Merge branch 'master' of github.com:picoruby/picoruby

mrbgems/picoruby-mbedtls/include/cipher.h

@@ -0,0 +1,6 @@
+#ifndef MBEDTLS_CIPHER_DEFINED_H_
+#define MBEDTLS_CIPHER_DEFINED_H_
+
+void gem_mbedtls_cipher_init(void);
+
+#endif

mrbgems/picoruby-mbedtls/include/cmac.h

@@ -0,0 +1,6 @@
+#ifndef MBEDTLS_CMAC_DEFINED_H_
+#define MBEDTLS_CMAC_DEFINED_H_
+
+void gem_mbedtls_cmac_init(void);
+
+#endif

mrbgems/picoruby-mbedtls/include/digest.h

@@ -0,0 +1,6 @@
+#ifndef MBEDTLS_DIGEST_DEFINED_H_
+#define MBEDTLS_DIGEST_DEFINED_H_
+
+void gem_mbedtls_digest_init(void);
+
+#endif

mrbgems/picoruby-mbedtls/include/mbedtls_config.h

@@ -11,3 +11,13 @@
 #define MBEDTLS_CMAC_C
 #define MBEDTLS_CIPHER_C
 #define MBEDTLS_AES_C
+
+/* This is needed for AES-CBC and AES-GCM */
+#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_CIPHER_MODE_GCM
+#define MBEDTLS_GCM_C
+
+/* This is needed for SHA256 */
+#define MBEDTLS_MD_C
+#define MBEDTLS_SHA256_C

mrbgems/picoruby-mbedtls/mrblib/cipher.rb

@@ -0,0 +1,56 @@
+class MbedTLS
+  class Cipher
+    SUPPORTED_CIPHERS = {
+      :aes_128_cbc       => 0x0001,
+      :aes_192_cbc       => 0x0002,
+      :aes_256_cbc       => 0x0003,
+      :aes_128_gcm       => 0x1001,
+      :aes_192_gcm       => 0x1002,
+      :aes_256_gcm       => 0x1003
+    }
+    KEY_LENGTHS = {
+      :aes_128_cbc       => 16,
+      :aes_192_cbc       => 24,
+      :aes_256_cbc       => 32,
+      :aes_128_gcm       => 16,
+      :aes_192_gcm       => 24,
+      :aes_256_gcm       => 32
+    }
+    SUPPORTED_OPERATIONS = {
+      :encrypt => 0,
+      :decrypt => 1
+    }
+
+    def self.new(cipher_suite, key, operation)
+      unless SUPPORTED_CIPHERS[cipher_suite] != nil
+        raise ArgumentError, "Cipher suite not supported: #{cipher_suite}"
+      end
+      unless SUPPORTED_OPERATIONS[operation] != nil
+        raise ArgumentError, "Operation #{operation} not supported"
+      end
+      unless key.is_a?(String)
+        raise ArgumentError, "Invalid key type: #{key.class}"
+      end
+      unless key.length == KEY_LENGTHS[cipher_suite]
+        raise ArgumentError, "Invalid key length: `#{key.inspect}`"
+      end
+      instance = self._init_ctx(SUPPORTED_CIPHERS[cipher_suite], key, SUPPORTED_OPERATIONS[operation])
+
+      return instance
+    end
+
+    def set_iv(iv)
+      unless iv.length == 16
+        raise ArgumentError, "Invalid IV length"
+      end
+      unless @iv_set
+        @iv_set = true
+        _set_iv(iv)
+      else
+        puts "[WARN] set_iv should be called once per instance, ignoring"
+        self
+      end
+    end
+  end
+end
+

mrbgems/picoruby-mbedtls/mrblib/cmac.rb

@@ -0,0 +1,23 @@
+class MbedTLS
+  class CMAC
+    def self.new(key, digest)
+      unless key.is_a?(String)
+        raise ArgumentError, "Invalid key type: #{key.class}"
+      end
+      case digest.downcase
+      when "aes"
+        unless key.length == 16
+          raise ArgumentError, "Invalid key length: `#{key.inspect}`"
+        end
+        instance = self._init_aes(key)
+        instance._digest = "aes"
+        return instance
+      else
+        raise ArgumentError, "Unsupported digest: #{digest}"
+      end
+    end
+
+    attr_accessor :_digest
+  end
+end
+

mrbgems/picoruby-mbedtls/mrblib/digest.rb

@@ -0,0 +1,16 @@
+class MbedTLS
+  class Digest
+    SUPPORTED_ALGORITHMS = {
+      :sha256 => 0x01
+    }
+
+    def self.new(algorithm)
+      unless SUPPORTED_ALGORITHMS[algorithm] != nil
+        raise ArgumentError, "Algorithm not supported: #{algorithm}"
+      end
+      instance = self._init_ctx(SUPPORTED_ALGORITHMS[algorithm])
+
+      return instance
+    end
+  end
+end

mrbgems/picoruby-mbedtls/mrblib/mbedtls.rb

@@ -1,23 +1,2 @@
 class MbedTLS
-  class CMAC
-    def self.new(key, digest)
-      unless key.is_a?(String)
-        raise ArgumentError, "Invalid key type: #{key.class}"
-      end
-      case digest.downcase
-      when "aes"
-        unless key.length == 16
-          raise ArgumentError, "Invalid key length: `#{key.inspect}`"
-        end
-        instance = self._init_aes(key)
-        instance._digest = "aes"
-        return instance
-      else
-        raise ArgumentError, "Unsupported digest: #{digest}"
-      end
-    end
-
-    attr_accessor :_digest
-  end
 end
-

mrbgems/picoruby-mbedtls/sig/mbedtls_cipher.rbs

@@ -0,0 +1,17 @@
+class MbedTLS
+  class Cipher
+    SUPPORTED_CIPHERS:    Hash[untyped, untyped]
+    KEY_LENGTHS:          Hash[untyped, untyped]
+    SUPPORTED_OPERATIONS: Hash[untyped, untyped]
+
+    def self.new: (untyped cipher_suite, untyped key, untyped operation) -> MbedTLS::Cipher
+    def self._init_ctx: (Integer, String, Integer) -> MbedTLS::Cipher
+    # @private
+    def _set_iv: (String) -> MbedTLS::Cipher
+    def update: (String) -> String
+    def update_ad: (String) -> MbedTLS::Cipher
+    def finish: () -> String
+    def write_tag: () -> String
+    def check_tag: (String) -> bool
+  end
+end

mrbgems/picoruby-mbedtls/sig/mbedtls_digest.rbs

@@ -0,0 +1,11 @@
+class MbedTLS
+  class Digest
+    SUPPORTED_ALGORITHMS: Hash[untyped, untyped]
+
+    def self.new: (untyped algorithm) -> MbedTLS::Digest
+    # @private
+    def self._init_ctx: (Integer) -> MbedTLS::Digest
+    def update: (String) -> MbedTLS::Digest
+    def finish: () -> String
+  end
+end