mirror of
https://codeberg.org/scip/pcp.git
synced 2025-12-17 20:00:58 +01:00
297 lines
7.2 KiB
C
297 lines
7.2 KiB
C
/*
|
|
This file is part of Pretty Curved Privacy (pcp1).
|
|
|
|
Copyright (C) 2013 T.Linden.
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
You can contact me by mail: <tlinden AT cpan DOT org>.
|
|
*/
|
|
|
|
|
|
#include "crypto.h"
|
|
|
|
size_t pcp_sodium_box(unsigned char **cipher,
|
|
unsigned char *cleartext,
|
|
size_t clearsize,
|
|
unsigned char *nonce,
|
|
unsigned char *secret,
|
|
unsigned char *pub) {
|
|
|
|
unsigned char *pad_clear;
|
|
unsigned char *pad_cipher;
|
|
|
|
size_t ciphersize = (clearsize + crypto_box_ZEROBYTES) - crypto_box_BOXZEROBYTES;
|
|
|
|
pad_cipher = ucmalloc(crypto_box_ZEROBYTES + clearsize);
|
|
pcp_pad_prepend(&pad_clear, cleartext, crypto_box_ZEROBYTES, clearsize);
|
|
|
|
// crypto_box(c,m,mlen,n,pk,sk);
|
|
crypto_box(pad_cipher, pad_clear,
|
|
clearsize + crypto_box_ZEROBYTES, nonce, pub, secret);
|
|
|
|
pcp_pad_remove(cipher, pad_cipher, crypto_secretbox_BOXZEROBYTES, ciphersize);
|
|
|
|
free(pad_clear);
|
|
free(pad_cipher);
|
|
|
|
return ciphersize;
|
|
}
|
|
|
|
|
|
|
|
|
|
int pcp_sodium_verify_box(unsigned char **cleartext, unsigned char* message,
|
|
size_t messagesize, unsigned char *nonce,
|
|
unsigned char *secret, unsigned char *pub) {
|
|
// verify/decrypt the box
|
|
unsigned char *pad_cipher;
|
|
unsigned char *pad_clear;
|
|
int success = -1;
|
|
|
|
pcp_pad_prepend(&pad_cipher, message, crypto_box_BOXZEROBYTES, messagesize);
|
|
pad_clear = (unsigned char *)ucmalloc((crypto_box_ZEROBYTES+ messagesize));
|
|
|
|
// crypto_box_open(m,c,clen,n,pk,sk);
|
|
if (crypto_box_open(pad_clear, pad_cipher,
|
|
messagesize + crypto_box_BOXZEROBYTES,
|
|
nonce, pub, secret) == 0) {
|
|
success = 0;
|
|
}
|
|
|
|
pcp_pad_remove(cleartext, pad_clear, crypto_box_ZEROBYTES, messagesize);
|
|
|
|
free(pad_clear);
|
|
free(pad_cipher);
|
|
|
|
return success;
|
|
}
|
|
|
|
|
|
|
|
|
|
unsigned char *pcp_box_encrypt(pcp_key_t *secret, pcp_pubkey_t *pub,
|
|
unsigned char *message, size_t messagesize,
|
|
size_t *csize) {
|
|
|
|
unsigned char *nonce = pcp_gennonce();
|
|
|
|
unsigned char *cipher;
|
|
|
|
size_t es = pcp_sodium_box(&cipher, message, messagesize, nonce,
|
|
secret->secret, pub->pub);
|
|
|
|
if(es <= messagesize) {
|
|
fatal("failed to encrypt message!\n");
|
|
goto errbec;
|
|
}
|
|
|
|
// scip
|
|
//fprintf(stderr, "public: "); pcpprint_bin(stderr, pub->pub, 32); fprintf(stderr, "\n");
|
|
//fprintf(stderr, "secret: "); pcpprint_bin(stderr, secret->secret, 32); fprintf(stderr, "\n");
|
|
//fprintf(stderr, "cipher: "); pcpprint_bin(stderr, cipher, es); fprintf(stderr, "\n");
|
|
//fprintf(stderr, " nonce: "); pcpprint_bin(stderr, nonce, crypto_secretbox_NONCEBYTES); fprintf(stderr, "\n");
|
|
|
|
// put nonce and cipher together
|
|
unsigned char *combined = ucmalloc(es + crypto_secretbox_NONCEBYTES);
|
|
memcpy(combined, nonce, crypto_secretbox_NONCEBYTES);
|
|
memcpy(&combined[crypto_secretbox_NONCEBYTES], cipher, es);
|
|
|
|
free(cipher);
|
|
free(nonce);
|
|
|
|
*csize = es + crypto_secretbox_NONCEBYTES;
|
|
|
|
return combined;
|
|
|
|
errbec:
|
|
if(cipher != NULL)
|
|
free(cipher);
|
|
free(nonce);
|
|
|
|
return NULL;
|
|
}
|
|
|
|
|
|
unsigned char *pcp_box_decrypt(pcp_key_t *secret, pcp_pubkey_t *pub,
|
|
unsigned char *cipher, size_t ciphersize,
|
|
size_t *dsize) {
|
|
|
|
unsigned char *message = NULL;
|
|
|
|
unsigned char *nonce = ucmalloc(crypto_secretbox_NONCEBYTES);
|
|
unsigned char *cipheronly = ucmalloc(ciphersize - crypto_secretbox_NONCEBYTES);
|
|
|
|
memcpy(nonce, cipher, crypto_secretbox_NONCEBYTES);
|
|
