all flags works for encrypting in ecb mode
This commit is contained in:
parent
b807f0a3bb
commit
a5b4066b3f
7 changed files with 120 additions and 127 deletions
3
Makefile
3
Makefile
|
|
@ -140,7 +140,7 @@ DES_SRC = ft_des_initial_permutation.c \
|
|||
ft_des_generate_decryption_round_keys.c \
|
||||
ft_des_ecb.c \
|
||||
ft_des_init_ctx.c \
|
||||
ft_des_derive_key.c \
|
||||
ft_des_encryption_key_routine.c \
|
||||
ft_des_print_error.c \
|
||||
ft_des_arg_parsers.c \
|
||||
ft_des_ecb_encrypt.c \
|
||||
|
|
@ -277,6 +277,7 @@ clean:
|
|||
fclean: clean
|
||||
rm -f $(NAME)
|
||||
rm -f $(TEST_BIN)
|
||||
rm -rf $(OPENSSL_BLD)
|
||||
$(MAKE) -C $(LIBFT_DIR) fclean
|
||||
|
||||
re: fclean all
|
||||
|
|
|
|||
|
|
@ -41,8 +41,8 @@ typedef struct s_des_ctx
|
|||
int b64;
|
||||
int readed;
|
||||
t_byte1 buffer[FT_DES_BYTE_BLOCK_SIZE];
|
||||
t_byte1 salt[FT_DES_BYTE_BLOCK_SIZE];
|
||||
t_byte1 key[FT_DES_INITIAL_KEY_SIZE];
|
||||
t_byte1 salt[FT_DES_BIT_BLOCK_SIZE];
|
||||
t_byte1 iv[FT_DES_BIT_BLOCK_SIZE];
|
||||
t_byte1 round_keys[FT_DES_ROUND_COUNT]
|
||||
[FT_DES_ROUND_KEY_SIZE];
|
||||
|
|
@ -364,7 +364,7 @@ void ft_des_byte_to_bits
|
|||
t_byte8 bits_len
|
||||
);
|
||||
|
||||
void ft_des_derive_key
|
||||
void ft_des_encryption_key_routine
|
||||
(
|
||||
t_des_ctx *ctx
|
||||
);
|
||||
|
|
|
|||
|
|
@ -1,33 +1,37 @@
|
|||
// ENCRYPTING
|
||||
|
||||
1. "openssl des-ecb -S a"
|
||||
prompts to enter password, generate key with given pass and salt,
|
||||
"openssl des-ecb"
|
||||
prompts to enter password, derive key with generated salt and pass,
|
||||
prepend salt header.
|
||||
|
||||
2. "openssl des-ecb -pass pass:asd"
|
||||
"openssl des-ecb -S a"
|
||||
prompts to enter password, derive key with given salt and generated pass,
|
||||
prepend salt header.
|
||||
|
||||
"openssl des-ecb -pass pass:asd"
|
||||
generate salt and key, prepend salt header.
|
||||
|
||||
3. "openssl des-ecb -S a -pass:asd"
|
||||
"openssl des-ecb -S a -pass:asd"
|
||||
generate key from givent salt and pass, prepend header.
|
||||
|
||||
4. "openssl des-ecb -S a -pass:asd -K 1"
|
||||
"openssl des-ecb -S a -pass:asd -K 1"
|
||||
encrypt with GIVEN key, prepend GIVEN salt headaer.
|
||||
|
||||
5. "openssl des-ecb -K 1"
|
||||
"openssl des-ecb -K 1"
|
||||
encrypt with given key, doesn't generate and prepend salt.
|
||||
|
||||
6. "openssl des-ecb -S 0 -pass pass:asd -P -pbkdf2"
|
||||
"openssl des-ecb -S 0 -pass pass:asd -P -pbkdf2"
|
||||
generate key using PKCS5_PBKDF2_HMAC with 10000 iteration,
|
||||
8 byte salt, 3 byte key, sha256 hash function, prepend salt header.
