purr-c/encrypt.c

#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
#include <unistd.h>
#include <sys/random.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/types.h>

#include "libbaseencode/baseencode.h"

#include "purr.h"

/*
 * This function takes an mmap_file struct, and creates an encrypted buffer from it.
 * The created file is passed to an atexit function so it can be deleted automatically.
 * Args:
 *   file: mmap_file for the input file
 *   keyp: will receive the newly generated random key
 *   ivp: will receive the newly generated random IV (if enabled in purr.h)
 */
struct mmap_file encrypt_mmap(struct mmap_file file, uint8_t **keyp, uint8_t **ivp)
{
    off_t file_size = file.size;
    ssize_t blocks = file_size / br_aes_big_BLOCK_SIZE;
    if (blocks * br_aes_big_BLOCK_SIZE < file_size) blocks++;
    file_size = blocks * br_aes_big_BLOCK_SIZE;

    struct mmap_file rv =
        {.size = file_size, .prot = PROT_WRITE | PROT_READ, .flags = MAP_ANONYMOUS | MAP_PRIVATE};

    uint8_t *key = calloc(KEY_LEN, 1);
    uint8_t *iv = calloc(IV_LEN, 1);
    uint8_t *iv_throwaway = calloc(IV_LEN, 1);
    if (key == NULL || iv == NULL || iv_throwaway == NULL) {
        perror("allocation failure");
        return rv;
    }

    ssize_t err = getrandom(key, KEY_LEN, 0);
    //ssize_t err = KEY_LEN;
    if (err != KEY_LEN) {
        fputs("getrandom() error!\n", stderr);
        return rv;
    }
    #ifdef RANDOMIZE_IV
    err = getrandom(iv, IV_LEN, 0);
    memcpy(iv_throwaway, iv, IV_LEN);
    if (err != IV_LEN) {
        fputs("getrandom() error!\n", stderr);
        return rv;
    }
    #endif /* RANDOMIZE_IV */

    rv.data = mmap(NULL, rv.size, rv.prot, rv.flags, -1, 0);
    if (ERROR_MMAP(rv)) {
        perror("mmap()");
        return rv;
    }

    memcpy(rv.data, file.data, file.size);
    ssize_t i = 0;
    for (; i < (file_size - file.size); i++) {
        rv.data[file.size + i] = file.data[file.size + i];
    }
    memset(rv.data, 0, (file_size - file.size - i));

    br_aes_big_cbcenc_keys br = { 0 };
    br_aes_big_cbcenc_init(&br, key, KEY_LEN);
    br_aes_big_cbcenc_run(&br, iv_throwaway, rv.data, file_size);

    #ifdef ENCODE_BASE_64
    baseencode_error_t berr;
    const char *data = base64_encode(rv.data, rv.size, &berr);
    if (data == NULL || berr != SUCCESS) {
        fprintf(stderr, "base64_encode(): error code %d\n", berr);
        // TODO: returns good rv
        return rv;
    }
    size_t len = strlen(data);
    struct mmap_file rv_64 =
        {.size = len, .prot = PROT_WRITE | PROT_READ, .flags = MAP_ANONYMOUS | MAP_PRIVATE};
    rv_64.data = mmap(NULL, rv_64.size, rv_64.prot, rv_64.flags, -1, 0);
    if (ERROR_MMAP(rv_64)) {
        perror("mmap()");
        // TODO: returns good rv
        return rv;
    }
    memcpy(rv_64.data, data, len);
    munmap(rv.data, rv.size);
    rv = rv_64;
    #endif /* ENCODE_BASE_64 */

    munmap(file.data, file.size);

    // pass pointers to caller
    *keyp  = key;
    *ivp = iv;

    return rv;
}
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`#include <stdio.h>`
			`#include <stdlib.h>`
			`#include <fcntl.h>`
			`#include <unistd.h>`
			`#include <sys/random.h>`
			`#include <sys/mman.h>`
			`#include <sys/stat.h>`
			`#include <sys/types.h>`

Fix encryption function. Fix pointer parameters as function returns. Add file clean-up as an atexit functionality. 2020-09-12 23:06:39 -05:00			`#include "libbaseencode/baseencode.h"`

Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`#include "purr.h"`

Fix encryption function. Fix pointer parameters as function returns. Add file clean-up as an atexit functionality. 2020-09-12 23:06:39 -05:00			`/*`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`* This function takes an mmap_file struct, and creates an encrypted buffer from it.`
Fix encryption function. Fix pointer parameters as function returns. Add file clean-up as an atexit functionality. 2020-09-12 23:06:39 -05:00			`* The created file is passed to an atexit function so it can be deleted automatically.`
			`* Args:`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`* file: mmap_file for the input file`
Fix encryption function. Fix pointer parameters as function returns. Add file clean-up as an atexit functionality. 2020-09-12 23:06:39 -05:00			`* keyp: will receive the newly generated random key`
			`* ivp: will receive the newly generated random IV (if enabled in purr.h)`
			`*/`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`struct mmap_file encrypt_mmap(struct mmap_file file, uint8_t keyp, uint8_t ivp)`
Fix encryption function. Fix pointer parameters as function returns. Add file clean-up as an atexit functionality. 2020-09-12 23:06:39 -05:00			`{`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`off_t file_size = file.size;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`ssize_t blocks = file_size / br_aes_big_BLOCK_SIZE;`
			`if (blocks * br_aes_big_BLOCK_SIZE < file_size) blocks++;`
			`file_size = blocks * br_aes_big_BLOCK_SIZE;`

Enable encrypted pastes properly. Add base64 encoding per the pattern expected by the web interface. Fix some pointers and file size things in purr/files. TODO: files are cut off at random points, despite the efforts to remove verification of null characters in libbaseencode. 2020-09-13 16:05:43 -05:00			`struct mmap_file rv =`
			`{.size = file_size, .prot = PROT_WRITE \| PROT_READ, .flags = MAP_ANONYMOUS \| MAP_PRIVATE};`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00
Fix encryption function. Fix pointer parameters as function returns. Add file clean-up as an atexit functionality. 2020-09-12 23:06:39 -05:00			`uint8_t *key = calloc(KEY_LEN, 1);`
			`uint8_t *iv = calloc(IV_LEN, 1);`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`uint8_t *iv_throwaway = calloc(IV_LEN, 1);`
			`if (key == NULL \|\| iv == NULL \|\| iv_throwaway == NULL) {`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`perror("allocation failure");`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`return rv;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`}`

			`ssize_t err = getrandom(key, KEY_LEN, 0);`
Enable IV randomization. 2020-09-13 16:08:52 -05:00			`//ssize_t err = KEY_LEN;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`if (err != KEY_LEN) {`
			`fputs("getrandom() error!\n", stderr);`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`return rv;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`}`
Enable IV randomization. 2020-09-13 16:08:52 -05:00			`#ifdef RANDOMIZE_IV`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`err = getrandom(iv, IV_LEN, 0);`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`memcpy(iv_throwaway, iv, IV_LEN);`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`if (err != IV_LEN) {`
			`fputs("getrandom() error!\n", stderr);`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`return rv;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`}`
Enable IV randomization. 2020-09-13 16:08:52 -05:00			`#endif /* RANDOMIZE_IV */`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00
Enable encrypted pastes properly. Add base64 encoding per the pattern expected by the web interface. Fix some pointers and file size things in purr/files. TODO: files are cut off at random points, despite the efforts to remove verification of null characters in libbaseencode. 2020-09-13 16:05:43 -05:00			`rv.data = mmap(NULL, rv.size, rv.prot, rv.flags, -1, 0);`
			`if (ERROR_MMAP(rv)) {`
			`perror("mmap()");`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`return rv;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`}`

Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`memcpy(rv.data, file.data, file.size);`
			`ssize_t i = 0;`
			`for (; i < (file_size - file.size); i++) {`
			`rv.data[file.size + i] = file.data[file.size + i];`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`}`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`memset(rv.data, 0, (file_size - file.size - i));`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00
			`br_aes_big_cbcenc_keys br = { 0 };`
			`br_aes_big_cbcenc_init(&br, key, KEY_LEN);`
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`br_aes_big_cbcenc_run(&br, iv_throwaway, rv.data, file_size);`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00
Enable encrypted pastes properly. Add base64 encoding per the pattern expected by the web interface. Fix some pointers and file size things in purr/files. TODO: files are cut off at random points, despite the efforts to remove verification of null characters in libbaseencode. 2020-09-13 16:05:43 -05:00			`#ifdef ENCODE_BASE_64`
			`baseencode_error_t berr;`
			`const char *data = base64_encode(rv.data, rv.size, &berr);`
			`if (data == NULL \|\| berr != SUCCESS) {`
			`fprintf(stderr, "base64_encode(): error code %d\n", berr);`
			`// TODO: returns good rv`
			`return rv;`
			`}`
			`size_t len = strlen(data);`
			`struct mmap_file rv_64 =`
			`{.size = len, .prot = PROT_WRITE \| PROT_READ, .flags = MAP_ANONYMOUS \| MAP_PRIVATE};`
			`rv_64.data = mmap(NULL, rv_64.size, rv_64.prot, rv_64.flags, -1, 0);`
			`if (ERROR_MMAP(rv_64)) {`
			`perror("mmap()");`
			`// TODO: returns good rv`
			`return rv;`
			`}`
			`memcpy(rv_64.data, data, len);`
			`munmap(rv.data, rv.size);`
			`rv = rv_64;`
			`#endif /* ENCODE_BASE_64 */`

Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`munmap(file.data, file.size);`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00
Fix encryption function. Fix pointer parameters as function returns. Add file clean-up as an atexit functionality. 2020-09-12 23:06:39 -05:00			`// pass pointers to caller`
			`*keyp = key;`
			`*ivp = iv;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00
Move to mmap implementation. Using FILE* is error prone and limited. 2020-09-13 11:32:28 -05:00			`return rv;`
Split encrypt.c and fix use-after-free. UAF from genalloc and stralloc frees. Also remove randomization of IV, not used in bsd.ac. 2020-09-12 20:55:46 -05:00			`}`