Skip to content
Snippets Groups Projects
Unverified Commit 1b1df2c3 authored by Douglas Engels's avatar Douglas Engels
Browse files

Merge branch '232-smime-support' of...

Merge branch '232-smime-support' of git.imp.fu-berlin.de:enzevalos/enzevalos_iphone into 232-smime-support
parents 72851256 8e5e8f3d
Branches
Tags
2 merge requests!58Onboarding screens swift ui merge dev,!35Resolve "SMIME Support"
......@@ -86,13 +86,13 @@ P/2pLfs+mwbdVooDtfcfDSHuAP1d50EUHabXG97eRh+brncBjVo1gbGmzdI72XHL
let cryptoScheme = CryptoScheme.SMIME
func testSMIMEencrypt(){
let enc = OpenSSL_test_encrypt(test_string, test_key)
let enc = OpenSSL_encrypt(test_string, test_key)
if enc != nil{
let encStr = String(cString: enc!)
// the pointers point to memory allocatedi in c that needs to be manually dealocated
enc?.deallocate()
print("SIFT ENC DONE: ",encStr)
let dec = OpenSSL_test_decrypt(encStr,test_key)
print("SWIFT ENC DONE: ",encStr)
let dec = OpenSSL_decrypt(encStr,test_key)
if dec != nil{
let decStr = String(cString: dec!)
// same here
......@@ -108,9 +108,70 @@ P/2pLfs+mwbdVooDtfcfDSHuAP1d50EUHabXG97eRh+brncBjVo1gbGmzdI72XHL
{
print("Enc failed!")
}
let sig = OpenSSL_sign(test_string, test_key, 0)
if sig != nil{
let sigStr = String(cString: sig!)
// the pointers point to memory allocatedi in c that needs to be manually dealocated
sig?.deallocate()
print("\nSWIFT SIGN (attached): \n", sigStr)
}
else{
print("\n SWIFT SIGN1 failed")
}
let sig2 = OpenSSL_sign(test_string, test_key, 1)
if sig2 != nil{
let sigStr2 = String(cString: sig2!)
// the pointers point to memory allocatedi in c that needs to be manually dealocated
sig2?.deallocate()
print("SWIFT SIGN (dettached): \n", sigStr2)
}
else{
print("\n SWIFT SIGN2 failed")
}
}
func encrypt_with_pem(message: String,keyasPem: String) -> String?
{
let enc = OpenSSL_encrypt(message,keyasPem)
if enc != nil{
let encStr = String(cString: enc!)
// the pointers point to memory allocatedi in c that needs to be manually dealocated
enc?.deallocate()
return encStr
}
return nil
}
func decrypt_with_pem(message:String, keyasPem:String) -> String?
{
let dec = OpenSSL_decrypt(message,keyasPem)
if dec != nil{
let decStr = String(cString: dec!)
// same here
dec?.deallocate()
return decStr
}
return nil
}
func sign_with_pem(message:String, keyasPem:String, detached:Bool) -> String?
{
var detFlag : Int32 = 0
if detached
{
detFlag = 1
}
let sig = OpenSSL_sign(message,keyasPem, detFlag)
if sig != nil{
let sigStr = String(cString: sig!)
// same here
sig?.deallocate()
return sigStr
}
return nil
}
}
......@@ -52,7 +52,7 @@ int print_test(int a) {
return 0;
}
void * OpenSSL_test_encrypt(const char *text, const char *pem) {
char * OpenSSL_encrypt(const char *text, const char *pem) {
// https://github.com/openssl/openssl/blob/master/demos/cms/cms_enc.c
OpenSSL_initialize();
char *encrypted = NULL, *tmp=NULL;;
......@@ -123,7 +123,7 @@ deinit:
return (void*) encrypted;
}
char* OpenSSL_test_decrypt(const char *str, const char *pem) {
char* OpenSSL_decrypt(const char *str, const char *pem) {
OpenSSL_initialize();
char *decrypted = NULL, *tmp=NULL;
// https://github.com/openssl/openssl/blob/master/demos/cms/cms_dec.c
......@@ -132,7 +132,6 @@ char* OpenSSL_test_decrypt(const char *str, const char *pem) {
BIO *in = NULL, *out = NULL, *rec_cert_bio = NULL;
// recipient certificate
X509 *rec_cert = NULL;
STACK_OF(X509) *cert_stack = NULL;
CMS_ContentInfo *cms = NULL;
EVP_PKEY *rkey = NULL;
......@@ -160,9 +159,7 @@ char* OpenSSL_test_decrypt(const char *str, const char *pem) {
goto deinit;
}
cert_stack = sk_X509_new_null();
// note that if the stack is initialized correctly, the recipient certificate is pushed as a test
cms = SMIME_read_CMS(in, NULL);
if (!cms)
{
......@@ -195,3 +192,93 @@ deinit:
// CMS_ContentInfo_free(cms);
return decrypted;
}
char * OpenSSL_sign(const char *text, const char *pem, const int detached)
{
OpenSSL_initialize();
char *mail = NULL, *tmp=NULL;
BIO *in = NULL, *out = NULL, *sig_cert_bio = NULL;
// recipient certificate
X509 *sig_cert = NULL;
STACK_OF(X509) *cert_stack = NULL;
CMS_ContentInfo *cms = NULL;
EVP_PKEY *skey = NULL;
int flags = CMS_STREAM | CMS_PARTIAL;
if (detached) flags |= CMS_DETACHED;
// rec_cert_bio = BIO_new_file("keys/mykey.pem", "r");
in = BIO_new_mem_buf(text,(int) strlen(text)); // simpletest
sig_cert_bio = BIO_new_mem_buf(pem, (int) strlen(pem));
if (!sig_cert_bio) {
printf("Failed reading mykey.pem!\n");
goto deinit;
}
sig_cert = PEM_read_bio_X509(sig_cert_bio, NULL, 0, NULL);
if (!sig_cert ) {
printf("Failed reading pem cert\n");
goto deinit;
}
cert_stack = sk_X509_new_null();
// note that if the stack is initialized correctly, the recipient certificate is pushed as a test
if (!cert_stack || !sk_X509_push(cert_stack, sig_cert)) {
printf("Failed at push_stack");
goto deinit;
}
BIO_reset(sig_cert_bio);
skey = PEM_read_bio_PrivateKey(sig_cert_bio, NULL, 0, NULL);
if (!skey) {
printf("Failed reading pem key\n");
goto deinit;
}
cms = CMS_sign(NULL, NULL, NULL, in, flags);
if (!cms)
{
printf("Failed at signstart: %s", ERR_func_error_string(ERR_get_error()));
goto deinit;
}
if (!CMS_add1_signer(cms, sig_cert, skey, EVP_sha256(), flags))
{
printf("Failed at signaddsigner: %s", ERR_func_error_string(ERR_get_error()));
goto deinit;
}
out = BIO_new(BIO_s_mem());
if (!SMIME_write_CMS(out,cms,in,flags))
{
printf("Failed at SMIME_WRITE");
goto deinit;
}
// For testing
long size = BIO_get_mem_data(out, &tmp);
mail= (char *) malloc(size+1);
mail[size]=0;//To Nullterminate the string
memcpy(mail,tmp,size);
deinit:
BIO_free(in);
BIO_free(out); //also frees tmp
BIO_free(sig_cert_bio);
sk_X509_pop_free(cert_stack, X509_free);
OpenSSL_deinitialize();
return mail;
}
......@@ -26,8 +26,9 @@ STACK_OF(X509)* create_stack_x509(X509 *arr, int len);
X509* stack_to_array(STACK_OF(X509) *stack);
void OpenSSL_print_ver(void);
// (de)init function makes initialization less cryptic
void * OpenSSL_test_encrypt(const char *text, const char *pem);
char* OpenSSL_test_decrypt(const char *str, const char *pem);
char * OpenSSL_encrypt(const char *text, const char *pem);
char * OpenSSL_decrypt(const char *str, const char *pem);
char * OpenSSL_sign(const char *text, const char *pem, const int detached);
int print_test(int);
......
......@@ -26,7 +26,7 @@
#import <GTMAppAuth/GTMAppAuth.h>
#import <GTMSessionFetcher/GTMSessionFetcher.h>
#import "OAuth/EmailHelper.h"
#import "openssl-helpers.h"
#import "c/openssl-helpers.h"
#import <openssl/pem.h>
#import <openssl/cms.h>
#import <openssl/err.h>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment