CCM tuning + CryptX::_croak
Karel Miko
6 years ago
0 | 0 | MODULE = CryptX PACKAGE = Crypt::AuthEnc::CCM |
1 | ||
2 | void | |
3 | _memory_encrypt(char *cipher_name, SV *key, SV *nonce, SV *header, unsigned long tag_len, SV *plaintext) | |
4 | PPCODE: | |
5 | { | |
6 | STRLEN k_len, n_len, h_len, pt_len; | |
7 | unsigned char *k, *n, *h, *pt; | |
8 | int rv, id; | |
9 | unsigned char tag[MAXBLOCKSIZE]; | |
10 | SV *ct; | |
11 | ||
12 | if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); | |
13 | if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); | |
14 | if (!SvPOK(header)) croak("FATAL: header must be string/buffer scalar"); | |
15 | if (!SvPOK(plaintext)) croak("FATAL: plaintext must be string/buffer scalar"); | |
16 | k = (unsigned char *) SvPVbyte(key, k_len); | |
17 | n = (unsigned char *) SvPVbyte(nonce, n_len); | |
18 | h = (unsigned char *) SvPVbyte(header, h_len); | |
19 | pt = (unsigned char *) SvPVbyte(plaintext, pt_len); | |
20 | ||
21 | id = find_cipher(cipher_name); | |
22 | if (id == -1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); | |
23 | ||
24 | ct = NEWSV(0, pt_len); | |
25 | SvPOK_only(ct); | |
26 | SvCUR_set(ct, pt_len); | |
27 | ||
28 | if (tag_len < 4 || tag_len > 16) tag_len = 16; | |
29 | ||
30 | rv = ccm_memory(id, k, (unsigned long)k_len, NULL, n, (unsigned long)n_len, h, (unsigned long)h_len, | |
31 | pt, (unsigned long)pt_len, (unsigned char *)SvPVX(ct), tag, &tag_len, CCM_ENCRYPT); | |
32 | if (rv != CRYPT_OK) { | |
33 | SvREFCNT_dec(ct); | |
34 | croak("FATAL: ccm_memory failed: %s", error_to_string(rv)); | |
35 | } | |
36 | ||
37 | XPUSHs(sv_2mortal(ct)); | |
38 | XPUSHs(sv_2mortal(newSVpvn((char*)tag,tag_len))); | |
39 | ||
40 | /* int ccm_memory( int cipher, | |
41 | const unsigned char *key, unsigned long keylen, | |
42 | symmetric_key *uskey, | |
43 | const unsigned char *nonce, unsigned long noncelen, | |
44 | const unsigned char *header, unsigned long headerlen, | |
45 | unsigned char *pt, unsigned long ptlen, | |
46 | unsigned char *ct, | |
47 | unsigned char *tag, unsigned long *taglen, | |
48 | int direction); */ | |
49 | ||
50 | } | |
51 | ||
52 | void | |
53 | _memory_decrypt(char *cipher_name, SV *key, SV *nonce, SV *header, SV *ciphertext, SV *tag) | |
54 | PPCODE: | |
55 | { | |
56 | STRLEN k_len, n_len, h_len, ct_len, t_len; | |
57 | unsigned char *k, *n, *h, *ct, *t; | |
58 | int rv, id; | |
59 | unsigned char xtag[MAXBLOCKSIZE]; | |
60 | unsigned long xtag_len; | |
61 | SV *pt; | |
62 | ||
63 | if (!SvPOK(key)) croak("FATAL: key must be string/buffer scalar"); | |
64 | if (!SvPOK(nonce)) croak("FATAL: nonce must be string/buffer scalar"); | |
65 | if (!SvPOK(header)) croak("FATAL: header must be string/buffer scalar"); | |
66 | if (!SvPOK(ciphertext)) croak("FATAL: ciphertext must be string/buffer scalar"); | |
67 | if (!SvPOK(tag)) croak("FATAL: tag must be string/buffer scalar"); | |
68 | k = (unsigned char *) SvPVbyte(key, k_len); | |
69 | n = (unsigned char *) SvPVbyte(nonce, n_len); | |
70 | h = (unsigned char *) SvPVbyte(header, h_len); | |
71 | ct = (unsigned char *) SvPVbyte(ciphertext, ct_len); | |
72 | t = (unsigned char *) SvPVbyte(tag, t_len); | |
73 | ||
74 | id = find_cipher(cipher_name); | |
75 | if (id == -1) croak("FATAL: find_cipfer failed for '%s'", cipher_name); | |
76 | ||
77 | pt = NEWSV(0, ct_len); | |
78 | SvPOK_only(pt); | |
79 | SvCUR_set(pt, ct_len); | |
80 | ||
81 | xtag_len = (unsigned long)t_len; | |
82 | Copy(t, xtag, t_len, unsigned char); | |
83 | ||
84 | rv = ccm_memory(id, k, (unsigned long)k_len, NULL, n, (unsigned long)n_len, h, (unsigned long)h_len, | |
85 | (unsigned char *)SvPV_nolen(pt), (unsigned long)ct_len, ct, xtag, &xtag_len, CCM_DECRYPT); | |
86 | if (rv != CRYPT_OK) { | |
87 | SvREFCNT_dec(pt); | |
88 | XPUSHs(sv_2mortal(newSVpvn(NULL,0))); /* undef */ | |
89 | } | |
90 | else { | |
91 | XPUSHs(sv_2mortal(pt)); | |
92 | } | |
93 | } | |
94 | 1 | |
95 | 2 | Crypt::AuthEnc::CCM |
96 | 3 | _new(char * cipher_name, SV * key, SV * nonce, SV * adata, int tag_len, int pt_len) |
8 | 8 | our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); |
9 | 9 | our @EXPORT = qw(); |
10 | 10 | |
11 | use Carp; $Carp::Internal{(__PACKAGE__)}++; | |
11 | 12 | use CryptX; |
12 | 13 | use Crypt::Cipher; |
13 | 14 | |
14 | 15 | sub new { |
15 | my ($class, $cipher, $key, $iv, $adata, $tag_len, $pt_len) = @_; | |
16 | return _new(Crypt::Cipher::_trans_cipher_name($cipher), $key, $iv, $adata, $tag_len, $pt_len); | |
16 | my $class = shift; | |
17 | local $SIG{__DIE__} = \&CryptX::_croak; | |
18 | return _new(Crypt::Cipher::_trans_cipher_name(shift), @_); | |
17 | 19 | } |
18 | 20 | |
19 | 21 | sub ccm_encrypt_authenticate { |
28 | 30 | $adata = "" if !defined $adata; |
29 | 31 | $plaintext = "" if !defined $plaintext; |
30 | 32 | |
31 | return _memory_encrypt(Crypt::Cipher::_trans_cipher_name($cipher_name), $key, $iv, $adata, $tag_len, $plaintext); | |
32 | #my $m = Crypt::AuthEnc::CCM->new($cipher_name, $key, $iv, $adata, $tag_len, length($plaintext)); | |
33 | #my $ct = $m->encrypt_add($plaintext); | |
34 | #my $tag = $m->encrypt_done(); | |
35 | #return ($ct, $tag); | |
33 | local $SIG{__DIE__} = \&CryptX::_croak; | |
34 | my $m = Crypt::AuthEnc::CCM->new($cipher_name, $key, $iv, $adata, $tag_len, length($plaintext)); | |
35 | my $ct = $m->encrypt_add($plaintext); | |
36 | my $tag = $m->encrypt_done(); | |
37 | return ($ct, $tag); | |
36 | 38 | } |
37 | 39 | |
38 | 40 | sub ccm_decrypt_verify { |
47 | 49 | $adata = "" if !defined $adata; |
48 | 50 | $ciphertext = "" if !defined $ciphertext; |
49 | 51 | |
50 | return _memory_decrypt(Crypt::Cipher::_trans_cipher_name($cipher_name), $key, $iv, $adata, $ciphertext, $tag); | |
51 | #my $m = Crypt::AuthEnc::CCM->new($cipher_name, $key, $iv, $adata, length($tag), length($ciphertext)); | |
52 | #my $pt = $m->decrypt_add($ciphertext); | |
53 | #return $m->decrypt_done($tag) ? $pt : undef; | |
52 | local $SIG{__DIE__} = \&CryptX::_croak; | |
53 | my $m = Crypt::AuthEnc::CCM->new($cipher_name, $key, $iv, $adata, length($tag), length($ciphertext)); | |
54 | my $pt = $m->decrypt_add($ciphertext); | |
55 | return $m->decrypt_done($tag) ? $pt : undef; | |
54 | 56 | } |
55 | 57 | |
56 | 58 | 1; |
21 | 21 | # - _default_rounds_by_name |
22 | 22 | |
23 | 23 | sub _trans_cipher_name { |
24 | my $name = shift; | |
24 | my $name = shift || ""; | |
25 | 25 | my %trans = ( |
26 | 26 | DES_EDE => '3des', |
27 | 27 | SAFERP => 'safer+', |
8 | 8 | our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); |
9 | 9 | our @EXPORT = qw(); |
10 | 10 | |
11 | use Carp; | |
12 | $Carp::Internal{(__PACKAGE__)}++; | |
11 | use Carp; $Carp::Internal{(__PACKAGE__)}++; | |
13 | 12 | use CryptX; |
14 | 13 | |
15 | 14 | ### the following methods/functions are implemented in XS: |
25 | 24 | # - DESTROY |
26 | 25 | |
27 | 26 | sub _trans_digest_name { |
28 | my $name = shift; | |
27 | my $name = shift || ""; | |
29 | 28 | my %trans = ( |
30 | 29 | CHAES => 'chc_hash', |
31 | 30 | RIPEMD128 => 'rmd128', |
58 | 57 | sub new { |
59 | 58 | my $pkg = shift; |
60 | 59 | unshift @_, ($pkg eq 'Crypt::Digest' ? _trans_digest_name(shift) : _trans_digest_name($pkg)); |
61 | ###return _new(@_); | |
62 | goto \&_new; # keep the real caller for croak() | |
60 | local $SIG{__DIE__} = \&CryptX::_croak; | |
61 | return _new(@_); | |
63 | 62 | } |
64 | 63 | |
65 | 64 | sub hashsize { |
66 | 65 | return unless defined $_[0]; |
67 | 66 | |
68 | 67 | if (ref $_[0]) { |
69 | ###return _hashsize(@_); | |
70 | goto \&_hashsize if ref $_[0]; # keep the real caller for croak() | |
68 | local $SIG{__DIE__} = \&CryptX::_croak; | |
69 | return _hashsize(@_); | |
71 | 70 | } |
72 | 71 | else { |
73 | 72 | my $pkg = shift; |
74 | 73 | unshift @_, ($pkg eq 'Crypt::Digest' ? _trans_digest_name(shift) : _trans_digest_name($pkg)); |
75 | ###return _hashsize_by_name(@_); | |
76 | goto \&_hashsize_by_name; # keep the real caller for croak() | |
74 | local $SIG{__DIE__} = \&CryptX::_croak; | |
75 | return _hashsize_by_name(@_); | |
77 | 76 | } |
78 | 77 | } |
79 | 78 | |
104 | 103 | |
105 | 104 | ### FUNCTIONS |
106 | 105 | |
107 | sub digest_data { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->digest}; _croak($@); $rv } | |
108 | sub digest_data_hex { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->hexdigest}; _croak($@); $rv } | |
109 | sub digest_data_b64 { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->b64digest}; _croak($@); $rv } | |
110 | sub digest_data_b64u { my $rv = eval {Crypt::Digest->new(shift)->add(@_)->b64udigest}; _croak($@); $rv } | |
111 | ||
112 | sub digest_file { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->digest}; _croak($@); $rv } | |
113 | sub digest_file_hex { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->hexdigest}; _croak($@); $rv } | |
114 | sub digest_file_b64 { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->b64digest}; _croak($@); $rv } | |
115 | sub digest_file_b64u { my $rv = eval {Crypt::Digest->new(shift)->addfile(@_)->b64udigest}; _croak($@); $rv } | |
116 | ||
117 | sub _croak { #XXX-FIXME ugly hack for reporting real caller from XS croaks | |
118 | if ($_[0]) { | |
119 | $_[0] =~ s/ at .*?\.pm line \d+.[\n\r]*$//g; | |
120 | croak $_[0]; | |
121 | } | |
122 | } | |
106 | sub digest_data { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->add(@_)->digest } | |
107 | sub digest_data_hex { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->add(@_)->hexdigest } | |
108 | sub digest_data_b64 { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->add(@_)->b64digest } | |
109 | sub digest_data_b64u { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->add(@_)->b64udigest } | |
110 | ||
111 | sub digest_file { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->digest } | |
112 | sub digest_file_hex { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->hexdigest } | |
113 | sub digest_file_b64 { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->b64digest } | |
114 | sub digest_file_b64u { local $SIG{__DIE__} = \&CryptX::_croak; Crypt::Digest->new(shift)->addfile(@_)->b64udigest } | |
123 | 115 | |
124 | 116 | 1; |
125 | 117 |