Skip to content

Commit

Permalink
hotplace rev.333 RFC 8152 C.3.1 C.3.3 decryption
Browse files Browse the repository at this point in the history
  • Loading branch information
@princeb612
princeb612 committed Oct 17, 2023
1 parent c3d7adf commit fceeec8
Show file tree
Hide file tree
Showing 6 changed files with 174 additions and 93 deletions.
6 changes: 6 additions & 0 deletions sdk/crypto/basic/crypto_advisor.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1615,16 +1615,22 @@ const hint_cose_algorithm_t hint_cose_algorithms[] = {
cose_alg_t::cose_aes_128_gcm, // 1
crypto_kty_t::kty_hmac,
cose_group_t::cose_group_aesgcm,
0,
"aes-128-gcm",
},
{
cose_alg_t::cose_aes_192_gcm, // 2
crypto_kty_t::kty_hmac,
cose_group_t::cose_group_aesgcm,
0,
"aes-192-gcm",
},
{
cose_alg_t::cose_aes_256_gcm, // 3
crypto_kty_t::kty_hmac,
cose_group_t::cose_group_aesgcm,
0,
"aes-256-gcm",
},
{
cose_alg_t::cose_hs256_64, // 4,
Expand Down
32 changes: 25 additions & 7 deletions sdk/crypto/basic/openssl_crypt.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -287,6 +287,8 @@ return_t openssl_crypt::encrypt(crypt_context_t* handle, const unsigned char* da
return encrypt2(handle, data_plain, size_plain, out_encrypted);
}

return_t openssl_crypt::encrypt(crypt_context_t* handle, binary_t const& input, binary_t& out) { return encrypt(handle, &input[0], input.size(), out); }

return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* data_plain, size_t size_plain, binary_t& out_encrypted, binary_t* aad,
binary_t* tag) {
return_t ret = errorcode_t::success;
Expand All @@ -311,7 +313,9 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d
return ret;
}

return_t openssl_crypt::encrypt(crypt_context_t* handle, binary_t const& input, binary_t& out) { return encrypt(handle, &input[0], input.size(), out); }
return_t openssl_crypt::encrypt2(crypt_context_t* handle, binary_t const& data_plain, binary_t& out_encrypted, binary_t* aad, binary_t* tag) {
return encrypt2(handle, &data_plain[0], data_plain.size(), out_encrypted, aad, tag);
}

return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* data_plain, size_t size_plain, unsigned char* out_encrypted,
size_t* size_encrypted, binary_t* aad, binary_t* tag) {
Expand Down Expand Up @@ -348,6 +352,17 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d
__leave2_trace(ret);
}

// https://www.openssl.org/docs/man1.1.1/man3/EVP_CIPHER_iv_length.html
// EVP_CTRL_CCM_SET_L
// If not set a default is used (8 for AES CCM).
// EVP_CTRL_AEAD_SET_IVLEN
// For GCM AES and OCB AES the default is 12 (i.e. 96 bits)
// The nonce length is given by 15 - L so it is 7 by default for AES CCM.
// If not called a default nonce length of 12 (i.e. 96 bits) is used. (ChaCha20-Poly1305)
// EVP_CTRL_AEAD_SET_TAG
// If not set a default value is used (12 for AES CCM)
// For OCB AES, the default tag length is 16 (i.e. 128 bits).

if (crypt_mode_t::gcm == context->mode) {
// 16bytes (128bits)
// RFC 7516
Expand All @@ -362,6 +377,9 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d
//
// RFC 7539 2.5. The Poly1305 Algorithm
// Poly1305 takes a 32-byte one-time key and a message and produces a 16-byte tag.
//
// RFC 8152 10.1. AES GCM
// the size of the authentication tag is fixed at 128 bits
tag_size = 16;
} else if (crypt_mode_t::ccm == context->mode) {
tag_size = 14;
Expand All @@ -372,7 +390,7 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d
EVP_CIPHER_CTX_ctrl(context->encrypt_context, EVP_CTRL_AEAD_SET_TAG, tag_size, nullptr);

binary_t& key = context->datamap[crypt_item_t::item_cek];
EVP_CipherInit_ex(context->encrypt_context, nullptr, nullptr, &key[0], nullptr, 1);
EVP_CipherInit_ex(context->encrypt_context, nullptr, nullptr, &key[0], &iv[0], 1);

