Trang chủ Khám phá Trợ giúp
Đăng nhập
rotek
/
bt-67xx_universal_hw
2
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Tree: d41f5ad3f7
Branches Tags
bt-67xx_univers...
/
thirdparty
/
PolarSSL
/
programs
/
aes
/
crypt_and_hash.c

crypt_and_hash.c 13 KB
Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480 
  1. /*
    2. 

  2.  *  \brief  Generic file encryption program using generic wrappers for configured
    3. 

  3.  *          security.
    4. 

  4.  *
    5. 

  5.  *  Copyright (C) 2006-2010, Brainspark B.V.
    6. 

  6.  *
    7. 

  7.  *  This file is part of PolarSSL (http://www.polarssl.org)
    8. 

  8.  *  Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
    9. 

  9.  *
    10. 

  10.  *  All rights reserved.
    11. 

  11.  *
    12. 

  12.  *  This program is free software; you can redistribute it and/or modify
    13. 

  13.  *  it under the terms of the GNU General Public License as published by
    14. 

  14.  *  the Free Software Foundation; either version 2 of the License, or
    15. 

  15.  *  (at your option) any later version.
    16. 

  16.  *
    17. 

  17.  *  This program is distributed in the hope that it will be useful,
    18. 

  18.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
    19. 

  19.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    20. 

  20.  *  GNU General Public License for more details.
    21. 

  21.  *
    22. 

  22.  *  You should have received a copy of the GNU General Public License along
    23. 

  23.  *  with this program; if not, write to the Free Software Foundation, Inc.,
    24. 

  24.  *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
    25. 

  25.  */
    26. 

  26. 

  27. #ifndef _CRT_SECURE_NO_DEPRECATE
    28. 

  28. #define _CRT_SECURE_NO_DEPRECATE 1
    29. 

  29. #endif
    30. 

  30. 

  31. #if defined(_WIN32)
    32. 

  32. #include <windows.h>
    33. 

  33. #include <io.h>
    34. 

  34. #else
    35. 

  35. #include <sys/types.h>
    36. 

  36. #include <unistd.h>
    37. 

  37. #endif
    38. 

  38. 

  39. #include <string.h>
    40. 

  40. #include <stdlib.h>
    41. 

  41. #ifdef PRINTF_STDLIB
    42. 

  42. #include <stdio.h>
    43. 

  43. #endif
    44. 

  44. #ifdef PRINTF_CUSTOM
    45. 

  45. #include "tinystdio.h"
    46. 

  46. #endif
    47. 

  47. #include <time.h>
    48. 

  48. 

  49. #include "polarssl/config.h"
    50. 

  50. 

  51. #include "polarssl/cipher.h"
    52. 

  52. #include "polarssl/md.h"
    53. 

  53. 

  54. #define MODE_ENCRYPT    0
    55. 

  55. #define MODE_DECRYPT    1
    56. 

  56. 

  57. #define USAGE   \
    58. 

  58.     "\n  crypt_and_hash <mode> <input filename> <output filename> <cipher> <md> <key>\n" \
    59. 

  59.     "\n   <mode>: 0 = encrypt, 1 = decrypt\n" \
    60. 

  60.     "\n  example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \
    61. 

  61.     "\n"
    62. 

  62. 

  63. #if !defined(POLARSSL_CIPHER_C) || !defined(POLARSSL_MD_C)
    64. 

  64. int main( void )
    65. 

  65. {
    66. 

  66.     printf("POLARSSL_CIPHER_C and/or POLARSSL_MD_C not defined.\n");
    67. 

  67.     return( 0 );
    68. 

  68. }
    69. 

  69. #else
    70. 

  70. int main( int argc, char *argv[] )
    71. 

  71. {
    72. 

  72.     int ret = 1, i, n;
    73. 

  73.     int mode, lastn;
    74. 

  74.     size_t keylen, ilen, olen;
    75. 

  75.     FILE *fkey, *fin = NULL, *fout = NULL;
    76. 

  76. 

  77.     char *p;
    78. 

  78.     unsigned char IV[16];
    79. 

  79.     unsigned char key[512];
    80. 

  80.     unsigned char digest[POLARSSL_MD_MAX_SIZE];
    81. 

  81.     unsigned char buffer[1024];
    82. 

  82.     unsigned char output[1024];
    83. 

  83. 

  84.     const cipher_info_t *cipher_info;
    85. 

  85.     const md_info_t *md_info;
    86. 

  86.     cipher_context_t cipher_ctx;
    87. 

  87.     md_context_t md_ctx;
    88. 

  88. #if defined(WIN32)
    89. 

  89.        LARGE_INTEGER li_size;
    90. 

  90.     __int64 filesize, offset;
    91. 

  91. #else
    92. 

  92.       off_t filesize, offset;
    93. 

  93. #endif
    94. 

  94. 

  95.     memset( &cipher_ctx, 0, sizeof( cipher_context_t ));
    96. 

  96.     memset( &md_ctx, 0, sizeof( md_context_t ));
    97. 

  97. 

  98.     /*
    99. 

  99.      * Parse the command-line arguments.
    100. 

  100.      */
    101. 

  101.     if( argc != 7 )
    102. 

  102.     {
    103. 

  103.         const int *list;
    104. 

  104. 

  105.         printf( USAGE );
    106. 

  106. 

  107.         printf( "Available ciphers:\n" );
    108. 

  108.         list = cipher_list();
    109. 

  109.         while( *list )
    110. 

  110.         {
    111. 

  111.             cipher_info = cipher_info_from_type( *list );
    112. 

  112.             printf( "  %s\n", cipher_info->name );
    113. 

  113.             list++;
    114. 

  114.         }
    115. 

  115. 

  116.         printf( "\nAvailable message digests:\n" );
    117. 

  117.         list = md_list();
    118. 

  118.         while( *list )
    119. 

  119.         {
    120. 

  120.             md_info = md_info_from_type( *list );
    121. 

  121.             printf( "  %s\n", md_info->name );
    122. 

  122.             list++;
    123. 

  123.         }
    124. 

  124. 

  125. #if defined(WIN32)
    126. 

  126.         printf( "\n  Press Enter to exit this program.\n" );
    127. 

  127.         fflush( stdout ); getchar();
    128. 

  128. #endif
    129. 

  129. 

  130.         goto exit;
    131. 

  131.     }
    132. 

  132. 

  133.     mode = atoi( argv[1] );
    134. 

  134. 

  135.     if( mode != MODE_ENCRYPT && mode != MODE_DECRYPT )
    136. 

  136.     {
    137. 

  137.         fprintf( stderr, "invalid operation mode\n" );
    138. 

  138.         goto exit;
    139. 

  139.     }
    140. 

  140. 

  141.     if( strcmp( argv[2], argv[3] ) == 0 )
    142. 

  142.     {
    143. 

  143.         fprintf( stderr, "input and output filenames must differ\n" );
    144. 

  144.         goto exit;
    145. 

  145.     }
    146. 

  146. 

  147.     if( ( fin = fopen( argv[2], "rb" ) ) == NULL )
    148. 

  148.     {
    149. 

  149.         fprintf( stderr, "fopen(%s,rb) failed\n", argv[2] );
    150. 

  150.         goto exit;
    151. 

  151.     }
    152. 

  152. 

  153.     if( ( fout = fopen( argv[3], "wb+" ) ) == NULL )
    154. 

  154.     {
    155. 

  155.         fprintf( stderr, "fopen(%s,wb+) failed\n", argv[3] );
    156. 

  156.         goto exit;
    157. 

  157.     }
    158. 

  158. 

  159.     /*
    160. 

  160.      * Read the Cipher and MD from the command line
    161. 

  161.      */
    162. 

  162.     cipher_info = cipher_info_from_string( argv[4] );
    163. 

  163.     if( cipher_info == NULL )
    164. 

  164.     {
    165. 

  165.         fprintf( stderr, "Cipher '%s' not found\n", argv[4] );
    166. 

  166.         goto exit;
    167. 

  167.     }
    168. 

  168.     cipher_init_ctx( &cipher_ctx, cipher_info);
    169. 

  169. 

  170.     md_info = md_info_from_string( argv[5] );
    171. 

  171.     if( md_info == NULL )
    172. 

  172.     {
    173. 

  173.         fprintf( stderr, "Message Digest '%s' not found\n", argv[5] );
    174. 

  174.         goto exit;
    175. 

  175.     }
    176. 

  176.     md_init_ctx( &md_ctx, md_info);
    177. 

  177. 

  178.     /*
    179. 

  179.      * Read the secret key and clean the command line.
    180. 

  180.      */
    181. 

  181.     if( ( fkey = fopen( argv[6], "rb" ) ) != NULL )
    182. 

  182.     {
    183. 

  183.         keylen = fread( key, 1, sizeof( key ), fkey );
    184. 

  184.         fclose( fkey );
    185. 

  185.     }
    186. 

  186.     else
    187. 

  187.     {
    188. 

  188.         if( memcmp( argv[6], "hex:", 4 ) == 0 )
    189. 

  189.         {
    190. 

  190.             p = &argv[6][4];
    191. 

