diff options
| author | Treeston <treeston.mmoc@gmail.com> | 2020-07-26 01:53:34 +0200 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2020-08-03 19:39:00 +0200 |
| commit | e9392ad28767626e519c463e2110184d71ba8426 (patch) | |
| tree | da391d7daf1ede4ef73883b5053520e160dc4ec4 /src/common/Cryptography/AES.cpp | |
| parent | caa1e1171a1ea4e2db754cfb52b3be795385d544 (diff) | |
Core/Authserver: Authserver cleanup (PR#25093)
- Fix a handful of 1/256 bugs with most significant byte zero in BigNumber
- Get rid of (most of) the C-style arrays in authserver
- CryptoRandom as a unified source for cryptographic randomness
- Bring our other crypto APIs into 2020
- BigNumber usability improvements
- Authserver is now actually readable as a result of all of the above
(cherry picked from commit 210176fd915cf4ba16f428d3c1a249a71f4aa7a7)
Diffstat (limited to 'src/common/Cryptography/AES.cpp')
| -rw-r--r-- | src/common/Cryptography/AES.cpp | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/common/Cryptography/AES.cpp b/src/common/Cryptography/AES.cpp index 08762e224e9..7d4ccc7c46f 100644 --- a/src/common/Cryptography/AES.cpp +++ b/src/common/Cryptography/AES.cpp @@ -16,11 +16,14 @@ */ #include "AES.h" +#include "Errors.h" +#include <limits> Trinity::Crypto::AES::AES(bool encrypting) : _ctx(EVP_CIPHER_CTX_new()), _encrypting(encrypting) { EVP_CIPHER_CTX_init(_ctx); - EVP_CipherInit_ex(_ctx, EVP_aes_128_gcm(), nullptr, nullptr, nullptr, _encrypting ? 1 : 0); + int status = EVP_CipherInit_ex(_ctx, EVP_aes_128_gcm(), nullptr, nullptr, nullptr, _encrypting ? 1 : 0); + ASSERT(status); } Trinity::Crypto::AES::~AES() @@ -28,26 +31,33 @@ Trinity::Crypto::AES::~AES() EVP_CIPHER_CTX_free(_ctx); } -void Trinity::Crypto::AES::Init(uint8 const* key) +void Trinity::Crypto::AES::Init(Key const& key) { - EVP_CipherInit_ex(_ctx, nullptr, nullptr, key, nullptr, -1); + int status = EVP_CipherInit_ex(_ctx, nullptr, nullptr, key.data(), nullptr, -1); + ASSERT(status); } -bool Trinity::Crypto::AES::Process(uint8 const* iv, uint8* data, std::size_t length, uint8(&tag)[12]) +bool Trinity::Crypto::AES::Process(IV const& iv, uint8* data, size_t length, Tag& tag) { - if (!EVP_CipherInit_ex(_ctx, nullptr, nullptr, nullptr, iv, -1)) + ASSERT(length <= std::numeric_limits<int>::max()); + int len = static_cast<int>(length); + if (!EVP_CipherInit_ex(_ctx, nullptr, nullptr, nullptr, iv.data(), -1)) return false; int outLen; - if (!EVP_CipherUpdate(_ctx, data, &outLen, data, length)) + if (!EVP_CipherUpdate(_ctx, data, &outLen, data, len)) return false; + len -= outLen; + if (!_encrypting && !EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_SET_TAG, sizeof(tag), tag)) return false; if (!EVP_CipherFinal_ex(_ctx, data + outLen, &outLen)) return false; + ASSERT(len == outLen); + if (_encrypting && !EVP_CIPHER_CTX_ctrl(_ctx, EVP_CTRL_GCM_GET_TAG, sizeof(tag), tag)) return false; |