beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-26 01:20:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

LibCrypto+LibTLS: Generalise the use of IV length

Browse source 
This is in preparation for the upcoming Galois/Counter mode, which
conventionally has 12 bytes of IV as opposed to CBC's 16 bytes.

...Also fixes a lot of style issues, since the author finally found the
project's clang config file in the repository root :^)
This commit is contained in:
AnotherTest 2020-04-23 02:53:11 +04:30 committed by Andreas Kling
parent 7384d58a0a
commit a1e1570552
Notes: sideshowbarker 2024-07-19 07:04:43 +09:00 
Author: https://github.com/alimpfard
Commit: https://github.com/SerenityOS/serenity/commit/a1e15705529
Pull-request: https://github.com/SerenityOS/serenity/pull/1661
Reviewed-by: https://github.com/Dexesttp
Reviewed-by: https://github.com/awesomekling
Reviewed-by: https://github.com/itamar8910
7 changed files with 3110 additions and 3060 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

416
Libraries/LibCrypto/Cipher/AES.cpp
View file

@ -30,165 +30,165 @@
namespace Crypto {
namespace Cipher {
template <typename T>
constexpr u32 get_key(T pt)
{
return ((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]);
template<typename T>
constexpr u32 get_key(T pt)
{
return ((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]);
}
constexpr void swap_keys(u32* keys, size_t i, size_t j)
{
u32 temp = keys[i];
keys[i] = keys[j];
keys[j] = temp;
}
String AESCipherBlock::to_string() const
{
StringBuilder builder;
for (size_t i = 0; i < BlockSizeInBits / 8; ++i)
builder.appendf("%02x", m_data[i]);
return builder.build();
}
String AESCipherKey::to_string() const
{
StringBuilder builder;
for (size_t i = 0; i < (rounds() + 1) * 4; ++i)
builder.appendf("%02x", m_rd_keys[i]);
return builder.build();
}
void AESCipherKey::expand_encrypt_key(const ByteBuffer& user_key, size_t bits)
{
u32* round_key;
u32 temp;
size_t i { 0 };
ASSERT(!user_key.is_null());
ASSERT(is_valid_key_size(bits));
round_key = round_keys();
if (bits == 128) {
m_rounds = 10;
} else if (bits == 192) {
m_rounds = 12;
} else {
m_rounds = 14;
}
constexpr void swap_keys(u32* keys, size_t i, size_t j)
{
u32 temp = keys[i];
keys[i] = keys[j];
keys[j] = temp;
}
String AESCipherBlock::to_string() const
{
StringBuilder builder;
for (size_t i = 0; i < BLOCK_SIZE / 8; ++i)
builder.appendf("%02x", m_data[i]);
return builder.build();
}
String AESCipherKey::to_string() const
{
StringBuilder builder;
for (size_t i = 0; i < (rounds() + 1) * 4; ++i)
builder.appendf("%02x", m_rd_keys[i]);
return builder.build();
}
void AESCipherKey::expand_encrypt_key(const ByteBuffer& user_key, size_t bits)
{
u32* round_key;
u32 temp;
size_t i { 0 };
ASSERT(!user_key.is_null());
ASSERT(is_valid_key_size(bits));
round_key = round_keys();
if (bits == 128) {
m_rounds = 10;
} else if (bits == 192) {
m_rounds = 12;
} else {
m_rounds = 14;
}
round_key[0] = get_key(user_key.slice_view(0, 4).data());
round_key[1] = get_key(user_key.slice_view(4, 4).data());
round_key[2] = get_key(user_key.slice_view(8, 4).data());
round_key[3] = get_key(user_key.slice_view(12, 4).data());
if (bits == 128) {
for (;;) {
temp = round_key[3];
// clang-format off
round_key[0] = get_key(user_key.slice_view(0, 4).data());
round_key[1] = get_key(user_key.slice_view(4, 4).data());
round_key[2] = get_key(user_key.slice_view(8, 4).data());
round_key[3] = get_key(user_key.slice_view(12, 4).data());
if (bits == 128) {
for (;;) {
temp = round_key[3];
// clang-format off
round_key[4] = round_key[0] ^
(AESTables::Encode2[(temp >> 16) & 0xff] & 0xff000000) ^
(AESTables::Encode3[(temp >> 8) & 0xff] & 0x00ff0000) ^
(AESTables::Encode0[(temp ) & 0xff] & 0x0000ff00) ^
(AESTables::Encode1[(temp >> 24) ] & 0x000000ff) ^ AESTables::RCON[i];
// clang-format on
round_key[5] = round_key[1] ^ round_key[4];
round_key[6] = round_key[2] ^ round_key[5];
round_key[7] = round_key[3] ^ round_key[6];
++i;
if (i == 10)
break;
round_key += 4;
}
return;
// clang-format on
round_key[5] = round_key[1] ^ round_key[4];
round_key[6] = round_key[2] ^ round_key[5];
round_key[7] = round_key[3] ^ round_key[6];
++i;
if (i == 10)
break;
round_key += 4;
}
return;
}
round_key[4] = get_key(user_key.slice_view(16, 4).data());
round_key[5] = get_key(user_key.slice_view(20, 4).data());
if (bits == 192) {
for (;;) {
temp = round_key[5];
// clang-format off
round_key[4] = get_key(user_key.slice_view(16, 4).data());
round_key[5] = get_key(user_key.slice_view(20, 4).data());
if (bits == 192) {
for (;;) {
temp = round_key[5];
// clang-format off
round_key[6] = round_key[0] ^
(AESTables::Encode2[(temp >> 16) & 0xff] & 0xff000000) ^
(AESTables::Encode3[(temp >> 8) & 0xff] & 0x00ff0000) ^
(AESTables::Encode0[(temp ) & 0xff] & 0x0000ff00) ^
(AESTables::Encode1[(temp >> 24) ] & 0x000000ff) ^ AESTables::RCON[i];
// clang-format on
round_key[7] = round_key[1] ^ round_key[6];
round_key[8] = round_key[2] ^ round_key[7];
round_key[9] = round_key[3] ^ round_key[8];
// clang-format on
round_key[7] = round_key[1] ^ round_key[6];
round_key[8] = round_key[2] ^ round_key[7];
round_key[9] = round_key[3] ^ round_key[8];
++i;
if (i == 8)
break;
++i;
if (i == 8)
break;
round_key[10] = round_key[4] ^ round_key[9];
round_key[11] = round_key[5] ^ round_key[10];
round_key[10] = round_key[4] ^ round_key[9];
round_key[11] = round_key[5] ^ round_key[10];
round_key += 6;
}
return;
round_key += 6;
}
return;
}
round_key[6] = get_key(user_key.slice_view(24, 4).data());
round_key[7] = get_key(user_key.slice_view(28, 4).data());
if (true) { // bits == 256
for (;;) {
temp = round_key[7];
// clang-format off
round_key[6] = get_key(user_key.slice_view(24, 4).data());
round_key[7] = get_key(user_key.slice_view(28, 4).data());
if (true) { // bits == 256
for (;;) {
temp = round_key[7];
// clang-format off
round_key[8] = round_key[0] ^
(AESTables::Encode2[(temp >> 16) & 0xff] & 0xff000000) ^
(AESTables::Encode3[(temp >> 8) & 0xff] & 0x00ff0000) ^
(AESTables::Encode0[(temp ) & 0xff] & 0x0000ff00) ^
(AESTables::Encode1[(temp >> 24) ] & 0x000000ff) ^ AESTables::RCON[i];
// clang-format on
round_key[9] = round_key[1] ^ round_key[8];
round_key[10] = round_key[2] ^ round_key[9];
round_key[11] = round_key[3] ^ round_key[10];
// clang-format on
round_key[9] = round_key[1] ^ round_key[8];
round_key[10] = round_key[2] ^ round_key[9];
round_key[11] = round_key[3] ^ round_key[10];
++i;
if (i == 7)
break;
++i;
if (i == 7)
break;
temp = round_key[11];
// clang-format off
temp = round_key[11];
// clang-format off
round_key[12] = round_key[4] ^
(AESTables::Encode2[(temp >> 24) ] & 0xff000000) ^
(AESTables::Encode3[(temp >> 16) & 0xff] & 0x00ff0000) ^
(AESTables::Encode0[(temp >> 8) & 0xff] & 0x0000ff00) ^
(AESTables::Encode1[(temp ) & 0xff] & 0x000000ff) ;
// clang-format on
round_key[13] = round_key[5] ^ round_key[12];
round_key[14] = round_key[6] ^ round_key[13];
round_key[15] = round_key[7] ^ round_key[14];
// clang-format on
round_key[13] = round_key[5] ^ round_key[12];
round_key[14] = round_key[6] ^ round_key[13];
round_key[15] = round_key[7] ^ round_key[14];
round_key += 8;
}
return;
round_key += 8;
}
return;
}
}
void AESCipherKey::expand_decrypt_key(const ByteBuffer& user_key, size_t bits)
{
u32* round_key;
expand_encrypt_key(user_key, bits);
round_key = round_keys();
// reorder round keys
for (size_t i = 0, j = 4 * rounds(); i < j; i += 4, j -= 4) {
swap_keys(round_key, i, j);
swap_keys(round_key, i + 1, j + 1);
swap_keys(round_key, i + 2, j + 2);
swap_keys(round_key, i + 3, j + 3);
}
void AESCipherKey::expand_decrypt_key(const ByteBuffer& user_key, size_t bits)
{
u32* round_key;
expand_encrypt_key(user_key, bits);
round_key = round_keys();
// reorder round keys
for (size_t i = 0, j = 4 * rounds(); i < j; i += 4, j -= 4) {
swap_keys(round_key, i, j);
swap_keys(round_key, i + 1, j + 1);
swap_keys(round_key, i + 2, j + 2);
swap_keys(round_key, i + 3, j + 3);
}
// apply inverse mix-column to middle rounds
for (size_t i = 1; i < rounds(); ++i) {
round_key += 4;
// clang-format off
// apply inverse mix-column to middle rounds
for (size_t i = 1; i < rounds(); ++i) {
round_key += 4;
// clang-format off
round_key[0] =
AESTables::Decode0[AESTables::Encode1[(round_key[0] >> 24) ] & 0xff] ^
AESTables::Decode1[AESTables::Encode1[(round_key[0] >> 16) & 0xff] & 0xff] ^
@ -209,30 +209,30 @@ namespace Cipher {
AESTables::Decode1[AESTables::Encode1[(round_key[3] >> 16) & 0xff] & 0xff] ^
AESTables::Decode2[AESTables::Encode1[(round_key[3] >> 8) & 0xff] & 0xff] ^
AESTables::Decode3[AESTables::Encode1[(round_key[3] ) & 0xff] & 0xff] ;
// clang-format on
}
// clang-format on
}
}
void AESCipher::encrypt_block(const AESCipherBlock& in, AESCipherBlock& out)
{
u32 s0, s1, s2, s3, t0, t1, t2, t3;
size_t r { 0 };
void AESCipher::encrypt_block(const AESCipherBlock& in, AESCipherBlock& out)
{
u32 s0, s1, s2, s3, t0, t1, t2, t3;
size_t r { 0 };
const auto& dec_key = key();
const auto* round_keys = dec_key.round_keys();
const auto& dec_key = key();
const auto* round_keys = dec_key.round_keys();
s0 = get_key(in.data().offset_pointer(0)) ^ round_keys[0];
s1 = get_key(in.data().offset_pointer(4)) ^ round_keys[1];
s2 = get_key(in.data().offset_pointer(8)) ^ round_keys[2];
s3 = get_key(in.data().offset_pointer(12)) ^ round_keys[3];
s0 = get_key(in.data().offset_pointer(0)) ^ round_keys[0];
s1 = get_key(in.data().offset_pointer(4)) ^ round_keys[1];
s2 = get_key(in.data().offset_pointer(8)) ^ round_keys[2];
s3 = get_key(in.data().offset_pointer(12)) ^ round_keys[3];
r = dec_key.rounds() >> 1;
r = dec_key.rounds() >> 1;
// apply the first |r - 1| rounds
auto i { 0 };
for (;;) {
++i;
// clang-format off
// apply the first |r - 1| rounds
auto i { 0 };
for (;;) {
++i;
// clang-format off
t0 = AESTables::Encode0[(s0 >> 24) ] ^
AESTables::Encode1[(s1 >> 16) & 0xff] ^
AESTables::Encode2[(s2 >> 8) & 0xff] ^
@ -249,15 +249,15 @@ namespace Cipher {
AESTables::Encode1[(s0 >> 16) & 0xff] ^
AESTables::Encode2[(s1 >> 8) & 0xff] ^
AESTables::Encode3[(s2 ) & 0xff] ^ round_keys[7];
// clang-format on
// clang-format on
round_keys += 8;
--r;
++i;
if (r == 0)
break;
round_keys += 8;
--r;
++i;
if (r == 0)
break;
// clang-format off
// clang-format off
s0 = AESTables::Encode0[(t0 >> 24) ] ^
AESTables::Encode1[(t1 >> 16) & 0xff] ^
AESTables::Encode2[(t2 >> 8) & 0xff] ^
@ -274,11 +274,11 @@ namespace Cipher {
AESTables::Encode1[(t0 >> 16) & 0xff] ^
AESTables::Encode2[(t1 >> 8) & 0xff] ^
AESTables::Encode3[(t2 ) & 0xff] ^ round_keys[3];
// clang-format on
}
// clang-format on
}
// apply the last round and put the encrypted data into out
// clang-format off
// apply the last round and put the encrypted data into out
// clang-format off
s0 = (AESTables::Encode2[(t0 >> 24) ] & 0xff000000) ^
(AESTables::Encode3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
(AESTables::Encode0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
@ -302,28 +302,28 @@ namespace Cipher {
(AESTables::Encode0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
(AESTables::Encode1[(t2 ) & 0xff] & 0x000000ff) ^ round_keys[3];
out.put(12, s3);
// clang-format on
}
// clang-format on
}
void AESCipher::decrypt_block(const AESCipherBlock& in, AESCipherBlock& out)
{
void AESCipher::decrypt_block(const AESCipherBlock& in, AESCipherBlock& out)
{
u32 s0, s1, s2, s3, t0, t1, t2, t3;
size_t r { 0 };
u32 s0, s1, s2, s3, t0, t1, t2, t3;
size_t r { 0 };
const auto& dec_key = key();
const auto* round_keys = dec_key.round_keys();
const auto& dec_key = key();
const auto* round_keys = dec_key.round_keys();
s0 = get_key(in.data().offset_pointer(0)) ^ round_keys[0];
s1 = get_key(in.data().offset_pointer(4)) ^ round_keys[1];
s2 = get_key(in.data().offset_pointer(8)) ^ round_keys[2];
s3 = get_key(in.data().offset_pointer(12)) ^ round_keys[3];
s0 = get_key(in.data().offset_pointer(0)) ^ round_keys[0];
s1 = get_key(in.data().offset_pointer(4)) ^ round_keys[1];
s2 = get_key(in.data().offset_pointer(8)) ^ round_keys[2];
s3 = get_key(in.data().offset_pointer(12)) ^ round_keys[3];
r = dec_key.rounds() >> 1;
r = dec_key.rounds() >> 1;
// apply the first |r - 1| rounds
for (;;) {
// clang-format off
// apply the first |r - 1| rounds
for (;;) {
// clang-format off
t0 = AESTables::Decode0[(s0 >> 24) ] ^
AESTables::Decode1[(s3 >> 16) & 0xff] ^
AESTables::Decode2[(s2 >> 8) & 0xff] ^
@ -340,14 +340,14 @@ namespace Cipher {
AESTables::Decode1[(s2 >> 16) & 0xff] ^
AESTables::Decode2[(s1 >> 8) & 0xff] ^
AESTables::Decode3[(s0 ) & 0xff] ^ round_keys[7];
// clang-format on
// clang-format on
round_keys += 8;
--r;
if (r == 0)
break;
round_keys += 8;
--r;
if (r == 0)
break;
// clang-format off
// clang-format off
s0 = AESTables::Decode0[(t0 >> 24) ] ^
AESTables::Decode1[(t3 >> 16) & 0xff] ^
AESTables::Decode2[(t2 >> 8) & 0xff] ^
@ -364,11 +364,11 @@ namespace Cipher {
AESTables::Decode1[(t2 >> 16) & 0xff] ^
AESTables::Decode2[(t1 >> 8) & 0xff] ^
AESTables::Decode3[(t0 ) & 0xff] ^ round_keys[3];
// clang-format on
}
// clang-format on
}
// apply the last round and put the decrypted data into out
// clang-format off
// apply the last round and put the decrypted data into out
// clang-format off
s0 = ((u32)AESTables::Decode4[(t0 >> 24) ] << 24) ^
((u32)AESTables::Decode4[(t3 >> 16) & 0xff] << 16) ^
((u32)AESTables::Decode4[(t2 >> 8) & 0xff] << 8) ^
@ -392,39 +392,39 @@ namespace Cipher {
((u32)AESTables::Decode4[(t1 >> 8) & 0xff] << 8) ^
((u32)AESTables::Decode4[(t0 ) & 0xff] ) ^ round_keys[3];
out.put(12, s3);
// clang-format on
}
// clang-format on
}
void AESCipherBlock::overwrite(const ByteBuffer& buffer)
{
overwrite(buffer.data(), buffer.size());
}
void AESCipherBlock::overwrite(const ByteBuffer& buffer)
{
overwrite(buffer.data(), buffer.size());
}
void AESCipherBlock::overwrite(const u8* data, size_t length)
{
ASSERT(length <= m_data.size());
m_data.overwrite(0, data, length);
if (length < m_data.size()) {
switch (padding_mode()) {
case PaddingMode::Null:
// fill with zeros
__builtin_memset(m_data.data() + length, 0, m_data.size() - length);
break;
case PaddingMode::CMS:
// fill with the length of the padding bytes
__builtin_memset(m_data.data() + length, m_data.size() - length, m_data.size() - length);
break;
case PaddingMode::RFC5246:
// fill with the length of the padding bytes minus one
__builtin_memset(m_data.data() + length, m_data.size() - length - 1, m_data.size() - length);
break;
default:
// FIXME: We should handle the rest of the common padding modes
ASSERT_NOT_REACHED();
break;
}
void AESCipherBlock::overwrite(const u8* data, size_t length)
{
ASSERT(length <= m_data.size());
m_data.overwrite(0, data, length);
if (length < m_data.size()) {
switch (padding_mode()) {
case PaddingMode::Null:
// fill with zeros
__builtin_memset(m_data.data() + length, 0, m_data.size() - length);
break;
case PaddingMode::CMS:
// fill with the length of the padding bytes
__builtin_memset(m_data.data() + length, m_data.size() - length, m_data.size() - length);
break;
case PaddingMode::RFC5246:
// fill with the length of the padding bytes minus one
__builtin_memset(m_data.data() + length, m_data.size() - length - 1, m_data.size() - length);
break;
default:
// FIXME: We should handle the rest of the common padding modes
ASSERT_NOT_REACHED();
break;
}
}
}
}
}

