Domovská stránka Prehľadávať Pomoc
Registrovať Prihlásiť sa
Apq
/
udp2raw
zrkadlo https://github.com/wangyu-/udp2raw.git
1
0
Fork 0
Súbory Issues 0 Wiki
Branch: unified
Branche Tagy
udp2raw
/
encrypt.cpp

encrypt.cpp 19 KB
Permanentný odkaz História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588 
  1. #include "lib/aes-common.h"
    2. 

  2. #include "lib/md5.h"
    3. 

  3. #include "lib/pbkdf2-sha1.h"
    4. 

  4. #include "lib/pbkdf2-sha256.h"
    5. 

  5. #include <string.h>
    6. 

  6. #include <stdint.h>
    7. 

  7. #include <stdlib.h>
    8. 

  8. #include <stdio.h>
    9. 

  9. #include "encrypt.h"
    10. 

  10. #include "common.h"
    11. 

  11. #include "log.h"
    12. 

  12. 

  13. // static uint64_t seq=1;
    14. 

  14. 

  15. static int8_t zero_iv[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};  // this prog use zero iv,you should make sure first block of data contains a random/nonce data
    16. 

  16. /****
    17. 

  17.  * security of zero_iv + nonce first data block
    18. 

  18.  * https://crypto.stackexchange.com/questions/5421/using-cbc-with-a-fixed-iv-and-a-random-first-plaintext-block
    19. 

  19.  ****/
    20. 

  20. 

  21. char normal_key[16 + 100];    // generated from key_string by md5. reserved for compatiblity
    22. 

  22. const int hmac_key_len = 64;  // generate 512bit long keys, use first n chars when needed
    23. 

  23. const int cipher_key_len = 64;
    24. 

  24. unsigned char hmac_key_encrypt[hmac_key_len + 100];      // key for hmac
    25. 

  25. unsigned char hmac_key_decrypt[hmac_key_len + 100];      // key for hmac
    26. 

  26. unsigned char cipher_key_encrypt[cipher_key_len + 100];  // key for aes etc.
    27. 

  27. unsigned char cipher_key_decrypt[cipher_key_len + 100];  // key for aes etc.
    28. 

  28. 

  29. char gro_xor[256 + 100];  // dirty fix for gro
    30. 

  30. 

  31. unordered_map<int, const char *> auth_mode_tostring = {
    32. 

  32.     {auth_none, "none"},
    33. 

  33.     {auth_md5, "md5"},
    34. 

  34.     {auth_crc32, "crc32"},
    35. 

  35.     {auth_simple, "simple"},
    36. 

  36.     {auth_hmac_sha1, "hmac_sha1"},
    37. 

  37. };
    38. 

  38. 

  39. unordered_map<int, const char *> cipher_mode_tostring = {
    40. 

  40.     {cipher_none, "none"},
    41. 

  41.     {cipher_aes128cfb, "aes128cfb"},
    42. 

  42.     {cipher_aes128cbc, "aes128cbc"},
    43. 

  43.     {cipher_xor, "xor"},
    44. 

  44. };
    45. 

  45. // TODO aes-gcm
    46. 

  46. 

  47. auth_mode_t auth_mode = auth_md5;
    48. 

  48. cipher_mode_t cipher_mode = cipher_aes128cbc;
    49. 

  49. int is_hmac_used = 0;
    50. 

  50. 

  51. int aes128cfb_old = 0;
    52. 

  52. 

  53. // TODO key negotiation and forward secrecy
    54. 

  54. 

  55. int my_init_keys(const char *user_passwd, int is_client) {
    56. 

  56.     char tmp[1000] = "";
    57. 

  57.     int len = strlen(user_passwd);
    58. 

  58. 

  59.     strcat(tmp, user_passwd);
    60. 

  60. 

  61.     strcat(tmp, "key1");
    62. 

  62. 

  63.     md5((uint8_t *)tmp, strlen(tmp), (uint8_t *)normal_key);
    64. 

  64. 

  65.     if (auth_mode == auth_hmac_sha1)
    66. 

  66.         is_hmac_used = 1;
    67. 

  67.     if (is_hmac_used || g_fix_gro || 1) {
    68. 

