2 Copyright (C) 2018-2021 Carl Hetherington <cth@carlh.net>
4 This file is part of DCP-o-matic.
6 DCP-o-matic is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 DCP-o-matic is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with DCP-o-matic. If not, see <http://www.gnu.org/licenses/>.
22 /* Based on code from https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption */
26 #include "exceptions.h"
27 #include <openssl/conf.h>
28 #include <openssl/evp.h>
29 #include <openssl/err.h>
30 #include <openssl/rand.h>
31 #include <boost/scoped_array.hpp>
35 using namespace dcpomatic;
38 /** The cipher that this code uses */
39 #define CIPHER EVP_aes_256_cbc()
43 dcpomatic::random_iv ()
45 EVP_CIPHER const * cipher = CIPHER;
46 dcp::ArrayData iv (EVP_CIPHER_iv_length(cipher));
47 RAND_bytes (iv.data(), iv.size());
53 dcpomatic::encrypt (string plaintext, dcp::ArrayData key, dcp::ArrayData iv)
55 auto ctx = EVP_CIPHER_CTX_new ();
57 throw CryptoError ("could not create cipher context");
60 int r = EVP_EncryptInit_ex (ctx, CIPHER, 0, key.data(), iv.data());
62 throw CryptoError ("could not initialise cipher context for encryption");
65 dcp::ArrayData ciphertext (plaintext.size() * 2);
68 r = EVP_EncryptUpdate (ctx, ciphertext.data(), &len, (uint8_t const *) plaintext.c_str(), plaintext.size());
70 throw CryptoError ("could not encrypt data");
73 int ciphertext_len = len;
75 r = EVP_EncryptFinal_ex (ctx, ciphertext.data() + len, &len);
77 throw CryptoError ("could not finish encryption");
80 ciphertext.set_size (ciphertext_len + len);
82 EVP_CIPHER_CTX_free (ctx);
89 dcpomatic::decrypt (dcp::ArrayData ciphertext, dcp::ArrayData key, dcp::ArrayData iv)
91 auto ctx = EVP_CIPHER_CTX_new ();
93 throw CryptoError ("could not create cipher context");
96 int r = EVP_DecryptInit_ex (ctx, CIPHER, 0, key.data(), iv.data());
98 throw CryptoError ("could not initialise cipher context for decryption");
101 dcp::ArrayData plaintext (ciphertext.size() * 2);
104 r = EVP_DecryptUpdate (ctx, plaintext.data(), &len, ciphertext.data(), ciphertext.size());
106 throw CryptoError ("could not decrypt data");
109 int plaintext_len = len;
111 r = EVP_DecryptFinal_ex (ctx, plaintext.data() + len, &len);
113 throw CryptoError ("could not finish decryption");
116 plaintext_len += len;
117 plaintext.set_size (plaintext_len + 1);
118 plaintext.data()[plaintext_len] = '\0';
120 EVP_CIPHER_CTX_free (ctx);
122 return string ((char *) plaintext.data());
127 dcpomatic::crypto_key_length ()
129 return EVP_CIPHER_key_length (CIPHER);