From: Stephan Bosch Date: Sat, 17 Feb 2018 20:09:16 +0000 (+0100) Subject: lib-dcryp: Reformatted ostream-encrypt.c. X-Git-Tag: 2.3.2.rc1~193 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1a61c661060a9987ba3f0c0f947b3afe78234301;p=thirdparty%2Fdovecot%2Fcore.git lib-dcryp: Reformatted ostream-encrypt.c. --- diff --git a/src/lib-dcrypt/ostream-encrypt.c b/src/lib-dcrypt/ostream-encrypt.c index 6c085e6fe7..585e2a530a 100644 --- a/src/lib-dcrypt/ostream-encrypt.c +++ b/src/lib-dcrypt/ostream-encrypt.c @@ -1,3 +1,18 @@ +/* Copyright (c) 2016-2018 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "buffer.h" +#include "randgen.h" +#include "dcrypt-iostream.h" +#include "ostream-encrypt.h" +#include "ostream-private.h" +#include "hash-method.h" +#include "sha2.h" +#include "safe-memset.h" +#include "dcrypt.h" + +#include + /* file struct dcrypt_public_key syntax * magic (14 bytes) * version (1 bytes) @@ -13,19 +28,6 @@ * mac data (mac specific bytes) */ -#include "lib.h" -#include "buffer.h" -#include "randgen.h" -#include "dcrypt-iostream.h" -#include "ostream-encrypt.h" -#include "ostream-private.h" -#include "hash-method.h" -#include "sha2.h" -#include "safe-memset.h" -#include "dcrypt.h" - -#include - #define IO_STREAM_ENCRYPT_SEED_SIZE 32 #define IO_STREAM_ENCRYPT_ROUNDS 2048 @@ -50,9 +52,9 @@ struct encrypt_ostream { bool prefix_written; }; -static -int o_stream_encrypt_send(struct encrypt_ostream *stream, - const unsigned char *data, size_t size) +static int +o_stream_encrypt_send(struct encrypt_ostream *stream, + const unsigned char *data, size_t size) { ssize_t ec; @@ -64,14 +66,15 @@ int o_stream_encrypt_send(struct encrypt_ostream *stream, return -1; } else { io_stream_set_error(&stream->ostream.iostream, - "ostream-encrypt: Unexpectedly short write to parent stream"); + "ostream-encrypt: " + "Unexpectedly short write to parent stream"); stream->ostream.ostream.stream_errno = EINVAL; return -1; } } -static -int o_stream_encrypt_send_header_v1(struct encrypt_ostream *stream) +static int +o_stream_encrypt_send_header_v1(struct encrypt_ostream *stream) { unsigned char c; unsigned short s; @@ -80,7 +83,8 @@ int o_stream_encrypt_send_header_v1(struct encrypt_ostream *stream) stream->prefix_written = TRUE; buffer_t *values = t_buffer_create(256); - buffer_append(values, IOSTREAM_CRYPT_MAGIC, sizeof(IOSTREAM_CRYPT_MAGIC)); + buffer_append(values, IOSTREAM_CRYPT_MAGIC, + sizeof(IOSTREAM_CRYPT_MAGIC)); /* version */ c = 1; buffer_append(values, &c, 1); @@ -95,8 +99,8 @@ int o_stream_encrypt_send_header_v1(struct encrypt_ostream *stream) return o_stream_encrypt_send(stream, values->data, values->used); } -static -int o_stream_encrypt_send_header_v2(struct encrypt_ostream *stream) +static int +o_stream_encrypt_send_header_v2(struct encrypt_ostream *stream) { unsigned char c; unsigned int i; @@ -105,7 +109,8 @@ int o_stream_encrypt_send_header_v2(struct encrypt_ostream *stream) stream->prefix_written = TRUE; buffer_t *values = t_buffer_create(256); - buffer_append(values, IOSTREAM_CRYPT_MAGIC, sizeof(IOSTREAM_CRYPT_MAGIC)); + buffer_append(values, IOSTREAM_CRYPT_MAGIC, + sizeof(IOSTREAM_CRYPT_MAGIC)); c = 2; buffer_append(values, &c, 1); i = cpu32_to_be(stream->flags); @@ -114,7 +119,9 @@ int o_stream_encrypt_send_header_v2(struct encrypt_ostream *stream) 9 = version + flags + length 8 = rounds + key data length */ - i = cpu32_to_be(sizeof(IOSTREAM_CRYPT_MAGIC) + 9 + stream->cipher_oid->used + stream->mac_oid->used + 8 + stream->key_data_len); + i = cpu32_to_be(sizeof(IOSTREAM_CRYPT_MAGIC) + 9 + + stream->cipher_oid->used + stream->mac_oid->used + + 8 + stream->key_data_len); buffer_append(values, &i, 4); buffer_append_buf(values, stream->cipher_oid, 0, (size_t)-1); @@ -129,8 +136,8 @@ int o_stream_encrypt_send_header_v2(struct encrypt_ostream *stream) return o_stream_encrypt_send(stream, values->data, values->used); } -static -int o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) +static int +o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) { buffer_t *encrypted_key, *ephemeral_key, *secret, *res, buf; const char *error = NULL; @@ -147,7 +154,8 @@ int o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) /* hash the public key first */ buffer_create_from_data(&buf, pkhash, sizeof(pkhash)); if (!dcrypt_key_id_public_old(stream->pub, &buf, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Key hash failed: %s", error); + io_stream_set_error(&stream->ostream.iostream, + "Key hash failed: %s", error); return -1; } @@ -160,8 +168,10 @@ int o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) encrypted_key = t_buffer_create(256); secret = t_buffer_create(256); - if (!dcrypt_ecdh_derive_secret_peer(stream->pub, ephemeral_key, secret, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Cannot perform ECDH: %s", error); + if (!dcrypt_ecdh_derive_secret_peer(stream->pub, ephemeral_key, + secret, &error)) { + io_stream_set_error(&stream->ostream.iostream, + "Cannot perform ECDH: %s", error); return -1; } @@ -173,8 +183,10 @@ int o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) /* use it to encrypt the actual encryption key */ struct dcrypt_context_symmetric *dctx; - if (!dcrypt_ctx_sym_create("aes-256-ctr", DCRYPT_MODE_ENCRYPT, &dctx, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Key encryption error: %s", error); + if (!dcrypt_ctx_sym_create("aes-256-ctr", DCRYPT_MODE_ENCRYPT, + &dctx, &error)) { + io_stream_set_error(&stream->ostream.iostream, + "Key encryption error: %s", error); return -1; } @@ -185,13 +197,16 @@ int o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) int ec = 0; - /* NB! The old code was broken and used this kind of IV - it is not correct, but - we need to stay compatible with old data */ - dcrypt_ctx_sym_set_iv(dctx, (const unsigned char*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16); + /* NB! The old code was broken and used this kind of IV - it is not + correct, but we need to stay compatible with old data */ + dcrypt_ctx_sym_set_iv(dctx, (const unsigned char*) + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00", 16); dcrypt_ctx_sym_set_key(dctx, hres, sizeof(hres)); if (!dcrypt_ctx_sym_init(dctx, &error) || - !dcrypt_ctx_sym_update(dctx, seed, sizeof(seed), encrypted_key, &error) || + !dcrypt_ctx_sym_update(dctx, seed, sizeof(seed), + encrypted_key, &error) || !dcrypt_ctx_sym_final(dctx, encrypted_key, &error)) { ec = -1; } @@ -199,17 +214,21 @@ int o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) if (ec != 0) { safe_memset(seed, 0, sizeof(seed)); - io_stream_set_error(&stream->ostream.iostream, "Key encryption