|
||||
|
||||
// DECRYPTING
|
||||
|
||||
7. "echo -n Salted__ | openssl des-ecb -d"
|
||||
"echo -n Salted__ | openssl des-ecb -d"
|
||||
prompts to enter password, generate key but fails to decode.
|
||||
|
||||
8. "echo -n Salted__aaaaaaaa | openssl des-ecb -d"
|
||||
"echo -n Salted__aaaaaaaa | openssl des-ecb -d"
|
||||
prompts to enter password, generate key but fails to validate padding.
|
||||
|
||||
9. openssl doesn't expect "Salted__" header only when -K or -S flag supplied
|
||||
openssl doesn't expect "Salted__" header only when -K or -S flag supplied
|
||||
(or both simultaneously, in this case salt is discarded),
|
||||
in any other case salt should be readed from message.
|
||||
|
|
|
|||
|
|
@ -1,113 +0,0 @@
|
|||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include "ft_des.h"
|
||||
#include "ft_pbkdf2.h"
|
||||
#include "libft.h"
|
||||
|
||||
static void get_pass
|
||||
(
|
||||
char pass[128]
|
||||
)
|
||||
{
|
||||
char *first_try[128];
|
||||
char *second_try[128];
|
||||
|
||||
ft_bzero(first_try, 128);
|
||||
ft_bzero(second_try, 128);
|
||||
ft_strcpy((char *)first_try, getpass("enter password:"));
|
||||
ft_strcpy((char *)second_try, getpass("retype password:"));
|
||||
if (ft_strcmp((const char *)first_try, (const char *)second_try) != 0)
|
||||
ft_des_print_error("passwords doesn't match");
|
||||
ft_strcpy(pass, (const char *)first_try);
|
||||
}
|
||||
|
||||
static void generate_salt
|
||||
(
|
||||
char salt[FT_DES_BYTE_BLOCK_SIZE]
|
||||
)
|
||||
{
|
||||
int fd;
|
||||
|
||||
fd = open("/dev/random", O_RDONLY);
|
||||
if (fd == -1)
|
||||
{
|
||||
perror("des");
|
||||
exit(1);
|
||||
}
|
||||
read(fd, salt, FT_DES_BYTE_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
static void no_arguments
|
||||
(
|
||||
t_des_ctx *ctx,
|
||||
t_pbkdf2_sha256_ctx *pbkdf_ctx
|
||||
)
|
||||
{
|
||||
char pass[128];
|
||||
char salt[FT_DES_BYTE_BLOCK_SIZE];
|
||||
t_byte1 key[FT_DES_BYTE_BLOCK_SIZE];
|
||||
|
||||
get_pass(pass);
|
||||
generate_salt(salt);
|
||||
|
||||
pbkdf_ctx->iterations = 10000;
|
||||
pbkdf_ctx->key = key;
|
||||
pbkdf_ctx->salt_len = FT_DES_BYTE_BLOCK_SIZE;
|
||||
pbkdf_ctx->pass = (t_byte1 *)pass;
|
||||
pbkdf_ctx->salt = (t_byte1 *)salt;
|
||||
pbkdf_ctx->pass_len = ft_strlen((char *)pass);
|
||||
pbkdf_ctx->key_len = FT_DES_BYTE_BLOCK_SIZE;
|
||||
ft_pbkdf2_sha256(pbkdf_ctx);
|
||||
ft_des_byte_to_bits(key, FT_DES_BYTE_BLOCK_SIZE, ctx->key,
|
||||
FT_DES_INITIAL_KEY_SIZE);
|
||||
write(ctx->output_fd, "Salted__", 8);
|
||||
write(ctx->output_fd, salt, FT_DES_BYTE_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
void ft_des_derive_key
|
||||
(
|
||||
t_des_ctx *ctx
|
||||
)
|
||||
{
|
||||
t_pbkdf2_sha256_ctx pbkdf_ctx;
|
||||
t_byte1 key[FT_DES_BYTE_BLOCK_SIZE];
|
||||
|
||||
if (!ctx->raw_key && !ctx->raw_salt && !ctx->raw_password)
|
||||
{
|
||||
no_arguments(ctx, &pbkdf_ctx);
|
||||
return ;
|
||||
}
|
||||
|
||||
if (ctx->raw_key)
|
||||
{
|
||||
if (ft_des_hex_to_bit(ctx->raw_key, ctx->key, FT_DES_BIT_BLOCK_SIZE))
|
||||
ft_des_print_error("wrong char in key");
|
||||
return ;
|
||||
}
|
||||
// if (ctx->decode)
|
||||
// {
|
||||
// readed = read(ctx->input_fd, buffer, FT_DES_BYTE_BLOCK_SIZE);
|
||||
// if (readed != FT_DES_BYTE_BLOCK_SIZE)
|
||||
// ft_des_print_error("wrong input");
|
||||
// if (ft_strcmp("Salted__", buffer) == 0)
|
||||
// {
|
||||
// readed = read(ctx->input_fd, buffer, FT_DES_BYTE_BLOCK_SIZE);
|
||||
// if (readed != FT_DES_BYTE_BLOCK_SIZE)
|
||||
// ft_des_print_error("wrong salt");
|
||||
// pbkdf_ctx.salt = buffer;
|
||||
// }
|
||||
// else
|
||||
// ft_des_pr
|
||||
// }
|
||||
pbkdf_ctx.iterations = 10000;
|
||||
pbkdf_ctx.key = key;
|
||||
pbkdf_ctx.salt_len = FT_DES_BYTE_BLOCK_SIZE;
|
||||
pbkdf_ctx.pass = (t_byte1 *)ctx->raw_password;
|
||||
pbkdf_ctx.salt = ctx->salt;
|
||||
pbkdf_ctx.pass_len = ft_strlen((char *)ctx->raw_password);
|
||||
pbkdf_ctx.key_len = FT_DES_BYTE_BLOCK_SIZE;
|
||||
ft_pbkdf2_sha256(&pbkdf_ctx);
|
||||
ft_des_byte_to_bits(key, FT_DES_BYTE_BLOCK_SIZE, ctx->key,
|
||||
FT_DES_INITIAL_KEY_SIZE);
|
||||
}
|
||||
|
|
@ -78,7 +78,6 @@ void ft_des_ecb
|
|||
|
||||
ft_des_init_ctx(&ctx);
|
||||
parse_args(argc, argv, &ctx);
|
||||
ft_des_derive_key(&ctx);
|
||||
if (ctx.decode)
|
||||
{
|
||||
if (ctx.b64)
|
||||
|
|
@ -88,6 +87,7 @@ void ft_des_ecb
|
|||
}
|
||||
else
|
||||
{
|
||||
ft_des_encryption_key_routine(&ctx);
|
||||
if (ctx.b64)
|
||||
ft_des_ecb_encrypt_b64(&ctx);
|
||||
else
|
||||
|
|
|
|||
|
|
@ -11,6 +11,11 @@ void ft_des_ecb_encrypt
|
|||
t_byte8 readed;
|
||||
|
||||
ft_des_generate_encryption_round_keys(ctx->key, ctx->round_keys);
|
||||
if (ctx->raw_password)
|
||||
{
|
||||
write(ctx->output_fd, "Salted__", 8);
|
||||
write(ctx->output_fd, ctx->salt, FT_DES_BYTE_BLOCK_SIZE);
|
||||
}
|
||||
while((readed = read(ctx->input_fd, buffer, FT_DES_READ_SIZE)) > 0)
|
||||
ft_des_ecb_encode_process_chunk(ctx, readed, buffer);
|
||||
ft_des_ecb_finish_encrypt(ctx);
|
||||
|
|
|
|||
96
src/des/ft_des_encryption_key_routine.c
Normal file
96
src/des/ft_des_encryption_key_routine.c
Normal file
|
|
@ -0,0 +1,96 @@
|
|||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include "ft_des.h"
|
||||
#include "ft_pbkdf2.h"
|
||||
#include "libft.h"
|
||||
|
||||
static void derive_key
|
||||
(
|
||||
t_des_ctx *ctx
|
||||
)
|
||||
{
|
||||
t_pbkdf2_sha256_ctx pbkdf_ctx;
|
||||
t_byte1 byte_key[FT_DES_BYTE_BLOCK_SIZE];
|
||||
|
||||
pbkdf_ctx.iterations = 10000;
|
||||
pbkdf_ctx.key = byte_key;
|
||||
pbkdf_ctx.salt_len = FT_DES_BYTE_BLOCK_SIZE;
|
||||
pbkdf_ctx.key_len = FT_DES_BYTE_BLOCK_SIZE;
|
||||
pbkdf_ctx.pass_len = ft_strlen((char *)ctx->raw_password);
|
||||
pbkdf_ctx.pass = (t_byte1 *)ctx->raw_password;
|
||||
pbkdf_ctx.salt = (t_byte1 *)ctx->salt;
|
||||
ft_pbkdf2_sha256(&pbkdf_ctx);
|
||||
ft_des_byte_to_bits(byte_key, FT_DES_BYTE_BLOCK_SIZE, ctx->key,
|
||||
FT_DES_INITIAL_KEY_SIZE);
|
||||
}
|
||||
|
||||
static void get_pass
|
||||
(
|
||||
char pass[128]
|
||||
)
|
||||
{
|
||||
char *first_try[128];
|
||||
char *second_try[128];
|
||||
|
||||
ft_bzero(first_try, 128);
|
||||
ft_bzero(second_try, 128);
|
||||
ft_strcpy((char *)first_try, getpass("enter password:"));
|
||||
if (!ft_strlen((const char *)first_try))
|
||||
exit(1);
|
||||
ft_strcpy((char *)second_try, getpass("retype password:"));
|
||||
if (ft_strcmp((const char *)first_try, (const char *)second_try) != 0)
|
||||
ft_des_print_error("passwords doesn't match");
|
||||
ft_strcpy(pass, (const char *)first_try);
|
||||
}
|
||||
|
||||
static void get_salt
|
||||
(
|
||||
char salt[FT_DES_BYTE_BLOCK_SIZE]
|
||||
)
|
||||
{
|
||||
int fd;
|
||||
|
||||
fd = open("/dev/random", O_RDONLY);
|
||||
if (fd == -1)
|
||||
{
|
||||
perror("des");
|
||||
exit(1);
|
||||
}
|
||||
read(fd, salt, FT_DES_BYTE_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
static void get_key
|
||||
(
|
||||
t_des_ctx *ctx
|
||||
)
|
||||
{
|
||||
const char *wrong_char;
|
||||
|
||||
wrong_char = ft_des_hex_to_bit(ctx->raw_key, ctx->key,
|
||||
FT_DES_INITIAL_KEY_SIZE);
|
||||
if (wrong_char)
|
||||
ft_des_print_error("wrong char in hex key");
|
||||
}
|
||||
|
||||
void ft_des_encryption_key_routine
|
||||
(
|
||||
t_des_ctx *ctx
|
||||
)
|
||||
{
|
||||
char pass[128];
|
||||
|
||||
if (ctx->raw_key)
|
||||
{
|
||||
get_key(ctx);
|
||||
return ;
|
||||
}
|
||||
if (!ctx->raw_password)
|
||||
{
|
||||
get_pass(pass);
|
||||
ctx->raw_password = pass;
|
||||
}
|
||||
if (!ctx->raw_salt)
|
||||
get_salt((char *)ctx->salt);
|
||||
derive_key(ctx);
|
||||
}
|
||||
Loading…
Reference in a new issue