2024-01-01 14:58:21 -05:00
|
|
|
// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
|
2023-03-14 02:59:23 -04:00
|
|
|
|
|
|
|
use aes::cipher::block_padding::Pkcs7;
|
2023-03-18 08:51:28 -04:00
|
|
|
use aes::cipher::BlockDecryptMut;
|
2023-03-14 02:59:23 -04:00
|
|
|
use aes::cipher::BlockEncryptMut;
|
|
|
|
use aes::cipher::KeyIvInit;
|
|
|
|
use deno_core::Resource;
|
2024-08-08 09:04:10 -04:00
|
|
|
use digest::generic_array::GenericArray;
|
2023-03-25 02:42:07 -04:00
|
|
|
use digest::KeyInit;
|
2023-03-14 02:59:23 -04:00
|
|
|
|
|
|
|
use std::borrow::Cow;
|
|
|
|
use std::cell::RefCell;
|
|
|
|
use std::rc::Rc;
|
|
|
|
|
2023-09-06 01:31:50 -04:00
|
|
|
type Tag = Option<Vec<u8>>;
|
|
|
|
|
|
|
|
type Aes128Gcm = aead_gcm_stream::AesGcm<aes::Aes128>;
|
|
|
|
type Aes256Gcm = aead_gcm_stream::AesGcm<aes::Aes256>;
|
|
|
|
|
2023-03-14 02:59:23 -04:00
|
|
|
enum Cipher {
|
|
|
|
Aes128Cbc(Box<cbc::Encryptor<aes::Aes128>>),
|
2023-03-25 02:42:07 -04:00
|
|
|
Aes128Ecb(Box<ecb::Encryptor<aes::Aes128>>),
|
2023-12-27 06:54:52 -05:00
|
|
|
Aes192Ecb(Box<ecb::Encryptor<aes::Aes192>>),
|
|
|
|
Aes256Ecb(Box<ecb::Encryptor<aes::Aes256>>),
|
2023-09-06 01:31:50 -04:00
|
|
|
Aes128Gcm(Box<Aes128Gcm>),
|
|
|
|
Aes256Gcm(Box<Aes256Gcm>),
|
2024-01-31 22:43:24 -05:00
|
|
|
Aes256Cbc(Box<cbc::Encryptor<aes::Aes256>>),
|
|
|
|
// TODO(kt3k): add more algorithms Aes192Cbc, etc.
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
enum Decipher {
|
2023-03-18 08:51:28 -04:00
|
|
|
Aes128Cbc(Box<cbc::Decryptor<aes::Aes128>>),
|
2023-03-25 02:42:07 -04:00
|
|
|
Aes128Ecb(Box<ecb::Decryptor<aes::Aes128>>),
|
2023-12-27 06:54:52 -05:00
|
|
|
Aes192Ecb(Box<ecb::Decryptor<aes::Aes192>>),
|
|
|
|
Aes256Ecb(Box<ecb::Decryptor<aes::Aes256>>),
|
2023-09-06 01:31:50 -04:00
|
|
|
Aes128Gcm(Box<Aes128Gcm>),
|
|
|
|
Aes256Gcm(Box<Aes256Gcm>),
|
2024-01-31 22:43:24 -05:00
|
|
|
Aes256Cbc(Box<cbc::Decryptor<aes::Aes256>>),
|
|
|
|
// TODO(kt3k): add more algorithms Aes192Cbc, Aes128GCM, etc.
