1 commit f16f247d30f868e84f31e24792b4464488f1c009
2 Author: Peter Wu <peter@lekensteyn.nl>
3 Date: Tue May 2 15:53:38 2017 +0200
5 vfdecrypt: OpenSSL 1.1 compatibility
7 Allocate contexts from the heap on all OpenSSL versions, this is needed
8 since OpenSSL 1.1.0. No attempt is done at addressing issues like global
9 variables and fixing potential memleaks on error paths.
11 Compile-tested only with OpenSSL 1.1.0e (Arch Linux) and OpenSSL 1.0.2g
12 (Ubuntu 16.04), I have no test file.
14 Fixes https://github.com/Lekensteyn/dmg2img/issues/4
16 diff --git a/vfdecrypt.c b/vfdecrypt.c
17 index 56d3530..b1a36d3 100644
20 @@ -183,7 +183,7 @@ void adjust_v2_header_byteorder(cencrypted_v2_pwheader *pwhdr) {
21 pwhdr->encrypted_keyblob_size = htonl(pwhdr->encrypted_keyblob_size);
24 -HMAC_CTX hmacsha1_ctx;
25 +HMAC_CTX *hmacsha1_ctx;
26 AES_KEY aes_decrypt_key;
27 int CHUNK_SIZE=4096; // default
29 @@ -196,9 +196,9 @@ void compute_iv(uint32_t chunk_no, uint8_t *iv) {
32 chunk_no = OSSwapHostToBigInt32(chunk_no);
33 - HMAC_Init_ex(&hmacsha1_ctx, NULL, 0, NULL, NULL);
34 - HMAC_Update(&hmacsha1_ctx, (void *) &chunk_no, sizeof(uint32_t));
35 - HMAC_Final(&hmacsha1_ctx, mdResult, &mdLen);
36 + HMAC_Init_ex(hmacsha1_ctx, NULL, 0, NULL, NULL);
37 + HMAC_Update(hmacsha1_ctx, (void *) &chunk_no, sizeof(uint32_t));
38 + HMAC_Final(hmacsha1_ctx, mdResult, &mdLen);
39 memcpy(iv, mdResult, CIPHER_BLOCKSIZE);
42 @@ -212,52 +212,75 @@ void decrypt_chunk(uint8_t *ctext, uint8_t *ptext, uint32_t chunk_no) {
43 /* DES3-EDE unwrap operation loosely based on to RFC 2630, section 12.6
44 * wrapped_key has to be 40 bytes in length. */
45 int apple_des3_ede_unwrap_key(uint8_t *wrapped_key, int wrapped_key_len, uint8_t *decryptKey, uint8_t *unwrapped_key) {
47 + EVP_CIPHER_CTX *ctx;
48 uint8_t *TEMP1, *TEMP2, *CEKICV;
49 uint8_t IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
50 int outlen, tmplen, i;
52 - EVP_CIPHER_CTX_init(&ctx);
53 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
54 + ctx = EVP_CIPHER_CTX_new();
56 + ctx = malloc(sizeof(*ctx));
59 + fprintf(stderr, "Out of memory: EVP_CIPHER_CTX!\n");
63 + EVP_CIPHER_CTX_init(ctx);
64 /* result of the decryption operation shouldn't be bigger than ciphertext */
65 TEMP1 = malloc(wrapped_key_len);
66 TEMP2 = malloc(wrapped_key_len);
67 CEKICV = malloc(wrapped_key_len);
68 /* uses PKCS#7 padding for symmetric key operations by default */
69 - EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
70 + EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV);
72 - if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) {
73 + if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) {
74 fprintf(stderr, "internal error (1) during key unwrap operation!\n");
77 - if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) {
78 + if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) {
79 fprintf(stderr, "internal error (2) during key unwrap operation!\n");
83 - EVP_CIPHER_CTX_cleanup(&ctx);
84 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
85 + EVP_CIPHER_CTX_reset(ctx);
87 + EVP_CIPHER_CTX_cleanup(ctx);
90 /* reverse order of TEMP3 */
91 for(i = 0; i < outlen; i++) TEMP2[i] = TEMP1[outlen - i - 1];
93 - EVP_CIPHER_CTX_init(&ctx);
94 + EVP_CIPHER_CTX_init(ctx);
95 /* uses PKCS#7 padding for symmetric key operations by default */
96 - EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);
97 - if(!EVP_DecryptUpdate(&ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) {
