c/minizip-ng
1
0
Fork 0
mirror of https://github.com/zlib-ng/minizip-ng synced 2025-03-28 21:13:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove unused set_algorithm function for aes.

Browse Source 
Better setting of errors in crypt functions.
Fixed win32 aes key generated incorrectly.
Fixed openssl aes key bits not being set correctly.
Added option to for using BRG library on windows.
Changed low quality entropy error to warning.
This commit is contained in:
Nathan Moinvaziri 2018-11-01 10:32:42 -07:00
parent 04d821edef
commit eff49b88ce
9 changed files with 153 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CMakeLists.txt
View File

@ -16,6 +16,7 @@ option(USE_PKCRYPT "Enables PKWARE traditional encryption" ON)
option(USE_AES "Enables AES encryption" ON)
option(USE_LIBCOMP "Enables Apple compression" OFF)
option(USE_OPENSSL "Enables OpenSSL for encryption" OFF)
option(USE_BRG "Enables Brian Gladman's encryption library" OFF)
option(COMPRESS_ONLY "Only support compression" OFF)
option(DECOMPRESS_ONLY "Only support decompression" OFF)
option(BUILD_TEST "Builds minizip test executable" OFF)
@ -163,8 +164,10 @@ endif()
# Windows specific
if(WIN32)
list(APPEND MINIZIP_SRC "mz_os_win32.c" "mz_strm_os_win32.c")
if ((USE_PKCRYPT OR USE_AES) AND (NOT USE_OPENSSL AND NOT OPENSSL_FOUND))
list(APPEND MINIZIP_SRC "mz_crypt_win32.c")
if (USE_PKCRYPT OR USE_AES)
if (NOT USE_OPENSSL AND NOT OPENSSL_FOUND AND NOT USE_BRG)
list(APPEND MINIZIP_SRC "mz_crypt_win32.c")
endif()
endif()
add_definitions(-D_CRT_SECURE_NO_DEPRECATE)
@ -283,7 +286,8 @@ if(USE_BRG)
lib/brg/brg_endian.h
lib/brg/brg_types.h
lib/brg/hmac.h
lib/brg/sha1.h)
lib/brg/sha1.h
lib/brg/sha2.h)
include_directories(lib/brg)

1
lib/brg/hmac.h
View File

@ -32,6 +32,7 @@ extern "C"
#endif
#include "sha1.h"
#include "sha2.h"
#if defined(SHA_224) || defined(SHA_256) || defined(SHA_384) || defined(SHA_512)
#define HMAC_MAX_OUTPUT_SIZE SHA2_MAX_DIGEST_SIZE

2
mz.h
View File

@ -115,6 +115,8 @@ extern "C" {
#define MZ_AES_ENCRYPTION_MODE_128 (0x01)
#define MZ_AES_ENCRYPTION_MODE_192 (0x02)
#define MZ_AES_ENCRYPTION_MODE_256 (0x03)
#define MZ_AES_KEY_LENGTH(MODE) (8 * (MODE & 3) + 8)
#define MZ_AES_KEY_LENGTH_MAX (32)
#define MZ_AES_BLOCK_SIZE (16)
#define MZ_AES_HEADER_SIZE(MODE) ((4 * (MODE & 3) + 4) + 2)
#define MZ_AES_FOOTER_SIZE (10)

4
mz_crypt.h
View File

@ -33,9 +33,9 @@ void mz_crypt_sha_delete(void **handle);
void mz_crypt_aes_reset(void *handle);
int32_t mz_crypt_aes_encrypt(void *handle, uint8_t *buf, int32_t size);
int32_t mz_crypt_aes_decrypt(void *handle, uint8_t *buf, int32_t size);
int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length);
int32_t mz_crypt_aes_set_encrypt_key(void *handle, const void *key, int32_t key_length);
int32_t mz_crypt_aes_set_decrypt_key(void *handle, const void *key, int32_t key_length);
void mz_crypt_aes_set_mode(void *handle, int32_t mode);
void mz_crypt_aes_set_algorithm(void *handle, uint16_t algorithm);
void* mz_crypt_aes_create(void **handle);
void mz_crypt_aes_delete(void **handle);

57
mz_crypt_brg.c
View File

@ -79,7 +79,7 @@ int32_t mz_crypt_rand(uint8_t *buf, int32_t size)
}
#else
#if !defined(FORCE_LOWQUALITY_ENTROPY)
#error "Low quality entropy function used for encryption"
#pragma message("Warning: Low quality entropy function used for encryption")
#endif
int32_t mz_crypt_rand(uint8_t *buf, int32_t size)
{
@ -93,7 +93,6 @@ typedef struct mz_crypt_sha_s {
sha256_ctx ctx256;
sha1_ctx ctx1;
int32_t initialized;
int32_t error;
uint16_t algorithm;
} mz_crypt_sha;
@ -102,7 +101,6 @@ typedef struct mz_crypt_sha_s {
void mz_crypt_sha_reset(void *handle)
{
mz_crypt_sha *sha = (mz_crypt_sha *)handle;
sha->error = 0;
sha->initialized = 0;
}
@ -203,7 +201,6 @@ typedef struct mz_crypt_aes_s {
aes_decrypt_ctx decrypt_ctx;
int32_t mode;
int32_t error;
uint16_t algorithm;
} mz_crypt_aes;
/***************************************************************************/
@ -222,7 +219,9 @@ int32_t mz_crypt_aes_encrypt(void *handle, uint8_t *buf, int32_t size)
if (size != MZ_AES_BLOCK_SIZE)
return MZ_PARAM_ERROR;
aes_encrypt(buf, buf, &aes->encrypt_ctx);
aes->error = aes_encrypt(buf, buf, &aes->encrypt_ctx);
if (aes->error)
return MZ_CRYPT_ERROR;
return size;
}
@ -234,14 +233,15 @@ int32_t mz_crypt_aes_decrypt(void *handle, uint8_t *buf, int32_t size)
if (size != MZ_AES_BLOCK_SIZE)
return MZ_PARAM_ERROR;
aes_decrypt(buf, buf, &aes->decrypt_ctx);
aes->error = aes_decrypt(buf, buf, &aes->decrypt_ctx);
if (aes->error)
return MZ_CRYPT_ERROR;
return size;
}
int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length)
int32_t mz_crypt_aes_set_encrypt_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
int32_t result = 0;
if (aes == NULL || key == NULL)
@ -249,18 +249,26 @@ int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length)
mz_crypt_aes_reset(handle);
result = aes_encrypt_key(key, key_length, &aes->encrypt_ctx);
if (!result)
{
aes->error = result;
aes->error = aes_encrypt_key(key, key_length, &aes->encrypt_ctx);
if (aes->error)
return MZ_HASH_ERROR;
}
result = aes_decrypt_key(key, key_length, &aes->decrypt_ctx);
if (!result)
{
aes->error = result;
return MZ_OK;
}
int32_t mz_crypt_aes_set_decrypt_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
if (aes == NULL || key == NULL)
return MZ_PARAM_ERROR;
mz_crypt_aes_reset(handle);
aes->error = aes_decrypt_key(key, key_length, &aes->decrypt_ctx);
if (aes->error)
return MZ_HASH_ERROR;
}
return MZ_OK;
}
@ -271,22 +279,13 @@ void mz_crypt_aes_set_mode(void *handle, int32_t mode)
aes->mode = mode;
}
void mz_crypt_aes_set_algorithm(void *handle, uint16_t algorithm)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
aes->algorithm = algorithm;
}
void *mz_crypt_aes_create(void **handle)
{
mz_crypt_aes *aes = NULL;
aes = (mz_crypt_aes *)MZ_ALLOC(sizeof(mz_crypt_aes));
if (aes != NULL)
{
aes->algorithm = MZ_HASH_SHA256;
memset(aes, 0, sizeof(mz_crypt_aes));
}
if (handle != NULL)
*handle = aes;
@ -329,14 +328,14 @@ int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length)
return MZ_PARAM_ERROR;
mz_crypt_hmac_reset(handle);
if (hmac->algorithm == MZ_HASH_SHA1)
hmac_sha_begin(HMAC_SHA1, &hmac->ctx);
else
hmac_sha_begin(HMAC_SHA256, &hmac->ctx);
hmac_sha_key(key, key_length, &hmac->ctx);
return MZ_OK;
}

85
mz_crypt_openssl.c
View File

@ -94,7 +94,10 @@ int32_t mz_crypt_sha_begin(void *handle)
result = SHA256_Init(&sha->ctx256);
if (!result)
{
sha->error = ERR_get_error();
return MZ_HASH_ERROR;
}
sha->initialized = 1;
return MZ_OK;
@ -103,14 +106,21 @@ int32_t mz_crypt_sha_begin(void *handle)
int32_t mz_crypt_sha_update(void *handle, const void *buf, int32_t size)
{
mz_crypt_sha *sha = (mz_crypt_sha *)handle;
int32_t result = 0;
if (sha == NULL || buf == NULL || !sha->initialized)
return MZ_PARAM_ERROR;
if (sha->algorithm == MZ_HASH_SHA1)
SHA1_Update(&sha->ctx1, buf, size);
result = SHA1_Update(&sha->ctx1, buf, size);
else
SHA256_Update(&sha->ctx256, buf, size);
result = SHA256_Update(&sha->ctx256, buf, size);
if (!result)
{
sha->error = ERR_get_error();
return MZ_HASH_ERROR;
}
return size;
}
@ -137,7 +147,10 @@ int32_t mz_crypt_sha_end(void *handle, uint8_t *digest, int32_t digest_size)
}
if (!result)
{
sha->error = ERR_get_error();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
@ -184,7 +197,8 @@ typedef struct mz_crypt_aes_s {
AES_KEY key;
int32_t mode;
int32_t error;
uint16_t algorithm;
uint8_t *key_copy;
int32_t key_length;
} mz_crypt_aes;
/***************************************************************************/
@ -221,10 +235,11 @@ int32_t mz_crypt_aes_decrypt(void *handle, uint8_t *buf, int32_t size)
return size;
}
int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length)
int32_t mz_crypt_aes_set_encrypt_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
int32_t result = 0;
int32_t key_bits = 0;
if (aes == NULL || key == NULL)
@ -232,10 +247,34 @@ int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length)
mz_crypt_aes_reset(handle);
result = AES_set_encrypt_key(key, key_length, &aes->key);
if (!result)
key_bits = key_length * 8;
result = AES_set_encrypt_key(key, key_bits, &aes->key);
if (result)
{
aes->error = result;
aes->error = ERR_get_error();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
int32_t mz_crypt_aes_set_decrypt_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
int32_t result = 0;
int32_t key_bits = 0;
if (aes == NULL || key == NULL)
return MZ_PARAM_ERROR;
mz_crypt_aes_reset(handle);
key_bits = key_length * 8;
result = AES_set_decrypt_key(key, key_bits, &aes->key);
if (result)
{
aes->error = ERR_get_error();
return MZ_HASH_ERROR;
}
@ -248,22 +287,13 @@ void mz_crypt_aes_set_mode(void *handle, int32_t mode)
aes->mode = mode;
}
void mz_crypt_aes_set_algorithm(void *handle, uint16_t algorithm)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
aes->algorithm = algorithm;
}
void *mz_crypt_aes_create(void **handle)
{
mz_crypt_aes *aes = NULL;
aes = (mz_crypt_aes *)MZ_ALLOC(sizeof(mz_crypt_aes));
if (aes != NULL)
{
aes->algorithm = MZ_HASH_SHA256;
memset(aes, 0, sizeof(mz_crypt_aes));
}
if (handle != NULL)
*handle = aes;
@ -327,6 +357,7 @@ void mz_crypt_hmac_reset(void *handle)
int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length)
{
mz_crypt_hmac *hmac = (mz_crypt_hmac *)handle;
int32_t result = 0;
const EVP_MD *evp_md = NULL;
if (hmac == NULL || key == NULL)
@ -340,7 +371,12 @@ int32_t mz_crypt_hmac_init(void *handle, const void *key, int32_t key_length)
else
evp_md = EVP_sha256();
HMAC_Init(hmac->ctx, key, key_length, evp_md);
result = HMAC_Init(hmac->ctx, key, key_length, evp_md);
if (!result)
{
hmac->error = ERR_get_error();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
@ -355,7 +391,10 @@ int32_t mz_crypt_hmac_update(void *handle, const void *buf, int32_t size)
result = HMAC_Update(hmac->ctx, buf, size);
if (!result)
{
hmac->error = ERR_get_error();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
@ -383,7 +422,10 @@ int32_t mz_crypt_hmac_end(void *handle, uint8_t *digest, int32_t digest_size)
}
if (!result)
{
hmac->error = ERR_get_error();
return MZ_HASH_ERROR;
}
return MZ_OK;
}
@ -398,11 +440,18 @@ int32_t mz_crypt_hmac_copy(void *src_handle, void *target_handle)
{
mz_crypt_hmac *source = (mz_crypt_hmac *)src_handle;
mz_crypt_hmac *target = (mz_crypt_hmac *)target_handle;
int32_t result = 0;
if (source == NULL || target == NULL)
return MZ_PARAM_ERROR;
HMAC_CTX_copy(target->ctx, source->ctx);
result = HMAC_CTX_copy(target->ctx, source->ctx);
if (!result)
{
target->error = ERR_get_error();
return MZ_HASH_ERROR;
}
return MZ_OK;
}

87
mz_crypt_win32.c
View File

@ -183,7 +183,6 @@ typedef struct mz_crypt_aes_s {
HCRYPTKEY key;
int32_t mode;
int32_t error;
uint16_t algorithm;
} mz_crypt_aes;
/***************************************************************************/
@ -240,12 +239,19 @@ int32_t mz_crypt_aes_decrypt(void *handle, uint8_t *buf, int32_t size)
return size;
}
int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length)
static int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
HCRYPTHASH hash = 0;
ALG_ID alg_id = 0;
ALG_ID hash_alg_id = 0;
typedef struct key_blob_header_s {
BLOBHEADER hdr;
uint32_t key_length;
} key_blob_header_s;
key_blob_header_s *key_blob_s = NULL;
uint8_t *key_blob = NULL;
int32_t key_blob_size = 0;
int32_t result = 0;
int32_t err = MZ_OK;
@ -255,79 +261,68 @@ int32_t mz_crypt_aes_set_key(void *handle, const void *key, int32_t key_length)
mz_crypt_aes_reset(handle);
if (aes->mode == MZ_AES_ENCRYPTION_MODE_128)
if (key_length == MZ_AES_KEY_LENGTH(MZ_AES_ENCRYPTION_MODE_128))
alg_id = CALG_AES_128;
else if (aes->mode == MZ_AES_ENCRYPTION_MODE_192)
else if (key_length == MZ_AES_KEY_LENGTH(MZ_AES_ENCRYPTION_MODE_192))
alg_id = CALG_AES_192;
else
else if (key_length == MZ_AES_KEY_LENGTH(MZ_AES_ENCRYPTION_MODE_256))
alg_id = CALG_AES_256;
if (aes->algorithm == MZ_HASH_SHA1)
hash_alg_id = CALG_SHA1;
else
hash_alg_id = CALG_SHA_256;
return MZ_PARAM_ERROR;
result = CryptAcquireContext(&aes->provider, NULL, MS_ENH_RSA_AES_PROV, PROV_RSA_AES, CRYPT_VERIFYCONTEXT | CRYPT_SILENT);
if (result)
{
key_blob_size = sizeof(key_blob_header_s) + key_length;
key_blob = (uint8_t *)MZ_ALLOC(key_blob_size);
result = CryptAcquireContext(&aes->provider, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT | CRYPT_SILENT);
key_blob_s = (key_blob_header_s *)key_blob;
key_blob_s->hdr.bType = PLAINTEXTKEYBLOB;
key_blob_s->hdr.bVersion = CUR_BLOB_VERSION;
key_blob_s->hdr.aiKeyAlg = alg_id;
key_blob_s->hdr.reserved = 0;
key_blob_s->key_length = key_length;
memcpy(key_blob + sizeof(key_blob_header_s), key, key_length);
result = CryptImportKey(aes->provider, key_blob, key_blob_size, 0, CRYPT_IPSEC_HMAC_KEY, &aes->key);
}
if (!result)
{
aes->error = GetLastError();
err = MZ_CRYPT_ERROR;
}
if (result)
{
result = CryptCreateHash(aes->provider, hash_alg_id, 0, 0, &hash);
if (!result)
{
aes->error = GetLastError();
err = MZ_HASH_ERROR;
}
}
if (result)
{
result = CryptHashData(hash, key, key_length, 0);
if (!result)
{
aes->error = GetLastError();
err = MZ_HASH_ERROR;
}
}
if (result)
{
result = CryptDeriveKey(aes->provider, alg_id, hash, 0, &aes->key);
if (!result)
{
aes->error = GetLastError();
err = MZ_CRYPT_ERROR;
}
}
MZ_FREE(key_blob);
if (hash)
CryptDestroyHash(hash);
return err;
}
int32_t mz_crypt_aes_set_encrypt_key(void *handle, const void *key, int32_t key_length)
{
return mz_crypt_aes_set_key(handle, key, key_length);
}
int32_t mz_crypt_aes_set_decrypt_key(void *handle, const void *key, int32_t key_length)
{
return mz_crypt_aes_set_key(handle, key, key_length);
}
void mz_crypt_aes_set_mode(void *handle, int32_t mode)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
aes->mode = mode;
}
void mz_crypt_aes_set_algorithm(void *handle, uint16_t algorithm)
{
mz_crypt_aes *aes = (mz_crypt_aes *)handle;
aes->algorithm = algorithm;
}
void *mz_crypt_aes_create(void **handle)
{
mz_crypt_aes *aes = NULL;
aes = (mz_crypt_aes *)MZ_ALLOC(sizeof(mz_crypt_aes));
if (aes != NULL)
{
aes->algorithm = MZ_HASH_SHA256;
memset(aes, 0, sizeof(mz_crypt_aes));
}
if (handle != NULL)
*handle = aes;

7
mz_strm_wzaes.c
View File

@ -22,10 +22,8 @@
/***************************************************************************/
#define MZ_AES_KEY_LENGTH(mode) (8 * (mode & 3) + 8)
#define MZ_AES_KEY_LENGTH_MAX (32)
#define MZ_AES_KEYING_ITERATIONS (1000)
#define MZ_AES_SALT_LENGTH(mode) (4 * (mode & 3) + 4)
#define MZ_AES_SALT_LENGTH(MODE) (4 * (MODE & 3) + 4)
#define MZ_AES_SALT_LENGTH_MAX (16)
#define MZ_AES_PW_LENGTH_MAX (128)
#define MZ_AES_PW_VERIFY_SIZE (2)
@ -211,9 +209,8 @@ int32_t mz_stream_wzaes_open(void *stream, const char *path, int32_t mode)
// Initialize for encryption using key 1
mz_crypt_aes_reset(wzaes->aes);
mz_crypt_aes_set_algorithm(wzaes->aes, MZ_HASH_SHA1);
mz_crypt_aes_set_mode(wzaes->aes, wzaes->encryption_mode);
mz_crypt_aes_set_key(wzaes->aes, kbuf, key_length);
mz_crypt_aes_set_encrypt_key(wzaes->aes, kbuf, key_length);
// Initialize for authentication using key 2
mz_crypt_hmac_reset(wzaes->hmac);

6
test/test.c
View File

@ -485,7 +485,7 @@ void test_crypt_sha(void)
void test_crypt_aes(void)
{
void *aes = NULL;
char *key = "awesomekey";
char *key = "awesomekeythisis";
char *test = "youknowitsogrowi";
int32_t key_length = 0;
int32_t test_length = 0;
@ -510,7 +510,7 @@ void test_crypt_aes(void)
mz_crypt_aes_create(&aes);
mz_crypt_aes_set_mode(aes, MZ_AES_ENCRYPTION_MODE_256);
mz_crypt_aes_set_key(aes, key, key_length);
mz_crypt_aes_set_encrypt_key(aes, key, key_length);
mz_crypt_aes_encrypt(aes, buf, test_length);
mz_crypt_aes_delete(&aes);
@ -521,7 +521,7 @@ void test_crypt_aes(void)
mz_crypt_aes_create(&aes);
mz_crypt_aes_set_mode(aes, MZ_AES_ENCRYPTION_MODE_256);
mz_crypt_aes_set_key(aes, key, key_length);
mz_crypt_aes_set_decrypt_key(aes, key, key_length);
mz_crypt_aes_decrypt(aes, buf, test_length);
mz_crypt_aes_delete(&aes);