keepassxc/src/crypto/SymmetricCipherGcrypt.cpp

/*
*  Copyright (C) 2010 Felix Geyer <debfx@fobos.de>
*
*  This program is free software: you can redistribute it and/or modify
*  it under the terms of the GNU General Public License as published by
*  the Free Software Foundation, either version 2 or (at your option)
*  version 3 of the License.
*
*  This program is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  You should have received a copy of the GNU General Public License
*  along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

#include "SymmetricCipherGcrypt.h"

#include "crypto/Crypto.h"

SymmetricCipherGcrypt::SymmetricCipherGcrypt(SymmetricCipher::Algorithm algo, SymmetricCipher::Mode mode,
                                             SymmetricCipher::Direction direction)
    : m_algo(gcryptAlgo(algo))
    , m_mode(gcryptMode(mode))
    , m_direction(direction)
{
    Q_ASSERT(Crypto::initalized());
}

SymmetricCipherGcrypt::~SymmetricCipherGcrypt()
{
    gcry_cipher_close(m_ctx);
}

int SymmetricCipherGcrypt::gcryptAlgo(SymmetricCipher::Algorithm algo)
{
    switch (algo) {
    case SymmetricCipher::Aes256:
        return GCRY_CIPHER_AES256;

    case SymmetricCipher::Twofish:
        return GCRY_CIPHER_TWOFISH;

    default:
        Q_ASSERT(false);
        return -1;
    }
}

int SymmetricCipherGcrypt::gcryptMode(SymmetricCipher::Mode mode)
{
    switch (mode) {
    case SymmetricCipher::Ecb:
        return GCRY_CIPHER_MODE_ECB;

    case SymmetricCipher::Cbc:
        return GCRY_CIPHER_MODE_CBC;

    default:
        Q_ASSERT(false);
        return -1;
    }
}

void SymmetricCipherGcrypt::init()
{
    gcry_error_t error;

    error = gcry_cipher_open(&m_ctx, m_algo, m_mode, 0);
    Q_ASSERT(error == 0); // TODO: real error checking

    size_t blockSizeT;
    error = gcry_cipher_algo_info(m_algo, GCRYCTL_GET_BLKLEN, Q_NULLPTR, &blockSizeT);
    Q_ASSERT(error == 0);
    m_blockSize = blockSizeT;
}

void SymmetricCipherGcrypt::setKey(const QByteArray& key)
{
    m_key = key;
    gcry_error_t error = gcry_cipher_setkey(m_ctx, m_key.constData(), m_key.size());
    Q_ASSERT(error == 0);
}

void SymmetricCipherGcrypt::setIv(const QByteArray& iv)
{
    m_iv = iv;
    gcry_error_t error = gcry_cipher_setiv(m_ctx, m_iv.constData(), m_iv.size());
    Q_ASSERT(error == 0);
}

QByteArray SymmetricCipherGcrypt::process(const QByteArray& data)
{
    // TODO: check block size

    QByteArray result;
    result.resize(data.size());

    gcry_error_t error;

    if (m_direction == SymmetricCipher::Decrypt) {
        error = gcry_cipher_decrypt(m_ctx, result.data(), data.size(), data.constData(), data.size());
    }
    else {
        error = gcry_cipher_encrypt(m_ctx, result.data(), data.size(), data.constData(), data.size());
    }

    Q_ASSERT(error == 0);

    return result;
}

void SymmetricCipherGcrypt::processInPlace(QByteArray& data)
{
    // TODO: check block size

    gcry_error_t error;

    if (m_direction == SymmetricCipher::Decrypt) {
        error = gcry_cipher_decrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);
    }
    else {
        error = gcry_cipher_encrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);
    }

