Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| e0f4163c7e | |||
| c814f3c1c2 | |||
| 1cad5dfaab |
@@ -483,11 +483,7 @@ static int drng_chacha20_rng_selftest(struct chacha20_drng *drng)
|
||||
static void drng_chacha20_dealloc(struct chacha20_drng *drng)
|
||||
{
|
||||
memset_secure(drng, 0, sizeof(*drng));
|
||||
#ifdef _WIN32
|
||||
_aligned_free(drng);
|
||||
#else
|
||||
free(drng);
|
||||
#endif
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
260
src/inexact.c
260
src/inexact.c
@@ -6,8 +6,9 @@
|
||||
* and related and neighboring rights to this software to the public domain
|
||||
* worldwide. This software is distributed without any warranty.
|
||||
*
|
||||
* You should have received a copy of the CC0 Public Domain Dedication along with
|
||||
* this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
|
||||
* You should have received a copy of the CC0 Public Domain Dedication along
|
||||
* with this software. If not, see
|
||||
* <http://creativecommons.org/publicdomain/zero/1.0/>.
|
||||
*/
|
||||
|
||||
#include "inexact.h"
|
||||
@@ -37,12 +38,15 @@ int generate_keys(const char *seckey_filename, const char *pubkey_filename,
|
||||
unsigned char *publickey_b64 = NULL;
|
||||
unsigned char *privatekey_b64t = NULL;
|
||||
unsigned char *publickey_b64t = NULL;
|
||||
unsigned char salt[32] = {0};
|
||||
unsigned char privatekey_buffer[64] = {0};
|
||||
unsigned char *salt = NULL;
|
||||
const size_t salt_len = 32;
|
||||
unsigned char *privatekey_buffer = NULL;
|
||||
const size_t privatekey_buffer_len = 64;
|
||||
|
||||
char password[256] = {0};
|
||||
char *password = NULL;
|
||||
const size_t password_maxlen = 256;
|
||||
char *password_out = NULL;
|
||||
char password_verif[256] = {0};
|
||||
char *password_verif = NULL;
|
||||
char *password_verif_out = NULL;
|
||||
size_t password_len = 0;
|
||||
size_t password_verif_len = 0;
|
||||
@@ -66,6 +70,17 @@ int generate_keys(const char *seckey_filename, const char *pubkey_filename,
|
||||
curve25519_key privatekey;
|
||||
curve25519_key publickey;
|
||||
|
||||
salt = malloc(salt_len);
|
||||
privatekey_buffer = malloc(privatekey_buffer_len);
|
||||
password = malloc(password_maxlen);
|
||||
password_verif = malloc(password_maxlen);
|
||||
|
||||
if (salt == NULL || privatekey_buffer == NULL || password == NULL ||
|
||||
password_verif == NULL) {
|
||||
printf("Malloc failed\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* Secret (or private) key */
|
||||
|
||||
if (no_password) {
|
||||
@@ -85,33 +100,32 @@ int generate_keys(const char *seckey_filename, const char *pubkey_filename,
|
||||
memcpy(privatekey_buffer + sizeof(curve25519_key), publickey,
|
||||
sizeof(curve25519_key));
|
||||
} else {
|
||||
struct chacha20_drng *drng;
|
||||
int ret = drng_chacha20_init(&drng);
|
||||
if (ret) {
|
||||
printf("Chacha20 allocation failed: %d\n", ret);
|
||||
goto exit;
|
||||
}
|
||||
if (drng_chacha20_get(drng, salt, sizeof(salt))) {
|
||||
if (drng_chacha20_get(drng, salt, salt_len)) {
|
||||
printf("Getting random numbers failed\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
password_out =
|
||||
readpassphrase("Password : ", password, sizeof(password), 0);
|
||||
readpassphrase("Password : ", password, password_maxlen, 0);
|
||||
if (password_out != password) {
|
||||
printf("password input failed.\n");
|
||||
goto exit;
|
||||
}
|
||||
password_len = strlen(password);
|
||||
password_len = strnlen(password, password_maxlen);
|
||||
|
||||
password_verif_out =
|
||||
readpassphrase("Verifying, please re-enter : ", password_verif,
|
||||
sizeof(password_verif), 0);
|
||||
password_maxlen, 0);
|
||||
if (password_verif_out != password_verif) {
|
||||
printf("password input failed.\n");
|
||||
goto exit;
|
||||
}
|
||||
password_verif_len = strlen(password_verif);
|
||||
password_verif_len = strnlen(password_verif, password_maxlen);
|
||||
|
||||
if (password_len != password_verif_len) {
|
||||
printf("Mismatch.\n");
|
||||
@@ -124,20 +138,19 @@ int generate_keys(const char *seckey_filename, const char *pubkey_filename,
|
||||
}
|
||||
|
||||
int a2res = argon2id_hash_raw(t_cost, m_cost, parallelism, password,
|
||||
password_len, salt, sizeof(salt),
|
||||
privatekey, sizeof(curve25519_key));
|
||||
password_len, salt, salt_len, privatekey,
|
||||
sizeof(curve25519_key));
|
||||
if (a2res != ARGON2_OK) {
|
||||
printf("argon2 failed.");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
curve25519_donna_basepoint(publickey, privatekey);
|
||||
memcpy(privatekey_buffer, salt, sizeof(salt));
|
||||
memcpy(privatekey_buffer + sizeof(salt), publickey,
|
||||
sizeof(curve25519_key));
|
||||
memcpy(privatekey_buffer, salt, salt_len);
|
||||
memcpy(privatekey_buffer + salt_len, publickey, sizeof(curve25519_key));
|
||||
}
|
||||
|
||||
privatekey_b64 = base64_encode(privatekey_buffer, sizeof(privatekey_buffer),
|
||||
privatekey_b64 = base64_encode(privatekey_buffer, privatekey_buffer_len,
|
||||
&private_base64_len);
|
||||
if (privatekey_b64 == NULL) {
|
||||
printf("base64 encoding failed.\n");
|
||||
@@ -218,15 +231,19 @@ exit:
|
||||
memset(publickey_b64, 0, public_base64_len);
|
||||
memset(publickey_b64t, 0, public_b64t_len);
|
||||
memset(publickey, 0, sizeof(curve25519_key));
|
||||
memset(salt, 0, sizeof(salt));
|
||||
memset(privatekey_buffer, 0, sizeof(privatekey_buffer));
|
||||
memset(password, 0, sizeof(password));
|
||||
memset(password_verif, 0, sizeof(password_verif));
|
||||
memset(salt, 0, salt_len);
|
||||
memset(privatekey_buffer, 0, privatekey_buffer_len);
|
||||
memset(password, 0, password_maxlen);
|
||||
memset(password_verif, 0, password_maxlen);
|
||||
|
||||
free(privatekey_b64);
|
||||
free(publickey_b64);
|
||||
free(privatekey_b64t);
|
||||
free(publickey_b64t);
|
||||
free(salt);
|
||||
free(privatekey_buffer);
|
||||
free(password);
|
||||
free(password_verif);
|
||||
|
||||
if (fs != NULL) {
|
||||
fclose(fs);
|
||||
@@ -252,8 +269,10 @@ int get_seckey(const char *keyfile, unsigned char *skey, unsigned char *pkey) {
|
||||
|
||||
FILE *fs = NULL;
|
||||
|
||||
unsigned char salt[32] = {0};
|
||||
char password[256] = {0};
|
||||
unsigned char *salt = NULL;
|
||||
const size_t salt_len = 32;
|
||||
char *password = NULL;
|
||||
const size_t password_maxlen = 256;
|
||||
char *password_out = NULL;
|
||||
curve25519_key pubkey;
|
||||
curve25519_key pubkey_from_secret;
|
||||
@@ -263,8 +282,21 @@ int get_seckey(const char *keyfile, unsigned char *skey, unsigned char *pkey) {
|
||||
const uint32_t m_cost = (1 << 12);
|
||||
const uint32_t parallelism = 1;
|
||||
|
||||
/* max_size = base64(sizeof(curve25519_key)) = 64 * 4 / 3 + 1 -> 86 */
|
||||
const size_t file_data_len = 87;
|
||||
unsigned char *file_data = NULL;
|
||||
|
||||
int exitcode = 1;
|
||||
|
||||
file_data = malloc(file_data_len);
|
||||
salt = malloc(salt_len);
|
||||
password = malloc(password_maxlen);
|
||||
|
||||
if (salt == NULL || password == NULL || file_data == NULL) {
|
||||
printf("Malloc failed\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
fs = fopen(keyfile, "rb");
|
||||
if (fs == NULL) {
|
||||
printf("key file opening failed: %s.\n", strerror(errno));
|
||||
@@ -290,10 +322,12 @@ int get_seckey(const char *keyfile, unsigned char *skey, unsigned char *pkey) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* max_size = base64(sizeof(curve25519_key)) = 64 * 4 / 3 + 1 -> 86 */
|
||||
unsigned char file_data[87] = {0};
|
||||
if (sz > file_data_len) {
|
||||
printf("Bad key size\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
size_t readed = fread(&file_data, 1, sz, fs);
|
||||
size_t readed = fread(file_data, 1, sz, fs);
|
||||
if (readed != sz) {
|
||||
printf("read file '%s' failed: %s.\n", keyfile, strerror(errno));
|
||||
goto exit;
|
||||
@@ -325,17 +359,17 @@ int get_seckey(const char *keyfile, unsigned char *skey, unsigned char *pkey) {
|
||||
int password_protected_flag =
|
||||
(memcmp(pubkey, pubkey_from_secret, sizeof(curve25519_key)) != 0);
|
||||
if (password_protected_flag) {
|
||||
memcpy(salt, base64_decoded, sizeof(salt));
|
||||
memcpy(salt, base64_decoded, salt_len);
|
||||
password_out =
|
||||
readpassphrase("Password : ", password, sizeof(password), 0);
|
||||
readpassphrase("Password : ", password, password_maxlen, 0);
|
||||
if (password_out != password) {
|
||||
printf("password input failed.\n");
|
||||
goto exit;
|
||||
}
|
||||
password_len = strlen(password);
|
||||
password_len = strnlen(password, password_maxlen);
|
||||
|
||||
int a2res = argon2id_hash_raw(t_cost, m_cost, parallelism, password,
|
||||
password_len, salt, sizeof(salt), seckey,
|
||||
password_len, salt, salt_len, seckey,
|
||||
sizeof(curve25519_key));
|
||||
if (a2res != ARGON2_OK) {
|
||||
printf("argon2 failed.");
|
||||
@@ -355,11 +389,11 @@ int get_seckey(const char *keyfile, unsigned char *skey, unsigned char *pkey) {
|
||||
exitcode = 0;
|
||||
|
||||
exit:
|
||||
memset(file_data, 0, sizeof(file_data));
|
||||
memset(file_data, 0, file_data_len);
|
||||
memset(base64_decoded, 0, base64_decoded_len);
|
||||
memset(b64t_decoded, 0, b64t_decoded_len);
|
||||
memset(salt, 0, sizeof(salt));
|
||||
memset(password, 0, sizeof(password));
|
||||
memset(salt, 0, salt_len);
|
||||
memset(password, 0, password_maxlen);
|
||||
memset(seckey, 0, sizeof(curve25519_key));
|
||||
memset(pubkey, 0, sizeof(curve25519_key));
|
||||
memset(pubkey_from_secret, 0, sizeof(curve25519_key));
|
||||
@@ -370,6 +404,9 @@ exit:
|
||||
|
||||
free(base64_decoded);
|
||||
free(b64t_decoded);
|
||||
free(salt);
|
||||
free(password);
|
||||
free(file_data);
|
||||
|
||||
return exitcode;
|
||||
}
|
||||
@@ -389,8 +426,17 @@ int get_pubkey(const char *keyfile, unsigned char *pkey) {
|
||||
|
||||
curve25519_key pubkey;
|
||||
|
||||
/* max_size = base64(sizeof(curve25519_key)) = 32 * 4 / 3 + 1 -> 44 */
|
||||
const size_t file_data_len = 45;
|
||||
unsigned char *file_data = malloc(file_data_len);
|
||||
|
||||
int exitcode = 1;
|
||||
|
||||
if (file_data == NULL) {
|
||||
printf("Malloc failed\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
fs = fopen(keyfile, "rb");
|
||||
if (fs == NULL) {
|
||||
printf("key file opening failed: %s.\n", strerror(errno));
|
||||
@@ -416,9 +462,12 @@ int get_pubkey(const char *keyfile, unsigned char *pkey) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* max_size = base64(sizeof(curve25519_key)) = 32 * 4 / 3 + 1 -> 44 */
|
||||
unsigned char file_data[44] = {0};
|
||||
size_t readed = fread(&file_data, 1, sz, fs);
|
||||
if (sz > file_data_len) {
|
||||
printf("Bad key size\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
size_t readed = fread(file_data, 1, sz, fs);
|
||||
if (readed != sz) {
|
||||
printf("read file '%s' failed: %s.\n", keyfile, strerror(errno));
|
||||
goto exit;
|
||||
@@ -447,7 +496,7 @@ int get_pubkey(const char *keyfile, unsigned char *pkey) {
|
||||
exitcode = 0;
|
||||
|
||||
exit:
|
||||
memset(file_data, 0, sizeof(file_data));
|
||||
memset(file_data, 0, file_data_len);
|
||||
memset(b64t_decoded, 0, b64t_decoded_len);
|
||||
memset(base64_decoded, 0, base64_decoded_len);
|
||||
memset(pubkey, 0, sizeof(curve25519_key));
|
||||
@@ -458,6 +507,7 @@ exit:
|
||||
|
||||
free(b64t_decoded);
|
||||
free(base64_decoded);
|
||||
free(file_data);
|
||||
|
||||
return exitcode;
|
||||
}
|
||||
@@ -494,7 +544,7 @@ unsigned char *encrypt_data(const unsigned char *seckey,
|
||||
size_t encrypted_len = 0;
|
||||
|
||||
const size_t shared_secret_len = 32;
|
||||
unsigned char shared_secret[32] = {0};
|
||||
unsigned char *shared_secret = NULL;
|
||||
|
||||
const size_t nonce1_len = 32;
|
||||
const size_t tag0_len = 4;
|
||||
@@ -504,29 +554,35 @@ unsigned char *encrypt_data(const unsigned char *seckey,
|
||||
const size_t nonce0_len = 32;
|
||||
const size_t header0_len = 4;
|
||||
const size_t encrypted_len_expected = data_len + tag1_len;
|
||||
const size_t salt_len = 32;
|
||||
|
||||
const uint8_t *key1 = 0;
|
||||
const uint8_t *nonce1 = 0;
|
||||
unsigned char params[5] = {0};
|
||||
unsigned char params_encrypted[9] = {0};
|
||||
unsigned char *params = NULL;
|
||||
unsigned char *params_encrypted = NULL;
|
||||
const uint8_t *key0 = 0;
|
||||
const uint8_t *nonce0 = 0;
|
||||
unsigned char header0[4] = {0};
|
||||
unsigned char *header0 = NULL;
|
||||
|
||||
struct chacha20_drng *drng = NULL;
|
||||
|
||||
*out_encrypted_len = 0;
|
||||
|
||||
// generate shared secret from DH X25519
|
||||
curve25519_donna(shared_secret, seckey, pubkey);
|
||||
shared_secret = malloc(shared_secret_len);
|
||||
params = malloc(params_len);
|
||||
params_encrypted = malloc(params_encrypted_len);
|
||||
header0 = malloc(header0_len);
|
||||
rand = malloc(rand_len); // generate part 1 random data
|
||||
|
||||
// generate part 1 random data
|
||||
rand = malloc(rand_len);
|
||||
if (rand == NULL) {
|
||||
if (shared_secret == NULL || params == NULL || params_encrypted == NULL ||
|
||||
header0 == NULL || rand == NULL) {
|
||||
printf("malloc failed.\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
// generate shared secret from DH X25519
|
||||
curve25519_donna(shared_secret, seckey, pubkey);
|
||||
|
||||
int ret = drng_chacha20_init(&drng);
|
||||
if (ret) {
|
||||
printf("Chacha20 allocation failed: %d\n", ret);
|
||||
@@ -631,10 +687,13 @@ unsigned char *encrypt_data(const unsigned char *seckey,
|
||||
}
|
||||
|
||||
if (salt) {
|
||||
memcpy(encrypted, salt, 32);
|
||||
memcpy(32 + encrypted, pubkey, 32);
|
||||
memcpy(64 + encrypted, params_encrypted, params_encrypted_len);
|
||||
memcpy(64 + encrypted + params_encrypted_len, part1, part1_len);
|
||||
memcpy(encrypted, salt, salt_len);
|
||||
memcpy(salt_len + encrypted, pubkey, sizeof(curve25519_key));
|
||||
memcpy(salt_len + sizeof(curve25519_key) + encrypted, params_encrypted,
|
||||
params_encrypted_len);
|
||||
memcpy(salt_len + sizeof(curve25519_key) + encrypted +
|
||||
params_encrypted_len,
|
||||
part1, part1_len);
|
||||
} else {
|
||||
memcpy(encrypted, params_encrypted, params_encrypted_len);
|
||||
memcpy(encrypted + params_encrypted_len, part1, part1_len);
|
||||
@@ -687,6 +746,10 @@ exit:
|
||||
free(encrypted1);
|
||||
free(part1);
|
||||
free(encrypted);
|
||||
free(header0);
|
||||
free(shared_secret);
|
||||
free(params);
|
||||
free(params_encrypted);
|
||||
|
||||
return out;
|
||||
}
|
||||
@@ -699,12 +762,14 @@ int get_symmetrickeys(unsigned char *salt_out, unsigned char *seckey_out,
|
||||
const uint32_t m_cost = (1 << 12);
|
||||
const uint32_t parallelism = 1;
|
||||
|
||||
char password[256] = {0};
|
||||
char *password = NULL;
|
||||
char *password_out = NULL;
|
||||
char password_verif[256] = {0};
|
||||
char *password_verif = NULL;
|
||||
char *password_verif_out = NULL;
|
||||
size_t password_len = 0;
|
||||
size_t password_verif_len = 0;
|
||||
const size_t password_maxlen = 256;
|
||||
const size_t salt_len = 32;
|
||||
|
||||
int exitcode = 1;
|
||||
|
||||
@@ -718,21 +783,28 @@ int get_symmetrickeys(unsigned char *salt_out, unsigned char *seckey_out,
|
||||
goto exit;
|
||||
}
|
||||
|
||||
password_out = readpassphrase("Password : ", password, sizeof(password), 0);
|
||||
password = malloc(password_maxlen);
|
||||
password_verif = malloc(password_maxlen);
|
||||
|
||||
if (password == NULL || password_verif == NULL) {
|
||||
printf("Malloc failed\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
password_out = readpassphrase("Password : ", password, password_maxlen, 0);
|
||||
if (password_out != password) {
|
||||
printf("password input failed.\n");
|
||||
goto exit;
|
||||
}
|
||||
password_len = strlen(password);
|
||||
password_len = strnlen(password, password_maxlen);
|
||||
|
||||
password_verif_out =
|
||||
readpassphrase("Verifying, please re-enter : ", password_verif,
|
||||
sizeof(password_verif), 0);
|
||||
password_verif_out = readpassphrase(
|
||||
"Verifying, please re-enter : ", password_verif, password_maxlen, 0);
|
||||
if (password_verif_out != password_verif) {
|
||||
printf("password input failed.\n");
|
||||
goto exit;
|
||||
}
|
||||
password_verif_len = strlen(password_verif);
|
||||
password_verif_len = strnlen(password_verif, password_maxlen);
|
||||
|
||||
if (password_len != password_verif_len) {
|
||||
printf("Mismatch.\n");
|
||||
@@ -744,9 +816,9 @@ int get_symmetrickeys(unsigned char *salt_out, unsigned char *seckey_out,
|
||||
goto exit;
|
||||
}
|
||||
|
||||
int a2res =
|
||||
argon2id_hash_raw(t_cost, m_cost, parallelism, password, password_len,
|
||||
salt_out, 32, seckey_out, sizeof(curve25519_key));
|
||||
int a2res = argon2id_hash_raw(t_cost, m_cost, parallelism, password,
|
||||
password_len, salt_out, salt_len, seckey_out,
|
||||
sizeof(curve25519_key));
|
||||
if (a2res != ARGON2_OK) {
|
||||
printf("argon2 failed.");
|
||||
goto exit;
|
||||
@@ -758,8 +830,10 @@ int get_symmetrickeys(unsigned char *salt_out, unsigned char *seckey_out,
|
||||
|
||||
exit:
|
||||
drng_chacha20_destroy(drng);
|
||||
memset(password, 0, sizeof(password));
|
||||
memset(password_verif, 0, sizeof(password_verif));
|
||||
memset(password, 0, password_maxlen);
|
||||
memset(password_verif, 0, password_maxlen);
|
||||
free(password);
|
||||
free(password_verif);
|
||||
|
||||
return exitcode;
|
||||
}
|
||||
@@ -771,7 +845,7 @@ int check_get_symmetrickeys(const unsigned char *data, const size_t data_len,
|
||||
const uint32_t m_cost = (1 << 12);
|
||||
const uint32_t parallelism = 1;
|
||||
|
||||
char password[256] = {0};
|
||||
char *password = NULL;
|
||||
char *password_out = NULL;
|
||||
size_t password_len = 0;
|
||||
|
||||
@@ -780,11 +854,21 @@ int check_get_symmetrickeys(const unsigned char *data, const size_t data_len,
|
||||
size_t data_b64t_decoded_len = 0;
|
||||
size_t encrypted_len = 0;
|
||||
|
||||
unsigned char salt[32] = {0};
|
||||
unsigned char *salt = NULL;
|
||||
const size_t salt_len = 32;
|
||||
const size_t password_maxlen = 256;
|
||||
|
||||
curve25519_key pubkey_from_secret;
|
||||
int exitcode = 1;
|
||||
|
||||
password = malloc(password_maxlen);
|
||||
salt = malloc(salt_len);
|
||||
|
||||
if (password == NULL || salt == NULL) {
|
||||
printf("Malloc failed\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
data_b64t_decoded = b64t_decode(data, data_len, &data_b64t_decoded_len);
|
||||
|
||||
encrypted =
|
||||
@@ -794,19 +878,19 @@ int check_get_symmetrickeys(const unsigned char *data, const size_t data_len,
|
||||
goto exit;
|
||||
}
|
||||
|
||||
memcpy(salt, encrypted, 32);
|
||||
memcpy(pubkey_from_secret, encrypted + 32, 32);
|
||||
memcpy(salt, encrypted, salt_len);
|
||||
memcpy(pubkey_from_secret, encrypted + 32, sizeof(curve25519_key));
|
||||
|
||||
password_out = readpassphrase("Password : ", password, sizeof(password), 0);
|
||||
password_out = readpassphrase("Password : ", password, password_maxlen, 0);
|
||||
if (password_out != password) {
|
||||
printf("password input failed.\n");
|
||||
goto exit;
|
||||
}
|
||||
password_len = strlen(password);
|
||||
password_len = strnlen(password, password_maxlen);
|
||||
|
||||
int a2res =
|
||||
argon2id_hash_raw(t_cost, m_cost, parallelism, password, password_len,
|
||||
salt, 32, seckey_out, sizeof(curve25519_key));
|
||||
salt, salt_len, seckey_out, sizeof(curve25519_key));
|
||||
if (a2res != ARGON2_OK) {
|
||||
printf("argon2 failed.");
|
||||
goto exit;
|
||||
@@ -816,7 +900,7 @@ int check_get_symmetrickeys(const unsigned char *data, const size_t data_len,
|
||||
if (memcmp(pubkey_out, pubkey_from_secret, sizeof(curve25519_key)) != 0) {
|
||||
printf("Wrong password\n");
|
||||
memset(seckey_out, 0, sizeof(curve25519_key));
|
||||
memset(salt, 0, 32);
|
||||
memset(salt, 0, salt_len);
|
||||
memset(pubkey_out, 0, sizeof(curve25519_key));
|
||||
goto exit;
|
||||
}
|
||||
@@ -824,12 +908,15 @@ int check_get_symmetrickeys(const unsigned char *data, const size_t data_len,
|
||||
exitcode = 0;
|
||||
|
||||
exit:
|
||||
memset(password, 0, sizeof(password));
|
||||
memset(password, 0, password_maxlen);
|
||||
memset(encrypted, 0, encrypted_len);
|
||||
memset(data_b64t_decoded, 0, data_b64t_decoded_len);
|
||||
memset(salt, 0, salt_len);
|
||||
|
||||
free(encrypted);
|
||||
free(data_b64t_decoded);
|
||||
free(password);
|
||||
free(salt);
|
||||
|
||||
return exitcode;
|
||||
}
|
||||
@@ -849,8 +936,8 @@ unsigned char *decrypt_data(const unsigned char *seckey,
|
||||
unsigned char *message = NULL;
|
||||
unsigned char *encrypted1 = NULL;
|
||||
|
||||
size_t shared_secret_len = 32;
|
||||
unsigned char shared_secret[32] = {0};
|
||||
const size_t shared_secret_len = 32;
|
||||
unsigned char *shared_secret = NULL;
|
||||
|
||||
size_t encrypted_len = 0;
|
||||
size_t data_b64t_decoded_len = 0;
|
||||
@@ -872,15 +959,27 @@ unsigned char *decrypt_data(const unsigned char *seckey,
|
||||
|
||||
const uint8_t *nonce0 = 0;
