From d7b7eeb53f8b464a69ce2ca1f955959ddcefcf7c Mon Sep 17 00:00:00 2001 From: muquit Date: Mon, 1 Jun 2015 13:14:06 -0400 Subject: [PATCH 1/3] removed duplicated code. also uses less memory now. code cleanup --- Changelog.asc | 5 + Makefile | 6 +- Makefile.in | 2 +- rn_encrypt_with_key.c | 1 + rncryptor_c.c | 465 ++++++--------------------------- tests/test_with_test_vectors.c | 3 +- tests/verify.c | 1 + tests/vg.sh | 2 +- 8 files changed, 98 insertions(+), 387 deletions(-) diff --git a/Changelog.asc b/Changelog.asc index b14f585..459f43b 100644 --- a/Changelog.asc +++ b/Changelog.asc @@ -1,5 +1,10 @@ = ChangeLog file for RNCryptor-C += v1.03 +* Removed duplicate code, now uses less memory. Lots of Code cleanup. + +(Jun-01-2015) + = v1.02 * Implemented function +rncryptorc_encrypt_data_with_password_with_salts_and_iv()+ so that caller can pass encryption salt, hmac salt and iv. diff --git a/Makefile b/Makefile index 14c1a13..d254a43 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ srcdir = . top_srcdir = . CC= gcc -DEFS= -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STRING_H=1 -DHAVE_STRINGS_H=1 -DHAVE_MEMORY_H=1 -DHAVE_UNISTD_H=1 -DHAVE_CTYPE_H=1 -DHAVE_STDINT_H=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_STDLIB_H=1 -DHAVE_FCNTL_H=1 -DHAVE_SYS_FILE_H=1 -DHAVE_LIMITS_H=1 -DHAVE_SYS_SYSLIMITS_H=1 -DHAVE_RAND_R=1 -DHAVE_SOCKET=1 -DHAVE_GETADDRINFO=1 -DSIZEOF_VOID_P=8 -DHAVE_OPENSSL=1 -DUNIX +DEFS= -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STRING_H=1 -DHAVE_STRINGS_H=1 -DHAVE_MEMORY_H=1 -DHAVE_MALLOC_H=1 -DHAVE_UNISTD_H=1 -DHAVE_CTYPE_H=1 -DHAVE_STDINT_H=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_STDLIB_H=1 -DHAVE_FCNTL_H=1 -DHAVE_SYS_FILE_H=1 -DHAVE_LIMITS_H=1 -DHAVE_RAND_R=1 -DHAVE_SOCKET=1 -DHAVE_GETADDRINFO=1 -DSIZEOF_VOID_P=4 -DHAVE_OPENSSL=1 -DUNIX AR= /usr/bin/ar ARFLAGS = cruv RANLIB= ranlib @@ -43,7 +43,7 @@ INCLUDES= -I. $(OPENSSL_INC) DEFINES= $(INCLUDES) $(DEFS) -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 \ -DHAVE_MATH_H=1 -CFLAGS= -g -O2 -Wall $(DEFINES) +CFLAGS= -g -Wall $(DEFINES) LIBS=$(LIBNAME) $(OPENSSL_LIBS) SRCS = rncryptor_c.c mutils.c @@ -73,7 +73,7 @@ gen_tester: $(CC) $(CFLAGS) tests/test_with_test_vectors.c -o tests/test_with_test_vectors $(LIBS) # sanity test -test_simple: +test_simple:examples +ruby tests/test.rb # test code must be pre-generated with target gen_test_vector_code diff --git a/Makefile.in b/Makefile.in index ebc4140..891800f 100755 --- a/Makefile.in +++ b/Makefile.in @@ -73,7 +73,7 @@ gen_tester: $(CC) $(CFLAGS) tests/test_with_test_vectors.c -o tests/test_with_test_vectors $(LIBS) # sanity test -test_simple: +test_simple:examples +ruby tests/test.rb # test code must be pre-generated with target gen_test_vector_code diff --git a/rn_encrypt_with_key.c b/rn_encrypt_with_key.c index b6e39ae..f83d56b 100644 --- a/rn_encrypt_with_key.c +++ b/rn_encrypt_with_key.c @@ -66,6 +66,7 @@ int main(int argc,char *argv[]) } memset(errbuf,0,sizeof(errbuf)); + rncryptorc_set_debug(1); outdata = rncryptorc_encrypt_file_with_key(plain_file, RNCRYPTOR3_KDF_ITER, encr_key, diff --git a/rncryptor_c.c b/rncryptor_c.c index 71ba33f..9ec55b4 100644 --- a/rncryptor_c.c +++ b/rncryptor_c.c @@ -369,7 +369,7 @@ static RNCryptorInfo *decode_encrypted_blob(MutilsBlob *blob) /* ** returns SUCCESS or FAILRUE ** if key based encryption/decryption is used, pass ci->hmac_key, also pass -** password as NULL, length of pasword as 0 +** password as NULL and length of pasword as 0 */ static int verify_hmac(RNCryptorInfo *ci,const char *password, int password_len) { @@ -447,42 +447,18 @@ unsigned char *rncryptorc_encrypt_data_with_password(const unsigned char *indata char *errbuf, int errbuf_len) { - RNCryptorInfo - *ci = NULL; - - MutilsBlob - *blob = NULL, - *plain_blob = NULL; - - EVP_CIPHER_CTX - cipher_ctx; - - HMAC_CTX - hmac_ctx; - int rc=FAILURE; - const EVP_MD - *sha256 = NULL; - - int - outlen1 = 0, - outlen2 = 0; - - unsigned int - hmac_len; - unsigned char - hmac_sha256[32]; + encr_salt_8[8], + hmac_salt_8[8], + iv_16[16]; unsigned char *output = NULL; - unsigned int - blocksize = 16; - - + *outdata_len = 0; log_debug("%s:%d - verifying input",MCFL); if (errbuf_len <= 0) { @@ -491,18 +467,10 @@ unsigned char *rncryptorc_encrypt_data_with_password(const unsigned char *indata } memset(errbuf,0,errbuf_len); - if (indata == NULL) - { - (void)snprintf(errbuf,errbuf_len-1,"%s", - "input data can is NULL"); - goto ExitProcessing; - } - if (indata_len <= 0) - { - (void)snprintf(errbuf,errbuf_len-1,"Invalid input data length %d", - indata_len); - goto ExitProcessing; - } + memset(encr_salt_8,0,8); + memset(hmac_salt_8,0,8); + memset(iv_16,0,16); + /* input can be empty */ if (password == NULL || *password == '\0') { (void)snprintf(errbuf,errbuf_len-1,"%s", @@ -515,162 +483,46 @@ unsigned char *rncryptorc_encrypt_data_with_password(const unsigned char *indata goto ExitProcessing; } - ci = allocate_rncryptor_info(); - if (!ci) - { - goto ExitProcessing; - } - ci->kdf_iter = kdf_iter; - ci->options = 0x01; - - /* - ** Convert input data to our blob. Allocating again just for - ** simplicity, blob could be passed in here but then the api gets - ** complicated! - */ - plain_blob = mutils_data_to_blob((unsigned char *)indata,indata_len); - CHECK_MALLOC(plain_blob); - log_debug("%s:%d - input data size %d bytes", - MCFL, - plain_blob->length); - ci->blob = plain_blob; - log_debug("%s:%d - Encoding",MCFL); - - /* - ** Encode. memory will be re-allocated if needed. - */ - blob = mutils_allocate_blob(plain_blob->length); - CHECK_MALLOC(blob); - - /* version */ - mutils_write_blob_byte(blob,ci->version); - - /* options */ - mutils_write_blob_byte(blob,ci->options); - - /* 8 byte encryption salt, we're using password */ - rc = RAND_bytes(ci->encryption_salt,8); - if (rc != 1) - { - (void)snprintf(errbuf,errbuf_len-1,"%s", - "Could not generate random encryption salt"); - goto ExitProcessing; - } - mutils_write_blob(blob,8,ci->encryption_salt); - /* 8 byte hmac salt */ - rc = RAND_bytes(ci->hmac_salt,8); + rc = RAND_bytes(hmac_salt_8,8); if (rc != 1) { (void)snprintf(errbuf,errbuf_len-1,"%s", "Could not generate random HMAC salt"); goto ExitProcessing; } - mutils_write_blob(blob,8,ci->hmac_salt); - /* 16 byte iv */ - rc = RAND_bytes(ci->iv,16); - if (rc != 1) - { - (void)snprintf(errbuf,errbuf_len-1,"%s", - "Could not generate random IV"); - goto ExitProcessing; - } - mutils_write_blob(blob,16,ci->iv); - - log_debug("%s:%d - Deriving HMAC key with salt, iterations %d", - MCFL, - ci->kdf_iter); - /* Derive HMAC key from password using hmac salt and iteration as per RFC2898 */ - rc = PKCS5_PBKDF2_HMAC_SHA1(password,password_length, - ci->hmac_salt, - 8, - ci->kdf_iter, - 32, - ci->hmac_key); /* ci->hmac_key is returend */ + /* 8 byte encryption salt, we're using password */ + rc = RAND_bytes(encr_salt_8,8); if (rc != 1) { - log_err("ERROR: Could not derive key from password with hmac salt and iter"); (void)snprintf(errbuf,errbuf_len-1,"%s", - "Could not derive key from password with hmac salt and iter"); + "Could not generate random encryption salt"); goto ExitProcessing; } - log_debug("%s:%d - Deriving Cipher key with salt, iterations %d", - MCFL, - ci->kdf_iter); - /* Derive cipher key from password using encr salt and iteration as per RFC2898 */ - rc = PKCS5_PBKDF2_HMAC_SHA1(password,password_length, - ci->encryption_salt, - 8, - ci->kdf_iter, - 32, - ci->encr_key); /* ci->encr_key is returend */ + /* 16 byte iv */ + rc = RAND_bytes(iv_16,16); if (rc != 1) { - log_err("ERROR: Could not derive key from password with encr salt and iter"); (void)snprintf(errbuf,errbuf_len-1,"%s", - "Could not derive key from password with encr salt and iter"); + "Could not generate random IV"); goto ExitProcessing; } - log_debug("%s:%d - Encrypting..",MCFL); - /* create cipher text */ - EVP_EncryptInit(&cipher_ctx,EVP_aes_256_cbc(),ci->encr_key,ci->iv); - blocksize = EVP_CIPHER_CTX_block_size(&cipher_ctx); - log_debug("%s:%d - Block size: %ld",MCFL,blocksize); - /* allocate space for cipher text */ - ci->cipher_text_length = - plain_blob->length + blocksize - (plain_blob->length % blocksize); - ci->cipher_text = - (unsigned char *) malloc(ci->cipher_text_length * sizeof(unsigned char)); - EVP_EncryptUpdate(&cipher_ctx,ci->cipher_text, &outlen1, - plain_blob->data,plain_blob->length); - EVP_EncryptFinal(&cipher_ctx,ci->cipher_text + outlen1,&outlen2); - EVP_CIPHER_CTX_cleanup(&cipher_ctx); - mutils_write_blob(blob,outlen1 + outlen2,ci->cipher_text); - - log_debug("%s:%d - Plain text length: %d",MCFL,plain_blob->length); - log_debug("%s:%d - Cipther text length: %d",MCFL,ci->cipher_text_length); - log_debug("%s:%d - Padding %d bytes", - MCFL,ci->cipher_text_length - plain_blob->length); - log_debug("%s:%d - outdata len: %d",MCFL,outlen1 + outlen2); - - /* don't need plain blob anymore */ - mutils_destroy_blob(plain_blob); - plain_blob = NULL; - - log_debug("%s:%d - calculating HMAC-SHA256",MCFL); - /* calculate HMAC-SHA256 */ - sha256 = EVP_sha256(); - HMAC_CTX_init(&hmac_ctx); - HMAC_Init(&hmac_ctx,ci->hmac_key,32,sha256); - HMAC_Update(&hmac_ctx,blob->data,blob->length); - HMAC_Final(&hmac_ctx,hmac_sha256,&hmac_len); - HMAC_CTX_cleanup(&hmac_ctx); - mutils_write_blob(blob,hmac_len,hmac_sha256); - log_debug("%s:%d - Output lenth %lu",MCFL,blob->length); - - output = (unsigned char *)malloc(blob->length * sizeof(unsigned char)); - CHECK_MALLOC(output); + output = rncryptorc_encrypt_data_with_password_with_salts_and_iv(indata, + indata_len, + kdf_iter, + password, + password_length, + encr_salt_8, + hmac_salt_8, + iv_16, + outdata_len, + errbuf, + errbuf_len); - memcpy(output,blob->data,blob->length); - *outdata_len = blob->length; ExitProcessing: - if (ci) - { - free_rncryptor_info(ci); - } - - if (plain_blob) - { - mutils_destroy_blob(plain_blob); - } - - if (blob) - { - mutils_destroy_blob(blob); - } return(output); } @@ -721,9 +573,12 @@ unsigned char *rncryptorc_encrypt_data_with_password_with_salts_and_iv(const uns blocksize = 16; unsigned char - *ciphertext, + *ciphertext = NULL; + + unsigned char encr_key[32], hmac_key[32]; + int ciphertext_len; @@ -736,6 +591,8 @@ unsigned char *rncryptorc_encrypt_data_with_password_with_salts_and_iv(const uns } memset(errbuf,0,errbuf_len); + memset(encr_key,0,sizeof(encr_key)); + memset(hmac_key,0,sizeof(hmac_key)); if (password == NULL || *password == '\0') { (void)snprintf(errbuf,errbuf_len-1,"%s", @@ -777,11 +634,6 @@ unsigned char *rncryptorc_encrypt_data_with_password_with_salts_and_iv(const uns blocksize = EVP_CIPHER_CTX_block_size(&cipher_ctx); log_debug("%s:%d - Block size: %ld",MCFL,blocksize); - /* - ** Convert input data to our blob. Allocating again just for - ** simplicity, blob could be passed in here but then the api gets - ** complicated! - */ if (indata == NULL && indata_len == 0) { blob = mutils_allocate_blob(blocksize); @@ -834,13 +686,12 @@ unsigned char *rncryptorc_encrypt_data_with_password_with_salts_and_iv(const uns } log_debug("%s:%d - Encrypting..",MCFL); - /* create cipher text */ /* allocate space for cipher text */ ciphertext_len = indata_len + blocksize - (indata_len % blocksize); ciphertext = (unsigned char *) malloc(ciphertext_len * sizeof(unsigned char)); CHECK_MALLOC(ciphertext); - EVP_EncryptUpdate(&cipher_ctx,ciphertext, &outlen1,indata,indata_len); + EVP_EncryptUpdate(&cipher_ctx,ciphertext,&outlen1,indata,indata_len); EVP_EncryptFinal(&cipher_ctx,ciphertext + outlen1,&outlen2); EVP_CIPHER_CTX_cleanup(&cipher_ctx); mutils_write_blob(blob,outlen1 + outlen2,ciphertext); @@ -848,14 +699,15 @@ unsigned char *rncryptorc_encrypt_data_with_password_with_salts_and_iv(const uns log_debug("%s:%d - Plain text length: %d",MCFL,indata_len); log_debug("%s:%d - Cipther text length: %d",MCFL,outlen1 + outlen2); log_debug("%s:%d - Padding %d bytes", - MCFL,ciphertext_len - indata_len); + MCFL, + (ciphertext_len - indata_len)); log_debug("%s:%d - outdata len: %d",MCFL,outlen1 + outlen2); log_debug("%s:%d - calculating HMAC-SHA256",MCFL); /* calculate HMAC-SHA256 */ sha256 = EVP_sha256(); HMAC_CTX_init(&hmac_ctx); - HMAC_Init(&hmac_ctx,hmac_key,32,sha256); + HMAC_Init(&hmac_ctx,hmac_key,sizeof(hmac_key),sha256); HMAC_Update(&hmac_ctx,blob->data,blob->length); HMAC_Final(&hmac_ctx,hmac_sha256,&hmac_len); HMAC_CTX_cleanup(&hmac_ctx); @@ -878,6 +730,10 @@ unsigned char *rncryptorc_encrypt_data_with_password_with_salts_and_iv(const uns { mutils_destroy_blob(blob); } + if (ciphertext) + { + (void)free((char *)ciphertext); + } return(output); } @@ -890,39 +746,17 @@ unsigned char *rncryptorc_encrypt_data_with_key(const unsigned char *indata, char *errbuf, int errbuf_len) { - RNCryptorInfo - *ci = NULL; - - MutilsBlob - *blob = NULL, - *plain_blob = NULL; - - EVP_CIPHER_CTX - cipher_ctx; - - HMAC_CTX - hmac_ctx; - - const EVP_MD - *sha256 = NULL; - - int - rc, - outlen1 = 0, - outlen2 = 0; - - unsigned int - hmac_len; - unsigned char - hmac_sha256[32]; + iv_16[16]; unsigned char *output = NULL; - unsigned int - blocksize = 16; + int + rc; + *outdata_len = 0; + memset(iv_16,0,16); log_debug("%s:%d - verifying input",MCFL); if (errbuf_len <= 0) { @@ -931,115 +765,26 @@ unsigned char *rncryptorc_encrypt_data_with_key(const unsigned char *indata, } memset(errbuf,0,errbuf_len); - if (indata == NULL) - { - (void)snprintf(errbuf,errbuf_len-1, - "Input data is NULL"); - goto ExitProcessing; - } - if (indata_len <= 0) - { - (void)snprintf(errbuf,errbuf_len-1,"Invalid input data length %d", - indata_len); - goto ExitProcessing; - } - ci = allocate_rncryptor_info(); - if (!ci) - { - goto ExitProcessing; - } - - /* - ** convert input data to our blob. We also can not