#include #include #include "py/obj.h" #include "py/objproperty.h" #include "py/runtime.h" #include "shared-bindings/aesio/__init__.h" // Defined at the end of this file //| MODE_ECB: int //| MODE_CBC: int //| MODE_CTR: int //| //| class AES: //| """Encrypt and decrypt AES streams""" //| //| def __init__( //| self, //| key: ReadableBuffer, //| mode: int = 0, //| IV: Optional[ReadableBuffer] = None, //| segment_size: int = 8, //| ) -> None: //| """Create a new AES state with the given key. //| //| :param ~circuitpython_typing.ReadableBuffer key: A 16-, 24-, or 32-byte key //| :param int mode: AES mode to use. One of: `MODE_ECB`, `MODE_CBC`, or //| `MODE_CTR` //| :param ~circuitpython_typing.ReadableBuffer IV: Initialization vector to use for CBC or CTR mode //| //| Additional arguments are supported for legacy reasons. //| //| Encrypting a string:: //| //| import aesio //| from binascii import hexlify //| //| key = b'Sixteen byte key' //| inp = b'CircuitPython!!!' # Note: 16-bytes long //| outp = bytearray(len(inp)) //| cipher = aesio.AES(key, aesio.MODE_ECB) //| cipher.encrypt_into(inp, outp) //| hexlify(outp)""" //| ... STATIC mp_obj_t aesio_aes_make_new(const mp_obj_type_t *type, size_t n_args, size_t n_kw, const mp_obj_t *all_args) { aesio_aes_obj_t *self = mp_obj_malloc(aesio_aes_obj_t, &aesio_aes_type); enum { ARG_key, ARG_mode, ARG_IV, ARG_counter, ARG_segment_size }; static const mp_arg_t allowed_args[] = { {MP_QSTR_key, MP_ARG_OBJ | MP_ARG_REQUIRED, {.u_obj = MP_OBJ_NULL} }, {MP_QSTR_mode, MP_ARG_INT, {.u_int = AES_MODE_ECB} }, {MP_QSTR_IV, MP_ARG_OBJ, {.u_obj = MP_OBJ_NULL} }, {MP_QSTR_counter, MP_ARG_OBJ, {.u_obj = MP_OBJ_NULL} }, {MP_QSTR_segment_size, MP_ARG_INT, {.u_int = 8}}, }; mp_arg_val_t args[MP_ARRAY_SIZE(allowed_args)]; mp_arg_parse_all_kw_array(n_args, n_kw, all_args, MP_ARRAY_SIZE(allowed_args), allowed_args, args); mp_buffer_info_t bufinfo; const uint8_t *key = NULL; uint32_t key_length = 0; mp_get_buffer_raise(args[ARG_key].u_obj, &bufinfo, MP_BUFFER_READ); if ((bufinfo.len != 16) && (bufinfo.len != 24) && (bufinfo.len != 32)) { mp_raise_ValueError(translate("Key must be 16, 24, or 32 bytes long")); } key = bufinfo.buf; key_length = bufinfo.len; int mode = args[ARG_mode].u_int; switch (args[ARG_mode].u_int) { case AES_MODE_CBC: case AES_MODE_ECB: case AES_MODE_CTR: break; default: mp_raise_NotImplementedError(translate("Requested AES mode is unsupported")); } // IV is required for CBC mode and is ignored for other modes. const uint8_t *iv = NULL; if (args[ARG_IV].u_obj != NULL && mp_get_buffer(args[ARG_IV].u_obj, &bufinfo, MP_BUFFER_READ)) { (void)mp_arg_validate_length(bufinfo.len, AES_BLOCKLEN, MP_QSTR_IV); iv = bufinfo.buf; } common_hal_aesio_aes_construct(self, key, key_length, iv, mode, args[ARG_counter].u_int); return MP_OBJ_FROM_PTR(self); } //| def rekey( //| self, //| key: ReadableBuffer, //| IV: Optional[ReadableBuffer] = None, //| ) -> None: //| """Update the AES state with the given key. //| //| :param ~circuitpython_typing.ReadableBuffer key: A 16-, 24-, or 32-byte key //| :param ~circuitpython_typing.ReadableBuffer IV: Initialization vector to use //| for CBC or CTR mode""" //| ... STATIC mp_obj_t aesio_aes_rekey(size_t n_args, const mp_obj_t *pos_args, mp_map_t *kw_args) { aesio_aes_obj_t *self = MP_OBJ_TO_PTR(pos_args[0]); enum { ARG_key, ARG_IV }; static const mp_arg_t allowed_args[] = { {MP_QSTR_key, MP_ARG_OBJ | MP_ARG_REQUIRED, {.u_obj = MP_OBJ_NULL} }, {MP_QSTR_IV, MP_ARG_OBJ, {.u_obj = MP_OBJ_NULL} }, }; mp_arg_val_t args[MP_ARRAY_SIZE(allowed_args)]; mp_arg_parse_all(n_args - 1, pos_args + 1, kw_args, MP_ARRAY_SIZE(allowed_args), allowed_args, args); mp_buffer_info_t bufinfo; mp_get_buffer_raise(args[ARG_key].u_obj, &bufinfo, MP_BUFFER_READ); const uint8_t *key = bufinfo.buf; size_t key_length = bufinfo.len; if ((key_length != 16) && (key_length != 24) && (key_length != 32)) { mp_raise_ValueError(translate("Key must be 16, 24, or 32 bytes long")); } const uint8_t *iv = NULL; if (args[ARG_IV].u_obj != NULL && mp_get_buffer(args[ARG_IV].u_obj, &bufinfo, MP_BUFFER_READ)) { (void)mp_arg_validate_length(bufinfo.len, AES_BLOCKLEN, MP_QSTR_IV); iv = bufinfo.buf; } common_hal_aesio_aes_rekey(self, key, key_length, iv); return mp_const_none; } MP_DEFINE_CONST_FUN_OBJ_KW(aesio_aes_rekey_obj, 1, aesio_aes_rekey); STATIC void validate_length(aesio_aes_obj_t *self, size_t src_length, size_t dest_length) { if (src_length != dest_length) { mp_raise_ValueError( translate("Source and destination buffers must be the same length")); } switch (self->mode) { case AES_MODE_ECB: if (src_length != 16) { mp_raise_ValueError(translate("ECB only operates on 16 bytes at a time")); } break; case AES_MODE_CBC: if ((src_length & 15) != 0) { mp_raise_ValueError(translate("CBC blocks must be multiples of 16 bytes")); } break; case AES_MODE_CTR: break; } } //| def encrypt_into(self, src: ReadableBuffer, dest: WriteableBuffer) -> None: //| """Encrypt the buffer from ``src`` into ``dest``. //| //| For ECB mode, the buffers must be 16 bytes long. For CBC mode, the //| buffers must be a multiple of 16 bytes, and must be equal length. For //| CTR mode, there are no restrictions.""" //| ... STATIC mp_obj_t aesio_aes_encrypt_into(mp_obj_t self_in, mp_obj_t src, mp_obj_t dest) { aesio_aes_obj_t *self = MP_OBJ_TO_PTR(self_in); mp_buffer_info_t srcbufinfo, destbufinfo; mp_get_buffer_raise(src, &srcbufinfo, MP_BUFFER_READ); mp_get_buffer_raise(dest, &destbufinfo, MP_BUFFER_WRITE); validate_length(self, srcbufinfo.len, destbufinfo.len); memcpy(destbufinfo.buf, srcbufinfo.buf, srcbufinfo.len); common_hal_aesio_aes_encrypt(self, (uint8_t *)destbufinfo.buf, destbufinfo.len); return mp_const_none; } STATIC MP_DEFINE_CONST_FUN_OBJ_3(aesio_aes_encrypt_into_obj, aesio_aes_encrypt_into); //| def decrypt_into(self, src: ReadableBuffer, dest: WriteableBuffer) -> None: //| """Decrypt the buffer from ``src`` into ``dest``. //| For ECB mode, the buffers must be 16 bytes long. For CBC mode, the //| buffers must be a multiple of 16 bytes, and must be equal length. For //| CTR mode, there are no restrictions.""" //| ... //| STATIC mp_obj_t aesio_aes_decrypt_into(mp_obj_t self_in, mp_obj_t src, mp_obj_t dest) { aesio_aes_obj_t *self = MP_OBJ_TO_PTR(self_in); mp_buffer_info_t srcbufinfo, destbufinfo; mp_get_buffer_raise(src, &srcbufinfo, MP_BUFFER_READ); mp_get_buffer_raise(dest, &destbufinfo, MP_BUFFER_WRITE); validate_length(self, srcbufinfo.len, destbufinfo.len); memcpy(destbufinfo.buf, srcbufinfo.buf, srcbufinfo.len); common_hal_aesio_aes_decrypt(self, (uint8_t *)destbufinfo.buf, destbufinfo.len); return mp_const_none; } STATIC MP_DEFINE_CONST_FUN_OBJ_3(aesio_aes_decrypt_into_obj, aesio_aes_decrypt_into); STATIC mp_obj_t aesio_aes_get_mode(mp_obj_t self_in) { aesio_aes_obj_t *self = MP_OBJ_TO_PTR(self_in); return MP_OBJ_NEW_SMALL_INT(self->mode); } MP_DEFINE_CONST_FUN_OBJ_1(aesio_aes_get_mode_obj, aesio_aes_get_mode); STATIC mp_obj_t aesio_aes_set_mode(mp_obj_t self_in, mp_obj_t mode_obj) { aesio_aes_obj_t *self = MP_OBJ_TO_PTR(self_in); int mode = mp_obj_get_int(mode_obj); switch (mode) { case AES_MODE_CBC: case AES_MODE_ECB: case AES_MODE_CTR: break; default: mp_raise_NotImplementedError(translate("Requested AES mode is unsupported")); } common_hal_aesio_aes_set_mode(self, mode); return mp_const_none; } MP_DEFINE_CONST_FUN_OBJ_2(aesio_aes_set_mode_obj, aesio_aes_set_mode); MP_PROPERTY_GETSET(aesio_aes_mode_obj, (mp_obj_t)&aesio_aes_get_mode_obj, (mp_obj_t)&aesio_aes_set_mode_obj); STATIC const mp_rom_map_elem_t aesio_locals_dict_table[] = { // Methods {MP_ROM_QSTR(MP_QSTR___name__), MP_OBJ_NEW_QSTR(MP_QSTR_AES)}, {MP_ROM_QSTR(MP_QSTR_encrypt_into), (mp_obj_t)&aesio_aes_encrypt_into_obj}, {MP_ROM_QSTR(MP_QSTR_decrypt_into), (mp_obj_t)&aesio_aes_decrypt_into_obj}, {MP_ROM_QSTR(MP_QSTR_rekey), (mp_obj_t)&aesio_aes_rekey_obj}, {MP_ROM_QSTR(MP_QSTR_mode), (mp_obj_t)&aesio_aes_mode_obj}, }; STATIC MP_DEFINE_CONST_DICT(aesio_locals_dict, aesio_locals_dict_table); MP_DEFINE_CONST_OBJ_TYPE( aesio_aes_type, MP_QSTR_AES, MP_TYPE_FLAG_NONE, make_new, aesio_aes_make_new, locals_dict, &aesio_locals_dict );