~sircmpwn/hare-ssh

hare-ssh/format/ssh/cipher.ha -rw-r--r-- 1.1 KiB
c6a39e37Armin Preiml harden against "compromise via lattices" 29 days ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

use crypto::aes;
use crypto::cipher;
use io;

type cipherinit = fn(src: io::handle, key: []u8, iv: []u8) *io::stream;

type cipher = struct {
	name: str,
	bufsiz: size,
	keylen: size,
	ivlen: size,
	authlen: size,
	init: *cipherinit,
};

const ciphers: [_]cipher = [
	cipher {
		name = "aes256-ctr",
		bufsiz = aes::CTR_BUFSZ,
		keylen = 32,
		ivlen = 16,
		authlen = 0,
		init = &aes256ctr_init,
	},
];

fn getcipher(name: str) (const *cipher | badcipher) = {
	for (let i = 0z; i < len(ciphers); i += 1) {
		if (ciphers[i].name == name) {
			return &ciphers[i];
		};
	};
	return badcipher;
};

type aes256ctr = struct {
	st: cipher::ctr_stream,
	block: aes::block,
	buf: [aes::CTR_BUFSZ]u8,
};

fn aes256ctr_init(handle: io::handle, key: []u8, iv: []u8) *io::stream = {
	let state = alloc(aes256ctr {
		st = *(&([0...]: [size(cipher::ctr_stream)]u8): *cipher::ctr_stream),
		block = aes::aes(),
		...
	});
	aes::init(&state.block, key);
	state.st = cipher::ctr(handle, &state.block, iv, state.buf);
	return state;
};

fn cipher_free(cipher: *io::stream) void = {
	io::close(cipher)!;
	free(cipher);
};