free it until - ** encryption is done - */ - plain_blob = mutils_data_to_blob((unsigned char *)indata,indata_len); - log_debug("%s:%d - input data size %d bytes", - MCFL, - plain_blob->length); - CHECK_MALLOC(plain_blob); - ci->blob = plain_blob; - - /* - ** Encode the encrypted data. Memory will be re-allocated if needed. - */ - blob = mutils_allocate_blob(plain_blob->length); - CHECK_MALLOC(blob); - - /* version */ - mutils_write_blob_byte(blob,ci->version); - - /* options */ - ci->options = 0x00; - mutils_write_blob_byte(blob,ci->options); - - /* 16 byte iv */ - rc = RAND_bytes(ci->iv,16); + /* generate 16 byte iv */ + rc = RAND_bytes(iv_16,16); if (rc != 1) { - (void)snprintf(errbuf,errbuf_len-1, + (void)snprintf(errbuf,errbuf_len-1,"%s", "Could not generate secure random IV"); goto ExitProcessing; } - mutils_write_blob(blob,16,ci->iv); - - log_debug(":%s:%d - Encrypting,",MCFL); - - EVP_EncryptInit(&cipher_ctx,EVP_aes_256_cbc(),encr_key,ci->iv); - blocksize = EVP_CIPHER_CTX_block_size(&cipher_ctx); - log_debug("%s:%d - Block size: %ld",MCFL,blocksize); - /* allocate space for cipher text */ - ci->cipher_text_length = - plain_blob->length + blocksize - (plain_blob->length % blocksize); - ci->cipher_text = - (unsigned char *) malloc(ci->cipher_text_length * sizeof(unsigned char)); - CHECK_MALLOC(ci->cipher_text); - log_debug("%s:%d - Plain text length: %d",MCFL,plain_blob->length); - log_debug("%s:%d - Cipther text length: %d",MCFL,ci->cipher_text_length); - log_debug("%s:%d - Padding %d bytes", - MCFL,(ci->cipher_text_length - plain_blob->length)); - - EVP_EncryptUpdate(&cipher_ctx,ci->cipher_text, - &outlen1,plain_blob->data,plain_blob->length); - EVP_EncryptFinal(&cipher_ctx,ci->cipher_text + outlen1,&outlen2); - EVP_CIPHER_CTX_cleanup(&cipher_ctx); - - mutils_write_blob(blob,outlen1 + outlen2,ci->cipher_text); - - /* don't need plain blob anymore */ - mutils_destroy_blob(plain_blob); - plain_blob = NULL; + output = rncryptorc_encrypt_data_with_key_iv(indata, + indata_len, + kdf_iter, + encr_key, + hmac_key, + iv_16, + outdata_len, + errbuf, + errbuf_len); - /* calculate HMAC-SHA256 */ - sha256 = EVP_sha256(); - HMAC_CTX_init(&hmac_ctx); - HMAC_Init(&hmac_ctx,hmac_key,32,sha256); - HMAC_Update(&hmac_ctx,blob->data,blob->length); - HMAC_Final(&hmac_ctx,hmac_sha256,&hmac_len); - HMAC_CTX_cleanup(&hmac_ctx); - - mutils_write_blob(blob,hmac_len,hmac_sha256); - output = (unsigned char *)malloc(blob->length * sizeof(unsigned char)); - CHECK_MALLOC(output); - - memcpy(output,blob->data,blob->length); - *outdata_len = blob->length; ExitProcessing: - if (ci) - { - free_rncryptor_info(ci); - } - - if (plain_blob) - { - mutils_destroy_blob(plain_blob); - } - - if (blob) - { - mutils_destroy_blob(blob); - } return(output); } @@ -1057,8 +802,7 @@ unsigned char *rncryptorc_encrypt_data_with_key_iv(const unsigned char *indata, *ci = NULL; MutilsBlob - *blob = NULL, - *plain_blob = NULL; + *blob = NULL; EVP_CIPHER_CTX cipher_ctx; @@ -1086,7 +830,8 @@ unsigned char *rncryptorc_encrypt_data_with_key_iv(const unsigned char *indata, blocksize = 16; unsigned char - *ciphertext; + *ciphertext = NULL; + int ciphertext_length; @@ -1100,53 +845,30 @@ unsigned char *rncryptorc_encrypt_data_with_key_iv(const unsigned char *indata, } memset(errbuf,0,errbuf_len); - /* - if (indata == NULL) - { - (void)snprintf(errbuf,errbuf_len-1, - "Input data is NULL"); - goto ExitProcessing; - } - if (indata_len <= 0) - { - (void)snprintf(errbuf,errbuf_len-1,"Invalid input data length %d", - indata_len); - goto ExitProcessing; - } - */ - - ci = allocate_rncryptor_info(); - if (!ci) - { - goto ExitProcessing; - } - EVP_EncryptInit(&cipher_ctx,EVP_aes_256_cbc(),encr_key_32,iv_16); blocksize = EVP_CIPHER_CTX_block_size(&cipher_ctx); log_debug("%s:%d - Block size: %ld",MCFL,blocksize); - /* - ** convert input data to our blob. We also can not free it until - ** encryption is done - */ - if (indata == NULL) + if (indata == NULL && indata_len == 0) { - plain_blob = mutils_allocate_blob(blocksize); + /* memory will be re-allocated as needed */ + blob = mutils_allocate_blob(blocksize); } else { - plain_blob = mutils_data_to_blob((unsigned char *)indata,indata_len); + /* memory will be re-allocated as needed */ + blob = mutils_allocate_blob(indata_len); } + CHECK_MALLOC(blob); log_debug("%s:%d - input data size %d bytes", MCFL, - plain_blob->length); - CHECK_MALLOC(plain_blob); + indata_len); - /* - ** Encode the encrypted data. Memory will be re-allocated if needed. - */ - blob = mutils_allocate_blob(plain_blob->length); - CHECK_MALLOC(blob); + ci = allocate_rncryptor_info(); + if (!ci) + { + goto ExitProcessing; + } /* version */ mutils_write_blob_byte(blob,ci->version); @@ -1177,10 +899,6 @@ unsigned char *rncryptorc_encrypt_data_with_key_iv(const unsigned char *indata, mutils_write_blob(blob,outlen1 + outlen2,ciphertext); - /* don't need plain blob anymore */ - mutils_destroy_blob(plain_blob); - plain_blob = NULL; - /* calculate HMAC-SHA256 */ sha256 = EVP_sha256(); HMAC_CTX_init(&hmac_ctx); @@ -1201,36 +919,17 @@ unsigned char *rncryptorc_encrypt_data_with_key_iv(const unsigned char *indata, free_rncryptor_info(ci); } - if (plain_blob) - { - mutils_destroy_blob(plain_blob); - } - if (blob) { mutils_destroy_blob(blob); } + if (ciphertext) + { + (void) free((char *)ciphertext); + } return(output); } - -/* -** Takes pointer to an encrypted data and returns pointer to the decrypted -** data -** Parameters: -** -** Return Values: -** Pointer to decrypted data -** -** Side Effects: -** None -** Comments: -** Memory is allocated for the returned decrepted data. It is caller's -** responsibility to free it. -** -** Development History: -** muquit@muquit.com May-20-2015 - first cut -*/ unsigned char *rncryptorc_decrypt_data_with_password(const unsigned char *indata, int indata_len, int kdf_iter, @@ -1265,13 +964,13 @@ unsigned char *rncryptorc_decrypt_data_with_password(const unsigned char *indata if (indata == NULL) { - (void)snprintf(errbuf,errbuf_len-1, + (void)snprintf(errbuf,errbuf_len-1,"%s", "Input data is NULL"); goto ExitProcessing; } if (password == NULL || *password == '\0') { - (void)snprintf(errbuf,errbuf_len-1, + (void)snprintf(errbuf,errbuf_len-1,"%s", "Password is NULL"); goto ExitProcessing; } @@ -1300,7 +999,7 @@ unsigned char *rncryptorc_decrypt_data_with_password(const unsigned char *indata rc = verify_rncryptor_format(ci->version,ci->options); if (rc != SUCCESS) { - (void)snprintf(errbuf,errbuf_len-1, + (void)snprintf(errbuf,errbuf_len-1,"%s", "Unknown RNCryptor Data Format"); goto ExitProcessing; } @@ -1313,6 +1012,8 @@ unsigned char *rncryptorc_decrypt_data_with_password(const unsigned char *indata /* very hmac */ if (verify_hmac(ci,password,password_length) != SUCCESS) { + (void)snprintf(errbuf,errbuf_len-1,"%s", + "Could not verify HMAC"); goto ExitProcessing; } log_debug("%s:%d - HMAC verified",MCFL); @@ -1438,6 +1139,8 @@ unsigned char *rncryptorc_decrypt_data_with_key(const unsigned char *indata, */ if (verify_hmac(ci,NULL,0) != SUCCESS) { + (void)snprintf(errbuf,errbuf_len-1,"%s", + "Could not verify HMAC"); goto ExitProcessing; } log_debug("HMAC verified"); diff --git a/tests/test_with_test_vectors.c b/tests/test_with_test_vectors.c index d5fefcd..fecd7a1 100644 --- a/tests/test_with_test_vectors.c +++ b/tests/test_with_test_vectors.c @@ -1,12 +1,13 @@ /* ** WARNING: This file is auto generated. DO NOT MODIFY -** 2015-05-31 12:57:10 -0400 by GenVectorTests-C.rb +** 2015-06-01 13:13:58 -0400 by GenVectorTests-C.rb */ #include "rncryptor_c.h" #include "mutils.h" /* ** Part of RNCryptor-C. Code for testing RNCryptor's test vectors +** Note: No memory is freed. mutils_hex_to_bin() allocates memory. ** This block of code comes from verify.c */ /************** block starts ******************/ diff --git a/tests/verify.c b/tests/verify.c index 61545c7..bac7cc6 100644 --- a/tests/verify.c +++ b/tests/verify.c @@ -3,6 +3,7 @@ /* ** Part of RNCryptor-C. Code for testing RNCryptor's test vectors +** Note: No memory is freed. mutils_hex_to_bin() allocates memory. ** This block of code comes from verify.c */ /************** block starts ******************/ diff --git a/tests/vg.sh b/tests/vg.sh index f365ce9..18b75a5 100755 --- a/tests/vg.sh +++ b/tests/vg.sh @@ -3,5 +3,5 @@ # muquit@muquit.com May-24-2015 VALGRIND_LOG=/tmp/vg.log /bin/rm -f VALGRIND_LOG -VALGRIND="valgrind -v --tool=memcheck --leak-check=yes --error-limit=yes --log-file=$VALGRIND_LOG" +VALGRIND="valgrind -v --track-origins=yes --tool=memcheck --leak-check=yes --error-limit=yes --log-file=$VALGRIND_LOG" $VALGRIND ${1+"$@"} From a1b6ac53e731381519e3ffa97d38f02bcaa8cf28 Mon Sep 17 00:00:00 2001 From: muquit Date: Mon, 1 Jun 2015 17:23:08 -0400 Subject: [PATCH 2/3] cleanup --- Changelog.asc | 3 ++- README.asc | 2 +- rncryptor_c.c | 1 + rncryptor_c.h | 10 +++++----- tests/test_with_test_vectors.c | 2 +- 5 files changed, 10 insertions(+), 8 deletions(-) diff --git a/Changelog.asc b/Changelog.asc index 459f43b..5fa6c66 100644 --- a/Changelog.asc +++ b/Changelog.asc @@ -1,7 +1,8 @@ = ChangeLog file for RNCryptor-C = v1.03 -* Removed duplicate code, now uses less memory. Lots of Code cleanup. +* Uses less memory, removed duplicate code. Lots of Code cleanup. +* Updated RNCryptor-C link (Jun-01-2015) diff --git a/README.asc b/README.asc index 184a016..4bc349f 100755 --- a/README.asc +++ b/README.asc @@ -672,7 +672,7 @@ int rncryptorc_write_file(const char *outfile_path,const unsigned char *data,int ** ** Parameters: ** d Debug value. 1 or 0. To print the debug messages to stdout, -** call the funtion with 1 before calling any API +** call the function with 1 before calling any API ** ** Return Values: ** None diff --git a/rncryptor_c.c b/rncryptor_c.c index 9ec55b4..7516d6b 100644 --- a/rncryptor_c.c +++ b/rncryptor_c.c @@ -309,6 +309,7 @@ static RNCryptorInfo *decode_encrypted_blob(MutilsBlob *blob) /* version */ ci->version = mutils_read_blob_byte(blob); + /* update code when version changes */ if (ci->version != RNCRYPTOR_DATA_FORMAT_VERSION) { log_err("Error: Unsupported RNCryptor data format version %02x",ci->version); diff --git a/rncryptor_c.h b/rncryptor_c.h index 4b65965..84babbe 100644 --- a/rncryptor_c.h +++ b/rncryptor_c.h @@ -10,7 +10,7 @@ format specificatoin v 3. RNCryptor homepage: https://github.com/RNCryptor/RNCryptor - RNCryptor-C homepage: https://github.com/muquit/RNCryptor-C + RNCryptor-C homepage: https://github.com/RNCryptor/RNCryptor-C */ @@ -28,12 +28,12 @@ #define MCFL __FILE__,__LINE__ #define MJL __LINE__ -#define RNCRYPTORC_VERSION_S "1.01" +#define RNCRYPTORC_VERSION_S "1.03" #define RNCRYPTOR_DATA_FORMAT_VERSION 0x03 #define RNCRYPTOR3_KDF_ITER 10000 #define RNCRYPTOR_URL "https://github.com/RNCryptor/RNCryptor" -#define RNCRYPTORC_URL "https://github.com/muquit/RNCryptor-C" +#define RNCRYPTORC_URL "https://github.com/RNCryptor/RNCryptor-C" #define SUCCESS 0x00 #define FAILURE 0x01 @@ -138,14 +138,14 @@ #include #include -/* latest documentation: http://localhost:47899/index.html#apis */ +/* latest documentation is online: https://github.com/RNCryptor/RNCryptor-C */ /* ** Turn on/off debug messages. Default is off ** ** Parameters: ** d Debug value. 1 or 0. To print the debug messages to stdout, -** call the funtion with 1 before calling any API +** call the function with 1 before calling any API ** ** Return Values: ** None diff --git a/tests/test_with_test_vectors.c b/tests/test_with_test_vectors.c index fecd7a1..f1839e1 100644 --- a/tests/test_with_test_vectors.c +++ b/tests/test_with_test_vectors.c @@ -1,6 +1,6 @@ /* ** WARNING: This file is auto generated. DO NOT MODIFY -** 2015-06-01 13:13:58 -0400 by GenVectorTests-C.rb +** 2015-06-01 17:21:54 -0400 by GenVectorTests-C.rb */ #include "rncryptor_c.h" #include "mutils.h" From 5b2322bff6423d84c64c71eeccee122129665f7d Mon Sep 17 00:00:00 2001 From: muquit Date: Mon, 1 Jun 2015 20:01:43 -0400 Subject: [PATCH 3/3] no change --- Makefile | 4 ++-- tests/test_with_test_vectors.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index d254a43..f2deffa 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ srcdir = . top_srcdir = . CC= gcc -DEFS= -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STRING_H=1 -DHAVE_STRINGS_H=1 -DHAVE_MEMORY_H=1 -DHAVE_MALLOC_H=1 -DHAVE_UNISTD_H=1 -DHAVE_CTYPE_H=1 -DHAVE_STDINT_H=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_STDLIB_H=1 -DHAVE_FCNTL_H=1 -DHAVE_SYS_FILE_H=1 -DHAVE_LIMITS_H=1 -DHAVE_RAND_R=1 -DHAVE_SOCKET=1 -DHAVE_GETADDRINFO=1 -DSIZEOF_VOID_P=4 -DHAVE_OPENSSL=1 -DUNIX +DEFS= -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_STRING_H=1 -DHAVE_STRINGS_H=1 -DHAVE_MEMORY_H=1 -DHAVE_UNISTD_H=1 -DHAVE_CTYPE_H=1 -DHAVE_STDINT_H=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_STDLIB_H=1 -DHAVE_FCNTL_H=1 -DHAVE_SYS_FILE_H=1 -DHAVE_LIMITS_H=1 -DHAVE_SYS_SYSLIMITS_H=1 -DHAVE_RAND_R=1 -DHAVE_SOCKET=1 -DHAVE_GETADDRINFO=1 -DSIZEOF_VOID_P=8 -DHAVE_OPENSSL=1 -DUNIX AR= /usr/bin/ar ARFLAGS = cruv RANLIB= ranlib @@ -43,7 +43,7 @@ INCLUDES= -I. $(OPENSSL_INC) DEFINES= $(INCLUDES) $(DEFS) -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 \ -DHAVE_MATH_H=1 -CFLAGS= -g -Wall $(DEFINES) +CFLAGS= -g -O2 -Wall $(DEFINES) LIBS=$(LIBNAME) $(OPENSSL_LIBS) SRCS = rncryptor_c.c mutils.c diff --git a/tests/test_with_test_vectors.c b/tests/test_with_test_vectors.c index f1839e1..a2a5e6a 100644 --- a/tests/test_with_test_vectors.c +++ b/tests/test_with_test_vectors.c @@ -1,6 +1,6 @@ /* ** WARNING: This file is auto generated. DO NOT MODIFY -** 2015-06-01 17:21:54 -0400 by GenVectorTests-C.rb +** 2015-06-01 19:54:34 -0400 by GenVectorTests-C.rb */ #include "rncryptor_c.h" #include "mutils.h"