From 1fc4168b81f565feab409b92ccb61c57a1c550eb Mon Sep 17 00:00:00 2001 From: DLL125 <134442578+DLL125@users.noreply.github.com> Date: Thu, 25 May 2023 12:52:53 +0200 Subject: Update Libzip to latest 1.9.2 (#1071) * Libzip 1.9.2 Updated Libzip to latest version 1.9.2 and changed version number in the config.h from 1.7.3 to 1.9.2. Not sure if anything else needs to be tweaked :) * Modified Libzip to work with Visual studio * Update README.md Update libzip copyright. * Added the missing files. I've added the missing files zipconf.h and config.h, I've missed those sorry for that! --- src/Common/libzip/zip_crypto_mbedtls.c | 162 +++++++++++++++++++++++++++++++++ 1 file changed, 162 insertions(+) create mode 100644 src/Common/libzip/zip_crypto_mbedtls.c (limited to 'src/Common/libzip/zip_crypto_mbedtls.c') diff --git a/src/Common/libzip/zip_crypto_mbedtls.c b/src/Common/libzip/zip_crypto_mbedtls.c new file mode 100644 index 00000000..95ac8990 --- /dev/null +++ b/src/Common/libzip/zip_crypto_mbedtls.c @@ -0,0 +1,162 @@ +/* + zip_crypto_mbedtls.c -- mbed TLS wrapper + Copyright (C) 2018-2021 Dieter Baron and Thomas Klausner + + This file is part of libzip, a library to manipulate ZIP archives. + The authors can be contacted at + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + 3. The names of the authors may not be used to endorse or promote + products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS + OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY + DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include + +#include "zipint.h" + +#include "zip_crypto.h" + +#include +#include +#include + +#include + +_zip_crypto_aes_t * +_zip_crypto_aes_new(const zip_uint8_t *key, zip_uint16_t key_size, zip_error_t *error) { + _zip_crypto_aes_t *aes; + + if ((aes = (_zip_crypto_aes_t *)malloc(sizeof(*aes))) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } + + mbedtls_aes_init(aes); + mbedtls_aes_setkey_enc(aes, (const unsigned char *)key, (unsigned int)key_size); + + return aes; +} + +void +_zip_crypto_aes_free(_zip_crypto_aes_t *aes) { + if (aes == NULL) { + return; + } + + mbedtls_aes_free(aes); + free(aes); +} + + +_zip_crypto_hmac_t * +_zip_crypto_hmac_new(const zip_uint8_t *secret, zip_uint64_t secret_length, zip_error_t *error) { + _zip_crypto_hmac_t *hmac; + + if (secret_length > INT_MAX) { + zip_error_set(error, ZIP_ER_INVAL, 0); + return NULL; + } + + if ((hmac = (_zip_crypto_hmac_t *)malloc(sizeof(*hmac))) == NULL) { + zip_error_set(error, ZIP_ER_MEMORY, 0); + return NULL; + } + + mbedtls_md_init(hmac); + + if (mbedtls_md_setup(hmac, mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), 1) != 0) { + zip_error_set(error, ZIP_ER_INTERNAL, 0); + free(hmac); + return NULL; + } + + if (mbedtls_md_hmac_starts(hmac, (const unsigned char *)secret, (size_t)secret_length) != 0) { + zip_error_set(error, ZIP_ER_INTERNAL, 0); + free(hmac); + return NULL; + } + + return hmac; +} + + +void +_zip_crypto_hmac_free(_zip_crypto_hmac_t *hmac) { + if (hmac == NULL) { + return; + } + + mbedtls_md_free(hmac); + free(hmac); +} + + +bool +_zip_crypto_pbkdf2(const zip_uint8_t *key, zip_uint64_t key_length, const zip_uint8_t *salt, zip_uint16_t salt_length, int iterations, zip_uint8_t *output, zip_uint64_t output_length) { + mbedtls_md_context_t sha1_ctx; + bool ok = true; + + mbedtls_md_init(&sha1_ctx); + + if (mbedtls_md_setup(&sha1_ctx, mbedtls_md_info_from_type(MBEDTLS_MD_SHA1), 1) != 0) { + ok = false; + } + + if (ok && mbedtls_pkcs5_pbkdf2_hmac(&sha1_ctx, (const unsigned char *)key, (size_t)key_length, (const unsigned char *)salt, (size_t)salt_length, (unsigned int)iterations, (uint32_t)output_length, (unsigned char *)output) != 0) { + ok = false; + } + + mbedtls_md_free(&sha1_ctx); + return ok; +} + + +typedef struct { + mbedtls_entropy_context entropy; + mbedtls_ctr_drbg_context ctr_drbg; +} zip_random_context_t; + +ZIP_EXTERN bool +zip_secure_random(zip_uint8_t *buffer, zip_uint16_t length) { + static zip_random_context_t *ctx = NULL; + const unsigned char *pers = "zip_crypto_mbedtls"; + + if (!ctx) { + ctx = (zip_random_context_t *)malloc(sizeof(zip_random_context_t)); + if (!ctx) { + return false; + } + mbedtls_entropy_init(&ctx->entropy); + mbedtls_ctr_drbg_init(&ctx->ctr_drbg); + if (mbedtls_ctr_drbg_seed(&ctx->ctr_drbg, mbedtls_entropy_func, &ctx->entropy, pers, strlen(pers)) != 0) { + mbedtls_ctr_drbg_free(&ctx->ctr_drbg); + mbedtls_entropy_free(&ctx->entropy); + free(ctx); + ctx = NULL; + return false; + } + } + + return mbedtls_ctr_drbg_random(&ctx->ctr_drbg, (unsigned char *)buffer, (size_t)length) == 0; +} -- cgit v1.2.3