X-Git-Url: http://www.average.org/gitweb/?p=pam_pcsc_cr.git;a=blobdiff_plain;f=ossl_crypto.c;h=4cf0afae3572088262bc3523eb02d5ca4718effa;hp=4b475a4fcbe807d0e0d0894027873764861dba12;hb=8fa876111604e494a754e452090bfdd8fccd64c6;hpb=724570ad4aaaa5eb67fe0e808d638321d522eba7 diff --git a/ossl_crypto.c b/ossl_crypto.c index 4b475a4..4cf0afa 100644 --- a/ossl_crypto.c +++ b/ossl_crypto.c @@ -1,9 +1,32 @@ +/* +Copyright (c) 2013 Eugene Crosser + +This software is provided 'as-is', without any express or implied +warranty. In no event will the authors be held liable for any damages +arising from the use of this software. + +Permission is granted to anyone to use this software for any purpose, +including commercial applications, and to alter it and redistribute it +freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must + not claim that you wrote the original software. If you use this + software in a product, an acknowledgment in the product documentation + would be appreciated but is not required. + + 2. Altered source versions must be plainly marked as such, and must + not be misrepresented as being the original software. + + 3. This notice may not be removed or altered from any source + distribution. +*/ + #ifdef HAVE_CONFIG_H # include "config.h" #endif #include +#include #include -#include #include #include "crypto_if.h" @@ -14,73 +37,63 @@ static const char *ossl_init(void) return "openssl"; } -static unsigned long ossl_encrypt(void *key, int keylen, void *iv, - void *pt, void *ct, int tlen) +static unsigned long ossl_encrypt(const void *key, const int keylen, void *iv, + const void *pt, void *ct, const int tlen) { - EVP_CIPHER_CTX ctx; - int outlen1, outlen2; - unsigned char hkey[16]; + AES_KEY akey; - if (EVP_BytesToKey(EVP_aes_128_cbc(), EVP_sha1(), - NULL, key, keylen, 5, hkey, NULL) != 16) return 1UL; - if (!EVP_EncryptInit(&ctx, EVP_aes_128_cbc(), hkey, iv)) - return ERR_get_error(); - if (!EVP_EncryptUpdate(&ctx, ct, &outlen1, pt, tlen)) - return ERR_get_error(); - if (!EVP_EncryptFinal(&ctx, ct + outlen1, &outlen2)) + if (AES_set_encrypt_key(key, keylen*8, &akey)) return ERR_get_error(); - if (outlen1 + outlen2 != tlen) { - printf("enc tlen =%d outlen1=%d outlen2=%d\n", - tlen, outlen1, outlen2); - // return 1UL; - } + AES_cbc_encrypt(pt, ct, tlen, &akey, iv, AES_ENCRYPT); return 0UL; } -static unsigned long ossl_decrypt(void *key, int keylen, void *iv, - void *ct, void *pt, int tlen) +static unsigned long ossl_decrypt(const void *key, const int keylen, void *iv, + const void *ct, void *pt, const int tlen) { - EVP_CIPHER_CTX ctx; - int outlen1, outlen2; - unsigned char hkey[16]; + AES_KEY akey; - if (EVP_BytesToKey(EVP_aes_128_cbc(), EVP_sha1(), - NULL, key, keylen, 5, hkey, NULL) != 16) return 1UL; - if (!EVP_DecryptInit(&ctx, EVP_aes_128_cbc(), hkey, iv)) + if (AES_set_decrypt_key(key, keylen*8, &akey)) return ERR_get_error(); - if (!EVP_DecryptUpdate(&ctx, ct, &outlen1, pt, tlen)) - return ERR_get_error(); - if (!EVP_DecryptFinal(&ctx, ct + outlen1, &outlen2)) - return ERR_get_error(); - if (outlen1 + outlen2 != tlen) { - printf("dec tlen =%d outlen1=%d outlen2=%d\n", - tlen, outlen1, outlen2); - // return 1UL; - } + AES_cbc_encrypt(ct, pt, tlen, &akey, iv, AES_DECRYPT); return 0UL; } -static unsigned long ossl_hash(void *pt, int tlen, void *tag, int *taglen) +static unsigned long ossl_hash(const void *pt, const int tlen, + void *tag, int *taglen) { SHA_CTX sctx; if (!SHA1_Init(&sctx)) return ERR_get_error(); if (!SHA1_Update(&sctx, pt, tlen)) return ERR_get_error(); if (!SHA1_Final(tag, &sctx)) return ERR_get_error(); - *taglen = 20; + *taglen = SHA_DIGEST_LENGTH; return 0UL; } -static unsigned long ossl_hmac(void *pt, int tlen, void *key, int keylen, +static unsigned long ossl_hmac(const void *key, int const keylen, + const void *pt, const int tlen, void *tag, int *taglen) { - if (!HMAC(EVP_sha1(), key, keylen, pt, tlen, - tag, (unsigned int *)taglen)) - return ERR_get_error(); +#if 0 + HMAC_CTX hctx; + + HMAC_CTX_init(&hctx); + if (!HMAC_Init_ex(&hctx, key, keylen, EVP_sha1(), NULL)) + return ERR_get_error(); + if (!HMAC_Update(&hctx, pt, tlen)) return ERR_get_error(); + if (!HMAC_Final(&hctx, tag, (unsigned int *)taglen)) + return ERR_get_error(); + HMAC_CTX_cleanup(&hctx); +#else + if (HMAC(EVP_sha1(), key, keylen, pt, tlen, + tag, (unsigned int *)taglen) != tag) + return ERR_get_error(); +#endif return 0UL; } -static const char *ossl_errstr(unsigned long err) +static const char *ossl_errstr(const unsigned long err) { return ERR_error_string(err, NULL); }