CHANGE: crypt port (work in progress)

Author: Oldes

make/rebol3.nest

@@ -453,16 +453,96 @@ include-iconv: [
 ]
 
 ;- native cryptography:                                                         
+include-cipher-camelia: [
+	core-files: %core/mbedtls/camellia.c
+	config: MBEDTLS_CAMELLIA_C
+]
+include-cipher-gcm: [
+	core-files: %core/mbedtls/gcm.c
+	config: MBEDTLS_GCM_C
+]
+include-cipher-cbc: [
+	; costs cca 1.5kB uncompressed (for AES)
+	config: MBEDTLS_CIPHER_MODE_CBC
+]
+include-cipher-chacha20: [
+	; costs cca 3kB uncompressed
+	core-files: %core/mbedtls/chacha20.c
+	config: MBEDTLS_CHACHA20_C
+]
+include-cipher-chachapoly: [
+	core-files: %core/mbedtls/chachapoly.c
+	core-files: %core/mbedtls/poly1305.c
+	config: MBEDTLS_CHACHAPOLY_C
+	config: MBEDTLS_POLY1305_C
+]
+
+include-cipher-aes-deprecated: [
+	; costs cca 5kB uncompressed
+	config: INCLUDE_AES_DEPRECATED
+	include: %src/include/deprecated/
+	core-files: %core/deprecated/u-aes.c
+	core-files: %core/deprecated/n-crypt-aes.c
+]
+
+include-cipher-chacha20-deprecated: [
+	; costs cca 10kB uncompressed
+	config: INCLUDE_CHACHA20POLY1305_DEPRECATED
+	include: %src/include/deprecated/
+	core-files: %core/deprecated/u-chacha20.c
+	core-files: %core/deprecated/u-poly1305.c
+]
+
+include-rsa: [
+	; costs cca 12kB uncompressed
+	config: INCLUDE_RSA
+	core-files: %core/mbedtls/rsa.c
+	core-files: %core/mbedtls/rsa_alt_helpers.c
+]
+include-rc4: [
+	; costs cca 0.5kB uncompressed
+	config: INCLUDE_RC4
+	core-files: %core/u-rc4.c
+]
+
+include-curves-sec1: [
+	; curves defined by FIPS 186-4 and SEC1
+	config: MBEDTLS_ECP_DP_SECP192R1_ENABLED   ; costs 2kB
+	config: MBEDTLS_ECP_DP_SECP224R1_ENABLED   ; costs 2.5kB
+	config: MBEDTLS_ECP_DP_SECP256R1_ENABLED   ; costs 2.5kB
+	config: MBEDTLS_ECP_DP_SECP384R1_ENABLED
+	config: MBEDTLS_ECP_DP_SECP521R1_ENABLED
+]
+include-curves-koblitz: [
+	; "Koblitz" curves
+	config: MBEDTLS_ECP_DP_SECP192K1_ENABLED
+	config: MBEDTLS_ECP_DP_SECP224K1_ENABLED
+	config: MBEDTLS_ECP_DP_SECP256K1_ENABLED
+]
+include-curves-brainpool: [
+	; "Brainpool" curves
+	config: MBEDTLS_ECP_DP_BP256R1_ENABLED
+	config: MBEDTLS_ECP_DP_BP384R1_ENABLED
+	config: MBEDTLS_ECP_DP_BP512R1_ENABLED
+]
+include-curves-x: [
+	config: MBEDTLS_ECP_DP_CURVE25519_ENABLED  ; costs 7.6kB
+	config: MBEDTLS_ECP_DP_CURVE448_ENABLED    ; costs 7.6kB; together with CURVE25519 8.1!
+]
+
+
+
 include-cryptography: [
+	; so far cca 183kB uncompressed (basic AES, all ellyptic curves, rsa, rc4, bignum, entropy )
 	config: INCLUDE_CRYPTOGRAPHY
+
 	core-files: [
 		%core/n-crypt.c
-		%core/u-aes.c 
+		
 		;%core/deprecated/u-bigint.c ;needed for RSA abd DH which is needed in TLS protocol (HTTPS)
-		%core/u-chacha20.c
 		;%core/deprecated/u-dh.c
-		%core/u-poly1305.c
-		%core/u-rc4.c
+		;%core/u-poly1305.c
+		
 		;%core/deprecated/u-rsa.c
 		;%core/deprecated/u-uECC.c
 
