mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 08:07:34 +00:00
LibTLS+LibCrypto: Replace a whole bunch of ByteBuffers with Spans
This commit is contained in:
parent
4d89c1885d
commit
8e20208dd6
22 changed files with 116 additions and 109 deletions
|
@ -59,7 +59,7 @@ String AESCipherKey::to_string() const
|
|||
return builder.build();
|
||||
}
|
||||
|
||||
void AESCipherKey::expand_encrypt_key(const ByteBuffer& user_key, size_t bits)
|
||||
void AESCipherKey::expand_encrypt_key(ReadonlyBytes user_key, size_t bits)
|
||||
{
|
||||
u32* round_key;
|
||||
u32 temp;
|
||||
|
@ -170,7 +170,7 @@ void AESCipherKey::expand_encrypt_key(const ByteBuffer& user_key, size_t bits)
|
|||
}
|
||||
}
|
||||
|
||||
void AESCipherKey::expand_decrypt_key(const ByteBuffer& user_key, size_t bits)
|
||||
void AESCipherKey::expand_decrypt_key(ReadonlyBytes user_key, size_t bits)
|
||||
{
|
||||
u32* round_key;
|
||||
|
||||
|
|
|
@ -75,8 +75,8 @@ private:
|
|||
|
||||
struct AESCipherKey : public CipherKey {
|
||||
virtual ByteBuffer data() const override { return ByteBuffer::copy(m_rd_keys, sizeof(m_rd_keys)); };
|
||||
virtual void expand_encrypt_key(const ByteBuffer& user_key, size_t bits) override;
|
||||
virtual void expand_decrypt_key(const ByteBuffer& user_key, size_t bits) override;
|
||||
virtual void expand_encrypt_key(ReadonlyBytes user_key, size_t bits) override;
|
||||
virtual void expand_decrypt_key(ReadonlyBytes user_key, size_t bits) override;
|
||||
static bool is_valid_key_size(size_t bits) { return bits == 128 || bits == 192 || bits == 256; };
|
||||
String to_string() const;
|
||||
const u32* round_keys() const
|
||||
|
@ -84,7 +84,7 @@ struct AESCipherKey : public CipherKey {
|
|||
return (const u32*)m_rd_keys;
|
||||
}
|
||||
|
||||
AESCipherKey(const ByteBuffer& user_key, size_t key_bits, Intent intent)
|
||||
AESCipherKey(ReadonlyBytes user_key, size_t key_bits, Intent intent)
|
||||
: m_bits(key_bits)
|
||||
{
|
||||
if (intent == Intent::Encryption)
|
||||
|
@ -119,7 +119,7 @@ public:
|
|||
|
||||
constexpr static size_t BlockSizeInBits = BlockType::BlockSizeInBits;
|
||||
|
||||
AESCipher(const ByteBuffer& user_key, size_t key_bits, Intent intent = Intent::Encryption, PaddingMode mode = PaddingMode::CMS)
|
||||
AESCipher(ReadonlyBytes user_key, size_t key_bits, Intent intent = Intent::Encryption, PaddingMode mode = PaddingMode::CMS)
|
||||
: Cipher<AESCipherKey, AESCipherBlock>(mode)
|
||||
, m_key(user_key, key_bits, intent)
|
||||
{
|
||||
|
|
|
@ -106,8 +106,8 @@ struct CipherKey {
|
|||
virtual ~CipherKey() { }
|
||||
|
||||
protected:
|
||||
virtual void expand_encrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
|
||||
virtual void expand_decrypt_key(const ByteBuffer& user_key, size_t bits) = 0;
|
||||
virtual void expand_encrypt_key(ReadonlyBytes user_key, size_t bits) = 0;
|
||||
virtual void expand_decrypt_key(ReadonlyBytes user_key, size_t bits) = 0;
|
||||
size_t bits { 0 };
|
||||
};
|
||||
|
||||
|
|
|
@ -56,7 +56,7 @@ public:
|
|||
|
||||
virtual size_t IV_length() const override { return IVSizeInBits / 8; }
|
||||
|
||||
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* ivec_out = nullptr) override
|
||||
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* ivec_out = nullptr) override
|
||||
{
|
||||
auto length = in.size();
|
||||
if (length == 0)
|
||||
|
@ -97,7 +97,7 @@ public:
|
|||
__builtin_memcpy(ivec_out->data(), iv, min(IV_length(), ivec_out->size()));
|
||||
}
|
||||
|
||||
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) override
|
||||
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) override
|
||||
{
|
||||
auto length = in.size();
|
||||
if (length == 0)
|
||||
|
|
|
@ -131,7 +131,7 @@ public:
|
|||
|
||||
virtual size_t IV_length() const override { return IVSizeInBits / 8; }
|
||||
|
||||
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* ivec_out = nullptr) override
|
||||
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* ivec_out = nullptr) override
|
||||
{
|
||||
// Our interpretation of "ivec" is what AES-CTR
|
||||
// would define as nonce + IV + 4 zero bytes.
