-
Notifications
You must be signed in to change notification settings - Fork 2
/
lib_crypto.c
146 lines (125 loc) · 3.79 KB
/
lib_crypto.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
/*
* Lessfs: A data deduplicating filesystem.
* Copyright (C) 2008 Mark Ruijter <mruijter@lessfs.com>
*
* This program is free software.
* You can redistribute lessfs and/or modify it under the terms of either
* (1) the GNU General Public License; either version 3 of the License,
* or (at your option) any later version as published by
* the Free Software Foundation; or (2) obtain a commercial license
* by contacting the Author.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
* the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifndef LFATAL
#include "lib_log.h"
#endif
#include<stdio.h>
#include<stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <pthread.h>
#ifdef ENABLE_CRYPTO
#include<openssl/ssl.h>
#include<openssl/evp.h>
#endif
#include "lib_safe.h"
#include "retcodes.h"
#include "lib_cfg.h"
extern char *logname;
extern char *function;
extern int debug;
extern int BLKSIZE;
extern char *passwd;
#ifdef ENABLE_CRYPTO
static pthread_mutex_t crypto_mutex = PTHREAD_MUTEX_INITIALIZER;
#endif
#define die_cryptoerr(f...) { LFATAL(f); exit(EXIT_CRYPTOERR); }
typedef struct {
unsigned long size;
unsigned char *data;
} DAT;
unsigned char *safepassword()
{
int len;
unsigned char *safepasswd;
len = strlen((char *) config->passwd);
if (len > 16)
len = 16;
safepasswd = s_malloc(16);
memset(safepasswd, 65, 16);
memcpy(safepasswd, config->passwd, len);
return safepasswd;
}
#ifdef ENABLE_CRYPTO
DAT *lfsencrypt(unsigned char *unenc, unsigned long size)
{
unsigned char *safepasswd;
EVP_CIPHER_CTX ctx;
DAT *encoded;
int olen, tlen;
FUNC;
pthread_mutex_lock(&crypto_mutex);
safepasswd = safepassword();
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit(&ctx, EVP_bf_cbc(), safepasswd, config->iv);
encoded = s_malloc(sizeof(DAT));
encoded->data = s_malloc(8 + size); //Blowfish can grow 64 bits
if (EVP_EncryptUpdate(&ctx, encoded->data, &olen, unenc, size) != 1) {
die_cryptoerr("error in encrypt update\n");
}
if (EVP_EncryptFinal(&ctx, encoded->data + olen, &tlen) != 1) {
die_cryptoerr("error in encrypt final\n");
}
EVP_CIPHER_CTX_cleanup(&ctx);
encoded->size = olen + tlen;
if (encoded->size > 8 + size) {
die_cryptoerr
("Unexpected fatal error : data has grown in size after encryption.\n");
}
s_free(safepasswd);
pthread_mutex_unlock(&crypto_mutex);
EFUNC;
return encoded;
}
DAT *lfsdecrypt(DAT * data)
{
DAT *decrypted;
unsigned char *safepasswd;
int olen, tlen;
FUNC;
pthread_mutex_lock(&crypto_mutex);
decrypted = (DAT *) s_malloc(sizeof(DAT));
decrypted->data = s_malloc(data->size);
safepasswd = safepassword();
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);
EVP_DecryptInit(&ctx, EVP_bf_cbc(), safepasswd, config->iv);
if (EVP_DecryptUpdate
(&ctx, decrypted->data, &olen, data->data, data->size) != 1) {
die_cryptoerr("Unexpected fatal error while decrypting.\n");
}
if (EVP_DecryptFinal(&ctx, decrypted->data + olen, &tlen) != 1) {
die_cryptoerr("Unexpected fatal error in decrypt final.\n");
}
olen += tlen;
EVP_CIPHER_CTX_cleanup(&ctx);
decrypted->size = olen;
s_free(safepasswd);
pthread_mutex_unlock(&crypto_mutex);
EFUNC;
return decrypted;
}
#endif