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
pub struct CipherContext {
|
|
|
|
cipher: Rc<RefCell<Cipher>>,
|
|
|
|
}
|
|
|
|
|
|
|
|
pub struct DecipherContext {
|
2023-03-18 08:51:28 -04:00
|
|
|
decipher: Rc<RefCell<Decipher>>,
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
|
|
|
|
2024-11-06 19:57:57 -05:00
|
|
|
#[derive(Debug, thiserror::Error)]
|
|
|
|
pub enum CipherContextError {
|
|
|
|
#[error("Cipher context is already in use")]
|
|
|
|
ContextInUse,
|
|
|
|
#[error("{0}")]
|
|
|
|
Resource(deno_core::error::AnyError),
|
|
|
|
#[error(transparent)]
|
|
|
|
Cipher(#[from] CipherError),
|
|
|
|
}
|
|
|
|
|
2023-03-14 02:59:23 -04:00
|
|
|
impl CipherContext {
|
2024-11-06 19:57:57 -05:00
|
|
|
pub fn new(
|
|
|
|
algorithm: &str,
|
|
|
|
key: &[u8],
|
|
|
|
iv: &[u8],
|
|
|
|
) -> Result<Self, CipherContextError> {
|
2023-03-14 02:59:23 -04:00
|
|
|
Ok(Self {
|
|
|
|
cipher: Rc::new(RefCell::new(Cipher::new(algorithm, key, iv)?)),
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-09-06 01:31:50 -04:00
|
|
|
pub fn set_aad(&self, aad: &[u8]) {
|
|
|
|
self.cipher.borrow_mut().set_aad(aad);
|
|
|
|
}
|
|
|
|
|
2023-03-14 02:59:23 -04:00
|
|
|
pub fn encrypt(&self, input: &[u8], output: &mut [u8]) {
|
|
|
|
self.cipher.borrow_mut().encrypt(input, output);
|
|
|
|
}
|
|
|
|
|
2024-08-09 06:58:20 -04:00
|
|
|
pub fn take_tag(self) -> Tag {
|
|
|
|
Rc::try_unwrap(self.cipher).ok()?.into_inner().take_tag()
|
|
|
|
}
|
|
|
|
|
2023-03-14 02:59:23 -04:00
|
|
|
pub fn r#final(
|
|
|
|
self,
|
2024-08-08 09:04:10 -04:00
|
|
|
auto_pad: bool,
|
2023-03-14 02:59:23 -04:00
|
|
|
input: &[u8],
|
|
|
|
output: &mut [u8],
|
2024-11-06 19:57:57 -05:00
|
|
|
) -> Result<Tag, CipherContextError> {
|
2023-03-14 02:59:23 -04:00
|
|
|
Rc::try_unwrap(self.cipher)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| CipherContextError::ContextInUse)?
|
2023-03-14 02:59:23 -04:00
|
|
|
.into_inner()
|
2024-08-08 09:04:10 -04:00
|
|
|
.r#final(auto_pad, input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(Into::into)
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-11-06 19:57:57 -05:00
|
|
|
#[derive(Debug, thiserror::Error)]
|
|
|
|
pub enum DecipherContextError {
|
|
|
|
#[error("Decipher context is already in use")]
|
|
|
|
ContextInUse,
|
|
|
|
#[error("{0}")]
|
|
|
|
Resource(deno_core::error::AnyError),
|
|
|
|
#[error(transparent)]
|
|
|
|
Decipher(#[from] DecipherError),
|
|
|
|
}
|
|
|
|
|
2023-03-18 08:51:28 -04:00
|
|
|
impl DecipherContext {
|
2024-11-06 19:57:57 -05:00
|
|
|
pub fn new(
|
|
|
|
algorithm: &str,
|
|
|
|
key: &[u8],
|
|
|
|
iv: &[u8],
|
|
|
|
) -> Result<Self, DecipherContextError> {
|
2023-03-18 08:51:28 -04:00
|
|
|
Ok(Self {
|
|
|
|
decipher: Rc::new(RefCell::new(Decipher::new(algorithm, key, iv)?)),
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-09-06 01:31:50 -04:00
|
|
|
pub fn set_aad(&self, aad: &[u8]) {
|
|
|
|
self.decipher.borrow_mut().set_aad(aad);
|
|
|
|
}
|
|
|
|
|
2023-03-18 08:51:28 -04:00
|
|
|
pub fn decrypt(&self, input: &[u8], output: &mut [u8]) {
|
|
|
|
self.decipher.borrow_mut().decrypt(input, output);
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn r#final(
|
|
|
|
self,
|
2024-08-08 09:04:10 -04:00
|
|
|
auto_pad: bool,
|
2023-03-18 08:51:28 -04:00
|
|
|
input: &[u8],
|
|
|
|
output: &mut [u8],
|
2023-09-06 01:31:50 -04:00
|
|
|
auth_tag: &[u8],
|
2024-11-06 19:57:57 -05:00
|
|
|
) -> Result<(), DecipherContextError> {
|
2023-03-18 08:51:28 -04:00
|
|
|
Rc::try_unwrap(self.decipher)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| DecipherContextError::ContextInUse)?
