Slightly improved key derivation function + allow to read passphrase from environment.

This commit is contained in:
LoRd_MuldeR 2020-10-16 17:37:04 +02:00
parent dcd7153973
commit 3683d2c450
Signed by: mulder
GPG Key ID: 2B5913365F57E03F
4 changed files with 128 additions and 73 deletions

View File

@ -16,6 +16,7 @@
#include <signal.h> #include <signal.h>
#define BUFF_SIZE 4096U #define BUFF_SIZE 4096U
static const CHR *const ENVV_PASSWD_NAME = T("MCRYPT_PASSWD");
static volatile int g_interrupted = 0; static volatile int g_interrupted = 0;
static char* read_passphrase(const CHR* const file_name) static char* read_passphrase(const CHR* const file_name)
@ -112,32 +113,34 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
goto clean_up; goto clean_up;
} }
FPUTS(T("Encrypting file contents, please be patient... "), stderr);
uint64_t seed; uint64_t seed;
if (mcrypt_generate_seed(&seed) != 0) if (mcrypt_generate_seed(&seed) != MCRYPT_SUCCESS)
{ {
FPUTS(T("MCrypt error: Failed to generate seed!\n\n"), stderr); FPUTS(T("\n\nMCrypt error: Failed to generate seed!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
if (fwrite(&seed, sizeof(uint64_t), 1U, file_out) < 1U) if (fwrite(&seed, sizeof(uint64_t), 1U, file_out) < 1U)
{ {
FPUTS(T("I/O error: Failed to write seed value!\n\n"), stderr); FPUTS(T("\n\nI/O error: Failed to write seed value!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
ctx = mcrypt_alloc(seed, passphrase); ctx = mcrypt_alloc(seed, (const uint8_t*)passphrase, strlen(passphrase));
if (!ctx) if (!ctx)
{ {
FPUTS(T("MCrypt error: Failed to initialize encryption!\n\n"), stderr); FPUTS(T("\n\nMCrypt error: Failed to initialize encryption!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
FPRINTF(stderr, T("Encrypting file contents, please be patient... %5.1f%%"), 0.0);
clock_t clk_now, clk_update = clock(); clock_t clk_now, clk_update = clock();
uint64_t crc_actual = CRC_INITIALIZER, bytes_read = sizeof(uint64_t); uint64_t crc_actual = CRC_INITIALIZER, bytes_read = sizeof(uint64_t);
uint8_t buffer[BUFF_SIZE]; uint8_t buffer[BUFF_SIZE];
FPRINTF(stderr, T("%5.1f%% "), 0.0);
while (bytes_read < file_size) while (bytes_read < file_size)
{ {
const uint64_t bytes_remaining = file_size - bytes_read; const uint64_t bytes_remaining = file_size - bytes_read;
@ -147,7 +150,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
{ {
crc_actual = crc64_update(crc_actual, buffer, count); crc_actual = crc64_update(crc_actual, buffer, count);
bytes_read += count; bytes_read += count;
if (mcrypt_encrypt_inplace(ctx, buffer, count) != 0) if (mcrypt_encrypt_inplace(ctx, buffer, count) != MCRYPT_SUCCESS)
{ {
FPUTS(T("\n\nMCrypt error: Failed to encrypt data!\n\n"), stderr); FPUTS(T("\n\nMCrypt error: Failed to encrypt data!\n\n"), stderr);
goto clean_up; goto clean_up;
@ -164,7 +167,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
} }
if ((clk_now = clock()) - clk_update > CLOCKS_PER_SEC) if ((clk_now = clock()) - clk_update > CLOCKS_PER_SEC)
{ {
FPRINTF(stderr, T("\b\b\b\b\b\b%5.1f%%"), (bytes_read / ((double)file_size)) * 100.0); FPRINTF(stderr, T("\b\b\b\b\b\b\b%5.1f%% "), (bytes_read / ((double)file_size)) * 100.0);
fflush(stderr); fflush(stderr);
clk_update = clk_now; clk_update = clk_now;
} }
@ -244,27 +247,29 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
goto clean_up; goto clean_up;
} }
FPUTS(T("Decrypting file contents, please be patient... "), stderr);
