From 506d051a6bbb33e2de41f0a78cdf91eee47b0d91 Mon Sep 17 00:00:00 2001
From: Michael Mohr <akihana@gmail.com>
Date: Wed, 17 Jul 2013 22:56:53 -0700
Subject: [PATCH] Update copyrights and correct the version number; Switch to
 AES-192 and make it easier to change in the future

---
 Fileproc.cpp | 10 +++++-----
 Main.cpp     |  9 +++++----
 Printer.cpp  | 10 +++++-----
 Resource.rc  |  2 +-
 paperbak.h   |  4 +++-
 5 files changed, 19 insertions(+), 16 deletions(-)

diff --git a/Fileproc.cpp b/Fileproc.cpp
index 456be39..82962ac 100644
--- a/Fileproc.cpp
+++ b/Fileproc.cpp
@@ -275,7 +275,7 @@ int Saverestoredfile(int slot,int force) {
   int n,success;
   ushort filecrc;
   ulong l,length;
-  uchar *bufout,*data,*tempdata,*salt,key[32],iv[16];
+  uchar *bufout,*data,*tempdata,*salt,key[AESKEYLEN],iv[16];
   t_fproc *pf;
   aes_decrypt_ctx ctx[1];
   HANDLE hfile;
@@ -301,14 +301,14 @@ int Saverestoredfile(int slot,int force) {
       return -1; };
     n=strlen(password);
     salt=(uchar *)(pf->name)+32; // hack: put the salt & iv at the end of the name field
-    derive_key((const uchar *)password, n, salt, 16, 524288, key, 32);
+    derive_key((const uchar *)password, n, salt, 16, 524288, key, AESKEYLEN);
     memset(password,0,sizeof(password));
     memset(ctx,0,sizeof(aes_decrypt_ctx));
-    if(aes_decrypt_key256((const uchar *)key,ctx) == EXIT_FAILURE) {
-      memset(key,0,32);
+    if(aes_decrypt_key((const uchar *)key,AESKEYLEN,ctx) == EXIT_FAILURE) {
+      memset(key,0,AESKEYLEN);
       Reporterror("Failed to set decryption key");
       return -1; };
-    memset(key,0,32);
+    memset(key,0,AESKEYLEN);
     memcpy(iv, salt+16, 16); // the second 16-byte block in 'salt' is the IV
     if(aes_cbc_decrypt(pf->data,tempdata,pf->datasize,iv,ctx) == EXIT_FAILURE) {
       Reporterror("Failed to decrypt data");
diff --git a/Main.cpp b/Main.cpp
index 5faaeab..69ec7d4 100644
--- a/Main.cpp
+++ b/Main.cpp
@@ -76,16 +76,17 @@ int CALLBACK Aboutdlgproc(HWND hw,UINT msg,WPARAM wp,LPARAM lp) {
   switch (msg) {
     case WM_INITDIALOG:
       sprintf(s,"\nPaperBack v%i.%02i\n"
-        "Copyright © 2007 Oleh Yuschuk\n\n"
+        "Copyright © 2007 Oleh Yuschuk\n"
+        "Parts copyright © 2013 Michael Mohr\n\n"
         "----- THIS SOFTWARE IS FREE -----\n"
         "Released under GNU Public License (GPL 3+)\n"
         "Full sources available\n\n"
         "Reed-Solomon ECC:\n"
         "Copyright © 2002 Phil Karn (GPL)\n\n"
         "Bzip2 data compression:\n"
-        "Copyright © 1996-2005 Julian R. Seward (see sources)\n\n"
-        "FIPS-197 compliant AES encryption:\n"
-        "Copyright © 2001-2004 Christophe Devine (GPL 2+)",
+        "Copyright © 1996-2010 Julian R. Seward (see sources)\n\n"
+        "AES and SHA code:\n"
+        "Copyright © 1998-2010, Brian Gladman (3-clause BSD)",
         VERSIONHI,VERSIONLO);
       SetDlgItemText(hw,ABOUT_TEXT,s);
       return TRUE;
diff --git a/Printer.cpp b/Printer.cpp
index 3583fc5..73b20e2 100644
--- a/Printer.cpp
+++ b/Printer.cpp
@@ -445,7 +445,7 @@ static BOOL WINAPI GenerateRandomData(DWORD dwLen, BYTE *pbBuffer) {
 // encryption is very fast, so we don't need to split it into several steps.
 static void Encryptdata(t_printdata *print) {
   int n;
-  uchar *salt,key[32],iv[16];
+  uchar *salt,key[AESKEYLEN],iv[16];
   aes_encrypt_ctx ctx[1];
   // Calculate 16-bit CRC of possibly compressed but unencrypted data. I use
   // it to verify data after decryption: the safe way to assure that password
@@ -474,16 +474,16 @@ static void Encryptdata(t_printdata *print) {
     Message("Failed to generate salt/iv",0);
     Stopprinting(print);
     return; };
-  derive_key((const uchar *)password, n, salt, 16, 524288, key, 32);
+  derive_key((const uchar *)password, n, salt, 16, 524288, key, AESKEYLEN);
   memset(password,0,sizeof(password));
   // Initialize encryption.
   memset(ctx,0,sizeof(aes_encrypt_ctx));
-  if(aes_encrypt_key256((const uchar *)key, ctx) == EXIT_FAILURE) {
-    memset(key,0,32);
+  if(aes_encrypt_key((const uchar *)key, AESKEYLEN, ctx) == EXIT_FAILURE) {
+    memset(key,0,AESKEYLEN);
     Message("Failed to set encryption key",0);
     Stopprinting(print);
     return; };
-  memset(key,0,32);
+  memset(key,0,AESKEYLEN);
   // Encrypt data. AES works with 16-byte data chunks.
   memcpy(iv, salt+16, 16); // the second 16-byte block in 'salt' is the IV
   if(aes_cbc_encrypt(print->buf, print->buf, print->alignedsize, iv, ctx) == EXIT_FAILURE) {
diff --git a/Resource.rc b/Resource.rc
index 63d37f9..25cf06a 100644
--- a/Resource.rc
+++ b/Resource.rc
@@ -162,7 +162,7 @@ FONT 8, "MS Sans Serif"
 
 DIALOG_CONFIRM DIALOG 32, 32, 194, 93
 STYLE DS_MODALFRAME | WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU | DS_3DLOOK
-CAPTION "AES-256 data encryption"
+CAPTION "AES data encryption"
 FONT 8, "MS Sans Serif"
 {
  LTEXT "Data will be encrypted. Please enter password:", PAS_TEXT, 9, 6, 160, 9
diff --git a/paperbak.h b/paperbak.h
index 7cc00fc..b33bdd7 100644
--- a/paperbak.h
+++ b/paperbak.h
@@ -24,7 +24,7 @@
 #endif
 
 #define VERSIONHI      1               // Major version
-#define VERSIONLO      1               // Minor version
+#define VERSIONLO      10              // Minor version
 
 #define MAINDX         800             // Max width of the main window, pixels
 #define MAINDY         600             // Max height of the main window, pixels
@@ -32,6 +32,8 @@
 #define TEXTLEN        256             // Maximal length of strings
 #define PASSLEN        33              // Maximal length of password, incl. 0
 
+#define AESKEYLEN      24              // AES key length in bytes (16, 24, or 32)
+
 typedef unsigned char  uchar;
 typedef unsigned short ushort;
 typedef unsigned int   uint;