/src/libzip/lib/zip_crypto_openssl.c
Line | Count | Source |
1 | | /* |
2 | | zip_crypto_openssl.c -- OpenSSL wrapper. |
3 | | Copyright (C) 2018-2024 Dieter Baron and Thomas Klausner |
4 | | |
5 | | This file is part of libzip, a library to manipulate ZIP archives. |
6 | | The authors can be contacted at <info@libzip.org> |
7 | | |
8 | | Redistribution and use in source and binary forms, with or without |
9 | | modification, are permitted provided that the following conditions |
10 | | are met: |
11 | | 1. Redistributions of source code must retain the above copyright |
12 | | notice, this list of conditions and the following disclaimer. |
13 | | 2. Redistributions in binary form must reproduce the above copyright |
14 | | notice, this list of conditions and the following disclaimer in |
15 | | the documentation and/or other materials provided with the |
16 | | distribution. |
17 | | 3. The names of the authors may not be used to endorse or promote |
18 | | products derived from this software without specific prior |
19 | | written permission. |
20 | | |
21 | | THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS |
22 | | OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
23 | | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
24 | | ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY |
25 | | DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
26 | | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE |
27 | | GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
28 | | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER |
29 | | IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR |
30 | | OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN |
31 | | IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
32 | | */ |
33 | | |
34 | | #include <stdlib.h> |
35 | | |
36 | | #include "zipint.h" |
37 | | |
38 | | #include "zip_crypto.h" |
39 | | |
40 | | #include <limits.h> |
41 | | #include <openssl/rand.h> |
42 | | |
43 | | #ifdef USE_OPENSSL_3_API |
44 | | static _zip_crypto_hmac_t *hmac_new() { |
45 | | _zip_crypto_hmac_t *hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac)); |
46 | | if (hmac != NULL) { |
47 | | hmac->mac = NULL; |
48 | | hmac->ctx = NULL; |
49 | | } |
50 | | return hmac; |
51 | | } |
52 | | static void hmac_free(_zip_crypto_hmac_t *hmac) { |
53 | | if (hmac != NULL) { |
54 | | if (hmac->ctx != NULL) { |
55 | | EVP_MAC_CTX_free(hmac->ctx); |
56 | | } |
57 | | if (hmac->mac != NULL) { |
58 | | EVP_MAC_free(hmac->mac); |
59 | | } |
60 | | free(hmac); |
61 | | } |
62 | | } |
63 | | #endif |
64 | | |
65 | 971 | _zip_crypto_aes_t *_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) { |
66 | 971 | _zip_crypto_aes_t *aes; |
67 | 971 | const EVP_CIPHER *cipher_type; |
68 | | |
69 | 971 | switch (key_size) { |
70 | 332 | case 128: |
71 | 332 | cipher_type = EVP_aes_128_ecb(); |
72 | 332 | break; |
73 | 68 | case 192: |
74 | 68 | cipher_type = EVP_aes_192_ecb(); |
75 | 68 | break; |
76 | 571 | case 256: |
77 | 571 | cipher_type = EVP_aes_256_ecb(); |
78 | 571 | break; |
79 | 0 | default: |
80 | 0 | zip_error_set(error, ZIP_ER_INTERNAL, 0); |
81 | 0 | return NULL; |
82 | 971 | } |
83 | | |
84 | | #ifdef USE_OPENSSL_1_0_API |
85 | | if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) { |
86 | | zip_error_set(error, ZIP_ER_MEMORY, 0); |
87 | | return NULL; |
88 | | } |
89 | | memset(aes, 0, sizeof(*aes)); |
90 | | #else |
91 | 971 | if ((aes = EVP_CIPHER_CTX_new()) == NULL) { |
92 | 0 | zip_error_set(error, ZIP_ER_MEMORY, 0); |
93 | 0 | return NULL; |
94 | 0 | } |
95 | 971 | #endif |
96 | | |
97 | 971 | if (EVP_EncryptInit_ex(aes, cipher_type, NULL, key, NULL) != 1) { |
98 | | #ifdef USE_OPENSSL_1_0_API |
99 | | free(aes); |
100 | | #else |
101 | 0 | EVP_CIPHER_CTX_free(aes); |
102 | 0 | #endif |
103 | 0 | zip_error_set(error, ZIP_ER_INTERNAL, 0); |
104 | 0 | return NULL; |
105 | 0 | } |
106 | | |
107 | 971 | return aes; |
108 | 971 | } |
109 | | |
110 | 971 | void _zip_crypto_aes_free(_zip_crypto_aes_t *aes) { |
111 | 971 | if (aes == NULL) { |
112 | 0 | return; |
113 | 0 | } |
114 | | |
115 | | #ifdef USE_OPENSSL_1_0_API |
116 | | EVP_CIPHER_CTX_cleanup(aes); |
117 | | _zip_crypto_clear(aes, sizeof(*aes)); |
118 | | free(aes); |
119 | | #else |
120 | 971 | EVP_CIPHER_CTX_free(aes); |
121 | 971 | #endif |
122 | 971 | } |
123 | | |
124 | | |
125 | 5.90M | bool _zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) { |
126 | 5.90M | int len = 0; |
127 | 5.90M | if (EVP_EncryptUpdate(aes, out, &len, in, ZIP_CRYPTO_AES_BLOCK_LENGTH) != 1 || len != ZIP_CRYPTO_AES_BLOCK_LENGTH) { |
128 | 0 | return false; |
129 | 0 | } |
130 | 5.90M | return true; |
131 | 5.90M | } |
132 | | |
133 | | |
134 | 971 | _zip_crypto_hmac_t *_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) { |
135 | 971 | _zip_crypto_hmac_t *hmac; |
136 | | |
137 | 971 | if (secret_length > INT_MAX) { |
138 | 0 | zip_error_set(error, ZIP_ER_INVAL, 0); |
139 | 0 | return NULL; |
140 | 0 | } |
141 | | |
142 | | #ifdef USE_OPENSSL_3_API |
143 | | if ((hmac = hmac_new()) == NULL || (hmac->mac = EVP_MAC_fetch(NULL, "HMAC", "provider=default")) == NULL || (hmac->ctx = EVP_MAC_CTX_new(hmac->mac)) == NULL) { |
144 | | hmac_free(hmac); |
145 | | zip_error_set(error, ZIP_ER_MEMORY, 0); |
146 | | return NULL; |
147 | | } |
148 | | |
149 | | { |
150 | | OSSL_PARAM params[2]; |
151 | | params[0] = OSSL_PARAM_construct_utf8_string("digest", "SHA1", 0); |
152 | | params[1] = OSSL_PARAM_construct_end(); |
153 | | |
154 | | if (!EVP_MAC_init(hmac->ctx, (const unsigned char *)secret, secret_length, params)) { |
155 | | zip_error_set(error, ZIP_ER_INTERNAL, 0); |
156 | | hmac_free(hmac); |
157 | | return NULL; |
158 | | } |
159 | | } |
160 | | #else |
161 | | #ifdef USE_OPENSSL_1_0_API |
162 | | if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) { |
163 | | zip_error_set(error, ZIP_ER_MEMORY, 0); |
164 | | return NULL; |
165 | | } |
166 | | |
167 | | HMAC_CTX_init(hmac); |
168 | | #else |
169 | 971 | if ((hmac = HMAC_CTX_new()) == NULL) { |
170 | 0 | zip_error_set(error, ZIP_ER_MEMORY, 0); |
171 | 0 | return NULL; |
172 | 0 | } |
173 | 971 | #endif |
174 | | |
175 | 971 | if (HMAC_Init_ex(hmac, secret, (int)secret_length, EVP_sha1(), NULL) != 1) { |
176 | 0 | zip_error_set(error, ZIP_ER_INTERNAL, 0); |
177 | | #ifdef USE_OPENSSL_1_0_API |
178 | | free(hmac); |
179 | | #else |
180 | 0 | HMAC_CTX_free(hmac); |
181 | 0 | #endif |
182 | 0 | return NULL; |
183 | 0 | } |
184 | 971 | #endif |
185 | | |
186 | 971 | return hmac; |
187 | 971 | } |
188 | | |
189 | | |
190 | 971 | void _zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) { |
191 | 971 | if (hmac == NULL) { |
192 | 0 | return; |
193 | 0 | } |
194 | | |
195 | | #if defined(USE_OPENSSL_3_API) |
196 | | hmac_free(hmac); |
197 | | #elif defined(USE_OPENSSL_1_0_API) |
198 | | HMAC_CTX_cleanup(hmac); |
199 | | _zip_crypto_clear(hmac, sizeof(*hmac)); |
200 | | free(hmac); |
201 | | #else |
202 | 971 | HMAC_CTX_free(hmac); |
203 | 971 | #endif |
204 | 971 | } |
205 | | |
206 | | |
207 | 646 | bool _zip_crypto_hmac_output(_zip_crypto_hmac_t *hmac, zip_uint8_t *data) { |
208 | | #ifdef USE_OPENSSL_3_API |
209 | | size_t length = 0; |
210 | | return EVP_MAC_final(hmac->ctx, data, &length, ZIP_CRYPTO_SHA1_LENGTH) == 1 && length == ZIP_CRYPTO_SHA1_LENGTH; |
211 | | #else |
212 | 646 | unsigned int length = 0; |
213 | 646 | return HMAC_Final(hmac, data, &length) == 1 && length == ZIP_CRYPTO_SHA1_LENGTH; |
214 | 646 | #endif |
215 | 646 | } |
216 | | |
217 | | |
218 | 2.06k | ZIP_EXTERN bool zip_secure_random(zip_uint8_t *buffer, zip_uint16_t length) { |
219 | 2.06k | return RAND_bytes(buffer, length) == 1; |
220 | 2.06k | } |