From a9a0eed4ac9c48fab90875752310df321c2a83f2 Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Sun, 9 Jan 2022 22:39:08 +0530 Subject: [PATCH 1/7] feat(ext/crypto): implement AES-GCM decryption --- ext/crypto/00_crypto.js | 60 ++++++++++++++++++++++++++++ ext/crypto/decrypt.rs | 88 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 148 insertions(+) diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js index f76232136ba44f..ea3a0d87a13ff3 100644 --- a/ext/crypto/00_crypto.js +++ b/ext/crypto/00_crypto.js @@ -630,6 +630,66 @@ // 4. return cipherText.buffer; } + case "AES-GCM": { + normalizedAlgorithm.iv = copyBuffer(normalizedAlgorithm.iv); + + // 1. + if (normalizedAlgorithm.tagLength == undefined) { + normalizedAlgorithm.tagLength = 128; + } else if ( + !ArrayPrototypeIncludes( + [32, 64, 96, 104, 112, 120, 128], + normalizedAlgorithm.tagLength, + ) + ) { + throw new DOMException( + "Invalid tag length", + "OperationError", + ); + } + + // 2. + if (data.byteLength < tagLength / 8) { + throw new DOMException( + "Tag length overflows ciphertext", + "OperationError", + ); + } + + // 3. We only support 96-bit nonce for now. + if (normalizedAlgorithm.iv.byteLength !== 12) { + throw new DOMException( + "Initialization vector length not supported", + "NotSupportedError", + ); + } + + // 4. + if (normalizedAlgorithm.additionalData !== undefined) { + if (normalizedAlgorithm.additionalData.byteLength > (2 ** 64) - 1) { + throw new DOMException( + "Additional data too large", + "OperationError", + ); + } + normalizedAlgorithm.additionalData = copyBuffer( + normalizedAlgorithm.additionalData, + ); + } + + // 5-8. + const plaintext = await core.opAsync("op_crypto_decrypt", { + key: keyData, + algorithm: "AES-GCM", + length: key[_algorithm].length, + iv: normalizedAlgorithm.iv, + additionalData: normalizedAlgorithm.additionalData, + tagLength: normalizedAlgorithm.tagLength, + }, data); + + // 9. + return plaintext.buffer; + } default: throw new DOMException("Not implemented", "NotSupportedError"); } diff --git a/ext/crypto/decrypt.rs b/ext/crypto/decrypt.rs index 90916f9c38060a..da7848eabb66b0 100644 --- a/ext/crypto/decrypt.rs +++ b/ext/crypto/decrypt.rs @@ -2,8 +2,14 @@ use std::cell::RefCell; use std::rc::Rc; use crate::shared::*; +use aes::Aes192; use aes::BlockEncrypt; use aes::NewBlockCipher; +use aes_gcm::AeadInPlace; +use aes_gcm::Aes128Gcm; +use aes_gcm::Aes256Gcm; +use aes_gcm::NewAead; +use aes_gcm::Nonce; use block_modes::BlockMode; use ctr::cipher::NewCipher; use ctr::cipher::StreamCipher; @@ -17,6 +23,7 @@ use deno_core::error::type_error; use deno_core::error::AnyError; use deno_core::OpState; use deno_core::ZeroCopyBuf; +use elliptic_curve::consts::U12; use rsa::pkcs1::FromRsaPrivateKey; use rsa::PaddingScheme; use serde::Deserialize; @@ -56,6 +63,15 @@ pub enum DecryptAlgorithm { ctr_length: usize, key_length: usize, }, + #[serde(rename = "AES-GCM", rename_all = "camelCase")] + AesGcm { + #[serde(with = "serde_bytes")] + iv: Vec, + #[serde(with = "serde_bytes")] + additional_data: Option>, + length: usize, + tag_length: usize, + }, } pub async fn op_crypto_decrypt( @@ -76,6 +92,12 @@ pub async fn op_crypto_decrypt( ctr_length, key_length, } => decrypt_aes_ctr(key, key_length, &counter, ctr_length, &data), + DecryptAlgorithm::AesGcm { + iv, + additional_data, + length, + tag_length, + } => decrypt_aes_gcm(key, length, tag_length, iv, additional_data, &data), }; let buf = tokio::task::spawn_blocking(fun).await.unwrap()?; Ok(buf.into()) @@ -228,3 +250,69 @@ fn decrypt_aes_ctr( )), } } + +fn decrypt_aes_gcm( + key: RawKeyData, + length: usize, + tag_length: usize, + iv: Vec, + additional_data: Option>, + data: &[u8], +) -> Result, AnyError> { + let key = key.as_secret_key()?; + let additional_data = additional_data.unwrap_or_default(); + + // Fixed 96-bit nonce + if iv.len() != 12 { + return Err(type_error("iv length not equal to 12")); + } + + let nonce = Nonce::from_slice(&iv); + + let tag = &data[(tag_length / 8)..]; + // The actual ciphertext, called plaintext because it is reused in place. + let mut plaintext = data[..