Codebase list libcryptx-perl / c14794b src / ltc / misc / pbes / pbes.c
c14794b

Tree @c14794b (Download .tar.gz)

pbes.c @c14794braw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
 *
 * LibTomCrypt is a library that provides various cryptographic
 * algorithms in a highly modular and flexible manner.
 *
 * The library is free for all purposes without any express
 * guarantee it works.
 */
#include "tomcrypt_private.h"

#ifdef LTC_PBES

/**
   Decrypt Data encrypted via either PBES1 or PBES2

   @param arg        The according PBES parameters
   @param dec_data   [out] The decrypted data
   @param dec_size   [in/out] The length of the encrypted resp. decrypted data
   @return CRYPT_OK on success
*/
int pbes_decrypt(const pbes_arg  *arg, unsigned char *dec_data, unsigned long *dec_size)
{
   int err, hid = -1, cid = -1;
   unsigned char k[32], *iv;
   unsigned long klen, keylen, dlen;
   long diff;
   symmetric_CBC cbc;

   LTC_ARGCHK(arg           != NULL);
   LTC_ARGCHK(arg->type.kdf != NULL);
   LTC_ARGCHK(dec_data      != NULL);
   LTC_ARGCHK(dec_size      != NULL);

   hid = find_hash(arg->type.h);
   if (hid == -1) return CRYPT_INVALID_HASH;
   cid = find_cipher(arg->type.c);
   if (cid == -1) return CRYPT_INVALID_CIPHER;

   klen = arg->type.keylen;

   /* RC2 special case */
   if (arg->key_bits != 0) {
      /* We can't handle odd lengths of Key Bits */
      if ((arg->key_bits % 8) != 0) return CRYPT_INVALID_KEYSIZE;
      /* Internally we use bytes, not bits */
      klen = arg->key_bits / 8;
   }
   keylen = klen;

   if (arg->iv != NULL) {
      iv = arg->iv->data;
   } else {
      iv = k + klen;
      klen += arg->type.blocklen;
   }

   if (klen > sizeof(k)) return CRYPT_INVALID_ARG;

   if ((err = arg->type.kdf(arg->pwd, arg->pwdlen, arg->salt->data, arg->salt->size, arg->iterations, hid, k, &klen)) != CRYPT_OK) goto LBL_ERROR;
   if ((err = cbc_start(cid, iv, k, keylen, 0, &cbc)) != CRYPT_OK) goto LBL_ERROR;
   if ((err = cbc_decrypt(arg->enc_data->data, dec_data, arg->enc_data->size, &cbc)) != CRYPT_OK) goto LBL_ERROR;
   if ((err = cbc_done(&cbc)) != CRYPT_OK) goto LBL_ERROR;
   dlen = arg->enc_data->size;
   if ((err = padding_depad(dec_data, &dlen, LTC_PAD_PKCS7)) != CRYPT_OK) goto LBL_ERROR;
   diff = (long)arg->enc_data->size - (long)dlen;
   if ((diff <= 0) || (diff > cipher_descriptor[cid].block_length)) {
      err = CRYPT_PK_INVALID_PADDING;
      goto LBL_ERROR;
   }
   *dec_size = dlen;
   return CRYPT_OK;

LBL_ERROR:
   zeromem(k, sizeof(k));
   zeromem(dec_data, *dec_size);
   return err;
}

#endif

/* ref:         $Format:%D$ */
/* git commit:  $Format:%H$ */
/* commit time: $Format:%ai$ */