fix(ext/node): Implement `aes-192-ecb` and `aes-256-ecb` (#21710)

author: Lino Le Van <11367844+lino-levan@users.noreply.github.com> 2023-12-27 12:54:52 +0100
committer: GitHub <noreply@github.com> 2023-12-27 17:24:52 +0530
commit: d5f6e271ff1abb4b264737bd7e187439703f26e1 (patch)
tree: 72ab44f79f47c0d1b66e578513193d7aa9361073
parent: 4f4dcf52916b5e9d200d223d046cef332b5a598e (diff)
2 files changed, 76 insertions, 0 deletions
diff --git a/cli/tests/unit_node/crypto/crypto_cipher_test.ts b/cli/tests/unit_node/crypto/crypto_cipher_test.ts
index 52a9b06ec..9dfcb2eb4 100644
--- a/cli/tests/unit_node/crypto/crypto_cipher_test.ts
+++ b/cli/tests/unit_node/crypto/crypto_cipher_test.ts
@@ -108,6 +108,16 @@ Deno.test({
         "66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e",
         "baf823258ca2e6994f638daa3515e986",
       ],
+      [
+        ["aes-192-ecb", 24, 0],
+        "aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7",
+        "2e0f33b51bb184654311ead507ea55fc",
+      ],
+      [
+        ["aes-256-ecb", 32, 0],
+        "dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087",
+        "0ac1d7e8655254c6814b46753932df88",
+      ],
     ] as const;
     for (
       const [[alg, keyLen, ivLen], expectedUpdate, expectedFinal] of table
@@ -168,6 +178,14 @@ Deno.test({
         ["aes-128-ecb", 16, 0],
         "66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2e66e94bd4ef8a2c3b884cfa59ca342b2ec29a917cbaf72fa9bc32129bb0d17663",
       ],
+      [
+        ["aes-192-ecb", 24, 0],
+        "aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7ab40eb56b6fc2aacf2e9254685cce891",
+      ],
+      [
+        ["aes-256-ecb", 32, 0],
+        "dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a214928420877c45b49560579dd1ffc7ec626de2a968",
+      ],
     ] as const;
     for (
       const [[alg, keyLen, ivLen], input] of table
diff --git a/ext/node/ops/crypto/cipher.rs b/ext/node/ops/crypto/cipher.rs
index 717c12752..26fb55125 100644
--- a/ext/node/ops/crypto/cipher.rs
+++ b/ext/node/ops/crypto/cipher.rs
@@ -21,6 +21,8 @@ type Aes256Gcm = aead_gcm_stream::AesGcm<aes::Aes256>;
 enum Cipher {
   Aes128Cbc(Box<cbc::Encryptor<aes::Aes128>>),
   Aes128Ecb(Box<ecb::Encryptor<aes::Aes128>>),
+  Aes192Ecb(Box<ecb::Encryptor<aes::Aes192>>),
+  Aes256Ecb(Box<ecb::Encryptor<aes::Aes256>>),
   Aes128Gcm(Box<Aes128Gcm>),
   Aes256Gcm(Box<Aes256Gcm>),
   // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, etc.
@@ -29,6 +31,8 @@ enum Cipher {
 enum Decipher {
   Aes128Cbc(Box<cbc::Decryptor<aes::Aes128>>),
   Aes128Ecb(Box<ecb::Decryptor<aes::Aes128>>),
+  Aes192Ecb(Box<ecb::Decryptor<aes::Aes192>>),
+  Aes256Ecb(Box<ecb::Decryptor<aes::Aes256>>),
   Aes128Gcm(Box<Aes128Gcm>),
   Aes256Gcm(Box<Aes256Gcm>),
   // TODO(kt3k): add more algorithms Aes192Cbc, Aes256Cbc, Aes128GCM, etc.