    Q_ASSERT(error == 0);
}

void SymmetricCipherGcrypt::processInPlace(QByteArray& data, quint64 rounds)
{
    // TODO: check block size

    gcry_error_t error;

    if (m_direction == SymmetricCipher::Decrypt) {
        for (quint64 i = 0; i != rounds; ++i) {
            error = gcry_cipher_decrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);
            Q_ASSERT(error == 0);
        }
    }
    else {
        for (quint64 i = 0; i != rounds; ++i) {
            error = gcry_cipher_encrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);
            Q_ASSERT(error == 0);
        }
    }
}

void SymmetricCipherGcrypt::reset()
{
    gcry_error_t error;

    error = gcry_cipher_reset(m_ctx);
    Q_ASSERT(error == 0);
    error = gcry_cipher_setiv(m_ctx, m_iv.constData(), m_iv.size());
    Q_ASSERT(error == 0);
}

int SymmetricCipherGcrypt::blockSize() const
{
    return m_blockSize;
}
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`/*`
			`* Copyright (C) 2010 Felix Geyer <debfx@fobos.de>`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, either version 2 or (at your option)`
			`* version 3 of the License.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`#include "SymmetricCipherGcrypt.h"`

Make sure gcrypt is initalized when SymmetricCipherGcrypt objects are created. 2011-11-20 04:24:12 -05:00			`#include "crypto/Crypto.h"`

Constification and some style fixes. 2012-04-23 13:44:43 -04:00			`SymmetricCipherGcrypt::SymmetricCipherGcrypt(SymmetricCipher::Algorithm algo, SymmetricCipher::Mode mode,`
			`SymmetricCipher::Direction direction)`
Support Twofish encrypted KeePass 1 databases. Refs #2 2012-05-10 15:06:33 -04:00			`: m_algo(gcryptAlgo(algo))`
Constification and some style fixes. 2012-04-23 13:44:43 -04:00			`, m_mode(gcryptMode(mode))`
			`, m_direction(direction)`
Make sure gcrypt is initalized when SymmetricCipherGcrypt objects are created. 2011-11-20 04:24:12 -05:00			`{`
			`Q_ASSERT(Crypto::initalized());`
			`}`

Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`SymmetricCipherGcrypt::~SymmetricCipherGcrypt()`
			`{`
			`gcry_cipher_close(m_ctx);`
			`}`

Support Twofish encrypted KeePass 1 databases. Refs #2 2012-05-10 15:06:33 -04:00			`int SymmetricCipherGcrypt::gcryptAlgo(SymmetricCipher::Algorithm algo)`
			`{`
			`switch (algo) {`
			`case SymmetricCipher::Aes256:`
			`return GCRY_CIPHER_AES256;`

			`case SymmetricCipher::Twofish:`
			`return GCRY_CIPHER_TWOFISH;`

			`default:`
			`Q_ASSERT(false);`
			`return -1;`
			`}`
			`}`

Constification and some style fixes. 2012-04-23 13:44:43 -04:00			`int SymmetricCipherGcrypt::gcryptMode(SymmetricCipher::Mode mode)`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`{`
			`switch (mode) {`
			`case SymmetricCipher::Ecb:`
Constification and some style fixes. 2012-04-23 13:44:43 -04:00			`return GCRY_CIPHER_MODE_ECB;`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00
			`case SymmetricCipher::Cbc:`
Constification and some style fixes. 2012-04-23 13:44:43 -04:00			`return GCRY_CIPHER_MODE_CBC;`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00
			`default:`
			`Q_ASSERT(false);`
Constification and some style fixes. 2012-04-23 13:44:43 -04:00			`return -1;`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`}`
			`}`

			`void SymmetricCipherGcrypt::init()`
			`{`
			`gcry_error_t error;`

			`error = gcry_cipher_open(&m_ctx, m_algo, m_mode, 0);`
New TODO comment style. Qt Creator 2.5 is able to parse those. 2012-05-11 06:39:06 -04:00			`Q_ASSERT(error == 0); // TODO: real error checking`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00
			`size_t blockSizeT;`
Make use of Q_NULLPTR. 2012-06-29 08:15:16 -04:00			`error = gcry_cipher_algo_info(m_algo, GCRYCTL_GET_BLKLEN, Q_NULLPTR, &blockSizeT);`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`Q_ASSERT(error == 0);`
			`m_blockSize = blockSizeT;`
			`}`

			`void SymmetricCipherGcrypt::setKey(const QByteArray& key)`
			`{`
			`m_key = key;`
			`gcry_error_t error = gcry_cipher_setkey(m_ctx, m_key.constData(), m_key.size());`
			`Q_ASSERT(error == 0);`
			`}`

			`void SymmetricCipherGcrypt::setIv(const QByteArray& iv)`
			`{`
			`m_iv = iv;`
			`gcry_error_t error = gcry_cipher_setiv(m_ctx, m_iv.constData(), m_iv.size());`
			`Q_ASSERT(error == 0);`
			`}`

			`QByteArray SymmetricCipherGcrypt::process(const QByteArray& data)`
			`{`
New TODO comment style. Qt Creator 2.5 is able to parse those. 2012-05-11 06:39:06 -04:00			`// TODO: check block size`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00
			`QByteArray result;`
			`result.resize(data.size());`

			`gcry_error_t error;`

			`if (m_direction == SymmetricCipher::Decrypt) {`
			`error = gcry_cipher_decrypt(m_ctx, result.data(), data.size(), data.constData(), data.size());`
			`}`
			`else {`
			`error = gcry_cipher_encrypt(m_ctx, result.data(), data.size(), data.constData(), data.size());`
			`}`

			`Q_ASSERT(error == 0);`

			`return result;`
			`}`

			`void SymmetricCipherGcrypt::processInPlace(QByteArray& data)`
			`{`
New TODO comment style. Qt Creator 2.5 is able to parse those. 2012-05-11 06:39:06 -04:00			`// TODO: check block size`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00
			`gcry_error_t error;`

			`if (m_direction == SymmetricCipher::Decrypt) {`
Make use of Q_NULLPTR. 2012-06-29 08:15:16 -04:00			`error = gcry_cipher_decrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`}`
			`else {`
Make use of Q_NULLPTR. 2012-06-29 08:15:16 -04:00			`error = gcry_cipher_encrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);`
Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`}`

			`Q_ASSERT(error == 0);`
			`}`

Use quint64 everywhere for the transform rounds number. 2012-05-08 16:31:09 -04:00			`void SymmetricCipherGcrypt::processInPlace(QByteArray& data, quint64 rounds)`
Improve performance of the key transformation. 2012-05-07 08:31:18 -04:00			`{`
New TODO comment style. Qt Creator 2.5 is able to parse those. 2012-05-11 06:39:06 -04:00			`// TODO: check block size`
Improve performance of the key transformation. 2012-05-07 08:31:18 -04:00
			`gcry_error_t error;`

			`if (m_direction == SymmetricCipher::Decrypt) {`
Use quint64 everywhere for the transform rounds number. 2012-05-08 16:31:09 -04:00			`for (quint64 i = 0; i != rounds; ++i) {`
Make use of Q_NULLPTR. 2012-06-29 08:15:16 -04:00			`error = gcry_cipher_decrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);`
Improve performance of the key transformation. 2012-05-07 08:31:18 -04:00			`Q_ASSERT(error == 0);`
			`}`
			`}`
			`else {`
Use quint64 everywhere for the transform rounds number. 2012-05-08 16:31:09 -04:00			`for (quint64 i = 0; i != rounds; ++i) {`
Make use of Q_NULLPTR. 2012-06-29 08:15:16 -04:00			`error = gcry_cipher_encrypt(m_ctx, data.data(), data.size(), Q_NULLPTR, 0);`
Improve performance of the key transformation. 2012-05-07 08:31:18 -04:00			`Q_ASSERT(error == 0);`
			`}`
			`}`
			`}`

Add Salsa20 cipher. Restructure SymmetricCipher implementation to allow multiple backends. 2010-11-21 10:19:27 -05:00			`void SymmetricCipherGcrypt::reset()`
			`{`
			`gcry_error_t error;`

			`error = gcry_cipher_reset(m_ctx);`
			`Q_ASSERT(error == 0);`
			`error = gcry_cipher_setiv(m_ctx, m_iv.constData(), m_iv.size());`
			`Q_ASSERT(error == 0);`
			`}`

			`int SymmetricCipherGcrypt::blockSize() const`
			`{`
			`return m_blockSize;`
			`}`