}
#endif
-#endif /* WINPR_CRYPTO_H */
+/**
+ * Generic Cipher API
+ */
+
+/* cipher operation types */
+#define WINPR_ENCRYPT 0
+#define WINPR_DECRYPT 1
+
+/* cipher types */
+#define WINPR_CIPHER_NONE 0
+#define WINPR_CIPHER_NULL 1
+#define WINPR_CIPHER_AES_128_ECB 2
+#define WINPR_CIPHER_AES_192_ECB 3
+#define WINPR_CIPHER_AES_256_ECB 4
+#define WINPR_CIPHER_AES_128_CBC 5
+#define WINPR_CIPHER_AES_192_CBC 6
+#define WINPR_CIPHER_AES_256_CBC 7
+#define WINPR_CIPHER_AES_128_CFB128 8
+#define WINPR_CIPHER_AES_192_CFB128 9
+#define WINPR_CIPHER_AES_256_CFB128 10
+#define WINPR_CIPHER_AES_128_CTR 11
+#define WINPR_CIPHER_AES_192_CTR 12
+#define WINPR_CIPHER_AES_256_CTR 13
+#define WINPR_CIPHER_AES_128_GCM 14
+#define WINPR_CIPHER_AES_192_GCM 15
+#define WINPR_CIPHER_AES_256_GCM 16
+#define WINPR_CIPHER_CAMELLIA_128_ECB 17
+#define WINPR_CIPHER_CAMELLIA_192_ECB 18
+#define WINPR_CIPHER_CAMELLIA_256_ECB 19
+#define WINPR_CIPHER_CAMELLIA_128_CBC 20
+#define WINPR_CIPHER_CAMELLIA_192_CBC 21
+#define WINPR_CIPHER_CAMELLIA_256_CBC 22
+#define WINPR_CIPHER_CAMELLIA_128_CFB128 23
+#define WINPR_CIPHER_CAMELLIA_192_CFB128 24
+#define WINPR_CIPHER_CAMELLIA_256_CFB128 25
+#define WINPR_CIPHER_CAMELLIA_128_CTR 26
+#define WINPR_CIPHER_CAMELLIA_192_CTR 27
+#define WINPR_CIPHER_CAMELLIA_256_CTR 28
+#define WINPR_CIPHER_CAMELLIA_128_GCM 29
+#define WINPR_CIPHER_CAMELLIA_192_GCM 30
+#define WINPR_CIPHER_CAMELLIA_256_GCM 31
+#define WINPR_CIPHER_DES_ECB 32
+#define WINPR_CIPHER_DES_CBC 33
+#define WINPR_CIPHER_DES_EDE_ECB 34
+#define WINPR_CIPHER_DES_EDE_CBC 35
+#define WINPR_CIPHER_DES_EDE3_ECB 36
+#define WINPR_CIPHER_DES_EDE3_CBC 37
+#define WINPR_CIPHER_BLOWFISH_ECB 38
+#define WINPR_CIPHER_BLOWFISH_CBC 39
+#define WINPR_CIPHER_BLOWFISH_CFB64 40
+#define WINPR_CIPHER_BLOWFISH_CTR 41
+#define WINPR_CIPHER_ARC4_128 42
+#define WINPR_CIPHER_AES_128_CCM 43
+#define WINPR_CIPHER_AES_192_CCM 44
+#define WINPR_CIPHER_AES_256_CCM 45
+#define WINPR_CIPHER_CAMELLIA_128_CCM 46
+#define WINPR_CIPHER_CAMELLIA_192_CCM 47
+#define WINPR_CIPHER_CAMELLIA_256_CCM 48
+
+struct _OPENSSL_CIPHER_CTX
+{
+ const void* cipher;
+ void* engine;
+ int encrypt;
+ int buf_len;
+ BYTE oiv[16];
+ BYTE iv[16];
+ BYTE buf[32];
+ int num;
+ void* app_data;
+ int key_len;
+ unsigned long flags;
+ void* cipher_data;
+ int final_used;
+ int block_mask;
+ BYTE final[32];
+ BYTE winpr_pad[32];
+};
+typedef struct _OPENSSL_CIPHER_CTX OPENSSL_CIPHER_CTX;
+
+struct _MBEDTLS_CIPHER_CTX
+{
+ const void* cipher_info;
+ int key_bitlen;
+ int operation;
+ void* add_padding;
+ int* get_padding;
+ BYTE unprocessed_data[16];
+ size_t unprocessed_len;
+ BYTE iv[16];
+ size_t iv_size;
+ void* cipher_ctx;
+ BYTE winpr_pad[32];
+};
+typedef struct _MBEDTLS_CIPHER_CTX MBEDTLS_CIPHER_CTX;
+
+union _WINPR_CIPHER_CTX
+{
+ OPENSSL_CIPHER_CTX openssl;
+ MBEDTLS_CIPHER_CTX mbedtls;
