1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
|
// Optional encryption support.
// Mohsin Ahmed, mosh@sasi.com, 98-09-24
// Based on zip/crypt sources.
//
// NOTE FOR USA: Since 2000 exporting this code from the USA is allowed to
// most countries. There are a few exceptions, but that still should not be a
// problem since this code was originally created in Europe and India.
//
// Blowfish addition originally made by Mohsin Ahmed,
// http://www.cs.albany.edu/~mosh 2010-03-14
// Based on blowfish by Bruce Schneier (http://www.schneier.com/blowfish.html)
// and sha256 by Christophe Devine.
#include "vim.h"
#include "misc2.h"
#include "blowfish.h"
#include "ex_getln.h"
#include "message.h"
#include "option.h"
static void make_crc_tab(void);
static unsigned long crc_32_tab[256];
// Fills the CRC table.
static void make_crc_tab(void)
{
unsigned long s;
unsigned long t;
unsigned long v;
static bool done = false;
if (done) {
return;
}
for (t = 0; t < 256; t++) {
v = t;
for (s = 0; s < 8; s++) {
v = (v >> 1) ^ ((v & 1) * (unsigned long)0xedb88320L);
}
crc_32_tab[t] = v;
}
done = true;
}
#define CRC32(c, b) (crc_32_tab[((int)(c) ^ (b)) & 0xff] ^ ((c) >> 8))
static unsigned long keys[3]; // keys defining the pseudo-random sequence
// Returns the next byte in the pseudo-random sequence.
#define DECRYPT_BYTE_ZIP(t) { \
unsigned short temp; \
temp = (unsigned short)keys[2] | 2; \
t = (int)(((unsigned)(temp * (temp ^ 1U)) >> 8) & 0xff); \
}
// Updates the encryption keys with the next byte of plain text.
#define UPDATE_KEYS_ZIP(c) { \
keys[0] = CRC32(keys[0], (c)); \
keys[1] += keys[0] & 0xff; \
keys[1] = keys[1] * 134775813L + 1; \
keys[2] = CRC32(keys[2], (int)(keys[1] >> 24)); \
}
static int crypt_busy = 0;
static unsigned long saved_keys[3];
static int saved_crypt_method;
// Returns int value for crypt method string:
// 0 for "zip", the old method. Also for any non-valid value.
// 1 for "blowfish".
int crypt_method_from_string(char_u *s)
{
return *s == 'b' ? 1 : 0;
}
// Returns the crypt method for buffer "buf" as a number.
int get_crypt_method(buf_T *buf)
{
return crypt_method_from_string(*buf->b_p_cm == NUL ? p_cm : buf->b_p_cm);
}
// Sets the crypt method for buffer "buf" to "method" using the int value as
// returned by crypt_method_from_string().
void set_crypt_method(buf_T *buf, int method)
{
free_string_option(buf->b_p_cm);
buf->b_p_cm = vim_strsave((char_u *)(method == 0 ? "zip" : "blowfish"));
}
// Prepares for initializing the encryption. If already doing encryption then
// save the state.
// Must always be called symmetrically with crypt_pop_state().
void crypt_push_state(void)
{
if (crypt_busy == 1) {
// Save the state
if (use_crypt_method == 0) {
saved_keys[0] = keys[0];
saved_keys[1] = keys[1];
saved_keys[2] = keys[2];
} else {
bf_crypt_save();
}
saved_crypt_method = use_crypt_method;
} else if (crypt_busy > 1) {
EMSG2(_(e_intern2), "crypt_push_state()");
}
crypt_busy++;
}
// Ends encryption. If doing encryption before crypt_push_state() then restore
// the saved state.
// Must always be called symmetrically with crypt_push_state().
void crypt_pop_state(void)
{
crypt_busy--;
if (crypt_busy == 1) {
use_crypt_method = saved_crypt_method;
if (use_crypt_method == 0) {
keys[0] = saved_keys[0];
keys[1] = saved_keys[1];
keys[2] = saved_keys[2];
} else {
bf_crypt_restore();
}
}
}
// Encrypts "from[len]" into "to[len]".
// "from" and "to" can be equal to encrypt in place.
void crypt_encode(char_u *from, size_t len, char_u *to)
{
size_t i;
int ztemp;
int t;
if (use_crypt_method == 0) {
for (i = 0; i < len; i++) {
ztemp = from[i];
DECRYPT_BYTE_ZIP(t);
UPDATE_KEYS_ZIP(ztemp);
to[i] = t ^ ztemp;
}
} else {
bf_crypt_encode(from, len, to);
}
}
// Decrypts "ptr[len]" in place.
void crypt_decode(char_u *ptr, long len)
{
char_u *p;
if (use_crypt_method == 0) {
for (p = ptr; p < ptr + len; p++) {
unsigned short temp;
temp = (unsigned short)keys[2] | 2;
temp = (int)(((unsigned)(temp * (temp ^ 1U)) >> 8) & 0xff);
UPDATE_KEYS_ZIP(*p ^= temp);
}
} else {
bf_crypt_decode(ptr, len);
}
}
// Initializes the encryption keys and the random header according to
// the given password.
// If "passwd" is NULL or empty, don't do anything.
// in: "passwd" password string with which to modify keys
void crypt_init_keys(char_u *passwd)
{
if ((passwd != NULL) && (*passwd != NUL)) {
if (use_crypt_method == 0) {
char_u *p;
make_crc_tab();
keys[0] = 305419896L;
keys[1] = 591751049L;
keys[2] = 878082192L;
for (p = passwd; *p != NUL; p++) {
UPDATE_KEYS_ZIP((int)*p);
}
} else {
bf_crypt_init_keys(passwd);
}
}
}
// Frees an allocated crypt key. Clears the text to make sure it doesn't stay
// in memory anywhere.
void free_crypt_key(char_u *key)
{
char_u *p;
if (key != NULL) {
for (p = key; *p != NUL; p++) {
*p = 0;
}
free(key);
}
}
// Asks the user for a crypt key.
// When "store" is TRUE, the new key is stored in the 'key' option, and the
// 'key' option value is returned: Don't free it.
// When "store" is FALSE, the typed key is returned in allocated memory.
// in: "twice" Ask for the key twice.
// Returns NULL on failure.
char_u *get_crypt_key(int store, int twice)
{
char_u *p1;
char_u *p2 = NULL;
int round;
for (round = 0;; round++) {
cmdline_star = TRUE;
cmdline_row = msg_row;
char_u *prompt = (round == 0)
? (char_u *) _("Enter encryption key: ")
: (char_u *) _("Enter same key again: ");
p1 = getcmdline_prompt(NUL, prompt, 0, EXPAND_NOTHING, NULL);
cmdline_star = FALSE;
if (p1 == NULL) {
break;
}
if (round == twice) {
if ((p2 != NULL) && (STRCMP(p1, p2) != 0)) {
MSG(_("Keys don't match!"));
free_crypt_key(p1);
free_crypt_key(p2);
p2 = NULL;
round = -1; // Do it again
continue;
}
if (store) {
set_option_value((char_u *) "key", 0L, p1, OPT_LOCAL);
free_crypt_key(p1);
p1 = curbuf->b_p_key;
}
break;
}
p2 = p1;
}
// Since the user typed this, no need to wait for return.
if (msg_didout) {
msg_putchar('\n');
}
need_wait_return = FALSE;
msg_didout = FALSE;
free_crypt_key(p2);
return p1;
}
|