|
||||
const size_t header0_len = 4;
|
||||
unsigned char header0[4] = {0};
|
||||
unsigned char *header0 = NULL;
|
||||
const uint8_t *key0 = 0;
|
||||
unsigned char encrypted0[9] = {0};
|
||||
unsigned char *encrypted0 = NULL;
|
||||
const size_t encrypted0_len = 9;
|
||||
const size_t params_len = 5;
|
||||
unsigned char params[5];
|
||||
unsigned char *params = NULL;
|
||||
size_t norx_params_len = 0;
|
||||
const uint8_t *nonce1 = 0;
|
||||
const uint8_t *key1 = 0;
|
||||
|
||||
shared_secret = malloc(shared_secret_len);
|
||||
encrypted0 = malloc(encrypted0_len);
|
||||
params = malloc(params_len);
|
||||
header0 = malloc(header0_len);
|
||||
|
||||
if (shared_secret == NULL || encrypted0 == NULL || params == NULL ||
|
||||
header0 == NULL) {
|
||||
printf("Malloc failed\n");
|
||||
goto exit;
|
||||
}
|
||||
|
||||
// shared secret DH X25519
|
||||
curve25519_donna(shared_secret, seckey, pubkey);
|
||||
|
||||
@@ -1019,6 +1118,11 @@ exit:
|
||||
memset(&nc0, 0, sizeof(sha3_context));
|
||||
memset(&nc1, 0, sizeof(sha3_context));
|
||||
|
||||
free(shared_secret);
|
||||
free(encrypted0);
|
||||
free(params);
|
||||
free(header0);
|
||||
|
||||
free(data_b64t_decoded);
|
||||
if (symmetric_flag)
|
||||
free(encrypted - 64);
|
||||
|
||||
60
src/main.c
60
src/main.c
@@ -28,6 +28,8 @@ struct arg_file *seckey, *pubkey, *infile, *outfile;
|
||||
struct arg_end *end;
|
||||
struct arg_int *taglen, *noncelen, *cipherlen;
|
||||
|
||||
int file_exist (const char *filename);
|
||||
|
||||
int main(int argc, char *argv[]) {
|
||||
/* the global arg_xxx structs are initialised within the argtable */
|
||||
void *argtable[] = {
|
||||
@@ -53,7 +55,7 @@ int main(int argc, char *argv[]) {
|
||||
|
||||
int exitcode = 0;
|
||||
const char progname[] = "inexact";
|
||||
const char ver[] = "beta 1.0";
|
||||
const char ver[] = "beta 1.02";
|
||||
FILE *fo = NULL;
|
||||
|
||||
int nerrors;
|
||||
@@ -186,7 +188,7 @@ int main(int argc, char *argv[]) {
|
||||
exitcode = 1;
|
||||
goto exit;
|
||||
}
|
||||
if (access(seckey->filename[0], F_OK) != -1) {
|
||||
if (file_exist(seckey->filename[0]) == 1) {
|
||||
char ch;
|
||||
printf("Overwrite '%s' ? ", seckey->filename[0]);
|
||||
int res = scanf("%c", &ch);
|
||||
@@ -195,7 +197,7 @@ int main(int argc, char *argv[]) {
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
if (access(pubkey->filename[0], F_OK) != -1) {
|
||||
if (file_exist(pubkey->filename[0]) == 1) {
|
||||
char ch;
|
||||
printf("Overwrite '%s' ? ", pubkey->filename[0]);
|
||||
int res = scanf(" %c", &ch);
|
||||
@@ -245,7 +247,7 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
data[len - 1] = '\0';
|
||||
data_len = len - 1;
|
||||
} else if (access(infile->filename[0], F_OK) == -1) {
|
||||
} else if (file_exist(infile->filename[0]) == 0) {
|
||||
printf("Input file '%s' not found.\n", infile->filename[0]);
|
||||
exitcode = 1;
|
||||
goto exit;
|
||||
@@ -379,7 +381,8 @@ int main(int argc, char *argv[]) {
|
||||
|
||||
int base64_transformation = (base64->count == 0);
|
||||
if (cipherlen->count == 1) {
|
||||
if (dencrypt->count == 0 || noncelen->count == 1 || base64->count == 1) {
|
||||
if (dencrypt->count == 0 || noncelen->count == 1 ||
|
||||
base64->count == 1) {
|
||||
printf("Invalid options.\n");
|
||||
printf("Try '%s --help' for more information.\n", progname);
|
||||
exitcode = 1;
|
||||
@@ -417,8 +420,8 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
|
||||
