1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
|
// SPDX-FileCopyrightText: 2022 Linus Jahn <lnj@kaidan.im>
//
// SPDX-License-Identifier: LGPL-2.1-or-later
#include "QXmppFileEncryption.h"
#include <QByteArray>
#include <QtCrypto>
#undef min
using namespace QCA;
constexpr std::size_t AES128_BLOCK_SIZE = 128 / 8;
constexpr std::size_t AES256_BLOCK_SIZE = 256 / 8;
constexpr int GCM_IV_SIZE = 12;
namespace QXmpp::Private::Encryption {
static QString cipherName(QXmpp::Cipher cipher)
{
switch (cipher) {
case Aes128GcmNoPad:
return QStringLiteral("aes128");
case Aes256GcmNoPad:
case Aes256CbcPkcs7:
return QStringLiteral("aes256");
}
Q_UNREACHABLE();
}
static std::size_t blockSize(QXmpp::Cipher cipher)
{
switch (cipher) {
case Aes128GcmNoPad:
return AES128_BLOCK_SIZE;
case Aes256GcmNoPad:
case Aes256CbcPkcs7:
return AES256_BLOCK_SIZE;
}
Q_UNREACHABLE();
}
static QCA::Cipher::Mode cipherMode(QXmpp::Cipher cipher)
{
switch (cipher) {
case Aes128GcmNoPad:
case Aes256GcmNoPad:
return QCA::Cipher::GCM;
case Aes256CbcPkcs7:
return QCA::Cipher::CBC;
}
Q_UNREACHABLE();
}
static QCA::Cipher::Padding padding(QXmpp::Cipher cipher)
{
switch (cipher) {
case Aes128GcmNoPad:
case Aes256GcmNoPad:
return QCA::Cipher::NoPadding;
case Aes256CbcPkcs7:
return QCA::Cipher::PKCS7;
}
Q_UNREACHABLE();
}
QCA::Direction toQcaDirection(Direction direction)
{
switch (direction) {
case Encode:
return QCA::Encode;
case Decode:
return QCA::Decode;
}
Q_UNREACHABLE();
}
static std::size_t roundUpToBlockSize(qint64 size, std::size_t blockSize)
{
Q_ASSERT(size >= 0);
return (size / blockSize + 1) * blockSize;
}
QByteArray process(const QByteArray &data, QXmpp::Cipher cipherConfig, Direction direction, const QByteArray &key, const QByteArray &iv)
{
return QCA::Cipher(cipherName(cipherConfig),
cipherMode(cipherConfig),
padding(cipherConfig),
toQcaDirection(direction),
SymmetricKey(key),
InitializationVector(iv))
.process(MemoryRegion(data))
.toByteArray();
}
QByteArray generateKey(QXmpp::Cipher cipher)
{
return Random::randomArray(int(blockSize(cipher))).toByteArray();
}
QByteArray generateInitializationVector(QXmpp::Cipher config)
{
switch (config) {
case Aes128GcmNoPad:
case Aes256GcmNoPad:
return Random::randomArray(GCM_IV_SIZE).toByteArray();
case Aes256CbcPkcs7:
return Random::randomArray(int(blockSize(config))).toByteArray();
}
Q_UNREACHABLE();
}
EncryptionDevice::EncryptionDevice(std::unique_ptr<QIODevice> input,
Cipher config,
const QByteArray &key,
const QByteArray &iv)
: m_cipherConfig(config),
m_input(std::move(input)),
m_cipher(std::make_unique<QCA::Cipher>(
cipherName(config),
cipherMode(config),
padding(config),
QCA::Encode,
SymmetricKey(key),
InitializationVector(iv)))
{
// output must not be sequential
Q_ASSERT(!m_input->isSequential());
Q_ASSERT(m_outputBuffer.empty());
setOpenMode(m_input->openMode() & QIODevice::ReadOnly);
}
EncryptionDevice::~EncryptionDevice() = default;
bool EncryptionDevice::open(OpenMode mode)
{
return m_input->open(mode);
}
void EncryptionDevice::close()
{
m_input->close();
}
bool EncryptionDevice::isSequential() const
{
return false;
}
qint64 EncryptionDevice::size() const
{
switch (m_cipherConfig) {
case Aes128GcmNoPad:
case Aes256GcmNoPad:
return m_input->size();
case Aes256CbcPkcs7: {
// padding is done with 128 bits blocks
return roundUpToBlockSize(m_input->size(), 128 / 8);
}
}
Q_UNREACHABLE();
}
qint64 EncryptionDevice::readData(char *data, qint64 len)
{
auto requestedLen = len;
qint64 read = 0;
{
// try to read from output buffer
qint64 outputBufferRead = std::min(qint64(m_outputBuffer.size()), len);
std::copy_n(m_outputBuffer.cbegin(), outputBufferRead, data);
m_outputBuffer.erase(m_outputBuffer.begin(), m_outputBuffer.begin() + outputBufferRead);
read += outputBufferRead;
len -= outputBufferRead;
}
if (len > 0) {
// read from input and encrypt new data
// output buffer is empty here
Q_ASSERT(m_outputBuffer.empty());
// read unencrypted data (may read one block more than needed)
auto inputBufferSize = roundUpToBlockSize(len, blockSize(m_cipherConfig));
Q_ASSERT(inputBufferSize > 0);
QByteArray inputBuffer;
inputBuffer.resize(inputBufferSize);
inputBuffer.resize(m_input->read(inputBuffer.data(), inputBufferSize));
// process input buffer
auto processed = [&]() {
if (inputBuffer.isEmpty()) {
m_finalized = true;
return m_cipher->final();
}
// encrypt data
return m_cipher->process(MemoryRegion(inputBuffer));
}();
// split up into part for user and put rest into output buffer
auto processedReadBytes = std::min(qint64(processed.size()), len);
std::copy_n(processed.constData(), processedReadBytes, data + read);
read += processedReadBytes;
len -= processedReadBytes;
Q_ASSERT(processed.size() >= processedReadBytes);
auto restBytes = size_t(processed.size() - processedReadBytes);
m_outputBuffer.resize(restBytes);
std::copy_n(processed.constData() + processedReadBytes, restBytes, m_outputBuffer.data());
}
Q_ASSERT((len + read) == requestedLen);
return read;
}
qint64 EncryptionDevice::writeData(const char *, qint64)
{
return 0;
}
bool EncryptionDevice::atEnd() const
{
return m_finalized && m_outputBuffer.empty();
}
DecryptionDevice::DecryptionDevice(std::unique_ptr<QIODevice> input,
Cipher config,
const QByteArray &key,
const QByteArray &iv)
: m_cipherConfig(config),
m_output(std::move(input)),
m_cipher(std::make_unique<QCA::Cipher>(
cipherName(config),
cipherMode(config),
padding(config),
QCA::Decode,
SymmetricKey(key),
InitializationVector(iv)))
{
// output must not be sequential
Q_ASSERT(!m_output->isSequential());
Q_ASSERT(m_outputBuffer.empty());
setOpenMode(m_output->openMode() & QIODevice::WriteOnly);
}
DecryptionDevice::~DecryptionDevice() = default;
bool DecryptionDevice::open(OpenMode mode)
{
return m_output->open(mode);
}
void DecryptionDevice::close()
{
m_output->close();
}
bool DecryptionDevice::isSequential() const
{
return true;
}
qint64 DecryptionDevice::size() const
{
return 0;
}
qint64 DecryptionDevice::readData(char *, qint64)
{
return 0;
}
qint64 DecryptionDevice::writeData(const char *data, qint64 len)
{
auto decrypted = m_cipher->process(QByteArray(data, len));
m_output->write(decrypted.constData(), decrypted.size());
return len;
}
} // namespace QXmpp::Private::Encryption
|
