group
group__libshare__memcrypt
Provides encryption routines in order to encode or decode a binary segment.
ShareKey Data Encryption
typedef shesig_t shenc_hdr_t
int ashencode
(char *data, size_t *data_len_p, shkey_t *key)
Encrypt a data segment without allocating additional memory.
Param
data
- A segment of data. - The length of the data segment.
key
- Pointer to a libshare token key.
shkey_t
structshkey__t
compound
Return Value
A zero on success and negative one (-1) when the string is already encrypted with the same key.
Note
Fills with encrypted data and with the size of the new data array
data
len
data size must be equal to or larger than ((len + 7) / 8) * 8 + 8 + 4 TEA encrypts in 8 byte blocks, so it must include enough space to hold the entire data to pad out to an 8 byte boundary, plus another 8 bytes at the end to give the length to the decrypt algorithm, plus another 4 bytes to signify that it has been encrypted.
You must use the same key passed into this function in order to decrypt the segment.
Bug
The data segment must be allocated 20 bytes larger than data_len. If possible this should return the same data length even if up to 16 bytes of the segment suffix is not encrypted.
Both parameters will be modified.
Specifying a different key will not prevent the data segment from being re-encrypted. The magic number should be used instead.
SHMEM_MAGIC
group__libshare__mem_1gafab60f793071e84e749e90828483f44c
member
bug_1_bug000004
int shencode
(char *data, size_t data_len, unsigned char **data_p, size_t *data_len_p, shkey_t *key)
Encrypts byte array data of length len with key key using TEA.
Param
data
- A segment of data. - The length of the data segment.
key
- Pointer to a libshare token key.
shkey_t
structshkey__t
compound
Return Value
A zero on success and negative one (-1) when the string is already encrypted with the same key.
Note
Fills with encrypted data and with the size of the new data array
data
len
data size must be equal to or larger than ((len + 7) / 8) * 8 + 8 + 4 TEA encrypts in 8 byte blocks, so it must include enough space to hold the entire data to pad out to an 8 byte boundary, plus another 8 bytes at the end to give the length to the decrypt algorithm, plus another 4 bytes to signify that it has been encrypted.
Bug
The data segment must be allocated 20 bytes larger than data_len. If possible this should return the same data length even if up to 16 bytes of the segment suffix is not encrypted.
Both parameters will be modified.
Specifying a different key will not prevent the data segment from being re-encrypted. The magic number should be used instead.
SHMEM_MAGIC
group__libshare__mem_1gafab60f793071e84e749e90828483f44c
member
bug_1_bug000005
shkey_t* shencode_str
(char *data)
See
shdecode_str()
group__libshare__memcrypt_1ga1e3e85d775242a8f25ff07ee451ec69a
member
int ashdecode
(uint8_t *data, size_t *data_len_p, shkey_t *key)
Decrypt a data segment without allocating additional memory.
Param
data
- pointer to 8 bit data array to be decrypted - SEE NOTES
len
- length of array
key
- Pointer to four integer array (16 bytes) holding TEA key
Return Value
A zero on success and negative one (-1) when the string is not encrypted.
Note
Modifies data and len
Fills data with decrypted data and len with the size of the new data
Bug
Using magic numbers in encrypt and decrypt routines - use defines instead - Kyle
If the 64 bit encoding functions aren't used outside this module, their prototypes should be in the code, not header - Simon
Add sanity checking to input - Rob
Require that input len is a multiple of 8 bytes - making a requirement we can't enforce or check is a recipe for corruption - Rob
bug_1_bug000006
int shdecode
(uint8_t *data, uint32_t data_len, char **data_p, size_t *data_len_p, shkey_t *key)
Decrypts byte array data of length len with a key token.
Param
data
pointer to 8 bit data array to be decrypted
len
length of array
data_p
A reference to the decrypted data segment.
data_len_p
The length of the decrypted data segment.
key
- Pointer to four integer array (16 bytes).
Return Value
A zero on success and negative one (-1) when the string is not encrypted.
Note
Modifies data and len
Bug
Using magic numbers in encrypt and decrypt routines - use defines instead - Kyle
If the 64 bit encoding functions aren't used outside this module, their prototypes should be in the code, not header - Simon
Add sanity checking to input - Rob
Require that input len is a multiple of 8 bytes - making a requirement we can't enforce or check is a recipe for corruption - Rob
bug_1_bug000007
int shdecode_str
(char *data, shkey_t *key)
Decrypt a string into it's original format using an assigned key.
Param
key
The key returned by
shencode_str()
group__libshare__memcrypt_1ga43c66c37375ea22cdd2352ef3a87365d
member
Return Value
A zero on success and negative one (-1) when the string is not encrypted.
int shencode_b64
(unsigned char *data, size_t data_len, char **out_p, shkey_t *key)
int shdecode_b64
(char *in_data, unsigned char **data_p, size_t *data_len_p, shkey_t *key)
int shencrypt
(int alg, shbuf_t *out_buff, unsigned char *data, size_t data_len, unsigned char *key, size_t key_len)
int shdecrypt
(shbuf_t *out_buff, unsigned char *data, size_t data_len, unsigned char *key, size_t key_len)
int shdecrypt_verify
(unsigned char *data, size_t data_len)
int shencrypt_derive
(shesig_t *cert, shalg_t pub, shbuf_t *buff, unsigned char *key_data, size_t key_len)
int shdecrypt_derive_verify
(shesig_t *cert, shalg_t pub)