001
/**
002
* Creator: WangBin, 2009-11-26
003
* For encrypt...
004
* I cant't verify those code, What the fuck 0f 3des, Make me always get the different result.Bad thing is the memory, should be careful of those free.
005
*
006
* Need To Notice: When you get the return NULL, means wrong; Remember free memory you get from the return.
007
* How To:
008
* 1.Four parameters: str1, ID, TimeStamp, 3DesKey.
009
3DesKey should be initialied as array,like "unsigned char key[24] ={0x2C, 0x7A, 0x0E, 0x98, 0xF1, 0xE0, 0x76, 0x49, 0x73, 0x15, 0xCD, 0x25, 0xE0, 0xB5, 0x43, 0xCB, 0x0E, 0x80, 0x76, 0x01, 0x7F, 0x23, 0x8A, 0x46};"(I needn't convert them). should not be a string!!
010
011
* Find some memory leaf, Be sure the proccess context is killed!
012
*/
013
014
#include <stdlib.h>
015
#include <string.h>
016
#include <stdio.h>
017
#include <XXX/base64.h>
018
#include <openssl/evp.h>
019
#include <openssl/sha.h>
020
#include <openssl/des.h>
021
#include "encrypt.h"
022
#define MAX_URL_LEN 2048
023
#define DES3_BYTE 8
024
#define DES3_PKCS7
025
026
typedef
unsigned
char
uchar;
027
028
uchar *sha1_encode(uchar *src)
029
{
030
SHA_CTX c;
031
uchar *dest = (uchar *)
malloc
((SHA_DIGEST_LENGTH + 1)*
sizeof
(uchar));
032
memset
(dest, 0, SHA_DIGEST_LENGTH + 1);
033
if
(!SHA1_Init(&c))
034
{
035
free
(dest);
036
return
NULL;
037
}
038
SHA1_Update(&c, src,
strlen
(src));
039
SHA1_Final(dest,&c);
040
OPENSSL_cleanse(&c,
sizeof
(c));
041
return
dest;
042
}
043
044
uchar *inter_string(uchar *s1, uchar *s2, uchar *s3)
045
{
046
uchar *dst, *tmp = NULL;
047
int
value;
048
size_t
len;
049
if
(s3 != NULL)
050
{
051
len =
strlen
(s1) +
strlen
(s2) +
strlen
(s3) + 2;
052
#ifdef DES3_PKCS7 //PKCS7補全法,情goolge.確保3DES加密時是8的倍數
053
value = DES3_BYTE - len%DES3_BYTE;
054
if
(value != 0)
055
{
056
tmp = (uchar *)
malloc
((value + 1)*
sizeof
(uchar));
057
memset
(tmp, value, value);
058
memset
(tmp + value, 0, 1);
059
}
060
#endif
061
len = (DES3_BYTE - len%DES3_BYTE) + len;
062
dst = (uchar *)
malloc
((len + 1)*
sizeof
(uchar));
063
memset
(dst, 0, len + 1);
064
strcpy
(dst, s1);
065
strcat
(dst,
"$"
);
066
strcat
(dst, s2);
067
strcat
(dst,
"$"
);
068
strcat
(dst, s3);
069
if
(tmp != NULL)
070
strcat
(dst, tmp);
071
free
(tmp);
//free a pointer to NULL..not a bad thing
072
}
073
else
074
{
075
len =
strlen
(s1) +
strlen
(s2) + 1;
076
len = (DES3_BYTE - len%DES3_BYTE) + len;
077
dst = (uchar *)
malloc
((len + 1)*
sizeof
(uchar));
078
memset
(dst, 0, len + 1);
079
strcpy
(dst, s1);
080
strcat
(dst,
"$"
);
081
strcat
(dst, s2);
082
}
083
fprintf
(stderr,
"inter_string = %s, //////line = %dn"
, dst, __LINE__);
084
return
dst;
085
}
086
087
int
des_encode(uchar *key, uchar *iv, uchar *in,
size_t
len, uchar **out,
int
enc)
088
{
089
int
ret, i, num;
090
uchar cbc_out[512];
091
uchar key1[8], key2[8], key3[8];
092
des_key_schedule ks,ks1,ks2;
093
des_cblock *iv3;
094
/************ugly to get key easily*****************/
095
memset
(key1, 0, 8);
096
memset
(key2, 0, 8);
097
memset
(key3, 0, 8);
098
memcpy
(key1, key, 8);
099
memcpy
(key2, key + 8, 8);
100
memcpy
(key3, key + 16, 8);
101
if
((ret = DES_set_key_checked((const_DES_cblock*)&key1, &ks)) != 0)
102
{
103
fprintf
(stderr,
"Key1 error %dn"
,ret);
104
return
-1;
105
}
106
if
((ret = DES_set_key_checked((const_DES_cblock*)&key2, &ks1)) != 0)
