3011 const char* szFunc =
"OTCrypto_OpenSSL::Open";
3013 uint8_t buffer[4096];
3014 uint8_t buffer_out[4096 + EVP_MAX_IV_LENGTH];
3015 uint8_t iv[EVP_MAX_IV_LENGTH];
3018 int32_t len_out = 0;
3019 bool bFinalized =
false;
3023 memset(buffer, 0, 4096);
3024 memset(buffer_out, 0, 4096 + EVP_MAX_IV_LENGTH);
3025 memset(iv, 0, EVP_MAX_IV_LENGTH);
3029 theOutput.Release();
3036 theRecipient.GetIdentifier(strNymID);
3038 OTAsymmetricKey& theTempPrivateKey =
3039 const_cast<OTAsymmetricKey&
>(theRecipient.GetPrivateEncrKey());
3041 OTAsymmetricKey_OpenSSL* pPrivateKey =
3042 dynamic_cast<OTAsymmetricKey_OpenSSL*
>(&theTempPrivateKey);
3045 EVP_PKEY* private_key =
3046 const_cast<EVP_PKEY*
>(pPrivateKey->dp->GetKey(pPWData));
3048 if (
nullptr == private_key) {
3050 <<
": Null private key on recipient. (Returning false.)\n";
3055 <<
": Private key is available for NymID: " << strNymID <<
" \n";
3062 const char* m_szFunc;
3063 EVP_CIPHER_CTX& m_ctx;
3064 OTAsymmetricKey& m_privateKey;
3068 _OTEnv_Open(
const char* param_szFunc, EVP_CIPHER_CTX& theCTX,
3069 OTAsymmetricKey& param_privateKey,
bool& param_Finalized)
3070 : m_szFunc(param_szFunc)
3072 , m_privateKey(param_privateKey)
3073 , m_bFinalized(param_Finalized)
3077 EVP_CIPHER_CTX_init(&m_ctx);
3082 m_privateKey.ReleaseKey();
3092 if (!m_bFinalized) {
3093 if (0 == EVP_CIPHER_CTX_cleanup(&m_ctx))
3094 otErr << m_szFunc <<
": Failure in EVP_CIPHER_CTX_cleanup. "
3095 "(It returned 0.)\n";
3104 _OTEnv_Open theNestedInstance(szFunc, ctx, *pPrivateKey, bFinalized);
3108 uint32_t nRunningTotal =
3111 uint32_t nReadEnvType = 0;
3112 uint32_t nReadArraySize = 0;
3113 uint32_t nReadIV = 0;
3140 uint16_t env_type_n = 0;
3142 if (0 == (nReadEnvType = dataInput.OTfread(
3143 reinterpret_cast<uint8_t*>(&env_type_n),
3144 static_cast<uint32_t>(
sizeof(env_type_n))))) {
3145 otErr << szFunc <<
": Error reading Envelope Type. Expected "
3146 "asymmetric(1) or symmetric (2).\n";
3149 nRunningTotal += nReadEnvType;
3150 OT_ASSERT(nReadEnvType == static_cast<uint32_t>(
sizeof(env_type_n)));
3154 const uint16_t env_type =
3155 static_cast<uint16_t
>(ntohs(static_cast<uint16_t>(env_type_n)));
3159 if (1 != env_type) {
3160 otErr << szFunc <<
": Error : Expected Envelope for Asymmetric "
3161 "key(type 1) but instead found type "
3162 <<
static_cast<int32_t
>(env_type) <<
".\n";
3168 <<
": Envelope type: " <<
static_cast<int32_t
>(env_type) <<
"\n";
3172 uint32_t array_size_n = 0;
3174 if (0 == (nReadArraySize = dataInput.OTfread(
3175 reinterpret_cast<uint8_t*>(&array_size_n),
3176 static_cast<uint32_t>(
sizeof(array_size_n))))) {
3178 <<
": Error reading Array Size for encrypted symmetric keys.\n";
3181 nRunningTotal += nReadArraySize;
3182 OT_ASSERT(nReadArraySize == static_cast<uint32_t>(
sizeof(array_size_n)));
3186 const uint32_t array_size = ntohl(array_size_n);
3189 <<
": Array size: " <<
static_cast<int64_t