@@ -121,6 +125,8 @@ impl Cipher {
         Aes128Cbc(Box::new(cbc::Encryptor::new(key.into(), iv.into())))
       }
       "aes-128-ecb" => Aes128Ecb(Box::new(ecb::Encryptor::new(key.into()))),
+      "aes-192-ecb" => Aes192Ecb(Box::new(ecb::Encryptor::new(key.into()))),
+      "aes-256-ecb" => Aes256Ecb(Box::new(ecb::Encryptor::new(key.into()))),
       "aes-128-gcm" => {
         let mut cipher =
           aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into());
@@ -168,6 +174,18 @@ impl Cipher {
           encryptor.encrypt_block_b2b_mut(input.into(), output.into());
         }
       }
+      Aes192Ecb(encryptor) => {
+        assert!(input.len() % 16 == 0);
+        for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
+          encryptor.encrypt_block_b2b_mut(input.into(), output.into());
+        }
+      }
+      Aes256Ecb(encryptor) => {
+        assert!(input.len() % 16 == 0);
+        for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
+          encryptor.encrypt_block_b2b_mut(input.into(), output.into());
+        }
+      }
       Aes128Gcm(cipher) => {
         output[..input.len()].copy_from_slice(input);
         cipher.encrypt(output);
@@ -196,6 +214,18 @@ impl Cipher {
           .map_err(|_| type_error("Cannot pad the input data"))?;
         Ok(None)
       }
+      Aes192Ecb(encryptor) => {
+        let _ = (*encryptor)
+          .encrypt_padded_b2b_mut::<Pkcs7>(input, output)
+          .map_err(|_| type_error("Cannot pad the input data"))?;
+        Ok(None)
+      }
+      Aes256Ecb(encryptor) => {
+        let _ = (*encryptor)
+          .encrypt_padded_b2b_mut::<Pkcs7>(input, output)
+          .map_err(|_| type_error("Cannot pad the input data"))?;
+        Ok(None)
+      }
       Aes128Gcm(cipher) => Ok(Some(cipher.finish().to_vec())),
       Aes256Gcm(cipher) => Ok(Some(cipher.finish().to_vec())),
     }
@@ -214,6 +244,8 @@ impl Decipher {
         Aes128Cbc(Box::new(cbc::Decryptor::new(key.into(), iv.into())))
       }
       "aes-128-ecb" => Aes128Ecb(Box::new(ecb::Decryptor::new(key.into()))),
+      "aes-192-ecb" => Aes192Ecb(Box::new(ecb::Decryptor::new(key.into()))),
+      "aes-256-ecb" => Aes256Ecb(Box::new(ecb::Decryptor::new(key.into()))),
       "aes-128-gcm" => {
         let mut decipher =
           aead_gcm_stream::AesGcm::<aes::Aes128>::new(key.into());
@@ -261,6 +293,18 @@ impl Decipher {
           decryptor.decrypt_block_b2b_mut(input.into(), output.into());
         }
       }
+      Aes192Ecb(decryptor) => {
+        assert!(input.len() % 16 == 0);
+        for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
+          decryptor.decrypt_block_b2b_mut(input.into(), output.into());
+        }
+      }
+      Aes256Ecb(decryptor) => {
+        assert!(input.len() % 16 == 0);
+        for (input, output) in input.chunks(16).zip(output.chunks_mut(16)) {
+          decryptor.decrypt_block_b2b_mut(input.into(), output.into());
+        }
+      }
       Aes128Gcm(decipher) => {
         output[..input.len()].copy_from_slice(input);
         decipher.decrypt(output);
@@ -295,6 +339,20 @@ impl Decipher {
           .map_err(|_| type_error("Cannot unpad the input data"))?;
         Ok(())
       }
+      Aes192Ecb(decryptor) => {
+        assert!(input.len() == 16);
+        let _ = (*decryptor)
+          .decrypt_padded_b2b_mut::<Pkcs7>(input, output)
+          .map_err(|_| type_error("Cannot unpad the input data"))?;
+        Ok(())
+      }
+      Aes256Ecb(decryptor) => {
+        assert!(input.len() == 16);
+        let _ = (*decryptor)
+          .decrypt_padded_b2b_mut::<Pkcs7>(input, output)
+          .map_err(|_| type_error("Cannot unpad the input data"))?;
+        Ok(())
+      }
       Aes128Gcm(decipher) => {
         let tag = decipher.finish();
         if tag.as_slice() == auth_tag {
author	Lino Le Van <11367844+lino-levan@users.noreply.github.com>	2023-12-27 12:54:52 +0100
committer	GitHub <noreply@github.com>	2023-12-27 17:24:52 +0530
commit	d5f6e271ff1abb4b264737bd7e187439703f26e1 (patch)
tree	72ab44f79f47c0d1b66e578513193d7aa9361073
parent	4f4dcf52916b5e9d200d223d046cef332b5a598e (diff)