From 20e4d587ca5fa4e32b2fb5403424771004e4860c Mon Sep 17 00:00:00 2001 From: Nathan Moinvaziri Date: Thu, 1 Nov 2018 16:16:19 -0700 Subject: [PATCH] Added common crypto for Apple. --- CMakeLists.txt | 21 ++- mz_crypt_apple.c | 420 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 435 insertions(+), 6 deletions(-) create mode 100644 mz_crypt_apple.c diff --git a/CMakeLists.txt b/CMakeLists.txt index 59c234f..405213c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -183,8 +183,13 @@ if(UNIX) list(APPEND MINIZIP_SRC "mz_os_posix.c" "mz_strm_os_posix.c") if ((USE_PKCRYPT OR USE_AES) AND (NOT USE_OPENSSL AND NOT OPENSSL_FOUND)) - set(USE_BRG TRUE) - + + if (APPLE AND NOT USE_BRG) + list(APPEND MINIZIP_SRC "mz_crypt_apple.c") + else() + set(USE_BRG TRUE) + endif() + # Check to see which random generation functions we have check_symbol_exists("getrandom" "sys/random.h" HAVE_GETRANDOM) if (HAVE_GETRANDOM) @@ -238,7 +243,6 @@ if(UNIX) if (Iconv_FOUND) message(STATUS "Using Iconv") include_directories(${Iconv_INCLUDE_DIRS}) - link_directories(${Iconv_LIBRARIES}) endif() endif() @@ -521,10 +525,15 @@ if(Iconv_FOUND AND NOT Iconv_IS_BUILT_IN) endif() if(USE_OPENSSL AND OPENSSL_FOUND) target_link_libraries(${PROJECT_NAME} ${OPENSSL_LIBRARIES}) +elif(UNIX) + if(APPLE AND NOT USE_BRG) + target_link_libraries(${PROJECT_NAME} "-framework Security") + set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS "-Wl,-F/Library/Frameworks") + else() + target_link_libraries(${PROJECT_NAME} ${LIBBSD_LIBRARIES}) + endif() endif() -if(UNIX) - target_link_libraries(${PROJECT_NAME} ${LIBBSD_LIBRARIES}) -endif() + target_include_directories(${PROJECT_NAME} PUBLIC $) diff --git a/mz_crypt_apple.c b/mz_crypt_apple.c new file mode 100644 index 0000000..f02c62b --- /dev/null +++ b/mz_crypt_apple.c @@ -0,0 +1,420 @@ +/* mz_crypt_apple.c -- Crypto/hash functions for Apple + Version 2.7.1, November 1, 2018 + part of the MiniZip project + + Copyright (C) 2010-2018 Nathan Moinvaziri + https://github.com/nmoinvaz/minizip + + This program is distributed under the terms of the same license as zlib. + See the accompanying LICENSE file for the full text of the license. +*/ + +#include +#include +#include + +#include +#include +#include +#include + +#include "mz.h" + +#include "mz_os.h" +#include "mz_strm_os.h" + +/***************************************************************************/ + +int32_t mz_crypt_rand(uint8_t *buf, int32_t size) +{ + if (CCRandomGenerateBytes(buf, size) != kCCSuccess) + return 0; + return size; +} + +/***************************************************************************/ + +typedef struct mz_crypt_sha_s { + CC_SHA1_CTX ctx1; + CC_SHA256_CTX ctx256; + int32_t error; + int32_t initialized; + uint16_t algorithm; +} mz_crypt_sha; + +/***************************************************************************/ + +void mz_crypt_sha_reset(void *handle) +{ + mz_crypt_sha *sha = (mz_crypt_sha *)handle; + + sha->error = 0; + sha->initialized = 0; +} + +int32_t mz_crypt_sha_begin(void *handle) +{ + mz_crypt_sha *sha = (mz_crypt_sha *)handle; + + if (sha == NULL) + return MZ_PARAM_ERROR; + + mz_crypt_sha_reset(handle); + + if (sha->algorithm == MZ_HASH_SHA1) + sha->error = CC_SHA1_Init(&sha->ctx1); + else if (sha->algorithm == MZ_HASH_SHA256) + sha->error = CC_SHA256_Init(&sha->ctx256); + else + return MZ_PARAM_ERROR; + + if (!sha->error) + return MZ_HASH_ERROR; + + sha->initialized = 1; + return MZ_OK; +} + +int32_t mz_crypt_sha_update(void *handle, const void *buf, int32_t size) +{ + mz_crypt_sha *sha = (mz_crypt_sha *)handle; + + if (sha == NULL || buf == NULL || !sha->initialized) + return MZ_PARAM_ERROR; + + if (sha->algorithm == MZ_HASH_SHA1) + sha->error = CC_SHA1_Update(&sha->ctx1, buf, size); + else + sha->error = CC_SHA256_Update(&sha->ctx256, buf, size); + + if (!sha->error) + return MZ_HASH_ERROR; + + return size; +} + +int32_t mz_crypt_sha_end(void *handle, uint8_t *digest, int32_t digest_size) +{ + mz_crypt_sha *sha = (mz_crypt_sha *)handle; + + if (sha == NULL || digest == NULL || !sha->initialized) + return MZ_PARAM_ERROR; + + if (sha->algorithm == MZ_HASH_SHA1) + { + if (digest_size < MZ_HASH_SHA1_SIZE) + return MZ_BUF_ERROR; + sha->error = CC_SHA1_Final(digest, &sha->ctx1); + } + else + { + if (digest_size < MZ_HASH_SHA256_SIZE) + return MZ_BUF_ERROR; + sha->error = CC_SHA256_Final(digest, &sha->ctx256); + } + + if (!sha->error) + return MZ_HASH_ERROR; + + return MZ_OK; +} + +void mz_crypt_sha_set_algorithm(void *handle, uint16_t algorithm) +{ + mz_crypt_sha *sha = (mz_crypt_sha *)handle; + sha->algorithm = algorithm; +} + +void *mz_crypt_sha_create(void **handle) +{ + mz_crypt_sha *sha = NULL; + + sha = (mz_crypt_sha *)MZ_ALLOC(sizeof(mz_crypt_sha)); + if (sha != NULL) + { + memset(sha, 0, sizeof(mz_crypt_sha)); + sha->algorithm = MZ_HASH_SHA256; + } + if (handle != NULL) + *handle = sha; + + return sha; +} + +void mz_crypt_sha_delete(void **handle) +{ + mz_crypt_sha *sha = NULL; + if (handle == NULL) + return; + sha = (mz_crypt_sha *)*handle; + if (sha != NULL) + { + mz_crypt_sha_reset(*handle); + MZ_FREE(sha); + } + *handle = NULL; +} + +/***************************************************************************/ + +typedef struct mz_crypt_aes_s { + CCCryptorRef crypt; + int32_t mode; + int32_t error; +} mz_crypt_aes; + +/***************************************************************************/ + +void mz_crypt_aes_reset(void *handle) +{ + mz_crypt_aes *aes = (mz_crypt_aes *)handle; + + if (aes->crypt != NULL) + CCCryptorRelease(aes->crypt); + aes->crypt = NULL; +} + +int32_t mz_crypt_aes_encrypt(void *handle, uint8_t *buf, int32_t size) +{ + mz_crypt_aes *aes = (mz_crypt_aes *)handle; + size_t data_moved = 0; + + if (aes == NULL || buf == NULL) + return MZ_PARAM_ERROR; + if (size != MZ_AES_BLOCK_SIZE) + return MZ_PARAM_ERROR; + + aes->error = CCCryptorUpdate(aes->crypt, buf, size, buf, size, &data_moved); + + if (aes->error != kCCSuccess) + return MZ_HASH_ERROR; + + return size; +} + +int32_t mz_crypt_aes_decrypt(void *handle, uint8_t *buf, int32_t size) +{ + mz_crypt_aes *aes = (mz_crypt_aes *)handle; + size_t data_moved = 0; + + if (aes == NULL || buf == NULL) + return MZ_PARAM_ERROR; + if (size != MZ_AES_BLOCK_SIZE) + return MZ_PARAM_ERROR; + + aes->error = CCCryptorUpdate(aes->crypt, buf, size, buf, size, &data_moved); + + if (aes->error != kCCSuccess) + return MZ_HASH_ERROR; + + return size; +} + +int32_t mz_crypt_aes_set_encrypt_key(void *handle, const void *key, int32_t key_length) +{ + mz_crypt_aes *aes = (mz_crypt_aes *)handle; + + + if (aes == NULL || key == NULL || key_length == 0) + return MZ_PARAM_ERROR; + + mz_crypt_aes_reset(handle); + + aes->error = CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES, 0, key, key_length, NULL, &aes->crypt); + + if (aes->error != kCCSuccess) + return MZ_HASH_ERROR; + + return MZ_OK; +} + +int32_t mz_crypt_aes_set_decrypt_key(void *handle, const void *key, int32_t key_length) +{ + mz_crypt_aes *aes = (mz_crypt_aes *)handle; + + + if (aes == NULL || key == NULL || key_length == 0) + return MZ_PARAM_ERROR; + + mz_crypt_aes_reset(handle); + + aes->error = CCCryptorCreate(kCCDecrypt, kCCAlgorithmAES, 0, key, key_length, NULL, &aes->crypt); + + if (aes->error != kCCSuccess) + return MZ_HASH_ERROR; + + return MZ_OK; +} + +void mz_crypt_aes_set_mode(void *handle, int32_t mode) +{ + mz_crypt_aes *aes = (mz_crypt_aes *)handle; + aes->mode = mode; +} + +void *mz_crypt_aes_create(void **handle) +{ + mz_crypt_aes *aes = NULL; + + aes = (mz_crypt_aes *)MZ_ALLOC(sizeof(mz_crypt_aes)); + if (aes != NULL) + memset(aes, 0, sizeof(mz_crypt_aes)); + if (handle != NULL) + *handle = aes; + + return aes; +} + +void mz_crypt_aes_delete(void **handle) +{ + mz_crypt_aes *aes = NULL; + if (handle == NULL) + return; + aes = (mz_crypt_aes *)*handle; + if (aes != NULL) + { + mz_crypt_aes_reset(*handle); + MZ_FREE(aes); + } + *handle = NULL; +} + +/***************************************************************************/ + +typedef struct mz_crypt_hmac_s { + CCHmacContext ctx; + int32_t initialized; + int32_t error; + uint16_t algorithm; +} mz_crypt_hmac; + +/***************************************************************************/ + +static void mz_crypt_hmac_free(void *handle) +{ + mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle; + memset(&hmac->ctx, 0, sizeof(hmac->ctx)); +} + +void mz_crypt_hmac_reset(void *handle) +{ + mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle; + mz_crypt_hmac_free(handle); + hmac->error = 0; +} + +int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length) +{ + mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle; + CCHmacAlgorithm algorithm = 0; + + if (hmac == NULL || key == NULL) + return MZ_PARAM_ERROR; + + mz_crypt_hmac_reset(handle); + + if (hmac->algorithm == MZ_HASH_SHA1) + algorithm = kCCHmacAlgSHA1; + else if (hmac->algorithm == MZ_HASH_SHA256) + algorithm = kCCHmacAlgSHA256; + else + return MZ_PARAM_ERROR; + + CCHmacInit(&hmac->ctx, algorithm, key, key_length); + return MZ_OK; +} + +int32_t mz_crypt_hmac_update(void *handle, const void *buf, int32_t size) +{ + mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle; + + if (hmac == NULL || buf == NULL) + return MZ_PARAM_ERROR; + + CCHmacUpdate(&hmac->ctx, buf, size); + return MZ_OK; +} + +int32_t mz_crypt_hmac_end(void *handle, uint8_t *digest, int32_t digest_size) +{ + mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle; + + if (hmac == NULL || digest == NULL) + return MZ_PARAM_ERROR; + + if (hmac->algorithm == MZ_HASH_SHA1) + { + if (digest_size < MZ_HASH_SHA1_SIZE) + return MZ_BUF_ERROR; + CCHmacFinal(&hmac->ctx, digest); + } + else + { + if (digest_size < MZ_HASH_SHA256_SIZE) + return MZ_BUF_ERROR; + CCHmacFinal(&hmac->ctx, digest); + } + + return MZ_OK; +} + +void mz_crypt_hmac_set_algorithm(void *handle, uint16_t algorithm) +{ + mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle; + hmac->algorithm = algorithm; +} + +int32_t mz_crypt_hmac_copy(void *src_handle, void *target_handle) +{ + mz_crypt_hmac *source = (mz_crypt_hmac *)src_handle; + mz_crypt_hmac *target = (mz_crypt_hmac *)target_handle; + + if (source == NULL || target == NULL) + return MZ_PARAM_ERROR; + + memcpy(&target->ctx, &source->ctx, sizeof(CCHmacContext)); + return MZ_OK; +} + +void *mz_crypt_hmac_create(void **handle) +{ + mz_crypt_hmac *hmac = NULL; + + hmac = (mz_crypt_hmac *)MZ_ALLOC(sizeof(mz_crypt_hmac)); + if (hmac != NULL) + { + memset(hmac, 0, sizeof(mz_crypt_hmac)); + hmac->algorithm = MZ_HASH_SHA256; + } + if (handle != NULL) + *handle = hmac; + + return hmac; +} + +void mz_crypt_hmac_delete(void **handle) +{ + mz_crypt_hmac *hmac = NULL; + if (handle == NULL) + return; + hmac = (mz_crypt_hmac *)*handle; + if (hmac != NULL) + { + mz_crypt_hmac_free(*handle); + MZ_FREE(hmac); + } + *handle = NULL; +} + +/***************************************************************************/ + +int32_t mz_crypt_sign(uint8_t *message, int32_t message_size, const char *cert_path, const char *cert_pwd, + uint8_t **signature, int32_t *signature_size) +{ + return MZ_CRYPT_ERROR; +} + +int32_t mz_crypt_sign_verify(uint8_t *message, int32_t message_size, uint8_t *signature, int32_t signature_size) +{ + return MZ_CRYPT_ERROR; +}