summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMikalaiR <nikolay.romanovich@narod.ru>2016-02-22 16:24:32 +0000
committerMikalaiR <nikolay.romanovich@narod.ru>2016-02-22 16:24:32 +0000
commit99177f6965456cdccb93b6bafcf476a95ecacd6a (patch)
tree1e0ec5b1f0e225a88b93751f6962ddb14e7e208d
parentc61985b0312f634913926bf8b9021ad6ccec8324 (diff)
KuznechikCrypt: cbc encryption mode
git-svn-id: http://svn.miranda-ng.org/main/trunk@16323 1316c22d-e87f-b044-9b9b-93d7a3e3ba9c
-rw-r--r--plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp4
-rw-r--r--plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h2
-rw-r--r--plugins/Kuzne4ikCrypt/src/encrypt.cpp37
-rw-r--r--plugins/Kuzne4ikCrypt/src/stdcrypt.h3
4 files changed, 28 insertions, 18 deletions
diff --git a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp
index f87f7493a4..3606af3a26 100644
--- a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp
+++ b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp
@@ -208,7 +208,7 @@ void DLL_IMPORT free_ecb(void* ctx)
}
}
-static int init_cbc_14_impl(unsigned char *key, void* ctx, unsigned char *iv, size_t ivLength)
+static int init_cbc_14_impl(unsigned char *key, void* ctx, const unsigned char *iv, size_t ivLength)
{
Context_cbc* context;
INFOTECS_ASSERT(sizeof(Context_cbc)<=kCbc14ContextLen);
@@ -242,7 +242,7 @@ static int init_cbc_14_impl(unsigned char *key, void* ctx, unsigned char *iv, si
return 0;
}
-int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, unsigned char *iv, size_t ivLength)
+int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, const unsigned char *iv, size_t ivLength)
{
if(SelfTestGost14Cbc())
return -1;
diff --git a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h
index 869a0e1fd9..3a4500d3d0 100644
--- a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h
+++ b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h
@@ -93,7 +93,7 @@ void DLL_IMPORT free_ecb(void* ctx);
* @return 0 если все преобразование прошло успешно
* @return -1 если произошла ошибка
*/
-int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, unsigned char *iv, size_t ivLength);
+int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, const unsigned char *iv, size_t ivLength);
/** @brief Удаление контекста cbc
*
diff --git a/plugins/Kuzne4ikCrypt/src/encrypt.cpp b/plugins/Kuzne4ikCrypt/src/encrypt.cpp
index 2d97103691..c1da694a31 100644
--- a/plugins/Kuzne4ikCrypt/src/encrypt.cpp
+++ b/plugins/Kuzne4ikCrypt/src/encrypt.cpp
@@ -25,9 +25,12 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include "..\..\..\libs\zlib\src\zlib.h"
+const BYTE iv0[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
+
struct ExternalKey
{
BYTE m_key[KEY_LENGTH];
+ BYTE m_iv[KEY_LENGTH];
DWORD m_crc32;
BYTE slack[BLOCK_SIZE - sizeof(DWORD)];
};
@@ -62,16 +65,17 @@ bool CCrypt::getKey(BYTE *pKey, size_t cbKeyLen)
ExternalKey tmp = { 0 };
