1299425Smm/*- 2299425Smm* Copyright (c) 2014 Michihiro NAKAJIMA 3299425Smm* All rights reserved. 4299425Smm* 5299425Smm* Redistribution and use in source and binary forms, with or without 6299425Smm* modification, are permitted provided that the following conditions 7299425Smm* are met: 8299425Smm* 1. Redistributions of source code must retain the above copyright 9299425Smm* notice, this list of conditions and the following disclaimer. 10299425Smm* 2. Redistributions in binary form must reproduce the above copyright 11299425Smm* notice, this list of conditions and the following disclaimer in the 12299425Smm* documentation and/or other materials provided with the distribution. 13299425Smm* 14299425Smm* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 15299425Smm* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16299425Smm* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17299425Smm* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 18299425Smm* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19299425Smm* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20299425Smm* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21299425Smm* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22299425Smm* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23299425Smm* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24299425Smm*/ 25299425Smm 26358090Smm#ifndef ARCHIVE_CRYPTOR_PRIVATE_H_INCLUDED 27358090Smm#define ARCHIVE_CRYPTOR_PRIVATE_H_INCLUDED 28358090Smm 29299425Smm#ifndef __LIBARCHIVE_BUILD 30299425Smm#error This header is only to be used internally to libarchive. 31299425Smm#endif 32299425Smm/* 33299425Smm * On systems that do not support any recognized crypto libraries, 34299425Smm * the archive_cryptor.c file will normally define no usable symbols. 35299425Smm * 36299425Smm * But some compilers and linkers choke on empty object files, so 37299425Smm * define a public symbol that will always exist. This could 38299425Smm * be removed someday if this file gains another always-present 39299425Smm * symbol definition. 40299425Smm */ 41299425Smmint __libarchive_cryptor_build_hack(void); 42299425Smm 43299425Smm#ifdef __APPLE__ 44299425Smm# include <AvailabilityMacros.h> 45299425Smm# if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080 46299425Smm# define ARCHIVE_CRYPTOR_USE_Apple_CommonCrypto 47299425Smm# endif 48299425Smm#endif 49299425Smm 50299425Smm#ifdef ARCHIVE_CRYPTOR_USE_Apple_CommonCrypto 51299425Smm#include <CommonCrypto/CommonCryptor.h> 52299425Smm#include <CommonCrypto/CommonKeyDerivation.h> 53299425Smm#define AES_BLOCK_SIZE 16 54299425Smm#define AES_MAX_KEY_SIZE kCCKeySizeAES256 55299425Smm 56299425Smmtypedef struct { 57299425Smm CCCryptorRef ctx; 58299425Smm uint8_t key[AES_MAX_KEY_SIZE]; 59299425Smm unsigned key_len; 60299425Smm uint8_t nonce[AES_BLOCK_SIZE]; 61299425Smm uint8_t encr_buf[AES_BLOCK_SIZE]; 62299425Smm unsigned encr_pos; 63299425Smm} archive_crypto_ctx; 64299425Smm 65299425Smm#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) 66322072Smm#include <bcrypt.h> 67299425Smm 68299425Smm/* Common in other bcrypt implementations, but missing from VS2008. */ 69299425Smm#ifndef BCRYPT_SUCCESS 70299425Smm#define BCRYPT_SUCCESS(r) ((NTSTATUS)(r) == STATUS_SUCCESS) 71299425Smm#endif 72299425Smm 73299425Smm#define AES_MAX_KEY_SIZE 32 74299425Smm#define AES_BLOCK_SIZE 16 75299425Smmtypedef struct { 76299425Smm BCRYPT_ALG_HANDLE hAlg; 77299425Smm BCRYPT_KEY_HANDLE hKey; 78299425Smm PBYTE keyObj; 79299425Smm DWORD keyObj_len; 80299425Smm uint8_t nonce[AES_BLOCK_SIZE]; 81299425Smm uint8_t encr_buf[AES_BLOCK_SIZE]; 82299425Smm unsigned encr_pos; 83299425Smm} archive_crypto_ctx; 84299425Smm 85358090Smm#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_AES_H) 86358090Smm#include <mbedtls/aes.h> 87358090Smm#include <mbedtls/md.h> 88358090Smm#include <mbedtls/pkcs5.h> 89358090Smm 90358090Smm#define AES_MAX_KEY_SIZE 32 91358090Smm#define AES_BLOCK_SIZE 16 92358090Smm 93358090Smmtypedef struct { 94358090Smm mbedtls_aes_context ctx; 95358090Smm uint8_t key[AES_MAX_KEY_SIZE]; 96358090Smm unsigned key_len; 97358090Smm uint8_t nonce[AES_BLOCK_SIZE]; 98358090Smm uint8_t encr_buf[AES_BLOCK_SIZE]; 99358090Smm unsigned encr_pos; 100358090Smm} archive_crypto_ctx; 101358090Smm 102299425Smm#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_AES_H) 103299425Smm#if defined(HAVE_NETTLE_PBKDF2_H) 104299425Smm#include <nettle/pbkdf2.h> 105299425Smm#endif 106299425Smm#include <nettle/aes.h> 107368708Smm#include <nettle/version.h> 108299425Smm 109299425Smmtypedef struct { 110368708Smm#if NETTLE_VERSION_MAJOR < 3 111299425Smm struct aes_ctx ctx; 112368708Smm#else 113368708Smm union { 114368708Smm struct aes128_ctx c128; 115368708Smm struct aes192_ctx c192; 116368708Smm struct aes256_ctx c256; 117368708Smm } ctx; 118368708Smm#endif 119299425Smm uint8_t key[AES_MAX_KEY_SIZE]; 120299425Smm unsigned key_len; 121299425Smm uint8_t nonce[AES_BLOCK_SIZE]; 122299425Smm uint8_t encr_buf[AES_BLOCK_SIZE]; 123299425Smm unsigned encr_pos; 124299425Smm} archive_crypto_ctx; 125299425Smm 126299425Smm#elif defined(HAVE_LIBCRYPTO) 127311042Smm#include "archive_openssl_evp_private.h" 128299425Smm#define AES_BLOCK_SIZE 16 129299425Smm#define AES_MAX_KEY_SIZE 32 130299425Smm 131299425Smmtypedef struct { 132311042Smm EVP_CIPHER_CTX *ctx; 133299425Smm const EVP_CIPHER *type; 134299425Smm uint8_t key[AES_MAX_KEY_SIZE]; 135299425Smm unsigned key_len; 136299425Smm uint8_t nonce[AES_BLOCK_SIZE]; 137299425Smm uint8_t encr_buf[AES_BLOCK_SIZE]; 138299425Smm unsigned encr_pos; 139299425Smm} archive_crypto_ctx; 140299425Smm 141299425Smm#else 142299425Smm 143299425Smm#define AES_BLOCK_SIZE 16 144299425Smm#define AES_MAX_KEY_SIZE 32 145299425Smmtypedef int archive_crypto_ctx; 146299425Smm 147299425Smm#endif 148299425Smm 149299425Smm/* defines */ 150299425Smm#define archive_pbkdf2_sha1(pw, pw_len, salt, salt_len, rounds, dk, dk_len)\ 151299425Smm __archive_cryptor.pbkdf2sha1(pw, pw_len, salt, salt_len, rounds, dk, dk_len) 152299425Smm 153299425Smm#define archive_decrypto_aes_ctr_init(ctx, key, key_len) \ 154299425Smm __archive_cryptor.decrypto_aes_ctr_init(ctx, key, key_len) 155299425Smm#define archive_decrypto_aes_ctr_update(ctx, in, in_len, out, out_len) \ 156299425Smm __archive_cryptor.decrypto_aes_ctr_update(ctx, in, in_len, out, out_len) 157299425Smm#define archive_decrypto_aes_ctr_release(ctx) \ 158299425Smm __archive_cryptor.decrypto_aes_ctr_release(ctx) 159299425Smm 160299425Smm#define archive_encrypto_aes_ctr_init(ctx, key, key_len) \ 161299425Smm __archive_cryptor.encrypto_aes_ctr_init(ctx, key, key_len) 162299425Smm#define archive_encrypto_aes_ctr_update(ctx, in, in_len, out, out_len) \ 163299425Smm __archive_cryptor.encrypto_aes_ctr_update(ctx, in, in_len, out, out_len) 164299425Smm#define archive_encrypto_aes_ctr_release(ctx) \ 165299425Smm __archive_cryptor.encrypto_aes_ctr_release(ctx) 166299425Smm 167299425Smm/* Minimal interface to cryptographic functionality for internal use in 168299425Smm * libarchive */ 169299425Smmstruct archive_cryptor 170299425Smm{ 171299425Smm /* PKCS5 PBKDF2 HMAC-SHA1 */ 172299425Smm int (*pbkdf2sha1)(const char *pw, size_t pw_len, const uint8_t *salt, 173299425Smm size_t salt_len, unsigned rounds, uint8_t *derived_key, 174299425Smm size_t derived_key_len); 175299425Smm /* AES CTR mode(little endian version) */ 176299425Smm int (*decrypto_aes_ctr_init)(archive_crypto_ctx *, const uint8_t *, size_t); 177299425Smm int (*decrypto_aes_ctr_update)(archive_crypto_ctx *, const uint8_t *, 178299425Smm size_t, uint8_t *, size_t *); 179299425Smm int (*decrypto_aes_ctr_release)(archive_crypto_ctx *); 180299425Smm int (*encrypto_aes_ctr_init)(archive_crypto_ctx *, const uint8_t *, size_t); 181299425Smm int (*encrypto_aes_ctr_update)(archive_crypto_ctx *, const uint8_t *, 182299425Smm size_t, uint8_t *, size_t *); 183299425Smm int (*encrypto_aes_ctr_release)(archive_crypto_ctx *); 184299425Smm}; 185299425Smm 186299425Smmextern const struct archive_cryptor __archive_cryptor; 187299425Smm 188299425Smm#endif 189