libwinpr-crypto: add generic cipher API with OpenSSL/mbedtls support

author Marc-André Moreau <marcandre.moreau@gmail.com>

Fri, 9 Oct 2015 16:15:31 +0000 (12:15 -0400)

committer Marc-André Moreau <marcandre.moreau@gmail.com>

Fri, 9 Oct 2015 16:15:31 +0000 (12:15 -0400)
author Marc-André Moreau <marcandre.moreau@gmail.com>
Fri, 9 Oct 2015 16:15:31 +0000 (12:15 -0400)
committer Marc-André Moreau <marcandre.moreau@gmail.com>
Fri, 9 Oct 2015 16:15:31 +0000 (12:15 -0400)
diff --git a/winpr/include/winpr/crypto.h b/winpr/include/winpr/crypto.h

index 1ac44b0..e24a9dd 100644 (file)
--- a/winpr/include/winpr/crypto.h
+++ b/winpr/include/winpr/crypto.h
@@ -854,5 +854,119 @@ WINPR_API void winpr_RC4_Final(WINPR_RC4_CTX* ctx);
  }
  #endif
  
-#endif /* WINPR_CRYPTO_H */
+/**
+ * Generic Cipher API
+ */
+
+/* cipher operation types */
+#define WINPR_ENCRYPT                          0
+#define WINPR_DECRYPT                          1
+
+/* cipher types */
+#define WINPR_CIPHER_NONE                      0
+#define WINPR_CIPHER_NULL                      1
+#define WINPR_CIPHER_AES_128_ECB               2
+#define WINPR_CIPHER_AES_192_ECB               3
+#define WINPR_CIPHER_AES_256_ECB               4
+#define WINPR_CIPHER_AES_128_CBC               5
+#define WINPR_CIPHER_AES_192_CBC               6
+#define WINPR_CIPHER_AES_256_CBC               7
+#define WINPR_CIPHER_AES_128_CFB128            8
+#define WINPR_CIPHER_AES_192_CFB128            9
+#define WINPR_CIPHER_AES_256_CFB128            10
+#define WINPR_CIPHER_AES_128_CTR               11
+#define WINPR_CIPHER_AES_192_CTR               12
+#define WINPR_CIPHER_AES_256_CTR               13
+#define WINPR_CIPHER_AES_128_GCM               14
+#define WINPR_CIPHER_AES_192_GCM               15
+#define WINPR_CIPHER_AES_256_GCM               16
+#define WINPR_CIPHER_CAMELLIA_128_ECB          17
+#define WINPR_CIPHER_CAMELLIA_192_ECB          18
+#define WINPR_CIPHER_CAMELLIA_256_ECB          19
+#define WINPR_CIPHER_CAMELLIA_128_CBC          20
+#define WINPR_CIPHER_CAMELLIA_192_CBC          21
+#define WINPR_CIPHER_CAMELLIA_256_CBC          22
+#define WINPR_CIPHER_CAMELLIA_128_CFB128       23
+#define WINPR_CIPHER_CAMELLIA_192_CFB128       24
+#define WINPR_CIPHER_CAMELLIA_256_CFB128       25
+#define WINPR_CIPHER_CAMELLIA_128_CTR          26
+#define WINPR_CIPHER_CAMELLIA_192_CTR          27
+#define WINPR_CIPHER_CAMELLIA_256_CTR          28
+#define WINPR_CIPHER_CAMELLIA_128_GCM          29
+#define WINPR_CIPHER_CAMELLIA_192_GCM          30
+#define WINPR_CIPHER_CAMELLIA_256_GCM          31
+#define WINPR_CIPHER_DES_ECB                   32
+#define WINPR_CIPHER_DES_CBC                   33
+#define WINPR_CIPHER_DES_EDE_ECB               34
+#define WINPR_CIPHER_DES_EDE_CBC               35
+#define WINPR_CIPHER_DES_EDE3_ECB              36
+#define WINPR_CIPHER_DES_EDE3_CBC              37
+#define WINPR_CIPHER_BLOWFISH_ECB              38
+#define WINPR_CIPHER_BLOWFISH_CBC              39
+#define WINPR_CIPHER_BLOWFISH_CFB64            40
+#define WINPR_CIPHER_BLOWFISH_CTR              41
+#define WINPR_CIPHER_ARC4_128                  42
+#define WINPR_CIPHER_AES_128_CCM               43
+#define WINPR_CIPHER_AES_192_CCM               44
+#define WINPR_CIPHER_AES_256_CCM               45
+#define WINPR_CIPHER_CAMELLIA_128_CCM          46
+#define WINPR_CIPHER_CAMELLIA_192_CCM          47
+#define WINPR_CIPHER_CAMELLIA_256_CCM          48
+
+struct _OPENSSL_CIPHER_CTX
+{
+       const void* cipher;
+       void* engine;
+       int encrypt;
+       int buf_len;
+       BYTE oiv[16];
+       BYTE iv[16];
+       BYTE buf[32];
+       int num;
+       void* app_data;
+       int key_len;
+       unsigned long flags;
+       void* cipher_data;
+       int final_used;
+       int block_mask;
+       BYTE final[32];
+       BYTE winpr_pad[32];
+};
+typedef struct _OPENSSL_CIPHER_CTX OPENSSL_CIPHER_CTX;
+
+struct _MBEDTLS_CIPHER_CTX
+{
+       const void* cipher_info;
+       int key_bitlen;
+       int operation;
+       void* add_padding;
+       int* get_padding;
+       BYTE unprocessed_data[16];
+       size_t unprocessed_len;
+       BYTE iv[16];
+       size_t iv_size;
+       void* cipher_ctx;
+       BYTE winpr_pad[32];
+};
+typedef struct _MBEDTLS_CIPHER_CTX MBEDTLS_CIPHER_CTX;
+
+union _WINPR_CIPHER_CTX
+{
+       OPENSSL_CIPHER_CTX openssl;
+       MBEDTLS_CIPHER_CTX mbedtls;
+};
+typedef union _WINPR_CIPHER_CTX WINPR_CIPHER_CTX;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
  