error: %s", error); + io_stream_set_error(&stream->ostream.iostream, + "Key encryption error: %s", error); return -1; } /* same as above */ - dcrypt_ctx_sym_set_iv(stream->ctx_sym, (const unsigned char*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16); + dcrypt_ctx_sym_set_iv(stream->ctx_sym, (const unsigned char*) + "\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00", 16); dcrypt_ctx_sym_set_key(stream->ctx_sym, seed, sizeof(seed)); safe_memset(seed, 0, sizeof(seed)); if (!dcrypt_ctx_sym_init(stream->ctx_sym, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Encryption init error: %s", error); + io_stream_set_error(&stream->ostream.iostream, + "Encryption init error: %s", error); return -1; } @@ -239,9 +258,12 @@ int o_stream_encrypt_keydata_create_v1(struct encrypt_ostream *stream) return 0; } -static -int o_stream_encrypt_key_for_pubkey_v2(struct encrypt_ostream *stream, const char *malg, - const unsigned char *key, size_t key_len, struct dcrypt_public_key *pubkey, buffer_t *res) +static int +o_stream_encrypt_key_for_pubkey_v2(struct encrypt_ostream *stream, + const char *malg, const unsigned char *key, + size_t key_len, + struct dcrypt_public_key *pubkey, + buffer_t *res) { enum dcrypt_key_type ktype; const char *error; @@ -255,8 +277,11 @@ int o_stream_encrypt_key_for_pubkey_v2(struct encrypt_ostream *stream, const cha if (ktype == DCRYPT_KEY_RSA) { /* encrypt key as R (as we don't need DH with RSA)*/ - if (!dcrypt_rsa_encrypt(pubkey, key, key_len, encrypted_key, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Cannot encrypt key data: %s", error); + if (!dcrypt_rsa_encrypt(pubkey, key, key_len, + encrypted_key, &error)) { + io_stream_set_error(&stream->ostream.iostream, + "Cannot encrypt key data: %s", + error); return -1; } } else if (ktype == DCRYPT_KEY_EC) { @@ -264,24 +289,37 @@ int o_stream_encrypt_key_for_pubkey_v2(struct encrypt_ostream *stream, const cha buffer_t *secret = t_buffer_create(256); /* derive ephemeral key and shared secret */ - if (!dcrypt_ecdh_derive_secret_peer(pubkey, ephemeral_key, secret, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Cannot perform ECDH: %s", error); + if (!dcrypt_ecdh_derive_secret_peer(pubkey, ephemeral_key, + secret, &error)) { + io_stream_set_error(&stream->ostream.iostream, + "Cannot perform ECDH: %s", error); return -1; } - /* use shared secret and ephemeral key to generate encryption key/iv */ - if (!dcrypt_pbkdf2(secret->data, secret->used, ephemeral_key->data, ephemeral_key->used, - malg, IO_STREAM_ENCRYPT_ROUNDS, temp_key, 48, &error)) { - safe_memset(buffer_get_modifiable_data(secret, 0), 0, secret->used); - io_stream_set_error(&stream->ostream.iostream, "Cannot perform key encryption: %s", error); + /* use shared secret and ephemeral key to generate encryption + key/iv */ + if (!dcrypt_pbkdf2(secret->data, secret->used, + ephemeral_key->data, ephemeral_key->used, + malg, IO_STREAM_ENCRYPT_ROUNDS, temp_key, + 48, &error)) { + safe_memset(buffer_get_modifiable_data(secret, 0), + 0, secret->used); + io_stream_set_error(&stream->ostream.iostream, + "Cannot perform key encryption: %s", + error); } - safe_memset(buffer_get_modifiable_data(secret, 0), 0, secret->used); + safe_memset(buffer_get_modifiable_data(secret, 0), + 0, secret->used); /* encrypt key with shared secret */ struct dcrypt_context_symmetric *dctx; - if (!dcrypt_ctx_sym_create("AES-256-CBC", DCRYPT_MODE_ENCRYPT, &dctx, &error)) { - safe_memset(buffer_get_modifiable_data(temp_key, 0), 0, temp_key->used); - io_stream_set_error(&stream->ostream.iostream, "Cannot perform key encryption: %s", error); + if (!dcrypt_ctx_sym_create("AES-256-CBC", DCRYPT_MODE_ENCRYPT, + &dctx, &error)) { + safe_memset(buffer_get_modifiable_data(temp_key, 0), + 0, temp_key->used); + io_stream_set_error(&stream->ostream.iostream, + "Cannot perform key encryption: %s", + error); return -1; } @@ -290,20 +328,25 @@ int o_stream_encrypt_key_for_pubkey_v2(struct encrypt_ostream *stream, const cha dcrypt_ctx_sym_set_key(dctx, ptr, 32); dcrypt_ctx_sym_set_iv(dctx, ptr+32, 16); - safe_memset(buffer_get_modifiable_data(temp_key, 0), 0, temp_key->used); + safe_memset(buffer_get_modifiable_data(temp_key, 0), + 0, temp_key->used); int ec = 0; if (!dcrypt_ctx_sym_init(dctx, &error) || - !dcrypt_ctx_sym_update(dctx, key, key_len, encrypted_key, &error) || + !dcrypt_ctx_sym_update(dctx, key, key_len, + encrypted_key, &error) || !dcrypt_ctx_sym_final(dctx, encrypted_key, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Cannot perform key encryption: %s", error); + io_stream_set_error(&stream->ostream.iostream, + "Cannot perform key encryption: %s", + error); ec = -1; } dcrypt_ctx_sym_destroy(&dctx); if (ec != 0) return ec; } else { - io_stream_set_error(&stream->ostream.iostream, "Unsupported key type"); + io_stream_set_error(&stream->ostream.iostream, + "Unsupported key type"); return -1; } @@ -324,8 +367,9 @@ int o_stream_encrypt_key_for_pubkey_v2(struct encrypt_ostream *stream, const cha return 0; } -static -int o_stream_encrypt_keydata_create_v2(struct encrypt_ostream *stream, const char *malg) +static int +o_stream_encrypt_keydata_create_v2(struct encrypt_ostream *stream, + const char *malg) { const struct hash_method *hash = hash_method_lookup(malg); const char *error; @@ -338,14 +382,17 @@ int o_stream_encrypt_keydata_create_v2(struct encrypt_ostream *stream, const cha if (hash == NULL) { io_stream_set_error(&stream->ostream.iostream, - "Encryption init error: Hash algorithm '%s' not supported", malg); + "Encryption init error: " + "Hash algorithm '%s' not supported", malg); return -1; } /* key data length for internal use */ - if ((stream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == IO_STREAM_ENC_INTEGRITY_HMAC) { + if ((stream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == + IO_STREAM_ENC_INTEGRITY_HMAC) { tagsize = IOSTREAM_TAG_SIZE; - } else if ((stream->flags & IO_STREAM_ENC_INTEGRITY_AEAD) == IO_STREAM_ENC_INTEGRITY_AEAD) { + } else if ((stream->flags & IO_STREAM_ENC_INTEGRITY_AEAD) == + IO_STREAM_ENC_INTEGRITY_AEAD) { tagsize = IOSTREAM_TAG_SIZE; } else { /* do not include MAC */ @@ -353,7 +400,8 @@ int o_stream_encrypt_keydata_create_v2(struct encrypt_ostream *stream, const cha } /* generate keydata length of random data for key/iv/mac */ - kl = dcrypt_ctx_sym_get_key_length(stream->ctx_sym) + dcrypt_ctx_sym_get_iv_length(stream->ctx_sym) + tagsize; + kl = dcrypt_ctx_sym_get_key_length(stream->ctx_sym) + + dcrypt_ctx_sym_get_iv_length(stream->ctx_sym) + tagsize; keydata = t_buffer_create(kl); random_fill(buffer_append_space_unsafe(keydata, kl), kl); buffer_set_used_size(keydata, kl); @@ -365,7 +413,8 @@ int o_stream_encrypt_keydata_create_v2(struct encrypt_ostream *stream, const cha buffer_append(res, "\1", 1); /* one key for now */ /* we can do multiple keys at this point, but do it only once now */ - if (o_stream_encrypt_key_for_pubkey_v2(stream, malg, ptr, kl, stream->pub, res) != 0) { + if (o_stream_encrypt_key_for_pubkey_v2(stream, malg, ptr, kl, + stream->pub, res) != 0) { buffer_free(&res); return -1; } @@ -396,15 +445,19 @@ int o_stream_encrypt_keydata_create_v2(struct encrypt_ostream *stream, const cha stream->key_data = buffer_free_without_data(&res); /* prime contexts */ - dcrypt_ctx_sym_set_key(stream->ctx_sym, ptr, dcrypt_ctx_sym_get_key_length(stream->ctx_sym)); + dcrypt_ctx_sym_set_key(stream->ctx_sym, ptr, + dcrypt_ctx_sym_get_key_length(stream->ctx_sym)); ptr += dcrypt_ctx_sym_get_key_length(stream->ctx_sym); - dcrypt_ctx_sym_set_iv(stream->ctx_sym, ptr, dcrypt_ctx_sym_get_iv_length(stream->ctx_sym)); + dcrypt_ctx_sym_set_iv(stream->ctx_sym, ptr, + dcrypt_ctx_sym_get_iv_length(stream->ctx_sym)); ptr += dcrypt_ctx_sym_get_iv_length(stream->ctx_sym); - if ((stream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == IO_STREAM_ENC_INTEGRITY_HMAC) { + if ((stream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == + IO_STREAM_ENC_INTEGRITY_HMAC) { dcrypt_ctx_hmac_set_key(stream->ctx_mac, ptr, tagsize); dcrypt_ctx_hmac_init(stream->ctx_mac, &error); - } else if ((stream->flags & IO_STREAM_ENC_INTEGRITY_AEAD) == IO_STREAM_ENC_INTEGRITY_AEAD) { + } else if ((stream->flags & IO_STREAM_ENC_INTEGRITY_AEAD) == + IO_STREAM_ENC_INTEGRITY_AEAD) { dcrypt_ctx_sym_set_aad(stream->ctx_sym, ptr, tagsize); } @@ -412,14 +465,15 @@ int o_stream_encrypt_keydata_create_v2(struct encrypt_ostream *stream, const cha safe_memset(buffer_get_modifiable_data(keydata, 0), 0, keydata->used); if (!dcrypt_ctx_sym_init(stream->ctx_sym, &error)) { - io_stream_set_error(&stream->ostream.iostream, "Encryption init error: %s", error); + io_stream_set_error(&stream->ostream.iostream, + "Encryption init error: %s", error); return -1; } return 0; } -static -ssize_t o_stream_encrypt_sendv(struct ostream_private *stream, +static ssize_t +o_stream_encrypt_sendv(struct ostream_private *stream, const struct const_iovec *iov, unsigned int iov_count) { struct encrypt_ostream *estream = (struct encrypt_ostream *)stream; @@ -432,7 +486,8 @@ ssize_t o_stream_encrypt_sendv(struct ostream_private *stream, /* write prefix */ if (!estream->prefix_written) { T_BEGIN { - if ((estream->flags & IO_STREAM_ENC_VERSION_1) == IO_STREAM_ENC_VERSION_1) + if ((estream->flags & IO_STREAM_ENC_VERSION_1) == + IO_STREAM_ENC_VERSION_1) ec = o_stream_encrypt_send_header_v1(estream); else ec = o_stream_encrypt_send_header_v2(estream); @@ -447,7 +502,8 @@ ssize_t o_stream_encrypt_sendv(struct ostream_private *stream, buffer_t buf; buffer_create_from_data(&buf, ciphertext, sizeof(ciphertext)); - /* encrypt & send all blocks of data at max ciphertext buffer's length */ + /* encrypt & send all blocks of data at max ciphertext buffer's + length */ for(unsigned int i = 0; i < iov_count; i++) { size_t bl, off = 0, len = iov[i].iov_len; const unsigned char *ptr = iov[i].iov_base; @@ -456,14 +512,20 @@ ssize_t o_stream_encrypt_sendv(struct ostream_private *stream, /* update can emite twice the size of input */ bl = I_MIN(sizeof(ciphertext)/2, len); - if (!dcrypt_ctx_sym_update(estream->ctx_sym, ptr + off, bl, &buf, &error)) { - io_stream_set_error(&stream->iostream, "Encryption failure: %s", error); + if (!dcrypt_ctx_sym_update(estream->ctx_sym, ptr + off, + bl, &buf, &error)) { + io_stream_set_error(&stream->iostream, + "Encryption failure: %s", + error); return -1; } - if ((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == IO_STREAM_ENC_INTEGRITY_HMAC) { + if ((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == + IO_STREAM_ENC_INTEGRITY_HMAC) { /* update mac */ - if (!dcrypt_ctx_hmac_update(estream->ctx_mac, buf.data, buf.used, &error)) { - io_stream_set_error(&stream->iostream, "MAC failure: %s", error); + if (!dcrypt_ctx_hmac_update(estream->ctx_mac, + buf.data, buf.used, &error)) { + io_stream_set_error(&stream->iostream, + "MAC failure: %s", error); return -1; } } @@ -483,8 +545,8 @@ ssize_t o_stream_encrypt_sendv(struct ostream_private *stream, return total; } -static -int o_stream_encrypt_finalize(struct ostream_private *stream) +static int +o_stream_encrypt_finalize(struct ostream_private *stream) { const char *error; struct encrypt_ostream *estream = (struct encrypt_ostream *)stream; @@ -499,17 +561,22 @@ int o_stream_encrypt_finalize(struct ostream_private *stream) if (!estream->prefix_written) return 0; /* acquire last block */ - buffer_t *buf = t_buffer_create(dcrypt_ctx_sym_get_block_size(estream->ctx_sym)); + buffer_t *buf = t_buffer_create( + dcrypt_ctx_sym_get_block_size(estream->ctx_sym)); if (!dcrypt_ctx_sym_final(estream->ctx_sym, buf, &error)) { - io_stream_set_error(&estream->ostream.iostream, "Encryption failure: %s", error); + io_stream_set_error(&estream->ostream.iostream, + "Encryption failure: %s", error); return -1; } /* sometimes final does not emit anything */ if (buf->used > 0) { /* update mac */ - if (((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == IO_STREAM_ENC_INTEGRITY_HMAC)) { - if (!dcrypt_ctx_hmac_update(estream->ctx_mac, buf->data, buf->used, &error)) { - io_stream_set_error(&estream->ostream.iostream, "MAC failure: %s", error); + if (((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == + IO_STREAM_ENC_INTEGRITY_HMAC)) { + if (!dcrypt_ctx_hmac_update(estream->ctx_mac, buf->data, + buf->used, &error)) { + io_stream_set_error(&estream->ostream.iostream, + "MAC failure: %s", error); return -1; } } @@ -520,24 +587,28 @@ int o_stream_encrypt_finalize(struct ostream_private *stream) /* write last mac bytes */ buffer_set_used_size(buf, 0); - if ((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == IO_STREAM_ENC_INTEGRITY_HMAC) { + if ((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == + IO_STREAM_ENC_INTEGRITY_HMAC) { if (!dcrypt_ctx_hmac_final(estream->ctx_mac, buf, &error)) { - io_stream_set_error(&estream->ostream.iostream, "MAC failure: %s", error); + io_stream_set_error(&estream->ostream.iostream, + "MAC failure: %s", error); return -1; } - } else if ((estream->flags & IO_STREAM_ENC_INTEGRITY_AEAD) == IO_STREAM_ENC_INTEGRITY_AEAD) { + } else if ((estream->flags & IO_STREAM_ENC_INTEGRITY_AEAD) == + IO_STREAM_ENC_INTEGRITY_AEAD) { dcrypt_ctx_sym_get_tag(estream->ctx_sym, buf); i_assert(buf->used > 0); } - if (buf->used > 0 && o_stream_encrypt_send(estream, buf->data, buf->used) < 0) { + if (buf->used > 0 && + o_stream_encrypt_send(estream, buf->data, buf->used) < 0) { return -1; } return 0; } -static -int o_stream_encrypt_flush(struct ostream_private *stream) +static int +o_stream_encrypt_flush(struct ostream_private *stream) { struct encrypt_ostream *estream = (struct encrypt_ostream *)stream; @@ -550,45 +621,56 @@ int o_stream_encrypt_flush(struct ostream_private *stream) return o_stream_flush_parent(stream); } -static -void o_stream_encrypt_close(struct iostream_private *stream, - bool close_parent) +static void +o_stream_encrypt_close(struct iostream_private *stream, + bool close_parent) { struct encrypt_ostream *estream = (struct encrypt_ostream *)stream; i_assert(estream->finalized || estream->ctx_sym == NULL || estream->ostream.ostream.stream_errno != 0); - if (close_parent) { + if (close_parent) o_stream_close(estream->ostream.parent); - } } -static -void o_stream_encrypt_destroy(struct iostream_private *stream) +static void +o_stream_encrypt_destroy(struct iostream_private *stream) { struct encrypt_ostream *estream = (struct encrypt_ostream *)stream; + /* release resources */ - if (estream->ctx_sym != NULL) dcrypt_ctx_sym_destroy(&estream->ctx_sym); - if (estream->ctx_mac != NULL) dcrypt_ctx_hmac_destroy(&estream->ctx_mac); - if (estream->key_data != NULL) i_free(estream->key_data); - if (estream->cipher_oid != NULL) buffer_free(&estream->cipher_oid); - if (estream->mac_oid != NULL) buffer_free(&estream->mac_oid); - if (estream->pub != NULL) dcrypt_key_unref_public(&estream->pub); + if (estream->ctx_sym != NULL) + dcrypt_ctx_sym_destroy(&estream->ctx_sym); + if (estream->ctx_mac != NULL) + dcrypt_ctx_hmac_destroy(&estream->ctx_mac); + if (estream->key_data != NULL) + i_free(estream->key_data); + if (estream->cipher_oid != NULL) + buffer_free(&estream->cipher_oid); + if (estream->mac_oid != NULL) + buffer_free(&estream->mac_oid); + if (estream->pub != NULL) + dcrypt_key_unref_public(&estream->pub); o_stream_unref(&estream->ostream.parent); } -static -int o_stream_encrypt_init(struct encrypt_ostream *estream, const char *algorithm) +static int +o_stream_encrypt_init(struct encrypt_ostream *estream, const char *algorithm) { const char *error; char *calg, *malg; - if ((estream->flags & IO_STREAM_ENC_VERSION_1) == IO_STREAM_ENC_VERSION_1) { - if (!dcrypt_ctx_sym_create("AES-256-CTR", DCRYPT_MODE_ENCRYPT, &estream->ctx_sym, &error)) { - io_stream_set_error(&estream->ostream.iostream, "Cannot create ostream-encrypt: %s", error); + if ((estream->flags & IO_STREAM_ENC_VERSION_1) == + IO_STREAM_ENC_VERSION_1) { + if (!dcrypt_ctx_sym_create("AES-256-CTR", DCRYPT_MODE_ENCRYPT, + &estream->ctx_sym, &error)) { + io_stream_set_error(&estream->ostream.iostream, + "Cannot create ostream-encrypt: %s", + error); return -1; } - estream->flags |= IO_STREAM_ENC_INTEGRITY_NONE; /* disable MAC */ + /* disable MAC */ + estream->flags |= IO_STREAM_ENC_INTEGRITY_NONE; /* then do keying */ return o_stream_encrypt_keydata_create_v1(estream); } else { @@ -596,35 +678,48 @@ int o_stream_encrypt_init(struct encrypt_ostream *estream, const char *algorithm malg = strrchr(calg, '-'); if (malg == NULL) { - io_stream_set_error(&estream->ostream.iostream, "Invalid algorithm (must be