|
||||
|
@ -143,7 +143,7 @@ public:
|
|||
this->encrypt_or_stream(nullptr, out, ivec, ivec_out);
|
||||
}
|
||||
|
||||
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) override
|
||||
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) override
|
||||
{
|
||||
// XOR (and thus CTR) is the most symmetric mode.
|
||||
this->encrypt(in, out, ivec);
|
||||
|
@ -156,7 +156,7 @@ private:
|
|||
protected:
|
||||
constexpr static IncrementFunctionType increment {};
|
||||
|
||||
void encrypt_or_stream(const ReadonlyBytes* in, Bytes& out, const Bytes& ivec, Bytes* ivec_out = nullptr)
|
||||
void encrypt_or_stream(const ReadonlyBytes* in, Bytes& out, ReadonlyBytes ivec, Bytes* ivec_out = nullptr)
|
||||
{
|
||||
size_t length;
|
||||
if (in) {
|
||||
|
|
|
@ -71,7 +71,7 @@ public:
|
|||
virtual size_t IV_length() const override { return IVSizeInBits / 8; }
|
||||
|
||||
// FIXME: This overload throws away the auth stuff, think up a better way to return more than a single bytebuffer.
|
||||
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* = nullptr) override
|
||||
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* = nullptr) override
|
||||
{
|
||||
ASSERT(!ivec.is_empty());
|
||||
|
||||
|
@ -79,7 +79,7 @@ public:
|
|||
|
||||
encrypt(in, out, ivec, dummy, dummy);
|
||||
}
|
||||
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) override
|
||||
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) override
|
||||
{
|
||||
encrypt(in, out, ivec);
|
||||
}
|
||||
|
@ -108,7 +108,7 @@ public:
|
|||
block0.get().bytes().copy_to(tag);
|
||||
}
|
||||
|
||||
VerificationConsistency decrypt(const ReadonlyBytes& in, Bytes out, const ReadonlyBytes& iv_in, const ReadonlyBytes& aad, const ReadonlyBytes& tag)
|
||||
VerificationConsistency decrypt(ReadonlyBytes in, Bytes out, ReadonlyBytes iv_in, ReadonlyBytes aad, ReadonlyBytes tag)
|
||||
{
|
||||
auto iv_buf = ByteBuffer::copy(iv_in.data(), iv_in.size());
|
||||
auto iv = iv_buf.bytes();
|
||||
|
|
|
@ -39,8 +39,8 @@ class Mode {
|
|||
public:
|
||||
virtual ~Mode() { }
|
||||
|
||||
virtual void encrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}, Bytes* ivec_out = nullptr) = 0;
|
||||
virtual void decrypt(const ReadonlyBytes& in, Bytes& out, const Bytes& ivec = {}) = 0;
|
||||
virtual void encrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}, Bytes* ivec_out = nullptr) = 0;
|
||||
virtual void decrypt(ReadonlyBytes in, Bytes& out, ReadonlyBytes ivec = {}) = 0;
|
||||
|
||||
virtual size_t IV_length() const = 0;
|
||||
|
||||
|
|
|
@ -41,8 +41,8 @@ public:
|
|||
{
|
||||
}
|
||||
|
||||
virtual void encode(const ByteBuffer& in, ByteBuffer& out, size_t em_bits) = 0;
|
||||
virtual VerificationConsistency verify(const ByteBuffer& msg, const ByteBuffer& emsg, size_t em_bits) = 0;
|
||||
virtual void encode(ReadonlyBytes in, ByteBuffer& out, size_t em_bits) = 0;
|
||||
virtual VerificationConsistency verify(ReadonlyBytes msg, ReadonlyBytes emsg, size_t em_bits) = 0;
