Commit0109f9c

tniessen

authored and

marco-ippolito

committed

src: simplify AESCipherTraits::AdditionalConfig

Instead of a giant switch statement and a lot of duplicate code, add theNID and the block cipher mode of operation to the VARIANTS list and usethose fields to perform configuration appropriately.PR-URL:#53890Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

1 parent43ede1a commit0109f9cCopy full SHA for 0109f9c

File tree

2 files changed

+48

-86

lines changed

src/crypto
- crypto_aes.cc
- crypto_aes.h

2 files changed

+48

-86

lines changed

`‎src/crypto/crypto_aes.cc`

Lines changed: 27 additions & 72 deletions

Original file line number	Diff line number	Diff line change
`@@ -476,83 +476,38 @@ Maybe<bool> AESCipherTraits::AdditionalConfig(`
`476`	`476`	`params->variant =`
`477`	`477`	`static_cast<AESKeyVariant>(args[offset].As<Uint32>()->Value());`
`478`	`478`
	`479`	`+ AESCipherMode cipher_op_mode;`
`479`	`480`	`int cipher_nid;`
`480`	`481`
	`482`	`+#defineV(name, _, mode, nid) \`
	`483`	`+casekKeyVariantAES_##name: { \`
	`484`	`+ cipher_op_mode = mode; \`
	`485`	`+ cipher_nid = nid; \`
	`486`	`+break; \`
	`487`	`+ }`
`481`	`488`	`switch (params->variant) {`
`482`		`-casekKeyVariantAES_CTR_128:`
`483`		`-if (!ValidateIV(env, mode, args[offset +1], params) \|\|`
`484`		`- !ValidateCounter(env, args[offset +2], params)) {`
`485`		`-return Nothing<bool>();`
`486`		`- }`
`487`		`- cipher_nid = NID_aes_128_ctr;`
`488`		`-break;`
`489`		`-casekKeyVariantAES_CTR_192:`
`490`		`-if (!ValidateIV(env, mode, args[offset +1], params) \|\|`
`491`		`- !ValidateCounter(env, args[offset +2], params)) {`
`492`		`-return Nothing<bool>();`
`493`		`- }`
`494`		`- cipher_nid = NID_aes_192_ctr;`
`495`		`-break;`
`496`		`-casekKeyVariantAES_CTR_256:`
`497`		`-if (!ValidateIV(env, mode, args[offset +1], params) \|\|`
`498`		`- !ValidateCounter(env, args[offset +2], params)) {`
`499`		`-return Nothing<bool>();`
`500`		`- }`
`501`		`- cipher_nid = NID_aes_256_ctr;`
`502`		`-break;`
`503`		`-casekKeyVariantAES_CBC_128:`
`504`		`-if (!ValidateIV(env, mode, args[offset +1], params))`
`505`		`-return Nothing<bool>();`
`506`		`- cipher_nid = NID_aes_128_cbc;`
`507`		`-break;`
`508`		`-casekKeyVariantAES_CBC_192:`
`509`		`-if (!ValidateIV(env, mode, args[offset +1], params))`
`510`		`-return Nothing<bool>();`
`511`		`- cipher_nid = NID_aes_192_cbc;`
`512`		`-break;`
`513`		`-casekKeyVariantAES_CBC_256:`
`514`		`-if (!ValidateIV(env, mode, args[offset +1], params))`
`515`		`-return Nothing<bool>();`
`516`		`- cipher_nid = NID_aes_256_cbc;`
`517`		`-break;`
`518`		`-casekKeyVariantAES_KW_128:`
`519`		`-UseDefaultIV(params);`
`520`		`- cipher_nid = NID_id_aes128_wrap;`
`521`		`-break;`
`522`		`-casekKeyVariantAES_KW_192:`
`523`		`-UseDefaultIV(params);`
`524`		`- cipher_nid = NID_id_aes192_wrap;`
`525`		`-break;`
`526`		`-casekKeyVariantAES_KW_256:`
`527`		`-UseDefaultIV(params);`
`528`		`- cipher_nid = NID_id_aes256_wrap;`
`529`		`-break;`
`530`		`-casekKeyVariantAES_GCM_128:`
`531`		`-if (!ValidateIV(env, mode, args[offset +1], params) \|\|`
`532`		`- !ValidateAuthTag(env, mode, cipher_mode, args[offset +2], params) \|\|`
`533`		`- !ValidateAdditionalData(env, mode, args[offset +3], params)) {`
`534`		`-return Nothing<bool>();`
`535`		`- }`
`536`		`- cipher_nid = NID_aes_128_gcm;`
`537`		`-break;`
`538`		`-casekKeyVariantAES_GCM_192:`
`539`		`-if (!ValidateIV(env, mode, args[offset +1], params) \|\|`
`540`		`- !ValidateAuthTag(env, mode, cipher_mode, args[offset +2], params) \|\|`
`541`		`- !ValidateAdditionalData(env, mode, args[offset +3], params)) {`
	`489`	`+VARIANTS(V)`
	`490`	`+default:`
	`491`	`+UNREACHABLE();`
	`492`	`+ }`
	`493`	`+#undef V`
	`494`	`+`
	`495`	`+if (cipher_op_mode != AESCipherMode::KW) {`
	`496`	`+if (!ValidateIV(env, mode, args[offset +1], params)) {`
	`497`	`+return Nothing<bool>();`
	`498`	`+ }`
	`499`	`+if (cipher_op_mode == AESCipherMode::CTR) {`
	`500`	`+if (!ValidateCounter(env, args[offset +2], params)) {`
`542`	`501`	`return Nothing<bool>();`
`543`	`502`	`}`
`544`		`- cipher_nid = NID_aes_192_gcm;`
`545`		`-break;`
`546`		`-casekKeyVariantAES_GCM_256:`
`547`		`-if (!ValidateIV(env, mode, args[offset +1], params) \|\|`
`548`		`- !ValidateAuthTag(env, mode, cipher_mode, args[offset +2], params) \|\|`
	`503`	`+ }elseif (cipher_op_mode == AESCipherMode::GCM) {`
	`504`	`+if (!ValidateAuthTag(env, mode, cipher_mode, args[offset +2], params) \|\|`
`549`	`505`	`!ValidateAdditionalData(env, mode, args[offset +3], params)) {`
`550`	`506`	`return Nothing<bool>();`
`551`	`507`	`}`
`552`		`- cipher_nid = NID_aes_256_gcm;`
`553`		`-break;`
`554`		`-default:`
`555`		`-UNREACHABLE();`
	`508`	`+ }`
	`509`	`+ }else {`
	`510`	`+UseDefaultIV(params);`
`556`	`511`	`}`
`557`	`512`
`558`	`513`	`params->cipher =EVP_get_cipherbynid(cipher_nid);`
`@@ -577,8 +532,8 @@ WebCryptoCipherStatus AESCipherTraits::DoCipher(`
`577`	`532`	`const AESCipherConfig& params,`
`578`	`533`	`const ByteSource& in,`
`579`	`534`	`ByteSource* out) {`
`580`		`-#defineV(name, fn) \`
`581`		`-casekKeyVariantAES_ ##name: \`
	`535`	`+#defineV(name, fn, _, __) \`
	`536`	`+casekKeyVariantAES_##name: \`
`582`	`537`	`returnfn(env, key_data.get(), cipher_mode, params, in, out);`
`583`	`538`	`switch (params.variant) {`
`584`	`539`	`VARIANTS(V)`
`@@ -591,7 +546,7 @@ WebCryptoCipherStatus AESCipherTraits::DoCipher(`
`591`	`546`	`voidAES::Initialize(Environment* env, Local<Object> target) {`
`592`	`547`	`AESCryptoJob::Initialize(env, target);`
`593`	`548`
`594`		`-#defineV(name, _) NODE_DEFINE_CONSTANT(target,kKeyVariantAES_ ##name);`
	`549`	`+#defineV(name, _, __, ___) NODE_DEFINE_CONSTANT(target,kKeyVariantAES_##name);`
`595`	`550`	`VARIANTS(V)`
`596`	`551`	`#undef V`
`597`	`552`	`}`

`‎src/crypto/crypto_aes.h`

Lines changed: 21 additions & 14 deletions

Original file line number	Diff line number	Diff line change
`@@ -15,22 +15,29 @@ constexpr size_t kAesBlockSize = 16;`
`15`	`15`	`constexprunsignedkNoAuthTagLength =static_cast<unsigned>(-1);`
`16`	`16`	`constexprconstchar*kDefaultWrapIV ="\xa6\xa6\xa6\xa6\xa6\xa6\xa6\xa6";`
`17`	`17`
`18`		`-#defineVARIANTS(V) \`
`19`		`-V(CTR_128, AES_CTR_Cipher) \`
`20`		`-V(CTR_192, AES_CTR_Cipher) \`
`21`		`-V(CTR_256, AES_CTR_Cipher) \`
`22`		`-V(CBC_128, AES_Cipher) \`
`23`		`-V(CBC_192, AES_Cipher) \`
`24`		`-V(CBC_256, AES_Cipher) \`
`25`		`-V(GCM_128, AES_Cipher) \`
`26`		`-V(GCM_192, AES_Cipher) \`
`27`		`-V(GCM_256, AES_Cipher) \`
`28`		`-V(KW_128, AES_Cipher) \`
`29`		`-V(KW_192, AES_Cipher) \`
`30`		`-V(KW_256, AES_Cipher)`
	`18`	`+enumclassAESCipherMode {`
	`19`	`+ CTR,`
	`20`	`+ CBC,`
	`21`	`+ GCM,`
	`22`	`+ KW,`
	`23`	`+};`
	`24`	`+`
	`25`	`+#defineVARIANTS(V) \`
	`26`	`+V(CTR_128, AES_CTR_Cipher, AESCipherMode::CTR, NID_aes_128_ctr) \`
	`27`	`+V(CTR_192, AES_CTR_Cipher, AESCipherMode::CTR, NID_aes_192_ctr) \`
	`28`	`+V(CTR_256, AES_CTR_Cipher, AESCipherMode::CTR, NID_aes_256_ctr) \`
	`29`	`+V(CBC_128, AES_Cipher, AESCipherMode::CBC, NID_aes_128_cbc) \`
	`30`	`+V(CBC_192, AES_Cipher, AESCipherMode::CBC, NID_aes_192_cbc) \`
	`31`	`+V(CBC_256, AES_Cipher, AESCipherMode::CBC, NID_aes_256_cbc) \`
	`32`	`+V(GCM_128, AES_Cipher, AESCipherMode::GCM, NID_aes_128_gcm) \`
	`33`	`+V(GCM_192, AES_Cipher, AESCipherMode::GCM, NID_aes_192_gcm) \`
	`34`	`+V(GCM_256, AES_Cipher, AESCipherMode::GCM, NID_aes_256_gcm) \`
	`35`	`+V(KW_128, AES_Cipher, AESCipherMode::KW, NID_id_aes128_wrap) \`
	`36`	`+V(KW_192, AES_Cipher, AESCipherMode::KW, NID_id_aes192_wrap) \`
	`37`	`+V(KW_256, AES_Cipher, AESCipherMode::KW, NID_id_aes256_wrap)`
`31`	`38`
`32`	`39`	`enum AESKeyVariant {`
`33`		`-#defineV(name, _)kKeyVariantAES_ ##name,`
	`40`	`+#defineV(name, _, __, ___)kKeyVariantAES_##name,`
`34`	`41`	`VARIANTS(V)`
`35`	`42`	`#undef V`
`36`	`43`	`};`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit0109f9c

File tree

2 files changed

2 files changed

`‎src/crypto/crypto_aes.cc`

`‎src/crypto/crypto_aes.h`

0 commit comments