uint64_t seed; uint64_t seed;
if (fread(&seed, sizeof(uint64_t), 1U, file_in) < 1U) if (fread(&seed, sizeof(uint64_t), 1U, file_in) < 1U)
{ {
FPUTS(T("I/O error: Failed to read seed value!\n\n"), stderr); FPUTS(T("\n\nI/O error: Failed to read seed value!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
ctx = mcrypt_alloc(seed, passphrase); ctx = mcrypt_alloc(seed, (const uint8_t*)passphrase, strlen(passphrase));
if (!ctx) if (!ctx)
{ {
FPUTS(T("MCrypt error: Failed to initialize decryption!\n\n"), stderr); FPUTS(T("\n\nMCrypt error: Failed to initialize decryption!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
FPRINTF(stderr, T("Decrypting file contents, please be patient... %5.1f%%"), 0.0);
clock_t clk_now, clk_update = clock(); clock_t clk_now, clk_update = clock();
uint64_t crc_actual = CRC_INITIALIZER, bytes_read = sizeof(uint64_t); uint64_t crc_actual = CRC_INITIALIZER, bytes_read = sizeof(uint64_t);
uint8_t buffer[BUFF_SIZE]; uint8_t buffer[BUFF_SIZE];
const uint64_t read_limit = file_size - sizeof(uint64_t); const uint64_t read_limit = file_size - sizeof(uint64_t);
FPRINTF(stderr, T("%5.1f%% "), 0.0);
while (bytes_read < read_limit) while (bytes_read < read_limit)
{ {
const uint64_t bytes_remaining = read_limit - bytes_read; const uint64_t bytes_remaining = read_limit - bytes_read;
@ -273,7 +278,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
if (count > 0U) if (count > 0U)
{ {
bytes_read += count; bytes_read += count;
if (mcrypt_decrypt_inplace(ctx, buffer, count) != 0) if (mcrypt_decrypt_inplace(ctx, buffer, count) != MCRYPT_SUCCESS)
{ {
FPUTS(T("\n\nMCrypt error: Failed to decrypt data!\n\n"), stderr); FPUTS(T("\n\nMCrypt error: Failed to decrypt data!\n\n"), stderr);
goto clean_up; goto clean_up;
@ -291,7 +296,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
} }
if ((clk_now = clock()) - clk_update > CLOCKS_PER_SEC) if ((clk_now = clock()) - clk_update > CLOCKS_PER_SEC)
{ {
FPRINTF(stderr, T("\b\b\b\b\b\b%5.1f%%"), (bytes_read / ((double)read_limit)) * 100.0); FPRINTF(stderr, T("\b\b\b\b\b\b\b%5.1f%% "), (bytes_read / ((double)read_limit)) * 100.0);
fflush(stderr); fflush(stderr);
clk_update = clk_now; clk_update = clk_now;
} }
@ -358,14 +363,14 @@ clean_up:
static int run_test(const char *const message) static int run_test(const char *const message)
{ {
static const char* const passphrase = "OrpheanBeh0lderScryDoubt!"; static const char* const passphrase = "OrpheanBeh0lderScry!Doubt";
const size_t length = strlen(message) + 1U; const size_t length = strlen(message) + 1U;
int result = 1; int result = 1;
mcrypt_t ctx = MCRYPT_NULL; mcrypt_t ctx = MCRYPT_NULL;
uint64_t seed; uint64_t seed;
if (mcrypt_generate_seed(&seed) != 0) if (mcrypt_generate_seed(&seed) != MCRYPT_SUCCESS)
{ {
FPUTS(T("\n\nWhoops: Failed to generate seed!\n\n"), stderr); FPUTS(T("\n\nWhoops: Failed to generate seed!\n\n"), stderr);
return 1; return 1;
@ -378,14 +383,14 @@ static int run_test(const char *const message)
goto clean_up; goto clean_up;
} }
ctx = mcrypt_alloc(seed, passphrase); ctx = mcrypt_alloc(seed, (const uint8_t*)passphrase, strlen(passphrase));
if (!ctx) if (!ctx)
{ {
FPUTS(T("\n\nnWhoops: Failed to initialize encoder!\n\n"), stderr); FPUTS(T("\n\nnWhoops: Failed to initialize encoder!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
if (mcrypt_encrypt_inplace(ctx, (uint8_t*)text_temp, length) != 0) if (mcrypt_encrypt_inplace(ctx, (uint8_t*)text_temp, length) != MCRYPT_SUCCESS)
{ {
FPUTS(T("\n\nWhoops: Failed to encrypt the message!\n\n"), stderr); FPUTS(T("\n\nWhoops: Failed to encrypt the message!\n\n"), stderr);
goto clean_up; goto clean_up;
@ -397,13 +402,13 @@ static int run_test(const char *const message)
goto clean_up; goto clean_up;
} }
if (mcrypt_reset(ctx, seed, passphrase) != 0) if (mcrypt_reset(ctx, seed, (const uint8_t*)passphrase, strlen(passphrase)) != MCRYPT_SUCCESS)
{ {
FPUTS(T("\n\nWhoops: Failed to initialize decoder!\n\n"), stderr); FPUTS(T("\n\nWhoops: Failed to initialize decoder!\n\n"), stderr);
goto clean_up; goto clean_up;
} }
if (mcrypt_decrypt_inplace(ctx, (uint8_t*)text_temp, length) != 0) if (mcrypt_decrypt_inplace(ctx, (uint8_t*)text_temp, length) != MCRYPT_SUCCESS)
{ {
FPUTS(T("\n\nWhoops: Failed to decrypt the message!\n\n"), stderr); FPUTS(T("\n\nWhoops: Failed to decrypt the message!\n\n"), stderr);
goto clean_up; goto clean_up;
@ -450,6 +455,11 @@ static int self_test(void)
{ {
return 1; return 1;
} }
if (g_interrupted)
{
FPUTS(T("\n\nProcess interrupted!\n\n"), stderr);
return 1;
}
} }
} }
@ -480,15 +490,20 @@ int MAIN(int argc, CHR* argv[])
if ((!STRICMP(argv[1U], T("-h"))) || (!STRICMP(argv[1U], T("/?"))) || (!STRICMP(argv[1U], T("--help")))) if ((!STRICMP(argv[1U], T("-h"))) || (!STRICMP(argv[1U], T("/?"))) || (!STRICMP(argv[1U], T("--help"))))
{ {
const CHR* const program = get_file_name(argv[0U]); const CHR* const program = get_file_name(argv[0U]);
FPUTS(T("--------------------------------------------------------------------\n"), stderr); FPUTS(T("====================================================================\n"), stderr);
FPUTS(T("This software has been released under the CC0 1.0 Universal license:\n"), stderr); FPUTS(T("This software has been released under the CC0 1.0 Universal license:\n"), stderr);
FPUTS(T("https://creativecommons.org/publicdomain/zero/1.0/legalcode\n"), stderr); FPUTS(T("https://creativecommons.org/publicdomain/zero/1.0/legalcode\n"), stderr);
FPUTS(T("--------------------------------------------------------------------\n\n"), stderr); FPUTS(T("====================================================================\n\n"), stderr);
FPUTS(T("Usage:\n"), stderr); FPUTS(T("Usage:\n"), stderr);
FPRINTF(stderr, T(" %") T(PRISTR) T(" --encrypt [@]<passphrase> <input.txt> <output.enc>\n"), program); FPRINTF(stderr, T(" %") T(PRISTR) T(" --encrypt [[@][:]<passphrase>] <input.txt> <output.enc>\n"), program);
FPRINTF(stderr, T(" %") T(PRISTR) T(" --decrypt [@]<passphrase> <input.enc> <output.txt>\n\n"), program); FPRINTF(stderr, T(" %") T(PRISTR) T(" --decrypt [[@][:]<passphrase>] <input.enc> <output.txt>\n\n"), program);
FPUTS(T("Note: If <passphrase> is prefixed with an '@' symbol, then it specifies the\n"), stderr); FPUTS(T("Notes:\n"), stderr);
FPUTS(T("file to read the passphrase from. Only the first line in that file is used!\n\n"), stderr); FPUTS(T("- If <passphrase> is prefixed with a '@' character, then it specifies the file\n"), stderr);
FPUTS(T(" to read the passphrase from; only the first line in that file is used!\n"), stderr);
FPUTS(T("- If <passphrase> is prefixed with a ':' character, then the leading character\n"), stderr);
FPUTS(T(" is skipped and the remainder of the argument is used as passphrase.\n"), stderr);
FPUTS(T("- If the argument <passphrase> is *not* present, then the environment variable\n"), stderr);