ret_cipher = EVP_CipherUpdate(context->encrypt_context, nullptr, &size_update, nullptr, size_plain);
if (1 > ret_cipher) {
Expand Down Expand Up @@ -446,10 +464,6 @@ return_t openssl_crypt::encrypt2(crypt_context_t* handle, const unsigned char* d
tag->resize(tag_size);
ret_cipher = EVP_CIPHER_CTX_ctrl(context->encrypt_context, EVP_CTRL_AEAD_GET_TAG, tag->size(), &(*tag)[0]);
if (1 > ret_cipher) {
// check (openssl 1.1.1, 3.0.x, 3.1.x)
// [../openssl-3.1.1/crypto/evp/evp_fetch.c @ 341] error:0308010C:digital envelope routines::unsupported
// [../openssl-3.1.1/providers/implementations/ciphers/ciphercommon_ccm.c @ 278] error:1C800066:Provider routines::cipher operation failed
// [../openssl-3.1.1/providers/implementations/ciphers/ciphercommon_ccm.c @ 206] error:1C800077:Provider routines::tag not set
ret = errorcode_t::internal_error;
__leave2_trace_openssl(ret);
}
Expand Down Expand Up @@ -535,6 +549,10 @@ return_t openssl_crypt::decrypt2(crypt_context_t* handle, const unsigned char* d
return ret;
}

return_t openssl_crypt::decrypt2(crypt_context_t* handle, binary_t const& data_encrypted, binary_t& out_decrypted, binary_t* aad, binary_t* tag) {
return decrypt2(handle, &data_encrypted[0], data_encrypted.size(), out_decrypted, aad, tag);
}

return_t openssl_crypt::decrypt2(crypt_context_t* handle, const unsigned char* data_encrypted, size_t size_encrypted, unsigned char* out_decrypted,
size_t* size_decrypted, binary_t* aad, binary_t* tag) {
return_t ret = errorcode_t::success;
Expand Down Expand Up @@ -576,7 +594,7 @@ return_t openssl_crypt::decrypt2(crypt_context_t* handle, const unsigned char* d
EVP_CIPHER_CTX_ctrl(context->decrypt_context, EVP_CTRL_AEAD_SET_TAG, tag->size(), &(*tag)[0]);

binary_t& key = context->datamap[crypt_item_t::item_cek];
EVP_CipherInit_ex(context->decrypt_context, nullptr, nullptr, &key[0], nullptr, 0);
EVP_CipherInit_ex(context->decrypt_context, nullptr, nullptr, &key[0], &iv[0], 0);

ret_cipher = EVP_CipherUpdate(context->decrypt_context, nullptr, &size_update, nullptr, size_encrypted);
} else if (crypt_mode_t::gcm == context->mode) {
Expand Down
25 changes: 22 additions & 3 deletions sdk/crypto/basic/openssl_crypt.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,7 @@ class openssl_crypt : public crypt_t {
*/
virtual return_t encrypt(crypt_context_t* handle, binary_t const& input, binary_t& out);
/**
* @brief encrypt (GCM)
* @brief encrypt (GCM/CCM)
* @param crypt_context_t* handle [in]
* @param const unsigned char* data_plain
* @param size_t size_plain [in]
Expand All @@ -163,7 +163,16 @@ class openssl_crypt : public crypt_t {
virtual return_t encrypt2(crypt_context_t* handle, const unsigned char* data_plain, size_t size_plain, binary_t& out_encrypted, binary_t* aad = nullptr,
binary_t* tag = nullptr);
/**
* @brief encrypte
* @brief encrypt (GCM/CCM)
* @param crypt_context_t* handle [in]
* @param binary_t const& plain [in]
* @param binary_t& out_encrypte [out]
* @param binary_t* aad [inopt]
* @param binary_t* tag [outopt]
*/
virtual return_t encrypt2(crypt_context_t* handle, binary_t const& plain, binary_t& out_encrypted, binary_t* aad = nullptr, binary_t* tag = nullptr);
/**
* @brief encrypt
* @param crypt_context_t* handle [in]
* @param const unsigned char* data_plain [in]
* @param size_t size_plain [in]
Expand Down Expand Up @@ -209,7 +218,7 @@ class openssl_crypt : public crypt_t {
virtual return_t decrypt(crypt_context_t* handle, binary_t const& input, binary_t& out);

/**
* @brief decrypt (GCM)
* @brief decrypt (GCM/CCOM)
* @param crypt_context_t* handle [in]
* @param const unsigned char* data_encrypted [in]
* @param size_t size_encrypted [in]
Expand All @@ -219,6 +228,16 @@ class openssl_crypt : public crypt_t {
*/
virtual return_t decrypt2(crypt_context_t* handle, const unsigned char* data_encrypted, size_t size_encrypted, binary_t& out_decrypted,
binary_t* aad = nullptr, binary_t* tag = nullptr);
/**
* @brief decrypt (GCM/CCOM)
* @param crypt_context_t* handle [in]
* @param binary_t const& data_encrypted [in]
* @param binary_t& out_decrypted [out]
* @param binary_t* aad [inpot]
* @param binary_t* tag [inopt]
*/
virtual return_t decrypt2(crypt_context_t* handle, binary_t const& data_encrypted, binary_t& out_decrypted, binary_t* aad = nullptr,
binary_t* tag = nullptr);
/**
* @brief decrypt
* @param crypt_context_t* handle [in]
Expand Down
132 changes: 65 additions & 67 deletions sdk/crypto/cose/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,73 +1,71 @@

## check1

| | | AAD | Context | CEK |
|-- |-- |-- |-- |-- |
| - | A128KW | Enc_structure | KDF_Context | |
| - | A192KW | Enc_structure | KDF_Context | |
| - | A256KW | Enc_structure | KDF_Context | |
| - | DIRECT | Enc_structure | KDF_Context | |
| - | RSA_OAEP_SHA1 | Enc_structure | KDF_Context | |
| - | RSA_OAEP_SHA256 | Enc_structure | KDF_Context | |
| - | RSA_OAEP_SHA512 | Enc_structure | KDF_Context | |
| - | HKDF_SHA_256 | Enc_structure | KDF_Context | |
| - | HKDF_SHA_512 | Enc_structure | KDF_Context | |
| - | HKDF_AES_128 | Enc_structure | KDF_Context | |
| - | HKDF_AES_256 | Enc_structure | KDF_Context | |
| - | ECDH_ES_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) |
| - | ECDH_ES_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) |
| - | ECDH_SS_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) |
| - | ECDH_SS_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) |
| - | ECDH_ES_A128KW | Enc_structure | KDF_Context | |
| - | ECDH_ES_A192KW | Enc_structure | KDF_Context | |
| - | ECDH_ES_A256KW | Enc_structure | KDF_Context | |
| - | ECDH_ES_A128KW | Enc_structure | KDF_Context | |
| - | ECDH_ES_A192KW | Enc_structure | KDF_Context | |
| - | ECDH_ES_A256KW | Enc_structure | KDF_Context | |
| - | AES_128_GCM | Enc_structure | KDF_Context | |
| - | AES_192_GCM | Enc_structure | KDF_Context | |
| - | AES_256_GCM | Enc_structure | KDF_Context | |
| - | AES_CBC_MAC_128_64 | Enc_structure | KDF_Context | |
| - | AES_CBC_MAC_256_64 | Enc_structure | KDF_Context | |
| - | AES_CBC_MAC_128_128 | Enc_structure | KDF_Context | |
| - | AES_CBC_MAC_256_128 | Enc_structure | KDF_Context | |
| - | CHACHA20_POLY1305 | Enc_structure | KDF_Context | |
| - | AES_CCM_16_64_128 | Enc_structure | KDF_Context | |
| - | AES_CCM_16_64_256 | Enc_structure | KDF_Context | |
| - | AES_CCM_64_64_128 | Enc_structure | KDF_Context | |
| - | AES_CCM_64_64_256 | Enc_structure | KDF_Context | |
| - | AES_CCM_16_128_128 | Enc_structure | KDF_Context | |
| - | AES_CCM_16_128_256 | Enc_structure | KDF_Context | |
| - | AES_CCM_64_128_128 | Enc_structure | KDF_Context | |
| - | AES_CCM_64_128_256 | Enc_structure | KDF_Context | |

