mirrors/Atmosphere
1
0
Fork 0
mirror of https://github.com/Atmosphere-NX/Atmosphere.git synced 2025-05-24 19:54:22 -04:00
Code Issues Projects Releases Packages Wiki Activity

crypto: implement RSA-2048-PSS

Browse source
This commit is contained in:
Michael Scire 2020-02-23 17:34:30 -08:00
parent d675aa3414
commit f3629f863d
13 changed files with 692 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
libraries/libvapours/include/vapours/crypto/impl/crypto_bignum.hpp
View file

@ -147,7 +147,7 @@ namespace ams::crypto::impl {
};
template<size_t Bits>
class StackBigNum : public BigNum {
class StaticBigNum : public BigNum {
public:
static constexpr size_t NumBits = Bits;
static constexpr size_t NumWords = util::AlignUp(NumBits, BitsPerWord) / BitsPerWord;
@ -155,7 +155,7 @@ namespace ams::crypto::impl {
private:
Word word_buf[NumWords];
public:
constexpr StackBigNum() : word_buf() {
constexpr StaticBigNum() : word_buf() {
this->ReserveStatic(word_buf, NumWords);
}
};

37
libraries/libvapours/include/vapours/crypto/impl/crypto_hash_function.hpp Normal file
View file

@ -0,0 +1,37 @@
/*
* Copyright (c) 2018-2020 Atmosphère-NX
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include <vapours/common.hpp>
#include <vapours/assert.hpp>
#include <vapours/util.hpp>
#include <vapours/crypto/crypto_memory_compare.hpp>
#include <vapours/crypto/crypto_memory_clear.hpp>
namespace ams::crypto::impl {
/* TODO: C++20
template<typename T>
concept HashFunction = requires(T &t, const void *cv, void *v, size_t sz) {
{ T::HashSize } -> std::same_as<size_t>;
{ T::BlockSize } -> std::same_as<size_t>;
{ t.Initialize() } -> std::same_as<void>;
{ t.Update(cv, sz) } -> std::same_as<void>;
{ t.GetHash(v, sz) } -> std::same_as<void>;
};
*/
}

120
libraries/libvapours/include/vapours/crypto/impl/crypto_rsa_pss_impl.hpp Normal file
View file

@ -0,0 +1,120 @@
/*
* Copyright (c) 2018-2020 Atmosphère-NX
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include <vapours/common.hpp>
#include <vapours/assert.hpp>
#include <vapours/util.hpp>
#include <vapours/crypto/impl/crypto_hash_function.hpp>
namespace ams::crypto::impl {
template<typename Hash> /* requires HashFunction<Hash> */
class RsaPssImpl {
NON_COPYABLE(RsaPssImpl);
NON_MOVEABLE(RsaPssImpl);
public:
static constexpr size_t HashSize = Hash::HashSize;
private:
static constexpr u8 TailMagic = 0xBC;
private:
static void ComputeHashWithPadding(void *dst, Hash *hash, const void *salt, size_t salt_size) {
/* Initialize our buffer. */
u8 buf[8 + HashSize];
std::memset(buf, 0, 8);
hash->GetHash(buf + 8, HashSize);
ON_SCOPE_EXIT { ClearMemory(buf, sizeof(buf)); };
/* Calculate our hash. */
hash->Initialize();
hash->Update(buf, sizeof(buf));
hash->Update(salt, salt_size);
hash->GetHash(dst, HashSize);
}
static void ApplyMGF1(u8 *dst, size_t dst_size, const void *src, size_t src_size) {
u8 buf[HashSize];
ON_SCOPE_EXIT { ClearMemory(buf, sizeof(buf)); };
const size_t required_iters = (dst_size + HashSize - 1) / HashSize;
for (size_t i = 0; i < required_iters; i++) {
Hash hash;
hash.Initialize();
hash.Update(src, src_size);
const u32 tmp = util::ConvertToBigEndian(static_cast<u32>(i));
hash.Update(std::addressof(tmp), sizeof(tmp));
hash.GetHash(buf, HashSize);
const size_t start = HashSize * i;
const size_t end = std::min(dst_size, start + HashSize);
for (size_t j = start; j < end; j++) {
dst[j] ^= buf[j - start];
}
}
}
public:
RsaPssImpl() { /* ... */ }
bool Verify(u8 *buf, size_t size, Hash *hash) {
/* Validate sanity byte. */
if (buf[size - 1] != TailMagic) {
return false;
}
/* Decrypt maskedDB */
const size_t db_len = size - HashSize - 1;
u8 *db = buf;
u8 *h = db + db_len;
ApplyMGF1(db, db_len, h, HashSize);
/* Apply lmask. */
db[0] &= 0x7F;
/* Verify that DB is of the form 0000...0001 */
s32 salt_ofs = -1;
for (size_t i = 0; i < db_len; i++) {
if (db[i] != 0) {
salt_ofs = static_cast<s32>(i) + 1;
break;
}
}
if (salt_ofs == -1) {
return false;
}
if (db[salt_ofs - 1] != 1) {
return false;
}
/* Verify salt. */
const u8 *salt = db + salt_ofs;
const size_t salt_size = db_len - salt_ofs;
if (salt_size == 0) {
return false;
}
/* Verify hash. */
u8 cmp_hash[HashSize];
ON_SCOPE_EXIT { ClearMemory(cmp_hash, sizeof(cmp_hash)); };
ComputeHashWithPadding(cmp_hash, hash, salt, salt_size);
return IsSameBytes(cmp_hash, h, HashSize);
}
};
}

54
libraries/libvapours/include/vapours/crypto/impl/crypto_sha256_impl.hpp Normal file
View file

@ -0,0 +1,54 @@
/*
* Copyright (c) 2018-2020 Atmosphère-NX
*
* This program is free software; you can redistribute it and/or modify it
* under the terms and conditions of the GNU General Public License,
* version 2, as published by the Free Software Foundation.
*
* This program is distributed in the hope it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#pragma once
#include <vapours/common.hpp>
#include <vapours/assert.hpp>
#include <vapours/util.hpp>
#include <vapours/crypto/impl/crypto_hash_function.hpp>
#include <vapours/crypto/crypto_memory_clear.hpp>
namespace ams::crypto::impl {
class Sha256Impl {
public:
static constexpr size_t HashSize = 0x20;
static constexpr size_t BlockSize = 0x40;
private:
struct State {
u32 intermediate_hash[HashSize / sizeof(u32)];
u8 buffer[BlockSize];
u64 bits_consumed;
size_t num_buffered;
bool finalized;
};
private:
State state;
public:
Sha256Impl() { /* ... */ }
~Sha256Impl() {
static_assert(std::is_trivially_destructible<State>::value);
ClearMemory(std::addressof(this->state), sizeof(this->state));
}
void Initialize();
void Update(const void *data, size_t size);
void GetHash(void *dst, size_t size);
};
/* static_assert(HashFunction<Sha256Impl>); */
}