memcpy(&tmp.m_key, m_key, KEY_LENGTH);
+ memcpy(&tmp.m_iv, m_iv, KEY_LENGTH);
tmp.m_crc32 = crc32(0xAbbaDead, (LPCBYTE)m_password.GetString(), m_password.GetLength());
getRandomBytes(tmp.slack, sizeof(tmp.slack));
BYTE tmpHash[32];
slow_hash(m_password, m_password.GetLength(), tmpHash);
- BYTE ctx[kEcb14ContextLen];
- init_ecb_14(tmpHash, ctx);
- bool val = !encrypt_ecb(ctx, (BYTE*)&tmp, pKey, cbKeyLen);
- free_ecb(ctx);
+ BYTE ctx[kCbc14ContextLen];
+ init_cbc_14(tmpHash, ctx, iv0, _countof(iv0));
+ bool val = !encrypt_cbc(ctx, (BYTE*)&tmp, pKey, cbKeyLen);
+ free_cbc(ctx);
return val;
}
@@ -86,32 +90,37 @@ bool CCrypt::setKey(const BYTE *pKey, size_t cbKeyLen)
slow_hash(m_password, m_password.GetLength(), tmpHash);
- BYTE ctx[kEcb14ContextLen];
- init_ecb_14(tmpHash, ctx);
+ BYTE ctx[kCbc14ContextLen];
+ init_cbc_14(tmpHash, ctx, iv0, _countof(iv0));
ExternalKey tmp = { 0 };
- decrypt_ecb(ctx, (BYTE*)pKey, (BYTE*)&tmp, sizeof(tmp));
+ decrypt_cbc(ctx, (BYTE*)pKey, (BYTE*)&tmp, sizeof(tmp));
- free_ecb(ctx);
+ free_cbc(ctx);
if (tmp.m_crc32 != crc32(0xAbbaDead, (LPCBYTE)m_password.GetString(), m_password.GetLength()))
return false;
memcpy(m_key, &tmp.m_key, KEY_LENGTH);
- init_ecb_14(m_key, m_ctx);
+ memcpy(m_iv, &tmp.m_iv, KEY_LENGTH);
+ init_cbc_14(m_key, m_ctx, m_iv, KEY_LENGTH);
return m_valid = true;
}
bool CCrypt::generateKey(void)
{
- BYTE tmp[KEY_LENGTH];
- if (!getRandomBytes(tmp, sizeof(tmp)))
+ BYTE tmp[KEY_LENGTH], tmpiv[KEY_LENGTH];
+ if (!getRandomBytes(tmp, sizeof(tmp)) || !getRandomBytes(tmpiv, sizeof(tmpiv)))
return false;
memcpy(m_key, tmp, KEY_LENGTH);
- init_ecb_14(m_key, m_ctx);
+ memcpy(m_iv, tmpiv, KEY_LENGTH);
+ init_cbc_14(m_key, m_ctx, m_iv, _countof(m_iv));
+
+ SecureZeroMemory(tmp, _countof(tmp)); SecureZeroMemory(tmpiv, _countof(tmpiv));
+
return m_valid = true;
}
@@ -163,7 +172,7 @@ BYTE* CCrypt::encodeBuffer(const void *src, size_t cbLen, size_t *cbResultLen)
BYTE *result = (BYTE*)mir_alloc(cbLen);
- if (encrypt_ecb(m_ctx, tmpBuf, result, cbLen)) {
+ if (encrypt_cbc(m_ctx, tmpBuf, result, cbLen)) {
mir_free(result);
return NULL;
}
@@ -199,7 +208,7 @@ void* CCrypt::decodeBuffer(const BYTE *pBuf, size_t bufLen, size_t *cbResultLen)
char *result = (char*)mir_alloc(bufLen + 1);
- if (decrypt_ecb(m_ctx, LPBYTE(pBuf), (BYTE*)result, bufLen)) {
+ if (decrypt_cbc(m_ctx, LPBYTE(pBuf), (BYTE*)result, bufLen)) {
mir_free(result);
return NULL;
}
diff --git a/plugins/Kuzne4ikCrypt/src/stdcrypt.h b/plugins/Kuzne4ikCrypt/src/stdcrypt.h
index b0708da257..dd8bb249d8 100644
--- a/plugins/Kuzne4ikCrypt/src/stdcrypt.h
+++ b/plugins/Kuzne4ikCrypt/src/stdcrypt.h
@@ -29,8 +29,9 @@ struct CCrypt : public MICryptoEngine, public MZeroedObject
CMStringA m_password;
BYTE m_key[KEY_LENGTH];
+ BYTE m_iv [KEY_LENGTH];
- BYTE m_ctx[kEcb14ContextLen];
+ BYTE m_ctx[kCbc14ContextLen];
STDMETHODIMP_(void) destroy();