+WINPR_API void winpr_Cipher_Init(WINPR_CIPHER_CTX* ctx, int cipher, int op, const BYTE* key, const BYTE* iv);
+WINPR_API int winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen);
+WINPR_API void winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* olen);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WINPR_CRYPTO_H */
diff --git a/winpr/libwinpr/crypto/cipher.c b/winpr/libwinpr/crypto/cipher.c

index ea77634..3194e42 100644 (file)
--- a/winpr/libwinpr/crypto/cipher.c
+++ b/winpr/libwinpr/crypto/cipher.c
@@ -28,12 +28,14 @@
  #include <openssl/aes.h>
  #include <openssl/rc4.h>
  #include <openssl/des.h>
+#include <openssl/evp.h>
  #endif
  
  #ifdef WITH_MBEDTLS
  #include <mbedtls/aes.h>
  #include <mbedtls/arc4.h>
  #include <mbedtls/des.h>
+#include <mbedtls/cipher.h>
  #endif
  
  /**
@@ -68,3 +70,439 @@ void winpr_RC4_Final(WINPR_RC4_CTX* ctx)
         mbedtls_arc4_free((mbedtls_arc4_context*) ctx);
  #endif
  }
+
+/**
+ * Generic Cipher API
+ */
+
+#if defined(WITH_OPENSSL)
+const EVP_CIPHER* winpr_openssl_get_evp_cipher(int cipher)
+{
+       const EVP_CIPHER* evp = NULL;
+
+       switch (cipher)
+       {
+               case WINPR_CIPHER_NULL:
+                       evp = EVP_enc_null();
+                       break;
+
+#ifndef OPENSSL_NO_AES
+               case WINPR_CIPHER_AES_128_ECB:
+                       evp = EVP_aes_128_ecb();
+                       break;
+
+               case WINPR_CIPHER_AES_192_ECB:
+                       evp = EVP_aes_192_ecb();
+                       break;
+
+               case WINPR_CIPHER_AES_256_ECB:
+                       evp = EVP_aes_256_ecb();
+                       break;
+
+               case WINPR_CIPHER_AES_128_CBC:
+                       evp = EVP_aes_128_cbc();
+                       break;
+
+               case WINPR_CIPHER_AES_192_CBC:
+                       evp = EVP_aes_192_cbc();
+                       break;
+
+               case WINPR_CIPHER_AES_256_CBC:
+                       evp = EVP_aes_256_cbc();
+                       break;
+
+               case WINPR_CIPHER_AES_128_CFB128:
+                       evp = EVP_aes_128_cfb128();
+                       break;
+
+               case WINPR_CIPHER_AES_192_CFB128:
+                       evp = EVP_aes_192_cfb128();
+                       break;
+
+               case WINPR_CIPHER_AES_256_CFB128:
+                       evp = EVP_aes_256_cfb128();
+                       break;
+
+               case WINPR_CIPHER_AES_128_CTR:
+                       evp = EVP_aes_128_ctr();
+                       break;
+
+               case WINPR_CIPHER_AES_192_CTR:
+                       evp = EVP_aes_192_ctr();
+                       break;
+
+               case WINPR_CIPHER_AES_256_CTR:
+                       evp = EVP_aes_256_ctr();
+                       break;
+
+               case WINPR_CIPHER_AES_128_GCM:
+                       evp = EVP_aes_128_gcm();
+                       break;
+
+               case WINPR_CIPHER_AES_192_GCM:
+                       evp = EVP_aes_192_gcm();
+                       break;
+
+               case WINPR_CIPHER_AES_256_GCM:
+                       evp = EVP_aes_256_gcm();
+                       break;
+
+               case WINPR_CIPHER_AES_128_CCM:
+                       evp = EVP_aes_128_ccm();
+                       break;
+
+               case WINPR_CIPHER_AES_192_CCM:
+                       evp = EVP_aes_192_ccm();
+                       break;
+
+               case WINPR_CIPHER_AES_256_CCM:
+                       evp = EVP_aes_256_ccm();
+                       break;
+#endif
+
+#ifndef OPENSSL_NO_CAMELLIA
+               case WINPR_CIPHER_CAMELLIA_128_ECB:
+                       evp = EVP_camellia_128_ecb();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_ECB:
+                       evp = EVP_camellia_192_ecb();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_ECB:
+                       evp = EVP_camellia_256_ecb();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_CBC:
+                       evp = EVP_camellia_128_cbc();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_CBC:
+                       evp = EVP_camellia_192_cbc();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_CBC:
+                       evp = EVP_camellia_256_cbc();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_CFB128:
+                       evp = EVP_camellia_128_cfb128();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_CFB128:
+                       evp = EVP_camellia_192_cfb128();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_CFB128:
+                       evp = EVP_camellia_256_cfb128();
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_CTR:
+               case WINPR_CIPHER_CAMELLIA_192_CTR:
+               case WINPR_CIPHER_CAMELLIA_256_CTR:
+               case WINPR_CIPHER_CAMELLIA_128_GCM:
+               case WINPR_CIPHER_CAMELLIA_192_GCM:
+               case WINPR_CIPHER_CAMELLIA_256_GCM:
+               case WINPR_CIPHER_CAMELLIA_128_CCM:
+               case WINPR_CIPHER_CAMELLIA_192_CCM:
+               case WINPR_CIPHER_CAMELLIA_256_CCM:
+                       break;
+#endif
+
+#ifndef OPENSSL_NO_DES
+               case WINPR_CIPHER_DES_ECB:
+                       evp = EVP_des_ecb();
+                       break;
+
+               case WINPR_CIPHER_DES_CBC:
+                       evp = EVP_des_cbc();
+                       break;
+
+               case WINPR_CIPHER_DES_EDE_ECB:
+                       evp = EVP_des_ede_ecb();
+                       break;
+
+               case WINPR_CIPHER_DES_EDE_CBC:
+                       evp = EVP_des_ede_cbc();
+                       break;
+
+               case WINPR_CIPHER_DES_EDE3_ECB:
+                       evp = EVP_des_ede3_ecb();
+                       break;
+
+               case WINPR_CIPHER_DES_EDE3_CBC:
+                       evp = EVP_des_ede3_cbc();
+                       break;
+#endif
+
+#ifndef OPENSSL_NO_RC4
+               case WINPR_CIPHER_ARC4_128:
+                       evp = EVP_rc4();
+                       break;
+#endif
+
+               case WINPR_CIPHER_BLOWFISH_ECB:
+               case WINPR_CIPHER_BLOWFISH_CBC:
+               case WINPR_CIPHER_BLOWFISH_CFB64:
+               case WINPR_CIPHER_BLOWFISH_CTR:
+                       break;
+       }
+
+       return evp;
+}
+#elif defined(WITH_MBEDTLS)
+mbedtls_cipher_type_t winpr_mbedtls_get_cipher_type(int cipher)
+{
+       mbedtls_cipher_type_t type = MBEDTLS_CIPHER_NONE;
+
+       switch (cipher)
+       {
+               case WINPR_CIPHER_NONE:
+                       type = MBEDTLS_CIPHER_NONE;
+                       break;
+
+               case WINPR_CIPHER_NULL:
+                       type = MBEDTLS_CIPHER_NULL;
+                       break;
+
+               case WINPR_CIPHER_AES_128_ECB:
+                       type = MBEDTLS_CIPHER_AES_128_ECB;
+                       break;
+
+               case WINPR_CIPHER_AES_192_ECB:
+                       type = MBEDTLS_CIPHER_AES_192_ECB;
+                       break;
+
+               case WINPR_CIPHER_AES_256_ECB:
+                       type = MBEDTLS_CIPHER_AES_256_ECB;
+                       break;
+
+               case WINPR_CIPHER_AES_128_CBC:
+                       type = MBEDTLS_CIPHER_AES_128_CBC;
+                       break;
+
+               case WINPR_CIPHER_AES_192_CBC:
+                       type = MBEDTLS_CIPHER_AES_192_CBC;
+                       break;
+
+               case WINPR_CIPHER_AES_256_CBC:
+                       type = MBEDTLS_CIPHER_AES_256_CBC;