|
2023-03-18 08:51:28 -04:00
|
|
|
.into_inner()
|
2024-08-08 09:04:10 -04:00
|
|
|
.r#final(auto_pad, input, output, auth_tag)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(Into::into)
|
2023-03-18 08:51:28 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-03-14 02:59:23 -04:00
|
|
|
impl Resource for CipherContext {
|
|
|
|
fn name(&self) -> Cow<str> {
|
|
|
|
"cryptoCipher".into()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl Resource for DecipherContext {
|
|
|
|
fn name(&self) -> Cow<str> {
|
|
|
|
"cryptoDecipher".into()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-11-06 19:57:57 -05:00
|
|
|
#[derive(Debug, thiserror::Error)]
|
|
|
|
pub enum CipherError {
|
|
|
|
#[error("IV length must be 12 bytes")]
|
|
|
|
InvalidIvLength,
|
|
|
|
#[error("Invalid key length")]
|
|
|
|
InvalidKeyLength,
|
|
|
|
#[error("Invalid initialization vector")]
|
|
|
|
InvalidInitializationVector,
|
|
|
|
#[error("Cannot pad the input data")]
|
|
|
|
CannotPadInputData,
|
|
|
|
#[error("Unknown cipher {0}")]
|
|
|
|
UnknownCipher(String),
|
|
|
|
}
|
|
|
|
|
2023-03-14 02:59:23 -04:00
|
|
|
impl Cipher {
|
|
|
|
fn new(
|
|
|
|
algorithm_name: &str,
|
|
|
|
key: &[u8],
|
|
|
|
iv: &[u8],
|
2024-11-06 19:57:57 -05:00
|
|
|
) -> Result<Self, CipherError> {
|
2023-03-14 02:59:23 -04:00
|
|
|
use Cipher::*;
|
|
|
|
Ok(match algorithm_name {
|
|
|
|
"aes-128-cbc" => {
|
|
|
|
Aes128Cbc(Box::new(cbc::Encryptor::new(key.into(), iv.into())))
|
|
|
|
}
|
2023-03-25 02:42:07 -04:00
|
|
|
"aes-128-ecb" => Aes128Ecb(Box::new(ecb::Encryptor::new(key.into()))),
|
2023-12-27 06:54:52 -05:00
|
|
|
"aes-192-ecb" => Aes192Ecb(Box::new(ecb::Encryptor::new(key.into()))),
|
|
|
|
"aes-256-ecb" => Aes256Ecb(Box::new(ecb::Encryptor::new(key.into()))),
|
2023-09-06 01:31:50 -04:00
|
|
|
"aes-128-gcm" => {
|
2024-08-28 09:04:18 -04:00
|
|
|
if iv.len() != 12 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(CipherError::InvalidIvLength);
|
2024-08-28 09:04:18 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
let cipher =
|
|
|
|
aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into(), iv);
|
2023-09-06 01:31:50 -04:00
|
|
|
|
|
|
|
Aes128Gcm(Box::new(cipher))
|
|
|
|
}
|
|
|
|
"aes-256-gcm" => {
|
2024-08-28 09:04:18 -04:00
|
|
|
if iv.len() != 12 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(CipherError::InvalidIvLength);
|
2024-08-28 09:04:18 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
let cipher =
|
|
|
|
aead_gcm_stream::AesGcm::<aes::Aes256>::new(key.into(), iv);
|
2023-09-06 01:31:50 -04:00
|
|
|
|
|
|
|
Aes256Gcm(Box::new(cipher))
|
|
|
|
}
|
2024-01-31 22:43:24 -05:00
|
|
|
"aes256" | "aes-256-cbc" => {
|
2024-09-11 00:27:07 -04:00
|
|
|
if key.len() != 32 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(CipherError::InvalidKeyLength);
|
2024-09-11 00:27:07 -04:00
|
|
|
}
|
|
|
|
if iv.len() != 16 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(CipherError::InvalidInitializationVector);
|
2024-09-11 00:27:07 -04:00
|
|
|
}
|
|
|
|
|
2024-01-31 22:43:24 -05:00
|
|
|
Aes256Cbc(Box::new(cbc::Encryptor::new(key.into(), iv.into())))
|
|
|
|
}
|
2024-11-06 19:57:57 -05:00
|
|
|
_ => return Err(CipherError::UnknownCipher(algorithm_name.to_string())),
|
2023-03-14 02:59:23 -04:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-09-06 01:31:50 -04:00
|
|
|
fn set_aad(&mut self, aad: &[u8]) {
|
|
|
|
use Cipher::*;
|
|
|
|
match self {
|
|
|
|
Aes128Gcm(cipher) => {
|
|
|
|
cipher.set_aad(aad);
|
|
|
|
}
|
|
|
|
Aes256Gcm(cipher) => {
|
|
|
|
cipher.set_aad(aad);
|
|
|
|
}
|
|
|
|
_ => {}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-03-14 02:59:23 -04:00
|
|
|
/// encrypt encrypts the data in the middle of the input.
