diff options
Diffstat (limited to 'plugins/Kuzne4ikCrypt')
-rw-r--r-- | plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp | 4 | ||||
-rw-r--r-- | plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h | 2 | ||||
-rw-r--r-- | plugins/Kuzne4ikCrypt/src/encrypt.cpp | 37 | ||||
-rw-r--r-- | plugins/Kuzne4ikCrypt/src/stdcrypt.h | 3 |
4 files changed, 28 insertions, 18 deletions
diff --git a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp index f87f7493a4..3606af3a26 100644 --- a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp +++ b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.cpp @@ -208,7 +208,7 @@ void DLL_IMPORT free_ecb(void* ctx) }
}
-static int init_cbc_14_impl(unsigned char *key, void* ctx, unsigned char *iv, size_t ivLength)
+static int init_cbc_14_impl(unsigned char *key, void* ctx, const unsigned char *iv, size_t ivLength)
{
Context_cbc* context;
INFOTECS_ASSERT(sizeof(Context_cbc)<=kCbc14ContextLen);
@@ -242,7 +242,7 @@ static int init_cbc_14_impl(unsigned char *key, void* ctx, unsigned char *iv, si return 0;
}
-int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, unsigned char *iv, size_t ivLength)
+int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, const unsigned char *iv, size_t ivLength)
{
if(SelfTestGost14Cbc())
return -1;
diff --git a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h index 869a0e1fd9..3a4500d3d0 100644 --- a/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h +++ b/plugins/Kuzne4ikCrypt/src/GOST/block_chipher.h @@ -93,7 +93,7 @@ void DLL_IMPORT free_ecb(void* ctx); * @return 0 если все преобразование прошло успешно
* @return -1 если произошла ошибка
*/
-int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, unsigned char *iv, size_t ivLength);
+int DLL_IMPORT init_cbc_14(unsigned char *key, void* ctx, const unsigned char *iv, size_t ivLength);
/** @brief Удаление контекста cbc
*
diff --git a/plugins/Kuzne4ikCrypt/src/encrypt.cpp b/plugins/Kuzne4ikCrypt/src/encrypt.cpp index 2d97103691..c1da694a31 100644 --- a/plugins/Kuzne4ikCrypt/src/encrypt.cpp +++ b/plugins/Kuzne4ikCrypt/src/encrypt.cpp @@ -25,9 +25,12 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. #include "..\..\..\libs\zlib\src\zlib.h"
+const BYTE iv0[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
+
struct ExternalKey
{
BYTE m_key[KEY_LENGTH];
+ BYTE m_iv[KEY_LENGTH];
DWORD m_crc32;
BYTE slack[BLOCK_SIZE - sizeof(DWORD)];
};
@@ -62,16 +65,17 @@ bool CCrypt::getKey(BYTE *pKey, size_t cbKeyLen) ExternalKey tmp = { 0 };
memcpy(&tmp.m_key, m_key, KEY_LENGTH);
+ memcpy(&tmp.m_iv, m_iv, KEY_LENGTH);
tmp.m_crc32 = crc32(0xAbbaDead, (LPCBYTE)m_password.GetString(), m_password.GetLength());
getRandomBytes(tmp.slack, sizeof(tmp.slack));
BYTE tmpHash[32];
slow_hash(m_password, m_password.GetLength(), tmpHash);
- BYTE ctx[kEcb14ContextLen];
- init_ecb_14(tmpHash, ctx);
- bool val = !encrypt_ecb(ctx, (BYTE*)&tmp, pKey, cbKeyLen);
- free_ecb(ctx);
+ BYTE ctx[kCbc14ContextLen];
+ init_cbc_14(tmpHash, ctx, iv0, _countof(iv0));
+ bool val = !encrypt_cbc(ctx, (BYTE*)&tmp, pKey, cbKeyLen);
+ free_cbc(ctx);
return val;
}
@@ -86,32 +90,37 @@ bool CCrypt::setKey(const BYTE *pKey, size_t cbKeyLen) slow_hash(m_password, m_password.GetLength(), tmpHash);
- BYTE ctx[kEcb14ContextLen];
- init_ecb_14(tmpHash, ctx);
+ BYTE ctx[kCbc14ContextLen];
+ init_cbc_14(tmpHash, ctx, iv0, _countof(iv0));
ExternalKey tmp = { 0 };
- decrypt_ecb(ctx, (BYTE*)pKey, (BYTE*)&tmp, sizeof(tmp));
+ decrypt_cbc(ctx, (BYTE*)pKey, (BYTE*)&tmp, sizeof(tmp));
- free_ecb(ctx);
+ free_cbc(ctx);
if (tmp.m_crc32 != crc32(0xAbbaDead, (LPCBYTE)m_password.GetString(), m_password.GetLength()))
return false;
memcpy(m_key, &tmp.m_key, KEY_LENGTH);
- init_ecb_14(m_key, m_ctx);
+ memcpy(m_iv, &tmp.m_iv, KEY_LENGTH);
+ init_cbc_14(m_key, m_ctx, m_iv, KEY_LENGTH);
return m_valid = true;
}
bool CCrypt::generateKey(void)
{
- BYTE tmp[KEY_LENGTH];
- if (!getRandomBytes(tmp, sizeof(tmp)))
+ BYTE tmp[KEY_LENGTH], tmpiv[KEY_LENGTH];
+ if (!getRandomBytes(tmp, sizeof(tmp)) || !getRandomBytes(tmpiv, sizeof(tmpiv)))
return false;
memcpy(m_key, tmp, KEY_LENGTH);
- init_ecb_14(m_key, m_ctx);
+ memcpy(m_iv, tmpiv, KEY_LENGTH);
+ init_cbc_14(m_key, m_ctx, m_iv, _countof(m_iv));
+
+ SecureZeroMemory(tmp, _countof(tmp)); SecureZeroMemory(tmpiv, _countof(tmpiv));
+
return m_valid = true;
}
@@ -163,7 +172,7 @@ BYTE* CCrypt::encodeBuffer(const void *src, size_t cbLen, size_t *cbResultLen) BYTE *result = (BYTE*)mir_alloc(cbLen);
- if (encrypt_ecb(m_ctx, tmpBuf, result, cbLen)) {
+ if (encrypt_cbc(m_ctx, tmpBuf, result, cbLen)) {
mir_free(result);
return NULL;
}
@@ -199,7 +208,7 @@ void* CCrypt::decodeBuffer(const BYTE *pBuf, size_t bufLen, size_t *cbResultLen) char *result = (char*)mir_alloc(bufLen + 1);
- if (decrypt_ecb(m_ctx, LPBYTE(pBuf), (BYTE*)result, bufLen)) {
+ if (decrypt_cbc(m_ctx, LPBYTE(pBuf), (BYTE*)result, bufLen)) {
mir_free(result);
return NULL;
}
diff --git a/plugins/Kuzne4ikCrypt/src/stdcrypt.h b/plugins/Kuzne4ikCrypt/src/stdcrypt.h index b0708da257..dd8bb249d8 100644 --- a/plugins/Kuzne4ikCrypt/src/stdcrypt.h +++ b/plugins/Kuzne4ikCrypt/src/stdcrypt.h @@ -29,8 +29,9 @@ struct CCrypt : public MICryptoEngine, public MZeroedObject CMStringA m_password;
BYTE m_key[KEY_LENGTH];
+ BYTE m_iv [KEY_LENGTH];
- BYTE m_ctx[kEcb14ContextLen];
+ BYTE m_ctx[kCbc14ContextLen];
STDMETHODIMP_(void) destroy();
|