diff options
Diffstat (limited to 'ext/crypto/encrypt.rs')
| -rw-r--r-- | ext/crypto/encrypt.rs | 72 |
1 files changed, 33 insertions, 39 deletions
diff --git a/ext/crypto/encrypt.rs b/ext/crypto/encrypt.rs index 9d0dd3565..ffa441c0f 100644 --- a/ext/crypto/encrypt.rs +++ b/ext/crypto/encrypt.rs @@ -1,8 +1,9 @@ use crate::shared::*; -use aes::cipher::NewCipher; -use aes::BlockEncrypt; -use aes::NewBlockCipher; +use aes::cipher::block_padding::Pkcs7; +use aes::cipher::BlockEncryptMut; +use aes::cipher::KeyIvInit; +use aes::cipher::StreamCipher; use aes_gcm::aead::generic_array::typenum::U12; use aes_gcm::aead::generic_array::typenum::U16; use aes_gcm::aead::generic_array::ArrayLength; @@ -12,21 +13,15 @@ use aes_gcm::aes::Aes256; use aes_gcm::AeadInPlace; use aes_gcm::NewAead; use aes_gcm::Nonce; -use ctr::Ctr; -use deno_core::op; - -use block_modes::BlockMode; -use ctr::cipher::StreamCipher; -use ctr::flavors::Ctr128BE; - -use ctr::flavors::Ctr32BE; -use ctr::flavors::Ctr64BE; -use ctr::flavors::CtrFlavor; +use ctr::Ctr128BE; +use ctr::Ctr32BE; +use ctr::Ctr64BE; use deno_core::error::type_error; use deno_core::error::AnyError; +use deno_core::op; use deno_core::ZeroCopyBuf; use rand::rngs::OsRng; -use rsa::pkcs1::FromRsaPublicKey; +use rsa::pkcs1::DecodeRsaPublicKey; use rsa::PaddingScheme; use rsa::PublicKey; use serde::Deserialize; @@ -156,27 +151,27 @@ fn encrypt_aes_cbc( let ciphertext = match length { 128 => { // Section 10.3 Step 2 of RFC 2315 https://www.rfc-editor.org/rfc/rfc2315 - type Aes128Cbc = - block_modes::Cbc<aes::Aes128, block_modes::block_padding::Pkcs7>; + type Aes128CbcEnc = cbc::Encryptor<aes::Aes128>; - let cipher = Aes128Cbc::new_from_slices(key, &iv)?; - cipher.encrypt_vec(data) + let cipher = Aes128CbcEnc::new_from_slices(key, &iv) + .map_err(|_| operation_error("invalid key or iv".to_string()))?; + cipher.encrypt_padded_vec_mut::<Pkcs7>(data) } 192 => { // Section 10.3 Step 2 of RFC 2315 https://www.rfc-editor.org/rfc/rfc2315 - type Aes192Cbc = - block_modes::Cbc<aes::Aes192, block_modes::block_padding::Pkcs7>; + type Aes192CbcEnc = cbc::Encryptor<aes::Aes192>; - let cipher = Aes192Cbc::new_from_slices(key, &iv)?; - cipher.encrypt_vec(data) + let cipher = Aes192CbcEnc::new_from_slices(key, &iv) + .map_err(|_| operation_error("invalid key or iv".to_string()))?; + cipher.encrypt_padded_vec_mut::<Pkcs7>(data) } 256 => { // Section 10.3 Step 2 of RFC 2315 https://www.rfc-editor.org/rfc/rfc2315 - type Aes256Cbc = - block_modes::Cbc<aes::Aes256, block_modes::block_padding::Pkcs7>; + type Aes256CbcEnc = cbc::Encryptor<aes::Aes256>; - let cipher = Aes256Cbc::new_from_slices(key, &iv)?; - cipher.encrypt_vec(data) + let cipher = Aes256CbcEnc::new_from_slices(key, &iv) + .map_err(|_| operation_error("invalid key or iv".to_string()))?; + cipher.encrypt_padded_vec_mut::<Pkcs7>(data) } _ => return Err(type_error("invalid length")), }; @@ -260,16 +255,15 @@ fn encrypt_aes_gcm( Ok(ciphertext) } -fn encrypt_aes_ctr_gen<B, F>( +fn encrypt_aes_ctr_gen<B>( key: &[u8], counter: &[u8], data: &[u8], ) -> Result<Vec<u8>, AnyError> where - B: BlockEncrypt + NewBlockCipher, - F: CtrFlavor<B::BlockSize>, + B: KeyIvInit + StreamCipher, { - let mut cipher = Ctr::<B, F>::new(key.into(), counter.into()); + let mut cipher = B::new(key.into(), counter.into()); let mut ciphertext = data.to_vec(); cipher @@ -290,21 +284,21 @@ fn encrypt_aes_ctr( match ctr_length { 32 => match key_length { - 128 => encrypt_aes_ctr_gen::<aes::Aes128, Ctr32BE>(key, counter, data), - 192 => encrypt_aes_ctr_gen::<aes::Aes192, Ctr32BE>(key, counter, data), - 256 => encrypt_aes_ctr_gen::<aes::Aes256, Ctr32BE>(key, counter, data), + 128 => encrypt_aes_ctr_gen::<Ctr32BE<aes::Aes128>>(key, counter, data), + 192 => encrypt_aes_ctr_gen::<Ctr32BE<aes::Aes192>>(key, counter, data), + 256 => encrypt_aes_ctr_gen::<Ctr32BE<aes::Aes256>>(key, counter, data), _ => Err(type_error("invalid length")), }, 64 => match key_length { - 128 => encrypt_aes_ctr_gen::<aes::Aes128, Ctr64BE>(key, counter, data), - 192 => encrypt_aes_ctr_gen::<aes::Aes192, Ctr64BE>(key, counter, data), - 256 => encrypt_aes_ctr_gen::<aes::Aes256, Ctr64BE>(key, counter, data), + 128 => encrypt_aes_ctr_gen::<Ctr64BE<aes::Aes128>>(key, counter, data), + 192 => encrypt_aes_ctr_gen::<Ctr64BE<aes::Aes192>>(key, counter, data), + 256 => encrypt_aes_ctr_gen::<Ctr64BE<aes::Aes256>>(key, counter, data), _ => Err(type_error("invalid length")), }, 128 => match key_length { - 128 => encrypt_aes_ctr_gen::<aes::Aes128, Ctr128BE>(key, counter, data), - 192 => encrypt_aes_ctr_gen::<aes::Aes192, Ctr128BE>(key, counter, data), - 256 => encrypt_aes_ctr_gen::<aes::Aes256, Ctr128BE>(key, counter, data), + 128 => encrypt_aes_ctr_gen::<Ctr128BE<aes::Aes128>>(key, counter, data), + 192 => encrypt_aes_ctr_gen::<Ctr128BE<aes::Aes192>>(key, counter, data), + 256 => encrypt_aes_ctr_gen::<Ctr128BE<aes::Aes256>>(key, counter, data), _ => Err(type_error("invalid length")), }, _ => Err(type_error( |