VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/libzip/zip_crypto_gnutls.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/Common/libzip/zip_crypto_gnutls.c')
-rw-r--r--src/Common/libzip/zip_crypto_gnutls.c134
1 files changed, 134 insertions, 0 deletions
diff --git a/src/Common/libzip/zip_crypto_gnutls.c b/src/Common/libzip/zip_crypto_gnutls.c
new file mode 100644
index 00000000..1a25aa12
--- /dev/null
+++ b/src/Common/libzip/zip_crypto_gnutls.c
@@ -0,0 +1,134 @@
+/*
+ zip_crypto_gnutls.c -- GnuTLS wrapper.
+ Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner
+
+ This file is part of libzip, a library to manipulate ZIP archives.
+ The authors can be contacted at <info@libzip.org>
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in
+ the documentation and/or other materials provided with the
+ distribution.
+ 3. The names of the authors may not be used to endorse or promote
+ products derived from this software without specific prior
+ written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS
+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+#include <stdlib.h>
+
+#include "zipint.h"
+
+#include "zip_crypto.h"
+
+_zip_crypto_aes_t *
+_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) {
+ _zip_crypto_aes_t *aes;
+
+ if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) {
+ zip_error_set(error, ZIP_ER_MEMORY, 0);
+ return NULL;
+ }
+
+ aes->key_size = key_size;
+
+ switch (aes->key_size) {
+ case 128:
+ nettle_aes128_set_encrypt_key(&aes->ctx.ctx_128, key);
+ break;
+ case 192:
+ nettle_aes192_set_encrypt_key(&aes->ctx.ctx_192, key);
+ break;
+ case 256:
+ nettle_aes256_set_encrypt_key(&aes->ctx.ctx_256, key);
+ break;
+ default:
+ zip_error_set(error, ZIP_ER_INVAL, 0);
+ free(aes);
+ return NULL;
+ }
+
+ return aes;
+}
+
+bool
+_zip_crypto_aes_encrypt_block(_zip_crypto_aes_t *aes, const zip_uint8_t *in, zip_uint8_t *out) {
+ switch (aes->key_size) {
+ case 128:
+ nettle_aes128_encrypt(&aes->ctx.ctx_128, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in);
+ break;
+ case 192:
+ nettle_aes192_encrypt(&aes->ctx.ctx_192, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in);
+ break;
+ case 256:
+ nettle_aes256_encrypt(&aes->ctx.ctx_256, ZIP_CRYPTO_AES_BLOCK_LENGTH, out, in);
+ break;
+ }
+
+ return true;
+}
+
+void
+_zip_crypto_aes_free(_zip_crypto_aes_t *aes) {
+ if (aes == NULL) {
+ return;
+ }
+
+ _zip_crypto_clear(aes, sizeof(*aes));
+ free(aes);
+}
+
+
+_zip_crypto_hmac_t *
+_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) {
+ _zip_crypto_hmac_t *hmac;
+
+ if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) {
+ zip_error_set(error, ZIP_ER_MEMORY, 0);
+ return NULL;
+ }
+
+ if (gnutls_hmac_init(hmac, GNUTLS_MAC_SHA1, secret, secret_length) < 0) {
+ zip_error_set(error, ZIP_ER_INTERNAL, 0);
+ free(hmac);
+ return NULL;
+ }
+
+ return hmac;
+}
+
+
+void
+_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) {
+ zip_uint8_t buf[ZIP_CRYPTO_SHA1_LENGTH];
+
+ if (hmac == NULL) {
+ return;
+ }
+
+ gnutls_hmac_deinit(*hmac, buf);
+ _zip_crypto_clear(hmac, sizeof(*hmac));
+ free(hmac);
+}
+
+
+ZIP_EXTERN bool
+zip_secure_random(zip_uint8_t *buffer, zip_uint16_t length) {
+ return gnutls_rnd(GNUTLS_RND_KEY, buffer, length) == 0;
+}