Mercurial > vim
annotate src/crypt.c @ 24979:6ed6f1eef437
Added tag v8.2.3026 for changeset 2818b8108d92d1f819578b9573d4081043d60960
author | Bram Moolenaar <Bram@vim.org> |
---|---|
date | Sun, 20 Jun 2021 19:30:04 +0200 |
parents | 7e9e53a0368f |
children | fa31a0ea09e1 |
rev | line source |
---|---|
10042
4aead6a9b7a9
commit https://github.com/vim/vim/commit/edf3f97ae2af024708ebb4ac614227327033ca47
Christian Brabandt <cb@256bit.org>
parents:
7817
diff
changeset
|
1 /* vi:set ts=8 sts=4 sw=4 noet: |
6122 | 2 * |
3 * VIM - Vi IMproved by Bram Moolenaar | |
4 * | |
5 * Do ":help uganda" in Vim to read copying and usage conditions. | |
6 * Do ":help credits" in Vim to see a list of people who contributed. | |
7 * See README.txt for an overview of the Vim source code. | |
8 */ | |
9 | |
10 /* | |
11 * crypt.c: Generic encryption support. | |
12 */ | |
13 #include "vim.h" | |
14 | |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
15 #ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
16 # include <sodium.h> |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
17 #endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
18 |
6122 | 19 #if defined(FEAT_CRYPT) || defined(PROTO) |
20 /* | |
21 * Optional encryption support. | |
22 * Mohsin Ahmed, mosh@sasi.com, 1998-09-24 | |
23 * Based on zip/crypt sources. | |
24 * Refactored by David Leadbeater, 2014. | |
25 * | |
26 * NOTE FOR USA: Since 2000 exporting this code from the USA is allowed to | |
27 * most countries. There are a few exceptions, but that still should not be a | |
28 * problem since this code was originally created in Europe and India. | |
29 * | |
30 * Blowfish addition originally made by Mohsin Ahmed, | |
31 * http://www.cs.albany.edu/~mosh 2010-03-14 | |
32 * Based on blowfish by Bruce Schneier (http://www.schneier.com/blowfish.html) | |
33 * and sha256 by Christophe Devine. | |
34 */ | |
35 | |
36 typedef struct { | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
37 char *name; // encryption name as used in 'cryptmethod' |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
38 char *magic; // magic bytes stored in file header |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
39 int salt_len; // length of salt, or 0 when not using salt |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
40 int seed_len; // length of seed, or 0 when not using seed |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
41 #ifdef CRYPT_NOT_INPLACE |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
42 int works_inplace; // encryption/decryption can be done in-place |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
43 #endif |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
44 int whole_undofile; // whole undo file is encrypted |
6122 | 45 |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
46 // Optional function pointer for a self-test. |
6122 | 47 int (* self_test_fn)(); |
48 | |
16378
3d6b282e2d6e
patch 8.1.1194: typos and small problems in source files
Bram Moolenaar <Bram@vim.org>
parents:
15967
diff
changeset
|
49 // Function pointer for initializing encryption/decryption. |
16429
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
50 int (* init_fn)(cryptstate_T *state, char_u *key, |
6122 | 51 char_u *salt, int salt_len, char_u *seed, int seed_len); |
52 | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
53 // Function pointers for encoding/decoding from one buffer into another. |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
54 // Optional, however, these or the _buffer ones should be configured. |
6122 | 55 void (*encode_fn)(cryptstate_T *state, char_u *from, size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
56 char_u *to, int last); |
6122 | 57 void (*decode_fn)(cryptstate_T *state, char_u *from, size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
58 char_u *to, int last); |
6122 | 59 |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
60 // Function pointers for encoding and decoding, can buffer data if needed. |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
61 // Optional (however, these or the above should be configured). |
6122 | 62 long (*encode_buffer_fn)(cryptstate_T *state, char_u *from, size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
63 char_u **newptr, int last); |
6122 | 64 long (*decode_buffer_fn)(cryptstate_T *state, char_u *from, size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
65 char_u **newptr, int last); |
6122 | 66 |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
67 // Function pointers for in-place encoding and decoding, used for |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
68 // crypt_*_inplace(). "from" and "to" arguments will be equal. |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
69 // These may be the same as decode_fn and encode_fn above, however an |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
70 // algorithm may implement them in a way that is not interchangeable with |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
71 // the crypt_(en|de)code() interface (for example because it wishes to add |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
72 // padding to files). |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
73 // This method is used for swap and undo files which have a rigid format. |
6122 | 74 void (*encode_inplace_fn)(cryptstate_T *state, char_u *p1, size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
75 char_u *p2, int last); |
6122 | 76 void (*decode_inplace_fn)(cryptstate_T *state, char_u *p1, size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
77 char_u *p2, int last); |
6122 | 78 } cryptmethod_T; |
79 | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
80 // index is method_nr of cryptstate_T, CRYPT_M_* |
6122 | 81 static cryptmethod_T cryptmethods[CRYPT_M_COUNT] = { |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
82 // PK_Zip; very weak |
6122 | 83 { |
84 "zip", | |
85 "VimCrypt~01!", | |
86 0, | |
87 0, | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
88 #ifdef CRYPT_NOT_INPLACE |
6122 | 89 TRUE, |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
90 #endif |
6122 | 91 FALSE, |
92 NULL, | |
93 crypt_zip_init, | |
94 crypt_zip_encode, crypt_zip_decode, | |
95 NULL, NULL, | |
96 crypt_zip_encode, crypt_zip_decode, | |
97 }, | |
98 | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
99 // Blowfish/CFB + SHA-256 custom key derivation; implementation issues. |
6122 | 100 { |
101 "blowfish", | |
102 "VimCrypt~02!", | |
103 8, | |
104 8, | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
105 #ifdef CRYPT_NOT_INPLACE |
6122 | 106 TRUE, |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
107 #endif |
6122 | 108 FALSE, |
109 blowfish_self_test, | |
110 crypt_blowfish_init, | |
111 crypt_blowfish_encode, crypt_blowfish_decode, | |
112 NULL, NULL, | |
113 crypt_blowfish_encode, crypt_blowfish_decode, | |
114 }, | |
115 | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
116 // Blowfish/CFB + SHA-256 custom key derivation; fixed. |
6122 | 117 { |
118 "blowfish2", | |
119 "VimCrypt~03!", | |
120 8, | |
121 8, | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
122 #ifdef CRYPT_NOT_INPLACE |
6122 | 123 TRUE, |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
124 #endif |
6122 | 125 TRUE, |
126 blowfish_self_test, | |
127 crypt_blowfish_init, | |
128 crypt_blowfish_encode, crypt_blowfish_decode, | |
129 NULL, NULL, | |
130 crypt_blowfish_encode, crypt_blowfish_decode, | |
131 }, | |
13244
ac42c4b11dbc
patch 8.0.1496: clearing a pointer takes two lines
Christian Brabandt <cb@256bit.org>
parents:
10042
diff
changeset
|
132 |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
133 // XChaCha20 using libsodium |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
134 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
135 "xchacha20", |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
136 "VimCrypt~04!", |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
137 #ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
138 crypto_pwhash_argon2id_SALTBYTES, // 16 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
139 #else |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
140 16, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
141 #endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
142 8, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
143 #ifdef CRYPT_NOT_INPLACE |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
144 FALSE, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
145 #endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
146 FALSE, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
147 NULL, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
148 crypt_sodium_init, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
149 crypt_sodium_encode, crypt_sodium_decode, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
150 crypt_sodium_buffer_encode, crypt_sodium_buffer_decode, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
151 crypt_sodium_encode, crypt_sodium_decode, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
152 }, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
153 |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
154 // NOTE: when adding a new method, use some random bytes for the magic key, |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
155 // to avoid that a text file is recognized as encrypted. |
6122 | 156 }; |
157 | |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
158 #ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
159 typedef struct { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
160 size_t count; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
161 unsigned char key[crypto_box_SEEDBYTES]; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
162 // 32, same as crypto_secretstream_xchacha20poly1305_KEYBYTES |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
163 crypto_secretstream_xchacha20poly1305_state |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
164 state; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
165 } sodium_state_T; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
166 #endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
167 |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
168 #define CRYPT_MAGIC_LEN 12 // cannot change |
6122 | 169 static char crypt_magic_head[] = "VimCrypt~"; |
170 | |
171 /* | |
172 * Return int value for crypt method name. | |
173 * 0 for "zip", the old method. Also for any non-valid value. | |
174 * 1 for "blowfish". | |
175 * 2 for "blowfish2". | |
176 */ | |
177 int | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
178 crypt_method_nr_from_name(char_u *name) |
6122 | 179 { |
180 int i; | |
181 | |
182 for (i = 0; i < CRYPT_M_COUNT; ++i) | |
183 if (STRCMP(name, cryptmethods[i].name) == 0) | |
184 return i; | |
185 return 0; | |
186 } | |
187 | |
188 /* | |
189 * Get the crypt method used for a file from "ptr[len]", the magic text at the | |
190 * start of the file. | |
191 * Returns -1 when no encryption used. | |
192 */ | |
193 int | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
194 crypt_method_nr_from_magic(char *ptr, int len) |
6122 | 195 { |
196 int i; | |
197 | |
198 if (len < CRYPT_MAGIC_LEN) | |
199 return -1; | |
200 | |
201 for (i = 0; i < CRYPT_M_COUNT; i++) | |
202 if (memcmp(ptr, cryptmethods[i].magic, CRYPT_MAGIC_LEN) == 0) | |
203 return i; | |
204 | |
205 i = (int)STRLEN(crypt_magic_head); | |
206 if (len >= i && memcmp(ptr, crypt_magic_head, i) == 0) | |
15470
55ccc2d353bd
patch 8.1.0743: giving error messages is not flexible
Bram Moolenaar <Bram@vim.org>
parents:
13244
diff
changeset
|
207 emsg(_("E821: File is encrypted with unknown method")); |
6122 | 208 |
209 return -1; | |
210 } | |
211 | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
212 #ifdef CRYPT_NOT_INPLACE |
6122 | 213 /* |
214 * Return TRUE if the crypt method for "method_nr" can be done in-place. | |
215 */ | |
216 int | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
217 crypt_works_inplace(cryptstate_T *state) |
6122 | 218 { |
219 return cryptmethods[state->method_nr].works_inplace; | |
220 } | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
221 #endif |
6122 | 222 |
223 /* | |
224 * Get the crypt method for buffer "buf" as a number. | |
225 */ | |
226 int | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
227 crypt_get_method_nr(buf_T *buf) |
6122 | 228 { |
229 return crypt_method_nr_from_name(*buf->b_p_cm == NUL ? p_cm : buf->b_p_cm); | |
230 } | |
231 | |
232 /* | |
233 * Return TRUE when the buffer uses an encryption method that encrypts the | |
234 * whole undo file, not only the text. | |
235 */ | |
236 int | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
237 crypt_whole_undofile(int method_nr) |
6122 | 238 { |
239 return cryptmethods[method_nr].whole_undofile; | |
240 } | |
241 | |
242 /* | |
18498
9e6d5a4abb1c
patch 8.1.2243: typos in comments
Bram Moolenaar <Bram@vim.org>
parents:
16825
diff
changeset
|
243 * Get crypt method specific length of the file header in bytes. |
6122 | 244 */ |
245 int | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
246 crypt_get_header_len(int method_nr) |
6122 | 247 { |
248 return CRYPT_MAGIC_LEN | |
249 + cryptmethods[method_nr].salt_len | |
250 + cryptmethods[method_nr].seed_len; | |
251 } | |
252 | |
253 /* | |
254 * Set the crypt method for buffer "buf" to "method_nr" using the int value as | |
