diff options
Diffstat (limited to 'ext/crypto/decrypt.rs')
| -rw-r--r-- | ext/crypto/decrypt.rs | 78 |
1 files changed, 43 insertions, 35 deletions
diff --git a/ext/crypto/decrypt.rs b/ext/crypto/decrypt.rs index b3989a7f6..85d5f5210 100644 --- a/ext/crypto/decrypt.rs +++ b/ext/crypto/decrypt.rs @@ -1,6 +1,7 @@ use crate::shared::*; -use aes::BlockEncrypt; -use aes::NewBlockCipher; +use aes::cipher::block_padding::Pkcs7; +use aes::cipher::BlockDecryptMut; +use aes::cipher::KeyIvInit; use aes_gcm::aead::generic_array::typenum::U12; use aes_gcm::aead::generic_array::typenum::U16; use aes_gcm::aead::generic_array::ArrayLength; @@ -10,20 +11,16 @@ use aes_gcm::aes::Aes256; use aes_gcm::AeadInPlace; use aes_gcm::NewAead; use aes_gcm::Nonce; -use block_modes::BlockMode; -use ctr::cipher::NewCipher; use ctr::cipher::StreamCipher; -use ctr::flavors::Ctr128BE; -use ctr::flavors::Ctr32BE; -use ctr::flavors::Ctr64BE; -use ctr::flavors::CtrFlavor; -use ctr::Ctr; +use ctr::Ctr128BE; +use ctr::Ctr32BE; +use ctr::Ctr64BE; use deno_core::error::custom_error; use deno_core::error::type_error; use deno_core::error::AnyError; use deno_core::op; use deno_core::ZeroCopyBuf; -use rsa::pkcs1::FromRsaPrivateKey; +use rsa::pkcs1::DecodeRsaPrivateKey; use rsa::PaddingScheme; use serde::Deserialize; use sha1::Digest; @@ -153,11 +150,15 @@ fn decrypt_aes_cbc( let plaintext = match length { 128 => { // Section 10.3 Step 2 of RFC 2315 https://www.rfc-editor.org/rfc/rfc2315 - type Aes128Cbc = - block_modes::Cbc<aes::Aes128, block_modes::block_padding::Pkcs7>; - let cipher = Aes128Cbc::new_from_slices(key, &iv)?; + type Aes128CbcDec = cbc::Decryptor<aes::Aes128>; + let cipher = Aes128CbcDec::new_from_slices(key, &iv).map_err(|_| { + custom_error( + "DOMExceptionOperationError", + "Invalid key or iv".to_string(), + ) + })?; - cipher.decrypt_vec(data).map_err(|_| { + cipher.decrypt_padded_vec_mut::<Pkcs7>(data).map_err(|_| { custom_error( "DOMExceptionOperationError", "Decryption failed".to_string(), @@ -166,11 +167,15 @@ fn decrypt_aes_cbc( } 192 => { // Section 10.3 Step 2 of RFC 2315 https://www.rfc-editor.org/rfc/rfc2315 - type Aes192Cbc = - block_modes::Cbc<aes::Aes192, block_modes::block_padding::Pkcs7>; - let cipher = Aes192Cbc::new_from_slices(key, &iv)?; + type Aes192CbcDec = cbc::Decryptor<aes::Aes192>; + let cipher = Aes192CbcDec::new_from_slices(key, &iv).map_err(|_| { + custom_error( + "DOMExceptionOperationError", + "Invalid key or iv".to_string(), + ) + })?; - cipher.decrypt_vec(data).map_err(|_| { + cipher.decrypt_padded_vec_mut::<Pkcs7>(data).map_err(|_| { custom_error( "DOMExceptionOperationError", "Decryption failed".to_string(), @@ -179,11 +184,15 @@ fn decrypt_aes_cbc( } 256 => { // Section 10.3 Step 2 of RFC 2315 https://www.rfc-editor.org/rfc/rfc2315 - type Aes256Cbc = - block_modes::Cbc<aes::Aes256, block_modes::block_padding::Pkcs7>; - let cipher = Aes256Cbc::new_from_slices(key, &iv)?; + type Aes256CbcDec = cbc::Decryptor<aes::Aes256>; + let cipher = Aes256CbcDec::new_from_slices(key, &iv).map_err(|_| { + custom_error( + "DOMExceptionOperationError", + "Invalid key or iv".to_string(), + ) + })?; - cipher.decrypt_vec(data).map_err(|_| { + cipher.decrypt_padded_vec_mut::<Pkcs7>(data).map_err(|_| { custom_error( "DOMExceptionOperationError", "Decryption failed".to_string(), @@ -197,16 +206,15 @@ fn decrypt_aes_cbc( Ok(plaintext) } -fn decrypt_aes_ctr_gen<B, F>( +fn decrypt_aes_ctr_gen<B>( key: &[u8], counter: &[u8], data: &[u8], ) -> Result<Vec<u8>, AnyError> where - B: BlockEncrypt + NewBlockCipher, - F: CtrFlavor<B::BlockSize>, + B: KeyIvInit + StreamCipher, { - let mut cipher = Ctr::<B, F>::new(key.into(), counter.into()); + let mut cipher = B::new(key.into(), counter.into()); let mut plaintext = data.to_vec(); cipher @@ -279,21 +287,21 @@ fn decrypt_aes_ctr( match ctr_length { 32 => match key_length { - 128 => decrypt_aes_ctr_gen::<aes::Aes128, Ctr32BE>(key, counter, data), - 192 => decrypt_aes_ctr_gen::<aes::Aes192, Ctr32BE>(key, counter, data), - 256 => decrypt_aes_ctr_gen::<aes::Aes256, Ctr32BE>(key, counter, data), + 128 => decrypt_aes_ctr_gen::<Ctr32BE<aes::Aes128>>(key, counter, data), + 192 => decrypt_aes_ctr_gen::<Ctr32BE<aes::Aes192>>(key, counter, data), + 256 => decrypt_aes_ctr_gen::<Ctr32BE<aes::Aes256>>(key, counter, data), _ => Err(type_error("invalid length")), }, 64 => match key_length { - 128 => decrypt_aes_ctr_gen::<aes::Aes128, Ctr64BE>(key, counter, data), - 192 => decrypt_aes_ctr_gen::<aes::Aes192, Ctr64BE>(key, counter, data), - 256 => decrypt_aes_ctr_gen::<aes::Aes256, Ctr64BE>(key, counter, data), + 128 => decrypt_aes_ctr_gen::<Ctr64BE<aes::Aes128>>(key, counter, data), + 192 => decrypt_aes_ctr_gen::<Ctr64BE<aes::Aes192>>(key, counter, data), + 256 => decrypt_aes_ctr_gen::<Ctr64BE<aes::Aes256>>(key, counter, data), _ => Err(type_error("invalid length")), }, 128 => match key_length { - 128 => decrypt_aes_ctr_gen::<aes::Aes128, Ctr128BE>(key, counter, data), - 192 => decrypt_aes_ctr_gen::<aes::Aes192, Ctr128BE>(key, counter, data), - 256 => decrypt_aes_ctr_gen::<aes::Aes256, Ctr128BE>(key, counter, data), + 128 => decrypt_aes_ctr_gen::<Ctr128BE<aes::Aes128>>(key, counter, data), + 192 => decrypt_aes_ctr_gen::<Ctr128BE<aes::Aes192>>(key, counter, data), + 256 => decrypt_aes_ctr_gen::<Ctr128BE<aes::Aes256>>(key, counter, data), _ => Err(type_error("invalid length")), }, _ => Err(type_error( |