@@ -474,8 +554,7 @@ include-cryptography: [
 		%core/mbedtls/md.c
 		%core/mbedtls/oid.c
 		%core/mbedtls/bignum.c
-		%core/mbedtls/rsa.c
-		%core/mbedtls/rsa_alt_helpers.c
+		
 		%core/mbedtls/constant_time.c
 		%core/mbedtls/ctr_drbg.c
 		%core/mbedtls/entropy.c
@@ -484,7 +563,27 @@ include-cryptography: [
 		%core/mbedtls/ecdsa.c
 		%core/mbedtls/ecp.c
 		%core/mbedtls/ecp_curves.c
+
+		%core/mbedtls/cipher.c
+		%core/mbedtls/cipher_wrap.c
 	]
+
+	:include-curves-sec1
+	:include-curves-koblitz
+	:include-curves-brainpool
+	:include-curves-x
+
+	:include-rsa
+	:include-rc4
+
+	:include-cipher-camelia
+	:include-cipher-cbc
+	;:include-cipher-gcm
+	;:include-cipher-chacha20
+	;:include-cipher-chachapoly
+	:include-cipher-chacha20-deprecated
+	:include-cipher-aes-deprecated
+
 	:include-codec-crt
 	:include-codec-der
 	:include-codec-pkix

src/boot/sysobj.reb

@@ -62,19 +62,10 @@ catalog: object [
 	checksums: [adler32 crc24 crc32 tcp md4 md5 sha1 sha224 sha256 sha384 sha512 ripemd160]
 	compressions: [gzip deflate zlib lzma crush]
 	elliptic-curves: [
-		secp192r1      ; 192-bit curve defined by FIPS 186-4 and SEC1
-		secp224r1      ; 224-bit curve defined by FIPS 186-4 and SEC1
-		secp256r1      ; 256-bit curve defined by FIPS 186-4 and SEC1
-		secp384r1      ; 384-bit curve defined by FIPS 186-4 and SEC1
-		secp521r1      ; 521-bit curve defined by FIPS 186-4 and SEC1
-		bp256r1        ; 256-bit Brainpool curve
-		bp384r1        ; 384-bit Brainpool curve
-		bp512r1        ; 512-bit Brainpool curve
-		curve25519     ; Curve25519
-		secp192k1      ; 192-bit "Koblitz" curve
-		secp224k1      ; 224-bit "Koblitz" curve
-		secp256k1      ; 256-bit "Koblitz" curve
-		curve448       ; Curve448
+		; will be filled on boot from `Init_Crypt` in `n-crypt.c`
+	]
+	ciphers: [
+		; will be filled on boot from `Init_Crypt` in `n-crypt.c`
 	]
 ]
 
@@ -283,9 +274,12 @@ standard: object [
 	]
 
 	port-spec-crypt: make port-spec-head [
-		scheme: 'crypt
-		algorithm: 'aes
-    	direction: 'encrypt
+		scheme:    'crypt
+		direction: 'encrypt
+		algorithm: 
+		;hash:     'SHA1
+		key:       ;#{E76B2413958B00E193}
+		iv:        none
 	]
 
 	port-spec-midi: make port-spec-head [

src/core/c-error.c

@@ -633,7 +633,7 @@ static REBOL_STATE Top_State; // Boot var: holds error state during boot
 	val = Get_Object(spec, STD_PORT_SPEC_HEAD_REF); // most informative
 	if (IS_NONE(val)) val = Get_Object(spec, STD_PORT_SPEC_HEAD_TITLE);
 
-	DS_PUSH_INTEGER(err_code);
+	DS_PUSH_INTEGER(-err_code);
 	Trap2(errnum, val, DS_TOP);
 }
 

src/core/c-port.c

@@ -517,7 +517,7 @@ xx*/	REBINT Wait_Device(REBREQ *req, REBCNT timeout)
 **
 ***********************************************************************/
 
-#define MAX_SCHEMES 12		// max native schemes
+#define MAX_SCHEMES 13		// max native schemes
 
 typedef struct rebol_scheme_actions {
 	REBCNT sym;
@@ -619,7 +619,7 @@ SCHEME_ACTIONS *Scheme_Actions;	// Initial Global (not threaded)
 **
 **		In mezz-ports.reb add a make-scheme.
 **		Add an Init_*_Scheme() here.
-**		Be sure host-devices.c has the device enabled.
+**		Be sure host-device.c has the device enabled.
 **
 ***********************************************************************/
 {
@@ -639,6 +639,9 @@ SCHEME_ACTIONS *Scheme_Actions;	// Initial Global (not threaded)
 #ifdef INCLUDE_MIDI_DEVICE
 	Init_MIDI_Scheme();
 #endif
+#ifdef INCLUDE_CRYPTOGRAPHY
+	Init_Crypt_Scheme();
+#endif
 }
 
