HMAC_CTX_cleanup(&hctx); +static const char *ossl_errstr(unsigned long err) +{ + return ERR_error_string(err, NULL); +} struct crypto_interface ossl_crypto_if = { - .name = "openssl", + .init = ossl_init, .encrypt = ossl_encrypt, .decrypt = ossl_decrypt, .hash = ossl_hash, .hmac = ossl_hmac, + .errstr = ossl_errstr, };