Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

BadVPN – Blame information for rev 1

Rev	Author	Line No.	Line
1	office	1	/**
		2	* @file BEncryption.c
		3	* @author Ambroz Bizjak <ambrop7@gmail.com>
		4	*
		5	* @section LICENSE
		6	*
		7	* Redistribution and use in source and binary forms, with or without
		8	* modification, are permitted provided that the following conditions are met:
		9	* 1. Redistributions of source code must retain the above copyright
		10	* notice, this list of conditions and the following disclaimer.
		11	* 2. Redistributions in binary form must reproduce the above copyright
		12	* notice, this list of conditions and the following disclaimer in the
		13	* documentation and/or other materials provided with the distribution.
		14	* 3. Neither the name of the author nor the
		15	* names of its contributors may be used to endorse or promote products
		16	* derived from this software without specific prior written permission.
		17	*
		18	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
		19	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
		20	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
		21	* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
		22	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
		23	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
		24	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
		25	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
		26	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
		27	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
		28	*/
		29
		30	#include <base/BLog.h>
		31
		32	#include <security/BEncryption.h>
		33
		34	#include <generated/blog_channel_BEncryption.h>
		35
		36	int BEncryption_cipher_valid (int cipher)
		37	{
		38	switch (cipher) {
		39	case BENCRYPTION_CIPHER_BLOWFISH:
		40	case BENCRYPTION_CIPHER_AES:
		41	return 1;
		42	default:
		43	return 0;
		44	}
		45	}
		46
		47	int BEncryption_cipher_block_size (int cipher)
		48	{
		49	switch (cipher) {
		50	case BENCRYPTION_CIPHER_BLOWFISH:
		51	return BENCRYPTION_CIPHER_BLOWFISH_BLOCK_SIZE;
		52	case BENCRYPTION_CIPHER_AES:
		53	return BENCRYPTION_CIPHER_AES_BLOCK_SIZE;
		54	default:
		55	ASSERT(0)
		56	return 0;
		57	}
		58	}
		59
		60	int BEncryption_cipher_key_size (int cipher)
		61	{
		62	switch (cipher) {
		63	case BENCRYPTION_CIPHER_BLOWFISH:
		64	return BENCRYPTION_CIPHER_BLOWFISH_KEY_SIZE;
		65	case BENCRYPTION_CIPHER_AES:
		66	return BENCRYPTION_CIPHER_AES_KEY_SIZE;
		67	default:
		68	ASSERT(0)
		69	return 0;
		70	}
		71	}
		72
		73	void BEncryption_Init (BEncryption *enc, int mode, int cipher, uint8_t *key)
		74	{
		75	ASSERT(!(mode&~(BENCRYPTION_MODE_ENCRYPT|BENCRYPTION_MODE_DECRYPT)))
		76	ASSERT((mode&BENCRYPTION_MODE_ENCRYPT) || (mode&BENCRYPTION_MODE_DECRYPT))
		77
		78	enc->mode = mode;
		79	enc->cipher = cipher;
		80
		81	#ifdef BADVPN_USE_CRYPTODEV
		82
		83	switch (enc->cipher) {
		84	case BENCRYPTION_CIPHER_AES:
		85	enc->cryptodev.cipher = CRYPTO_AES_CBC;
		86	break;
		87	default:
		88	goto fail1;
		89	}
		90
		91	if ((enc->cryptodev.fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
		92	BLog(BLOG_ERROR, "failed to open /dev/crypto");
		93	goto fail1;
		94	}
		95
		96	if (ioctl(enc->cryptodev.fd, CRIOGET, &enc->cryptodev.cfd)) {
		97	BLog(BLOG_ERROR, "failed ioctl(CRIOGET)");
		98	goto fail2;
		99	}
		100
		101	struct session_op sess;
		102	memset(&sess, 0, sizeof(sess));
		103	sess.cipher = enc->cryptodev.cipher;
		104	sess.keylen = BEncryption_cipher_key_size(enc->cipher);
		105	sess.key = key;
		106	if (ioctl(enc->cryptodev.cfd, CIOCGSESSION, &sess)) {
		107	BLog(BLOG_ERROR, "failed ioctl(CIOCGSESSION)");
		108	goto fail3;
		109	}
		110
		111	enc->cryptodev.ses = sess.ses;
		112	enc->use_cryptodev = 1;
		113
		114	goto success;
		115
		116	fail3:
		117	ASSERT_FORCE(close(enc->cryptodev.cfd) == 0)
		118	fail2:
		119	ASSERT_FORCE(close(enc->cryptodev.fd) == 0)
		120	fail1:
		121
		122	enc->use_cryptodev = 0;
		123
		124	#endif
		125
		126	int res;
		127
		128	switch (enc->cipher) {
		129	case BENCRYPTION_CIPHER_BLOWFISH:
		130	BF_set_key(&enc->blowfish, BENCRYPTION_CIPHER_BLOWFISH_KEY_SIZE, key);
		131	break;
		132	case BENCRYPTION_CIPHER_AES:
		133	if (enc->mode&BENCRYPTION_MODE_ENCRYPT) {
		134	res = AES_set_encrypt_key(key, 128, &enc->aes.encrypt);
		135	ASSERT_EXECUTE(res >= 0)
		136	}
		137	if (enc->mode&BENCRYPTION_MODE_DECRYPT) {
		138	res = AES_set_decrypt_key(key, 128, &enc->aes.decrypt);
		139	ASSERT_EXECUTE(res >= 0)
		140	}
		141	break;
		142	default:
		143	ASSERT(0)
		144	;
		145	}
		146
		147	#ifdef BADVPN_USE_CRYPTODEV
		148	success:
		149	#endif
		150	// init debug object
		151	DebugObject_Init(&enc->d_obj);
		152	}
		153
		154	void BEncryption_Free (BEncryption *enc)
		155	{
		156	// free debug object
		157	DebugObject_Free(&enc->d_obj);
		158
		159	#ifdef BADVPN_USE_CRYPTODEV
		160
		161	if (enc->use_cryptodev) {
		162	ASSERT_FORCE(ioctl(enc->cryptodev.cfd, CIOCFSESSION, &enc->cryptodev.ses) == 0)
		163	ASSERT_FORCE(close(enc->cryptodev.cfd) == 0)
		164	ASSERT_FORCE(close(enc->cryptodev.fd) == 0)
		165	}
		166
		167	#endif
		168	}
		169
		170	void BEncryption_Encrypt (BEncryption *enc, uint8_t *in, uint8_t *out, int len, uint8_t *iv)
		171	{
		172	ASSERT(enc->mode&BENCRYPTION_MODE_ENCRYPT)
		173	ASSERT(len >= 0)
		174	ASSERT(len % BEncryption_cipher_block_size(enc->cipher) == 0)
		175
		176	#ifdef BADVPN_USE_CRYPTODEV
		177
		178	if (enc->use_cryptodev) {
		179	struct crypt_op cryp;
		180	memset(&cryp, 0, sizeof(cryp));
		181	cryp.ses = enc->cryptodev.ses;
		182	cryp.len = len;
		183	cryp.src = in;
		184	cryp.dst = out;
		185	cryp.iv = iv;
		186	cryp.op = COP_ENCRYPT;
		187	ASSERT_FORCE(ioctl(enc->cryptodev.cfd, CIOCCRYPT, &cryp) == 0)
		188
		189	return;
		190	}
		191
		192	#endif
		193
		194	switch (enc->cipher) {
		195	case BENCRYPTION_CIPHER_BLOWFISH:
		196	BF_cbc_encrypt(in, out, len, &enc->blowfish, iv, BF_ENCRYPT);
		197	break;
		198	case BENCRYPTION_CIPHER_AES:
		199	AES_cbc_encrypt(in, out, len, &enc->aes.encrypt, iv, AES_ENCRYPT);
		200	break;
		201	default:
		202	ASSERT(0);
		203	}
		204	}
		205
		206	void BEncryption_Decrypt (BEncryption *enc, uint8_t *in, uint8_t *out, int len, uint8_t *iv)
		207	{
		208	ASSERT(enc->mode&BENCRYPTION_MODE_DECRYPT)
		209	ASSERT(len >= 0)
		210	ASSERT(len % BEncryption_cipher_block_size(enc->cipher) == 0)
		211
		212	#ifdef BADVPN_USE_CRYPTODEV
		213
		214	if (enc->use_cryptodev) {
		215	struct crypt_op cryp;
		216	memset(&cryp, 0, sizeof(cryp));
		217	cryp.ses = enc->cryptodev.ses;
		218	cryp.len = len;
		219	cryp.src = in;
		220	cryp.dst = out;
		221	cryp.iv = iv;
		222	cryp.op = COP_DECRYPT;
		223	ASSERT_FORCE(ioctl(enc->cryptodev.cfd, CIOCCRYPT, &cryp) == 0)
		224
		225	return;
		226	}
		227
		228	#endif
		229
		230	switch (enc->cipher) {
		231	case BENCRYPTION_CIPHER_BLOWFISH:
		232	BF_cbc_encrypt(in, out, len, &enc->blowfish, iv, BF_DECRYPT);
		233	break;
		234	case BENCRYPTION_CIPHER_AES:
		235	AES_cbc_encrypt(in, out, len, &enc->aes.decrypt, iv, AES_DECRYPT);
		236	break;
		237	default:
		238	ASSERT(0);
		239	}
		240	}

Powered by WebSVN 2.7.0 and Apache Subversion 1.14.2     ✓ XHTML & CSS