>(array_size) <<
"\n";
3200 OTPayload theRawEncryptedKey;
3201 bool bFoundKeyAlready =
3210 for (uint32_t ii = 0; ii < array_size; ++ii) {
3218 uint32_t nymid_len_n = 0;
3219 uint32_t nReadNymIDSize = 0;
3221 if (0 == (nReadNymIDSize = dataInput.OTfread(
3222 reinterpret_cast<uint8_t*>(&nymid_len_n),
3223 static_cast<uint32_t>(
sizeof(nymid_len_n))))) {
3224 otErr << szFunc <<
": Error reading NymID length for an encrypted "
3228 nRunningTotal += nReadNymIDSize;
3229 OT_ASSERT(nReadNymIDSize == static_cast<uint32_t>(
sizeof(nymid_len_n)));
3233 uint32_t nymid_len =
static_cast<uint32_t
>(ntohl(static_cast<uint32_t>(
3237 <<
": NymID length: " <<
static_cast<int64_t
>(nymid_len) <<
"\n";
3242 static_cast<uint8_t*
>(malloc(
sizeof(uint8_t) * nymid_len));
3246 uint32_t nReadNymID = 0;
3248 if (0 == (nReadNymID = dataInput.OTfread(
3249 reinterpret_cast<uint8_t*>(nymid),
3250 static_cast<uint32_t>(
sizeof(uint8_t) *
3257 <<
": Error reading NymID for an encrypted symmetric key.\n";
3262 nRunningTotal += nReadNymID;
3264 static_cast<uint32_t>(
sizeof(uint8_t) * nymid_len));
3267 nymid[nymid_len - 1] =
'\0';
3270 const OTString loopStrNymID(reinterpret_cast<char*>(nymid));
3274 otLog5 << __FUNCTION__ <<
": (LOOP) Current NymID: " << loopStrNymID
3276 <<
static_cast<int64_t
>(loopStrNymID.GetLength()) <<
"\n";
3289 uint8_t* ek =
nullptr;
3291 uint32_t eklen_n = 0;
3292 uint32_t nReadLength = 0;
3293 uint32_t nReadKey = 0;
3297 if (0 == (nReadLength = dataInput.OTfread(
3298 reinterpret_cast<uint8_t*>(&eklen_n),
3299 static_cast<uint32_t>(
sizeof(eklen_n))))) {
3300 otErr << szFunc <<
": Error reading encrypted key size.\n";
3303 nRunningTotal += nReadLength;
3304 OT_ASSERT(nReadLength == static_cast<uint32_t>(
sizeof(eklen_n)));
3308 eklen =
static_cast<uint32_t
>(ntohl(static_cast<uint32_t>(eklen_n)));
3313 <<
": EK length: " <<
static_cast<int64_t
>(eklen) <<
" \n";
3317 ek =
static_cast<uint8_t*
>(
3318 malloc(static_cast<int32_t>(eklen) *
3321 memset(static_cast<void*>(ek), 0, static_cast<int32_t>(eklen));
3325 if (0 == (nReadKey = dataInput.OTfread(reinterpret_cast<uint8_t*>(ek),
3326 static_cast<uint32_t>(eklen)))) {
3327 otErr << szFunc <<
": Error reading encrypted key.\n";
3332 nRunningTotal += nReadKey;
3335 <<
": EK First byte: " <<
static_cast<int32_t
>(ek[0])
3336 <<
" EK Last byte: " << static_cast<int32_t>(ek[eklen - 1])
3339 OT_ASSERT(nReadKey == static_cast<uint32_t>(eklen));
3349 if (!bFoundKeyAlready) {
3353 const bool bNymIDMatches =
3354 strNymID.Compare(loopStrNymID);
3356 if ((ii == (array_size - 1)) ||
3371 if (!(loopStrNymID.Exists() &&
3375 bFoundKeyAlready =
true;
3377 theRawEncryptedKey.Assign(static_cast<void*>(ek),
3378 static_cast<uint32_t>(eklen));
3390 if (!bFoundKeyAlready)
3393 otOut << __FUNCTION__
3394 <<
": Sorry: Unable to find a session key for the Nym attempting "
3395 "to open this envelope: " << strNymID <<
"\n";
3403 const uint32_t max_iv_length =
3410 uint32_t iv_size_n = 0;
3411 uint32_t nReadIVSize = 0;
3413 if (0 == (nReadIVSize = dataInput.OTfread(
3414 reinterpret_cast<uint8_t*>(&iv_size_n),
3415 static_cast<uint32_t>(
sizeof(iv_size_n))))) {
3417 <<
": Error reading IV Size for encrypted symmetric keys.\n";
3420 nRunningTotal += nReadIVSize;
3421 OT_ASSERT(nReadIVSize == static_cast<uint32_t>(
sizeof(iv_size_n)));
3425 const uint32_t iv_size_host_order = ntohl(static_cast<uint32_t>(iv_size_n));
3427 if (iv_size_host_order > max_iv_length) {
3428 const int64_t l1 = iv_size_host_order, l2 = max_iv_length;
3429 otErr << __FUNCTION__ <<
": Error: iv_size (" << l1
3430 <<
") is larger than max_iv_length (" << l2 <<
").\n";
3435 <<
": IV size: " <<
static_cast<int64_t
>(iv_size_host_order)
3440 if (0 == (nReadIV = dataInput.OTfread(
3441 reinterpret_cast<uint8_t*>(iv),
3442 static_cast<uint32_t>(iv_size_host_order)))) {
3443 otErr << szFunc <<
": Error reading initialization vector.\n";
3447 nRunningTotal += nReadIV;
3448 OT_ASSERT(nReadIV == static_cast<uint32_t>(iv_size_host_order));
3451 <<
": IV First byte: " <<
static_cast<int32_t
>(iv[0])
3452 <<
" IV Last byte: "
3453 << static_cast<int32_t>(iv[iv_size_host_order - 1]) <<
"\n";
3468 OTData ciphertext(static_cast<const void*>(
3469 static_cast<const uint8_t*>(dataInput.GetPointer()) +
3471 dataInput.GetSize() - nRunningTotal);
3474 const EVP_CIPHER* cipher_type = EVP_aes_128_cbc();
3500 static_cast<const uint8_t*>(theRawEncryptedKey.GetPayloadPointer()),
3501 static_cast<int32_t>(theRawEncryptedKey.GetSize()),
3502 static_cast<const uint8_t*>(iv), private_key)) {
3510 otErr << szFunc <<
": EVP_OpenInit: failed.\n";
3521 (len = ciphertext.OTfread(reinterpret_cast<uint8_t*>(buffer),
3522 static_cast<uint32_t>(
sizeof(buffer))))) {
3523 if (!EVP_OpenUpdate(&ctx, buffer_out, &len_out, buffer,
3524 static_cast<int32_t>(len))) {
3525 otErr << szFunc <<
": EVP_OpenUpdate: failed.\n";
3528 else if (len_out > 0)
3529 plaintext.Concatenate(reinterpret_cast<void*>(buffer_out),
3530 static_cast<uint32_t>(len_out));
3535 if (!EVP_OpenFinal(&ctx, buffer_out, &len_out)) {
3536 otErr << szFunc <<
": EVP_OpenFinal: failed.\n";
3539 else if (len_out > 0) {
3541 plaintext.Concatenate(reinterpret_cast<void*>(buffer_out),
3542 static_cast<uint32_t>(len_out));
3553 plaintext.GetSize() - 1;
3556 (
static_cast<uint8_t*
>(
const_cast<void*
>(plaintext.GetPointer())))[nIndex] =
3568 const bool bSetMem = theOutput.MemSet(
3569 static_cast<const char*>(plaintext.GetPointer()), plaintext.GetSize());
3572 otLog5 << __FUNCTION__ <<
": Output:\n" << theOutput <<
"\n\n";
3574 otErr << __FUNCTION__ <<
": Error: Failed while trying to memset from "
3575 "plaintext OTData to output OTString.\n";
static EXPORT uint32_t SymmetricIvSize()
OTLOG_IMPORT OTLogStream otOut
OTLOG_IMPORT OTLogStream otErr
OTLOG_IMPORT OTLogStream otLog5