LCOV - code coverage report
Current view: top level - shishi/lib - low-crypto.c (source / functions) Hit Total Coverage
Test: GNU Shishi Lines: 102 139 73.4 %
Date: 2010-05-20 Functions: 14 15 93.3 %
Legend: Lines: hit not hit | Branches: + taken - not taken # not executed Branches: 35 54 64.8 %

           Branch data     Line data    Source code
       1                 :            : /* low-crypto.c --- Shishi crypto wrappers around generic crypto.
       2                 :            :  * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2010  Simon Josefsson
       3                 :            :  *
       4                 :            :  * This file is part of Shishi.
       5                 :            :  *
       6                 :            :  * Shishi is free software; you can redistribute it and/or modify it
       7                 :            :  * under the terms of the GNU General Public License as published by
       8                 :            :  * the Free Software Foundation; either version 3 of the License, or
       9                 :            :  * (at your option) any later version.
      10                 :            :  *
      11                 :            :  * Shishi is distributed in the hope that it will be useful, but
      12                 :            :  * WITHOUT ANY WARRANTY; without even the implied warranty of
      13                 :            :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      14                 :            :  * GNU General Public License for more details.
      15                 :            :  *
      16                 :            :  * You should have received a copy of the GNU General Public License
      17                 :            :  * along with Shishi; if not, see http://www.gnu.org/licenses or write
      18                 :            :  * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
      19                 :            :  * Floor, Boston, MA 02110-1301, USA
      20                 :            :  *
      21                 :            :  */
      22                 :            : 
      23                 :            : #include "internal.h"
      24                 :            : #include "gc.h"
      25                 :            : #include "arcfour.h"
      26                 :            : #include <gcrypt.h>
      27                 :            : #include "crc.h"
      28                 :            : #include "low-crypto.h"
      29                 :            : 
      30                 :            : int
      31                 :         14 : _shishi_crypto_init (Shishi * handle)
      32                 :            : {
      33                 :         14 :   int rc = gc_init ();
      34                 :            : 
      35         [ -  + ]:         14 :   if (rc != GC_OK)
      36                 :          0 :     return SHISHI_CRYPTO_INTERNAL_ERROR;
      37                 :            : 
      38                 :         14 :   return SHISHI_OK;
      39                 :            : }
      40                 :            : 
      41                 :            : void
      42                 :          0 : _shishi_quick_random (void)
      43                 :            : {
      44                 :          0 :   gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
      45                 :          0 : }
      46                 :            : 
      47                 :            : /**
      48                 :            :  * shishi_randomize:
      49                 :            :  * @handle: shishi handle as allocated by shishi_init().
      50                 :            :  * @strong: 0 iff operation should not block, non-0 for very strong randomness.
      51                 :            :  * @data: output array to be filled with random data.
      52                 :            :  * @datalen: size of output array.
      53                 :            :  *
      54                 :            :  * Store cryptographically random data of given size in the provided
      55                 :            :  * buffer.
      56                 :            :  *
      57                 :            :  * Return value: Returns %SHISHI_OK iff successful.
      58                 :            :  **/
      59                 :            : int
      60                 :        321 : shishi_randomize (Shishi * handle, int strong, void *data, size_t datalen)
      61                 :            : {
      62                 :            :   Gc_rc rc;
      63                 :            : 
      64         [ -  + ]:        321 :   if (strong)
      65                 :          0 :     rc = gc_random (data, datalen);
      66                 :            :   else
      67                 :        321 :     rc = gc_pseudo_random (data, datalen);
      68                 :            : 
      69         [ -  + ]:        321 :   if (rc != GC_OK)
      70                 :          0 :     return SHISHI_FILE_ERROR;
      71                 :            : 
      72                 :        321 :   return SHISHI_OK;
      73                 :            : }
      74                 :            : 
      75                 :            : /**
      76                 :            :  * shishi_crc:
      77                 :            :  * @handle: shishi handle as allocated by shishi_init().
      78                 :            :  * @in: input character array of data to checksum.
      79                 :            :  * @inlen: length of input character array of data to checksum.
      80                 :            :  * @out: newly allocated character array with checksum of data.
      81                 :            :  *
      82                 :            :  * Compute checksum of data using CRC32 modified according to RFC
      83                 :            :  * 1510.  The @out buffer must be deallocated by the caller.
      84                 :            :  *
      85                 :            :  * The modifications compared to standard CRC32 is that no initial and
      86                 :            :  * final XOR is performed, and that the output is returned in
      87                 :            :  * LSB-first order.
      88                 :            :  *
      89                 :            :  * Return value: Returns SHISHI_OK iff successful.
      90                 :            :  **/
      91                 :            : int
      92                 :         17 : shishi_crc (Shishi * handle, const char *in, size_t inlen, char *out[4])
      93                 :            : {
      94                 :         17 :   uint32_t crc = crc32_update_no_xor (0, in, inlen);
      95                 :            : 
      96                 :         17 :   *out = xmalloc (4);
      97                 :         17 :   (*out)[0] = crc & 0xFF;
      98                 :         17 :   (*out)[1] = (crc >> 8) & 0xFF;
      99                 :         17 :   (*out)[2] = (crc >> 16) & 0xFF;
     100                 :         17 :   (*out)[3] = (crc >> 24) & 0xFF;
     101                 :            : 
     102                 :         17 :   return SHISHI_OK;
     103                 :            : }
     104                 :            : 
     105                 :            : /**
     106                 :            :  * shishi_md4:
     107                 :            :  * @handle: shishi handle as allocated by shishi_init().
     108                 :            :  * @in: input character array of data to hash.
     109                 :            :  * @inlen: length of input character array of data to hash.
     110                 :            :  * @out: newly allocated character array with hash of data.
     111                 :            :  *
     112                 :            :  * Compute hash of data using MD4.  The @out buffer must be
     113                 :            :  * deallocated by the caller.
     114                 :            :  *
     115                 :            :  * Return value: Returns SHISHI_OK iff successful.
     116                 :            :  **/
     117                 :            : int
     118                 :         20 : shishi_md4 (Shishi * handle, const char *in, size_t inlen, char *out[16])
     119                 :            : {
     120                 :            :   Gc_rc rc;
     121                 :            : 
     122                 :         20 :   *out = xmalloc (GC_MD4_DIGEST_SIZE);
     123                 :         20 :   rc = gc_md4 (in, inlen, *out);
     124         [ -  + ]:         20 :   if (rc != GC_OK)
     125                 :          0 :     return SHISHI_CRYPTO_INTERNAL_ERROR;
     126                 :            : 
     127                 :         20 :   return SHISHI_OK;
     128                 :            : }
     129                 :            : 
     130                 :            : /**
     131                 :            :  * shishi_md5:
     132                 :            :  * @handle: shishi handle as allocated by shishi_init().
     133                 :            :  * @in: input character array of data to hash.
     134                 :            :  * @inlen: length of input character array of data to hash.
     135                 :            :  * @out: newly allocated character array with hash of data.
     136                 :            :  *
     137                 :            :  * Compute hash of data using MD5.  The @out buffer must be
     138                 :            :  * deallocated by the caller.
     139                 :            :  *
     140                 :            :  * Return value: Returns SHISHI_OK iff successful.
     141                 :            :  **/
     142                 :            : int
     143                 :         19 : shishi_md5 (Shishi * handle, const char *in, size_t inlen, char *out[16])
     144                 :            : {
     145                 :            :   Gc_rc rc;
     146                 :            : 
     147                 :         19 :   *out = xmalloc (GC_MD5_DIGEST_SIZE);
     148                 :         19 :   rc = gc_md5 (in, inlen, *out);
     149         [ -  + ]:         19 :   if (rc != GC_OK)
     150                 :          0 :     return SHISHI_CRYPTO_INTERNAL_ERROR;
     151                 :            : 
     152                 :         19 :   return SHISHI_OK;
     153                 :            : }
     154                 :            : 
     155                 :            : /**
     156                 :            :  * shishi_hmac_md5:
     157                 :            :  * @handle: shishi handle as allocated by shishi_init().
     158                 :            :  * @key: input character array with key to use.
     159                 :            :  * @keylen: length of input character array with key to use.
     160                 :            :  * @in: input character array of data to hash.
     161                 :            :  * @inlen: length of input character array of data to hash.
     162                 :            :  * @outhash: newly allocated character array with keyed hash of data.
     163                 :            :  *
     164                 :            :  * Compute keyed checksum of data using HMAC-MD5.  The @outhash buffer
     165                 :            :  * must be deallocated by the caller.
     166                 :            :  *
     167                 :            :  * Return value: Returns SHISHI_OK iff successful.
     168                 :            :  **/
     169                 :            : int
     170                 :        865 : shishi_hmac_md5 (Shishi * handle,
     171                 :            :                  const char *key, size_t keylen,
     172                 :            :                  const char *in, size_t inlen, char *outhash[16])
     173                 :            : {
     174                 :            :   Gc_rc rc;
     175                 :            : 
     176                 :        865 :   *outhash = xmalloc (GC_MD5_DIGEST_SIZE);
     177                 :        865 :   rc = gc_hmac_md5 (key, keylen, in, inlen, *outhash);
     178         [ -  + ]:        865 :   if (rc != GC_OK)
     179                 :          0 :     return SHISHI_CRYPTO_INTERNAL_ERROR;
     180                 :            : 
     181                 :        865 :   return SHISHI_OK;
     182                 :            : }
     183                 :            : 
     184                 :            : /**
     185                 :            :  * shishi_hmac_sha1:
     186                 :            :  * @handle: shishi handle as allocated by shishi_init().
     187                 :            :  * @key: input character array with key to use.
     188                 :            :  * @keylen: length of input character array with key to use.
     189                 :            :  * @in: input character array of data to hash.
     190                 :            :  * @inlen: length of input character array of data to hash.
     191                 :            :  * @outhash: newly allocated character array with keyed hash of data.
     192                 :            :  *
     193                 :            :  * Compute keyed checksum of data using HMAC-SHA1.  The @outhash
     194                 :            :  * buffer must be deallocated by the caller.
     195                 :            :  *
     196                 :            :  * Return value: Returns SHISHI_OK iff successful.
     197                 :            :  **/
     198                 :            : int
     199                 :        301 : shishi_hmac_sha1 (Shishi * handle,
     200                 :            :                   const char *key, size_t keylen,
     201                 :            :                   const char *in, size_t inlen, char *outhash[20])
     202                 :            : {
     203                 :            :   Gc_rc rc;
     204                 :            : 
     205                 :        301 :   *outhash = xmalloc (GC_SHA1_DIGEST_SIZE);
     206                 :        301 :   rc = gc_hmac_sha1 (key, keylen, in, inlen, *outhash);
     207         [ -  + ]:        301 :   if (rc != GC_OK)
     208                 :          0 :     return SHISHI_CRYPTO_INTERNAL_ERROR;
     209                 :            : 
     210                 :        301 :   return SHISHI_OK;
     211                 :            : }
     212                 :            : 
     213                 :            : /**
     214                 :            :  * shishi_des_cbc_mac:
     215                 :            :  * @handle: shishi handle as allocated by shishi_init().
     216                 :            :  * @key: input character array with key to use.
     217                 :            :  * @iv: input character array with initialization vector to use, can be NULL.
     218                 :            :  * @in: input character array of data to hash.
     219                 :            :  * @inlen: length of input character array of data to hash.
     220                 :            :  * @out: newly allocated character array with keyed hash of data.
     221                 :            :  *
     222                 :            :  * Computed keyed checksum of data using DES-CBC-MAC.  The @out buffer
     223                 :            :  * must be deallocated by the caller.
     224                 :            :  *
     225                 :            :  * Return value: Returns SHISHI_OK iff successful.