4872
Libraries/LibCrypto/Cipher/AES.h
View file

File diff suppressed because it is too large Load diff

152
Libraries/LibCrypto/Cipher/Cipher.h
View file

@ -33,108 +33,108 @@
namespace Crypto {
namespace Cipher {
enum class Intent {
Encryption,
Decryption,
};
enum class Intent {
Encryption,
Decryption,
};
enum class PaddingMode {
CMS, // RFC 1423
RFC5246, // very similar to CMS, but filled with |length - 1|, instead of |length|
Null,
// FIXME: We do not implement these yet
Bit,
Random,
Space,
ZeroLength,
};
enum class PaddingMode {
CMS, // RFC 1423
RFC5246, // very similar to CMS, but filled with |length - 1|, instead of |length|
Null,
// FIXME: We do not implement these yet
Bit,
Random,
Space,
ZeroLength,
};
template <typename B, typename T>
class Cipher;
template<typename B, typename T>
class Cipher;
struct CipherBlock {
public:
explicit CipherBlock(PaddingMode mode)
: m_padding_mode(mode)
{
}
struct CipherBlock {
public:
explicit CipherBlock(PaddingMode mode)
: m_padding_mode(mode)
{
}
static size_t block_size() { ASSERT_NOT_REACHED(); }
static size_t block_size() { ASSERT_NOT_REACHED(); }
virtual ByteBuffer get() const = 0;
virtual const ByteBuffer& data() const = 0;
virtual ByteBuffer get() const = 0;
virtual const ByteBuffer& data() const = 0;
virtual void overwrite(const ByteBuffer&) = 0;
virtual void overwrite(const u8*, size_t) = 0;
virtual void overwrite(const ByteBuffer&) = 0;
virtual void overwrite(const u8*, size_t) = 0;
virtual void apply_initialization_vector(const u8* ivec) = 0;
virtual void apply_initialization_vector(const u8* ivec) = 0;
PaddingMode padding_mode() const { return m_padding_mode; }
PaddingMode padding_mode() const { return m_padding_mode; }
template <typename T>
void put(size_t offset, T value)
{
ASSERT(offset + sizeof(T) <= data().size());
auto* ptr = data().data() + offset;
auto index { 0 };
template<typename T>
void put(size_t offset, T value)
{
ASSERT(offset + sizeof(T) <= data().size());
auto* ptr = data().data() + offset;
auto index { 0 };
ASSERT(sizeof(T) <= 4);
ASSERT(sizeof(T) <= 4);
if constexpr (sizeof(T) > 3)
ptr[index++] = (u8)(value >> 24);
if constexpr (sizeof(T) > 3)
ptr[index++] = (u8)(value >> 24);
if constexpr (sizeof(T) > 2)
ptr[index++] = (u8)(value >> 16);
if constexpr (sizeof(T) > 2)
ptr[index++] = (u8)(value >> 16);
if constexpr (sizeof(T) > 1)
ptr[index++] = (u8)(value >> 8);
if constexpr (sizeof(T) > 1)
ptr[index++] = (u8)(value >> 8);
ptr[index] = (u8)value;
}
ptr[index] = (u8)value;
}
private:
virtual ByteBuffer& data() = 0;
PaddingMode m_padding_mode;
};
private:
virtual ByteBuffer& data() = 0;
PaddingMode m_padding_mode;
};
struct CipherKey {
virtual ByteBuffer data() const = 0;
static bool is_valid_key_size(size_t) { return false; };
struct CipherKey {
virtual ByteBuffer data() const = 0;
static bool is_valid_key_size(size_t) { return false; };
virtual ~CipherKey() { }
virtual ~CipherKey() { }
protected:
virtual void expand_encrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
virtual void expand_decrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
size_t bits { 0 };
};
protected:
virtual void expand_encrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
virtual void expand_decrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
size_t bits { 0 };
};
template <typename KeyT = CipherKey, typename BlockT = CipherBlock>
class Cipher {
public:
using KeyType = KeyT;
using BlockType = BlockT;
template<typename KeyT = CipherKey, typename BlockT = CipherBlock>
class Cipher {
public:
using KeyType = KeyT;
using BlockType = BlockT;
explicit Cipher<KeyT, BlockT>(PaddingMode mode)
: m_padding_mode(mode)
{
}
explicit Cipher<KeyT, BlockT>(PaddingMode mode)
: m_padding_mode(mode)
{
}
virtual const KeyType& key() const = 0;
virtual KeyType& key() = 0;
virtual const KeyType& key() const = 0;
virtual KeyType& key() = 0;
static size_t block_size() { return BlockType::block_size(); }
static size_t block_size() { return BlockType::block_size(); }
PaddingMode padding_mode() const { return m_padding_mode; }
PaddingMode padding_mode() const { return m_padding_mode; }
virtual void encrypt_block(const BlockType& in, BlockType& out) = 0;
virtual void decrypt_block(const BlockType& in, BlockType& out) = 0;
virtual void encrypt_block(const BlockType& in, BlockType& out) = 0;
virtual void decrypt_block(const BlockType& in, BlockType& out) = 0;
virtual String class_name() const = 0;
virtual String class_name() const = 0;
private:
PaddingMode m_padding_mode;
};
private:
PaddingMode m_padding_mode;
};
}
}

4
Libraries/LibCrypto/Cipher/Mode/CBC.h
View file

@ -36,6 +36,8 @@ namespace Cipher {
template <typename T>
class CBC : public Mode<T> {
public:
constexpr static size_t IVSizeInBits = 128;
virtual ~CBC() {}
template <typename... Args>
explicit constexpr CBC<T>(Args... args)
@ -51,6 +53,8 @@ namespace Cipher {
return builder.build();
}
virtual size_t IV_length() const { return IVSizeInBits / 8; }
virtual Optional<ByteBuffer> encrypt(const ByteBuffer& in, ByteBuffer& out, Optional<ByteBuffer> ivec = {}) override
{
auto length = in.size();

138
Libraries/LibCrypto/Cipher/Mode/Mode.h
View file

@ -32,88 +32,90 @@
namespace Crypto {
namespace Cipher {
template <typename T>
class Mode {
public:
virtual ~Mode() {}
template<typename T>
class Mode {
public:
virtual ~Mode() { }
// FIXME: Somehow communicate that encrypt returns the last initialization vector (if the mode supports it)
virtual Optional<ByteBuffer> encrypt(const ByteBuffer& in, ByteBuffer& out, Optional<ByteBuffer> ivec = {}) = 0;
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out, Optional<ByteBuffer> ivec = {}) = 0;
// FIXME: Somehow communicate that encrypt returns the last initialization vector (if the mode supports it)
virtual Optional<ByteBuffer> encrypt(const ByteBuffer& in, ByteBuffer& out, Optional<ByteBuffer> ivec = {}) = 0;
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out, Optional<ByteBuffer> ivec = {}) = 0;
const T& cipher() const { return m_cipher; }
virtual size_t IV_length() const = 0;
ByteBuffer create_aligned_buffer(size_t input_size) const
{
size_t remainder = (input_size + T::block_size()) % T::block_size();
if (remainder == 0)
return ByteBuffer::create_uninitialized(input_size);
else
return ByteBuffer::create_uninitialized(input_size + T::block_size() - remainder);
}
const T& cipher() const { return m_cipher; }
virtual String class_name() const = 0;
T& cipher() { return m_cipher; }
ByteBuffer create_aligned_buffer(size_t input_size) const
{
size_t remainder = (input_size + T::block_size()) % T::block_size();
if (remainder == 0)
return ByteBuffer::create_uninitialized(input_size);
else
return ByteBuffer::create_uninitialized(input_size + T::block_size() - remainder);
}
protected:
virtual void prune_padding(ByteBuffer& data)
{
auto size = data.size();
switch (m_cipher.padding_mode()) {
case PaddingMode::CMS: {
auto maybe_padding_length = data[size - 1];
if (maybe_padding_length >= T::block_size()) {
// cannot be padding (the entire block cannot be padding)
virtual String class_name() const = 0;
T& cipher() { return m_cipher; }
protected:
virtual void prune_padding(ByteBuffer& data)
{
auto size = data.size();
switch (m_cipher.padding_mode()) {
case PaddingMode::CMS: {
auto maybe_padding_length = data[size - 1];
if (maybe_padding_length >= T::block_size()) {
// cannot be padding (the entire block cannot be padding)
return;
}
for (auto i = maybe_padding_length; i > 0; --i) {
if (data[size - i] != maybe_padding_length) {
// not padding, part of data
return;
}
for (auto i = maybe_padding_length; i > 0; --i) {
if (data[size - i] != maybe_padding_length) {
// not padding, part of data
return;
}
}
data.trim(size - maybe_padding_length);
break;
}
case PaddingMode::RFC5246: {
auto maybe_padding_length = data[size - 1];
if (maybe_padding_length >= T::block_size() - 1) {
// cannot be padding (the entire block cannot be padding)
data.trim(size - maybe_padding_length);
break;
}
case PaddingMode::RFC5246: {
auto maybe_padding_length = data[size - 1];
if (maybe_padding_length >= T::block_size() - 1) {
// cannot be padding (the entire block cannot be padding)
return;
}
// FIXME: If we want to constant-time operations, this loop should not stop
for (auto i = maybe_padding_length; i > 0; --i) {
if (data[size - i - 1] != maybe_padding_length) {
// note that this is likely invalid padding
return;
}
// FIXME: If we want to constant-time operations, this loop should not stop
for (auto i = maybe_padding_length; i > 0; --i) {
if (data[size - i - 1] != maybe_padding_length) {
// note that this is likely invalid padding
return;
}
}
data.trim(size - maybe_padding_length - 1);
break;
}
case PaddingMode::Null: {
while (data[size - 1] == 0)
--size;
data.trim(size);
break;
}
default:
// FIXME: support other padding modes
ASSERT_NOT_REACHED();
break;
}
data.trim(size - maybe_padding_length - 1);
break;
}
// FIXME: Somehow add a reference version of this
template <typename... Args>
Mode(Args... args)
: m_cipher(args...)
{
case PaddingMode::Null: {
while (data[size - 1] == 0)
--size;
data.trim(size);
break;
}
default:
// FIXME: support other padding modes
ASSERT_NOT_REACHED();
break;
}
}
private:
T m_cipher;
};
// FIXME: Somehow add a reference version of this
template<typename... Args>
Mode(Args... args)
: m_cipher(args...)
{
}
private:
T m_cipher;
};
}
}

499
Libraries/LibTLS/TLSv12.cpp
View file

@ -60,137 +60,121 @@ namespace TLS {
// "for now" q&d implementation of ASN1
namespace {
static bool _asn1_is_field_present(const u32* fields, const u32* prefix)
{
size_t i = 0;
while (prefix[i]) {
if (fields[i] != prefix[i])
return false;
++i;
}
return true;
static bool _asn1_is_field_present(const u32* fields, const u32* prefix)
{
size_t i = 0;
while (prefix[i]) {
if (fields[i] != prefix[i])
return false;
++i;
}
return true;
}
static bool _asn1_is_oid(const u8* oid, const u8* compare, size_t length = 3)
{
size_t i = 0;
while (oid[i] && i < length) {
if (oid[i] != compare[i])
return false;
++i;
}
return true;
}
static void _set_algorithm(u32&, const u8* value, size_t length)
{
if (length != 9) {
dbg() << "unsupported algorithm " << value;
}
static bool _asn1_is_oid(const u8* oid, const u8* compare, size_t length = 3)
{
size_t i = 0;
while (oid[i] && i < length) {
if (oid[i] != compare[i])
return false;
++i;
}
return true;
}
dbg() << "FIXME: Set algorithm";
}
static void _set_algorithm(u32&, const u8* value, size_t length)
{
if (length != 9) {
dbg() << "unsupported algorithm " << value;
}
static size_t _get_asn1_length(const u8* buffer, size_t length, size_t& octets)
{
octets = 0;
if (length < 1)
return 0;
dbg() << "FIXME: Set algorithm";
}
static size_t _get_asn1_length(const u8* buffer, size_t length, size_t& octets)
{
octets = 0;
if (length < 1)
u8 size = buffer[0];
if (size & 0x80) {
octets = size & 0x7f;
if (octets > length - 1) {
return 0;
u8 size = buffer[0];
if (size & 0x80) {
octets = size & 0x7f;
if (octets > length - 1) {
return 0;
}
auto reference_octets = octets;
if (octets > 4)
reference_octets = 4;
size_t long_size = 0, coeff = 1;
for (auto i = reference_octets; i > 0; --i) {
long_size += buffer[i] * coeff;
coeff *= 0x100;
}
++octets;
return long_size;
}
auto reference_octets = octets;
if (octets > 4)
reference_octets = 4;
size_t long_size = 0, coeff = 1;
for (auto i = reference_octets; i > 0; --i) {
long_size += buffer[i] * coeff;
coeff *= 0x100;
}
++octets;
return size;
return long_size;
}
++octets;
return size;
}
static ssize_t _parse_asn1(Context& context, Certificate& cert, const u8* buffer, size_t size, int level, u32* fields, u8* has_key, int client_cert, u8* root_oid, OIDChain* chain)
{
OIDChain local_chain;
local_chain.root = chain;
size_t position = 0;
static ssize_t _parse_asn1(Context& context, Certificate& cert, const u8* buffer, size_t size, int level, u32* fields, u8* has_key, int client_cert, u8* root_oid, OIDChain* chain)
{
OIDChain local_chain;
local_chain.root = chain;
size_t position = 0;
// parse DER...again
size_t index = 0;
u8 oid[16] { 0 };
// parse DER...again
size_t index = 0;
u8 oid[16] { 0 };
local_chain.oid = oid;
if (has_key)
*has_key = 0;
local_chain.oid = oid;
if (has_key)
*has_key = 0;
u8 local_has_key = 0;
const u8* cert_data = nullptr;
size_t cert_length = 0;
while (position < size) {
size_t start_position = position;
if (size - position < 2) {
dbg() << "not enough data for certificate size";
return (i8)Error::NeedMoreData;
}
u8 first = buffer[position++];
u8 type = first & 0x1f;
u8 constructed = first & 0x20;
size_t octets = 0;
u32 temp;
index++;
u8 local_has_key = 0;
const u8* cert_data = nullptr;
size_t cert_length = 0;
while (position < size) {
size_t start_position = position;
if (size - position < 2) {
dbg() << "not enough data for certificate size";
return (i8)Error::NeedMoreData;
}
u8 first = buffer[position++];
u8 type = first & 0x1f;
u8 constructed = first & 0x20;
size_t octets = 0;
u32 temp;
index++;
if (level <= 0xff)
fields[level - 1] = index;
if (level <= 0xff)
fields[level - 1] = index;
size_t length = _get_asn1_length((const u8*)&buffer[position], size - position, octets);
size_t length = _get_asn1_length((const u8*)&buffer[position], size - position, octets);
if (octets > 4 || octets > size - position) {
dbg() << "could not read the certificate";
return position;
}
if (octets > 4 || octets > size - position) {
dbg() << "could not read the certificate";
return position;
}
position += octets;
if (size - position < length) {
dbg() << "not enough data for sequence";
return (i8)Error::NeedMoreData;
}
position += octets;
if (size - position < length) {
dbg() << "not enough data for sequence";
return (i8)Error::NeedMoreData;
}
if (length && constructed) {
switch (type) {
case 0x03:
break;
case 0x10:
if (level == 2 && index == 1) {
cert_length = length + position - start_position;
cert_data = buffer + start_position;
}
// public key data
if (!cert.version && _asn1_is_field_present(fields, Constants::priv_der_id)) {
temp = length + position - start_position;
if (cert.der.size() < temp) {
cert.der.grow(temp);
} else {
cert.der.trim(temp);
}
cert.der.overwrite(0, buffer + start_position, temp);
}
break;
default:
break;
if (length && constructed) {
switch (type) {
case 0x03:
break;
case 0x10:
if (level == 2 && index == 1) {
cert_length = length + position - start_position;
cert_data = buffer + start_position;
}
local_has_key = false;
_parse_asn1(context, cert, buffer + position, length, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
if ((local_has_key && (!context.is_server || client_cert)) || (client_cert || _asn1_is_field_present(fields, Constants::pk_id))) {
// public key data
if (!cert.version && _asn1_is_field_present(fields, Constants::priv_der_id)) {
temp = length + position - start_position;
if (cert.der.size() < temp) {
cert.der.grow(temp);
@ -199,134 +183,150 @@ namespace {
}
cert.der.overwrite(0, buffer + start_position, temp);
}
} else {
switch (type) {
case 0x00:
return position;
break;
case 0x01:
temp = buffer[position];
break;
case 0x02:
if (_asn1_is_field_present(fields, Constants::pk_id)) {
if (has_key)
*has_key = true;
break;
if (index == 1)
cert.public_key.set(
Crypto::UnsignedBigInteger::import_data(buffer + position, length),
cert.public_key.public_exponent());
else if (index == 2)
cert.public_key.set(
cert.public_key.modulus(),
Crypto::UnsignedBigInteger::import_data(buffer + position, length));
} else if (_asn1_is_field_present(fields, Constants::serial_id)) {
cert.serial_number = Crypto::UnsignedBigInteger::import_data(buffer + position, length);
}
if (_asn1_is_field_present(fields, Constants::version_id)) {
if (length == 1)
cert.version = buffer[position];
}
// print_buffer(ByteBuffer::wrap(buffer + position, length));
break;
case 0x03:
if (_asn1_is_field_present(fields, Constants::pk_id)) {
if (has_key)
*has_key = true;
}
if (_asn1_is_field_present(fields, Constants::sign_id)) {
auto* value = buffer + position;
auto len = length;
if (!value[0] && len % 2) {
++value;
--len;
}
cert.sign_key = ByteBuffer::copy(value, len);
} else {
if (buffer[position] == 0 && length > 256) {
_parse_asn1(context, cert, buffer + position + 1, length - 1, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
} else {
_parse_asn1(context, cert, buffer + position, length, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
}
}
break;
case 0x04:
_parse_asn1(context, cert, buffer + position, length, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
break;
case 0x05:
break;
case 0x06:
if (_asn1_is_field_present(fields, Constants::pk_id)) {
_set_algorithm(cert.key_algorithm, buffer + position, length);
}
if (_asn1_is_field_present(fields, Constants::algorithm_id)) {
_set_algorithm(cert.algorithm, buffer + position, length);
}
if (length < 16)
memcpy(oid, buffer + position, length);
else
memcpy(oid, buffer + position, 16);
if (root_oid)
memcpy(root_oid, oid, 16);
break;
case 0x09:
break;
case 0x17:
case 0x018:
// time
// ignore
break;
case 0x013:
case 0x0c:
case 0x14:
case 0x15:
case 0x16:
case 0x19:
case 0x1a:
case 0x1b:
case 0x1c:
case 0x1d:
case 0x1e:
// printable string and such
if (_asn1_is_field_present(fields, Constants::issurer_id)) {
if (_asn1_is_oid(oid, Constants::country_oid)) {
cert.issuer_country = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::state_oid)) {
cert.issuer_state = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::location_oid)) {
cert.issuer_location = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::entity_oid)) {
cert.issuer_entity = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::subject_oid)) {
cert.issuer_subject = String { (const char*)buffer + position, length };
}
} else if (_asn1_is_field_present(fields, Constants::owner_id)) {
if (_asn1_is_oid(oid, Constants::country_oid)) {
cert.country = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::state_oid)) {
cert.state = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::location_oid)) {
cert.location = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::entity_oid)) {
cert.entity = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::subject_oid)) {
cert.subject = String { (const char*)buffer + position, length };
}
}
break;
default:
// dbg() << "unused field " << type;
break;
}
default:
break;
}
local_has_key = false;
_parse_asn1(context, cert, buffer + position, length, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
if ((local_has_key && (!context.is_server || client_cert)) || (client_cert || _asn1_is_field_present(fields, Constants::pk_id))) {
temp = length + position - start_position;
if (cert.der.size() < temp) {
cert.der.grow(temp);
} else {
cert.der.trim(temp);
}
cert.der.overwrite(0, buffer + start_position, temp);
}
} else {
switch (type) {
case 0x00:
return position;
break;
case 0x01:
temp = buffer[position];
break;
case 0x02:
if (_asn1_is_field_present(fields, Constants::pk_id)) {
if (has_key)
*has_key = true;
if (index == 1)
cert.public_key.set(
Crypto::UnsignedBigInteger::import_data(buffer + position, length),
cert.public_key.public_exponent());
else if (index == 2)
cert.public_key.set(
cert.public_key.modulus(),
Crypto::UnsignedBigInteger::import_data(buffer + position, length));
} else if (_asn1_is_field_present(fields, Constants::serial_id)) {
cert.serial_number = Crypto::UnsignedBigInteger::import_data(buffer + position, length);
}
if (_asn1_is_field_present(fields, Constants::version_id)) {
if (length == 1)
cert.version = buffer[position];
}
// print_buffer(ByteBuffer::wrap(buffer + position, length));
break;
case 0x03:
if (_asn1_is_field_present(fields, Constants::pk_id)) {
if (has_key)
*has_key = true;
}
if (_asn1_is_field_present(fields, Constants::sign_id)) {
auto* value = buffer + position;
auto len = length;
if (!value[0] && len % 2) {
++value;
--len;
}
cert.sign_key = ByteBuffer::copy(value, len);
} else {
if (buffer[position] == 0 && length > 256) {
_parse_asn1(context, cert, buffer + position + 1, length - 1, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
} else {
_parse_asn1(context, cert, buffer + position, length, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
}
}
break;
case 0x04:
_parse_asn1(context, cert, buffer + position, length, level + 1, fields, &local_has_key, client_cert, root_oid, &local_chain);
break;
case 0x05:
break;
case 0x06:
if (_asn1_is_field_present(fields, Constants::pk_id)) {
_set_algorithm(cert.key_algorithm, buffer + position, length);
}
if (_asn1_is_field_present(fields, Constants::algorithm_id)) {
_set_algorithm(cert.algorithm, buffer + position, length);
}
if (length < 16)
memcpy(oid, buffer + position, length);
else
memcpy(oid, buffer + position, 16);
if (root_oid)
memcpy(root_oid, oid, 16);
break;
case 0x09:
break;
case 0x17:
case 0x018:
// time
// ignore
break;
case 0x013:
case 0x0c:
case 0x14:
case 0x15:
case 0x16:
case 0x19:
case 0x1a:
case 0x1b:
case 0x1c:
case 0x1d:
case 0x1e:
// printable string and such
if (_asn1_is_field_present(fields, Constants::issurer_id)) {
if (_asn1_is_oid(oid, Constants::country_oid)) {
cert.issuer_country = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::state_oid)) {
cert.issuer_state = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::location_oid)) {
cert.issuer_location = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::entity_oid)) {
cert.issuer_entity = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::subject_oid)) {
cert.issuer_subject = String { (const char*)buffer + position, length };
}
} else if (_asn1_is_field_present(fields, Constants::owner_id)) {
if (_asn1_is_oid(oid, Constants::country_oid)) {
cert.country = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::state_oid)) {
cert.state = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::location_oid)) {
cert.location = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::entity_oid)) {
cert.entity = String { (const char*)buffer + position, length };
} else if (_asn1_is_oid(oid, Constants::subject_oid)) {
cert.subject = String { (const char*)buffer + position, length };
}
}
break;
default:
// dbg() << "unused field " << type;
break;
}
position += length;
}
if (level == 2 && cert.sign_key.size() && cert_length && cert_data) {
dbg() << "FIXME: Cert.fingerprint";
}
return position;
position += length;
}
if (level == 2 && cert.sign_key.size() && cert_length && cert_data) {
dbg() << "FIXME: Cert.fingerprint";
}
return position;
}
}
Optional<Certificate> TLSv12::parse_asn1(const ByteBuffer& buffer, bool)
@ -520,7 +520,7 @@ bool TLSv12::expand_key()
auto key_size = key_length();
auto mac_size = mac_length();
auto iv_size = 16;
auto iv_size = iv_length();
pseudorandom_function(
key_buffer,
@ -769,9 +769,10 @@ void TLSv12::update_packet(ByteBuffer& packet)
auto buffer = ByteBuffer::create_zeroed(length);
size_t buffer_position = 0;
u16 aligned_length = length + block_size - length % block_size;
auto iv_size = iv_length();
// we need enough space for a header, 16 bytes of IV and whatever the packet contains
auto ct = ByteBuffer::create_zeroed(aligned_length + header_size + 16);
// we need enough space for a header, iv_length bytes of IV and whatever the packet contains
auto ct = ByteBuffer::create_zeroed(aligned_length + header_size + iv_size);
// copy the header over
ct.overwrite(0, packet.data(), header_size - 2);
@ -798,18 +799,15 @@ void TLSv12::update_packet(ByteBuffer& packet)
// throws a wrench into our plans
buffer.trim(buffer_position);
// make a random seed IV for this message
u8 record_iv[16] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
// arc4random_buf(record_iv, 16);
auto iv = ByteBuffer::wrap(record_iv, 16);
// FIXME: REALLY Should be filled with random bytes
auto iv = ByteBuffer::create_zeroed(iv_size);
// write it into the ciphertext portion of the message
ct.overwrite(header_size, record_iv, 16);
ct.overwrite(header_size, iv.data(), iv.size());
ct.trim(length + block_size - length % block_size + header_size + block_size - padding);
// get a block to encrypt into
auto view = ct.slice_view(header_size + 16, length + block_size - length % block_size + block_size - padding - 16);
auto view = ct.slice_view(header_size + iv_size, length + block_size - length % block_size + block_size - padding - iv_size);
// encrypt the message
m_aes_local->encrypt(buffer, view, iv);
@ -1346,11 +1344,12 @@ ssize_t TLSv12::handle_message(const ByteBuffer& buffer)
#endif
ASSERT(m_aes_remote);
auto iv_size = iv_length();
auto decrypted = m_aes_remote->create_aligned_buffer(length - 16);
auto iv = buffer.slice_view(header_size, 16);
auto decrypted = m_aes_remote->create_aligned_buffer(length - iv_size);
auto iv = buffer.slice_view(header_size, iv_size);
m_aes_remote->decrypt(buffer.slice_view(header_size + 16, length - 16), decrypted, iv);
m_aes_remote->decrypt(buffer.slice_view(header_size + iv_size, length - iv_size), decrypted, iv);
length = decrypted.size();

89
Libraries/LibTLS/TLSv12.h
View file

@ -92,8 +92,11 @@ enum class CipherSuite {
RSA_WITH_AES_128_CBC_SHA = 0x002F,
RSA_WITH_AES_256_CBC_SHA = 0x0035,
RSA_WITH_AES_128_CBC_SHA256 = 0x003C, // we support this
RSA_WITH_AES_256_CBC_SHA256 = 0x003D, //<- this is our guy
// We support these
RSA_WITH_AES_128_CBC_SHA256 = 0x003C,
RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
// TODO
RSA_WITH_AES_128_GCM_SHA256 = 0x009C,
RSA_WITH_AES_256_GCM_SHA384 = 0x009D,
};
@ -360,8 +363,48 @@ private:
void pseudorandom_function(ByteBuffer& output, const ByteBuffer& secret, const u8* label, size_t label_length, const ByteBuffer& seed, const ByteBuffer& seed_b);
size_t key_length() const { return m_aes_local ? m_aes_local->cipher().key().length() : 16; } // FIXME: generalize
size_t mac_length() const { return Crypto::Authentication::HMAC<Crypto::Hash::SHA256>::DigestSize; } // FIXME: generalize
size_t key_length() const
{
switch (m_context.cipher) {
case CipherSuite::AES_128_CCM_8_SHA256:
case CipherSuite::AES_128_CCM_SHA256:
case CipherSuite::AES_128_GCM_SHA256:
case CipherSuite::Invalid:
case CipherSuite::RSA_WITH_AES_128_CBC_SHA256:
case CipherSuite::RSA_WITH_AES_128_CBC_SHA:
case CipherSuite::RSA_WITH_AES_128_GCM_SHA256:
default:
return 128 / 8;
case CipherSuite::AES_256_GCM_SHA384:
case CipherSuite::RSA_WITH_AES_256_CBC_SHA:
case CipherSuite::RSA_WITH_AES_256_CBC_SHA256:
case CipherSuite::RSA_WITH_AES_256_GCM_SHA384:
return 256 / 8;
}
}
size_t mac_length() const
{
return Crypto::Authentication::HMAC<Crypto::Hash::SHA256>::DigestSize;
} // FIXME: generalize
size_t iv_length() const
{
switch (m_context.cipher) {
case CipherSuite::AES_128_CCM_8_SHA256:
case CipherSuite::AES_128_CCM_SHA256:
case CipherSuite::Invalid:
case CipherSuite::RSA_WITH_AES_128_CBC_SHA256:
case CipherSuite::RSA_WITH_AES_128_CBC_SHA:
case CipherSuite::RSA_WITH_AES_256_CBC_SHA256:
case CipherSuite::RSA_WITH_AES_256_CBC_SHA:
default:
return 16;
case CipherSuite::AES_128_GCM_SHA256:
case CipherSuite::AES_256_GCM_SHA384:
case CipherSuite::RSA_WITH_AES_128_GCM_SHA256:
case CipherSuite::RSA_WITH_AES_256_GCM_SHA384:
return 12;
}
}
bool expand_key();
@ -375,27 +418,27 @@ private:
};
namespace Constants {
constexpr static const u32 version_id[] { 1, 1, 1, 0 };
constexpr static const u32 pk_id[] { 1, 1, 7, 0 };
constexpr static const u32 serial_id[] { 1, 1, 2, 1, 0 };
constexpr static const u32 issurer_id[] { 1, 1, 4, 0 };
constexpr static const u32 owner_id[] { 1, 1, 6, 0 };
constexpr static const u32 validity_id[] { 1, 1, 5, 0 };
constexpr static const u32 algorithm_id[] { 1, 1, 3, 0 };
constexpr static const u32 sign_id[] { 1, 3, 2, 1, 0 };
constexpr static const u32 priv_id[] { 1, 4, 0 };
constexpr static const u32 priv_der_id[] { 1, 3, 1, 0 };
constexpr static const u32 ecc_priv_id[] { 1, 2, 0 };
constexpr static const u32 version_id[] { 1, 1, 1, 0 };
constexpr static const u32 pk_id[] { 1, 1, 7, 0 };
constexpr static const u32 serial_id[] { 1, 1, 2, 1, 0 };
constexpr static const u32 issurer_id[] { 1, 1, 4, 0 };
constexpr static const u32 owner_id[] { 1, 1, 6, 0 };
constexpr static const u32 validity_id[] { 1, 1, 5, 0 };
constexpr static const u32 algorithm_id[] { 1, 1, 3, 0 };
constexpr static const u32 sign_id[] { 1, 3, 2, 1, 0 };
constexpr static const u32 priv_id[] { 1, 4, 0 };
constexpr static const u32 priv_der_id[] { 1, 3, 1, 0 };
constexpr static const u32 ecc_priv_id[] { 1, 2, 0 };
constexpr static const u8 country_oid[] { 0x55, 0x04, 0x06, 0x00 };
constexpr static const u8 state_oid[] { 0x55, 0x04, 0x08, 0x00 };
constexpr static const u8 location_oid[] { 0x55, 0x04, 0x07, 0x00 };
constexpr static const u8 entity_oid[] { 0x55, 0x04, 0x0A, 0x00 };
constexpr static const u8 subject_oid[] { 0x55, 0x04, 0x03, 0x00 };
constexpr static const u8 san_oid[] { 0x55, 0x1D, 0x11, 0x00 };
constexpr static const u8 ocsp_oid[] { 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x00 };
constexpr static const u8 country_oid[] { 0x55, 0x04, 0x06, 0x00 };
constexpr static const u8 state_oid[] { 0x55, 0x04, 0x08, 0x00 };
constexpr static const u8 location_oid[] { 0x55, 0x04, 0x07, 0x00 };
constexpr static const u8 entity_oid[] { 0x55, 0x04, 0x0A, 0x00 };
constexpr static const u8 subject_oid[] { 0x55, 0x04, 0x03, 0x00 };
constexpr static const u8 san_oid[] { 0x55, 0x1D, 0x11, 0x00 };
constexpr static const u8 ocsp_oid[] { 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x00 };
constexpr static const u8 TLS_RSA_SIGN_SHA256_OID[] { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x00 };
constexpr static const u8 TLS_RSA_SIGN_SHA256_OID[] { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x00 };
}