255 * returned by crypt_method_nr_from_name(). | |
256 */ | |
257 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
258 crypt_set_cm_option(buf_T *buf, int method_nr) |
6122 | 259 { |
260 free_string_option(buf->b_p_cm); | |
261 buf->b_p_cm = vim_strsave((char_u *)cryptmethods[method_nr].name); | |
262 } | |
263 | |
264 /* | |
265 * If the crypt method for the current buffer has a self-test, run it and | |
266 * return OK/FAIL. | |
267 */ | |
268 int | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
269 crypt_self_test(void) |
6122 | 270 { |
271 int method_nr = crypt_get_method_nr(curbuf); | |
272 | |
273 if (cryptmethods[method_nr].self_test_fn == NULL) | |
274 return OK; | |
275 return cryptmethods[method_nr].self_test_fn(); | |
276 } | |
277 | |
278 /* | |
279 * Allocate a crypt state and initialize it. | |
16429
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
280 * Return NULL for failure. |
6122 | 281 */ |
282 cryptstate_T * | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
283 crypt_create( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
284 int method_nr, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
285 char_u *key, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
286 char_u *salt, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
287 int salt_len, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
288 char_u *seed, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
289 int seed_len) |
6122 | 290 { |
16825
ce04ebdf26b8
patch 8.1.1414: alloc() returning "char_u *" causes a lot of type casts
Bram Moolenaar <Bram@vim.org>
parents:
16782
diff
changeset
|
291 cryptstate_T *state = ALLOC_ONE(cryptstate_T); |
6122 | 292 |
16429
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
293 if (state == NULL) |
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
294 return state; |
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
295 |
6122 | 296 state->method_nr = method_nr; |
16429
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
297 if (cryptmethods[method_nr].init_fn( |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
298 state, key, salt, salt_len, seed, seed_len) == FAIL) |
16429
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
299 { |
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
300 vim_free(state); |
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
301 return NULL; |
a1229400434a
patch 8.1.1219: not checking for NULL return from alloc()
Bram Moolenaar <Bram@vim.org>
parents:
16378
diff
changeset
|
302 } |
6122 | 303 return state; |
304 } | |
305 | |
306 /* | |
307 * Allocate a crypt state from a file header and initialize it. | |
308 * Assumes that header contains at least the number of bytes that | |
309 * crypt_get_header_len() returns for "method_nr". | |
310 */ | |
311 cryptstate_T * | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
312 crypt_create_from_header( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
313 int method_nr, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
314 char_u *key, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
315 char_u *header) |
6122 | 316 { |
317 char_u *salt = NULL; | |
318 char_u *seed = NULL; | |
319 int salt_len = cryptmethods[method_nr].salt_len; | |
320 int seed_len = cryptmethods[method_nr].seed_len; | |
321 | |
322 if (salt_len > 0) | |
323 salt = header + CRYPT_MAGIC_LEN; | |
324 if (seed_len > 0) | |
325 seed = header + CRYPT_MAGIC_LEN + salt_len; | |
326 | |
327 return crypt_create(method_nr, key, salt, salt_len, seed, seed_len); | |
328 } | |
329 | |
330 /* | |
331 * Read the crypt method specific header data from "fp". | |
332 * Return an allocated cryptstate_T or NULL on error. | |
333 */ | |
334 cryptstate_T * | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
335 crypt_create_from_file(FILE *fp, char_u *key) |
6122 | 336 { |
337 int method_nr; | |
338 int header_len; | |
339 char magic_buffer[CRYPT_MAGIC_LEN]; | |
340 char_u *buffer; | |
341 cryptstate_T *state; | |
342 | |
343 if (fread(magic_buffer, CRYPT_MAGIC_LEN, 1, fp) != 1) | |
344 return NULL; | |
345 method_nr = crypt_method_nr_from_magic(magic_buffer, CRYPT_MAGIC_LEN); | |
346 if (method_nr < 0) | |
347 return NULL; | |
348 | |
349 header_len = crypt_get_header_len(method_nr); | |
350 if ((buffer = alloc(header_len)) == NULL) | |
351 return NULL; | |
352 mch_memmove(buffer, magic_buffer, CRYPT_MAGIC_LEN); | |
353 if (header_len > CRYPT_MAGIC_LEN | |
354 && fread(buffer + CRYPT_MAGIC_LEN, | |
355 header_len - CRYPT_MAGIC_LEN, 1, fp) != 1) | |
356 { | |
357 vim_free(buffer); | |
358 return NULL; | |
359 } | |
360 | |
361 state = crypt_create_from_header(method_nr, key, buffer); | |
362 vim_free(buffer); | |
363 return state; | |
364 } | |
365 | |
366 /* | |
367 * Allocate a cryptstate_T for writing and initialize it with "key". | |
368 * Allocates and fills in the header and stores it in "header", setting | |
369 * "header_len". The header may include salt and seed, depending on | |
370 * cryptmethod. Caller must free header. | |
371 * Returns the state or NULL on failure. | |
372 */ | |
373 cryptstate_T * | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
374 crypt_create_for_writing( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
375 int method_nr, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
376 char_u *key, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
377 char_u **header, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
378 int *header_len) |
6122 | 379 { |
380 int len = crypt_get_header_len(method_nr); | |
381 char_u *salt = NULL; | |
382 char_u *seed = NULL; | |
383 int salt_len = cryptmethods[method_nr].salt_len; | |
384 int seed_len = cryptmethods[method_nr].seed_len; | |
385 cryptstate_T *state; | |
386 | |
387 *header_len = len; | |
388 *header = alloc(len); | |
389 if (*header == NULL) | |
390 return NULL; | |
391 | |
392 mch_memmove(*header, cryptmethods[method_nr].magic, CRYPT_MAGIC_LEN); | |
393 if (salt_len > 0 || seed_len > 0) | |
394 { | |
395 if (salt_len > 0) | |
396 salt = *header + CRYPT_MAGIC_LEN; | |
397 if (seed_len > 0) | |
398 seed = *header + CRYPT_MAGIC_LEN + salt_len; | |
399 | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
400 // TODO: Should this be crypt method specific? (Probably not worth |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
401 // it). sha2_seed is pretty bad for large amounts of entropy, so make |
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
402 // that into something which is suitable for anything. |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
403 #ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
404 if (sodium_init() >= 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
405 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
406 randombytes_buf(salt, salt_len); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
407 randombytes_buf(seed, seed_len); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
408 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
409 else |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
410 #endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
411 sha2_seed(salt, salt_len, seed, seed_len); |
6122 | 412 } |
413 state = crypt_create(method_nr, key, salt, salt_len, seed, seed_len); | |
414 if (state == NULL) | |
13244
ac42c4b11dbc
patch 8.0.1496: clearing a pointer takes two lines
Christian Brabandt <cb@256bit.org>
parents:
10042
diff
changeset
|
415 VIM_CLEAR(*header); |
6122 | 416 return state; |
417 } | |
418 | |
419 /* | |
420 * Free the crypt state. | |
421 */ | |
422 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
423 crypt_free_state(cryptstate_T *state) |
6122 | 424 { |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
425 #ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
426 if (state->method_nr == CRYPT_M_SOD) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
427 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
428 sodium_memzero(state->method_state, sizeof(sodium_state_T)); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
429 sodium_free(state->method_state); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
430 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
431 else |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
432 #endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
433 vim_free(state->method_state); |
6122 | 434 vim_free(state); |
435 } | |
436 | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
437 #ifdef CRYPT_NOT_INPLACE |
6122 | 438 /* |
439 * Encode "from[len]" and store the result in a newly allocated buffer, which | |
440 * is stored in "newptr". | |
441 * Return number of bytes in "newptr", 0 for need more or -1 on error. | |
442 */ | |
443 long | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
444 crypt_encode_alloc( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
445 cryptstate_T *state, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
446 char_u *from, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
447 size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
448 char_u **newptr, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
449 int last) |
6122 | 450 { |
451 cryptmethod_T *method = &cryptmethods[state->method_nr]; | |
452 | |
453 if (method->encode_buffer_fn != NULL) | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
454 // Has buffer function, pass through. |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
455 return method->encode_buffer_fn(state, from, len, newptr, last); |
6122 | 456 if (len == 0) |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
457 // Not buffering, just return EOF. |
6132 | 458 return (long)len; |
6122 | 459 |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
460 *newptr = alloc(len + 50); |
6122 | 461 if (*newptr == NULL) |
462 return -1; | |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
463 method->encode_fn(state, from, len, *newptr, last); |
6132 | 464 return (long)len; |
6122 | 465 } |
466 | |
467 /* | |
468 * Decrypt "ptr[len]" and store the result in a newly allocated buffer, which | |
469 * is stored in "newptr". | |
470 * Return number of bytes in "newptr", 0 for need more or -1 on error. | |
471 */ | |
472 long | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
473 crypt_decode_alloc( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
474 cryptstate_T *state, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
475 char_u *ptr, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
476 long len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
477 char_u **newptr, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
478 int last) |
6122 | 479 { |
480 cryptmethod_T *method = &cryptmethods[state->method_nr]; | |
481 | |
482 if (method->decode_buffer_fn != NULL) | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
483 // Has buffer function, pass through. |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
484 return method->decode_buffer_fn(state, ptr, len, newptr, last); |
6122 | 485 |
486 if (len == 0) | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
487 // Not buffering, just return EOF. |
6122 | 488 return len; |
489 | |
490 *newptr = alloc(len); | |
491 if (*newptr == NULL) | |
492 return -1; | |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
493 method->decode_fn(state, ptr, len, *newptr, last); |
6122 | 494 return len; |
495 } | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
496 #endif |
6122 | 497 |
498 /* | |
499 * Encrypting "from[len]" into "to[len]". | |
500 */ | |
501 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
502 crypt_encode( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
503 cryptstate_T *state, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
504 char_u *from, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
505 size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
506 char_u *to, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
507 int last) |
6122 | 508 { |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
509 cryptmethods[state->method_nr].encode_fn(state, from, len, to, last); |
6122 | 510 } |
511 | |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
512 #if 0 // unused |
6122 | 513 /* |
514 * decrypting "from[len]" into "to[len]". | |
515 */ | |
516 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
517 crypt_decode( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
518 cryptstate_T *state, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
519 char_u *from, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
520 size_t len, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
521 char_u *to, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
522 int last) |
6122 | 523 { |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
524 cryptmethods[state->method_nr].decode_fn(state, from, len, to, last); |
6122 | 525 } |
15531
959cf4c63b18
patch 8.1.0773: not all crypt code is tested
Bram Moolenaar <Bram@vim.org>
parents:
15470
diff
changeset
|
526 #endif |
6122 | 527 |
528 /* | |
529 * Simple inplace encryption, modifies "buf[len]" in place. | |
530 */ | |
531 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
532 crypt_encode_inplace( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
533 cryptstate_T *state, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
534 char_u *buf, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
535 size_t len, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
536 int last) |