  68.         unsigned char salt[400] = "";
    69. 

  69.         char salt_text[400] = "udp2raw_salt1";
    70. 

  70.         md5((uint8_t *)(salt_text), strlen(salt_text), salt);  // TODO different salt per session
    71. 

  71. 

  72.         unsigned char pbkdf2_output1[400] = "";
    73. 

  73.         PKCS5_PBKDF2_HMAC_SHA256((uint8_t *)user_passwd, len, salt, 16, 10000, 32, pbkdf2_output1);  // TODO argon2 ?
    74. 

  74. 

  75.         // unsigned char pbkdf2_output2[400]="";
    76. 

  76.         // PKCS5_PBKDF2_HMAC_SHA256(pbkdf2_output1,32,0,0,1, hmac_key_len*2+cipher_key_len*2,pbkdf2_output2);  //stretch it
    77. 

  77. 

  78.         const char *info_hmac_encrypt = "hmac_key server-->client";
    79. 

  79.         const char *info_hmac_decrypt = "hmac_key client-->server";
    80. 

  80.         const char *info_cipher_encrypt = "cipher_key server-->client";
    81. 

  81.         const char *info_cipher_decrypt = "cipher_key client-->server";
    82. 

  82. 

  83.         if (is_client) {
    84. 

  84.             const char *tmp;
    85. 

  85.             tmp = info_hmac_encrypt;
    86. 

  86.             info_hmac_encrypt = info_hmac_decrypt;
    87. 

  87.             info_hmac_decrypt = tmp;
    88. 

  88.             tmp = info_cipher_encrypt;
    89. 

  89.             info_cipher_encrypt = info_cipher_decrypt;
    90. 

  90.             info_cipher_decrypt = tmp;
    91. 

  91.         } else {
    92. 

  92.             // nop
    93. 

  93.         }
    94. 

  94. 

  95.         assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_cipher_encrypt, strlen(info_cipher_encrypt), cipher_key_encrypt, cipher_key_len) == 0);
    96. 

  96.         assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_cipher_decrypt, strlen(info_cipher_decrypt), cipher_key_decrypt, cipher_key_len) == 0);
    97. 

  97.         assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_hmac_encrypt, strlen(info_hmac_encrypt), hmac_key_encrypt, hmac_key_len) == 0);
    98. 

  98.         assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)info_hmac_decrypt, strlen(info_hmac_decrypt), hmac_key_decrypt, hmac_key_len) == 0);
    99. 

  99. 

  100.         const char *gro_info = "gro";
    101. 

  101.         assert(hkdf_sha256_expand(pbkdf2_output1, 32, (unsigned char *)gro_info, strlen(gro_info), (unsigned char *)gro_xor, 256) == 0);
    102. 

  102.     }
    103. 

  103. 

  104.     print_binary_chars(normal_key, 16);
    105. 

  105.     print_binary_chars((char *)hmac_key_encrypt, hmac_key_len);
    106. 

  106.     print_binary_chars((char *)hmac_key_decrypt, hmac_key_len);
    107. 

  107.     print_binary_chars((char *)cipher_key_encrypt, cipher_key_len);
    108. 

  108.     print_binary_chars((char *)cipher_key_decrypt, cipher_key_len);
    109. 

  109. 

  110.     return 0;
    111. 

  111. }
    112. 

  112. /*
    113. 

  113.  *  this function comes from  http://www.hackersdelight.org/hdcodetxt/crc.c.txt
    114. 

  114.  */
    115. 

  115. unsigned int crc32h(unsigned char *message, int len) {
    116. 

  116.     int i, crc;
    117. 

  117.     unsigned int byte, c;
    118. 

  118.     const unsigned int g0 = 0xEDB88320, g1 = g0 >> 1,
    119. 

  119.                        g2 = g0 >> 2, g3 = g0 >> 3, g4 = g0 >> 4, g5 = g0 >> 5,
    120. 

  120.                        g6 = (g0 >> 6) ^ g0, g7 = ((g0 >> 6) ^ g0) >> 1;
    121. 

  121. 

  122.     i = 0;
    123. 

  123.     crc = 0xFFFFFFFF;
    124. 

  124.     while (i != len) {  // Get next byte.
    125. 