 /***********************************************************************

src/core/deprecated/n-crypt-aes.c

@@ -0,0 +1,139 @@
+/***********************************************************************
+**
+**  REBOL [R3] Language Interpreter and Run-time Environment
+**
+**  Copyright 2012 REBOL Technologies
+**  Copyright 2012-2021 Rebol Open Source Contributors
+**  REBOL is a trademark of REBOL Technologies
+**
+**  Licensed under the Apache License, Version 2.0 (the "License");
+**  you may not use this file except in compliance with the License.
+**  You may obtain a copy of the License at
+**
+**  http://www.apache.org/licenses/LICENSE-2.0
+**
+**  Unless required by applicable law or agreed to in writing, software
+**  distributed under the License is distributed on an "AS IS" BASIS,
+**  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+**  See the License for the specific language governing permissions and
+**  limitations under the License.
+**
+************************************************************************
+**
+**  Module:  n-crypt-aes.c
+**  Summary: native functions for old AES code
+**  Section: natives
+**  Author:  Oldes, Cyphre
+**  Notes:
+**
+***********************************************************************/
+
+#include "sys-core.h"
+#include "sys-aes.h"
+
+
+/***********************************************************************
+**
+*/	REBNATIVE(aes)
+/*
+//  aes: native [
+//		"Encrypt/decrypt data using AES algorithm. Returns stream cipher context handle or encrypted/decrypted data."
+//		/key                "Provided only for the first time to get stream HANDLE!"
+//			crypt-key [binary!] "Crypt key (16 or 32 bytes)."
+//			iv  [none! binary!] "Optional initialization vector (16 bytes)."
+//		/decrypt            "Use the crypt-key for decryption (default is to encrypt)"
+//		/stream
+//			ctx [handle!]   "Stream cipher context."
+//			data [binary!]  "Data to encrypt/decrypt."
+//  ]
+***********************************************************************/
+{
+	REBOOL  ref_key       = D_REF(1);
+    REBVAL *val_crypt_key = D_ARG(2);
+    REBVAL *val_iv        = D_ARG(3);
+	REBOOL  ref_decrypt   = D_REF(4);
+    REBOOL  ref_stream    = D_REF(5);
+    REBVAL *val_ctx       = D_ARG(6);
+    REBVAL *val_data      = D_ARG(7);
+    
+    REBVAL *ret = D_RET;
+	REBINT  len, pad_len;
+
+	//TODO: could be optimized by reusing the handle
+
+	if (ref_key) {
+    	//key defined - setup new context
+
+    	uint8_t iv[AES_IV_SIZE];
+
+		if (IS_BINARY(val_iv)) {
+			if (VAL_LEN(val_iv) < AES_IV_SIZE) {
+				return R_NONE;
+			}
+			memcpy(iv, VAL_BIN_AT(val_iv), AES_IV_SIZE);
+		} else {
+			//TODO: Use ECB encryption if IV is not specified
+			memset(iv, 0, AES_IV_SIZE);
+		}
+		
+		len = VAL_LEN(val_crypt_key) << 3;
+
+		if (len != 128 && len != 256) {
+			return R_NONE;
+		}
+
+		MAKE_HANDLE(ret, SYM_AES);
+
+		AES_set_key(
+			(AES_CTX*)VAL_HANDLE_CONTEXT_DATA(ret),
+			VAL_BIN_AT(val_crypt_key),
+			(const uint8_t *)iv,
+			(len == 128) ? AES_MODE_128 : AES_MODE_256
+		);
+
+		if (ref_decrypt) AES_convert_key((AES_CTX*)VAL_HANDLE_CONTEXT_DATA(ret));
+
+    } else if(ref_stream) {
+
+    	if (NOT_VALID_CONTEXT_HANDLE(val_ctx, SYM_AES)) {
+			Trap0(RE_INVALID_HANDLE);
+			return R_NONE;
+		}		
+		AES_CTX *aes_ctx = (AES_CTX *)VAL_HANDLE_CONTEXT_DATA(val_ctx);
+
+    	len = VAL_LEN(val_data);
+    	if (len == 0) return R_NONE;
+
+		pad_len = (((len - 1) >> 4) << 4) + AES_BLOCKSIZE;
+
+		REBYTE *data = VAL_BIN_AT(val_data);
+		REBYTE *pad_data;
+
+		if (len < pad_len) {
+			//  make new data input with zero-padding
+			//TODO: instead of making new data, the original could be extended with padding.
+			pad_data = (REBYTE*)MAKE_MEM(pad_len);
+			memset(pad_data, 0, pad_len);
+			memcpy(pad_data, data, len);
+			data = pad_data;
+		}
+		else {
+			pad_data = NULL;
+		}
+
+		REBSER  *binaryOut = Make_Binary(pad_len);
+
+		if (aes_ctx->key_mode == AES_MODE_DECRYPT) {
+			AES_cbc_decrypt(aes_ctx, data, BIN_HEAD(binaryOut),	pad_len);
+		}
+		else {
+			AES_cbc_encrypt(aes_ctx, data, BIN_HEAD(binaryOut),	pad_len);
+		}
+		if (pad_data) FREE_MEM(pad_data);
+
+		SET_BINARY(ret, binaryOut);
+		VAL_TAIL(ret) = pad_len;
+
+    }
+	return R_RET;
+}