     226                 :            :  **/
     227                 :            : int
     228                 :          8 : shishi_des_cbc_mac (Shishi * handle,
     229                 :            :                     const char key[8],
     230                 :            :                     const char iv[8],
     231                 :            :                     const char *in, size_t inlen, char *out[8])
     232                 :            : {
     233                 :            :   gcry_cipher_hd_t ch;
     234                 :            :   gpg_error_t err;
     235                 :          8 :   int res = SHISHI_CRYPTO_INTERNAL_ERROR;
     236                 :            : 
     237                 :          8 :   err = gcry_cipher_open (&ch, GCRY_CIPHER_DES,
     238                 :            :                           GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_MAC);
     239         [ -  + ]:          8 :   if (err != GPG_ERR_NO_ERROR)
     240                 :            :     {
     241                 :          0 :       shishi_error_printf (handle, "DES-CBC-MAC not available in libgcrypt");
     242                 :          0 :       return SHISHI_CRYPTO_INTERNAL_ERROR;
     243                 :            :     }
     244                 :            : 
     245                 :          8 :   err = gcry_cipher_setkey (ch, key, 8);
     246         [ -  + ]:          8 :   if (err != GPG_ERR_NO_ERROR)
     247                 :            :     {
     248                 :          0 :       shishi_error_printf (handle, "DES setkey failed");
     249                 :          0 :       shishi_error_set (handle, gpg_strerror (err));
     250                 :          0 :       goto done;
     251                 :            :     }
     252                 :            : 
     253                 :          8 :   err = gcry_cipher_setiv (ch, iv, 8);
     254         [ -  + ]:          8 :   if (err != GPG_ERR_NO_ERROR)
     255                 :            :     {
     256                 :          0 :       shishi_error_printf (handle, "DES setiv failed");
     257                 :          0 :       shishi_error_set (handle, gpg_strerror (err));
     258                 :          0 :       goto done;
     259                 :            :     }
     260                 :            : 
     261                 :          8 :   *out = xmalloc (8);
     262                 :            : 
     263                 :          8 :   err = gcry_cipher_encrypt (ch, *out, 8, in, inlen);
     264         [ -  + ]:          8 :   if (err != GPG_ERR_NO_ERROR)
     265                 :            :     {
     266                 :          0 :       shishi_error_printf (handle, "DES encrypt failed");
     267                 :          0 :       shishi_error_set (handle, gpg_strerror (err));
     268                 :          0 :       goto done;
     269                 :            :     }
     270                 :            : 
     271                 :          8 :   res = SHISHI_OK;
     272                 :            : 
     273                 :            : done:
     274                 :          8 :   gcry_cipher_close (ch);
     275                 :          8 :   return res;
     276                 :            : }
     277                 :            : 
     278                 :            : static int
     279                 :       1486 : libgcrypt_dencrypt (Shishi * handle, int algo, int flags, int mode,
     280                 :            :                     int decryptp,
     281                 :            :                     const char *key, size_t keylen,
     282                 :            :                     const char *iv,
     283                 :            :                     char **ivout, const char *in, size_t inlen, char **out)
     284                 :            : {
     285                 :       1486 :   size_t ivlen = gcry_cipher_get_algo_blklen (algo);
     286                 :            :   gcry_cipher_hd_t ch;
     287                 :            :   gpg_error_t err;
     288                 :            : 
     289                 :       1486 :   err = gcry_cipher_open (&ch, algo, mode, flags);
     290         [ -  + ]:       1486 :   if (err != GPG_ERR_NO_ERROR)
     291                 :            :     {
     292                 :          0 :       shishi_error_printf (handle, "Libgcrypt cipher open failed");
     293                 :          0 :       shishi_error_set (handle, gpg_strerror (err));
     294                 :          0 :       return SHISHI_CRYPTO_INTERNAL_ERROR;
     295                 :            :     }
     296                 :            : 
     297                 :       1486 :   err = gcry_cipher_setkey (ch, key, keylen);
     298         [ -  + ]:       1486 :   if (err != GPG_ERR_NO_ERROR)
     299                 :            :     {
     300                 :          0 :       shishi_error_printf (handle, "Libgcrypt setkey failed");
     301                 :          0 :       shishi_error_set (handle, gpg_strerror (err));
     302                 :          0 :       return SHISHI_CRYPTO_INTERNAL_ERROR;
     303                 :            :     }
     304                 :            : 
     305                 :       1486 :   err = gcry_cipher_setiv (ch, iv, ivlen);
     306         [ -  + ]:       1486 :   if (err != GPG_ERR_NO_ERROR)
     307                 :            :     {
     308                 :          0 :       shishi_error_printf (handle, "Libgcrypt setiv failed");
     309                 :          0 :       shishi_error_set (handle, gpg_strerror (err));
     310                 :          0 :       return SHISHI_CRYPTO_INTERNAL_ERROR;
     311                 :            :     }
     312                 :            : 
     313                 :       1486 :   *out = xmalloc (inlen);
     314                 :            : 
     315         [ +  + ]:       1486 :   if (decryptp)
     316                 :        192 :     err = gcry_cipher_decrypt (ch, (unsigned char *) *out, inlen,
     317                 :            :                                (const unsigned char *) in, inlen);
     318                 :            :   else
     319                 :       1294 :     err = gcry_cipher_encrypt (ch, (unsigned char *) *out, inlen,
     320                 :            :                                (const unsigned char *) in, inlen);
     321         [ -  + ]:       1486 :   if (err != GPG_ERR_NO_ERROR)
     322                 :            :     {
     323                 :          0 :       shishi_error_printf (handle, "Libgcrypt ciphering failed");
     324                 :          0 :       shishi_error_set (handle, gpg_strerror (err));
     325                 :          0 :       return SHISHI_CRYPTO_INTERNAL_ERROR;
     326                 :            :     }
     327                 :            : 
     328         [ +  + ]:       1486 :   if (ivout)
     329                 :            :     {
     330                 :        396 :       size_t ivdiff, ivpos = 0;
     331                 :            : 
     332                 :        396 :       *ivout = xmalloc (ivlen);
     333                 :            : 
     334         [ +  + ]:        396 :       if (flags & GCRY_CIPHER_CBC_CTS)
     335                 :            :         {
     336                 :            :           /* XXX what is the output iv for CBC-CTS mode?