FPRINTF(stderr, T(" \"%") T(PRISTR) T("\" must be set and it specifies the passphrase to be used.\n\n"), ENVV_PASSWD_NAME);
return 0; return 0;
} }
if ((!STRICMP(argv[1U], T("-t"))) || (!STRICMP(argv[1U], T("--self-test")))) if ((!STRICMP(argv[1U], T("-t"))) || (!STRICMP(argv[1U], T("--self-test"))))
@ -497,18 +512,23 @@ int MAIN(int argc, CHR* argv[])
} }
} }
if (argc < 5) if (argc < 4)
{ {
const CHR* const program = get_file_name(argv[0U]); const CHR* const program = get_file_name(argv[0U]);
FPRINTF(stderr, T("Error: Nothing to do. Please type '%") T(PRISTR) T(" --help' for details!\n\n"), program); FPRINTF(stderr, T("Error: Nothing to do. Please type '%") T(PRISTR) T(" --help' for details!\n\n"), program);
return 1; return 1;
} }
else if (argc > 5)
const CHR *const command = argv[1U], *const passphrase = argv[2U], *const input_file = argv[3U], *const output_file = argv[4U];
if ((!passphrase[0U]) || ((passphrase[0U] == T('@')) && (!passphrase[1U])))
{ {
FPUTS(T("Error: The passphrase or passphrase file must not be empty!\n\n"), stderr); FPUTS(T("Warning: Excess command-line argument is ignored!\n\n"), stderr);
}
const CHR *const command = argv[1U], *const passphrase = (argc > 4) ? argv[2U] : GETENV(ENVV_PASSWD_NAME);
const CHR *const input_file = argv[(argc > 4) ? 3U : 2U], *const output_file = argv[(argc > 4) ? 4U : 3U];
if ((!passphrase) || (!passphrase[0U]) || (((passphrase[0U] == T('@')) || (passphrase[0U] == T(':'))) && (!passphrase[1U])))
{
FPUTS(T("Error: The passphrase (file name) must not be empty!\n\n"), stderr);
return 1; return 1;
} }
@ -518,7 +538,7 @@ int MAIN(int argc, CHR* argv[])
return 1; return 1;
} }
char *const passphrase_buffer = (passphrase[0U] == T('@')) ? read_passphrase(passphrase + 1U) : CHR_to_utf8(passphrase); char *const passphrase_buffer = (passphrase[0U] == T('@')) ? read_passphrase(passphrase + 1U) : CHR_to_utf8((passphrase[0U] == T(':')) ? (passphrase + 1U) : passphrase);
if (!passphrase_buffer) if (!passphrase_buffer)
{ {
FPUTS(T("Error: Failed to read the passphrase file!\n\n"), stderr); FPUTS(T("Error: Failed to read the passphrase file!\n\n"), stderr);

View File

@ -53,6 +53,7 @@
#define MAIN wmain #define MAIN wmain
#define CHR wchar_t #define CHR wchar_t
#define _T(X) L##X #define _T(X) L##X
#define GETENV(X) _wgetenv((X))
#define STRLEN(X) wcslen((X)) #define STRLEN(X) wcslen((X))
#define STRICMP(X,Y) _wcsicmp((X),(Y)) #define STRICMP(X,Y) _wcsicmp((X),(Y))
#define STRRCHR(X,Y) wcsrchr((X),(Y)) #define STRRCHR(X,Y) wcsrchr((X),(Y))
@ -72,6 +73,7 @@
#define MAIN main #define MAIN main
#define CHR char #define CHR char
#define _T(X) X #define _T(X) X
#define GETENV(X) getenv((X))
#define STRLEN(X) strlen((X)) #define STRLEN(X) strlen((X))
#define STRICMP(X,Y) strcasecmp((X),(Y)) #define STRICMP(X,Y) strcasecmp((X),(Y))
#define STRRCHR(X,Y) strrchr((X),(Y)) #define STRRCHR(X,Y) strrchr((X),(Y))

View File

@ -16,7 +16,13 @@ extern const char* const LIBMCRYPT_BUILDNO;
* Opaque handle to internal state * Opaque handle to internal state
*/ */
typedef uintptr_t mcrypt_t; typedef uintptr_t mcrypt_t;
/*
* Constants
*/
#define MCRYPT_NULL ((mcrypt_t)NULL) #define MCRYPT_NULL ((mcrypt_t)NULL)
#define MCRYPT_SUCCESS 0
#define MCRYPT_FAILURE (-1)
/* /*
* Seed generator * Seed generator
@ -26,8 +32,8 @@ int mcrypt_generate_seed(uint64_t* const seed);
/* /*
