Ticket #59011: patch-dmg2img-partof-openssl111-fix-evp-part.diff
| File patch-dmg2img-partof-openssl111-fix-evp-part.diff, 4.0 KB (added by kencu (Ken), 5 years ago) |
|---|
-
vfdecrypt.c
old new 212 212 /* DES3-EDE unwrap operation loosely based on to RFC 2630, section 12.6 213 213 * wrapped_key has to be 40 bytes in length. */ 214 214 int apple_des3_ede_unwrap_key(uint8_t *wrapped_key, int wrapped_key_len, uint8_t *decryptKey, uint8_t *unwrapped_key) { 215 EVP_CIPHER_CTX ctx;215 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); 216 216 uint8_t *TEMP1, *TEMP2, *CEKICV; 217 217 uint8_t IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; 218 218 int outlen, tmplen, i; 219 219 220 EVP_CIPHER_CTX_init( &ctx);220 EVP_CIPHER_CTX_init(ctx); 221 221 /* result of the decryption operation shouldn't be bigger than ciphertext */ 222 222 TEMP1 = malloc(wrapped_key_len); 223 223 TEMP2 = malloc(wrapped_key_len); 224 224 CEKICV = malloc(wrapped_key_len); 225 225 /* uses PKCS#7 padding for symmetric key operations by default */ 226 EVP_DecryptInit_ex( &ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);226 EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV); 227 227 228 if(!EVP_DecryptUpdate( &ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) {228 if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) { 229 229 fprintf(stderr, "internal error (1) during key unwrap operation!\n"); 230 230 return(-1); 231 231 } 232 if(!EVP_DecryptFinal_ex( &ctx, TEMP1 + outlen, &tmplen)) {232 if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) { 233 233 fprintf(stderr, "internal error (2) during key unwrap operation!\n"); 234 234 return(-1); 235 235 } 236 236 outlen += tmplen; 237 EVP_CIPHER_CTX_cleanup( &ctx);237 EVP_CIPHER_CTX_cleanup(ctx); 238 238 239 239 /* reverse order of TEMP3 */ 240 240 for(i = 0; i < outlen; i++) TEMP2[i] = TEMP1[outlen - i - 1]; 241 241 242 EVP_CIPHER_CTX_init( &ctx);242 EVP_CIPHER_CTX_init(ctx); 243 243 /* uses PKCS#7 padding for symmetric key operations by default */ 244 EVP_DecryptInit_ex( &ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);245 if(!EVP_DecryptUpdate( &ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) {244 EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2); 245 if(!EVP_DecryptUpdate(ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) { 246 246 fprintf(stderr, "internal error (3) during key unwrap operation!\n"); 247 247 return(-1); 248 248 } 249 if(!EVP_DecryptFinal_ex( &ctx, CEKICV + outlen, &tmplen)) {249 if(!EVP_DecryptFinal_ex(ctx, CEKICV + outlen, &tmplen)) { 250 250 fprintf(stderr, "internal error (4) during key unwrap operation!\n"); 251 251 return(-1); 252 252 } 253 253 254 254 outlen += tmplen; 255 EVP_CIPHER_CTX_cleanup( &ctx);255 EVP_CIPHER_CTX_cleanup(ctx); 256 256 257 257 memcpy(unwrapped_key, CEKICV+4, outlen-4); 258 258 free(TEMP1); … … 279 279 int unwrap_v2_header(char *passphrase, cencrypted_v2_pwheader *header, uint8_t *aes_key, uint8_t *hmacsha1_key) { 280 280 /* derived key is a 3DES-EDE key */ 281 281 uint8_t derived_key[192/8]; 282 EVP_CIPHER_CTX ctx;282 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();; 283 283 uint8_t *TEMP1; 284 284 int outlen, tmplen; 285 285 … … 288 288 289 289 print_hex(derived_key, 192/8); 290 290 291 EVP_CIPHER_CTX_init( &ctx);291 EVP_CIPHER_CTX_init(ctx); 292 292 /* result of the decryption operation shouldn't be bigger than ciphertext */ 293 293 TEMP1 = malloc(header->encrypted_keyblob_size); 294 294 /* uses PKCS#7 padding for symmetric key operations by default */ 295 EVP_DecryptInit_ex( &ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv);295 EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv); 296 296 297 if(!EVP_DecryptUpdate( &ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) {297 if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) { 298 298 fprintf(stderr, "internal error (1) during key unwrap operation!\n"); 299 299 return(-1); 300 300 } 301 if(!EVP_DecryptFinal_ex( &ctx, TEMP1 + outlen, &tmplen)) {301 if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) { 302 302 fprintf(stderr, "internal error (2) during key unwrap operation!\n"); 303 303 return(-1); 304 304 } 305 305 outlen += tmplen; 306 EVP_CIPHER_CTX_cleanup( &ctx);306 EVP_CIPHER_CTX_cleanup(ctx); 307 307 memcpy(aes_key, TEMP1, 16); 308 308 memcpy(hmacsha1_key, TEMP1, 20); 309 309