(tag_length / 8)].to_vec(); + match length { + 128 => { + let cipher = Aes128Gcm::new_from_slice(key) + .map_err(|_| operation_error("Decryption failed"))?; + cipher + .decrypt_in_place_detached( + nonce, + &additional_data, + &mut plaintext, + tag.into(), + ) + .map_err(|_| operation_error("Decryption failed"))? + } + 192 => { + type Aes192Gcm = aes_gcm::AesGcm; + + let cipher = Aes192Gcm::new_from_slice(key) + .map_err(|_| operation_error("Decryption failed"))?; + cipher + .decrypt_in_place_detached( + nonce, + &additional_data, + &mut plaintext, + tag.into(), + ) + .map_err(|_| operation_error("Decryption failed"))? + } + 256 => { + let cipher = Aes256Gcm::new_from_slice(key) + .map_err(|_| operation_error("Decryption failed"))?; + cipher + .decrypt_in_place_detached( + nonce, + &additional_data, + &mut plaintext, + tag.into(), + ) + .map_err(|_| operation_error("Decryption failed"))? + } + _ => return Err(type_error("invalid length")), + }; + + Ok(plaintext) +} From 88ea8ee06d298b1b12b3b1368bdda4a77af0351d Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Mon, 10 Jan 2022 10:23:49 +0530 Subject: [PATCH 2/7] add tests --- cli/tests/unit/webcrypto_test.ts | 9 +++++++++ ext/crypto/00_crypto.js | 3 ++- ext/crypto/decrypt.rs | 5 +++-- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts index 926ed6b6c18cc0..c70035bd38110e 100644 --- a/cli/tests/unit/webcrypto_test.ts +++ b/cli/tests/unit/webcrypto_test.ts @@ -1444,6 +1444,15 @@ Deno.test(async function testAesGcmEncrypt() { // deno-fmt-ignore new Uint8Array([50,223,112,178,166,156,255,110,125,138,95,141,82,47,14,164,134,247,22]), ); + + const plainText = await crypto.subtle.decrypt( + { name: "AES-GCM", iv }, + key, + cipherText, + ); + assert(plainText instanceof ArrayBuffer); + assertEquals(plainText.byteLength, 3); + assertEquals(new Uint8Array(plainText), data); }); async function roundTripSecretJwk( diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js index ea3a0d87a13ff3..c3b7f2b55e5dba 100644 --- a/ext/crypto/00_crypto.js +++ b/ext/crypto/00_crypto.js @@ -130,6 +130,7 @@ "decrypt": { "RSA-OAEP": "RsaOaepParams", "AES-CBC": "AesCbcParams", + "AES-GCM": "AesGcmParams", "AES-CTR": "AesCtrParams", }, "get key length": { @@ -649,7 +650,7 @@ } // 2. - if (data.byteLength < tagLength / 8) { + if (data.byteLength < normalizedAlgorithm.tagLength / 8) { throw new DOMException( "Tag length overflows ciphertext", "OperationError", diff --git a/ext/crypto/decrypt.rs b/ext/crypto/decrypt.rs index da7848eabb66b0..217b2c4a72cac8 100644 --- a/ext/crypto/decrypt.rs +++ b/ext/crypto/decrypt.rs @@ -269,9 +269,10 @@ fn decrypt_aes_gcm( let nonce = Nonce::from_slice(&iv); - let tag = &data[(tag_length / 8)..]; + let sep = data.len() - (tag_length / 8); + let tag = &data[sep..]; // The actual ciphertext, called plaintext because it is reused in place. - let mut plaintext = data[..(tag_length / 8)].to_vec(); + let mut plaintext = data[..sep].to_vec(); match length { 128 => { let cipher = Aes128Gcm::new_from_slice(key) From c507f1308e6e3c02bbc596abffcd472cf3baa35d Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Mon, 10 Jan 2022 10:55:56 +0530 Subject: [PATCH 3/7] update WPT --- cli/tests/unit/webcrypto_test.ts | 2 +- tools/wpt/expectation.json | 62 +------------------------------- 2 files changed, 2 insertions(+), 62 deletions(-) diff --git a/cli/tests/unit/webcrypto_test.ts b/cli/tests/unit/webcrypto_test.ts index c70035bd38110e..3f4189d0378c53 100644 --- a/cli/tests/unit/webcrypto_test.ts +++ b/cli/tests/unit/webcrypto_test.ts @@ -1446,7 +1446,7 @@ Deno.test(async function testAesGcmEncrypt() { ); const plainText = await crypto.subtle.decrypt( - { name: "AES-GCM", iv }, + { name: "AES-GCM", iv, additionalData: new Uint8Array() }, key, cipherText, ); diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json index 96944aff46e098..96a78ef7c4bf18 100644 --- a/tools/wpt/expectation.json +++ b/tools/wpt/expectation.json @@ -212,48 +212,6 @@ "AES-GCM 256-bit key, no additional data, 120-bit tag decryption with altered ciphertext", "AES-GCM 256-bit key, 128-bit tag decryption with altered ciphertext", "AES-GCM 256-bit key, no additional data, 128-bit tag decryption with altered ciphertext", - "AES-GCM 128-bit key, 32-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 32-bit tag without decrypt usage", - "AES-GCM 128-bit key, 64-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 64-bit tag without decrypt usage", - "AES-GCM 128-bit key, 96-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 96-bit tag without decrypt usage", - "AES-GCM 128-bit key, 104-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 104-bit tag without decrypt usage", - "AES-GCM 128-bit key, 112-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 112-bit tag without decrypt usage", - "AES-GCM 128-bit key, 120-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 120-bit tag without decrypt usage", - "AES-GCM 128-bit key, 128-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 128-bit tag without decrypt usage", - "AES-GCM 192-bit key, 32-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 32-bit tag without decrypt usage", - "AES-GCM 192-bit key, 64-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 64-bit tag without decrypt usage", - "AES-GCM 192-bit key, 96-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 96-bit tag without decrypt usage", - "AES-GCM 192-bit key, 104-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 104-bit tag without decrypt usage", - "AES-GCM 192-bit key, 112-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 112-bit tag without decrypt usage", - "AES-GCM 192-bit key, 120-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 120-bit tag without decrypt usage", - "AES-GCM 192-bit key, 128-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 128-bit tag without decrypt usage", - "AES-GCM 256-bit key, 32-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 32-bit tag without decrypt usage", - "AES-GCM 256-bit key, 64-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 64-bit tag without decrypt usage", - "AES-GCM 256-bit key, 96-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 96-bit tag without decrypt usage", - "AES-GCM 256-bit key, 104-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 104-bit tag without decrypt usage", - "AES-GCM 256-bit key, 112-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 112-bit tag without decrypt usage", - "AES-GCM 256-bit key, 120-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 120-bit tag without decrypt usage", - "AES-GCM 256-bit key, 128-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 128-bit tag without decrypt usage", "AES-GCM 128-bit key, illegal tag length 24-bits", "AES-GCM 128-bit key, illegal tag length 48-bits", "AES-GCM 128-bit key, illegal tag length 72-bits", @@ -271,25 +229,7 @@ "AES-GCM 256-bit key, illegal tag length 72-bits", "AES-GCM 256-bit