Peter Qiu | c0beca5 | 2015-09-03 11:25:46 -0700 | [diff] [blame] | 1 | // |
| 2 | // Copyright (C) 2012 The Android Open Source Project |
| 3 | // |
| 4 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | // you may not use this file except in compliance with the License. |
| 6 | // You may obtain a copy of the License at |
| 7 | // |
| 8 | // http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | // |
| 10 | // Unless required by applicable law or agreed to in writing, software |
| 11 | // distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | // See the License for the specific language governing permissions and |
| 14 | // limitations under the License. |
| 15 | // |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 16 | |
| 17 | #include "shill/crypto_des_cbc.h" |
| 18 | |
| 19 | #include <rpc/des_crypt.h> |
| 20 | |
Ben Chan | 11c213f | 2014-09-05 08:21:06 -0700 | [diff] [blame] | 21 | #include <base/files/file_util.h> |
Ben Chan | a0ddf46 | 2014-02-06 11:32:42 -0800 | [diff] [blame] | 22 | #include <base/strings/string_util.h> |
Alex Vakulenko | 03e6719 | 2015-10-13 09:02:34 -0700 | [diff] [blame] | 23 | #include <brillo/data_encoding.h> |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 24 | |
Albert Chaulk | 0e1cdea | 2013-02-27 15:32:55 -0800 | [diff] [blame] | 25 | using base::FilePath; |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 26 | using std::string; |
| 27 | using std::vector; |
| 28 | |
| 29 | namespace shill { |
| 30 | |
Eric Shienbrood | c74cf9c | 2012-03-02 15:00:35 -0500 | [diff] [blame] | 31 | const unsigned int CryptoDESCBC::kBlockSize = 8; |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 32 | const char CryptoDESCBC::kID[] = "des-cbc"; |
| 33 | const char CryptoDESCBC::kSentinel[] = "[ok]"; |
| 34 | const char CryptoDESCBC::kVersion2Prefix[] = "02:"; |
| 35 | |
mukesh agrawal | d887589 | 2015-08-14 15:28:05 -0700 | [diff] [blame] | 36 | CryptoDESCBC::CryptoDESCBC() {} |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 37 | |
| 38 | string CryptoDESCBC::GetID() { |
| 39 | return kID; |
| 40 | } |
| 41 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 42 | bool CryptoDESCBC::Encrypt(const string& plaintext, string* ciphertext) { |
Darin Petkov | 7326cd8 | 2012-03-30 11:02:01 +0200 | [diff] [blame] | 43 | // Never encrypt. We'll fall back to rot47 which doesn't depend on |
| 44 | // the owner key which may change due to rotation. |
| 45 | return false; |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 46 | } |
| 47 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 48 | bool CryptoDESCBC::Decrypt(const string& ciphertext, string* plaintext) { |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 49 | CHECK_EQ(kBlockSize, key_.size()); |
| 50 | CHECK_EQ(kBlockSize, iv_.size()); |
| 51 | int version = 1; |
| 52 | string b64_ciphertext = ciphertext; |
Alex Vakulenko | 3a62e23 | 2016-01-20 07:47:40 -0800 | [diff] [blame] | 53 | if (base::StartsWith(ciphertext, kVersion2Prefix, |
| 54 | base::CompareCase::SENSITIVE)) { |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 55 | version = 2; |
| 56 | b64_ciphertext.erase(0, strlen(kVersion2Prefix)); |
| 57 | } |
| 58 | |
Christopher Wiley | 0f3eab3 | 2013-03-21 11:55:41 -0700 | [diff] [blame] | 59 | string decoded_data; |
Alex Vakulenko | 03e6719 | 2015-10-13 09:02:34 -0700 | [diff] [blame] | 60 | if (!brillo::data_encoding::Base64Decode(b64_ciphertext, &decoded_data)) { |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 61 | LOG(ERROR) << "Unable to base64-decode DEC-CBC ciphertext."; |
| 62 | return false; |
| 63 | } |
| 64 | |
Christopher Wiley | 0f3eab3 | 2013-03-21 11:55:41 -0700 | [diff] [blame] | 65 | vector<char> data(decoded_data.c_str(), |
| 66 | decoded_data.c_str() + decoded_data.length()); |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 67 | if (data.empty() || (data.size() % kBlockSize != 0)) { |
| 68 | LOG(ERROR) << "Invalid DES-CBC ciphertext size: " << data.size(); |
| 69 | return false; |
| 70 | } |
| 71 | |
| 72 | // The IV is modified in place. |
| 73 | vector<char> iv = iv_; |
| 74 | int rv = |
| 75 | cbc_crypt(key_.data(), data.data(), data.size(), DES_DECRYPT, iv.data()); |
| 76 | if (DES_FAILED(rv)) { |
| 77 | LOG(ERROR) << "DES-CBC decryption failed."; |
| 78 | return false; |
| 79 | } |
| 80 | if (data.back() != '\0') { |
| 81 | LOG(ERROR) << "DEC-CBC decryption resulted in invalid plain text."; |
| 82 | return false; |
| 83 | } |
| 84 | string text = data.data(); |
| 85 | if (version == 2) { |
Alex Vakulenko | 3a62e23 | 2016-01-20 07:47:40 -0800 | [diff] [blame] | 86 | if (!base::EndsWith(text, kSentinel, base::CompareCase::SENSITIVE)) { |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 87 | LOG(ERROR) << "DES-CBC decrypted text missing sentinel -- bad key?"; |
| 88 | return false; |
| 89 | } |
| 90 | text.erase(text.size() - strlen(kSentinel), strlen(kSentinel)); |
| 91 | } |
| 92 | *plaintext = text; |
| 93 | return true; |
| 94 | } |
| 95 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 96 | bool CryptoDESCBC::LoadKeyMatter(const FilePath& path) { |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 97 | key_.clear(); |
| 98 | iv_.clear(); |
| 99 | string matter; |
| 100 | // TODO(petkov): This mimics current flimflam behavior. Fix it so that it |
| 101 | // doesn't read the whole file. |
Ben Chan | a0ddf46 | 2014-02-06 11:32:42 -0800 | [diff] [blame] | 102 | if (!base::ReadFileToString(path, &matter)) { |
Darin Petkov | 823c47e | 2011-06-27 16:15:35 -0700 | [diff] [blame] | 103 | LOG(ERROR) << "Unable to load key matter from " << path.value(); |
| 104 | return false; |
| 105 | } |
| 106 | if (matter.size() < 2 * kBlockSize) { |
| 107 | LOG(ERROR) << "Key matter data not enough " << matter.size() << " < " |
| 108 | << 2 * kBlockSize; |
| 109 | return false; |
| 110 | } |
| 111 | string::const_iterator matter_start = |
| 112 | matter.begin() + (matter.size() - 2 * kBlockSize); |
| 113 | key_.assign(matter_start + kBlockSize, matter_start + 2 * kBlockSize); |
| 114 | iv_.assign(matter_start, matter_start + kBlockSize); |
| 115 | return true; |
| 116 | } |
| 117 | |
| 118 | } // namespace shill |