1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 08:07:34 +00:00

LibTLS+LibCrypto: Replace a whole bunch of ByteBuffers with Spans

This commit is contained in:
Andreas Kling 2020-12-19 15:07:09 +01:00
parent 4d89c1885d
commit 8e20208dd6
22 changed files with 116 additions and 109 deletions

View file

@ -59,7 +59,7 @@ String AESCipherKey::to_string() const
return builder.build();
}
void AESCipherKey::expand_encrypt_key(const ByteBuffer& user_key, size_t bits)
void AESCipherKey::expand_encrypt_key(ReadonlyBytes user_key, size_t bits)
{
u32* round_key;
u32 temp;
@ -170,7 +170,7 @@ void AESCipherKey::expand_encrypt_key(const ByteBuffer& user_key, size_t bits)
}
}
void AESCipherKey::expand_decrypt_key(const ByteBuffer& user_key, size_t bits)
void AESCipherKey::expand_decrypt_key(ReadonlyBytes user_key, size_t bits)
{
u32* round_key;

View file

@ -75,8 +75,8 @@ private:
struct AESCipherKey : public CipherKey {
virtual ByteBuffer data() const override { return ByteBuffer::copy(m_rd_keys, sizeof(m_rd_keys)); };
virtual void expand_encrypt_key(const ByteBuffer& user_key, size_t bits) override;
virtual void expand_decrypt_key(const ByteBuffer& user_key, size_t bits) override;
virtual void expand_encrypt_key(ReadonlyBytes user_key, size_t bits) override;
virtual void expand_decrypt_key(ReadonlyBytes user_key, size_t bits) override;
static bool is_valid_key_size(size_t bits) { return bits == 128 || bits == 192 || bits == 256; };
String to_string() const;
const u32* round_keys() const
@ -84,7 +84,7 @@ struct AESCipherKey : public CipherKey {
return (const u32*)m_rd_keys;
}
AESCipherKey(const ByteBuffer& user_key, size_t key_bits, Intent intent)
AESCipherKey(ReadonlyBytes user_key, size_t key_bits, Intent intent)
: m_bits(key_bits)
{
if (intent == Intent::Encryption)
@ -119,7 +119,7 @@ public:
constexpr static size_t BlockSizeInBits = BlockType::BlockSizeInBits;
AESCipher(const ByteBuffer& user_key, size_t key_bits, Intent intent = Intent::Encryption, PaddingMode mode = PaddingMode::CMS)
AESCipher(ReadonlyBytes user_key, size_t key_bits, Intent intent = Intent::Encryption, PaddingMode mode = PaddingMode::CMS)
: Cipher<AESCipherKey, AESCipherBlock>(mode)
, m_key(user_key, key_bits, intent)
{

View file

@ -106,8 +106,8 @@ struct CipherKey {
virtual ~CipherKey() { }
protected:
virtual void expand_encrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
virtual void expand_decrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
virtual void expand_encrypt_key(ReadonlyBytes user_key, size_t bits) = 0;
virtual void expand_decrypt_key(ReadonlyBytes user_key, size_t bits) = 0;
size_t bits { 0 };
};

View file

@ -56,7 +56,7 @@ public:
virtual size_t IV_length() const override { return IVSizeInBits / 8; }
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* ivec_out = nullptr) override
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* ivec_out = nullptr) override
{
auto length = in.size();
if (length == 0)
@ -97,7 +97,7 @@ public:
__builtin_memcpy(ivec_out->data(), iv, min(IV_length(), ivec_out->size()));
}
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) override
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) override
{
auto length = in.size();
if (length == 0)

View file

@ -131,7 +131,7 @@ public:
virtual size_t IV_length() const override { return IVSizeInBits / 8; }
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* ivec_out = nullptr) override
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* ivec_out = nullptr) override
{
// Our interpretation of "ivec" is what AES-CTR
// would define as nonce + IV + 4 zero bytes.
@ -143,7 +143,7 @@ public:
this->encrypt_or_stream(nullptr, out, ivec, ivec_out);
}
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) override
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) override
{
// XOR (and thus CTR) is the most symmetric mode.
this->encrypt(in, out, ivec);
@ -156,7 +156,7 @@ private:
protected:
constexpr static IncrementFunctionType increment {};
void encrypt_or_stream(const ReadonlyBytes* in, Bytes& out, const Bytes& ivec, Bytes* ivec_out = nullptr)
void encrypt_or_stream(const ReadonlyBytes* in, Bytes& out, ReadonlyBytes ivec, Bytes* ivec_out = nullptr)
{
size_t length;
if (in) {

