2017-06-06 03:58:58 +08:00
|
|
|
// Copyright (C) 2017. See AUTHORS.
|
2014-05-10 05:38:13 +08:00
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
2014-04-12 03:41:08 +08:00
|
|
|
package openssl
|
|
|
|
|
2017-06-02 22:47:50 +08:00
|
|
|
// #include "shim.h"
|
2014-04-12 03:41:08 +08:00
|
|
|
import "C"
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"runtime"
|
|
|
|
"unsafe"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
GCM_TAG_MAXLEN = 16
|
|
|
|
)
|
|
|
|
|
|
|
|
type CipherCtx interface {
|
|
|
|
Cipher() *Cipher
|
|
|
|
BlockSize() int
|
|
|
|
KeySize() int
|
|
|
|
IVSize() int
|
|
|
|
}
|
|
|
|
|
2014-04-30 03:21:25 +08:00
|
|
|
type Cipher struct {
|
|
|
|
ptr *C.EVP_CIPHER
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
2014-11-13 07:55:00 +08:00
|
|
|
func (c *Cipher) Nid() NID {
|
2017-06-02 22:47:50 +08:00
|
|
|
return NID(C.X_EVP_CIPHER_nid(c.ptr))
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
2014-04-30 03:21:25 +08:00
|
|
|
func (c *Cipher) ShortName() (string, error) {
|
|
|
|
return Nid2ShortName(c.Nid())
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
2014-04-30 03:21:25 +08:00
|
|
|
func (c *Cipher) BlockSize() int {
|
2017-06-02 22:47:50 +08:00
|
|
|
return int(C.X_EVP_CIPHER_block_size(c.ptr))
|
2014-04-30 03:21:25 +08:00
|
|
|
}
|
2014-04-12 03:41:08 +08:00
|
|
|
|
2014-04-30 03:21:25 +08:00
|
|
|
func (c *Cipher) KeySize() int {
|
2017-06-02 22:47:50 +08:00
|
|
|
return int(C.X_EVP_CIPHER_key_length(c.ptr))
|
2014-04-30 03:21:25 +08:00
|
|
|
}
|
2014-04-12 03:41:08 +08:00
|
|
|
|
2014-04-30 03:21:25 +08:00
|
|
|
func (c *Cipher) IVSize() int {
|
2017-06-02 22:47:50 +08:00
|
|
|
return int(C.X_EVP_CIPHER_iv_length(c.ptr))
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
2014-11-13 07:55:00 +08:00
|
|
|
func Nid2ShortName(nid NID) (string, error) {
|
2014-04-12 03:41:08 +08:00
|
|
|
sn := C.OBJ_nid2sn(C.int(nid))
|
|
|
|
if sn == nil {
|
|
|
|
return "", fmt.Errorf("NID %d not found", nid)
|
|
|
|
}
|
|
|
|
return C.GoString(sn), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func GetCipherByName(name string) (*Cipher, error) {
|
|
|
|
cname := C.CString(name)
|
|
|
|
defer C.free(unsafe.Pointer(cname))
|
|
|
|
p := C.EVP_get_cipherbyname(cname)
|
|
|
|
if p == nil {
|
|
|
|
return nil, fmt.Errorf("Cipher %v not found", name)
|
|
|
|
}
|
|
|
|
// we can consider ciphers to use static mem; don't need to free
|
|
|
|
return &Cipher{ptr: p}, nil
|
|
|
|
}
|
|
|
|
|
2014-11-13 07:55:00 +08:00
|
|
|
func GetCipherByNid(nid NID) (*Cipher, error) {
|
2014-04-12 03:41:08 +08:00
|
|
|
sn, err := Nid2ShortName(nid)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return GetCipherByName(sn)
|
|
|
|
}
|
|
|
|
|
2014-04-30 03:21:25 +08:00
|
|
|
type cipherCtx struct {
|
|
|
|
ctx *C.EVP_CIPHER_CTX
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func newCipherCtx() (*cipherCtx, error) {
|
|
|
|
cctx := C.EVP_CIPHER_CTX_new()
|
|
|
|
if cctx == nil {
|
|
|
|
return nil, errors.New("failed to allocate cipher context")
|
|
|
|
}
|
|
|
|
ctx := &cipherCtx{cctx}
|
|
|
|
runtime.SetFinalizer(ctx, func(ctx *cipherCtx) {
|
|
|
|
C.EVP_CIPHER_CTX_free(ctx.ctx)
|
|
|
|
})
|
|
|
|
return ctx, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) applyKeyAndIV(key, iv []byte) error {
|
|
|
|
var kptr, iptr *C.uchar
|
|
|
|
if key != nil {
|
|
|
|
if len(key) != ctx.KeySize() {
|
|
|
|
return fmt.Errorf("bad key size (%d bytes instead of %d)",
|
|
|
|
len(key), ctx.KeySize())
|
|
|
|
}
|
|
|
|
kptr = (*C.uchar)(&key[0])
|
|
|
|
}
|
|
|
|
if iv != nil {
|
|
|
|
if len(iv) != ctx.IVSize() {
|
|
|
|
return fmt.Errorf("bad IV size (%d bytes instead of %d)",
|
|
|
|
len(iv), ctx.IVSize())
|
|
|
|
}
|
|
|
|
iptr = (*C.uchar)(&iv[0])
|
|
|
|
}
|
|
|
|
if kptr != nil || iptr != nil {
|
2014-12-19 16:24:41 +08:00
|
|
|
var res C.int
|
2017-06-02 22:47:50 +08:00
|
|
|
if C.X_EVP_CIPHER_CTX_encrypting(ctx.ctx) != 0 {
|
2014-12-19 16:24:41 +08:00
|
|
|
res = C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, kptr, iptr)
|
|
|
|
} else {
|
|
|
|
res = C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, kptr, iptr)
|
|
|
|
}
|
2021-07-19 23:47:21 +08:00
|
|
|
if res != 1 {
|
2014-04-12 03:41:08 +08:00
|
|
|
return errors.New("failed to apply key/IV")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) Cipher() *Cipher {
|
2017-06-02 22:47:50 +08:00
|
|
|
return &Cipher{ptr: C.X_EVP_CIPHER_CTX_cipher(ctx.ctx)}
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) BlockSize() int {
|
2017-06-02 22:47:50 +08:00
|
|
|
return int(C.X_EVP_CIPHER_CTX_block_size(ctx.ctx))
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) KeySize() int {
|
2017-06-02 22:47:50 +08:00
|
|
|
return int(C.X_EVP_CIPHER_CTX_key_length(ctx.ctx))
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) IVSize() int {
|
2017-06-02 22:47:50 +08:00
|
|
|
return int(C.X_EVP_CIPHER_CTX_iv_length(ctx.ctx))
|
2014-04-12 03:41:08 +08:00
|
|
|
}
|
|
|
|
|
2018-08-17 01:04:05 +08:00
|
|
|
func (ctx *cipherCtx) SetPadding(pad bool) {
|
|
|
|
if pad {
|
|
|
|
C.X_EVP_CIPHER_CTX_set_padding(ctx.ctx, 1)
|
2018-09-05 21:04:03 +08:00
|
|
|
} else {
|
|
|
|
C.X_EVP_CIPHER_CTX_set_padding(ctx.ctx, 0)
|
2018-08-17 01:04:05 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-04-12 03:41:08 +08:00
|
|
|
func (ctx *cipherCtx) setCtrl(code, arg int) error {
|
|
|
|
res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg), nil)
|
|
|
|
if res != 1 {
|
|
|
|
return fmt.Errorf("failed to set code %d to %d [result %d]",
|
|
|
|
code, arg, res)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) setCtrlBytes(code, arg int, value []byte) error {
|
|
|
|
res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg),
|
|
|
|
unsafe.Pointer(&value[0]))
|
|
|
|
if res != 1 {
|
|
|
|
return fmt.Errorf("failed to set code %d with arg %d to %x [result %d]",
|
|
|
|
code, arg, value, res)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) getCtrlInt(code, arg int) (int, error) {
|
|
|
|
var returnVal C.int
|
|
|
|
res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg),
|
|
|
|
unsafe.Pointer(&returnVal))
|
|
|
|
if res != 1 {
|
|
|
|
return 0, fmt.Errorf("failed to get code %d with arg %d [result %d]",
|
|
|
|
code, arg, res)
|
|
|
|
}
|
|
|
|
return int(returnVal), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *cipherCtx) getCtrlBytes(code, arg, expectsize int) ([]byte, error) {
|
|
|
|
returnVal := make([]byte, expectsize)
|
|
|
|
res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg),
|
|
|
|
unsafe.Pointer(&returnVal[0]))
|
|
|
|
if res != 1 {
|
|
|
|
return nil, fmt.Errorf("failed to get code %d with arg %d [result %d]",
|
|
|
|
code, arg, res)
|
|
|
|
}
|
|
|
|
return returnVal, nil
|
|
|
|
}
|
|
|
|
|
2014-04-30 03:21:25 +08:00
|
|
|
type EncryptionCipherCtx interface {
|
|
|
|
CipherCtx
|
|
|
|
|
|
|
|
// pass in plaintext, get back ciphertext. can be called
|
|
|
|
// multiple times as needed
|
|
|
|
EncryptUpdate(input []byte) ([]byte, error)
|
|
|
|
|
|
|
|
// call after all plaintext has been passed in; may return
|
|
|
|
// additional ciphertext if needed to finish off a block
|
|
|
|
// or extra padding information
|
|
|
|
EncryptFinal() ([]byte, error)
|
|
|
|
}
|
|
|
|
|
|
|
|
type DecryptionCipherCtx interface {
|
|
|
|
CipherCtx
|
|
|
|
|
|
|
|
// pass in ciphertext, get back plaintext. can be called
|
|
|
|
// multiple times as needed
|
|
|
|
DecryptUpdate(input []byte) ([]byte, error)
|
|
|
|
|
|
|
|
// call after all ciphertext has been passed in; may return
|
|
|
|
// additional plaintext if needed to finish off a block
|
|
|
|
DecryptFinal() ([]byte, error)
|
|
|
|
}
|
|
|
|
|
|
|
|
type encryptionCipherCtx struct {
|
|
|
|
*cipherCtx
|
|
|
|
}
|
|
|
|
|
|
|
|
type decryptionCipherCtx struct {
|
|
|
|
*cipherCtx
|
|
|
|
}
|
|
|
|
|
|
|
|
func newEncryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
|
|
|
|
*encryptionCipherCtx, error) {
|
|
|
|
if c == nil {
|
|
|
|
return nil, errors.New("null cipher not allowed")
|
|
|
|
}
|
|
|
|
ctx, err := newCipherCtx()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
var eptr *C.ENGINE
|
|
|
|
if e != nil {
|
|
|
|
eptr = e.e
|
|
|
|
}
|
2021-07-19 23:47:21 +08:00
|
|
|
if C.EVP_EncryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) != 1 {
|
2014-04-30 03:21:25 +08:00
|
|
|
return nil, errors.New("failed to initialize cipher context")
|
|
|
|
}
|
|
|
|
err = ctx.applyKeyAndIV(key, iv)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &encryptionCipherCtx{cipherCtx: ctx}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func newDecryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
|
|
|
|
*decryptionCipherCtx, error) {
|
|
|
|
if c == nil {
|
|
|
|
return nil, errors.New("null cipher not allowed")
|
|
|
|
}
|
|
|
|
ctx, err := newCipherCtx()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
var eptr *C.ENGINE
|
|
|
|
if e != nil {
|
|
|
|
eptr = e.e
|
|
|
|
}
|
2021-07-19 23:47:21 +08:00
|
|
|
if C.EVP_DecryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) != 1 {
|
2014-04-30 03:21:25 +08:00
|
|
|
return nil, errors.New("failed to initialize cipher context")
|
|
|
|
}
|
|
|
|
err = ctx.applyKeyAndIV(key, iv)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &decryptionCipherCtx{cipherCtx: ctx}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewEncryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
|
|
|
|
EncryptionCipherCtx, error) {
|
|
|
|
return newEncryptionCipherCtx(c, e, key, iv)
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewDecryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
|
|
|
|
DecryptionCipherCtx, error) {
|
|
|
|
return newDecryptionCipherCtx(c, e, key, iv)
|
|
|
|
}
|
|
|
|
|
2014-04-12 03:41:08 +08:00
|
|
|
func (ctx *encryptionCipherCtx) EncryptUpdate(input []byte) ([]byte, error) {
|
2018-10-18 04:33:07 +08:00
|
|
|
if len(input) == 0 {
|
|
|
|
return nil, nil
|
|
|
|
}
|
2014-04-12 03:41:08 +08:00
|
|
|
outbuf := make([]byte, len(input)+ctx.BlockSize())
|
|
|
|
outlen := C.int(len(outbuf))
|
|
|
|
res := C.EVP_EncryptUpdate(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen,
|
|
|
|
(*C.uchar)(&input[0]), C.int(len(input)))
|
|
|
|
if res != 1 {
|
|
|
|
return nil, fmt.Errorf("failed to encrypt [result %d]", res)
|
|
|
|
}
|
|
|
|
return outbuf[:outlen], nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *decryptionCipherCtx) DecryptUpdate(input []byte) ([]byte, error) {
|
2018-10-18 04:33:07 +08:00
|
|
|
if len(input) == 0 {
|
|
|
|
return nil, nil
|
|
|
|
}
|
2014-04-12 03:41:08 +08:00
|
|
|
outbuf := make([]byte, len(input)+ctx.BlockSize())
|
|
|
|
outlen := C.int(len(outbuf))
|
|
|
|
res := C.EVP_DecryptUpdate(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen,
|
|
|
|
(*C.uchar)(&input[0]), C.int(len(input)))
|
|
|
|
if res != 1 {
|
|
|
|
return nil, fmt.Errorf("failed to decrypt [result %d]", res)
|
|
|
|
}
|
|
|
|
return outbuf[:outlen], nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *encryptionCipherCtx) EncryptFinal() ([]byte, error) {
|
|
|
|
outbuf := make([]byte, ctx.BlockSize())
|
|
|
|
var outlen C.int
|
2021-07-19 23:47:21 +08:00
|
|
|
if C.EVP_EncryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) != 1 {
|
2014-04-12 03:41:08 +08:00
|
|
|
return nil, errors.New("encryption failed")
|
|
|
|
}
|
|
|
|
return outbuf[:outlen], nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *decryptionCipherCtx) DecryptFinal() ([]byte, error) {
|
|
|
|
outbuf := make([]byte, ctx.BlockSize())
|
|
|
|
var outlen C.int
|
2021-07-19 23:47:21 +08:00
|
|
|
if C.EVP_DecryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) != 1 {
|
2014-04-12 03:41:08 +08:00
|
|
|
// this may mean the tag failed to verify- all previous plaintext
|
|
|
|
// returned must be considered faked and invalid
|
|
|
|
return nil, errors.New("decryption failed")
|
|
|
|
}
|
|
|
|
return outbuf[:outlen], nil
|
|
|
|
}
|