foster/deno
0
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-03-04 01:44:26 -05:00
Code Issues Packages 1 Wiki Activity

fix(ext/node): Implement aes-192-ecb and aes-256-ecb (#21710)

Browse source
This commit is contained in:
Lino Le Van 2023-12-27 12:54:52 +01:00 committed by GitHub
parent 4f4dcf5291
commit d5f6e271ff
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 76 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
cli/tests/unit_node/crypto/crypto_cipher_test.ts
View file

@ -108,6 +108,16 @@ Deno.test({
"66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e", "66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e",
"baf823258ca2e6994f638daa3515e986", "baf823258ca2e6994f638daa3515e986",
], ],
[
["aes-192-ecb", 24, 0],
"aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7",
"2e0f33b51bb184654311ead507ea55fc",
],
[
["aes-256-ecb", 32, 0],
"dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087",
"0ac1d7e8655254c6814b46753932df88",
],
] as const; ] as const;
for ( for (
const [[alg, keyLen, ivLen], expectedUpdate, expectedFinal] of table const [[alg, keyLen, ivLen], expectedUpdate, expectedFinal] of table
@ -168,6 +178,14 @@ Deno.test({
["aes-128-ecb", 16, 0], ["aes-128-ecb", 16, 0],
"66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2ec29a917cbaf72fa9bc32129bb0d17663", "66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2ec29a917cbaf72fa9bc32129bb0d17663",
], ],
[
["aes-192-ecb", 24, 0],
"aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7ab40eb56b6fc2aacf2e9254685cce891",
],
[
["aes-256-ecb", 32, 0],
"dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a214928420877c45b49560579dd1ffc7ec626de2a968",
],
] as const; ] as const;
for ( for (
const [[alg, keyLen, ivLen], input] of table const [[alg, keyLen, ivLen], input] of table

58
ext/node/ops/crypto/cipher.rs
View file

@ -21,6 +21,8 @@ type Aes256Gcm = aead_gcm_stream::AesGcm<aes::Aes256>;
enum Cipher { enum Cipher {
Aes128Cbc(Box<cbc::Encryptor<aes::Aes128>>), Aes128Cbc(Box<cbc::Encryptor<aes::Aes128>>),
Aes128Ecb(Box<ecb::Encryptor<aes::Aes128>>), Aes128Ecb(Box<ecb::Encryptor<aes::Aes128>>),
Aes192Ecb(Box<ecb::Encryptor<aes::Aes192>>),
Aes256Ecb(Box<ecb::Encryptor<aes::Aes256>>),
Aes128Gcm(Box<Aes128Gcm>), Aes128Gcm(Box<Aes128Gcm>),
Aes256Gcm(Box<Aes256Gcm>), Aes256Gcm(Box<Aes256Gcm>),
// TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, etc. // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, etc.
@ -29,6 +31,8 @@ enum Cipher {
enum Decipher { enum Decipher {
Aes128Cbc(Box<cbc::Decryptor<aes::Aes128>>), Aes128Cbc(Box<cbc::Decryptor<aes::Aes128>>),
Aes128Ecb(Box<ecb::Decryptor<aes::Aes128>>), Aes128Ecb(Box<ecb::Decryptor<aes::Aes128>>),
Aes192Ecb(Box<ecb::Decryptor<aes::Aes192>>),
Aes256Ecb(Box<ecb::Decryptor<aes::Aes256>>),
Aes128Gcm(Box<Aes128Gcm>), Aes128Gcm(Box<Aes128Gcm>),
Aes256Gcm(Box<Aes256Gcm>), Aes256Gcm(Box<Aes256Gcm>),
// TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, Aes128GCM, etc. // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, Aes128GCM, etc.
@ -121,6 +125,8 @@ impl Cipher {
Aes128Cbc(Box::new(cbc::Encryptor::new(key.into(), iv.into()))) Aes128Cbc(Box::new(cbc::Encryptor::new(key.into(), iv.into())))
} }
"aes-128-ecb" => Aes128Ecb(Box::new(ecb::Encryptor::new(key.into()))), "aes-128-ecb" => Aes128Ecb(Box::new(ecb::Encryptor::new(key.into()))),
"aes-192-ecb" => Aes192Ecb(Box::new(ecb::Encryptor::new(key.into()))),
"aes-256-ecb" => Aes256Ecb(Box::new(ecb::Encryptor::new(key.into()))),
"aes-128-gcm" => { "aes-128-gcm" => {
let mut cipher = let mut cipher =
aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into()); aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into());
@ -168,6 +174,18 @@ impl Cipher {
encryptor.encrypt_block_b2b_mut(input.into(), output.into()); encryptor.encrypt_block_b2b_mut(input.into(), output.into());
} }
} }
Aes192Ecb(encryptor) => {
assert!(input.len() % 16 == 0);
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
encryptor.encrypt_block_b2b_mut(input.into(), output.into());
}
}
Aes256Ecb(encryptor) => {
assert!(input.len() % 16 == 0);
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
encryptor.encrypt_block_b2b_mut(input.into(), output.into());
}
}
Aes128Gcm(cipher) => { Aes128Gcm(cipher) => {
output[..input.len()].copy_from_slice(input); output[..input.len()].copy_from_slice(input);
cipher.encrypt(output); cipher.encrypt(output);
@ -196,6 +214,18 @@ impl Cipher {
.map_err(|_| type_error("Cannot pad the input data"))?; .map_err(|_| type_error("Cannot pad the input data"))?;
Ok(None) Ok(None)
} }
Aes192Ecb(encryptor) => {
let _ = (*encryptor)
.encrypt_padded_b2b_mut::<Pkcs7>(input, output)
.map_err(|_| type_error("Cannot pad the input data"))?;
Ok(None)
}
Aes256Ecb(encryptor) => {
let _ = (*encryptor)
.encrypt_padded_b2b_mut::<Pkcs7>(input, output)
.map_err(|_| type_error("Cannot pad the input data"))?;
Ok(None)
}
Aes128Gcm(cipher) => Ok(Some(cipher.finish().to_vec())), Aes128Gcm(cipher) => Ok(Some(cipher.finish().to_vec())),
Aes256Gcm(cipher) => Ok(Some(cipher.finish().to_vec())), Aes256Gcm(cipher) => Ok(Some(cipher.finish().to_vec())),
} }
@ -214,6 +244,8 @@ impl Decipher {
Aes128Cbc(Box::new(cbc::Decryptor::new(key.into(), iv.into()))) Aes128Cbc(Box::new(cbc::Decryptor::new(key.into(), iv.into())))
} }
"aes-128-ecb" => Aes128Ecb(Box::new(ecb::Decryptor::new(key.into()))), "aes-128-ecb" => Aes128Ecb(Box::new(ecb::Decryptor::new(key.into()))),
"aes-192-ecb" => Aes192Ecb(Box::new(ecb::Decryptor::new(key.into()))),
"aes-256-ecb" => Aes256Ecb(Box::new(ecb::Decryptor::new(key.into()))),
"aes-128-gcm" => { "aes-128-gcm" => {
let mut decipher = let mut decipher =
aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into()); aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into());
@ -261,6 +293,18 @@ impl Decipher {
decryptor.decrypt_block_b2b_mut(input.into(), output.into()); decryptor.decrypt_block_b2b_mut(input.into(), output.into());
} }
} }
Aes192Ecb(decryptor) => {
assert!(input.len() % 16 == 0);
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
decryptor.decrypt_block_b2b_mut(input.into(), output.into());
}
}
Aes256Ecb(decryptor) => {
assert!(input.len() % 16 == 0);
for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
decryptor.decrypt_block_b2b_mut(input.into(), output.into());
}
}
Aes128Gcm(decipher) => { Aes128Gcm(decipher) => {
output[..input.len()].copy_from_slice(input); output[..input.len()].copy_from_slice(input);
decipher.decrypt(output); decipher.decrypt(output);
@ -295,6 +339,20 @@ impl Decipher {
.map_err(|_| type_error("Cannot unpad the input data"))?; .map_err(|_| type_error("Cannot unpad the input data"))?;
Ok(()) Ok(())
} }
Aes192Ecb(decryptor) => {
assert!(input.len() == 16);
let _ = (*decryptor)
.decrypt_padded_b2b_mut::<Pkcs7>(input, output)
.map_err(|_| type_error("Cannot unpad the input data"))?;
Ok(())
}
Aes256Ecb(decryptor) => {
assert!(input.len() == 16);
let _ = (*decryptor)
.decrypt_padded_b2b_mut::<Pkcs7>(input, output)
.map_err(|_| type_error("Cannot unpad the input data"))?;
Ok(())
}
Aes128Gcm(decipher) => { Aes128Gcm(decipher) => {
let tag = decipher.finish(); let tag = decipher.finish();
if tag.as_slice() == auth_tag { if tag.as_slice() == auth_tag {