if (weak->count == 1) {
|
||||
if (dencrypt->count == 0 || noncelen->count == 1 || taglen->count == 1 ||
|
||||
cipherlen->count == 1) {
|
||||
if (dencrypt->count == 0 || noncelen->count == 1 ||
|
||||
taglen->count == 1 || cipherlen->count == 1) {
|
||||
printf("Invalid options.\n");
|
||||
printf("Try '%s --help' for more information.\n", progname);
|
||||
exitcode = 1;
|
||||
@@ -428,10 +431,17 @@ int main(int argc, char *argv[]) {
|
||||
auth_tag_len = 4;
|
||||
}
|
||||
|
||||
unsigned char *secretkey = malloc(32);
|
||||
unsigned char *publickey = malloc(32);
|
||||
unsigned char *salt = malloc(32);
|
||||
|
||||
if (secretkey == NULL || publickey == NULL || salt == NULL) {
|
||||
printf("Malloc failed\n");
|
||||
exitcode = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if (dencrypt->count == 1) {
|
||||
unsigned char secretkey[32] = {0};
|
||||
unsigned char publickey[32] = {0};
|
||||
unsigned char salt[32] = {0};
|
||||
unsigned char *psalt = NULL;
|
||||
|
||||
if (symmetric->count == 1) {
|
||||
@@ -442,7 +452,7 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
psalt = &salt[0];
|
||||
} else {
|
||||
if (access(seckey->filename[0], F_OK) == -1) {
|
||||
if (file_exist(seckey->filename[0]) == 0) {
|
||||
printf("Secret key file '%s' not found.\n",
|
||||
seckey->filename[0]);
|
||||
exitcode = 1;
|
||||
@@ -453,7 +463,7 @@ int main(int argc, char *argv[]) {
|
||||
exitcode = 1;
|
||||
goto exit;
|
||||
}
|
||||
if (access(pubkey->filename[0], F_OK) == -1) {
|
||||
if (file_exist(pubkey->filename[0]) == 0) {
|
||||
printf("Public key file '%s' not found.\n",
|
||||
pubkey->filename[0]);
|
||||
exitcode = 1;
|
||||
@@ -487,9 +497,6 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
|
||||
if (ddecrypt->count == 1) {
|
||||
unsigned char secretkey[32] = {0};
|
||||
unsigned char publickey[32] = {0};
|
||||
|
||||
if (base64->count == 1) {
|
||||
printf("Invalid options.\n");
|
||||
printf("Try '%s --help' for more information.\n", progname);
|
||||
@@ -503,7 +510,7 @@ int main(int argc, char *argv[]) {
|
||||
goto exit;
|
||||
}
|
||||
} else {
|
||||
if (access(seckey->filename[0], F_OK) == -1) {
|
||||
if (file_exist(seckey->filename[0]) == 0) {
|
||||
printf("Secret key file '%s' not found.\n",
|
||||
seckey->filename[0]);
|
||||
exitcode = 1;
|
||||
@@ -514,7 +521,7 @@ int main(int argc, char *argv[]) {
|
||||
exitcode = 1;
|
||||
goto exit;
|
||||
}
|
||||
if (access(pubkey->filename[0], F_OK) == -1) {
|
||||
if (file_exist(pubkey->filename[0]) == 0) {
|
||||
printf("Public key file '%s' not found.\n",
|
||||
pubkey->filename[0]);
|
||||
exitcode = 1;
|
||||
@@ -542,8 +549,12 @@ int main(int argc, char *argv[]) {
|
||||
memset(decrypted, 0, decrypted_len);
|
||||
memset(secretkey, 0, 32);
|
||||
memset(publickey, 0, 32);
|
||||
memset(salt, 0, 32);
|
||||
memset(data, 0, data_len);
|
||||
free(decrypted);
|
||||
free(secretkey);
|
||||
free(salt);
|
||||
free(publickey);
|
||||
}
|
||||
|
||||
exit:
|
||||
@@ -553,3 +564,18 @@ exit:
|
||||
arg_freetable(argtable, sizeof(argtable) / sizeof(argtable[0]));
|
||||
return exitcode;
|
||||
}
|
||||
|
||||
int file_exist(const char *filename) {
|
||||
int exist = 0;
|
||||
FILE *file;
|
||||
if ((file = fopen(filename, "r")) == NULL) {
|
||||
if (errno != ENOENT) {
|
||||
printf("Some other error occured");
|
||||
}
|
||||
} else {
|
||||
exist = 1;
|
||||
fclose(file);
|
||||
}
|
||||
return exist;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user