View file

@ -71,7 +71,7 @@ public:
virtual size_t IV_length() const override { return IVSizeInBits / 8; }
// FIXME: This overload throws away the auth stuff, think up a better way to return more than a single bytebuffer.
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* = nullptr) override
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* = nullptr) override
{
ASSERT(!ivec.is_empty());
@ -79,7 +79,7 @@ public:
encrypt(in, out, ivec, dummy, dummy);
}
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) override
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) override
{
encrypt(in, out, ivec);
}
@ -108,7 +108,7 @@ public:
block0.get().bytes().copy_to(tag);
}
VerificationConsistency decrypt(const ReadonlyBytes& in, Bytes out, const ReadonlyBytes& iv_in, const ReadonlyBytes& aad, const ReadonlyBytes& tag)
VerificationConsistency decrypt(ReadonlyBytes in, Bytes out, ReadonlyBytes iv_in, ReadonlyBytes aad, ReadonlyBytes tag)
{
auto iv_buf = ByteBuffer::copy(iv_in.data(), iv_in.size());
auto iv = iv_buf.bytes();

View file

@ -39,8 +39,8 @@ class Mode {
public:
virtual ~Mode() { }
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* ivec_out = nullptr) = 0;
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) = 0;
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* ivec_out = nullptr) = 0;
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) = 0;
virtual size_t IV_length() const = 0;

View file

@ -41,8 +41,8 @@ public:
{
}
virtual void encode(const ByteBuffer& in, ByteBuffer& out, size_t em_bits) = 0;
virtual VerificationConsistency verify(const ByteBuffer& msg, const ByteBuffer& emsg, size_t em_bits) = 0;
virtual void encode(ReadonlyBytes in, ByteBuffer& out, size_t em_bits) = 0;
virtual VerificationConsistency verify(ReadonlyBytes msg, ReadonlyBytes emsg, size_t em_bits) = 0;
const HashFunction& hasher() const { return m_hasher; }
HashFunction& hasher() { return m_hasher; }

View file

@ -46,7 +46,7 @@ public:
static constexpr auto SaltLength = SaltSize;
virtual void encode(const ByteBuffer& in, ByteBuffer& out, size_t em_bits) override
virtual void encode(ReadonlyBytes in, ByteBuffer& out, size_t em_bits) override
{
// FIXME: we're supposed to check if in.size() > HashFunction::input_limitation
// however, all of our current hash functions can hash unlimited blocks
@ -87,8 +87,7 @@ public:
u8 DB_mask[mask_length];
auto DB_mask_buffer = ByteBuffer::wrap(DB_mask, mask_length);
// FIXME: we should probably allow reading from u8*
auto hash_buffer = ByteBuffer::wrap(hash.data, HashFunction::DigestSize);
MGF1(hash_buffer, mask_length, DB_mask_buffer);
MGF1(ReadonlyBytes { hash.data, HashFunction::DigestSize }, mask_length, DB_mask_buffer);
for (size_t i = 0; i < DB.size(); ++i)
DB_data[i] ^= DB_mask[i];
@ -101,7 +100,7 @@ public:
out[DB.size() + hash_fn.DigestSize] = 0xbc;
}
virtual VerificationConsistency verify(const ByteBuffer& msg, const ByteBuffer& emsg, size_t em_bits) override
virtual VerificationConsistency verify(ReadonlyBytes msg, ReadonlyBytes emsg, size_t em_bits) override
{
auto& hash_fn = this->hasher();
hash_fn.update(msg);
@ -114,8 +113,8 @@ public:
return VerificationConsistency::Inconsistent;
auto mask_length = emsg.size() - HashFunction::DigestSize - 1;
auto masked_DB = emsg.slice_view(0, mask_length);
auto H = emsg.slice_view(mask_length, HashFunction::DigestSize);
auto masked_DB = emsg.slice(0, mask_length);
auto H = emsg.slice(mask_length, HashFunction::DigestSize);
auto length_to_check = 8 * emsg.size() - em_bits;
auto octet = masked_DB[0];
@ -160,7 +159,7 @@ public:
return VerificationConsistency::Consistent;
}
void MGF1(const ByteBuffer& seed, size_t length, ByteBuffer& out)
void MGF1(ReadonlyBytes seed, size_t length, ByteBuffer& out)
{
auto& hash_fn = this->hasher();
ByteBuffer T = ByteBuffer::create_zeroed(0);

View file

@ -49,11 +49,11 @@ public:
{
}
virtual void encrypt(const ByteBuffer& in, ByteBuffer& out) = 0;
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out) = 0;
virtual void encrypt(ReadonlyBytes in, ByteBuffer& out) = 0;
virtual void decrypt(ReadonlyBytes in, ByteBuffer& out) = 0;
virtual void sign(const ByteBuffer& in, ByteBuffer& out) = 0;
virtual void verify(const ByteBuffer& in, ByteBuffer& out) = 0;
virtual void sign(ReadonlyBytes in, ByteBuffer& out) = 0;
virtual void verify(ReadonlyBytes in, ByteBuffer& out) = 0;
virtual String class_name() const = 0;

View file

@ -113,7 +113,7 @@ RSA::KeyPairType RSA::parse_rsa_key(ReadonlyBytes in)
return keypair;
}
void RSA::encrypt(const ByteBuffer& in, ByteBuffer& out)
void RSA::encrypt(ReadonlyBytes in, ByteBuffer& out)
{
#ifdef CRYPTO_DEBUG
dbg() << "in size: " << in.size();
@ -133,7 +133,7 @@ void RSA::encrypt(const ByteBuffer& in, ByteBuffer& out)
}
}
void RSA::decrypt(const ByteBuffer& in, ByteBuffer& out)
void RSA::decrypt(ReadonlyBytes in, ByteBuffer& out)
{
// FIXME: Actually use the private key properly
@ -149,7 +149,7 @@ void RSA::decrypt(const ByteBuffer& in, ByteBuffer& out)
out = out.slice(out.size() - aligned_size, aligned_size);
}
void RSA::sign(const ByteBuffer& in, ByteBuffer& out)
void RSA::sign(ReadonlyBytes in, ByteBuffer& out)
{
auto in_integer = UnsignedBigInteger::import_data(in.data(), in.size());
auto exp = NumberTheory::ModularPower(in_integer, m_private_key.private_exponent(), m_private_key.modulus());
@ -157,7 +157,7 @@ void RSA::sign(const ByteBuffer& in, ByteBuffer& out)
out = out.slice(out.size() - size, size);
}
void RSA::verify(const ByteBuffer& in, ByteBuffer& out)
void RSA::verify(ReadonlyBytes in, ByteBuffer& out)
{
auto in_integer = UnsignedBigInteger::import_data(in.data(), in.size());
auto exp = NumberTheory::ModularPower(in_integer, m_public_key.public_exponent(), m_public_key.modulus());
@ -198,7 +198,7 @@ void RSA::import_public_key(ReadonlyBytes bytes, bool pem)
}
template<typename HashFunction>
void RSA_EMSA_PSS<HashFunction>::sign(const ByteBuffer& in, ByteBuffer& out)
void RSA_EMSA_PSS<HashFunction>::sign(ReadonlyBytes in, ByteBuffer& out)
{
// -- encode via EMSA_PSS
auto mod_bits = m_rsa.private_key().modulus().trimmed_length() * sizeof(u32) * 8;
@ -212,7 +212,7 @@ void RSA_EMSA_PSS<HashFunction>::sign(const ByteBuffer& in, ByteBuffer& out)
}
template<typename HashFunction>
VerificationConsistency RSA_EMSA_PSS<HashFunction>::verify(const ByteBuffer& in)
VerificationConsistency RSA_EMSA_PSS<HashFunction>::verify(ReadonlyBytes in)
{
auto mod_bytes = m_rsa.public_key().modulus().trimmed_length() * sizeof(u32);
if (in.size() != mod_bytes)
@ -228,7 +228,7 @@ VerificationConsistency RSA_EMSA_PSS<HashFunction>::verify(const ByteBuffer& in)
return m_emsa_pss.verify(in, EM, mod_bytes * 8 - 1);
}
void RSA_PKCS1_EME::encrypt(const ByteBuffer& in, ByteBuffer& out)
void RSA_PKCS1_EME::encrypt(ReadonlyBytes in, ByteBuffer& out)
{
auto mod_len = (m_public_key.modulus().trimmed_length() * sizeof(u32) * 8 + 7) / 8;
#ifdef CRYPTO_DEBUG
@ -271,7 +271,7 @@ void RSA_PKCS1_EME::encrypt(const ByteBuffer& in, ByteBuffer& out)
RSA::encrypt(out, out);
}
void RSA_PKCS1_EME::decrypt(const ByteBuffer& in, ByteBuffer& out)
void RSA_PKCS1_EME::decrypt(ReadonlyBytes in, ByteBuffer& out)
{
auto mod_len = (m_public_key.modulus().trimmed_length() * sizeof(u32) * 8 + 7) / 8;
if (in.size() != mod_len) {
@ -317,11 +317,11 @@ void RSA_PKCS1_EME::decrypt(const ByteBuffer& in, ByteBuffer& out)
out = out.slice(offset, out.size() - offset);
}
void RSA_PKCS1_EME::sign(const ByteBuffer&, ByteBuffer&)
void RSA_PKCS1_EME::sign(ReadonlyBytes, ByteBuffer&)
{
dbg() << "FIXME: RSA_PKCS_EME::sign";
}
void RSA_PKCS1_EME::verify(const ByteBuffer&, ByteBuffer&)
void RSA_PKCS1_EME::verify(ReadonlyBytes, ByteBuffer&)
{
dbg() << "FIXME: RSA_PKCS_EME::verify";
}