+};
+typedef union _WINPR_CIPHER_CTX WINPR_CIPHER_CTX;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+WINPR_API void winpr_Cipher_Init(WINPR_CIPHER_CTX* ctx, int cipher, int op, const BYTE* key, const BYTE* iv);
+WINPR_API int winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen);
+WINPR_API void winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* olen);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WINPR_CRYPTO_H */
#include <openssl/aes.h>
#include <openssl/rc4.h>
#include <openssl/des.h>
+#include <openssl/evp.h>
#endif
#ifdef WITH_MBEDTLS
#include <mbedtls/aes.h>
#include <mbedtls/arc4.h>
#include <mbedtls/des.h>
+#include <mbedtls/cipher.h>
#endif
/**
mbedtls_arc4_free((mbedtls_arc4_context*) ctx);
#endif
}
+
+/**
+ * Generic Cipher API
+ */
+
+#if defined(WITH_OPENSSL)
+const EVP_CIPHER* winpr_openssl_get_evp_cipher(int cipher)
+{
+ const EVP_CIPHER* evp = NULL;
+
+ switch (cipher)
+ {
+ case WINPR_CIPHER_NULL:
+ evp = EVP_enc_null();
+ break;
+
+#ifndef OPENSSL_NO_AES
+ case WINPR_CIPHER_AES_128_ECB:
+ evp = EVP_aes_128_ecb();
+ break;
+
+ case WINPR_CIPHER_AES_192_ECB:
+ evp = EVP_aes_192_ecb();
+ break;
+
+ case WINPR_CIPHER_AES_256_ECB:
+ evp = EVP_aes_256_ecb();
+ break;
+
+ case WINPR_CIPHER_AES_128_CBC:
+ evp = EVP_aes_128_cbc();
+ break;
+
+ case WINPR_CIPHER_AES_192_CBC:
+ evp = EVP_aes_192_cbc();
+ break;
+
+ case WINPR_CIPHER_AES_256_CBC:
+ evp = EVP_aes_256_cbc();
+ break;
+
+ case WINPR_CIPHER_AES_128_CFB128:
+ evp = EVP_aes_128_cfb128();
+ break;
+
+ case WINPR_CIPHER_AES_192_CFB128:
+ evp = EVP_aes_192_cfb128();
+ break;
+
+ case WINPR_CIPHER_AES_256_CFB128:
+ evp = EVP_aes_256_cfb128();
+ break;
+
+ case WINPR_CIPHER_AES_128_CTR:
+ evp = EVP_aes_128_ctr();
+ break;
+
+ case WINPR_CIPHER_AES_192_CTR:
+ evp = EVP_aes_192_ctr();
+ break;
+
+ case WINPR_CIPHER_AES_256_CTR:
+ evp = EVP_aes_256_ctr();
+ break;
+
+ case WINPR_CIPHER_AES_128_GCM:
+ evp = EVP_aes_128_gcm();
+ break;
+
+ case WINPR_CIPHER_AES_192_GCM:
+ evp = EVP_aes_192_gcm();
+ break;
+
+ case WINPR_CIPHER_AES_256_GCM:
+ evp = EVP_aes_256_gcm();
+ break;
+
+ case WINPR_CIPHER_AES_128_CCM:
+ evp = EVP_aes_128_ccm();
+ break;
+
+ case WINPR_CIPHER_AES_192_CCM:
+ evp = EVP_aes_192_ccm();
+ break;
+
+ case WINPR_CIPHER_AES_256_CCM:
+ evp = EVP_aes_256_ccm();
+ break;
+#endif
+
+#ifndef OPENSSL_NO_CAMELLIA
+ case WINPR_CIPHER_CAMELLIA_128_ECB:
+ evp = EVP_camellia_128_ecb();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_ECB:
+ evp = EVP_camellia_192_ecb();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_ECB:
+ evp = EVP_camellia_256_ecb();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_CBC:
+ evp = EVP_camellia_128_cbc();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_CBC:
+ evp = EVP_camellia_192_cbc();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_CBC:
+ evp = EVP_camellia_256_cbc();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_CFB128:
+ evp = EVP_camellia_128_cfb128();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_CFB128:
+ evp = EVP_camellia_192_cfb128();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_CFB128:
+ evp = EVP_camellia_256_cfb128();
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_CTR:
+ case WINPR_CIPHER_CAMELLIA_192_CTR:
+ case WINPR_CIPHER_CAMELLIA_256_CTR:
+ case WINPR_CIPHER_CAMELLIA_128_GCM:
+ case WINPR_CIPHER_CAMELLIA_192_GCM:
+ case WINPR_CIPHER_CAMELLIA_256_GCM:
+ case WINPR_CIPHER_CAMELLIA_128_CCM:
+ case WINPR_CIPHER_CAMELLIA_192_CCM:
+ case WINPR_CIPHER_CAMELLIA_256_CCM:
+ break;
+#endif
+
+#ifndef OPENSSL_NO_DES
+ case WINPR_CIPHER_DES_ECB:
+ evp = EVP_des_ecb();
+ break;
+
+ case WINPR_CIPHER_DES_CBC:
+ evp = EVP_des_cbc();
+ break;
+
+ case WINPR_CIPHER_DES_EDE_ECB:
+ evp = EVP_des_ede_ecb();
+ break;
+
+ case WINPR_CIPHER_DES_EDE_CBC:
+ evp = EVP_des_ede_cbc();
+ break;
+
+ case WINPR_CIPHER_DES_EDE3_ECB:
+ evp = EVP_des_ede3_ecb();
+ break;
+
+ case WINPR_CIPHER_DES_EDE3_CBC:
+ evp = EVP_des_ede3_cbc();
+ break;
+#endif
+
+#ifndef OPENSSL_NO_RC4
+ case WINPR_CIPHER_ARC4_128:
+ evp = EVP_rc4();
+ break;
+#endif
+
+ case WINPR_CIPHER_BLOWFISH_ECB:
+ case WINPR_CIPHER_BLOWFISH_CBC:
+ case WINPR_CIPHER_BLOWFISH_CFB64:
+ case WINPR_CIPHER_BLOWFISH_CTR:
+ break;
+ }
+
+ return evp;
+}
+#elif defined(WITH_MBEDTLS)
+mbedtls_cipher_type_t winpr_mbedtls_get_cipher_type(int cipher)
+{
+ mbedtls_cipher_type_t type = MBEDTLS_CIPHER_NONE;
+
+ switch (cipher)
+ {
+ case WINPR_CIPHER_NONE:
+ type = MBEDTLS_CIPHER_NONE;
+ break;
+
+ case WINPR_CIPHER_NULL:
+ type = MBEDTLS_CIPHER_NULL;
+ break;
+
+ case WINPR_CIPHER_AES_128_ECB:
+ type = MBEDTLS_CIPHER_AES_128_ECB;
+ break;
+
+ case WINPR_CIPHER_AES_192_ECB:
+ type = MBEDTLS_CIPHER_AES_192_ECB;
+ break;
+
+ case WINPR_CIPHER_AES_256_ECB:
+ type = MBEDTLS_CIPHER_AES_256_ECB;
+ break;
+
+ case WINPR_CIPHER_AES_128_CBC:
+ type = MBEDTLS_CIPHER_AES_128_CBC;
+ break;
+
+ case WINPR_CIPHER_AES_192_CBC:
+ type = MBEDTLS_CIPHER_AES_192_CBC;
+ break;
+
+ case WINPR_CIPHER_AES_256_CBC:
+ type = MBEDTLS_CIPHER_AES_256_CBC;
+ break;
+
+ case WINPR_CIPHER_AES_128_CFB128:
+ type = MBEDTLS_CIPHER_AES_128_CFB128;
+ break;
+
+ case WINPR_CIPHER_AES_192_CFB128:
+ type = MBEDTLS_CIPHER_AES_192_CFB128;
+ break;
+
+ case WINPR_CIPHER_AES_256_CFB128:
+ type = MBEDTLS_CIPHER_AES_256_CFB128;
+ break;
+
+ case WINPR_CIPHER_AES_128_CTR:
+ type = MBEDTLS_CIPHER_AES_128_CTR;
+ break;
+
+ case WINPR_CIPHER_AES_192_CTR:
+ type = MBEDTLS_CIPHER_AES_192_CTR;
+ break;
+
+ case WINPR_CIPHER_AES_256_CTR:
+ type = MBEDTLS_CIPHER_AES_256_CTR;
+ break;
+
+ case WINPR_CIPHER_AES_128_GCM:
+ type = MBEDTLS_CIPHER_AES_128_GCM;
+ break;
+
+ case WINPR_CIPHER_AES_192_GCM:
+ type = MBEDTLS_CIPHER_AES_192_GCM;
+ break;
+
+ case WINPR_CIPHER_AES_256_GCM:
+ type = MBEDTLS_CIPHER_AES_256_GCM;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_ECB:
+ type = MBEDTLS_CIPHER_CAMELLIA_128_ECB;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_ECB:
+ type = MBEDTLS_CIPHER_CAMELLIA_192_ECB;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_ECB:
+ type = MBEDTLS_CIPHER_CAMELLIA_256_ECB;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_CBC:
+ type = MBEDTLS_CIPHER_CAMELLIA_128_CBC;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_CBC:
+ type = MBEDTLS_CIPHER_CAMELLIA_192_CBC;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_CBC:
+ type = MBEDTLS_CIPHER_CAMELLIA_256_CBC;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_CFB128:
+ type = MBEDTLS_CIPHER_CAMELLIA_128_CFB128;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_CFB128:
+ type = MBEDTLS_CIPHER_CAMELLIA_192_CFB128;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_CFB128:
+ type = MBEDTLS_CIPHER_CAMELLIA_256_CFB128;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_CTR:
+ type = MBEDTLS_CIPHER_CAMELLIA_128_CTR;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_CTR:
+ type = MBEDTLS_CIPHER_CAMELLIA_192_CTR;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_CTR:
+ type = MBEDTLS_CIPHER_CAMELLIA_256_CTR;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_GCM:
+ type = MBEDTLS_CIPHER_CAMELLIA_128_GCM;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_GCM:
+ type = MBEDTLS_CIPHER_CAMELLIA_192_GCM;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_GCM:
+ type = MBEDTLS_CIPHER_CAMELLIA_256_GCM;
+ break;
+
+ case WINPR_CIPHER_DES_ECB:
+ type = MBEDTLS_CIPHER_DES_ECB;
+ break;
+
+ case WINPR_CIPHER_DES_CBC:
+ type = MBEDTLS_CIPHER_DES_CBC;
+ break;
+
+ case WINPR_CIPHER_DES_EDE_ECB:
+ type = MBEDTLS_CIPHER_DES_EDE_ECB;
+ break;
+
+ case WINPR_CIPHER_DES_EDE_CBC:
+ type = MBEDTLS_CIPHER_DES_EDE_CBC;
+ break;
+
+ case WINPR_CIPHER_DES_EDE3_ECB:
+ type = MBEDTLS_CIPHER_DES_EDE3_ECB;
+ break;
+
+ case WINPR_CIPHER_DES_EDE3_CBC:
+ type = MBEDTLS_CIPHER_DES_EDE3_CBC;
+ break;
+
+ case WINPR_CIPHER_BLOWFISH_ECB:
+ type = MBEDTLS_CIPHER_BLOWFISH_ECB;
+ break;
+
+ case WINPR_CIPHER_BLOWFISH_CBC:
+ type = MBEDTLS_CIPHER_BLOWFISH_CBC;
+ break;
+
+ case WINPR_CIPHER_BLOWFISH_CFB64:
+ type = MBEDTLS_CIPHER_BLOWFISH_CFB64;
+ break;
+
+ case WINPR_CIPHER_BLOWFISH_CTR:
+ type = MBEDTLS_CIPHER_BLOWFISH_CTR;
+ break;
+
+ case WINPR_CIPHER_ARC4_128:
+ type = MBEDTLS_CIPHER_ARC4_128;
+ break;
+
+ case WINPR_CIPHER_AES_128_CCM:
+ type = MBEDTLS_CIPHER_AES_128_CCM;
+ break;
+
+ case WINPR_CIPHER_AES_192_CCM:
+ type = MBEDTLS_CIPHER_AES_192_CCM;
+ break;
+
+ case WINPR_CIPHER_AES_256_CCM:
+ type = MBEDTLS_CIPHER_AES_256_CCM;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_128_CCM:
+ type = MBEDTLS_CIPHER_CAMELLIA_128_CCM;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_192_CCM:
+ type = MBEDTLS_CIPHER_CAMELLIA_192_CCM;
+ break;
+
+ case WINPR_CIPHER_CAMELLIA_256_CCM:
+ type = MBEDTLS_CIPHER_CAMELLIA_256_CCM;
+ break;
+ }
+
+ return type;
+}
+#endif
+
+void winpr_Cipher_Init(WINPR_CIPHER_CTX* ctx, int cipher, int op, const BYTE* key, const BYTE* iv)
+{
+#if defined(WITH_OPENSSL)
+ int operation;
+ const EVP_CIPHER* evp;
+ evp = winpr_openssl_get_evp_cipher(cipher);
+ operation = (op == WINPR_ENCRYPT) ? 1 : 0;
+ EVP_CIPHER_CTX_init((EVP_CIPHER_CTX*) ctx);
+ EVP_CipherInit_ex((EVP_CIPHER_CTX*) ctx, evp, NULL, key, iv, operation);
+#elif defined(WITH_MBEDTLS)
+ int key_bitlen;
+ mbedtls_operation_t operation;
+ mbedtls_cipher_type_t cipher_type;
+ const mbedtls_cipher_info_t* cipher_info;
+ cipher_type = winpr_mbedtls_get_cipher_type(cipher);
+ cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+ operation = (op == WINPR_ENCRYPT) ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT;
+ mbedtls_cipher_init((mbedtls_cipher_context_t*) ctx);
+ mbedtls_cipher_setup((mbedtls_cipher_context_t*) ctx, cipher_info);
+ key_bitlen = mbedtls_cipher_get_key_bitlen((mbedtls_cipher_context_t*) ctx);
+ mbedtls_cipher_setkey((mbedtls_cipher_context_t*) ctx, key, key_bitlen, operation);
+#endif
+}
+
+int winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen)
+{
+#if defined(WITH_OPENSSL)
+ int outl = (int) *olen;
+ EVP_CipherUpdate((EVP_CIPHER_CTX*) ctx, output, &outl, input, ilen);
+ *olen = (size_t) outl;
+#elif defined(WITH_MBEDTLS)
+ mbedtls_cipher_update((mbedtls_cipher_context_t*) ctx, input, ilen, output, olen);
+#endif
+ return 0;
+}
+
+void winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* olen)
+{
+#if defined(WITH_OPENSSL)
+ int outl = (int) *olen;
+ EVP_CipherFinal_ex((EVP_CIPHER_CTX*) ctx, output, &outl);
+ EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX*) ctx);
+ *olen = (size_t) outl;
+#elif defined(WITH_MBEDTLS)
+ mbedtls_cipher_finish((mbedtls_cipher_context_t*) ctx, output, olen);
+ mbedtls_cipher_free((mbedtls_cipher_context_t*) ctx);
+#endif
+}
#include "crypto.h"
#include <winpr/crt.h>
+#include <winpr/crypto.h>
#include <winpr/collections.h>
+#ifdef WITH_OPENSSL
+#include <openssl/evp.h>
+#include <openssl/aes.h>
+#endif
+
static wListDictionary* g_ProtectedMemoryBlocks = NULL;
BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
{
-#ifdef WITH_OPENSSL
BYTE* pCipherText;
- int cbOut, cbFinal;
+ size_t cbOut, cbFinal;
+ WINPR_CIPHER_CTX enc;
BYTE randomKey[256];
WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;
pMemBlock->cbData = cbData;
pMemBlock->dwFlags = dwFlags;
- /* AES Initialization */
+ winpr_RAND(pMemBlock->salt, 8);
+ winpr_RAND(randomKey, sizeof(randomKey));
- RAND_bytes(pMemBlock->salt, 8);
- RAND_bytes(randomKey, sizeof(randomKey));
-
- EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(),
- pMemBlock->salt,
- randomKey, sizeof(randomKey),
- 4, pMemBlock->key, pMemBlock->iv);
+#ifdef WITH_OPENSSL
+ EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), pMemBlock->salt,
+ randomKey, sizeof(randomKey), 4, pMemBlock->key, pMemBlock->iv);
+#endif
SecureZeroMemory(randomKey, sizeof(randomKey));
- EVP_CIPHER_CTX_init(&(pMemBlock->enc));
- EVP_EncryptInit_ex(&(pMemBlock->enc), EVP_aes_256_cbc(), NULL, pMemBlock->key, pMemBlock->iv);
-
- EVP_CIPHER_CTX_init(&(pMemBlock->dec));
- EVP_DecryptInit_ex(&(pMemBlock->dec), EVP_aes_256_cbc(), NULL, pMemBlock->key, pMemBlock->iv);
-
- /* AES Encryption */
-
- cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
+ cbOut = pMemBlock->cbData + 16 - 1;
pCipherText = (BYTE*) malloc(cbOut);
if (!pCipherText)
return FALSE;
}
- EVP_EncryptInit_ex(&(pMemBlock->enc), NULL, NULL, NULL, NULL);
- EVP_EncryptUpdate(&(pMemBlock->enc), pCipherText, &cbOut, pMemBlock->pData, pMemBlock->cbData);
- EVP_EncryptFinal_ex(&(pMemBlock->enc), pCipherText + cbOut, &cbFinal);
+ winpr_Cipher_Init(&enc, WINPR_CIPHER_AES_256_CBC, WINPR_ENCRYPT, pMemBlock->key, pMemBlock->iv);
+ winpr_Cipher_Update(&enc, pMemBlock->pData, pMemBlock->cbData, pCipherText, &cbOut);
+ winpr_Cipher_Final(&enc, pCipherText + cbOut, &cbFinal);
CopyMemory(pMemBlock->pData, pCipherText, pMemBlock->cbData);
free(pCipherText);
return ListDictionary_Add(g_ProtectedMemoryBlocks, pData, pMemBlock);
-#else
- return TRUE;
-#endif
}
BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
{
-#ifdef WITH_OPENSSL
BYTE* pPlainText;
- int cbOut, cbFinal;
+ size_t cbOut, cbFinal;
+ WINPR_CIPHER_CTX dec;
WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;
if (dwFlags != CRYPTPROTECTMEMORY_SAME_PROCESS)
if (!pMemBlock)
return FALSE;
- /* AES Decryption */
-
- cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
+ cbOut = pMemBlock->cbData + 16 - 1;
pPlainText = (BYTE*) malloc(cbOut);
if (!pPlainText)
return FALSE;
- EVP_DecryptInit_ex(&(pMemBlock->dec), NULL, NULL, NULL, NULL);
- EVP_DecryptUpdate(&(pMemBlock->dec), pPlainText, &cbOut, pMemBlock->pData, pMemBlock->cbData);
- EVP_DecryptFinal_ex(&(pMemBlock->dec), pPlainText + cbOut, &cbFinal);
+ winpr_Cipher_Init(&dec, WINPR_CIPHER_AES_256_CBC, WINPR_DECRYPT, pMemBlock->key, pMemBlock->iv);
+ winpr_Cipher_Update(&dec, pMemBlock->pData, pMemBlock->cbData, pPlainText, &cbOut);
+ winpr_Cipher_Final(&dec, pPlainText + cbOut, &cbFinal);
CopyMemory(pMemBlock->pData, pPlainText, pMemBlock->cbData);
SecureZeroMemory(pPlainText, pMemBlock->cbData);
ListDictionary_Remove(g_ProtectedMemoryBlocks, pData);
- /* AES Cleanup */
-
- EVP_CIPHER_CTX_cleanup(&(pMemBlock->enc));
- EVP_CIPHER_CTX_cleanup(&(pMemBlock->dec));
-
free(pMemBlock);
return TRUE;
-#else
- return TRUE;
-#endif
}
BOOL CryptProtectData(DATA_BLOB* pDataIn, LPCWSTR szDataDescr, DATA_BLOB* pOptionalEntropy,