mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 18:17:44 +00:00
LibCrypto: Fix issues in the Crypto stack
This commit fixes up the following: - HMAC should not reuse a single hasher when successively updating - AES Key should not assume its user key is valid signed char* - Mode should have a virtual destructor And adds a RFC5246 padding mode, which is required for TLS
This commit is contained in:
parent
7adb93ede9
commit
f1578d7e9e
10 changed files with 93 additions and 49 deletions
|
@ -35,6 +35,8 @@ namespace Cipher {
|
|||
template <typename T>
|
||||
class Mode {
|
||||
public:
|
||||
virtual ~Mode() {}
|
||||
|
||||
// FIXME: Somehow communicate that encrypt returns the last initialization vector (if the mode supports it)
|
||||
virtual Optional<ByteBuffer> encrypt(const ByteBuffer& in, ByteBuffer& out, Optional<ByteBuffer> ivec = {}) = 0;
|
||||
virtual void decrypt(const ByteBuffer& in, ByteBuffer& out, Optional<ByteBuffer> ivec = {}) = 0;
|
||||
|
@ -51,10 +53,9 @@ namespace Cipher {
|
|||
}
|
||||
|
||||
virtual String class_name() const = 0;
|
||||
|
||||
protected:
|
||||
T& cipher() { return m_cipher; }
|
||||
|
||||
protected:
|
||||
virtual void prune_padding(ByteBuffer& data)
|
||||
{
|
||||
auto size = data.size();
|
||||
|
@ -74,6 +75,22 @@ namespace Cipher {
|
|||
data.trim(size - maybe_padding_length);
|
||||
break;
|
||||
}
|
||||
case PaddingMode::RFC5246: {
|
||||
auto maybe_padding_length = data[size - 1];
|
||||
if (maybe_padding_length >= T::block_size() - 1) {
|
||||
// cannot be padding (the entire block cannot be padding)
|
||||
return;
|
||||
}
|
||||
// FIXME: If we want to constant-time operations, this loop should not stop
|
||||
for (auto i = maybe_padding_length; i > 0; --i) {
|
||||
if (data[size - i - 1] != maybe_padding_length) {
|
||||
// note that this is likely invalid padding
|
||||
return;
|
||||
}
|
||||
}
|
||||
data.trim(size - maybe_padding_length - 1);
|
||||
break;
|
||||
}
|
||||
case PaddingMode::Null: {
|
||||
while (data[size - 1] == 0)
|
||||
--size;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue