From fe1375ef6b0060acd72055a4025f28884e2ade6b Mon Sep 17 00:00:00 2001 From: Paul Driver Date: Fri, 7 Aug 2020 16:28:00 -0700 Subject: [PATCH] cbc:aes -> urcrypt --- pkg/urbit/jets/e/aes_cbc.c | 306 +++---------------------------------- pkg/urcrypt/urcrypt.c | 104 ++++++++++++- pkg/urcrypt/urcrypt.h | 20 +++ 3 files changed, 140 insertions(+), 290 deletions(-) diff --git a/pkg/urbit/jets/e/aes_cbc.c b/pkg/urbit/jets/e/aes_cbc.c index 6f40c8aa8..19e129132 100644 --- a/pkg/urbit/jets/e/aes_cbc.c +++ b/pkg/urbit/jets/e/aes_cbc.c @@ -4,8 +4,6 @@ #include "all.h" #include -#include - /* All of the CBC hoon truncates its key and prv inputs by passing them to * the ECB functions, which truncate them, hence the raw u3r_bytes unpacking. */ @@ -89,80 +87,14 @@ typedef c3_y* (*urcrypt_cbc)(const c3_y*, } } - u3_noun - u3qea_cbcb_en(u3_atom key, + static u3_atom + _cqea_cbcb_en(u3_atom key, u3_atom iv, u3_atom msg) { c3_y key_y[24]; - c3_y iv_y[16]; - c3_w len_msg_w; - c3_w len_out_w; - c3_y *msg_y; - c3_y *out_y; - u3_atom out; - AES_KEY key_u; - - c3_assert(u3r_met(3, key) <= 24); - c3_assert(u3r_met(3, iv) <= 16); - len_msg_w = u3r_met(3, msg); - len_out_w = (len_msg_w % 16) == 0 ? len_msg_w : len_msg_w + (16 - (len_msg_w % 16)); - len_msg_w = len_out_w; - - msg_y = u3a_malloc(len_msg_w); - out_y = u3a_malloc(len_out_w); - - { - int i = 23; - - do { - key_y[i] = u3r_byte(23-i, key); - i--; - } while (i >= 0); - } - { - int i = 15; - - do { - iv_y[i] = u3r_byte(15-i, iv); - i--; - } while (i >= 0); - } - { - int i = len_msg_w - 1; - - do { - msg_y[i] = u3r_byte((len_msg_w - 1)-i, msg); - i--; - } while (i >= 0); - } - - if ( 0 != AES_set_encrypt_key(key_y, 192, &key_u) ) { - return u3m_bail(c3__exit); - } - else { - AES_cbc_encrypt(msg_y, out_y, len_msg_w, &key_u, iv_y, AES_ENCRYPT); - } - - /* array reverse - we can write backwards u3i_bytes * - * in the unlikely event that this becomes a problem */ - { - int i = len_out_w - 1; - int j = 0; - c3_y tmp; - - do { - tmp = out_y[i]; - out_y[i] = out_y[j]; - out_y[j] = tmp; - i--; j++; - } while (i > j); - } - - out = u3i_bytes(len_out_w, out_y); - u3a_free(msg_y); - u3a_free(out_y); - return out; + u3r_bytes(0, 24, key_y, key); + return _cqea_cbc_help(key_y, iv, msg, &urcrypt_aes_cbcb_en); } u3_noun @@ -175,84 +107,18 @@ typedef c3_y* (*urcrypt_cbc)(const c3_y*, c3n == u3ud(b) ) { return u3m_bail(c3__exit); } else { - return u3qea_cbcb_en(a, b, c); + return _cqea_cbcb_en(a, b, c); } } - u3_noun - u3qea_cbcb_de(u3_atom key, + static u3_atom + _cqea_cbcb_de(u3_atom key, u3_atom iv, u3_atom msg) { c3_y key_y[24]; - c3_y iv_y[16]; - c3_w len_msg_w; - c3_w len_out_w; - c3_y *msg_y; - c3_y *out_y; - u3_atom out; - AES_KEY key_u; - - c3_assert(u3r_met(3, key) <= 24); - c3_assert(u3r_met(3, iv) <= 16); - len_msg_w = u3r_met(3, msg); - len_out_w = (len_msg_w % 16) == 0 ? len_msg_w : len_msg_w + (16 - (len_msg_w % 16)); - len_msg_w = len_out_w; - - msg_y = u3a_malloc(len_msg_w); - out_y = u3a_malloc(len_out_w); - - { - int i = 23; - - do { - key_y[i] = u3r_byte(23-i, key); - i--; - } while (i >= 0); - } - { - int i = 15; - - do { - iv_y[i] = u3r_byte(15-i, iv); - i--; - } while (i >= 0); - } - { - int i = len_msg_w - 1; - - do { - msg_y[i] = u3r_byte((len_msg_w - 1)-i, msg); - i--; - } while (i >= 0); - } - - if ( 0 != AES_set_decrypt_key(key_y, 192, &key_u) ) { - return u3m_bail(c3__exit); - } - else { - AES_cbc_encrypt(msg_y, out_y, len_msg_w, &key_u, iv_y, AES_DECRYPT); - } - - /* array reverse - we can write backwards u3i_bytes * - * in the unlikely event that this becomes a problem */ - { - int i = len_out_w - 1; - int j = 0; - c3_y tmp; - - do { - tmp = out_y[i]; - out_y[i] = out_y[j]; - out_y[j] = tmp; - i--; j++; - } while (i > j); - } - - out = u3i_bytes(len_out_w, out_y); - u3a_free(msg_y); - u3a_free(out_y); - return out; + u3r_bytes(0, 24, key_y, key); + return _cqea_cbc_help(key_y, iv, msg, &urcrypt_aes_cbcb_de); } u3_noun @@ -265,84 +131,18 @@ typedef c3_y* (*urcrypt_cbc)(const c3_y*, c3n == u3ud(b) ) { return u3m_bail(c3__exit); } else { - return u3qea_cbcb_de(a, b, c); + return _cqea_cbcb_de(a, b, c); } } - u3_noun - u3qea_cbcc_en(u3_atom key, + static u3_atom + _cqea_cbcc_en(u3_atom key, u3_atom iv, u3_atom msg) { c3_y key_y[32]; - c3_y iv_y[16]; - c3_w len_msg_w; - c3_w len_out_w; - c3_y *msg_y; - c3_y *out_y; - u3_atom out; - AES_KEY key_u; - - c3_assert(u3r_met(3, key) <= 32); - c3_assert(u3r_met(3, iv) <= 16); - len_msg_w = u3r_met(3, msg); - len_out_w = (len_msg_w % 16) == 0 ? len_msg_w : len_msg_w + (16 - (len_msg_w % 16)); - len_msg_w = len_out_w; - - msg_y = u3a_malloc(len_msg_w); - out_y = u3a_malloc(len_out_w); - - { - int i = 31; - - do { - key_y[i] = u3r_byte(31-i, key); - i--; - } while (i >= 0); - } - { - int i = 15; - - do { - iv_y[i] = u3r_byte(15-i, iv); - i--; - } while (i >= 0); - } - { - int i = len_msg_w - 1; - - do { - msg_y[i] = u3r_byte((len_msg_w - 1)-i, msg); - i--; - } while (i >= 0); - } - - if ( 0 != AES_set_encrypt_key(key_y, 256, &key_u) ) { - return u3m_bail(c3__exit); - } - else { - AES_cbc_encrypt(msg_y, out_y, len_msg_w, &key_u, iv_y, AES_ENCRYPT); - } - - /* array reverse - we can write backwards u3i_bytes * - * in the unlikely event that this becomes a problem */ - { - int i = len_out_w - 1; - int j = 0; - c3_y tmp; - - do { - tmp = out_y[i]; - out_y[i] = out_y[j]; - out_y[j] = tmp; - i--; j++; - } while (i > j); - } - - out = u3i_bytes(len_out_w, out_y); - u3a_free(msg_y); - u3a_free(out_y); - return out; + u3r_bytes(0, 32, key_y, key); + return _cqea_cbc_help(key_y, iv, msg, &urcrypt_aes_cbcc_en); } u3_noun @@ -355,84 +155,18 @@ typedef c3_y* (*urcrypt_cbc)(const c3_y*, c3n == u3ud(b) ) { return u3m_bail(c3__exit); } else { - return u3qea_cbcc_en(a, b, c); + return _cqea_cbcc_en(a, b, c); } } - u3_noun - u3qea_cbcc_de(u3_atom key, + static u3_atom + _cqea_cbcc_de(u3_atom key, u3_atom iv, u3_atom msg) { c3_y key_y[32]; - c3_y iv_y[16]; - c3_w len_msg_w; - c3_w len_out_w; - c3_y *msg_y; - c3_y *out_y; - u3_atom out; - AES_KEY key_u; - - c3_assert(u3r_met(3, key) <= 32); - c3_assert(u3r_met(3, iv) <= 16); - len_msg_w = u3r_met(3, msg); - len_out_w = (len_msg_w % 16) == 0 ? len_msg_w : len_msg_w + (16 - (len_msg_w % 16)); - len_msg_w = len_out_w; - - msg_y = u3a_malloc(len_msg_w); - out_y = u3a_malloc(len_out_w); - - { - int i = 31; - - do { - key_y[i] = u3r_byte(31-i, key); - i--; - } while (i >= 0); - } - { - int i = 15; - - do { - iv_y[i] = u3r_byte(15-i, iv); - i--; - } while (i >= 0); - } - { - int i = len_msg_w - 1; - - do { - msg_y[i] = u3r_byte((len_msg_w - 1)-i, msg); - i--; - } while (i >= 0); - } - - if ( 0 != AES_set_decrypt_key(key_y, 256, &key_u) ) { - return u3m_bail(c3__exit); - } - else { - AES_cbc_encrypt(msg_y, out_y, len_msg_w, &key_u, iv_y, AES_DECRYPT); - } - - /* array reverse - we can write backwards u3i_bytes * - * in the unlikely event that this becomes a problem */ - { - int i = len_out_w - 1; - int j = 0; - c3_y tmp; - - do { - tmp = out_y[i]; - out_y[i] = out_y[j]; - out_y[j] = tmp; - i--; j++; - } while (i > j); - } - - out = u3i_bytes(len_out_w, out_y); - u3a_free(msg_y); - u3a_free(out_y); - return out; + u3r_bytes(0, 32, key_y, key); + return _cqea_cbc_help(key_y, iv, msg, &urcrypt_aes_cbcc_de); } u3_noun @@ -445,6 +179,6 @@ typedef c3_y* (*urcrypt_cbc)(const c3_y*, c3n == u3ud(b) ) { return u3m_bail(c3__exit); } else { - return u3qea_cbcc_de(a, b, c); + return _cqea_cbcc_de(a, b, c); } } diff --git a/pkg/urcrypt/urcrypt.c b/pkg/urcrypt/urcrypt.c index f7604e2b1..ff1c72135 100644 --- a/pkg/urcrypt/urcrypt.c +++ b/pkg/urcrypt/urcrypt.c @@ -413,11 +413,7 @@ _urcrypt_cbc_help(const uint8_t *message, uint8_t riv[16], *in, *out; _urcrypt_reverse_copy(16, ivec, riv); - FILE* nukes = fopen("/tmp/urcrypt.txt", "w"); - fprintf(nukes, "length before: %d\r\n", (int) length); in = _urcrypt_cbc_pad(&length, message); - fprintf(nukes, "length after: %d\r\n", (int) length); - fclose(nukes); out = urcrypt_malloc(length); AES_cbc_encrypt(in, out, length, key, riv, enc); urcrypt_free(in); @@ -476,3 +472,103 @@ urcrypt_aes_cbca_de(const uint8_t *message, out_length); } } + +uint8_t* +urcrypt_aes_cbcb_en(const uint8_t *message, + size_t length, + const uint8_t key[24], + const uint8_t ivec[16], + size_t *out_length) +{ + AES_KEY aes_key; + uint8_t rkey[24]; + + _urcrypt_reverse_copy(24, key, rkey); + + if ( 0 != AES_set_encrypt_key(rkey, 192, &aes_key) ) { + return NULL; + } + else { + return _urcrypt_cbc_help(message, + length, + &aes_key, + ivec, + AES_ENCRYPT, + out_length); + } +} + +uint8_t* +urcrypt_aes_cbcb_de(const uint8_t *message, + size_t length, + const uint8_t key[24], + const uint8_t ivec[16], + size_t *out_length) +{ + AES_KEY aes_key; + uint8_t rkey[24]; + + _urcrypt_reverse_copy(24, key, rkey); + + if ( 0 != AES_set_decrypt_key(rkey, 192, &aes_key) ) { + return NULL; + } + else { + return _urcrypt_cbc_help(message, + length, + &aes_key, + ivec, + AES_DECRYPT, + out_length); + } +} + +uint8_t* +urcrypt_aes_cbcc_en(const uint8_t *message, + size_t length, + const uint8_t key[32], + const uint8_t ivec[16], + size_t *out_length) +{ + AES_KEY aes_key; + uint8_t rkey[32]; + + _urcrypt_reverse_copy(32, key, rkey); + + if ( 0 != AES_set_encrypt_key(rkey, 256, &aes_key) ) { + return NULL; + } + else { + return _urcrypt_cbc_help(message, + length, + &aes_key, + ivec, + AES_ENCRYPT, + out_length); + } +} + +uint8_t* +urcrypt_aes_cbcc_de(const uint8_t *message, + size_t length, + const uint8_t key[32], + const uint8_t ivec[16], + size_t *out_length) +{ + AES_KEY aes_key; + uint8_t rkey[32]; + + _urcrypt_reverse_copy(32, key, rkey); + + if ( 0 != AES_set_decrypt_key(rkey, 256, &aes_key) ) { + return NULL; + } + else { + return _urcrypt_cbc_help(message, + length, + &aes_key, + ivec, + AES_DECRYPT, + out_length); + } +} diff --git a/pkg/urcrypt/urcrypt.h b/pkg/urcrypt/urcrypt.h index 3471c25d1..89699d6b0 100644 --- a/pkg/urcrypt/urcrypt.h +++ b/pkg/urcrypt/urcrypt.h @@ -83,5 +83,25 @@ uint8_t* urcrypt_aes_cbca_de(const uint8_t *message, const uint8_t key[16], const uint8_t ivec[16], size_t *out_length); +uint8_t* urcrypt_aes_cbcb_en(const uint8_t *message, + size_t length, + const uint8_t key[24], + const uint8_t ivec[16], + size_t *out_length); +uint8_t* urcrypt_aes_cbcb_de(const uint8_t *message, + size_t length, + const uint8_t key[24], + const uint8_t ivec[16], + size_t *out_length); +uint8_t* urcrypt_aes_cbcc_en(const uint8_t *message, + size_t length, + const uint8_t key[32], + const uint8_t ivec[16], + size_t *out_length); +uint8_t* urcrypt_aes_cbcc_de(const uint8_t *message, + size_t length, + const uint8_t key[32], + const uint8_t ivec[16], + size_t *out_length); #endif