cipher-mac)"); + io_stream_set_error(&estream->ostream.iostream, + "Invalid algorithm " + "(must be cipher-mac)"); return -1; } (*malg++) = '\0'; - if (!dcrypt_ctx_sym_create(calg, DCRYPT_MODE_ENCRYPT, &estream->ctx_sym, &error)) { - io_stream_set_error(&estream->ostream.iostream, "Cannot create ostream-encrypt: %s", error); + if (!dcrypt_ctx_sym_create(calg, DCRYPT_MODE_ENCRYPT, + &estream->ctx_sym, &error)) { + io_stream_set_error(&estream->ostream.iostream, + "Cannot create ostream-encrypt: %s", + error); return -1; } /* create cipher and mac context, take note of OIDs */ estream->cipher_oid = buffer_create_dynamic(default_pool, 12); - estream->block_size = dcrypt_ctx_sym_get_block_size(estream->ctx_sym); + estream->block_size = + dcrypt_ctx_sym_get_block_size(estream->ctx_sym); if (!dcrypt_name2oid(calg, estream->cipher_oid, &error)) { - io_stream_set_error(&estream->ostream.iostream, "Cannot create ostream-encrypt: %s", error); + io_stream_set_error(&estream->ostream.iostream, + "Cannot create ostream-encrypt: %s", + error); return -1; } /* mac context is optional */ - if ((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == IO_STREAM_ENC_INTEGRITY_HMAC) { - if (!dcrypt_ctx_hmac_create(malg, &estream->ctx_mac, &error)) { - io_stream_set_error(&estream->ostream.iostream, "Cannot create ostream-encrypt: %s", error); + if ((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) == + IO_STREAM_ENC_INTEGRITY_HMAC) { + if (!dcrypt_ctx_hmac_create(malg, &estream->ctx_mac, + &error)) { + io_stream_set_error(&estream->ostream.iostream, + "Cannot create ostream-encrypt: %s", + error); return -1; } } estream->mac_oid = buffer_create_dynamic(default_pool, 12); if (!dcrypt_name2oid(malg, estream->mac_oid, &error)) { - io_stream_set_error(&estream->ostream.iostream, "Cannot create ostream-encrypt: %s", error); + io_stream_set_error(&estream->ostream.iostream, + "Cannot create ostream-encrypt: %s", error); return -1; } @@ -633,8 +728,7 @@ int o_stream_encrypt_init(struct encrypt_ostream *estream, const char *algorithm } } -static -struct encrypt_ostream * +static struct encrypt_ostream * o_stream_create_encrypt_common(enum io_stream_encrypt_flags flags) { struct encrypt_ostream *estream; @@ -675,23 +769,29 @@ o_stream_create_encrypt(struct ostream *output, const char *algorithm, } struct ostream * -o_stream_create_sym_encrypt(struct ostream *output, struct dcrypt_context_symmetric *ctx) +o_stream_create_sym_encrypt(struct ostream *output, + struct dcrypt_context_symmetric *ctx) { - struct encrypt_ostream *estream = o_stream_create_encrypt_common(IO_STREAM_ENC_INTEGRITY_NONE); + struct encrypt_ostream *estream = + o_stream_create_encrypt_common(IO_STREAM_ENC_INTEGRITY_NONE); const char *error; int ec; estream->prefix_written = TRUE; - if (!dcrypt_ctx_sym_init(estream->ctx_sym, &error)) ec = -1; - else ec = 0; + if (!dcrypt_ctx_sym_init(estream->ctx_sym, &error)) + ec = -1; + else + ec = 0; estream->ctx_sym = ctx; struct ostream *os = o_stream_create(&estream->ostream, output, - o_stream_get_fd(output)); + o_stream_get_fd(output)); if (ec != 0) { - io_stream_set_error(&estream->ostream.iostream, "Could not initialize stream: %s", error); + io_stream_set_error(&estream->ostream.iostream, + "Could not initialize stream: %s", + error); os->stream_errno = EINVAL; }