memcpy(cipheronly, &cipher[crypto_secretbox_NONCEBYTES],
|
|
ciphersize - crypto_secretbox_NONCEBYTES);
|
|
|
|
if(pcp_sodium_verify_box(&message, cipheronly,
|
|
ciphersize - crypto_secretbox_NONCEBYTES,
|
|
nonce, secret->secret, pub->pub) != 0){
|
|
fatal("failed to decrypt message!\n");
|
|
goto errbed;
|
|
}
|
|
|
|
free(nonce);
|
|
free(cipheronly);
|
|
|
|
// resulting size:
|
|
// ciphersize - crypto_secretbox_ZEROBYTES
|
|
*dsize = ciphersize - crypto_secretbox_ZEROBYTES;
|
|
return message;
|
|
|
|
errbed:
|
|
free(nonce);
|
|
free(cipheronly);
|
|
if(message != NULL)
|
|
free(message);
|
|
|
|
return NULL;
|
|
}
|
|
|
|
size_t pcp_decrypt_file(FILE *in, FILE* out, pcp_key_t *s) {
|
|
pcp_pubkey_t *p;
|
|
size_t clen;
|
|
size_t dlen = 0;
|
|
|
|
char *encoded = pcp_readz85file(in);
|
|
if(encoded == NULL)
|
|
return 0;
|
|
|
|
unsigned char *combined = pcp_z85_decode((char *)encoded, &clen);
|
|
clen = clen - crypto_secretbox_KEYBYTES;
|
|
|
|
if(combined == NULL)
|
|
goto errdf1;
|
|
|
|
// extract the sender's public key from the cipher
|
|
p = ucmalloc(sizeof(pcp_pubkey_t));
|
|
memcpy(p->pub, combined, crypto_secretbox_KEYBYTES);
|
|
|
|
unsigned char *encrypted = ucmalloc(clen);
|
|
memcpy(encrypted, &combined[crypto_secretbox_KEYBYTES], clen);
|
|
|
|
unsigned char *decrypted = pcp_box_decrypt(s, p,
|
|
encrypted,
|
|
clen, &dlen);
|
|
|
|
if(decrypted == NULL) {
|
|
// maybe self encryption?
|
|
pcp_pubkey_t *mypub = pcpkey_pub_from_secret(s);
|
|
decrypted = pcp_box_decrypt(s, mypub,
|
|
encrypted,
|
|
clen, &dlen);
|
|
free(mypub);
|
|
}
|
|
|
|
if(decrypted != NULL) {
|
|
fatals_reset();
|
|
fwrite(decrypted, dlen, 1, out);
|
|
fclose(out);
|
|
|
|
if(ferror(out) != 0) {
|
|
fatal("Failed to write decrypted output!\n");
|
|
dlen = 0;
|
|
goto errdf2;
|
|
}
|
|
}
|
|
|
|
errdf2:
|
|
free(decrypted);
|
|
free(combined);
|
|
free(p);
|
|
|
|
errdf1:
|
|
free(encoded);
|
|
|
|
return dlen;
|
|
}
|
|
|
|
|
|
size_t pcp_encrypt_file(FILE *in, FILE* out, pcp_key_t *s, pcp_pubkey_t *p, int self) {
|
|
unsigned char *input = NULL;
|
|
size_t inputBufSize = 0;
|
|
unsigned char byte[1];
|
|
size_t ciphersize;
|
|
size_t clen = 0;
|
|
size_t zlen = 0;
|
|
unsigned char *cipher;
|
|
unsigned char *combined;
|
|
|
|
while(!feof(in)) {
|
|
if(!fread(&byte, 1, 1, in))
|
|
break;
|
|
unsigned char *tmp = realloc(input, inputBufSize + 1);
|
|
input = tmp;
|
|
memmove(&input[inputBufSize], byte, 1);
|
|
inputBufSize ++;
|
|
}
|
|
fclose(in);
|
|
|
|
if(inputBufSize == 0) {
|
|
fatal("Input file is empty!\n");
|
|
goto erref1;
|
|
}
|
|
|
|
cipher = pcp_box_encrypt(s, p, input, inputBufSize, &ciphersize);
|
|
if(cipher == NULL)
|
|
goto erref2;
|
|
|
|
clen = ciphersize + crypto_secretbox_KEYBYTES;
|
|
combined = ucmalloc(clen);
|
|
|
|
if(self == 1) {
|
|
unsigned char *fakepub = urmalloc(crypto_secretbox_KEYBYTES);
|
|
memcpy(combined, fakepub, crypto_secretbox_KEYBYTES);
|
|
free(fakepub);
|
|
}
|
|
else {
|
|
memcpy(combined, s->pub, crypto_secretbox_KEYBYTES);
|
|
}
|
|
|
|
memcpy(&combined[crypto_secretbox_KEYBYTES], cipher, ciphersize);
|
|
|
|
// combined consists of:
|
|
// our-public-key|nonce|cipher
|
|
char *encoded = pcp_z85_encode(combined, clen, &zlen);
|
|
|
|
if(encoded == NULL)
|
|
goto erref3;
|
|
|
|
fprintf(out, "%s\n%s\n%s\n", PCP_ENFILE_HEADER, encoded, PCP_ENFILE_FOOTER);
|
|
if(ferror(out) != 0) {
|
|
fatal("Failed to write encrypted output!\n");
|
|
inputBufSize = 0;
|
|
}
|
|
|
|
fclose(out);
|
|
free(encoded);
|
|
free(combined);
|
|
free(cipher);
|
|
|
|
return inputBufSize;
|
|
|
|
erref3:
|
|
free(combined);
|
|
free(cipher);
|
|
|
|
erref2:
|
|
free(input);
|
|
|
|
erref1:
|
|
|
|
return 0;
|
|
}
|