key, illegal tag length 95-bits", "AES-GCM 256-bit key, illegal tag length 129-bits", - "AES-GCM 256-bit key, illegal tag length 256-bits", - "AES-GCM 128-bit key, illegal tag length 24-bits decryption", - "AES-GCM 128-bit key, illegal tag length 48-bits decryption", - "AES-GCM 128-bit key, illegal tag length 72-bits decryption", - "AES-GCM 128-bit key, illegal tag length 95-bits decryption", - "AES-GCM 128-bit key, illegal tag length 129-bits decryption", - "AES-GCM 128-bit key, illegal tag length 256-bits decryption", - "AES-GCM 192-bit key, illegal tag length 24-bits decryption", - "AES-GCM 192-bit key, illegal tag length 48-bits decryption", - "AES-GCM 192-bit key, illegal tag length 72-bits decryption", - "AES-GCM 192-bit key, illegal tag length 95-bits decryption", - "AES-GCM 192-bit key, illegal tag length 129-bits decryption", - "AES-GCM 192-bit key, illegal tag length 256-bits decryption", - "AES-GCM 256-bit key, illegal tag length 24-bits decryption", - "AES-GCM 256-bit key, illegal tag length 48-bits decryption", - "AES-GCM 256-bit key, illegal tag length 72-bits decryption", - "AES-GCM 256-bit key, illegal tag length 95-bits decryption", - "AES-GCM 256-bit key, illegal tag length 129-bits decryption", - "AES-GCM 256-bit key, illegal tag length 256-bits decryption" + "AES-GCM 256-bit key, illegal tag length 256-bits" ], "aes_gcm.https.any.worker.html": [ "AES-GCM 128-bit key, 32-bit tag", From 23dbf06372f9307f8e771a5f6134e7e07a249254 Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Mon, 10 Jan 2022 11:11:53 +0530 Subject: [PATCH 4/7] update types --- ext/crypto/lib.deno_crypto.d.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/ext/crypto/lib.deno_crypto.d.ts b/ext/crypto/lib.deno_crypto.d.ts index 9c7386dc970638..3f6f1307aaaa7e 100644 --- a/ext/crypto/lib.deno_crypto.d.ts +++ b/ext/crypto/lib.deno_crypto.d.ts @@ -264,6 +264,7 @@ interface SubtleCrypto { | AlgorithmIdentifier | RsaOaepParams | AesCbcParams + | AesGcmParams | AesCtrParams, key: CryptoKey, data: BufferSource, From 4802666f96b0f5512eadfada37130d1d9d547efc Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Mon, 10 Jan 2022 11:50:38 +0530 Subject: [PATCH 5/7] update worker wpt --- tools/wpt/expectation.json | 62 +------------------------------------- 1 file changed, 1 insertion(+), 61 deletions(-) diff --git a/tools/wpt/expectation.json b/tools/wpt/expectation.json index 96a78ef7c4bf18..262b9c3e70b303 100644 --- a/tools/wpt/expectation.json +++ b/tools/wpt/expectation.json @@ -400,48 +400,6 @@ "AES-GCM 256-bit key, no additional data, 120-bit tag decryption with altered ciphertext", "AES-GCM 256-bit key, 128-bit tag decryption with altered ciphertext", "AES-GCM 256-bit key, no additional data, 128-bit tag decryption with altered ciphertext", - "AES-GCM 128-bit key, 32-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 32-bit tag without decrypt usage", - "AES-GCM 128-bit key, 64-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 64-bit tag without decrypt usage", - "AES-GCM 128-bit key, 96-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 96-bit tag without decrypt usage", - "AES-GCM 128-bit key, 104-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 104-bit tag without decrypt usage", - "AES-GCM 128-bit key, 112-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 112-bit tag without decrypt usage", - "AES-GCM 128-bit key, 120-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 120-bit tag without decrypt usage", - "AES-GCM 128-bit key, 128-bit tag without decrypt usage", - "AES-GCM 128-bit key, no additional data, 128-bit tag without decrypt usage", - "AES-GCM 192-bit key, 32-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 32-bit tag without decrypt usage", - "AES-GCM 192-bit key, 64-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 64-bit tag without decrypt usage", - "AES-GCM 192-bit key, 96-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 96-bit tag without decrypt usage", - "AES-GCM 192-bit key, 104-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 104-bit tag without decrypt usage", - "AES-GCM 192-bit key, 112-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 112-bit tag without decrypt usage", - "AES-GCM 192-bit key, 120-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 120-bit tag without decrypt usage", - "AES-GCM 192-bit key, 128-bit tag without decrypt usage", - "AES-GCM 192-bit key, no additional data, 128-bit tag without decrypt usage", - "AES-GCM 256-bit key, 32-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 32-bit tag without decrypt usage", - "AES-GCM 256-bit key, 64-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 64-bit tag without decrypt usage", - "AES-GCM 256-bit key, 96-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 96-bit tag without decrypt usage", - "AES-GCM 256-bit key, 104-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 104-bit tag without decrypt usage", - "AES-GCM 256-bit key, 112-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 112-bit tag without decrypt usage", - "AES-GCM 256-bit key, 120-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 120-bit tag without decrypt usage", - "AES-GCM 256-bit key, 128-bit tag without decrypt usage", - "AES-GCM 256-bit key, no additional data, 128-bit tag without decrypt usage", "AES-GCM 128-bit key, illegal tag length 24-bits", "AES-GCM 128-bit key, illegal tag length 48-bits", "AES-GCM 128-bit key, illegal tag length 72-bits", @@ -459,25 +417,7 @@ "AES-GCM 256-bit key, illegal tag length 72-bits", "AES-GCM 256-bit key, illegal tag length 95-bits", "AES-GCM 256-bit key, illegal tag length 129-bits", - "AES-GCM 256-bit key, illegal tag length 256-bits", - "AES-GCM 128-bit key, illegal tag length 24-bits decryption", - "AES-GCM 128-bit key, illegal tag length 48-bits decryption", - "AES-GCM 128-bit key, illegal tag length 72-bits decryption", - "AES-GCM 128-bit key, illegal tag length 95-bits decryption", - "AES-GCM 128-bit key, illegal tag length 129-bits decryption", - "AES-GCM 128-bit key, illegal tag length 256-bits decryption", - "AES-GCM 192-bit key, illegal tag length 24-bits decryption", - "AES-GCM 192-bit key, illegal tag length 48-bits decryption", - "AES-GCM 192-bit key, illegal tag length 72-bits decryption", - "AES-GCM 192-bit key, illegal tag length 95-bits decryption", - "AES-GCM 192-bit key, illegal tag length 129-bits decryption", - "AES-GCM 192-bit key, illegal tag length 256-bits decryption", - "AES-GCM 256-bit key, illegal tag length 24-bits decryption", - "AES-GCM 256-bit key, illegal tag length 48-bits decryption", - "AES-GCM 256-bit key, illegal tag length 72-bits decryption", - "AES-GCM 256-bit key, illegal tag length 95-bits decryption", - "AES-GCM 256-bit key, illegal tag length 129-bits decryption", - "AES-GCM 256-bit key, illegal tag length 256-bits decryption" + "AES-GCM 256-bit key, illegal tag length 256-bits" ], "rsa_oaep.https.any.html": true, "rsa_oaep.https.any.worker.html": true From 8e6703033db6d4fdc6931125ccca53fdaec6e031 Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Thu, 13 Jan 2022 13:53:57 +0530 Subject: [PATCH 6/7] review --- ext/crypto/00_crypto.js | 2 +- ext/crypto/decrypt.rs | 87 +++++++++++++++++++++++------------------ 2 files changed, 50 insertions(+), 39 deletions(-) diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js index