|
||||
|
||||
const HashFunction& hasher() const { return m_hasher; }
|
||||
HashFunction& hasher() { return m_hasher; }
|
||||
|
|
|
@ -46,7 +46,7 @@ public:
|
|||
|
||||
static constexpr auto SaltLength = SaltSize;
|
||||
|
||||
virtual void encode(const ByteBuffer& in, ByteBuffer& out, size_t em_bits) override
|
||||
virtual void encode(ReadonlyBytes in, ByteBuffer& out, size_t em_bits) override
|
||||
{
|
||||
// FIXME: we're supposed to check if in.size() > HashFunction::input_limitation
|
||||
// however, all of our current hash functions can hash unlimited blocks
|
||||
|
@ -87,8 +87,7 @@ public:
|
|||
u8 DB_mask[mask_length];
|
||||
auto DB_mask_buffer = ByteBuffer::wrap(DB_mask, mask_length);
|
||||
// FIXME: we should probably allow reading from u8*
|
||||
auto hash_buffer = ByteBuffer::wrap(hash.data, HashFunction::DigestSize);
|
||||
MGF1(hash_buffer, mask_length, DB_mask_buffer);
|
||||
MGF1(ReadonlyBytes { hash.data, HashFunction::DigestSize }, mask_length, DB_mask_buffer);
|
||||
|
||||
for (size_t i = 0; i < DB.size(); ++i)
|
||||
DB_data[i] ^= DB_mask[i];
|
||||
|
@ -101,7 +100,7 @@ public:
|
|||
out[DB.size() + hash_fn.DigestSize] = 0xbc;
|
||||
}
|
||||
|
||||
virtual VerificationConsistency verify(const ByteBuffer& msg, const ByteBuffer& emsg, size_t em_bits) override
|
||||
virtual VerificationConsistency verify(ReadonlyBytes msg, ReadonlyBytes emsg, size_t em_bits) override
|
||||
{
|
||||
auto& hash_fn = this->hasher();
|
||||
hash_fn.update(msg);
|
||||
|
@ -114,8 +113,8 @@ public:
|
|||
return VerificationConsistency::Inconsistent;
|
||||
|
||||
auto mask_length = emsg.size() - HashFunction::DigestSize - 1;
|
||||
auto masked_DB = emsg.slice_view(0, mask_length);
|
||||
auto H = emsg.slice_view(mask_length, HashFunction::DigestSize);
|
||||
auto masked_DB = emsg.slice(0, mask_length);
|
||||
auto H = emsg.slice(mask_length, HashFunction::DigestSize);
|
||||
|
||||
auto length_to_check = 8 * emsg.size() - em_bits;
|
||||
auto octet = masked_DB[0];
|
||||
|
@ -160,7 +159,7 @@ public:
|
|||
return VerificationConsistency::Consistent;
|
||||
}
|
||||
|
||||
void MGF1(const ByteBuffer& seed, size_t length, ByteBuffer& out)
|
||||
void MGF1(ReadonlyBytes seed, size_t length, ByteBuffer& out)
|
||||
{
|
||||
auto& hash_fn = this->hasher();
|
||||
ByteBuffer T = ByteBuffer::create_zeroed(0);
|
||||
|
|
|
@ -49,11 +49,11 @@ public:
|
|||
{
|
||||
}
|
||||
|
||||
virtual void encrypt(const ByteBuffer& in, ByteBuffer& out) = 0;
|
||||
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out) = 0;
|
||||
virtual void encrypt(ReadonlyBytes in, ByteBuffer& out) = 0;
|
||||
virtual void decrypt(ReadonlyBytes in, ByteBuffer& out) = 0;
|
||||
|
||||
virtual void sign(const ByteBuffer& in, ByteBuffer& out) = 0;
|
||||
virtual void verify(const ByteBuffer& in, ByteBuffer& out) = 0;
|
||||
virtual void sign(ReadonlyBytes in, ByteBuffer& out) = 0;
|
||||
virtual void verify(ReadonlyBytes in, ByteBuffer& out) = 0;
|
||||
|
||||
virtual String class_name() const = 0;
|
||||
|
||||
|
|
|
@ -113,7 +113,7 @@ RSA::KeyPairType RSA::parse_rsa_key(ReadonlyBytes in)
|
|||
return keypair;
|
||||
}
|
||||
|
||||
void RSA::encrypt(const ByteBuffer& in, ByteBuffer& out)
|
||||
void RSA::encrypt(ReadonlyBytes in, ByteBuffer& out)
|
||||
{
|
||||
#ifdef CRYPTO_DEBUG
|
||||
dbg() << "in size: " << in.size();
|
||||
|
@ -133,7 +133,7 @@ void RSA::encrypt(const ByteBuffer& in, ByteBuffer& out)
|
|||
}
|
||||
}
|
||||
|
||||
void RSA::decrypt(const ByteBuffer& in, ByteBuffer& out)
|
||||
void RSA::decrypt(ReadonlyBytes in, ByteBuffer& out)
|
||||
{
|
||||
// FIXME: Actually use the private key properly
|
||||
|
||||
|
@ -149,7 +149,7 @@ void RSA::decrypt(const ByteBuffer& in, ByteBuffer& out)
|
|||
out = out.slice(out.size() - aligned_size, aligned_size);
|
||||
}
|
||||
|
||||
void RSA::sign(const ByteBuffer& in, ByteBuffer& out)
|
||||
void RSA::sign(ReadonlyBytes in, ByteBuffer& out)
|
||||
{
|
||||
auto in_integer = UnsignedBigInteger::import_data(in.data(), in.size());
|
||||
auto exp = NumberTheory::ModularPower(in_integer, m_private_key.private_exponent(), m_private_key.modulus());
|
||||
|
@ -157,7 +157,7 @@ void RSA::sign(const ByteBuffer& in, ByteBuffer& out)
|
|||
out = out.slice(out.size() - size, size);
|
||||
}
|
||||
|
||||
void RSA::verify(const ByteBuffer& in, ByteBuffer& out)
|
||||
void RSA::verify(ReadonlyBytes in, ByteBuffer& out)
|
||||
{
|
||||
auto in_integer = UnsignedBigInteger::import_data(in.data(), in.size());
|
||||
auto exp = NumberTheory::ModularPower(in_integer, m_public_key.public_exponent(), m_public_key.modulus());
|
||||
|
@ -198,7 +198,7 @@ void RSA::import_public_key(ReadonlyBytes bytes, bool pem)
|
|||
}
|
||||
|
||||
template<typename HashFunction>
|
||||
void RSA_EMSA_PSS<HashFunction>::sign(const ByteBuffer& in, ByteBuffer& out)
|
||||
void RSA_EMSA_PSS<HashFunction>::sign(ReadonlyBytes in, ByteBuffer& out)
|
||||
{
|
||||
// -- encode via EMSA_PSS
|
||||
auto mod_bits = m_rsa.private_key().modulus().trimmed_length() * sizeof(u32) * 8;
|
||||
|
@ -212,7 +212,7 @@ void RSA_EMSA_PSS<HashFunction>::sign(const ByteBuffer& in, ByteBuffer& out)
|
|||
}
|
||||
|
||||
template<typename HashFunction>
|
||||
VerificationConsistency RSA_EMSA_PSS<HashFunction>::verify(const ByteBuffer& in)
|
||||
VerificationConsistency RSA_EMSA_PSS<HashFunction>::verify(ReadonlyBytes in)
|
||||
{
|
||||
auto mod_bytes = m_rsa.public_key().modulus().trimmed_length() * sizeof(u32);
|
||||
if (in.size() != mod_bytes)
|
||||
|
@ -228,7 +228,7 @@ VerificationConsistency RSA_EMSA_PSS<HashFunction>::verify(const ByteBuffer& in)
|
|||
return m_emsa_pss.verify(in, EM, mod_bytes * 8 - 1);
|
||||
}
|
||||
|
||||
void RSA_PKCS1_EME::encrypt(const ByteBuffer& in, ByteBuffer& out)
|
||||
void RSA_PKCS1_EME::encrypt(ReadonlyBytes in, ByteBuffer& out)
|
||||
{
|
||||
auto mod_len = (m_public_key.modulus().trimmed_length() * sizeof(u32) * 8 + 7) / 8;
|
||||
#ifdef CRYPTO_DEBUG
|
||||
