132
134
int CryptoAES::encrypt(bufferptr& secret, const bufferlist& in, bufferlist& out)
134
136
const unsigned char *key = (const unsigned char *)secret.c_str();
135
int in_len = in.length();
136
137
const unsigned char *in_buf;
137
int max_out = (in_len + AES_BLOCK_SIZE) & ~(AES_BLOCK_SIZE -1);
140
#define OUT_BUF_EXTRA 128
141
unsigned char outbuf[max_out + OUT_BUF_EXTRA];
143
139
if (secret.length() < AES_KEY_LEN) {
144
140
derr(0) << "key is too short" << dendl;
149
EVP_CIPHER_CTX_init(&ctx);
150
EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, aes_iv);
144
CryptoPP::AES::Encryption aesEncryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
145
CryptoPP::CBC_Mode_ExternalCipher::Encryption cbcEncryption( aesEncryption, aes_iv );
146
CryptoPP::StringSink *sink = new CryptoPP::StringSink(ciphertext);
149
CryptoPP::StreamTransformationFilter stfEncryptor(cbcEncryption, sink);
153
151
for (std::list<bufferptr>::const_iterator it = in.buffers().begin();
154
152
it != in.buffers().end(); it++) {
155
outlen = max_out - total_out;
156
153
in_buf = (const unsigned char *)it->c_str();
157
if (!EVP_EncryptUpdate(&ctx, &outbuf[total_out], &outlen, in_buf, it->length()))
161
if (!EVP_EncryptFinal_ex(&ctx, outbuf + total_out, &outlen))
165
out.append((const char *)outbuf, total_out);
168
EVP_CIPHER_CTX_cleanup(&ctx);
155
stfEncryptor.Put(in_buf, it->length());
158
stfEncryptor.MessageEnd();
159
} catch (CryptoPP::Exception& e) {
160
dout(0) << "encryptor.MessageEnd::Exception: " << e.GetWhat() << dendl;
163
out.append((const char *)ciphertext.c_str(), ciphertext.length());
172
168
int CryptoAES::decrypt(bufferptr& secret, const bufferlist& in, bufferlist& out)
174
170
const unsigned char *key = (const unsigned char *)secret.c_str();
176
int in_len = in.length();
178
int total_dec_len = 0;
180
unsigned char dec_data[in_len];
183
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
184
EVP_CIPHER_CTX_init(ctx);
186
int res = EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, aes_iv);
188
for (std::list<bufferptr>::const_iterator it = in.buffers().begin();
172
CryptoPP::AES::Decryption aesDecryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
173
CryptoPP::CBC_Mode_ExternalCipher::Decryption cbcDecryption( aesDecryption, aes_iv );
175
string decryptedtext;
176
CryptoPP::StringSink *sink = new CryptoPP::StringSink(decryptedtext);
179
CryptoPP::StreamTransformationFilter stfDecryptor(cbcDecryption, sink);
180
for (std::list<bufferptr>::const_iterator it = in.buffers().begin();
189
181
it != in.buffers().end(); it++) {
190
182
const unsigned char *in_buf = (const unsigned char *)it->c_str();
191
res = EVP_DecryptUpdate(ctx, &dec_data[total_dec_len],
192
&dec_len, in_buf, it->length());
193
total_dec_len += dec_len;
196
dout(0) << "EVP_DecryptUpdate error" << dendl;
201
dout(0) << "EVP_DecryptInit_ex error" << dendl;
206
EVP_DecryptFinal_ex(ctx,
207
&dec_data[total_dec_len],
210
total_dec_len += dec_len;
211
out.append((const char *)dec_data, total_dec_len);
214
EVP_CIPHER_CTX_free(ctx);
183
stfDecryptor.Put(in_buf, it->length());
187
stfDecryptor.MessageEnd();
188
} catch (CryptoPP::Exception& e) {
189
dout(0) << "decryptor.MessageEnd::Exception: " << e.GetWhat() << dendl;
193
out.append((const char *)decryptedtext.c_str(), decryptedtext.length());
194
return decryptedtext.length();