  191.             keylen = 0;
    192. 

  192. 

  193.             while( sscanf( p, "%02X", &n ) > 0 &&
    194. 

  194.                    keylen < (int) sizeof( key ) )
    195. 

  195.             {
    196. 

  196.                 key[keylen++] = (unsigned char) n;
    197. 

  197.                 p += 2;
    198. 

  198.             }
    199. 

  199.         }
    200. 

  200.         else
    201. 

  201.         {
    202. 

  202.             keylen = strlen( argv[6] );
    203. 

  203. 

  204.             if( keylen > (int) sizeof( key ) )
    205. 

  205.                 keylen = (int) sizeof( key );
    206. 

  206. 

  207.             memcpy( key, argv[6], keylen );
    208. 

  208.         }
    209. 

  209.     }
    210. 

  210. 

  211.     memset( argv[6], 0, strlen( argv[6] ) );
    212. 

  212. 

  213. #if defined(WIN32)
    214. 

  214.     /*
    215. 

  215.      * Support large files (> 2Gb) on Win32
    216. 

  216.      */
    217. 

  217.     li_size.QuadPart = 0;
    218. 

  218.     li_size.LowPart  =
    219. 

  219.         SetFilePointer( (HANDLE) _get_osfhandle( _fileno( fin ) ),
    220. 

  220.                         li_size.LowPart, &li_size.HighPart, FILE_END );
    221. 

  221. 

  222.     if( li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR )
    223. 

  223.     {
    224. 

  224.         fprintf( stderr, "SetFilePointer(0,FILE_END) failed\n" );
    225. 

  225.         goto exit;
    226. 

  226.     }
    227. 

  227. 

  228.     filesize = li_size.QuadPart;
    229. 

  229. #else
    230. 

  230.     if( ( filesize = lseek( fileno( fin ), 0, SEEK_END ) ) < 0 )
    231. 

  231.     {
    232. 

  232.         perror( "lseek" );
    233. 

  233.         goto exit;
    234. 

  234.     }
    235. 

  235. #endif
    236. 

  236. 

  237.     if( fseek( fin, 0, SEEK_SET ) < 0 )
    238. 

  238.     {
    239. 

  239.         fprintf( stderr, "fseek(0,SEEK_SET) failed\n" );
    240. 

  240.         goto exit;
    241. 

  241.     }
    242. 

  242. 

  243.     if( mode == MODE_ENCRYPT )
    244. 

  244.     {
    245. 

  245.         /*
    246. 

  246.          * Generate the initialization vector as:
    247. 

  247.          * IV = SHA-256( filesize || filename )[0..15]
    248. 

  248.          */
    249. 

  249.         for( i = 0; i < 8; i++ )
    250. 

  250.             buffer[i] = (unsigned char)( filesize >> ( i << 3 ) );
    251. 

  251. 

  252.         p = argv[2];
    253. 

  253. 

  254.         md_starts( &md_ctx );
    255. 

  255.         md_update( &md_ctx, buffer, 8 );
    256. 

  256.         md_update( &md_ctx, (unsigned char *) p, strlen( p ) );
    257. 

  257.         md_finish( &md_ctx, digest );
    258. 

  258. 

  259.         memcpy( IV, digest, 16 );
    260. 

  260. 

  261.         /*
    262. 

  262.          * The last four bits in the IV are actually used
    263. 

  263.          * to store the file size modulo the AES block size.
    264. 

  264.          */
    265. 

  265.         lastn = (int)( filesize & 0x0F );
    266. 

  266. 

  267.         IV[15] = (unsigned char)
    268. 

  268.             ( ( IV[15] & 0xF0 ) | lastn );
    269. 

  269. 

  270.         /*
    271. 

  271.          * Append the IV at the beginning of the output.
    272. 

  272.          */
    273. 

  273.         if( fwrite( IV, 1, 16, fout ) != 16 )
    274. 

  274.         {
    275. 

  275.             fprintf( stderr, "fwrite(%d bytes) failed\n", 16 );
    276. 

  276.             goto exit;
    277. 

  277.         }
    278. 

  278. 

  279.         /*
    280. 

  280.          * Hash the IV and the secret key together 8192 times
    281. 

  281.          * using the result to setup the AES context and HMAC.
    282. 

  282.          */
    283. 

  283.         memset( digest, 0,  32 );
    284. 

  284.         memcpy( digest, IV, 16 );
    285. 

  285. 

  286.         for( i = 0; i < 8192; i++ )
    287. 

  287.         {
    288. 

  288.             md_starts( &md_ctx );
    289. 

  289.             md_update( &md_ctx, digest, 32 );
    290. 

  290.             md_update( &md_ctx, key, keylen );
    291. 

  291.             md_finish( &md_ctx, digest );
    292. 

  292. 

  293.         }
    294. 

  294. 

  295.         memset( key, 0, sizeof( key ) );
    296. 

  296. 

  297.         cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
    298. 

  298.             POLARSSL_ENCRYPT );
    299. 

  299.         cipher_reset( &cipher_ctx, IV);
    300. 

  300. 

  301.         md_hmac_starts( &md_ctx, digest, 32 );
    302. 

  302. 

  303.         /*
    304. 

  304.          * Encrypt and write the ciphertext.
    305. 

  305.          */
    306. 

  306.         for( offset = 0; offset < filesize; offset += cipher_get_block_size( &cipher_ctx ) )
    307. 

  307.         {
    308. 

  308.             ilen = ( (unsigned int) filesize - offset > cipher_get_block_size( &cipher_ctx ) ) ?
    309. 

  309.                 cipher_get_block_size( &cipher_ctx ) : (unsigned int) ( filesize - offset );
    310. 

  310. 

  311.             if( fread( buffer, 1, ilen, fin ) != ilen )
    312. 

  312.             {
    313. 

  313.                 fprintf( stderr, "fread(%ld bytes) failed\n", (long) n );
    314. 

  314.                 goto exit;
    315. 

  315.             }
    316. 

  316. 

  317.             cipher_update( &cipher_ctx, buffer, ilen, output, &olen );
    318. 

  318.             md_hmac_update( &md_ctx, output, olen );
    319. 

  319. 

  320.             if( fwrite( output, 1, olen, fout ) != olen )
    321. 

  321.             {
    322. 

  322.                 fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
    323. 

  323.                 goto exit;
    324. 

  324.             }
    325. 

  325.         }
    326. 

  326. 

  327.         cipher_finish( &cipher_ctx, output, &olen );
    328. 

  328.         md_hmac_update( &md_ctx, output, olen );
    329. 

  329. 

  330.         if( fwrite( output, 1, olen, fout ) != olen )
    331. 

  331.         {
    332. 

  332.             fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
    333. 

  333.             goto exit;
    334. 

  334.         }
    335. 

  335.         /*
    336. 

  336.          * Finally write the HMAC.
    337. 

  337.          */
    338. 

  338.         md_hmac_finish( &md_ctx, digest );
    339. 

  339. 

  340.         if( fwrite( digest, 1, md_get_size( md_info), fout ) != md_get_size( md_info) )
    341. 

  341.         {
    342. 

  342.             fprintf( stderr, "fwrite(%d bytes) failed\n", md_get_size( md_info) );
    343. 

  343.             goto exit;
    344. 

  344.         }
    345. 

  345.     }
    346. 

  346. 

  347.     if( mode == MODE_DECRYPT )
    348. 

  348.     {
    349. 

  349.         /*
    350. 

  350.          *  The encrypted file must be structured as follows:
    351. 

  351.          *
    352. 

  352.          *        00 .. 15              Initialization Vector
    353. 

  353.          *        16 .. 31              AES Encrypted Block #1
    354. 

  354.          *           ..
    355. 

  355.          *      N*16 .. (N+1)*16 - 1    AES Encrypted Block #N
    356. 

  356.          *  (N+1)*16 .. (N+1)*16 + 32   HMAC-SHA-256(ciphertext)
    357. 

  357.          */
    358. 

  358.         if( filesize < 16 + md_get_size( md_info) )
    359. 

  359.         {
    360. 

  360.             fprintf( stderr, "File too short to be encrypted.\n" );
    361. 

  361.             goto exit;
    362. 

  362.         }
    363. 

  363. 

  364.         if( ( filesize & 0x0F ) != 0 )
    365. 

  365.         {
    366. 

  366.             fprintf( stderr, "File size not a multiple of 16.\n" );
    367. 

  367.             goto exit;
    368. 

  368.         }
    369. 

  369. 

  370.         /*
    371. 

  371.          * Substract the IV + HMAC length.
    372. 

  372.          */
    373. 

  373.         filesize -= ( 16 + md_get_size( md_info ) );
    374. 

  374. 

  375.         /*
    376. 

  376.          * Read the IV and original filesize modulo 16.
    377. 

  377.          */
    378. 

  378.         if( fread( buffer, 1, 16, fin ) != 16 )
    379. 

  379.         {
    380. 

  380.             fprintf( stderr, "fread(%d bytes) failed\n", 16 );
    381. 

  381.             goto exit;
    382. 

  382.         }
    383. 

  383. 

  384.         memcpy( IV, buffer, 16 );
    385. 

  385.         lastn = IV[15] & 0x0F;
    386. 

  386. 

  387.         /*
    388. 

  388.          * Hash the IV and the secret key together 8192 times
    389. 

  389.          * using the result to setup the AES context and HMAC.
    390. 

  390.          */
    391. 

  391.         memset( digest, 0,  32 );
    392. 

  392.         memcpy( digest, IV, 16 );
    393. 

  393. 

  394.         for( i = 0; i < 8192; i++ )
    395. 

  395.         {
    396. 

  396.             md_starts( &md_ctx );
    397. 

  397.             md_update( &md_ctx, digest, 32 );
    398. 

  398.             md_update( &md_ctx, key, keylen );
    399. 

  399.             md_finish( &md_ctx, digest );
    400. 

  400.         }
    401. 

  401. 

  402.         memset( key, 0, sizeof( key ) );
    403. 

  403. 

  404.         cipher_setkey( &cipher_ctx, digest, cipher_info->key_length,
    405. 

  405.             POLARSSL_DECRYPT );
    406. 

  406.         cipher_reset( &cipher_ctx, IV);
    407. 

  407. 

  408.         md_hmac_starts( &md_ctx, digest, 32 );
    409. 

  409. 

  410.         /*
    411. 

  411.          * Decrypt and write the plaintext.
    412. 

  412.          */
    413. 

  413.         for( offset = 0; offset < filesize; offset += cipher_get_block_size( &cipher_ctx ) )
    414. 

  414.         {
    415. 

  415.             if( fread( buffer, 1, cipher_get_block_size( &cipher_ctx ), fin ) !=
    416. 

  416.                 (size_t) cipher_get_block_size( &cipher_ctx ) )
    417. 

  417.             {
    418. 

  418.                 fprintf( stderr, "fread(%d bytes) failed\n",
    419. 

  419.                     cipher_get_block_size( &cipher_ctx ) );
    420. 

  420.                 goto exit;
    421. 

  421.             }
    422. 

  422. 

  423.             md_hmac_update( &md_ctx, buffer, cipher_get_block_size( &cipher_ctx ) );
    424. 

  424.             cipher_update( &cipher_ctx, buffer, cipher_get_block_size( &cipher_ctx ),
    425. 

  425.                 output, &olen );
    426. 

  426. 

  427.             if( fwrite( output, 1, olen, fout ) != olen )
    428. 

  428.             {
    429. 

  429.                 fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
    430. 

  430.                 goto exit;
    431. 

  431.             }
    432. 

  432.         }
    433. 

  433. 

  434.         /*
    435. 

  435.          * Write the final block of data
    436. 

  436.          */
    437. 

  437.         cipher_finish( &cipher_ctx, output, &olen );
    438. 

  438. 

  439.         if( fwrite( output, 1, olen, fout ) != olen )
    440. 

  440.         {
    441. 

  441.             fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
    442. 

  442.             goto exit;
    443. 

  443.         }
    444. 

  444. 

  445.         /*
    446. 

  446.          * Verify the message authentication code.
    447. 

  447.          */
    448. 

  448.         md_hmac_finish( &md_ctx, digest );
    449. 

  449. 

  450.         if( fread( buffer, 1, md_get_size( md_info ), fin ) != md_get_size( md_info ) )
    451. 

  451.         {
    452. 

  452.             fprintf( stderr, "fread(%d bytes) failed\n", md_get_size( md_info ) );
    453. 

  453.             goto exit;
    454. 

  454.         }
    455. 

  455. 

  456.         if( memcmp( digest, buffer, md_get_size( md_info ) ) != 0 )
    457. 

  457.         {
    458. 

  458.             fprintf( stderr, "HMAC check failed: wrong key, "
    459. 

  459.                              "or file corrupted.\n" );
    460. 

  460.             goto exit;
    461. 

  461.         }
    462. 

  462.     }
    463. 

  463. 

  464.     ret = 0;
    465. 

  465. 

  466. exit:
    467. 

  467.     if( fin )
    468. 

  468.         fclose( fin );
    469. 

  469.     if( fout )
    470. 

  470.         fclose( fout );
    471. 

  471. 

  472.     memset( buffer, 0, sizeof( buffer ) );
    473. 

  473.     memset( digest, 0, sizeof( digest ) );
    474. 

  474. 

  475.     cipher_free_ctx( &cipher_ctx );
    476. 

  476.     md_free_ctx( &md_ctx );
    477. 

  477. 

  478.     return( ret );
    479. 

  479. }
    480. 

  480. #endif /* POLARSSL_CIPHER_C && POLARSSL_MD_C */
    481.