<feat>(core): Introduce aes implementation of openssl.

3 files changed, 174 insertions, 0 deletions

diff --git a/src/core/CMakeLists.txt b/src/core/CMakeLists.txt
index f0032917..373927d1 100644
--- a/src/core/CMakeLists.txt
+++ b/src/core/CMakeLists.txt
@@ -27,6 +27,7 @@
 aux_source_directory(./result_analyse GPG_SOURCE)
 aux_source_directory(./function GPG_SOURCE)
 aux_source_directory(./model GPG_SOURCE)
+aux_source_directory(./aes GPG_SOURCE)
 aux_source_directory(. GPG_SOURCE)
 
 add_library(gpgfrontend_core STATIC ${GPG_SOURCE})
diff --git a/src/core/aes/aes_ssl.h b/src/core/aes/aes_ssl.h
new file mode 100644
index 00000000..b5f0820f
--- /dev/null
+++ b/src/core/aes/aes_ssl.h
@@ -0,0 +1,74 @@
+/**
+ * Copyright (C) 2021 Saturneric
+ *
+ * This file is part of GpgFrontend.
+ *
+ * GpgFrontend is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GpgFrontend is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GpgFrontend. If not, see <https://www.gnu.org/licenses/>.
+ *
+ * The initial version of the source code is inherited from
+ * the gpg4usb project, which is under GPL-3.0-or-later.
+ *
+ * All the source code of GpgFrontend was modified and released by
+ * Saturneric<[email protected]> starting on May 12, 2021.
+ *
+ * SPDX-License-Identifier: GPL-3.0-or-later
+ *
+ */
+
+#ifndef GPGFRONTEND_AES_SSL_H
+#define GPGFRONTEND_AES_SSL_H
+
+#include "GpgFrontend.h"
+
+#include <openssl/aes.h>
+#include <openssl/evp.h>
+
+namespace GpgFrontend::RawAPI {
+
+/**
+ * @brief
+ *
+ * @param key_data
+ * @param key_data_len
+ * @param salt
+ * @param e_ctx
+ * @param d_ctx
+ * @return int
+ */
+int aes_256_cbc_init(uint8_t *key_data, int key_data_len, uint8_t *salt,
+                     EVP_CIPHER_CTX *e_ctx, EVP_CIPHER_CTX *d_ctx);
+
+/**
+ * @brief
+ *
+ * @param e
+ * @param plaintext
+ * @param len
+ * @return uint8_t*
+ */
+uint8_t *aes_256_cbc_encrypt(EVP_CIPHER_CTX *e, uint8_t *plaintext, int *len);
+
+/**
+ * @brief
+ *
+ * @param e
+ * @param ciphertext
+ * @param len
+ * @return uint8_t*
+ */
+uint8_t *aes_256_cbc_decrypt(EVP_CIPHER_CTX *e, uint8_t *ciphertext, int *len);
+
+} // namespace GpgFrontend::RawAPI
+
+#endif // GPGFRONTEND_AES_SSL_H
diff --git a/src/core/aes/aes_ssl_cbc.cpp b/src/core/aes/aes_ssl_cbc.cpp
new file mode 100644
index 00000000..95ae0ce2
--- /dev/null
+++ b/src/core/aes/aes_ssl_cbc.cpp
@@ -0,0 +1,99 @@
+/**
+ * AES encryption/decryption demo program using OpenSSL EVP apis
+ * gcc -Wall openssl_aes.c -lcrypto
+ * this is public domain code.
+ * Saju Pillai ([email protected])
+ **/
+
+#include "aes_ssl.h"
+
+namespace GpgFrontend::RawAPI {
+
+/**
+ * @brief Create a 256 bit key and IV using the supplied key_data. salt can be
+ * added for taste. Fills in the encryption and decryption ctx objects and
+ * returns 0 on success
+ *
+ * @param key_data
+ * @param key_data_len
+ * @param salt
+ * @param e_ctx
+ * @param d_ctx
+ * @return int
+ */
+int aes_256_cbc_init(uint8_t *key_data, int key_data_len, uint8_t *salt,
+                     EVP_CIPHER_CTX *e_ctx, EVP_CIPHER_CTX *d_ctx) {
+  int i, nrounds = 5;
+  uint8_t key[32], iv[32];
+
+  /*
+   * Gen key & IV for AES 256 CBC mode. A SHA1 digest is used to hash the
+   * supplied key material. nrounds is the number of times the we hash the
+   * material. More rounds are more secure but slower.
+   */
+  i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), salt, key_data,
+                     key_data_len, nrounds, key, iv);
+  if (i != 32) {
+    printf("Key size is %d bits - should be 256 bits\n", i);
+    return -1;
+  }
+
+  EVP_CIPHER_CTX_init(e_ctx);
+  EVP_EncryptInit_ex(e_ctx, EVP_aes_256_cbc(), NULL, key, iv);
+  EVP_CIPHER_CTX_init(d_ctx);
+  EVP_DecryptInit_ex(d_ctx, EVP_aes_256_cbc(), NULL, key, iv);
+
+  return 0;
+}
+
+/**
+ * @brief  Encrypt *len bytes of data All data going in & out is considered
+ * binary (uint8_t[])
+ *
+ * @param e
+ * @param plaintext
+ * @param len
+ * @return uint8_t*
+ */
+uint8_t *aes_256_cbc_encrypt(EVP_CIPHER_CTX *e, uint8_t *plaintext, int *len) {
+  /* max ciphertext len for a n bytes of plaintext is n + AES_BLOCK_SIZE -1
+   * bytes */
+  int c_len = *len + AES_BLOCK_SIZE, f_len = 0;
+  auto *ciphertext = (uint8_t *)malloc(c_len);
+
+  /* allows reusing of 'e' for multiple encryption cycles */
+  EVP_EncryptInit_ex(e, nullptr, nullptr, nullptr, nullptr);
+
+  /* update ciphertext, c_len is filled with the length of ciphertext generated,
+   *len is the size of plaintext in bytes */
+  EVP_EncryptUpdate(e, ciphertext, &c_len, plaintext, *len);
+
+  /* update ciphertext with the final remaining bytes */
+  EVP_EncryptFinal_ex(e, ciphertext + c_len, &f_len);
+
+  *len = c_len + f_len;
+  return ciphertext;
+}
+
+/**
+ * @brief Decrypt *len bytes of ciphertext
+ *
+ * @param e
+ * @param ciphertext
+ * @param len
+ * @return uint8_t*
+ */
+uint8_t *aes_256_cbc_decrypt(EVP_CIPHER_CTX *e, uint8_t *ciphertext, int *len) {
+  /* plaintext will always be equal to or lesser than length of ciphertext*/
+  int p_len = *len, f_len = 0;
+  auto *plaintext = (uint8_t *)malloc(p_len);
+
+  EVP_DecryptInit_ex(e, nullptr, nullptr, nullptr, nullptr);
+  EVP_DecryptUpdate(e, plaintext, &p_len, ciphertext, *len);
+  EVP_DecryptFinal_ex(e, plaintext + p_len, &f_len);
+
+  *len = p_len + f_len;
+  return plaintext;
+}
+
+} // namespace GpgFrontend::RawAPI
\ No newline at end of file