c3b7f2b55e5dba..05c19276d8cd81 100644 --- a/ext/crypto/00_crypto.js +++ b/ext/crypto/00_crypto.js @@ -635,7 +635,7 @@ normalizedAlgorithm.iv = copyBuffer(normalizedAlgorithm.iv); // 1. - if (normalizedAlgorithm.tagLength == undefined) { + if (normalizedAlgorithm.tagLength === undefined) { normalizedAlgorithm.tagLength = 128; } else if ( !ArrayPrototypeIncludes( diff --git a/ext/crypto/decrypt.rs b/ext/crypto/decrypt.rs index 217b2c4a72cac8..a0fb2ad033317c 100644 --- a/ext/crypto/decrypt.rs +++ b/ext/crypto/decrypt.rs @@ -2,9 +2,11 @@ use std::cell::RefCell; use std::rc::Rc; use crate::shared::*; +use aes::cipher::generic_array::GenericArray; use aes::Aes192; use aes::BlockEncrypt; use aes::NewBlockCipher; +use aes_gcm::AeadCore; use aes_gcm::AeadInPlace; use aes_gcm::Aes128Gcm; use aes_gcm::Aes256Gcm; @@ -74,6 +76,8 @@ pub enum DecryptAlgorithm { }, } +type Aes192Gcm = aes_gcm::AesGcm; + pub async fn op_crypto_decrypt( _state: Rc>, opts: DecryptOptions, @@ -217,6 +221,30 @@ where Ok(plaintext) } +fn decrypt_aes_gcm_gen( + key: &[u8], + tag: &GenericArray::TagSize>, + nonce: &GenericArray::NonceSize>, + additional_data: Vec, + plaintext: &mut [u8], +) -> Result<(), AnyError> +where + B: AeadInPlace + NewAead, +{ + let cipher = + B::new_from_slice(key).map_err(|_| operation_error("Decryption failed"))?; + cipher + .decrypt_in_place_detached( + nonce, + additional_data.as_slice(), + plaintext, + tag, + ) + .map_err(|_| operation_error("Decryption failed"))?; + + Ok(()) +} + fn decrypt_aes_ctr( key: RawKeyData, key_length: usize, @@ -274,44 +302,27 @@ fn decrypt_aes_gcm( // The actual ciphertext, called plaintext because it is reused in place. let mut plaintext = data[..sep].to_vec(); match length { - 128 => { - let cipher = Aes128Gcm::new_from_slice(key) - .map_err(|_| operation_error("Decryption failed"))?; - cipher - .decrypt_in_place_detached( - nonce, - &additional_data, - &mut plaintext, - tag.into(), - ) - .map_err(|_| operation_error("Decryption failed"))? - } - 192 => { - type Aes192Gcm = aes_gcm::AesGcm; - - let cipher = Aes192Gcm::new_from_slice(key) - .map_err(|_| operation_error("Decryption failed"))?; - cipher - .decrypt_in_place_detached( - nonce, - &additional_data, - &mut plaintext, - tag.into(), - ) - .map_err(|_| operation_error("Decryption failed"))? - } - 256 => { - let cipher = Aes256Gcm::new_from_slice(key) - .map_err(|_| operation_error("Decryption failed"))?; - cipher - .decrypt_in_place_detached( - nonce, - &additional_data, - &mut plaintext, - tag.into(), - ) - .map_err(|_| operation_error("Decryption failed"))? - } + 128 => decrypt_aes_gcm_gen::( + key, + tag.into(), + &nonce, + additional_data, + &mut plaintext, + )?, + 192 => decrypt_aes_gcm_gen::( + key, + tag.into(), + &nonce, + additional_data, + &mut plaintext, + )?, + 256 => decrypt_aes_gcm_gen::( + key, + tag.into(), + &nonce, + additional_data, + &mut plaintext, + )?, _ => return Err(type_error("invalid length")), }; From d1c6078532f763c1ebc37b42ebc89ff942d8b1e8 Mon Sep 17 00:00:00 2001 From: Divy Srivastava Date: Fri, 14 Jan 2022 08:46:46 +0530 Subject: [PATCH 7/7] lint --- ext/crypto/decrypt.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ext/crypto/decrypt.rs b/ext/crypto/decrypt.rs index a0fb2ad033317c..9f115760801b9b 100644 --- a/ext/crypto/decrypt.rs +++ b/ext/crypto/decrypt.rs @@ -305,21 +305,21 @@ fn decrypt_aes_gcm( 128 => decrypt_aes_gcm_gen::( key, tag.into(), - &nonce, + nonce, additional_data, &mut plaintext, )?, 192 => decrypt_aes_gcm_gen::( key, tag.into(), - &nonce, + nonce, additional_data, &mut plaintext, )?, 256 => decrypt_aes_gcm_gen::( key, tag.into(), - &nonce, + nonce, additional_data, &mut plaintext, )?,