+                       break;
+
+               case WINPR_CIPHER_AES_128_CFB128:
+                       type = MBEDTLS_CIPHER_AES_128_CFB128;
+                       break;
+
+               case WINPR_CIPHER_AES_192_CFB128:
+                       type = MBEDTLS_CIPHER_AES_192_CFB128;
+                       break;
+
+               case WINPR_CIPHER_AES_256_CFB128:
+                       type = MBEDTLS_CIPHER_AES_256_CFB128;
+                       break;
+
+               case WINPR_CIPHER_AES_128_CTR:
+                       type = MBEDTLS_CIPHER_AES_128_CTR;
+                       break;
+
+               case WINPR_CIPHER_AES_192_CTR:
+                       type = MBEDTLS_CIPHER_AES_192_CTR;
+                       break;
+
+               case WINPR_CIPHER_AES_256_CTR:
+                       type = MBEDTLS_CIPHER_AES_256_CTR;
+                       break;
+
+               case WINPR_CIPHER_AES_128_GCM:
+                       type = MBEDTLS_CIPHER_AES_128_GCM;
+                       break;
+
+               case WINPR_CIPHER_AES_192_GCM:
+                       type = MBEDTLS_CIPHER_AES_192_GCM;
+                       break;
+
+               case WINPR_CIPHER_AES_256_GCM:
+                       type = MBEDTLS_CIPHER_AES_256_GCM;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_ECB:
+                       type = MBEDTLS_CIPHER_CAMELLIA_128_ECB;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_ECB:
+                       type = MBEDTLS_CIPHER_CAMELLIA_192_ECB;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_ECB:
+                       type = MBEDTLS_CIPHER_CAMELLIA_256_ECB;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_CBC:
+                       type = MBEDTLS_CIPHER_CAMELLIA_128_CBC;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_CBC:
+                       type = MBEDTLS_CIPHER_CAMELLIA_192_CBC;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_CBC:
+                       type = MBEDTLS_CIPHER_CAMELLIA_256_CBC;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_CFB128:
+                       type = MBEDTLS_CIPHER_CAMELLIA_128_CFB128;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_CFB128:
+                       type = MBEDTLS_CIPHER_CAMELLIA_192_CFB128;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_CFB128:
+                       type = MBEDTLS_CIPHER_CAMELLIA_256_CFB128;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_CTR:
+                       type = MBEDTLS_CIPHER_CAMELLIA_128_CTR;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_CTR:
+                       type = MBEDTLS_CIPHER_CAMELLIA_192_CTR;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_CTR:
+                       type = MBEDTLS_CIPHER_CAMELLIA_256_CTR;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_GCM:
+                       type = MBEDTLS_CIPHER_CAMELLIA_128_GCM;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_GCM:
+                       type = MBEDTLS_CIPHER_CAMELLIA_192_GCM;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_GCM:
+                       type = MBEDTLS_CIPHER_CAMELLIA_256_GCM;
+                       break;
+
+               case WINPR_CIPHER_DES_ECB:
+                       type = MBEDTLS_CIPHER_DES_ECB;
+                       break;
+
+               case WINPR_CIPHER_DES_CBC:
+                       type = MBEDTLS_CIPHER_DES_CBC;
+                       break;
+
+               case WINPR_CIPHER_DES_EDE_ECB:
+                       type = MBEDTLS_CIPHER_DES_EDE_ECB;
+                       break;
+
+               case WINPR_CIPHER_DES_EDE_CBC:
+                       type = MBEDTLS_CIPHER_DES_EDE_CBC;
+                       break;
+
+               case WINPR_CIPHER_DES_EDE3_ECB:
+                       type = MBEDTLS_CIPHER_DES_EDE3_ECB;
+                       break;
+
+               case WINPR_CIPHER_DES_EDE3_CBC:
+                       type = MBEDTLS_CIPHER_DES_EDE3_CBC;
+                       break;
+
+               case WINPR_CIPHER_BLOWFISH_ECB:
+                       type = MBEDTLS_CIPHER_BLOWFISH_ECB;
+                       break;
+
+               case WINPR_CIPHER_BLOWFISH_CBC:
+                       type = MBEDTLS_CIPHER_BLOWFISH_CBC;
+                       break;
+
+               case WINPR_CIPHER_BLOWFISH_CFB64:
+                       type = MBEDTLS_CIPHER_BLOWFISH_CFB64;
+                       break;
+
+               case WINPR_CIPHER_BLOWFISH_CTR:
+                       type = MBEDTLS_CIPHER_BLOWFISH_CTR;
+                       break;
+
+               case WINPR_CIPHER_ARC4_128:
+                       type = MBEDTLS_CIPHER_ARC4_128;
+                       break;
+
+               case WINPR_CIPHER_AES_128_CCM:
+                       type = MBEDTLS_CIPHER_AES_128_CCM;
+                       break;
+
+               case WINPR_CIPHER_AES_192_CCM:
+                       type = MBEDTLS_CIPHER_AES_192_CCM;
+                       break;
+
+               case WINPR_CIPHER_AES_256_CCM:
+                       type = MBEDTLS_CIPHER_AES_256_CCM;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_128_CCM:
+                       type = MBEDTLS_CIPHER_CAMELLIA_128_CCM;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_192_CCM:
+                       type = MBEDTLS_CIPHER_CAMELLIA_192_CCM;
+                       break;
+
+               case WINPR_CIPHER_CAMELLIA_256_CCM:
+                       type = MBEDTLS_CIPHER_CAMELLIA_256_CCM;
+                       break;
+       }
+
+       return type;
+}
+#endif
+
+void winpr_Cipher_Init(WINPR_CIPHER_CTX* ctx, int cipher, int op, const BYTE* key, const BYTE* iv)
+{
+#if defined(WITH_OPENSSL)
+       int operation;
+       const EVP_CIPHER* evp;
+       evp = winpr_openssl_get_evp_cipher(cipher);
+       operation = (op == WINPR_ENCRYPT) ? 1 : 0;
+       EVP_CIPHER_CTX_init((EVP_CIPHER_CTX*) ctx);
+       EVP_CipherInit_ex((EVP_CIPHER_CTX*) ctx, evp, NULL, key, iv, operation);
+#elif defined(WITH_MBEDTLS)
+       int key_bitlen;
+       mbedtls_operation_t operation;
+       mbedtls_cipher_type_t cipher_type;
+       const mbedtls_cipher_info_t* cipher_info;
+       cipher_type = winpr_mbedtls_get_cipher_type(cipher);
+       cipher_info = mbedtls_cipher_info_from_type(cipher_type);
+       operation = (op == WINPR_ENCRYPT) ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT;
+       mbedtls_cipher_init((mbedtls_cipher_context_t*) ctx);
+       mbedtls_cipher_setup((mbedtls_cipher_context_t*) ctx, cipher_info);
+       key_bitlen = mbedtls_cipher_get_key_bitlen((mbedtls_cipher_context_t*) ctx);
+       mbedtls_cipher_setkey((mbedtls_cipher_context_t*) ctx, key, key_bitlen, operation);
+#endif
+}
+
+int winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen)
+{
+#if defined(WITH_OPENSSL)
+       int outl = (int) *olen;
+       EVP_CipherUpdate((EVP_CIPHER_CTX*) ctx, output, &outl, input, ilen);
+       *olen = (size_t) outl;
+#elif defined(WITH_MBEDTLS)
+       mbedtls_cipher_update((mbedtls_cipher_context_t*) ctx, input, ilen, output, olen);
+#endif
+       return 0;
+}
+
+void winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* olen)
+{
+#if defined(WITH_OPENSSL)
+       int outl = (int) *olen;
+       EVP_CipherFinal_ex((EVP_CIPHER_CTX*) ctx, output, &outl);
+       EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX*) ctx);
+       *olen = (size_t) outl;
+#elif defined(WITH_MBEDTLS)
+       mbedtls_cipher_finish((mbedtls_cipher_context_t*) ctx, output, olen);
+       mbedtls_cipher_free((mbedtls_cipher_context_t*) ctx);
+#endif
+}
diff --git a/winpr/libwinpr/crypto/crypto.c b/winpr/libwinpr/crypto/crypto.c