6122 | 537 { |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
538 cryptmethods[state->method_nr].encode_inplace_fn(state, buf, len, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
539 buf, last); |
6122 | 540 } |
541 | |
542 /* | |
543 * Simple inplace decryption, modifies "buf[len]" in place. | |
544 */ | |
545 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
546 crypt_decode_inplace( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
547 cryptstate_T *state, |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
548 char_u *buf, |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
549 size_t len, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
550 int last) |
6122 | 551 { |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
552 cryptmethods[state->method_nr].decode_inplace_fn(state, buf, len, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
553 buf, last); |
6122 | 554 } |
555 | |
556 /* | |
557 * Free an allocated crypt key. Clear the text to make sure it doesn't stay | |
558 * in memory anywhere. | |
559 */ | |
560 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
561 crypt_free_key(char_u *key) |
6122 | 562 { |
563 char_u *p; | |
564 | |
565 if (key != NULL) | |
566 { | |
567 for (p = key; *p != NUL; ++p) | |
568 *p = 0; | |
569 vim_free(key); | |
570 } | |
571 } | |
572 | |
573 /* | |
6353 | 574 * Check the crypt method and give a warning if it's outdated. |
575 */ | |
576 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
577 crypt_check_method(int method) |
6353 | 578 { |
579 if (method < CRYPT_M_BF2) | |
580 { | |
581 msg_scroll = TRUE; | |
15543
dd725a8ab112
patch 8.1.0779: argument for message functions is inconsistent
Bram Moolenaar <Bram@vim.org>
parents:
15531
diff
changeset
|
582 msg(_("Warning: Using a weak encryption method; see :help 'cm'")); |
6353 | 583 } |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
584 if (method == CRYPT_M_SOD) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
585 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
586 // encryption uses padding and MAC, that does not work very well with |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
587 // swap and undo files, so disable them |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
588 mf_close_file(curbuf, TRUE); // remove the swap file |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
589 set_option_value((char_u *)"swf", 0, NULL, OPT_LOCAL); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
590 #ifdef FEAT_PERSISTENT_UNDO |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
591 set_option_value((char_u *)"udf", 0, NULL, OPT_LOCAL); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
592 #endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
593 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
594 msg_scroll = TRUE; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
595 msg(_("Note: Encryption of swapfile not supported, disabling swap- and undofile")); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
596 } |
6353 | 597 } |
598 | |
599 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
600 crypt_check_current_method(void) |
6353 | 601 { |
602 crypt_check_method(crypt_get_method_nr(curbuf)); | |
603 } | |
604 | |
605 /* | |
6122 | 606 * Ask the user for a crypt key. |
607 * When "store" is TRUE, the new key is stored in the 'key' option, and the | |
608 * 'key' option value is returned: Don't free it. | |
609 * When "store" is FALSE, the typed key is returned in allocated memory. | |
610 * Returns NULL on failure. | |
611 */ | |
612 char_u * | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
613 crypt_get_key( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
614 int store, |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
615 int twice) // Ask for the key twice. |
6122 | 616 { |
617 char_u *p1, *p2 = NULL; | |
618 int round; | |
619 | |
620 for (round = 0; ; ++round) | |
621 { | |
622 cmdline_star = TRUE; | |
623 cmdline_row = msg_row; | |
624 p1 = getcmdline_prompt(NUL, round == 0 | |
625 ? (char_u *)_("Enter encryption key: ") | |
626 : (char_u *)_("Enter same key again: "), 0, EXPAND_NOTHING, | |
627 NULL); | |
628 cmdline_star = FALSE; | |
629 | |
630 if (p1 == NULL) | |
631 break; | |
632 | |
633 if (round == twice) | |
634 { | |
635 if (p2 != NULL && STRCMP(p1, p2) != 0) | |
636 { | |
15543
dd725a8ab112
patch 8.1.0779: argument for message functions is inconsistent
Bram Moolenaar <Bram@vim.org>
parents:
15531
diff
changeset
|
637 msg(_("Keys don't match!")); |
6122 | 638 crypt_free_key(p1); |
639 crypt_free_key(p2); | |
640 p2 = NULL; | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
641 round = -1; // do it again |
6122 | 642 continue; |
643 } | |
644 | |
645 if (store) | |
646 { | |
647 set_option_value((char_u *)"key", 0L, p1, OPT_LOCAL); | |
648 crypt_free_key(p1); | |
649 p1 = curbuf->b_p_key; | |
650 } | |
651 break; | |
652 } | |
653 p2 = p1; | |
654 } | |
655 | |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
656 // since the user typed this, no need to wait for return |
6122 | 657 if (msg_didout) |
658 msg_putchar('\n'); | |
659 need_wait_return = FALSE; | |
660 msg_didout = FALSE; | |
661 | |
662 crypt_free_key(p2); | |
663 return p1; | |
664 } | |
665 | |
666 | |
667 /* | |
668 * Append a message to IObuff for the encryption/decryption method being used. | |
669 */ | |
670 void | |
7817
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
671 crypt_append_msg( |
83861277e6a3
commit https://github.com/vim/vim/commit/7454a06e2642d2b37afad1c5e71cec68081ca4ff
Christian Brabandt <cb@256bit.org>
parents:
6353
diff
changeset
|
672 buf_T *buf) |
6122 | 673 { |
674 if (crypt_get_method_nr(buf) == 0) | |
675 STRCAT(IObuff, _("[crypted]")); | |
676 else | |
677 { | |
678 STRCAT(IObuff, "["); | |
679 STRCAT(IObuff, *buf->b_p_cm == NUL ? p_cm : buf->b_p_cm); | |
680 STRCAT(IObuff, "]"); | |
681 } | |
682 } | |
683 | |
24970
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
684 int |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
685 crypt_sodium_init( |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
686 cryptstate_T *state UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
687 char_u *key UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
688 char_u *salt UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
689 int salt_len UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
690 char_u *seed UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
691 int seed_len UNUSED) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
692 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
693 # ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