  125.         byte = message[i];
    126. 

  126.         crc = crc ^ byte;
    127. 

  127.         c = ((crc << 31 >> 31) & g7) ^ ((crc << 30 >> 31) & g6) ^
    128. 

  128.             ((crc << 29 >> 31) & g5) ^ ((crc << 28 >> 31) & g4) ^
    129. 

  129.             ((crc << 27 >> 31) & g3) ^ ((crc << 26 >> 31) & g2) ^
    130. 

  130.             ((crc << 25 >> 31) & g1) ^ ((crc << 24 >> 31) & g0);
    131. 

  131.         crc = ((unsigned)crc >> 8) ^ c;
    132. 

  132.         i = i + 1;
    133. 

  133.     }
    134. 

  134.     return ~crc;
    135. 

  135. }
    136. 

  136. 

  137. /*
    138. 

  138.  void sum(const unsigned  char *data,int len,unsigned char*  res) {
    139. 

  139.    memset(res,0,sizeof(int));
    140. 

  140.    for(int i=0,j=0;i<len;i++,j++)
    141. 

  141.    {
    142. 

  142.            if(j==4) j=0;
    143. 

  143.            res[j]+=data[i];
    144. 

  144.    }
    145. 

  145. 

  146.    return ;
    147. 

  147. }*/
    148. 

  148. 

  149. void simple_hash(unsigned char *str, int len, unsigned char res[8])  // djb2+ sdbm
    150. 

  150. {
    151. 

  151.     u32_t hash = 5381;
    152. 

  152.     u32_t hash2 = 0;
    153. 

  153.     int c;
    154. 

  154.     int i = 0;
    155. 

  155.     while (c = *str++, i++ != len) {
    156. 

  156.         // hash = ((hash << 5) + hash) + c; /* hash * 33 + c */
    157. 

  157.         hash = ((hash << 5) + hash) ^ c; /* (hash * 33) ^ c */
    158. 

  158.         hash2 = c + (hash2 << 6) + (hash2 << 16) - hash2;
    159. 

  159.     }
    160. 

  160. 

  161.     hash = htonl(hash);
    162. 

  162.     hash2 = htonl(hash2);
    163. 

  163.     memcpy(res, &hash, sizeof(hash));
    164. 

  164.     memcpy(res + sizeof(hash), &hash2, sizeof(hash2));
    165. 

  165. }
    166. 

  166. 

  167. int auth_md5_cal(const char *data, char *output, int &len) {
    168. 

  168.     memcpy(output, data, len);  // TODO inefficient code
    169. 

  169.     md5((unsigned char *)output, len, (unsigned char *)(output + len));
    170. 

  170.     len += 16;
    171. 

  171.     return 0;
    172. 

  172. }
    173. 

  173. 

  174. int auth_hmac_sha1_cal(const char *data, char *output, int &len) {
    175. 

  175.     mylog(log_trace, "auth_hmac_sha1_cal() is called\n");
    176. 

  176.     memcpy(output, data, len);  // TODO inefficient code
    177. 

  177.     sha1_hmac(hmac_key_encrypt, 20, (const unsigned char *)data, len, (unsigned char *)(output + len));
    178. 

  178.     // use key len of 20 instead of hmac_key_len, "extra length would not significantly increase the function strength" (rfc2104)
    179. 

  179.     len += 20;
    180. 

  180.     return 0;
    181. 

  181. }
    182. 

  182. 

  183. int auth_hmac_sha1_verify(const char *data, int &len) {
    184. 

  184.     mylog(log_trace, "auth_hmac_sha1_verify() is called\n");
    185. 

  185.     if (len < 20) {
    186. 

  186.         mylog(log_trace, "auth_hmac_sha1_verify len<20\n");
    187. 

  187.         return -1;
    188. 

  188.     }
    189. 

  189.     char res[20];
    190. 

  190. 

  191.     sha1_hmac(hmac_key_decrypt, 20, (const unsigned char *)data, len - 20, (unsigned char *)(res));
    192. 

  192. 

  193.     if (memcmp(res, data + len - 20, 20) != 0) {
    194. 

  194.         mylog(log_trace, "auth_hmac_sha1 check failed\n");
    195. 

