From 31f211a5d0969b07e98414fb47a5b5945200ddb6 Mon Sep 17 00:00:00 2001 From: "@syxhe" Date: Mon, 31 Mar 2025 16:20:42 -0500 Subject: Create decryptto function --- src/encryption.c | 32 +++++++++++++++++++++++++++++--- src/encryption.h | 20 ++++++++++---------- 2 files changed, 39 insertions(+), 13 deletions(-) diff --git a/src/encryption.c b/src/encryption.c index 606be03..c176d6e 100644 --- a/src/encryption.c +++ b/src/encryption.c @@ -29,7 +29,7 @@ int checksodiumcb(const vxgg_naclfailcb callback, void *data, unsigned char set) static vxgg_naclfailcb cb = naclfaildefault; static void *usr = NULL; int ret; - + if(set) { cb = callback; usr = data; @@ -73,7 +73,7 @@ int maketmp(const char * const dest) { return open(dest, (O_TMPFILE | O_WRONLY | O_CLOEXEC | O_SYNC), (S_IRUSR | S_IWUSR)); } -int encrypttotmp(const char * const target, const char * const output, const unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]) { +int encryptviatmp(const char * const target, const char * const output, const unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]) { #if ___VXGG___ALWAYS_CHECK_LIBSODIUM___ > 0 checksodium(); #endif @@ -106,7 +106,6 @@ int encrypttotmp(const char * const target, const char * const output, const uns asprintf(&path, "/proc/self/fd/%d", tfd); if(!path) return -1; - remove(output); // Make sure an old version isn't sticking around linkat(AT_FDCWD, path, AT_FDCWD, output, AT_SYMLINK_FOLLOW); @@ -118,6 +117,33 @@ int encrypttotmp(const char * const target, const char * const output, const uns return 0; } +int decryptto(const char * const encrypted, const char * const target, const unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]) { + #if ___VXGG___ALWAYS_CHECK_LIBSODIUM___ > 0 + checksodium(); + #endif + + if(!encrypted) + RETURNWERR(EINVAL, -1); + if(!target) + RETURNWERR(EINVAL, -1); + if(!key) + RETURNWERR(EINVAL, -1); + + FILE *src, *dst; + if(!(src = fopen(encrypted, "rb"))) + ERROR(1, errno, "Could not open \"%s\" for decryption", , encrypted); + if(!(dst = fopen(target, "wb"))) + ERROR(1, errno, "Could not open \"%s\" for writing decrypted data", , target); + + if(decrypttofile(src, dst, key) < 0) + ERROR(1, errno, "How did you even cause an error?",); + + fclose(dst); + fclose(src); + + return 0; +} + int encrypttofile(FILE *dst, FILE *src, unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]) { unsigned char buf[CHUNKSIZE], cbuf[CHUNKSIZE + crypto_secretstream_xchacha20poly1305_ABYTES]; unsigned char header[crypto_secretstream_xchacha20poly1305_HEADERBYTES]; diff --git a/src/encryption.h b/src/encryption.h index 1f04dae..b5fe04e 100644 --- a/src/encryption.h +++ b/src/encryption.h @@ -3,9 +3,6 @@ #include -#define CHUNKSIZE (1 << 9) - - // Determines whether any function that calls libsodium functions also checks to make sure libsodium is actually initialized. May // cause unexpected issues with early exiting due to libsodium failing to initialize properly. It's recommended that you just // manually run `sodium_init()` in some main or init function of your own so that you can deal with a potential error yourself @@ -16,10 +13,7 @@ #define ___VXGG___USE_CLS_CALLBACK___ 1 - - #if ___VXGG___ALWAYS_CHECK_LIBSODIUM___ > 0 - // Checks if sodium is initialized. Initializes it if not. If `___VXGG___ALWAYS_CHECK_LIBSODIUM___ > 0`, it's possible to set an error callback to avoid exiting the entire program. Otherwise calls `error()` if libsodium can't initialize void checksodium(void); @@ -30,14 +24,17 @@ typedef void (*vxgg_naclfailcb)(void*); // Sets the error callback for when libsodium fails. Runs `cb(data)` if `(sodium_init() < 0)` void vxgg_setsodiumfailcb(const vxgg_naclfailcb cb, void *data); #endif - #endif +// Chunk size for en/de-cryption. I originally wanted to use st_blksize from stat(), but given that those chunks may be of different +// sizes between computers / filesystems / architectures / files, it's easier to just have this be a consistent macro +#define CHUNKSIZE (1 << 9) + // Fuck reading from a file. Even if someone ran strings on the binary and got this they wouldn't be able to regenerate the key #define PASSWORD_WORDS (\ (const char *[]){\ - "the", "of", "to", "and", "for", "our", "their", "has", "in", "he", "a", "them", "that", "these", "by", "have", "we", "us",\ - "people", "which", "all", "is", "with", "laws", "be", "are", "his", "states", "on", "they", "right", "it", "from", \ + "the", "of", "to", "and", "for", "our", "their", "has", "in", "he", "a", "them", "that", "these", "by", "have", "we", \ + "us", "people", "which", "all", "is", "with", "laws", "be", "are", "his", "states", "on", "they", "right", "it", "from", \ "government", "such", "among", "powers", "most", "an", "time", "should", "new", "as", "been", "colonies", "assent", \ "large", "at", "independent", "free", "united", "when", "mankind", "hold", "rights", "governments", "consent", "its", \ "long", "themselves", "abolishing", "usurpations", "absolute", "repeated", "this", "world", "refused", "pass", "other", \ @@ -96,6 +93,9 @@ int maketmp(const char * const dest); int encrypttofile(FILE *dst, FILE *src, unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]); int decrypttofile(FILE *dst, FILE *src, unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]); -int encrypttotmp(const char * const target, const char * const output, const unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]); +int encryptviatmp(const char * const target, const char * const output, const unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]); +int decryptto(const char * const encrypted, const char * const target, const unsigned char key[crypto_secretstream_xchacha20poly1305_KEYBYTES]); + +int genpassword(char **str, unsigned int words); #endif \ No newline at end of file -- cgit v1.2.3