* Allocate, reset or free state * Allocate, reset or free state
*/ */
mcrypt_t mcrypt_alloc(const uint64_t salt, const char* const passphrase); mcrypt_t mcrypt_alloc(const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len);
int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const char* const passphrase); int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len);
void mcrypt_free(const mcrypt_t context); void mcrypt_free(const mcrypt_t context);
/* /*

View File

@ -23,6 +23,12 @@
const char* const LIBMCRYPT_VERSION = "1.0.0"; const char* const LIBMCRYPT_VERSION = "1.0.0";
const char* const LIBMCRYPT_BUILDNO = __DATE__", "__TIME__; const char* const LIBMCRYPT_BUILDNO = __DATE__", "__TIME__;
typedef struct
{
uint64_t a, b;
}
key_t;
typedef struct typedef struct
{ {
uint8_t wheel_fwd[256U][256U]; uint8_t wheel_fwd[256U][256U];
@ -46,7 +52,7 @@ rand_state_t;
// Hash function // Hash function
// ========================================================================== // ==========================================================================
static void hash_update(uint64_t* const h, const uint8_t* const data, const size_t data_len) static FORCE_INLINE void hash_update(uint64_t *const h, const uint8_t* const data, const size_t data_len)
{ {
for (size_t i = 0U; i < data_len; ++i) for (size_t i = 0U; i < data_len; ++i)
{ {
@ -64,13 +70,32 @@ static uint64_t hash_code(const uint64_t salt, const uint16_t pepper, const uint
return h; return h;
} }
// ==========================================================================
// Key derivation
// ==========================================================================
static FORCE_INLINE uint64_t keygen_loop(uint64_t value, const uint16_t pepper, const uint8_t* const passwd, const size_t passwd_len)
{
for (size_t i = 0U; i < 99971U; ++i)
{
value = hash_code(value, pepper, passwd, passwd_len);
}
return value;
}
static void generate_key(key_t *const key, const uint64_t salt, const uint16_t pepper, const uint8_t* const passwd, const size_t passwd_len)
{
key->a = keygen_loop(salt, pepper & 0x7FFF, passwd, passwd_len);
key->b = keygen_loop(salt, pepper | 0x8000, passwd, passwd_len);
}
// ========================================================================== // ==========================================================================
// PRNG // PRNG
// ========================================================================== // ==========================================================================
static void random_init(rand_state_t* const state, const uint64_t seed_0, const uint64_t seed_1) static void random_init(rand_state_t* const state, const uint64_t seed_0, const uint64_t seed_1)
{ {
state->counter = 0U; mcrypt_bzero(state, sizeof(rand_state_t));
state->a = (uint32_t)( seed_0 & 0xFFFFFFFF); state->a = (uint32_t)( seed_0 & 0xFFFFFFFF);
state->b = (uint32_t)((seed_0 >> 32) & 0xFFFFFFFF); state->b = (uint32_t)((seed_0 >> 32) & 0xFFFFFFFF);
state->c = (uint32_t)( seed_1 & 0xFFFFFFFF); state->c = (uint32_t)( seed_1 & 0xFFFFFFFF);
@ -91,28 +116,31 @@ static uint32_t random_next(rand_state_t* const state)
return t + (state->counter += 362437U); return t + (state->counter += 362437U);
} }
static void random_seed(rand_state_t* const state, const uint64_t salt, const uint16_t pepper, const uint8_t* const key, const size_t key_len) static void random_seed(rand_state_t* const state, const uint64_t salt, const uint16_t pepper, const uint8_t *const passwd, const size_t passwd_len)
{ {
const uint64_t hash_code_0 = hash_code(salt, pepper & 0x7FFF, key, key_len); key_t key;
const uint64_t hash_code_1 = hash_code(salt, pepper | 0x8000, key, key_len); generate_key(&key, salt, pepper, passwd, passwd_len);
random_init(state, hash_code_0, hash_code_1); random_init(state, key.a, key.b);
for (size_t i = 0U; i < 13U; ++i) for (size_t i = 0U; i < (salt % 97U) + 13U; ++i)
{ {
random_next(state); random_next(state);
} }
mcrypt_bzero(&key, sizeof(key_t));
} }
// ========================================================================== // ==========================================================================
// Initialization // Initialization
// ========================================================================== // ==========================================================================
static void initialize_state(crypt_state_t* const crypt_state, const uint64_t salt, const uint8_t* const key, const size_t key_len) static void initialize_state(crypt_state_t* const crypt_state, const uint64_t salt, const uint8_t* const passwd, const size_t passwd_len)
{ {
mcrypt_bzero(crypt_state, sizeof(crypt_state_t));
/* set up wheels and initial rotation */ /* set up wheels and initial rotation */
rand_state_t rand_state; rand_state_t rand_state;
for (size_t r = 0U; r < 256U; ++r) for (size_t r = 0U; r < 256U; ++r)
{ {
random_seed(&rand_state, salt, (uint16_t)r, key, key_len); random_seed(&rand_state, salt, (uint16_t)r, passwd, passwd_len);
crypt_state->rotation_bwd[0U][255U - r] = crypt_state->rotation_fwd[0U][r] = (uint8_t)random_next(&rand_state); crypt_state->rotation_bwd[0U][255U - r] = crypt_state->rotation_fwd[0U][r] = (uint8_t)random_next(&rand_state);
crypt_state->rotation_bwd[1U][255U - r] = crypt_state->rotation_fwd[1U][r] = 0U; crypt_state->rotation_bwd[1U][255U - r] = crypt_state->rotation_fwd[1U][r] = 0U;
for (size_t i = 0U; i < 256U; ++i) for (size_t i = 0U; i < 256U; ++i)
@ -132,7 +160,7 @@ static void initialize_state(crypt_state_t* const crypt_state, const uint64_t sa
} }
/* set up stepping */ /* set up stepping */
random_seed(&rand_state, salt, 0x0100, key, key_len); random_seed(&rand_state, salt, 256U, passwd, passwd_len);
for (size_t i = 0U; i < 256U; ++i) for (size_t i = 0U; i < 256U; ++i)
{ {
const size_t j = random_next(&rand_state) % (i + 1U); const size_t j = random_next(&rand_state) % (i + 1U);
@ -145,7 +173,6 @@ static void initialize_state(crypt_state_t* const crypt_state, const uint64_t sa
crypt_state->step_bwd[j] = (uint8_t)(255U - i); crypt_state->step_bwd[j] = (uint8_t)(255U - i);
} }
crypt_state->counter = 0U;
mcrypt_bzero(&rand_state, sizeof(rand_state_t)); mcrypt_bzero(&rand_state, sizeof(rand_state_t));
} }
@ -196,22 +223,22 @@ int mcrypt_generate_seed(uint64_t* const seed)
{ {
if (!seed) if (!seed)
{ {
return -1; return MCRYPT_FAILURE;
} }
do do
{ {
if (mcrypt_random_bytes((uint8_t*)seed, sizeof(uint64_t)) != 0) if (mcrypt_random_bytes((uint8_t*)seed, sizeof(uint64_t)) != 0)
{ {
return -1; return MCRYPT_FAILURE;
} }
} }
while (!(*seed)); while (!(*seed));
return 0; return MCRYPT_SUCCESS;
} }
mcrypt_t mcrypt_alloc(const uint64_t salt, const char* const passphrase) mcrypt_t mcrypt_alloc(const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len)
{ {
if (!passphrase) if ((!passwd) || (passwd_len < 1U))
{ {