  195.         return -2;
    196. 

  196.     }
    197. 

  197.     len -= 20;
    198. 

  198.     return 0;
    199. 

  199. }
    200. 

  200. 

  201. int auth_crc32_cal(const char *data, char *output, int &len) {
    202. 

  202.     memcpy(output, data, len);  // TODO inefficient code
    203. 

  203.     unsigned int ret = crc32h((unsigned char *)output, len);
    204. 

  204.     unsigned int ret_n = htonl(ret);
    205. 

  205.     memcpy(output + len, &ret_n, sizeof(unsigned int));
    206. 

  206.     len += sizeof(unsigned int);
    207. 

  207.     return 0;
    208. 

  208. }
    209. 

  209. 

  210. int auth_simple_cal(const char *data, char *output, int &len) {
    211. 

  211.     // char res[4];
    212. 

  212.     memcpy(output, data, len);  // TODO inefficient code
    213. 

  213.     simple_hash((unsigned char *)output, len, (unsigned char *)(output + len));
    214. 

  214.     len += 8;
    215. 

  215.     return 0;
    216. 

  216. }
    217. 

  217. int auth_simple_verify(const char *data, int &len) {
    218. 

  218.     if (len < 8) return -1;
    219. 

  219.     unsigned char res[8];
    220. 

  220.     len -= 8;
    221. 

  221.     simple_hash((unsigned char *)data, len, res);
    222. 

  222.     if (memcmp(res, data + len, 8) != 0)
    223. 

  223.         return -1;
    224. 

  224.     return 0;
    225. 

  225. }
    226. 

  226. 

  227. int auth_none_cal(const char *data, char *output, int &len) {
    228. 

  228.     memcpy(output, data, len);
    229. 

  229.     return 0;
    230. 

  230. }
    231. 

  231. int auth_md5_verify(const char *data, int &len) {
    232. 

  232.     if (len < 16) {
    233. 

  233.         mylog(log_trace, "auth_md5_verify len<16\n");
    234. 

  234.         return -1;
    235. 

  235.     }
    236. 

  236.     char md5_res[16];
    237. 

  237. 

  238.     md5((unsigned char *)data, len - 16, (unsigned char *)md5_res);
    239. 

  239. 

  240.     if (memcmp(md5_res, data + len - 16, 16) != 0) {
    241. 

  241.         mylog(log_trace, "auth_md5_verify md5 check failed\n");
    242. 

  242.         return -2;
    243. 

  243.     }
    244. 

  244.     len -= 16;
    245. 

  245.     return 0;
    246. 

  246. }
    247. 

  247. int auth_none_verify(const char *data, int &len) {
    248. 

  248.     return 0;
    249. 

  249. }
    250. 

  250. 

  251. int cipher_xor_encrypt(const char *data, char *output, int &len, char *key) {
    252. 

  252.     int i, j;
    253. 

  253.     for (i = 0, j = 0; i < len; i++, j++) {
    254. 

  254.         if (j == 16) j = 0;
    255. 

  255.         output[i] = data[i] ^ key[j];
    256. 

  256.     }
    257. 

  257.     return 0;
    258. 

  258. }
    259. 

  259. int cipher_xor_decrypt(const char *data, char *output, int &len, char *key) {
    260. 

  260.     int i, j;
    261. 

  261.     // char tmp[buf_len];
    262. 

  262.     // len=len/16*16+1;
    263. 

  263.     // AES128_CBC_decrypt_buffer((uint8_t *)tmp, (uint8_t *)input, len, (uint8_t *)key, (uint8_t *)iv);
    264. 

  264.     // for(i=0;i<len;i++)
    265. 

  265.     // input[i]=tmp[i];
    266. 

  266.     for (i = 0, j = 0; i < len; i++, j++) {
    267. 

  267.         if (j == 16) j = 0;
    268. 

  268.         output[i] = data[i] ^ key[j];
    269. 

  269.     }
    270. 

  270.     return 0;
    271. 

  271. }
    272. 

  272. 

  273. int padding(char *data, int &data_len, int padding_num) {
    274. 

  274.     int old_len = data_len;
    275. 

  275.     data_len += 1;
    276. 