* AES-CCM test failed
| | | AAD | Context | CEK | Final |
|-- |-- |-- |-- |-- |-- |
| - | A128KW | Enc_structure | | | |
| - | A192KW | Enc_structure | | | |
| - | A256KW | Enc_structure | | | |
| - | DIRECT | Enc_structure | | | |
| - | RSA_OAEP_SHA1 | Enc_structure | | | |
| - | RSA_OAEP_SHA256 | Enc_structure | | | |
| - | RSA_OAEP_SHA512 | Enc_structure | | | |
| - | HKDF_SHA_256 | Enc_structure | | | |
| - | HKDF_SHA_512 | Enc_structure | | | |
| - | HKDF_AES_128 | Enc_structure | | | |
| - | HKDF_AES_256 | Enc_structure | | | |
| - | ECDH_ES_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS |
| - | ECDH_ES_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS |
| - | ECDH_SS_HKDF_256 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS |
| - | ECDH_SS_HKDF_512 | Enc_structure | KDF_Context | kdf_hkdf (dlen,ecdh_shared,salt,context,prf) | PASS |
| - | ECDH_ES_A128KW | Enc_structure | | | |
| - | ECDH_ES_A192KW | Enc_structure | | | |
| - | ECDH_ES_A256KW | Enc_structure | | | |
| - | ECDH_ES_A128KW | Enc_structure | | | |
| - | ECDH_ES_A192KW | Enc_structure | | | |
| - | ECDH_ES_A256KW | Enc_structure | | | |
| - | AES_128_GCM | Enc_structure | | | |
| - | AES_192_GCM | Enc_structure | | | |
| - | AES_256_GCM | Enc_structure | | | |
| - | AES_CBC_MAC_128_64 | Enc_structure | | | |
| - | AES_CBC_MAC_256_64 | Enc_structure | | | |
| - | AES_CBC_MAC_128_128 | Enc_structure | | | |
| - | AES_CBC_MAC_256_128 | Enc_structure | | | |
| - | CHACHA20_POLY1305 | Enc_structure | | | |
| - | AES_CCM_16_64_128 | Enc_structure | | | |
| - | AES_CCM_16_64_256 | Enc_structure | | | |
| - | AES_CCM_64_64_128 | Enc_structure | | | |
| - | AES_CCM_64_64_256 | Enc_structure | | | |
| - | AES_CCM_16_128_128 | Enc_structure | | | |
| - | AES_CCM_16_128_256 | Enc_structure | | | |
| - | AES_CCM_64_128_128 | Enc_structure | | | |
| - | AES_CCM_64_128_256 | Enc_structure | | | |

## check2

| | |
|-- |-- |
| - | HMAC_256_64 |
| - | HMAC_256_256 |
| - | HMAC_384_256 |
| - | HMAC_512_512 |
| - | RS256 |
| - | RS384 |
| - | RS512 |
| - | RS1 |
| - | ES256 |
| - | ES384 |
| - | ES512 |
| - | ES256K |
| - | PS256 |
| - | PS384 |
| - | PS512 |
| - | EdDSA |
| - | SHA1 |
| - | SHA256_64 |
| - | SHA256 |
| - | SHA512_256 |
| - | SHA384 |
| - | SHA512 |
| - | SHAKE128 |
| - | SHAKE256 |
| | | | Final |
|-- |-- | -- | -- |
| - | HMAC_256_64 | Sig_structure | |
| - | HMAC_256_256 | Sig_structure | |
| - | HMAC_384_256 | Sig_structure | |
| - | HMAC_512_512 | Sig_structure | |
| - | RS256 | Sig_structure | PASS |
| - | RS384 | Sig_structure | PASS |
| - | RS512 | Sig_structure | PASS |
| - | RS1 | Sig_structure | |
| - | ES256 | Sig_structure | PASS |
| - | ES384 | Sig_structure | PASS |
| - | ES512 | Sig_structure | PASS |
| - | ES256K | Sig_structure | |
| - | PS256 | Sig_structure | PASS |
| - | PS384 | Sig_structure | PASS |
| - | PS512 | Sig_structure | PASS |
| - | EdDSA | Sig_structure | PASS |
| - | SHA1 | Sig_structure | |
| - | SHA256_64 | Sig_structure | |
| - | SHA256 | Sig_structure | |
| - | SHA512_256 | Sig_structure | |
| - | SHA384 | Sig_structure | |
| - | SHA512 | Sig_structure | |
| - | SHAKE128 | Sig_structure | |
| - | SHAKE256 | Sig_structure | |
Loading

0 comments on commit fceeec8

Please sign in to comment.