|
|
|
|
fn encrypt(&mut self, input: &[u8], output: &mut [u8]) {
|
|
|
|
use Cipher::*;
|
|
|
|
match self {
|
|
|
|
Aes128Cbc(encryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
encryptor.encrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-03-25 02:42:07 -04:00
|
|
|
Aes128Ecb(encryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
encryptor.encrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-12-27 06:54:52 -05:00
|
|
|
Aes192Ecb(encryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
encryptor.encrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Aes256Ecb(encryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
encryptor.encrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-09-06 01:31:50 -04:00
|
|
|
Aes128Gcm(cipher) => {
|
|
|
|
output[..input.len()].copy_from_slice(input);
|
|
|
|
cipher.encrypt(output);
|
|
|
|
}
|
|
|
|
Aes256Gcm(cipher) => {
|
|
|
|
output[..input.len()].copy_from_slice(input);
|
|
|
|
cipher.encrypt(output);
|
|
|
|
}
|
2024-01-31 22:43:24 -05:00
|
|
|
Aes256Cbc(encryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
encryptor.encrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/// r#final encrypts the last block of the input data.
|
2024-08-08 09:04:10 -04:00
|
|
|
fn r#final(
|
|
|
|
self,
|
|
|
|
auto_pad: bool,
|
|
|
|
input: &[u8],
|
|
|
|
output: &mut [u8],
|
2024-11-06 19:57:57 -05:00
|
|
|
) -> Result<Tag, CipherError> {
|
2023-03-14 02:59:23 -04:00
|
|
|
assert!(input.len() < 16);
|
|
|
|
use Cipher::*;
|
2024-08-08 09:04:10 -04:00
|
|
|
match (self, auto_pad) {
|
|
|
|
(Aes128Cbc(encryptor), true) => {
|
2023-03-14 02:59:23 -04:00
|
|
|
let _ = (*encryptor)
|
|
|
|
.encrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| CipherError::CannotPadInputData)?;
|
2023-09-06 01:31:50 -04:00
|
|
|
Ok(None)
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes128Cbc(mut encryptor), false) => {
|
|
|
|
encryptor.encrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(None)
|
|
|
|
}
|
|
|
|
(Aes128Ecb(encryptor), true) => {
|
2023-03-25 02:42:07 -04:00
|
|
|
let _ = (*encryptor)
|
|
|
|
.encrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| CipherError::CannotPadInputData)?;
|
2023-09-06 01:31:50 -04:00
|
|
|
Ok(None)
|
2023-03-25 02:42:07 -04:00
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes128Ecb(mut encryptor), false) => {
|
|
|
|
encryptor.encrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(None)
|
|
|
|
}
|
|
|
|
(Aes192Ecb(encryptor), true) => {
|
2023-12-27 06:54:52 -05:00
|
|
|
let _ = (*encryptor)
|
|
|
|
.encrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| CipherError::CannotPadInputData)?;
|
2023-12-27 06:54:52 -05:00
|
|
|
Ok(None)
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes192Ecb(mut encryptor), false) => {
|
|
|
|
encryptor.encrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(None)
|
|
|
|
}
|
|
|
|
(Aes256Ecb(encryptor), true) => {
|
2023-12-27 06:54:52 -05:00
|
|
|
let _ = (*encryptor)
|
|
|
|
.encrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| CipherError::CannotPadInputData)?;
|
2023-12-27 06:54:52 -05:00
|
|
|
Ok(None)
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes256Ecb(mut encryptor), false) => {
|
|
|
|
encryptor.encrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(None)
|
|
|
|
}
|
|
|
|
(Aes128Gcm(cipher), _) => Ok(Some(cipher.finish().to_vec())),
|
|
|
|
(Aes256Gcm(cipher), _) => Ok(Some(cipher.finish().to_vec())),
|
|
|
|
(Aes256Cbc(encryptor), true) => {
|
2024-01-31 22:43:24 -05:00
|
|
|
let _ = (*encryptor)
|
|
|
|
.encrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| CipherError::CannotPadInputData)?;
|
2024-01-31 22:43:24 -05:00
|
|
|
Ok(None)
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes256Cbc(mut encryptor), false) => {
|
|
|
|
encryptor.encrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(None)
|
|
|
|
}
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
|
|
|
}
|
2024-08-09 06:58:20 -04:00
|
|
|
|
|
|
|
fn take_tag(self) -> Tag {
|
|
|
|
use Cipher::*;
|
|
|
|
match self {
|
|
|
|
Aes128Gcm(cipher) => Some(cipher.finish().to_vec()),
|
|
|
|
Aes256Gcm(cipher) => Some(cipher.finish().to_vec()),
|
|
|
|
_ => None,
|
|
|
|
}
|
|
|
|
}
|
2023-03-14 02:59:23 -04:00
|
|
|
}
|
2023-03-18 08:51:28 -04:00
|
|
|
|
2024-11-06 19:57:57 -05:00
|
|
|
#[derive(Debug, thiserror::Error)]
|
|
|
|
pub enum DecipherError {
|
|
|
|
#[error("IV length must be 12 bytes")]
|
|
|
|
InvalidIvLength,
|
|
|
|
#[error("Invalid key length")]
|
|
|
|
InvalidKeyLength,
|
|
|
|
#[error("Invalid initialization vector")]
|
|
|
|
InvalidInitializationVector,
|
|
|
|
#[error("Cannot unpad the input data")]
|
|
|
|
CannotUnpadInputData,
|
|
|
|
#[error("Failed to authenticate data")]
|
|
|
|
DataAuthenticationFailed,
|
|
|
|
#[error("setAutoPadding(false) not supported for Aes128Gcm yet")]
|
|
|
|
SetAutoPaddingFalseAes128GcmUnsupported,
|
|
|
|
#[error("setAutoPadding(false) not supported for Aes256Gcm yet")]
|
|
|
|
SetAutoPaddingFalseAes256GcmUnsupported,
|
|
|
|
#[error("Unknown cipher {0}")]
|
|
|
|
UnknownCipher(String),
|
|
|
|
}
|
|
|
|
|
2023-03-18 08:51:28 -04:00
|
|
|
impl Decipher {
|
|
|
|
fn new(
|
|
|
|
algorithm_name: &str,
|
|
|
|
key: &[u8],
|
|
|
|
iv: &[u8],
|
2024-11-06 19:57:57 -05:00
|
|
|
) -> Result<Self, DecipherError> {
|
2023-03-18 08:51:28 -04:00
|
|
|
use Decipher::*;
|
|
|
|
Ok(match algorithm_name {
|
|
|
|
"aes-128-cbc" => {
|
|
|
|
Aes128Cbc(Box::new(cbc::Decryptor::new(key.into(), iv.into())))
|
|
|
|
}
|
2023-03-25 02:42:07 -04:00
|
|
|
"aes-128-ecb" => Aes128Ecb(Box::new(ecb::Decryptor::new(key.into()))),
|
2023-12-27 06:54:52 -05:00
|
|
|
"aes-192-ecb" => Aes192Ecb(Box::new(ecb::Decryptor::new(key.into()))),
|
|
|
|
"aes-256-ecb" => Aes256Ecb(Box::new(ecb::Decryptor::new(key.into()))),
|
2023-09-06 01:31:50 -04:00
|
|
|
"aes-128-gcm" => {
|
2024-08-28 09:04:18 -04:00
|
|
|
if iv.len() != 12 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(DecipherError::InvalidIvLength);
|
2024-08-28 09:04:18 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
let decipher =
|
|
|
|
aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into(), iv);
|
2023-09-06 01:31:50 -04:00
|
|
|
|
|
|
|
Aes128Gcm(Box::new(decipher))
|
|
|
|
}
|
|
|
|
"aes-256-gcm" => {
|
2024-08-28 09:04:18 -04:00
|
|
|
if iv.len() != 12 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(DecipherError::InvalidIvLength);
|
2024-08-28 09:04:18 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
let decipher =
|
|
|
|
aead_gcm_stream::AesGcm::<aes::Aes256>::new(key.into(), iv);
|
2023-09-06 01:31:50 -04:00
|
|
|
|
|
|
|
Aes256Gcm(Box::new(decipher))
|
|
|
|
}
|
2024-01-31 22:43:24 -05:00
|
|
|
"aes256" | "aes-256-cbc" => {
|
2024-09-11 00:27:07 -04:00
|
|
|
if key.len() != 32 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(DecipherError::InvalidKeyLength);
|
2024-09-11 00:27:07 -04:00
|
|
|
}
|
|
|
|
if iv.len() != 16 {
|
2024-11-06 19:57:57 -05:00
|
|
|
return Err(DecipherError::InvalidInitializationVector);
|
2024-09-11 00:27:07 -04:00
|
|
|
}
|
|
|
|
|
2024-01-31 22:43:24 -05:00
|
|
|
Aes256Cbc(Box::new(cbc::Decryptor::new(key.into(), iv.into())))
|
|
|
|
}
|
2024-11-06 19:57:57 -05:00
|
|
|
_ => {
|
|
|
|
return Err(DecipherError::UnknownCipher(algorithm_name.to_string()))
|
|
|
|
}
|
2023-03-18 08:51:28 -04:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-09-06 01:31:50 -04:00
|
|
|
fn set_aad(&mut self, aad: &[u8]) {
|
|
|
|
use Decipher::*;
|
|
|
|
match self {
|
|
|
|
Aes128Gcm(decipher) => {
|
|
|
|
decipher.set_aad(aad);
|
|
|
|
}
|
|
|
|
Aes256Gcm(decipher) => {
|
|
|
|
decipher.set_aad(aad);
|
|
|
|
}
|
|
|
|
_ => {}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-03-18 08:51:28 -04:00
|
|
|
/// decrypt decrypts the data in the middle of the input.
|
|
|
|
fn decrypt(&mut self, input: &[u8], output: &mut [u8]) {
|
|
|
|
use Decipher::*;
|
|
|
|
match self {
|
|
|
|
Aes128Cbc(decryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
decryptor.decrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-03-25 02:42:07 -04:00
|
|
|
Aes128Ecb(decryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
decryptor.decrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-12-27 06:54:52 -05:00
|
|
|
Aes192Ecb(decryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
decryptor.decrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Aes256Ecb(decryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
decryptor.decrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-09-06 01:31:50 -04:00
|
|
|
Aes128Gcm(decipher) => {
|
|
|
|
output[..input.len()].copy_from_slice(input);
|
|
|
|
decipher.decrypt(output);
|
|
|
|
}
|
|
|
|
Aes256Gcm(decipher) => {
|
|
|
|
output[..input.len()].copy_from_slice(input);
|
|
|
|
decipher.decrypt(output);
|
|
|
|
}
|
2024-01-31 22:43:24 -05:00
|
|
|
Aes256Cbc(decryptor) => {
|
|
|
|
assert!(input.len() % 16 == 0);
|
|
|
|
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
|
|
|
|
decryptor.decrypt_block_b2b_mut(input.into(), output.into());
|
|
|
|
}
|
|
|
|
}
|
2023-03-18 08:51:28 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/// r#final decrypts the last block of the input data.
|
2023-09-06 01:31:50 -04:00
|
|
|
fn r#final(
|
|
|
|
self,
|
2024-08-08 09:04:10 -04:00
|
|
|
auto_pad: bool,
|
2023-09-06 01:31:50 -04:00
|
|
|
input: &[u8],
|
|
|
|
output: &mut [u8],
|
|
|
|
auth_tag: &[u8],
|
2024-11-06 19:57:57 -05:00
|
|
|
) -> Result<(), DecipherError> {
|
2023-03-18 08:51:28 -04:00
|
|
|
use Decipher::*;
|
2024-08-08 09:04:10 -04:00
|
|
|
match (self, auto_pad) {
|
|
|
|
(Aes128Cbc(decryptor), true) => {
|
2023-09-06 01:31:50 -04:00
|
|
|
assert!(input.len() == 16);
|
2023-03-18 08:51:28 -04:00
|
|
|
let _ = (*decryptor)
|
|
|
|
.decrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| DecipherError::CannotUnpadInputData)?;
|
2023-03-18 08:51:28 -04:00
|
|
|
Ok(())
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes128Cbc(mut decryptor), false) => {
|
|
|
|
decryptor.decrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
(Aes128Ecb(decryptor), true) => {
|
2023-09-06 01:31:50 -04:00
|
|
|
assert!(input.len() == 16);
|
2023-03-25 02:42:07 -04:00
|
|
|
let _ = (*decryptor)
|
|
|
|
.decrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| DecipherError::CannotUnpadInputData)?;
|
2023-03-25 02:42:07 -04:00
|
|
|
Ok(())
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes128Ecb(mut decryptor), false) => {
|
|
|
|
decryptor.decrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
(Aes192Ecb(decryptor), true) => {
|
2023-12-27 06:54:52 -05:00
|
|
|
assert!(input.len() == 16);
|
|
|
|
let _ = (*decryptor)
|
|
|
|
.decrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| DecipherError::CannotUnpadInputData)?;
|
2023-12-27 06:54:52 -05:00
|
|
|
Ok(())
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes192Ecb(mut decryptor), false) => {
|
|
|
|
decryptor.decrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
(Aes256Ecb(decryptor), true) => {
|
2023-12-27 06:54:52 -05:00
|
|
|
assert!(input.len() == 16);
|
|
|
|
let _ = (*decryptor)
|
|
|
|
.decrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| DecipherError::CannotUnpadInputData)?;
|
2023-12-27 06:54:52 -05:00
|
|
|
Ok(())
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes256Ecb(mut decryptor), false) => {
|
|
|
|
decryptor.decrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
(Aes128Gcm(decipher), true) => {
|
2023-09-06 01:31:50 -04:00
|
|
|
let tag = decipher.finish();
|
|
|
|
if tag.as_slice() == auth_tag {
|
|
|
|
Ok(())
|
|
|
|
} else {
|
2024-11-06 19:57:57 -05:00
|
|
|
Err(DecipherError::DataAuthenticationFailed)
|
2023-09-06 01:31:50 -04:00
|
|
|
}
|
|
|
|
}
|
2024-11-06 19:57:57 -05:00
|
|
|
(Aes128Gcm(_), false) => {
|
|
|
|
Err(DecipherError::SetAutoPaddingFalseAes128GcmUnsupported)
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes256Gcm(decipher), true) => {
|
2023-09-06 01:31:50 -04:00
|
|
|
let tag = decipher.finish();
|
|
|
|
if tag.as_slice() == auth_tag {
|
|
|
|
Ok(())
|
|
|
|
} else {
|
2024-11-06 19:57:57 -05:00
|
|
|
Err(DecipherError::DataAuthenticationFailed)
|
2023-09-06 01:31:50 -04:00
|
|
|
}
|
|
|
|
}
|
2024-11-06 19:57:57 -05:00
|
|
|
(Aes256Gcm(_), false) => {
|
|
|
|
Err(DecipherError::SetAutoPaddingFalseAes256GcmUnsupported)
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes256Cbc(decryptor), true) => {
|
2024-01-31 22:43:24 -05:00
|
|
|
assert!(input.len() == 16);
|
|
|
|
let _ = (*decryptor)
|
|
|
|
.decrypt_padded_b2b_mut::<Pkcs7>(input, output)
|
2024-11-06 19:57:57 -05:00
|
|
|
.map_err(|_| DecipherError::CannotUnpadInputData)?;
|
2024-01-31 22:43:24 -05:00
|
|
|
Ok(())
|
|
|
|
}
|
2024-08-08 09:04:10 -04:00
|
|
|
(Aes256Cbc(mut decryptor), false) => {
|
|
|
|
decryptor.decrypt_block_b2b_mut(
|
|
|
|
GenericArray::from_slice(input),
|
|
|
|
GenericArray::from_mut_slice(output),
|
|
|
|
);
|
|
|
|
Ok(())
|
|
|
|
}
|
2023-03-18 08:51:28 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|