Rough adding of chacha20poly1305

jackctj117 · jackctj117 · commit 6cbf8db22069 · 2024-09-13T14:23:14.000-06:00
diff --git a/scripts/build_ffi.py b/scripts/build_ffi.py
@@ -215,7 +215,7 @@ def make_flags(prefix, fips):
 
         flags.append("--disable-md5")
         flags.append("--disable-sha224")
-        flags.append("--disable-poly1305")
+        flags.append("--enable-poly1305")
 
         # asymmetric ciphers
         flags.append("--enable-rsa")
@@ -367,6 +367,7 @@ def get_features(local_wolfssl, features):
     features["WC_RNG_SEED_CB"] = 1 if '#define WC_RNG_SEED_CB' in defines else 0
     features["AESGCM_STREAM"] = 1 if '#define WOLFSSL_AESGCM_STREAM' in defines else 0
     features["RSA_PSS"] = 1 if '#define WC_RSA_PSS' in defines else 0
+    features["CHACHA20_POLY1305"] = 1 if '#define HAVE_CHACHA' & '#define HAVE_POLY1305' in defines else 0
 
     if '#define HAVE_FIPS' in defines:
         if not fips:
@@ -439,6 +440,8 @@ def build_ffi(local_wolfssl, features):
         #include <wolfssl/wolfcrypt/ed25519.h>
         #include <wolfssl/wolfcrypt/ed448.h>
         #include <wolfssl/wolfcrypt/curve25519.h>
+        #include <wolfssl/wolfcrypt/poly1305.h>
+        #include <wolfssl/wolfcrypt/chacha20_poly1305.h>
     """
 
     init_source_string = """
@@ -474,6 +477,7 @@ def build_ffi(local_wolfssl, features):
         int WC_RNG_SEED_CB_ENABLED = """ + str(features["WC_RNG_SEED_CB"]) + """;
         int AESGCM_STREAM_ENABLED = """ + str(features["AESGCM_STREAM"]) + """;
         int RSA_PSS_ENABLED = """ + str(features["RSA_PSS"]) + """;
+        int CHACHA20_POLY1305_ENABLED = """ + str(features["CHACHA20_POLY1305"]) + """;
     """
 
     ffibuilder.set_source( "wolfcrypt._ffi", init_source_string,
@@ -508,6 +512,7 @@ def build_ffi(local_wolfssl, features):
         extern int WC_RNG_SEED_CB_ENABLED;
         extern int AESGCM_STREAM_ENABLED;
         extern int RSA_PSS_ENABLED;
+        extern int CHACHA20_POLY1305_ENABLED;
 
         typedef unsigned char byte;
         typedef unsigned int word32;
@@ -625,15 +630,34 @@ def build_ffi(local_wolfssl, features):
             word32 authTagSz);
         """
 
+
     if features["CHACHA"]:
         cdef += """
         typedef struct { ...; } ChaCha;
-
         int wc_Chacha_SetKey(ChaCha*, const byte*, word32);
         int wc_Chacha_SetIV(ChaCha*, const byte*, word32);
         int wc_Chacha_Process(ChaCha*, byte*, const byte*,word32);
         """
 
+    if features["CHACHA20_POLY1305"]:
+        cdef += """
+        typedef struct { ...; } ChaChaPoly_Aead;
+        int wc_ChaCha20Poly1305_Encrypt(const byte inKey, const byte inIV, const byte* inAAD,
+            word32 inAADLen, const byte* inPlaintext, word32 inPlaintextLen, byte* outCiphertext,
+            byte outAuthTag);
+        int wc_ChaCha20Poly1305_Decrypt( const byte inKey, const byte inIV, const byte* inAAD,
+            word32 inAADLen, const byte* inCiphertext, word32 inCiphertextLen,
+            const byte inAuthTag, byte* outPlaintext);
+        int wc_ChaCha20Poly1305_UpdateAad(ChaChaPoly_Aead* aead,
+            const byte* inAAD, word32 inAADLen);
+        int wc_ChaCha20Poly1305_Init(ChaChaPoly_Aead* aead, const byte inKey, const byte inIV,
+            int isEncrypt);
+        int wc_ChaCha20Poly1305_UpdateData(ChaChaPoly_Aead* aead,
+            const byte* inData, byte* outData, word32 dataLen);
+        int wc_ChaCha20Poly1305_Final(byte*, word32);
+        int wc_ChaCha20Poly1305_CheckTag(const byte* authtag, const byte* authTagChk);
+        """
+
     if features["HMAC"]:
         cdef += """
         typedef struct { ...; } Hmac;
@@ -927,6 +951,7 @@ def main(ffibuilder):
         "WC_RNG_SEED_CB": 0,
         "AESGCM_STREAM": 1,
         "RSA_PSS": 1,
+        "CHACHA20_POLY1305": 1
     }
 
     # Ed448 requires SHAKE256, which isn't part of the Windows build, yet.
diff --git a/tests/test_ciphers.py b/tests/test_ciphers.py
@@ -35,6 +35,9 @@
 if _lib.AES_ENABLED:
     from wolfcrypt.ciphers import Aes
 
+if _lib.CHACHA20_POLY1305_ENABLED:
+    from wolfcrypt.ciphers import ChaCha20Poly1305
+
 if _lib.CHACHA_ENABLED:
     from wolfcrypt.ciphers import ChaCha
 
@@ -73,6 +76,14 @@ def vectors():
             ciphertext=h2b("959492575f4281532ccc9d4677a233cb"),
             ciphertext_ctr = h2b('287528ddf484b1055debbe751eb52b8a')
         )
+    if _lib.CHACHA20_POLY1305_ENABLED:
+        vectorArray[ChaCha20Poly1305]=TestVector(
+            key="0123456789abcdef",
+            iv="1234567890abcdef",
+            plaintext=t2b("now is the time "),
+            ciphertext=h2b("959492575f4281532ccc9d4677a233cb"),
+            ciphertext_ctr = h2b('287528ddf484b1055debbe751eb52b8a')
+        )
     if _lib.CHACHA_ENABLED:
         vectorArray[ChaCha]=TestVector(
             key="0123456789abcdef01234567890abcdef",
@@ -325,7 +336,18 @@ def test_chacha_enc_dec(chacha_obj):
         dec = chacha_obj.decrypt(cyt)
         assert plaintext == dec
 
+if _lib.CHACHA20_POLY1305_ENABLED:
+    @pytest.fixture
+    def chacha20_poly1305_obj(vectors):
+        r = ChaCha20Poly1305(vectors[ChaCha20Poly1305].key, vectors[ChaCha20Poly1305].iv)
+        return r
 
+    @pytest.fixture
+    def test_chacha20_poly1305_enc_dec(chacha20_poly1305_obj):
+        plaintext = t2b("Everyone gets Friday off.")
+        cyt = chacha20_poly1305_obj.encrypt(plaintext)
+        dec = chacha20_poly1305_obj.decrypt(cyt)
+        assert plaintext == dec
 
 
 if _lib.RSA_ENABLED:
diff --git a/wolfcrypt/ciphers.py b/wolfcrypt/ciphers.py
@@ -369,6 +369,7 @@ def final(self, authTag=None):
                     raise WolfCryptError("Decryption error (%d)" % ret)
 
 
+
 if _lib.CHACHA_ENABLED:
     class ChaCha(_Cipher):
         """
@@ -424,6 +425,115 @@ def set_iv(self, nonce, counter = 0):
             self._IV_counter = counter
             self._set_key(0)
 