index 6721111..6c692af 100644 (file)
--- a/winpr/libwinpr/crypto/crypto.c
+++ b/winpr/libwinpr/crypto/crypto.c
@@ -141,15 +141,21 @@
  #include "crypto.h"
  
  #include <winpr/crt.h>
+#include <winpr/crypto.h>
  #include <winpr/collections.h>
  
+#ifdef WITH_OPENSSL
+#include <openssl/evp.h>
+#include <openssl/aes.h>
+#endif
+
  static wListDictionary* g_ProtectedMemoryBlocks = NULL;
  
  BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
  {
-#ifdef WITH_OPENSSL
         BYTE* pCipherText;
-       int cbOut, cbFinal;
+       size_t cbOut, cbFinal;
+       WINPR_CIPHER_CTX enc;
         BYTE randomKey[256];
         WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;
  
@@ -172,27 +178,17 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
         pMemBlock->cbData = cbData;
         pMemBlock->dwFlags = dwFlags;
  
-       /* AES Initialization */
+       winpr_RAND(pMemBlock->salt, 8);
+       winpr_RAND(randomKey, sizeof(randomKey));
  
-       RAND_bytes(pMemBlock->salt, 8);
-       RAND_bytes(randomKey, sizeof(randomKey));
-
-       EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(),
-                       pMemBlock->salt,
-                       randomKey, sizeof(randomKey),
-                       4, pMemBlock->key, pMemBlock->iv);
+#ifdef WITH_OPENSSL
+       EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), pMemBlock->salt,
+                       randomKey, sizeof(randomKey), 4, pMemBlock->key, pMemBlock->iv);
+#endif
  
         SecureZeroMemory(randomKey, sizeof(randomKey));
  
-       EVP_CIPHER_CTX_init(&(pMemBlock->enc));
-       EVP_EncryptInit_ex(&(pMemBlock->enc), EVP_aes_256_cbc(), NULL, pMemBlock->key, pMemBlock->iv);
-
-       EVP_CIPHER_CTX_init(&(pMemBlock->dec));
-       EVP_DecryptInit_ex(&(pMemBlock->dec), EVP_aes_256_cbc(), NULL, pMemBlock->key, pMemBlock->iv);
-
-       /* AES Encryption */
-
-       cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
+       cbOut = pMemBlock->cbData + 16 - 1;
         pCipherText = (BYTE*) malloc(cbOut);
  
         if (!pCipherText)
@@ -201,24 +197,21 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
                 return FALSE;
         }
  
-       EVP_EncryptInit_ex(&(pMemBlock->enc), NULL, NULL, NULL, NULL);
-       EVP_EncryptUpdate(&(pMemBlock->enc), pCipherText, &cbOut, pMemBlock->pData, pMemBlock->cbData);
-       EVP_EncryptFinal_ex(&(pMemBlock->enc), pCipherText + cbOut, &cbFinal);
+       winpr_Cipher_Init(&enc, WINPR_CIPHER_AES_256_CBC, WINPR_ENCRYPT, pMemBlock->key, pMemBlock->iv);
+       winpr_Cipher_Update(&enc, pMemBlock->pData, pMemBlock->cbData, pCipherText, &cbOut);
+       winpr_Cipher_Final(&enc, pCipherText + cbOut, &cbFinal);
  
         CopyMemory(pMemBlock->pData, pCipherText, pMemBlock->cbData);
         free(pCipherText);
  
         return ListDictionary_Add(g_ProtectedMemoryBlocks, pData, pMemBlock);
-#else
-       return TRUE;
-#endif
  }
  
  BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
  {
-#ifdef WITH_OPENSSL
         BYTE* pPlainText;
-       int cbOut, cbFinal;
+       size_t cbOut, cbFinal;
+       WINPR_CIPHER_CTX dec;
         WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;
  
         if (dwFlags != CRYPTPROTECTMEMORY_SAME_PROCESS)
@@ -232,18 +225,16 @@ BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
         if (!pMemBlock)
                 return FALSE;
  
-       /* AES Decryption */
-
-       cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
+       cbOut = pMemBlock->cbData + 16 - 1;
  
         pPlainText = (BYTE*) malloc(cbOut);
  
         if (!pPlainText)
                 return FALSE;
  
-       EVP_DecryptInit_ex(&(pMemBlock->dec), NULL, NULL, NULL, NULL);
-       EVP_DecryptUpdate(&(pMemBlock->dec), pPlainText, &cbOut, pMemBlock->pData, pMemBlock->cbData);
-       EVP_DecryptFinal_ex(&(pMemBlock->dec), pPlainText + cbOut, &cbFinal);
+       winpr_Cipher_Init(&dec, WINPR_CIPHER_AES_256_CBC, WINPR_DECRYPT, pMemBlock->key, pMemBlock->iv);
+       winpr_Cipher_Update(&dec, pMemBlock->pData, pMemBlock->cbData, pPlainText, &cbOut);
+       winpr_Cipher_Final(&dec, pPlainText + cbOut, &cbFinal);
  
         CopyMemory(pMemBlock->pData, pPlainText, pMemBlock->cbData);
         SecureZeroMemory(pPlainText, pMemBlock->cbData);
@@ -251,17 +242,9 @@ BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
  
         ListDictionary_Remove(g_ProtectedMemoryBlocks, pData);
  
-       /* AES Cleanup */
-
-       EVP_CIPHER_CTX_cleanup(&(pMemBlock->enc));
-       EVP_CIPHER_CTX_cleanup(&(pMemBlock->dec));
-
         free(pMemBlock);
  
         return TRUE;
-#else
-       return TRUE;
-#endif
  }
  
  BOOL CryptProtectData(DATA_BLOB* pDataIn, LPCWSTR szDataDescr, DATA_BLOB* pOptionalEntropy,
diff --git a/winpr/libwinpr/crypto/crypto.h b/winpr/libwinpr/crypto/crypto.h

index 182efac..ddf1c38 100644 (file)
--- a/winpr/libwinpr/crypto/crypto.h
+++ b/winpr/libwinpr/crypto/crypto.h
@@ -22,12 +22,6 @@
  
  #ifndef _WIN32
  
-#ifdef WITH_OPENSSL
-
-#include <openssl/evp.h>
-#include <openssl/aes.h>
-#include <openssl/rand.h>
-
  struct _WINPR_PROTECTED_MEMORY_BLOCK
  {
         BYTE* pData;
@@ -36,13 +30,9 @@ struct _WINPR_PROTECTED_MEMORY_BLOCK
         BYTE key[32];
         BYTE iv[32];
         BYTE salt[8];
-       EVP_CIPHER_CTX enc;
-       EVP_CIPHER_CTX dec;
  };
  typedef struct _WINPR_PROTECTED_MEMORY_BLOCK WINPR_PROTECTED_MEMORY_BLOCK;
  
-#endif
-
  struct _WINPR_CERTSTORE
  {
         LPCSTR lpszStoreProvider;
diff --git a/winpr/tools/makecert/makecert.c b/winpr/tools/makecert/makecert.c

index d75d5ed..0f72575 100644 (file)
--- a/winpr/tools/makecert/makecert.c
+++ b/winpr/tools/makecert/makecert.c
@@ -263,9 +263,9 @@ int makecert_print_command_line_help(int argc, char** argv)
         return 1;
  }
  
+#ifdef WITH_OPENSSL
  int x509_add_ext(X509* cert, int nid, char* value)
  {
-#ifdef WITH_OPENSSL
         X509V3_CTX ctx;
         X509_EXTENSION* ext;
  
@@ -279,10 +279,10 @@ int x509_add_ext(X509* cert, int nid, char* value)
  
         X509_add_ext(cert, ext, -1);
         X509_EXTENSION_free(ext);
-#endif
  
         return 1;
  }
+#endif
  
  char* x509_name_parse(char* name, char* txt, int* length)
  {
author	Marc-André Moreau <marcandre.moreau@gmail.com>
	Fri, 9 Oct 2015 16:15:31 +0000 (12:15 -0400)
committer	Marc-André Moreau <marcandre.moreau@gmail.com>
	Fri, 9 Oct 2015 16:15:31 +0000 (12:15 -0400)
winpr/include/winpr/crypto.h		patch \| blob \| history
winpr/libwinpr/crypto/cipher.c		patch \| blob \| history
winpr/libwinpr/crypto/crypto.c		patch \| blob \| history
winpr/libwinpr/crypto/crypto.h		patch \| blob \| history
winpr/tools/makecert/makecert.c		patch \| blob \| history