1/**************************************************************************/
2/* crypto_core.cpp */
3/**************************************************************************/
4/* This file is part of: */
5/* GODOT ENGINE */
6/* https://godotengine.org */
7/**************************************************************************/
8/* Copyright (c) 2014-present Godot Engine contributors (see AUTHORS.md). */
9/* Copyright (c) 2007-2014 Juan Linietsky, Ariel Manzur. */
10/* */
11/* Permission is hereby granted, free of charge, to any person obtaining */
12/* a copy of this software and associated documentation files (the */
13/* "Software"), to deal in the Software without restriction, including */
14/* without limitation the rights to use, copy, modify, merge, publish, */
15/* distribute, sublicense, and/or sell copies of the Software, and to */
16/* permit persons to whom the Software is furnished to do so, subject to */
17/* the following conditions: */
18/* */
19/* The above copyright notice and this permission notice shall be */
20/* included in all copies or substantial portions of the Software. */
21/* */
22/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */
23/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */
24/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. */
25/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */
26/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */
27/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */
28/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
29/**************************************************************************/
30
31#include "crypto_core.h"
32
33#include "core/os/os.h"
34
35#include <mbedtls/aes.h>
36#include <mbedtls/base64.h>
37#include <mbedtls/ctr_drbg.h>
38#include <mbedtls/entropy.h>
39#include <mbedtls/md5.h>
40#include <mbedtls/sha1.h>
41#include <mbedtls/sha256.h>
42
43// RandomGenerator
44CryptoCore::RandomGenerator::RandomGenerator() {
45 entropy = memalloc(sizeof(mbedtls_entropy_context));
46 mbedtls_entropy_init((mbedtls_entropy_context *)entropy);
47 mbedtls_entropy_add_source((mbedtls_entropy_context *)entropy, &CryptoCore::RandomGenerator::_entropy_poll, nullptr, 256, MBEDTLS_ENTROPY_SOURCE_STRONG);
48 ctx = memalloc(sizeof(mbedtls_ctr_drbg_context));
49 mbedtls_ctr_drbg_init((mbedtls_ctr_drbg_context *)ctx);
50}
51
52CryptoCore::RandomGenerator::~RandomGenerator() {
53 mbedtls_ctr_drbg_free((mbedtls_ctr_drbg_context *)ctx);
54 memfree(ctx);
55 mbedtls_entropy_free((mbedtls_entropy_context *)entropy);
56 memfree(entropy);
57}
58
59int CryptoCore::RandomGenerator::_entropy_poll(void *p_data, unsigned char *r_buffer, size_t p_len, size_t *r_len) {
60 *r_len = 0;
61 Error err = OS::get_singleton()->get_entropy(r_buffer, p_len);
62 ERR_FAIL_COND_V(err, MBEDTLS_ERR_ENTROPY_SOURCE_FAILED);
63 *r_len = p_len;
64 return 0;
65}
66
67Error CryptoCore::RandomGenerator::init() {
68 int ret = mbedtls_ctr_drbg_seed((mbedtls_ctr_drbg_context *)ctx, mbedtls_entropy_func, (mbedtls_entropy_context *)entropy, nullptr, 0);
69 if (ret) {
70 ERR_FAIL_COND_V_MSG(ret, FAILED, " failed\n ! mbedtls_ctr_drbg_seed returned an error" + itos(ret));
71 }
72 return OK;
73}
74
75Error CryptoCore::RandomGenerator::get_random_bytes(uint8_t *r_buffer, size_t p_bytes) {
76 ERR_FAIL_NULL_V(ctx, ERR_UNCONFIGURED);
77 int ret = mbedtls_ctr_drbg_random((mbedtls_ctr_drbg_context *)ctx, r_buffer, p_bytes);
78 ERR_FAIL_COND_V_MSG(ret, FAILED, " failed\n ! mbedtls_ctr_drbg_seed returned an error" + itos(ret));
79 return OK;
80}
81
82// MD5
83CryptoCore::MD5Context::MD5Context() {
84 ctx = memalloc(sizeof(mbedtls_md5_context));
85 mbedtls_md5_init((mbedtls_md5_context *)ctx);
86}
87
88CryptoCore::MD5Context::~MD5Context() {
89 mbedtls_md5_free((mbedtls_md5_context *)ctx);
90 memfree((mbedtls_md5_context *)ctx);
91}
92
93Error CryptoCore::MD5Context::start() {
94 int ret = mbedtls_md5_starts_ret((mbedtls_md5_context *)ctx);
95 return ret ? FAILED : OK;
96}
97
98Error CryptoCore::MD5Context::update(const uint8_t *p_src, size_t p_len) {
99 int ret = mbedtls_md5_update_ret((mbedtls_md5_context *)ctx, p_src, p_len);
100 return ret ? FAILED : OK;
101}
102
103Error CryptoCore::MD5Context::finish(unsigned char r_hash[16]) {
104 int ret = mbedtls_md5_finish_ret((mbedtls_md5_context *)ctx, r_hash);
105 return ret ? FAILED : OK;
106}
107
108// SHA1
109CryptoCore::SHA1Context::SHA1Context() {
110 ctx = memalloc(sizeof(mbedtls_sha1_context));
111 mbedtls_sha1_init((mbedtls_sha1_context *)ctx);
112}
113
114CryptoCore::SHA1Context::~SHA1Context() {
115 mbedtls_sha1_free((mbedtls_sha1_context *)ctx);
116 memfree((mbedtls_sha1_context *)ctx);
117}
118
119Error CryptoCore::SHA1Context::start() {
120 int ret = mbedtls_sha1_starts_ret((mbedtls_sha1_context *)ctx);
121 return ret ? FAILED : OK;
122}
123
124Error CryptoCore::SHA1Context::update(const uint8_t *p_src, size_t p_len) {
125 int ret = mbedtls_sha1_update_ret((mbedtls_sha1_context *)ctx, p_src, p_len);
126 return ret ? FAILED : OK;
127}
128
129Error CryptoCore::SHA1Context::finish(unsigned char r_hash[20]) {
130 int ret = mbedtls_sha1_finish_ret((mbedtls_sha1_context *)ctx, r_hash);
131 return ret ? FAILED : OK;
132}
133
134// SHA256
135CryptoCore::SHA256Context::SHA256Context() {
136 ctx = memalloc(sizeof(mbedtls_sha256_context));
137 mbedtls_sha256_init((mbedtls_sha256_context *)ctx);
138}
139
140CryptoCore::SHA256Context::~SHA256Context() {
141 mbedtls_sha256_free((mbedtls_sha256_context *)ctx);
142 memfree((mbedtls_sha256_context *)ctx);
143}
144
145Error CryptoCore::SHA256Context::start() {
146 int ret = mbedtls_sha256_starts_ret((mbedtls_sha256_context *)ctx, 0);
147 return ret ? FAILED : OK;
148}
149
150Error CryptoCore::SHA256Context::update(const uint8_t *p_src, size_t p_len) {
151 int ret = mbedtls_sha256_update_ret((mbedtls_sha256_context *)ctx, p_src, p_len);
152 return ret ? FAILED : OK;
153}
154
155Error CryptoCore::SHA256Context::finish(unsigned char r_hash[32]) {
156 int ret = mbedtls_sha256_finish_ret((mbedtls_sha256_context *)ctx, r_hash);
157 return ret ? FAILED : OK;
158}
159
160// AES256
161CryptoCore::AESContext::AESContext() {
162 ctx = memalloc(sizeof(mbedtls_aes_context));
163 mbedtls_aes_init((mbedtls_aes_context *)ctx);
164}
165
166CryptoCore::AESContext::~AESContext() {
167 mbedtls_aes_free((mbedtls_aes_context *)ctx);
168 memfree((mbedtls_aes_context *)ctx);
169}
170
171Error CryptoCore::AESContext::set_encode_key(const uint8_t *p_key, size_t p_bits) {
172 int ret = mbedtls_aes_setkey_enc((mbedtls_aes_context *)ctx, p_key, p_bits);
173 return ret ? FAILED : OK;
174}
175
176Error CryptoCore::AESContext::set_decode_key(const uint8_t *p_key, size_t p_bits) {
177 int ret = mbedtls_aes_setkey_dec((mbedtls_aes_context *)ctx, p_key, p_bits);
178 return ret ? FAILED : OK;
179}
180
181Error CryptoCore::AESContext::encrypt_ecb(const uint8_t p_src[16], uint8_t r_dst[16]) {
182 int ret = mbedtls_aes_crypt_ecb((mbedtls_aes_context *)ctx, MBEDTLS_AES_ENCRYPT, p_src, r_dst);
183 return ret ? FAILED : OK;
184}
185
186Error CryptoCore::AESContext::encrypt_cbc(size_t p_length, uint8_t r_iv[16], const uint8_t *p_src, uint8_t *r_dst) {
187 int ret = mbedtls_aes_crypt_cbc((mbedtls_aes_context *)ctx, MBEDTLS_AES_ENCRYPT, p_length, r_iv, p_src, r_dst);
188 return ret ? FAILED : OK;
189}
190
191Error CryptoCore::AESContext::encrypt_cfb(size_t p_length, uint8_t p_iv[16], const uint8_t *p_src, uint8_t *r_dst) {
192 size_t iv_off = 0; // Ignore and assume 16-byte alignment.
193 int ret = mbedtls_aes_crypt_cfb128((mbedtls_aes_context *)ctx, MBEDTLS_AES_ENCRYPT, p_length, &iv_off, p_iv, p_src, r_dst);
194 return ret ? FAILED : OK;
195}
196
197Error CryptoCore::AESContext::decrypt_ecb(const uint8_t p_src[16], uint8_t r_dst[16]) {
198 int ret = mbedtls_aes_crypt_ecb((mbedtls_aes_context *)ctx, MBEDTLS_AES_DECRYPT, p_src, r_dst);
199 return ret ? FAILED : OK;
200}
201
202Error CryptoCore::AESContext::decrypt_cbc(size_t p_length, uint8_t r_iv[16], const uint8_t *p_src, uint8_t *r_dst) {
203 int ret = mbedtls_aes_crypt_cbc((mbedtls_aes_context *)ctx, MBEDTLS_AES_DECRYPT, p_length, r_iv, p_src, r_dst);
204 return ret ? FAILED : OK;
205}
206
207Error CryptoCore::AESContext::decrypt_cfb(size_t p_length, uint8_t p_iv[16], const uint8_t *p_src, uint8_t *r_dst) {
208 size_t iv_off = 0; // Ignore and assume 16-byte alignment.
209 int ret = mbedtls_aes_crypt_cfb128((mbedtls_aes_context *)ctx, MBEDTLS_AES_DECRYPT, p_length, &iv_off, p_iv, p_src, r_dst);
210 return ret ? FAILED : OK;
211}
212
213// CryptoCore
214String CryptoCore::b64_encode_str(const uint8_t *p_src, int p_src_len) {
215 int b64len = p_src_len / 3 * 4 + 4 + 1;
216 Vector<uint8_t> b64buff;
217 b64buff.resize(b64len);
218 uint8_t *w64 = b64buff.ptrw();
219 size_t strlen = 0;
220 int ret = b64_encode(&w64[0], b64len, &strlen, p_src, p_src_len);
221 w64[strlen] = 0;
222 return ret ? String() : (const char *)&w64[0];
223}
224
225Error CryptoCore::b64_encode(uint8_t *r_dst, int p_dst_len, size_t *r_len, const uint8_t *p_src, int p_src_len) {
226 int ret = mbedtls_base64_encode(r_dst, p_dst_len, r_len, p_src, p_src_len);
227 return ret ? FAILED : OK;
228}
229
230Error CryptoCore::b64_decode(uint8_t *r_dst, int p_dst_len, size_t *r_len, const uint8_t *p_src, int p_src_len) {
231 int ret = mbedtls_base64_decode(r_dst, p_dst_len, r_len, p_src, p_src_len);
232 return ret ? FAILED : OK;
233}
234
235Error CryptoCore::md5(const uint8_t *p_src, int p_src_len, unsigned char r_hash[16]) {
236 int ret = mbedtls_md5_ret(p_src, p_src_len, r_hash);
237 return ret ? FAILED : OK;
238}
239
240Error CryptoCore::sha1(const uint8_t *p_src, int p_src_len, unsigned char r_hash[20]) {
241 int ret = mbedtls_sha1_ret(p_src, p_src_len, r_hash);
242 return ret ? FAILED : OK;
243}
244
245Error CryptoCore::sha256(const uint8_t *p_src, int p_src_len, unsigned char r_hash[32]) {
246 int ret = mbedtls_sha256_ret(p_src, p_src_len, r_hash, 0);
247 return ret ? FAILED : OK;
248}
249