     337                 :            :              but is this value useful at all for that mode anyway?
     338                 :            :              Mostly it is DES apps that want the updated iv, so this is ok. */
     339                 :            : 
     340         [ +  + ]:        294 :           if (inlen % ivlen)
     341                 :        274 :             ivdiff = ivlen + inlen % ivlen;
     342                 :            :           else
     343                 :         20 :             ivdiff = ivlen + ivlen;
     344                 :            : 
     345         [ +  + ]:        294 :           if (inlen >= ivdiff)
     346                 :        294 :             ivpos = inlen - ivdiff;
     347                 :            :         }
     348                 :            :       else
     349                 :        102 :         ivpos = inlen - ivlen;
     350                 :            : 
     351         [ +  + ]:        396 :       if (decryptp)
     352                 :        192 :         memcpy (*ivout, in + ivpos, inlen >= ivlen ? ivlen : inlen);
     353                 :            :       else
     354                 :        204 :         memcpy (*ivout, *out + ivpos, inlen >= ivlen ? ivlen : inlen);
     355                 :            :     }
     356                 :            : 
     357                 :       1486 :   gcry_cipher_close (ch);
     358                 :            : 
     359                 :       1486 :   return SHISHI_OK;
     360                 :            : }
     361                 :            : 
     362                 :            : /**
     363                 :            :  * shishi_arcfour:
     364                 :            :  * @handle: shishi handle as allocated by shishi_init().
     365                 :            :  * @decryptp: 0 to indicate encryption, non-0 to indicate decryption.
     366                 :            :  * @key: input character array with key to use.
     367                 :            :  * @keylen: length of input key array.
     368                 :            :  * @iv: input character array with initialization vector to use, or NULL.
     369                 :            :  * @ivout: output character array with updated initialization vector, or NULL.
     370                 :            :  * @in: input character array of data to encrypt/decrypt.
     371                 :            :  * @inlen: length of input character array of data to encrypt/decrypt.
     372                 :            :  * @out: newly allocated character array with encrypted/decrypted data.
     373                 :            :  *
     374                 :            :  * Encrypt or decrypt data (depending on @decryptp) using ARCFOUR.
     375                 :            :  * The @out buffer must be deallocated by the caller.
     376                 :            :  *
     377                 :            :  * The "initialization vector" used here is the concatenation of the
     378                 :            :  * sbox and i and j, and is thus always of size 256 + 1 + 1.  This is
     379                 :            :  * a slight abuse of terminology, and assumes you know what you are
     380                 :            :  * doing.  Don't use it if you can avoid to.
     381                 :            :  *
     382                 :            :  * Return value: Returns SHISHI_OK iff successful.