return ((mcrypt_t)NULL); return ((mcrypt_t)NULL);
} }
@ -220,19 +247,19 @@ mcrypt_t mcrypt_alloc(const uint64_t salt, const char* const passphrase)
{ {
return ((mcrypt_t)NULL); return ((mcrypt_t)NULL);
} }
initialize_state(state, salt, (uint8_t*)passphrase, strlen(passphrase)); initialize_state(state, salt, passwd, passwd_len);
return ((mcrypt_t)state); return ((mcrypt_t)state);
} }
int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const char* const passphrase) int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len)
{ {
crypt_state_t* const state = (crypt_state_t*)context; crypt_state_t* const state = (crypt_state_t*)context;
if ((!state) || (!passphrase)) if ((!state) || (!passwd) || (passwd_len < 1U))
{ {
return -1; return MCRYPT_FAILURE;
} }
initialize_state(state, salt, (uint8_t*)passphrase, strlen(passphrase)); initialize_state(state, salt, passwd, passwd_len);
return 0; return MCRYPT_SUCCESS;
} }
int mcrypt_encrypt(const mcrypt_t context, const uint8_t* const input, uint8_t* const output, size_t length) int mcrypt_encrypt(const mcrypt_t context, const uint8_t* const input, uint8_t* const output, size_t length)
@ -240,13 +267,13 @@ int mcrypt_encrypt(const mcrypt_t context, const uint8_t* const input, uint8_t*
crypt_state_t* const state = (crypt_state_t*)context; crypt_state_t* const state = (crypt_state_t*)context;
if (!state) if (!state)
{ {
return -1; return MCRYPT_FAILURE;
} }
for (size_t i = 0; i < length; ++i) for (size_t i = 0; i < length; ++i)
{ {
output[i] = process_enc(state, input[i]); output[i] = process_enc(state, input[i]);
} }
return 0; return MCRYPT_SUCCESS;
} }
int mcrypt_encrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length) int mcrypt_encrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length)
@ -254,13 +281,13 @@ int mcrypt_encrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t
crypt_state_t* const state = (crypt_state_t*)context; crypt_state_t* const state = (crypt_state_t*)context;
if (!state) if (!state)
{ {
return -1; return MCRYPT_FAILURE;
} }
for (size_t i = 0; i < length; ++i) for (size_t i = 0; i < length; ++i)
{ {
buffer[i] = process_enc(state, buffer[i]); buffer[i] = process_enc(state, buffer[i]);
} }
return 0; return MCRYPT_SUCCESS;
} }
@ -269,13 +296,13 @@ int mcrypt_decrypt(const mcrypt_t context, const uint8_t* const input, uint8_t*
crypt_state_t* const state = (crypt_state_t*)context; crypt_state_t* const state = (crypt_state_t*)context;
if (!state) if (!state)
{ {
return -1; return MCRYPT_FAILURE;
} }
for (size_t i = 0; i < length; ++i) for (size_t i = 0; i < length; ++i)
{ {
output[i] = process_dec(state, input[i]); output[i] = process_dec(state, input[i]);
} }
return 0; return MCRYPT_SUCCESS;
} }
int mcrypt_decrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length) int mcrypt_decrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length)
@ -283,13 +310,13 @@ int mcrypt_decrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t
crypt_state_t* const state = (crypt_state_t*)context; crypt_state_t* const state = (crypt_state_t*)context;
if (!state) if (!state)
{ {
return -1; return MCRYPT_FAILURE;
} }
for (size_t i = 0; i < length; ++i) for (size_t i = 0; i < length; ++i)
{ {
buffer[i] = process_dec(state, buffer[i]); buffer[i] = process_dec(state, buffer[i]);
} }
return 0; return MCRYPT_SUCCESS;
} }
void mcrypt_free(const mcrypt_t context) void mcrypt_free(const mcrypt_t context)