aes.h
author Ryan C. Gordon <icculus@icculus.org>
Fri, 23 Jun 2017 17:28:03 -0400
changeset 58 1390348facc7
parent 0 d7ee4e2ed49d
permissions -rw-r--r--
Command line tool that decrypts an OPVault keychain and dumps it to stdout.

To compile: gcc -o opvault opvault.c cJSON.c -lcrypto

Usage: ./opvault </path/to/mykeychain.opvault> <password>

This is just a proof of concept; I'll be recycling this into proper OPVault
support in 1pass later and deleting this tool.

This uses OpenSSL's libcrypto for the math instead of all the homegrown
crypto this project is otherwise using. I'll probably migrate the rest in
this direction, too, since this wasn't as bad as I expected to use and
gets you all the package-manager mojo of automatic bug fixes and security
patches and shared code, etc.

cJSON parses JSON in C. That is from https://github.com/DaveGamble/cJSON

An example OPVault keychain from AgileBits is available here:

https://cache.agilebits.com/security-kb/
#ifndef _INCL_AES_H_
#define _INCL_AES_H_

#include <stdint.h>

// AES-128 only supports Nb=4
#define aesNb 4			// number of columns in the state & expanded key
#define aesNk 4			// number of columns in a key
#define aesNr 10			// number of rounds in encryption

#define aesExpandedKeySize (4 * aesNb * (aesNr + 1))
void aesExpandKey(const uint8_t *key, uint8_t *expkey);

// these do one 128-bit block at a time.
void aesEncrypt (uint8_t *in, uint8_t *expkey, uint8_t *out);
void aesDecrypt (uint8_t *in, uint8_t *expkey, uint8_t *out);

#endif