  276.     if (data_len % padding_num != 0) {
    277. 

  277.         data_len = (data_len / padding_num) * padding_num + padding_num;
    278. 

  278.     }
    279. 

  279.     unsigned char *p = (unsigned char *)&data[data_len - 1];
    280. 

  280.     *p = (data_len - old_len);
    281. 

  281.     return 0;
    282. 

  282. }
    283. 

  283. 

  284. int de_padding(const char *data, int &data_len, int padding_num) {
    285. 

  285.     if (data_len == 0) return -1;
    286. 

  286.     if ((uint8_t)data[data_len - 1] > padding_num) return -1;
    287. 

  287.     data_len -= (uint8_t)data[data_len - 1];
    288. 

  288.     if (data_len < 0) {
    289. 

  289.         return -1;
    290. 

  290.     }
    291. 

  291.     return 0;
    292. 

  292. }
    293. 

  293. void aes_ecb_encrypt(const char *data, char *output) {
    294. 

  294.     static int first_time = 1;
    295. 

  295.     char *key = (char *)cipher_key_encrypt;
    296. 

  296.     if (aes_key_optimize) {
    297. 

  297.         if (first_time == 0)
    298. 

  298.             key = 0;
    299. 

  299.         else
    300. 

  300.             first_time = 0;
    301. 

  301.     }
    302. 

  302.     AES_ECB_encrypt_buffer((uint8_t *)data, (uint8_t *)key, (uint8_t *)output);
    303. 

  303. }
    304. 

  304. void aes_ecb_encrypt1(char *data) {
    305. 

  305.     char buf[16];
    306. 

  306.     memcpy(buf, data, 16);
    307. 

  307.     aes_ecb_encrypt(buf, data);
    308. 

  308. }
    309. 

  309. void aes_ecb_decrypt(const char *data, char *output) {
    310. 

  310.     static int first_time = 1;
    311. 

  311.     char *key = (char *)cipher_key_decrypt;
    312. 

  312.     if (aes_key_optimize) {
    313. 

  313.         if (first_time == 0)
    314. 

  314.             key = 0;
    315. 

  315.         else
    316. 

  316.             first_time = 0;
    317. 

  317.     }
    318. 

  318.     AES_ECB_decrypt_buffer((uint8_t *)data, (uint8_t *)key, (uint8_t *)output);
    319. 

  319. }
    320. 

  320. void aes_ecb_decrypt1(char *data) {
    321. 

  321.     char buf[16];
    322. 

  322.     memcpy(buf, data, 16);
    323. 

  323.     aes_ecb_decrypt(buf, data);
    324. 

  324. }
    325. 

  325. int cipher_aes128cbc_encrypt(const char *data, char *output, int &len, char *key) {
    326. 

  326.     static int first_time = 1;
    327. 

  327. 

  328.     char buf[buf_len];
    329. 

  329.     memcpy(buf, data, len);  // TODO inefficient code
    330. 

  330. 

  331.     if (padding(buf, len, 16) < 0) return -1;
    332. 

  332. 

  333.     if (aes_key_optimize) {
    334. 

  334.         if (first_time == 0)
    335. 

  335.             key = 0;
    336. 

  336.         else
    337. 

  337.             first_time = 0;
    338. 

  338.     }
    339. 

  339. 

  340.     AES_CBC_encrypt_buffer((unsigned char *)output, (unsigned char *)buf, len, (unsigned char *)key, (unsigned char *)zero_iv);
    341. 

  341.     return 0;
    342. 

  342. }
    343. 

  343. int cipher_aes128cfb_encrypt(const char *data, char *output, int &len, char *key) {
    344. 

  344.     static int first_time = 1;
    345. 

  345.     assert(len >= 16);
    346. 

  346. 

  347.     char buf[buf_len];
    348. 

  348.     memcpy(buf, data, len);  // TODO inefficient code
    349. 

  349.     if (aes_key_optimize) {
    350. 

  350.         if (first_time == 0)
    351. 

  351.             key = 0;
    352. 

  352.         else
    353. 

  353.             first_time = 0;
    354. 

  354.     }
    355. 

  355.     if (!aes128cfb_old) {
    356. 

  356.         aes_ecb_encrypt(data, buf);  // encrypt the first block
    357. 

  357.     }
    358. 

  358. 

  359.     AES_CFB_encrypt_buffer((unsigned char *)output, (unsigned char *)buf, len, (unsigned char *)key, (unsigned char *)zero_iv);
    360. 

  360.     return 0;
    361. 

  361. }
    362. 

  362. int auth_crc32_verify(const char *data, int &len) {
    363. 

  363.     if (len < int(sizeof(unsigned int))) {
    364. 

  364.         mylog(log_debug, "auth_crc32_verify len<%d\n", int(sizeof(unsigned int)));
    365. 

  365.         return -1;
    366. 

  366.     }
    367. 

  367.     unsigned int ret = crc32h((unsigned char *)data, len - sizeof(unsigned int));
    368. 

  368.     unsigned int ret_n = htonl(ret);
    369. 

  369. 

  370.     if (memcmp(data + len - sizeof(unsigned int), &ret_n, sizeof(unsigned int)) != 0) {
    371. 

  371.         mylog(log_debug, "auth_crc32_verify memcmp fail\n");
    372. 

  372.         return -1;
    373. 

  373.     }
    374. 

  374.     len -= sizeof(unsigned int);
    375. 

  375.     return 0;
    376. 

  376. }
    377. 

  377. int cipher_none_encrypt(const char *data, char *output, int &len, char *key) {
    378. 

  378.     memcpy(output, data, len);
    379. 

  379.     return 0;
    380. 

  380. }
    381. 

  381. int cipher_aes128cbc_decrypt(const char *data, char *output, int &len, char *key) {
    382. 

  382.     static int first_time = 1;
    383. 

  383.     if (len % 16 != 0) {
    384. 

  384.         mylog(log_debug, "len%%16!=0\n");
    385. 

  385.         return -1;
    386. 

  386.     }
    387. 

  387.     if (aes_key_optimize) {
    388. 

  388.         if (first_time == 0)
    389. 

  389.             key = 0;
    390. 

  390.         else
    391. 

  391.             first_time = 0;
    392. 

  392.     }
    393. 

  393.     AES_CBC_decrypt_buffer((unsigned char *)output, (unsigned char *)data, len, (unsigned char *)key, (unsigned char *)zero_iv);
    394. 

  394.     if (de_padding(output, len, 16) < 0) return -1;
    395. 

  395.     return 0;
    396. 

  396. }
    397. 

  397. int cipher_aes128cfb_decrypt(const char *data, char *output, int &len, char *key) {
    398. 

  398.     static int first_time = 1;
    399. 

  399.     if (len < 16) return -1;
    400. 

  400. 

  401.     if (aes_key_optimize) {
    402. 

  402.         if (first_time == 0)
    403. 

  403.             key = 0;
    404. 

  404.         else
    405. 

  405.             first_time = 0;
    406. 

  406.     }
    407. 

  407. 

  408.     AES_CFB_decrypt_buffer((unsigned char *)output, (unsigned char *)data, len, (unsigned char *)key, (unsigned char *)zero_iv);
    409. 

  409. 

  410.     if (!aes128cfb_old)
    411. 

  411.         aes_ecb_decrypt1(output);  // decrypt the first block
    412. 

  412.     // if(de_padding(output,len,16)<0) return -1;
    413. 

  413.     return 0;
    414. 

  414. }
    415. 

  415. 

  416. int cipher_none_decrypt(const char *data, char *output, int &len, char *key) {
    417. 

  417.     memcpy(output, data, len);
    418. 

  418.     return 0;
    419. 

  419. }
    420. 

  420. 

  421. int auth_cal(const char *data, char *output, int &len) {
    422. 

  422.     mylog(log_trace, "auth:%d\n", auth_mode);
    423. 

  423.     switch (auth_mode) {
    424. 

  424.         case auth_crc32:
    425. 

  425.             return auth_crc32_cal(data, output, len);
    426. 

  426.         case auth_md5:
    427. 

  427.             return auth_md5_cal(data, output, len);
    428. 

  428.         case auth_simple:
    429. 

  429.             return auth_simple_cal(data, output, len);
    430. 

  430.         case auth_none:
    431. 

