X-Git-Url: https://git.m6w6.name/?a=blobdiff_plain;f=src%2Flibhashkit%2Faes.cc;h=86a41dd705ec84b4eed2edb8e70a9403b3f0ed08;hb=refs%2Fheads%2Fv1.x;hp=0b2f73d896827c4cda5c5828bdc0c26cb2787c61;hpb=26dd4e6e3d500ce8f8865db4071e2508e604864e;p=awesomized%2Flibmemcached diff --git a/src/libhashkit/aes.cc b/src/libhashkit/aes.cc index 0b2f73d8..86a41dd7 100644 --- a/src/libhashkit/aes.cc +++ b/src/libhashkit/aes.cc @@ -15,12 +15,154 @@ #include "libhashkit/common.h" -#include "libhashkit/rijndael.hpp" - #include -#define AES_KEY_LENGTH 256 /* 128, 192, 256 */ -#define AES_BLOCK_SIZE 16 +#ifdef HAVE_OPENSSL_CRYPTO + +#include + +#define DIGEST_ROUNDS 5 + +#define AES_KEY_NBYTES 32 +#define AES_IV_NBYTES 32 + +struct aes_key_t { + EVP_CIPHER_CTX *encryption_context; + EVP_CIPHER_CTX *decryption_context; +}; + + +aes_key_t *aes_create_key(const char *key, const size_t key_length) { + unsigned char aes_key[AES_KEY_NBYTES]; + unsigned char aes_iv[AES_IV_NBYTES]; + const unsigned char *ukey = (const unsigned char *) key; + + if (!key) { + return NULL; + } + + int i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha256(), NULL, ukey, key_length, DIGEST_ROUNDS, + aes_key, aes_iv); + if (i != AES_KEY_NBYTES) { + return NULL; + } + + aes_key_t *aes_ctx = (aes_key_t *) malloc(sizeof(aes_key_t)); + + if (!(aes_ctx->encryption_context = EVP_CIPHER_CTX_new())) { + return NULL; + } + if (!(aes_ctx->decryption_context = EVP_CIPHER_CTX_new())) { + EVP_CIPHER_CTX_free(aes_ctx->encryption_context); + return NULL; + } + + EVP_CIPHER_CTX_init(aes_ctx->encryption_context); + EVP_CIPHER_CTX_init(aes_ctx->decryption_context); + if (EVP_EncryptInit_ex(aes_ctx->encryption_context, EVP_aes_256_cbc(), NULL, ukey, aes_iv) != 1 + || EVP_DecryptInit_ex(aes_ctx->decryption_context, EVP_aes_256_cbc(), NULL, ukey, aes_iv) != 1) + { + aes_free_key(aes_ctx); + return NULL; + } + + return aes_ctx; +} + +hashkit_string_st *aes_encrypt(aes_key_t *ctx, const char *source, size_t source_length) { + EVP_CIPHER_CTX *encryption_context = ctx->encryption_context; + int cipher_length = source_length + EVP_CIPHER_CTX_block_size(encryption_context); + int final_length = 0; + const unsigned char *usource = (const unsigned char *) source; + unsigned char *cipher_text = (unsigned char *) malloc(cipher_length); + if (!cipher_text) { + return NULL; + } + if (EVP_EncryptInit_ex(encryption_context, NULL, NULL, NULL, NULL) != 1 + || EVP_EncryptUpdate(encryption_context, cipher_text, &cipher_length, usource, source_length) != 1 + || EVP_EncryptFinal_ex(encryption_context, cipher_text + cipher_length, &final_length) != 1) + { + free(cipher_text); + return NULL; + } + + hashkit_string_st *destination = hashkit_string_create(cipher_length + final_length); + if (!destination) { + return NULL; + } + char *dest = hashkit_string_c_str_mutable(destination); + memcpy(dest, cipher_text, cipher_length + final_length); + hashkit_string_set_length(destination, cipher_length + final_length); + return destination; +} + +hashkit_string_st *aes_decrypt(aes_key_t *ctx, const char *source, size_t source_length) { + EVP_CIPHER_CTX *decryption_context = ctx->decryption_context; + int plain_text_length = source_length; + int final_length = 0; + const unsigned char *usource = (const unsigned char *) source; + unsigned char *plain_text = (unsigned char *) malloc(plain_text_length); + if (!plain_text) { + return NULL; + } + if (EVP_DecryptInit_ex(decryption_context, NULL, NULL, NULL, NULL) != 1 + || EVP_DecryptUpdate(decryption_context, plain_text, &plain_text_length, usource, source_length) != 1 + || EVP_DecryptFinal_ex(decryption_context, plain_text + plain_text_length, &final_length) != 1) + { + free(plain_text); + return NULL; + } + + hashkit_string_st *destination = hashkit_string_create(plain_text_length + final_length); + if (!destination) { + return NULL; + } + char *dest = hashkit_string_c_str_mutable(destination); + memcpy(dest, plain_text, plain_text_length + final_length); + hashkit_string_set_length(destination, plain_text_length + final_length); + return destination; +} + +aes_key_t *aes_clone_key(aes_key_t *old_context) { + if (!old_context) { + return NULL; + } + + aes_key_t *new_context = (aes_key_t *) malloc(sizeof(aes_key_t)); + if (new_context) { + new_context->encryption_context = EVP_CIPHER_CTX_new(); + new_context->decryption_context = EVP_CIPHER_CTX_new(); + if (!new_context->encryption_context || !new_context->decryption_context) { + aes_free_key(new_context); + return NULL; + } + EVP_CIPHER_CTX_copy(new_context->encryption_context, old_context->encryption_context); + EVP_CIPHER_CTX_copy(new_context->decryption_context, old_context->decryption_context); + } + + return new_context; +} + +void aes_free_key(aes_key_t *context) { + if (context) { + if (context->encryption_context) { + EVP_CIPHER_CTX_free(context->encryption_context); + context->encryption_context = NULL; + } + if (context->decryption_context) { + EVP_CIPHER_CTX_free(context->decryption_context); + context->decryption_context = NULL; + } + free(context); + } +} + +#else + +# include "libhashkit/rijndael.hpp" + +# define AES_KEY_LENGTH 256 /* 128, 192, 256 */ +# define AES_BLOCK_SIZE 16 enum encrypt_t { AES_ENCRYPT, AES_DECRYPT }; @@ -49,7 +191,7 @@ aes_key_t *aes_create_key(const char *key, const size_t key_length) { if (ptr == rkey_end) { ptr = rkey; /* Just loop over tmp_key until we used all key */ } - *ptr ^= (uint8_t)(*sptr); + *ptr ^= (uint8_t) (*sptr); } _aes_key->decode_key.nr = rijndaelKeySetupDec(_aes_key->decode_key.rk, rkey, AES_KEY_LENGTH); @@ -60,7 +202,7 @@ aes_key_t *aes_create_key(const char *key, const size_t key_length) { } aes_key_t *aes_clone_key(aes_key_t *_aes_key) { - if (_aes_key == NULL) { + if (!_aes_key) { return NULL; } @@ -73,7 +215,7 @@ aes_key_t *aes_clone_key(aes_key_t *_aes_key) { } hashkit_string_st *aes_encrypt(aes_key_t *_aes_key, const char *source, size_t source_length) { - if (_aes_key == NULL) { + if (!_aes_key) { return NULL; } @@ -102,7 +244,7 @@ hashkit_string_st *aes_encrypt(aes_key_t *_aes_key, const char *source, size_t s } hashkit_string_st *aes_decrypt(aes_key_t *_aes_key, const char *source, size_t source_length) { - if (_aes_key == NULL) { + if (!_aes_key) { return NULL; } @@ -140,3 +282,11 @@ hashkit_string_st *aes_decrypt(aes_key_t *_aes_key, const char *source, size_t s return destination; } + +void aes_free_key(aes_key_t *key) { + if (key) { + free(key); + } +} + +#endif