107
{
108
fprintf
(stderr,
"Key2 error %dn"
,ret);
109
return
-1;
110
}
111
if
((ret = DES_set_key_checked((const_DES_cblock*)&key3, &ks2)) != 0)
112
{
113
fprintf
(stderr,
"Key3 error %dn"
,ret);
114
return
-1;
115
}
116
iv3 = (des_cblock *)
malloc
(
strlen
(iv)*
sizeof
(uchar));
117
memset
(cbc_out,0,512);
118
memcpy
(iv3,iv,
strlen
(iv));
119
num = len/16;
120
des_ede3_cbc_encrypt(in,cbc_out,len,ks,ks1,ks2,iv3,enc);
//cbc算法
121
memcpy
(*out, cbc_out, len);
122
/*
123
for(i = 0; i < num; i++)
124
des_ede3_cbc_encrypt(&(in[16*i]),&(cbc_out[16*i]),16L,ks,ks1,ks2,iv3,enc);
125
des_ede3_cbc_encrypt(&(in[16*i]),&(cbc_out[16*i]),len - num*16,ks,ks1,ks2,iv3,enc); //16位加密
126
*/
127
for
(i=0 ; i < len ; i++)
128
printf
(
" %02x"
,cbc_out[i]);
129
printf
(
"n"
);
130
free
(iv3);
131
return
0;
132
}
133
/*======================================================================
134
I dont't know what about base64+sha1
135
we use the sha1-array or a new char * from the sha1-array
136
whatever I do the char charges with ugly code
137
=======================================================================*/
138
uchar *split_byte(uchar *src,
size_t
len)
139
{
140
int
i;
141
uchar tmp, tmp1;
142
uchar *dest = (uchar *)
malloc
((len + 1)*
sizeof
(uchar));
143
memset
(dest, 0, len + 1);
144
for
(i = 0; i < len/2; i++)
145
sprintf
(dest + i*2,
"%02x"
,src[i] & 0x000000ff);
146
fprintf
(stderr,
"function = %s, ////dest = %s, //////line = %dn"
, __FUNCTION__, dest, __LINE__);
147
}
148
149
uchar *encrypt_JST(uchar *ID, uchar *str1, uchar *TimeStamp, uchar * key, uchar *iv)
150
{
151
int
ret, i;
152
size_t
len;
153
uchar *sha1, *sha_str, *digest, *digest1, *encrypt;
154
uchar *des3, *src, *url_str, *url;
155
src = inter_string(str1, TimeStamp, NULL);
156
sha1 = sha1_encode(src);
157
if
(!sha1)
158
{
159
free
(src);
160
return
NULL;
161
}
162
len =
strlen
(sha1);
163
#ifdef CONVERT_T_STR
164
sha_str = split_byte(sha1, len*2);
165
ret = base64_encode_alloc(sha_str, len*2, &digest);
166
#else
167
ret = base64_encode_alloc(sha1, len, &digest);
168
#endif
169
if
(!ret)
170
{
171
free
(src);
172
free
(sha1);
173
#ifdef CONVERT_T_STR
174
free
(sha_str);
175
#endif
176
return
NULL;
177
encrypt = (uchar *)
malloc
(len*
sizeof
(uchar));
178
memset
(encrypt, 0, len);
179
if
(des_encode(key, iv, des3, len, &encrypt, DES_ENCRYPT))
180
{
181
free
(src);
182
free
(sha1);
183
#ifdef CONVERT_T_STR
184
free
(sha_str);
185
#endif
186
free
(des3);
187
free
(digest);
188
free
(encrypt);
189
return
NULL;
190
}
191
ret = base64_encode_alloc(encrypt, len, &digest1);
192
if
(!ret)
193
{
194
free
(src);
195
free
(sha1);
196
#ifdef CONVERT_T_STR
197
free
(sha_str);
198
#endif
199
free
(des3);
200
free
(digest);
201
free
(encrypt);
202
return
NULL;
203
}
204
fprintf
(stderr,
"digest1= %s, ////////line = %dn"
, digest1, __LINE__);
205
url_str = inter_string(ID, digest1, NULL);
206
207
url = (uchar *)
malloc
(MAX_URL_LEN *
sizeof
(uchar));
208
url_encode(url_str, url, MAX_URL_LEN - 1);
209
fprintf
(stderr,
"ur = %s, ///////line = %dn"
, url, __LINE__);
210
free
(src);
211
free
(sha1);
212
#ifdef CONVERT_T_STR
213
free
(sha_str);
214
#endif
215
free
(des3);
216
free
(digest);
217
free
(encrypt);
218
free
(digest1);
219
free
(url_str);
220
return
url;
221
}