     383                 :            :  **/
     384                 :            : int
     385                 :        290 : shishi_arcfour (Shishi * handle, int decryptp,
     386                 :            :                 const char *key, size_t keylen,
     387                 :            :                 const char iv[258], char *ivout[258],
     388                 :            :                 const char *in, size_t inlen, char **out)
     389                 :            : {
     390                 :            :   arcfour_context ctx;
     391                 :            : 
     392                 :        290 :   *out = xmalloc (inlen);
     393                 :            : 
     394         [ +  + ]:        290 :   if (iv)
     395                 :        284 :     memcpy (&ctx, iv, sizeof (ctx));
     396                 :            :   else
     397                 :          6 :     arcfour_setkey (&ctx, key, keylen);
     398                 :            : 
     399                 :        290 :   arcfour_stream (&ctx, in, *out, inlen);
     400                 :            : 
     401         [ +  + ]:        290 :   if (ivout)
     402                 :            :     {
     403                 :        289 :       *ivout = xmalloc (sizeof (ctx));
     404                 :        289 :       memcpy (*ivout, &ctx, sizeof (ctx));
     405                 :            :     }
     406                 :            : 
     407                 :        290 :   return SHISHI_OK;
     408                 :            : }
     409                 :            : 
     410                 :            : /**
     411                 :            :  * shishi_des:
     412                 :            :  * @handle: shishi handle as allocated by shishi_init().
     413                 :            :  * @decryptp: 0 to indicate encryption, non-0 to indicate decryption.
     414                 :            :  * @key: input character array with key to use.
     415                 :            :  * @iv: input character array with initialization vector to use, or NULL.
     416                 :            :  * @ivout: output character array with updated initialization vector, or NULL.
     417                 :            :  * @in: input character array of data to encrypt/decrypt.
     418                 :            :  * @inlen: length of input character array of data to encrypt/decrypt.
     419                 :            :  * @out: newly allocated character array with encrypted/decrypted data.
     420                 :            :  *
     421                 :            :  * Encrypt or decrypt data (depending on @decryptp) using DES in CBC
     422                 :            :  * mode.  The @out buffer must be deallocated by the caller.
     423                 :            :  *
     424                 :            :  * Return value: Returns SHISHI_OK iff successful.
     425                 :            :  **/
     426                 :            : int
     427                 :         71 : shishi_des (Shishi * handle, int decryptp,
     428                 :            :             const char key[8],
     429                 :            :             const char iv[8],
     430                 :            :             char *ivout[8], const char *in, size_t inlen, char **out)
     431                 :            : {
     432                 :         71 :   return libgcrypt_dencrypt (handle, GCRY_CIPHER_DES, 0, GCRY_CIPHER_MODE_CBC,
     433                 :            :                              decryptp, key, 8, iv, ivout, in, inlen, out);
     434                 :            : }
     435                 :            : 
     436                 :            : /**
     437                 :            :  * shishi_3des:
     438                 :            :  * @handle: shishi handle as allocated by shishi_init().
     439                 :            :  * @decryptp: 0 to indicate encryption, non-0 to indicate decryption.
     440                 :            :  * @key: input character array with key to use.
     441                 :            :  * @iv: input character array with initialization vector to use, or NULL.
     442                 :            :  * @ivout: output character array with updated initialization vector, or NULL.
     443                 :            :  * @in: input character array of data to encrypt/decrypt.
     444                 :            :  * @inlen: length of input character array of data to encrypt/decrypt.
     445                 :            :  * @out: newly allocated character array with encrypted/decrypted data.
     446                 :            :  *
     447                 :            :  * Encrypt or decrypt data (depending on @decryptp) using 3DES in CBC
     448                 :            :  * mode.  The @out buffer must be deallocated by the caller.
     449                 :            :  *
     450                 :            :  * Return value: Returns SHISHI_OK iff successful.
     451                 :            :  **/
     452                 :            : int
     453                 :        248 : shishi_3des (Shishi * handle, int decryptp,
     454                 :            :              const char key[8],
     455                 :            :              const char iv[8],
     456                 :            :              char *ivout[8], const char *in, size_t inlen, char **out)
     457                 :            : {
     458                 :        248 :   return libgcrypt_dencrypt (handle, GCRY_CIPHER_3DES, 0,
     459                 :            :                              GCRY_CIPHER_MODE_CBC, decryptp, key, 24, iv,
     460                 :            :                              ivout, in, inlen, out);
     461                 :            : }
     462                 :            : 
     463                 :            : /**
     464                 :            :  * shishi_aes_cts:
     465                 :            :  * @handle: shishi handle as allocated by shishi_init().
     466                 :            :  * @decryptp: 0 to indicate encryption, non-0 to indicate decryption.
     467                 :            :  * @key: input character array with key to use.
     468                 :            :  * @keylen: length of input character array with key to use.
     469                 :            :  * @iv: input character array with initialization vector to use, or NULL.
     470                 :            :  * @ivout: output character array with updated initialization vector, or NULL.
     471                 :            :  * @in: input character array of data to encrypt/decrypt.
     472                 :            :  * @inlen: length of input character array of data to encrypt/decrypt.
     473                 :            :  * @out: newly allocated character array with encrypted/decrypted data.
     474                 :            :  *
     475                 :            :  * Encrypt or decrypt data (depending on @decryptp) using AES in
     476                 :            :  * CBC-CTS mode.  The length of the key, @keylen, decide if AES 128 or
     477                 :            :  * AES 256 should be used.  The @out buffer must be deallocated by the
     478                 :            :  * caller.
     479                 :            :  *
     480                 :            :  * Return value: Returns SHISHI_OK iff successful.
     481                 :            :  **/
     482                 :            : int
     483                 :       1167 : shishi_aes_cts (Shishi * handle, int decryptp,
     484                 :            :                 const char *key, size_t keylen,
     485                 :            :                 const char iv[16],
     486                 :            :                 char *ivout[16], const char *in, size_t inlen, char **out)
     487                 :            : {
     488                 :       1167 :   return libgcrypt_dencrypt (handle, GCRY_CIPHER_AES, GCRY_CIPHER_CBC_CTS,
     489                 :            :                              GCRY_CIPHER_MODE_CBC, decryptp,
     490                 :            :                              key, keylen, iv, ivout, in, inlen, out);
     491                 :            : }
     492                 :            : 
     493                 :            : /**
     494                 :            :  * shishi_pbkdf2_sha1:
     495                 :            :  * @handle: shishi handle as allocated by shishi_init().
     496                 :            :  * @P: input password, an octet string
     497                 :            :  * @Plen: length of password, an octet string
     498                 :            :  * @S: input salt, an octet string
     499                 :            :  * @Slen: length of salt, an octet string
     500                 :            :  * @c: iteration count, a positive integer
     501                 :            :  * @dkLen: intended length in octets of the derived key, a positive integer,
     502                 :            :  *   at most (2^32 - 1) * hLen.  The DK array must have room for this many
     503                 :            :  *   characters.
     504                 :            :  * @DK: output derived key, a dkLen-octet string
     505                 :            :  *
     506                 :            :  * Derive key using the PBKDF2 defined in PKCS5.  PBKDF2 applies a
     507                 :            :  * pseudorandom function to derive keys. The length of the derived key
     508                 :            :  * is essentially unbounded. (However, the maximum effective search
     509                 :            :  * space for the derived key may be limited by the structure of the
     510                 :            :  * underlying pseudorandom function, which is this function is always
     511                 :            :  * SHA1.)
     512                 :            :  *
     513                 :            :  * Return value: Returns SHISHI_OK iff successful.
     514                 :            :  **/
     515                 :            : int
     516                 :         28 : shishi_pbkdf2_sha1 (Shishi * handle,
     517                 :            :                     const char *P, size_t Plen,
     518                 :            :                     const char *S, size_t Slen,
     519                 :            :                     unsigned int c, unsigned int dkLen, char *DK)
     520                 :            : {
     521                 :            :   Gc_rc rc;
     522                 :            : 
     523                 :         28 :   rc = gc_pbkdf2_sha1 (P, Plen, S, Slen, c, DK, dkLen);
     524                 :            : 
     525         [ -  + ]:         28 :   if (rc == GC_PKCS5_INVALID_ITERATION_COUNT)
     526                 :          0 :     return SHISHI_PKCS5_INVALID_ITERATION_COUNT;
     527                 :            : 
     528         [ -  + ]:         28 :   if (rc == GC_PKCS5_INVALID_DERIVED_KEY_LENGTH)
     529                 :          0 :     return SHISHI_PKCS5_INVALID_DERIVED_KEY_LENGTH;
     530                 :            : 
     531         [ -  + ]:         28 :   if (rc == GC_PKCS5_DERIVED_KEY_TOO_LONG)
     532                 :          0 :     return SHISHI_PKCS5_DERIVED_KEY_TOO_LONG;
     533                 :            : 
     534         [ -  + ]:         28 :   if (rc != GC_OK)
     535                 :          0 :     return SHISHI_CRYPTO_INTERNAL_ERROR;
     536                 :            : 
     537                 :         28 :   return SHISHI_OK;
     538                 :            : }

Generated by: LCOV version 1.8