+if _lib.CHACHA20_POLY1305_ENABLED:
+    class ChaCha20Poly1305(object):
+        """
+        ChaCha20 Poly1305
+        """
+        block_size = 16
+        _key_sizes = [16, 24, 32]
+        _native_type = "ChaCha *"
+        _aad = bytes()
+        _tag_bytes = 16
+        _mode = None
+        generatedCipherText = bytes()
+        generatedPlainText = bytes()
+
+        def __init__(self, key, IV, isEncrypt):
+            """
+            tag_bytes is the number of bytes to use for the authentication tag during encryption
+            """
+            key = t2b(key)
+            IV = t2b(IV)
+            isEncrypt = True
+            if len(key) not in self._key_sizes:
+                raise ValueError("key must be %s in length, not %d" %
+                                 (self._key_sizes, len(key)))
+            self._native_object = _ffi.new(self._native_type)
+            _lib.wc_AesInit(self._native_object, _ffi.NULL, -2)
+            ret = _lib.wc_ChaCha20Poly1305_Init(self._native_object, self._aad, len(self._aad),
+                                                key, len(key), IV, len(IV), isEncrypt)
+            if ret < 0:
+                raise WolfCryptError("Init error (%d)" % ret)
+
+        def set_aad(self, data):
+            """
+            Set the additional authentication data for the stream
+            """
+            if self._mode is not None:
+                raise WolfCryptError("AAD can only be set before encrypt() or decrypt() is called")
+            self._aad = t2b(data)
+
+        def get_aad(self):
+            return self._aad
+
+        def encrypt(self, data):
+            """
+            Add more data to the encryption stream
+            """
+            data = t2b(data)
+            aad = bytes()
+            if self._mode is None:
+                self._mode = _ENCRYPTION
+                aad = self._aad
+            elif self._mode == _DECRYPTION:
+                raise WolfCryptError("Class instance already in use for decryption")
+            self._buf = _ffi.new("byte[%d]" % (len(data)))
+            ret = _lib.wc_ChaCha20Poly1305_UpdateData(self._native_type, aad, len(aad))
+            if ret < 0:
+                raise WolfCryptError("Decryption error (%d)" % ret)
+            return bytes(self._buf)
+
+        def decrypt(self, data):
+            """
+            Add more data to the decryption stream
+            """
+            aad = bytes()
+            data = t2b(data)
+            if self._mode is None:
+                self._mode = _DECRYPTION
+                aad = self._aad
+            elif self._mode == _ENCRYPTION:
+                raise WolfCryptError("Class instance already in use for decryption")
+            self._buf = _ffi.new("byte[%d]" % (len(data)))
+            ret = _lib.wc_ChaCha20Poly1305_Decrypt(self._key, self_IV, aad, len(aad),
+                                                   generatedCipherText, len(generatedCipherText),
+                                                   authTag, generatedPlainText)
+            if ret < 0:
+                raise WolfCryptError("Decryption error (%d)" % ret)
+            return bytes(self._buf)
+
+        def checkTag(self, authTag):
+            """
+            Check the authentication tag for the stream
+            """
+            authTag = t2b(authTag)
+            ret = _lib.wc_ChaCha20Poly1305_CheckTag(authTag, len(authTag))
+            if ret < 0:
+                raise WolfCryptError("Decryption error (%d)" % ret)
+
+        def final(self, authTag=None):
+            """
+            When encrypting, finalize the stream and return an authentication tag for the stream.
+            When decrypting, verify the authentication tag for the stream.
+            The authTag parameter is only used for decrypting.
+            """
+            if self._mode is None:
+                raise WolfCryptError("Final called with no encryption or decryption")
+            elif self._mode == _ENCRYPTION:
+                authTag = _ffi.new("byte[%d]" % self._tag_bytes)
+                ret = _lib.wc_ChaCha20Poly1305_Final(self._native_type, authTag)
+                if ret < 0:
+                    raise WolfCryptError("Encryption error (%d)" % ret)
+                return _ffi.buffer(authTag)[:]
+            else:
+                if authTag is None:
+                    raise WolfCryptError("authTag parameter required")
+                authTag = t2b(authTag)
+                ret = _lib.wc_ChaCha20Poly1305_Final(self._native_type, authTag)
+                if ret < 0:
+                    raise WolfCryptError("Decryption error (%d)" % ret)
+
 if _lib.DES3_ENABLED:
     class Des3(_Cipher):
         """