  431.             return auth_none_cal(data, output, len);
    432. 

  432.         case auth_hmac_sha1:
    433. 

  433.             return auth_hmac_sha1_cal(data, output, len);
    434. 

  434.         // default:	return auth_md5_cal(data,output,len);//default;
    435. 

  435.         default:
    436. 

  436.             assert(0 == 1);
    437. 

  437.     }
    438. 

  438.     return -1;
    439. 

  439. }
    440. 

  440. int auth_verify(const char *data, int &len) {
    441. 

  441.     mylog(log_trace, "auth:%d\n", auth_mode);
    442. 

  442.     switch (auth_mode) {
    443. 

  443.         case auth_crc32:
    444. 

  444.             return auth_crc32_verify(data, len);
    445. 

  445.         case auth_md5:
    446. 

  446.             return auth_md5_verify(data, len);
    447. 

  447.         case auth_simple:
    448. 

  448.             return auth_simple_verify(data, len);
    449. 

  449.         case auth_none:
    450. 

  450.             return auth_none_verify(data, len);
    451. 

  451.         case auth_hmac_sha1:
    452. 

  452.             return auth_hmac_sha1_verify(data, len);
    453. 

  453.         // default:	return auth_md5_verify(data,len);//default
    454. 

  454.         default:
    455. 

  455.             assert(0 == 1);
    456. 

  456.     }
    457. 

  457.     return -1;
    458. 

  458. }
    459. 

  459. int cipher_encrypt(const char *data, char *output, int &len, char *key) {
    460. 

  460.     mylog(log_trace, "cipher:%d\n", cipher_mode);
    461. 

  461.     switch (cipher_mode) {
    462. 

  462.         case cipher_aes128cbc:
    463. 

  463.             return cipher_aes128cbc_encrypt(data, output, len, key);
    464. 

  464.         case cipher_aes128cfb:
    465. 

  465.             return cipher_aes128cfb_encrypt(data, output, len, key);
    466. 

  466.         case cipher_xor:
    467. 

  467.             return cipher_xor_encrypt(data, output, len, key);
    468. 

  468.         case cipher_none:
    469. 

  469.             return cipher_none_encrypt(data, output, len, key);
    470. 

  470.         // default:return cipher_aes128cbc_encrypt(data,output,len, key);
    471. 

  471.         default:
    472. 

  472.             assert(0 == 1);
    473. 

  473.     }
    474. 

  474.     return -1;
    475. 

  475. }
    476. 

  476. int cipher_decrypt(const char *data, char *output, int &len, char *key) {
    477. 

  477.     mylog(log_trace, "cipher:%d\n", cipher_mode);
    478. 

  478.     switch (cipher_mode) {
    479. 

  479.         case cipher_aes128cbc:
    480. 

  480.             return cipher_aes128cbc_decrypt(data, output, len, key);
    481. 

  481.         case cipher_aes128cfb:
    482. 

  482.             return cipher_aes128cfb_decrypt(data, output, len, key);
    483. 

  483.         case cipher_xor:
    484. 

  484.             return cipher_xor_decrypt(data, output, len, key);
    485. 

  485.         case cipher_none:
    486. 

  486.             return cipher_none_decrypt(data, output, len, key);
    487. 

  487.         //	default:	return cipher_aes128cbc_decrypt(data,output,len,key);
    488. 

  488.         default:
    489. 

  489.             assert(0 == 1);
    490. 

  490.     }
    491. 

  491.     return -1;
    492. 

  492. }
    493. 

  493. 

  494. int encrypt_AE(const char *data, char *output, int &len /*,char * key*/) {
    495. 

  495.     mylog(log_trace, "encrypt_AE is called\n");
    496. 

  496.     char buf[buf_len];
    497. 

  497.     char buf2[buf_len];
    498. 

  498.     memcpy(buf, data, len);
    499. 

  499.     if (cipher_encrypt(buf, buf2, len, (char *)cipher_key_encrypt) != 0) {
    500. 

  500.         mylog(log_debug, "cipher_encrypt failed ");
    501. 

  501.         return -1;
    502. 

  502.     }
    503. 

  503.     if (auth_cal(buf2, output, len) != 0) {
    504. 

  504.         mylog(log_debug, "auth_cal failed ");
    505. 

  505.         return -1;
    506. 

  506.     }
    507. 

  507. 

  508.     // printf("%d %x %x\n",len,(int)(output[0]),(int)(output[1]));
    509. 

  509.     // print_binary_chars(output,len);
    510. 

  510. 

  511.     // use encrypt-then-MAC scheme
    512. 

  512.     return 0;
    513. 

  513. }
    514. 

  514. 

  515. int decrypt_AE(const char *data, char *output, int &len /*,char * key*/) {
    516. 

  516.     mylog(log_trace, "decrypt_AE is called\n");
    517. 

  517.     // printf("%d %x %x\n",len,(int)(data[0]),(int)(data[1]));
    518. 

  518.     // print_binary_chars(data,len);
    519. 

  519. 

  520.     if (auth_verify(data, len) != 0) {
    521. 

  521.         mylog(log_debug, "auth_verify failed\n");
    522. 

  522.         return -1;
    523. 

  523.     }
    524. 

  524.     if (cipher_decrypt(data, output, len, (char *)cipher_key_decrypt) != 0) {
    525. 

  525.         mylog(log_debug, "cipher_decrypt failed \n");
    526. 

  526.         return -1;
    527. 

  527.     }
    528. 

  528.     return 0;
    529. 

  529. }
    530. 

  530. 

  531. int my_encrypt(const char *data, char *output, int &len /*,char * key*/) {
    532. 

  532.     if (len < 0) {
    533. 

  533.         mylog(log_trace, "len<0");
    534. 

  534.         return -1;
    535. 

  535.     }
    536. 

  536.     if (len > max_data_len) {
    537. 

  537.         mylog(log_warn, "len>max_data_len");
    538. 

  538.         return -1;
    539. 

  539.     }
    540. 

  540. 

  541.     if (is_hmac_used)
    542. 

  542.         return encrypt_AE(data, output, len);
    543. 

  543. 

  544.     char buf[buf_len];
    545. 

  545.     char buf2[buf_len];
    546. 

  546.     memcpy(buf, data, len);
    547. 

  547.     if (auth_cal(buf, buf2, len) != 0) {
    548. 

  548.         mylog(log_debug, "auth_cal failed ");
    549. 

  549.         return -1;
    550. 

  550.     }
    551. 

  551.     if (cipher_encrypt(buf2, output, len, normal_key) != 0) {
    552. 

  552.         mylog(log_debug, "cipher_encrypt failed ");
    553. 

  553.         return -1;
    554. 

  554.     }
    555. 

  555.     return 0;
    556. 

  556. }
    557. 

  557. 

  558. int my_decrypt(const char *data, char *output, int &len /*,char * key*/) {
    559. 

  559.     if (len < 0) return -1;
    560. 

  560.     if (len > max_data_len) {
    561. 

  561.         mylog(log_warn, "len>max_data_len");
    562. 

  562.         return -1;
    563. 

  563.     }
    564. 

  564. 

  565.     if (is_hmac_used)
    566. 

  566.         return decrypt_AE(data, output, len);
    567. 

  567. 

  568.     if (cipher_decrypt(data, output, len, normal_key) != 0) {
    569. 

  569.         mylog(log_debug, "cipher_decrypt failed \n");
    570. 

  570.         return -1;
    571. 

  571.     }
    572. 

  572.     if (auth_verify(output, len) != 0) {
    573. 

  573.         mylog(log_debug, "auth_verify failed\n");
    574. 

  574.         return -1;
    575. 

  575.     }
    576. 

  576. 

  577.     return 0;
    578. 

  578. }
    579. 

  579. 

  580. int encrypt_AEAD(uint8_t *data, uint8_t *output, int &len, uint8_t *key, uint8_t *header, int hlen) {
    581. 

  581.     // TODO
    582. 

  582.     return -1;
    583. 

  583. }
    584. 

  584. 

  585. int decrypt_AEAD(uint8_t *data, uint8_t *output, int &len, uint8_t *key, uint8_t *header, int hlen) {
    586. 

  586.     // TODO
    587. 

  587.     return -1;
    588. 

  588. }
    589.