98 + EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2);
99 + if(!EVP_DecryptUpdate(ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) {
100 fprintf(stderr, "internal error (3) during key unwrap operation!\n");
103 - if(!EVP_DecryptFinal_ex(&ctx, CEKICV + outlen, &tmplen)) {
104 + if(!EVP_DecryptFinal_ex(ctx, CEKICV + outlen, &tmplen)) {
105 fprintf(stderr, "internal error (4) during key unwrap operation!\n");
110 - EVP_CIPHER_CTX_cleanup(&ctx);
111 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
112 + EVP_CIPHER_CTX_reset(ctx);
114 + EVP_CIPHER_CTX_cleanup(ctx);
117 memcpy(unwrapped_key, CEKICV+4, outlen-4);
121 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
122 + EVP_CIPHER_CTX_free(ctx);
129 @@ -279,31 +302,46 @@ int unwrap_v1_header(char *passphrase, cencrypted_v1_header *header, uint8_t *ae
130 int unwrap_v2_header(char *passphrase, cencrypted_v2_pwheader *header, uint8_t *aes_key, uint8_t *hmacsha1_key) {
131 /* derived key is a 3DES-EDE key */
132 uint8_t derived_key[192/8];
133 - EVP_CIPHER_CTX ctx;
134 + EVP_CIPHER_CTX *ctx;
138 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
139 + ctx = EVP_CIPHER_CTX_new();
141 + ctx = malloc(sizeof(*ctx));
144 + fprintf(stderr, "Out of memory: EVP_CIPHER_CTX!\n");
148 PKCS5_PBKDF2_HMAC_SHA1(passphrase, strlen(passphrase), (unsigned char*)header->kdf_salt, 20,
149 PBKDF2_ITERATION_COUNT, sizeof(derived_key), derived_key);
151 print_hex(derived_key, 192/8);
153 - EVP_CIPHER_CTX_init(&ctx);
154 + EVP_CIPHER_CTX_init(ctx);
155 /* result of the decryption operation shouldn't be bigger than ciphertext */
156 TEMP1 = malloc(header->encrypted_keyblob_size);
157 /* uses PKCS#7 padding for symmetric key operations by default */
158 - EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv);
159 + EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv);
161 - if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) {
162 + if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) {
163 fprintf(stderr, "internal error (1) during key unwrap operation!\n");
166 - if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) {
167 + if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) {
168 fprintf(stderr, "internal error (2) during key unwrap operation!\n");
172 - EVP_CIPHER_CTX_cleanup(&ctx);
173 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
174 + EVP_CIPHER_CTX_free(ctx);
176 + EVP_CIPHER_CTX_cleanup(ctx);
179 memcpy(aes_key, TEMP1, 16);
180 memcpy(hmacsha1_key, TEMP1, 20);
182 @@ -446,8 +484,21 @@ int main(int argc, char *argv[]) {
183 CHUNK_SIZE = v2header.blocksize;
186 - HMAC_CTX_init(&hmacsha1_ctx);
187 - HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL);
188 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
189 + hmacsha1_ctx = HMAC_CTX_new();
191 + hmacsha1_ctx = malloc(sizeof(*hmacsha1_ctx));
193 + if (!hmacsha1_ctx) {
194 + fprintf(stderr, "Out of memory: HMAC CTX!\n");
197 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
198 + HMAC_CTX_reset(hmacsha1_ctx);
200 + HMAC_CTX_init(hmacsha1_ctx);
202 + HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL);
203 AES_set_decrypt_key(aes_key, CIPHER_KEY_LENGTH * 8, &aes_decrypt_key);
206 @@ -472,5 +523,11 @@ int main(int argc, char *argv[]) {
209 if (verbose) fprintf(stderr, "%"PRIX32" chunks written\n", chunk_no);
210 +#if OPENSSL_VERSION_NUMBER >= 0x10100000L
211 + HMAC_CTX_free(hmacsha1_ctx);
213 + HMAC_CTX_cleanup(hmacsha1_ctx);
214 + free(hmacsha1_ctx);