694 // crypto_box_SEEDBYTES == crypto_secretstream_xchacha20poly1305_KEYBYTES |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
695 unsigned char dkey[crypto_box_SEEDBYTES]; // 32 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
696 sodium_state_T *sd_state; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
697 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
698 if (sodium_init() < 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
699 return FAIL; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
700 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
701 sd_state = (sodium_state_T *)sodium_malloc(sizeof(sodium_state_T)); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
702 sodium_memzero(sd_state, sizeof(sodium_state_T)); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
703 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
704 // derive a key from the password |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
705 if (crypto_pwhash(dkey, sizeof(dkey), (const char *)key, STRLEN(key), salt, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
706 crypto_pwhash_OPSLIMIT_INTERACTIVE, crypto_pwhash_MEMLIMIT_INTERACTIVE, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
707 crypto_pwhash_ALG_DEFAULT) != 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
708 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
709 // out of memory |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
710 sodium_free(sd_state); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
711 return FAIL; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
712 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
713 memcpy(sd_state->key, dkey, crypto_box_SEEDBYTES); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
714 sd_state->count = 0; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
715 state->method_state = sd_state; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
716 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
717 return OK; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
718 # else |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
719 emsg(e_libsodium_not_built_in); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
720 return FAIL; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
721 # endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
722 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
723 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
724 /* |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
725 * Encrypt "from[len]" into "to[len]". |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
726 * "from" and "to" can be equal to encrypt in place. |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
727 * Call needs to ensure that there is enough space in to (for the header) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
728 */ |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
729 void |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
730 crypt_sodium_encode( |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
731 cryptstate_T *state UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
732 char_u *from UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
733 size_t len UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
734 char_u *to UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
735 int last UNUSED) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
736 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
737 # ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
738 // crypto_box_SEEDBYTES == crypto_secretstream_xchacha20poly1305_KEYBYTES |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
739 sodium_state_T *sod_st = state->method_state; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
740 unsigned char tag = last |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
741 ? crypto_secretstream_xchacha20poly1305_TAG_FINAL : 0; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
742 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
743 if (sod_st->count == 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
744 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
745 if (len <= crypto_secretstream_xchacha20poly1305_HEADERBYTES) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
746 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
747 emsg(e_libsodium_cannot_encrypt_header); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
748 return; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
749 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
750 crypto_secretstream_xchacha20poly1305_init_push(&sod_st->state, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
751 to, sod_st->key); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
752 to += crypto_secretstream_xchacha20poly1305_HEADERBYTES; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
753 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
754 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
755 if (sod_st->count && len <= crypto_secretstream_xchacha20poly1305_ABYTES) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
756 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
757 emsg(e_libsodium_cannot_encrypt_buffer); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
758 return; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
759 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
760 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
761 crypto_secretstream_xchacha20poly1305_push(&sod_st->state, to, NULL, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
762 from, len, NULL, 0, tag); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
763 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
764 sod_st->count++; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
765 # endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
766 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
767 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
768 /* TODO: Unused |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
769 * Decrypt "from[len]" into "to[len]". |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
770 * "from" and "to" can be equal to encrypt in place. |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
771 */ |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
772 void |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
773 crypt_sodium_decode( |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
774 cryptstate_T *state UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
775 char_u *from UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
776 size_t len UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
777 char_u *to UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
778 int last UNUSED) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
779 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
780 # ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
781 // crypto_box_SEEDBYTES == crypto_secretstream_xchacha20poly1305_KEYBYTES |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
782 sodium_state_T *sod_st = state->method_state; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
783 unsigned char tag; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
784 unsigned long long buf_len; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
785 char_u *p1 = from; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
786 char_u *p2 = to; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
787 char_u *buf_out; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
788 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
789 if (sod_st->count == 0 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
790 && len <= crypto_secretstream_xchacha20poly1305_HEADERBYTES) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
791 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
792 emsg(e_libsodium_cannot_decrypt_header); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
793 return; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
794 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
795 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
796 buf_out = (char_u *)alloc(len); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
797 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
798 if (buf_out == NULL) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
799 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
800 emsg(e_libsodium_cannot_allocate_buffer); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
801 return; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
802 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
803 if (sod_st->count == 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
804 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
805 if (crypto_secretstream_xchacha20poly1305_init_pull( |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
806 &sod_st->state, from, sod_st->key) != 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
807 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
808 emsg(e_libsodium_decryption_failed_header_incomplete); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
809 goto fail; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
810 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
811 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
812 from += crypto_secretstream_xchacha20poly1305_HEADERBYTES; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
813 len -= crypto_secretstream_xchacha20poly1305_HEADERBYTES; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
814 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
815 if (p1 == p2) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
816 to += crypto_secretstream_xchacha20poly1305_HEADERBYTES; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
817 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
818 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
819 if (sod_st->count && len <= crypto_secretstream_xchacha20poly1305_ABYTES) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
820 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
821 emsg(e_libsodium_cannot_decrypt_buffer); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
822 return; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
823 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
824 if (crypto_secretstream_xchacha20poly1305_pull(&sod_st->state, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
825 buf_out, &buf_len, &tag, from, len, NULL, 0) != 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
826 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
827 emsg(e_libsodium_decription_failed); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
828 goto fail; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
829 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
830 sod_st->count++; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
831 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
832 if (tag == crypto_secretstream_xchacha20poly1305_TAG_FINAL && !last) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
833 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
834 emsg(e_libsodium_decyption_failed_premature); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
835 goto fail; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
836 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
837 if (p1 == p2) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
838 mch_memmove(p2, buf_out, buf_len); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
839 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
840 fail: |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
841 vim_free(buf_out); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
842 # endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
843 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
844 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
845 /* |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
846 * Encrypt "from[len]" into "to[len]". |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
847 * "from" and "to" can be equal to encrypt in place. |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
848 */ |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
849 long |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
850 crypt_sodium_buffer_encode( |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
851 cryptstate_T *state UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
852 char_u *from UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
853 size_t len UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
854 char_u **buf_out UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
855 int last UNUSED) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
856 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
857 # ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
858 // crypto_box_SEEDBYTES == crypto_secretstream_xchacha20poly1305_KEYBYTES |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
859 unsigned long long out_len; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
860 char_u *ptr; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
861 unsigned char tag = last |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
862 ? crypto_secretstream_xchacha20poly1305_TAG_FINAL : 0; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
863 int length; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
864 sodium_state_T *sod_st = state->method_state; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
865 int first = (sod_st->count == 0); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
866 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
867 length = len + crypto_secretstream_xchacha20poly1305_ABYTES |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
868 + (first ? crypto_secretstream_xchacha20poly1305_HEADERBYTES : 0); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
869 *buf_out = alloc_clear(length); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
870 if (*buf_out == NULL) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
871 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
872 emsg(e_libsodium_cannot_allocate_buffer); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
873 return -1; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
874 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
875 ptr = *buf_out; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
876 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
877 if (first) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
878 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
879 crypto_secretstream_xchacha20poly1305_init_push(&sod_st->state, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
880 ptr, sod_st->key); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
881 ptr += crypto_secretstream_xchacha20poly1305_HEADERBYTES; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
882 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
883 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
884 crypto_secretstream_xchacha20poly1305_push(&sod_st->state, ptr, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
885 &out_len, from, len, NULL, 0, tag); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
886 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
887 sod_st->count++; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
888 return out_len + (first |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
889 ? crypto_secretstream_xchacha20poly1305_HEADERBYTES : 0); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
890 # else |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
891 return -1; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
892 # endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
893 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
894 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
895 /* |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
896 * Decrypt "from[len]" into "to[len]". |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
897 * "from" and "to" can be equal to encrypt in place. |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
898 */ |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
899 long |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
900 crypt_sodium_buffer_decode( |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
901 cryptstate_T *state UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
902 char_u *from UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
903 size_t len UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
904 char_u **buf_out UNUSED, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
905 int last UNUSED) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
906 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
907 # ifdef FEAT_SODIUM |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
908 // crypto_box_SEEDBYTES == crypto_secretstream_xchacha20poly1305_KEYBYTES |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
909 sodium_state_T *sod_st = state->method_state; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
910 unsigned char tag; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
911 unsigned long long out_len; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
912 *buf_out = alloc_clear(len); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
913 if (*buf_out == NULL) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
914 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
915 emsg(e_libsodium_cannot_allocate_buffer); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
916 return -1; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
917 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
918 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
919 if (sod_st->count == 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
920 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
921 if (crypto_secretstream_xchacha20poly1305_init_pull(&sod_st->state, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
922 from, sod_st->key) != 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
923 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
924 emsg(e_libsodium_decryption_failed_header_incomplete); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
925 return -1; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
926 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
927 from += crypto_secretstream_xchacha20poly1305_HEADERBYTES; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
928 len -= crypto_secretstream_xchacha20poly1305_HEADERBYTES; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
929 sod_st->count++; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
930 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
931 if (crypto_secretstream_xchacha20poly1305_pull(&sod_st->state, |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
932 *buf_out, &out_len, &tag, from, len, NULL, 0) != 0) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
933 { |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
934 emsg(e_libsodium_decription_failed); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
935 return -1; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
936 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
937 |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
938 if (tag == crypto_secretstream_xchacha20poly1305_TAG_FINAL && !last) |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
939 emsg(e_libsodium_decyption_failed_premature); |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
940 return (long) out_len; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
941 # else |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
942 return -1; |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
943 # endif |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
944 } |
7e9e53a0368f
patch 8.2.3022: available encryption methods are not strong enough
Bram Moolenaar <Bram@vim.org>
parents:
18757
diff
changeset
|
945 |
18757
c469e1930456
patch 8.1.2368: using old C style comments
Bram Moolenaar <Bram@vim.org>
parents:
18498
diff
changeset
|
946 #endif // FEAT_CRYPT |