View file

@ -178,11 +178,11 @@ public:
m_private_key = pair.private_key;
}
virtual void encrypt(const ByteBuffer& in, ByteBuffer& out) override;
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out) override;
virtual void encrypt(ReadonlyBytes in, ByteBuffer& out) override;
virtual void decrypt(ReadonlyBytes in, ByteBuffer& out) override;
virtual void sign(const ByteBuffer& in, ByteBuffer& out) override;
virtual void verify(const ByteBuffer& in, ByteBuffer& out) override;
virtual void sign(ReadonlyBytes in, ByteBuffer& out) override;
virtual void verify(ReadonlyBytes in, ByteBuffer& out) override;
virtual String class_name() const override { return "RSA"; }
@ -203,8 +203,8 @@ public:
{
}
void sign(const ByteBuffer& in, ByteBuffer& out);
VerificationConsistency verify(const ByteBuffer& in);
void sign(ReadonlyBytes in, ByteBuffer& out);
VerificationConsistency verify(ReadonlyBytes in);
private:
EMSA_PSS<HashFunction, HashFunction::DigestSize> m_emsa_pss;
@ -222,11 +222,11 @@ public:
~RSA_PKCS1_EME() { }
virtual void encrypt(const ByteBuffer& in, ByteBuffer& out) override;
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out) override;
virtual void encrypt(ReadonlyBytes in, ByteBuffer& out) override;
virtual void decrypt(ReadonlyBytes in, ByteBuffer& out) override;
virtual void sign(const ByteBuffer&, ByteBuffer&) override;
virtual void verify(const ByteBuffer&, ByteBuffer&) override;
virtual void sign(ReadonlyBytes, ByteBuffer&) override;
virtual void verify(ReadonlyBytes, ByteBuffer&) override;
virtual String class_name() const override { return "RSA_PKCS1-EME"; }
virtual size_t output_size() const override { return m_public_key.length(); }