|
@ -271,7 +271,7 @@ void RSA_PKCS1_EME::encrypt(const ByteBuffer& in, ByteBuffer& out)
|
|||
|
||||
RSA::encrypt(out, out);
|
||||
}
|
||||
void RSA_PKCS1_EME::decrypt(const ByteBuffer& in, ByteBuffer& out)
|
||||
void RSA_PKCS1_EME::decrypt(ReadonlyBytes in, ByteBuffer& out)
|
||||
{
|
||||
auto mod_len = (m_public_key.modulus().trimmed_length() * sizeof(u32) * 8 + 7) / 8;
|
||||
if (in.size() != mod_len) {
|
||||
|
@ -317,11 +317,11 @@ void RSA_PKCS1_EME::decrypt(const ByteBuffer& in, ByteBuffer& out)
|
|||
out = out.slice(offset, out.size() - offset);
|
||||
}
|
||||
|
||||
void RSA_PKCS1_EME::sign(const ByteBuffer&, ByteBuffer&)
|
||||
void RSA_PKCS1_EME::sign(ReadonlyBytes, ByteBuffer&)
|
||||
{
|
||||
dbg() << "FIXME: RSA_PKCS_EME::sign";
|
||||
}
|
||||
void RSA_PKCS1_EME::verify(const ByteBuffer&, ByteBuffer&)
|
||||
void RSA_PKCS1_EME::verify(ReadonlyBytes, ByteBuffer&)
|
||||
{
|
||||
dbg() << "FIXME: RSA_PKCS_EME::verify";
|
||||
}
|
||||
|
|
|
@ -178,11 +178,11 @@ public:
|
|||
m_private_key = pair.private_key;
|
||||
}
|
||||
|
||||
virtual void encrypt(const ByteBuffer& in, ByteBuffer& out) override;
|
||||
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out) override;
|
||||
virtual void encrypt(ReadonlyBytes in, ByteBuffer& out) override;
|
||||
virtual void decrypt(ReadonlyBytes in, ByteBuffer& out) override;
|
||||
|
||||
virtual void sign(const ByteBuffer& in, ByteBuffer& out) override;
|
||||
virtual void verify(const ByteBuffer& in, ByteBuffer& out) override;
|
||||
virtual void sign(ReadonlyBytes in, ByteBuffer& out) override;
|
||||
virtual void verify(ReadonlyBytes in, ByteBuffer& out) override;
|
||||
|
||||
virtual String class_name() const override { return "RSA"; }
|
||||
|
||||
|
@ -203,8 +203,8 @@ public:
|
|||
{
|
||||
}
|
||||
|
||||
void sign(const ByteBuffer& in, ByteBuffer& out);
|
||||
VerificationConsistency verify(const ByteBuffer& in);
|
||||
void sign(ReadonlyBytes in, ByteBuffer& out);
|
||||
VerificationConsistency verify(ReadonlyBytes in);
|
||||
|
||||
private:
|
||||
EMSA_PSS<HashFunction, HashFunction::DigestSize> m_emsa_pss;
|
||||
|
@ -222,11 +222,11 @@ public:
|
|||
|
||||
~RSA_PKCS1_EME() { }
|
||||
|
||||
virtual void encrypt(const ByteBuffer& in, ByteBuffer& out) override;
|
||||
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out) override;
|
||||
virtual void encrypt(ReadonlyBytes in, ByteBuffer& out) override;
|
||||
virtual void decrypt(ReadonlyBytes in, ByteBuffer& out) override;
|
||||
|
||||
virtual void sign(const ByteBuffer&, ByteBuffer&) override;
|
||||
virtual void verify(const ByteBuffer&, ByteBuffer&) override;
|
||||
virtual void sign(ReadonlyBytes, ByteBuffer&) override;
|
||||
virtual void verify(ReadonlyBytes, ByteBuffer&) override;
|
||||
|
||||
virtual String class_name() const override { return "RSA_PKCS1-EME"; }
|
||||
virtual size_t output_size() const override { return m_public_key.length(); }
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue