7 files changed, 451 insertions, 18 deletions

diff --git a/src/PolarSSL++/AesCfb128Decryptor.cpp b/src/PolarSSL++/AesCfb128Decryptor.cpp
new file mode 100644
index 000000000..af0d5106e
--- /dev/null
+++ b/src/PolarSSL++/AesCfb128Decryptor.cpp
@@ -0,0 +1,67 @@
+
+// AesCfb128Decryptor.cpp
+
+// Implements the cAesCfb128Decryptor class decrypting data using AES CFB-128
+
+#include "Globals.h"
+#include "AesCfb128Decryptor.h"
+
+
+
+
+
+cAesCfb128Decryptor::cAesCfb128Decryptor(void) :
+	m_IVOffset(0),
+	m_IsValid(false)
+{
+}
+
+
+
+
+
+cAesCfb128Decryptor::~cAesCfb128Decryptor()
+{
+	// Clear the leftover in-memory data, so that they can't be accessed by a backdoor
+	memset(&m_Aes, 0, sizeof(m_Aes));
+}
+
+
+
+
+
+void cAesCfb128Decryptor::Init(const Byte a_Key[16], const Byte a_IV[16])
+{
+	ASSERT(!IsValid());  // Cannot Init twice
+	
+	memcpy(m_IV, a_IV, 16);
+	aes_setkey_enc(&m_Aes, a_Key, 128);
+	m_IsValid = true;
+}
+
+
+
+
+
+void cAesCfb128Decryptor::ProcessData(Byte * a_DecryptedOut, const Byte * a_EncryptedIn, size_t a_Length)
+{
+	ASSERT(IsValid());  // Must Init() first
+	
+	// PolarSSL doesn't support AES-CFB8, need to implement it manually:
+	for (size_t i = 0; i < a_Length; i++)
+	{
+		Byte Buffer[sizeof(m_IV)];
+		aes_crypt_ecb(&m_Aes, AES_ENCRYPT, m_IV, Buffer);
+		for (size_t idx = 0; idx < sizeof(m_IV) - 1; idx++)
+		{
+			m_IV[idx] = m_IV[idx + 1];
+		}
+		m_IV[sizeof(m_IV) - 1] = a_EncryptedIn[i];
+		a_DecryptedOut[i] = a_EncryptedIn[i] ^ Buffer[0];
+	}
+}
+
+
+
+
+
diff --git a/src/PolarSSL++/AesCfb128Decryptor.h b/src/PolarSSL++/AesCfb128Decryptor.h
new file mode 100644
index 000000000..68c203d70
--- /dev/null
+++ b/src/PolarSSL++/AesCfb128Decryptor.h
@@ -0,0 +1,52 @@
+
+// AesCfb128Decryptor.h
+
+// Declares the cAesCfb128Decryptor class decrypting data using AES CFB-128
+
+
+
+
+
+#pragma once
+
+#include "polarssl/aes.h"
+
+
+
+
+
+/** Decrypts data using the AES / CFB 128 algorithm */
+class cAesCfb128Decryptor
+{
+public:
+	Byte test;
+	
+	cAesCfb128Decryptor(void);
+	~cAesCfb128Decryptor();
+	
+	/** Initializes the decryptor with the specified Key / IV */
+	void Init(const Byte a_Key[16], const Byte a_IV[16]);
+	
+	/** Decrypts a_Length bytes of the encrypted data; produces a_Length output bytes */
+	void ProcessData(Byte * a_DecryptedOut, const Byte * a_EncryptedIn, size_t a_Length);
+	
+	/** Returns true if the object has been initialized with the Key / IV */
+	bool IsValid(void) const { return m_IsValid; }
+	
+protected:
+	aes_context m_Aes;
+	
+	/** The InitialVector, used by the CFB mode decryption */
+	Byte m_IV[16];
+	
+	/** Current offset in the m_IV, used by the CFB mode decryption */
+	size_t m_IVOffset;
+	
+	/** Indicates whether the object has been initialized with the Key / IV */
+	bool m_IsValid;
+} ;
+
+
+
+
+
diff --git a/src/PolarSSL++/AesCfb128Encryptor.cpp b/src/PolarSSL++/AesCfb128Encryptor.cpp
new file mode 100644
index 000000000..a641ad48e
--- /dev/null
+++ b/src/PolarSSL++/AesCfb128Encryptor.cpp
@@ -0,0 +1,68 @@
+
+// AesCfb128Encryptor.cpp
+
+// Implements the cAesCfb128Encryptor class encrypting data using AES CFB-128
+
+#include "Globals.h"
+#include "AesCfb128Encryptor.h"
+
+
+
+
+
+cAesCfb128Encryptor::cAesCfb128Encryptor(void) :
+	m_IVOffset(0),
+	m_IsValid(false)
+{
+}
+
+
+
+
+
+cAesCfb128Encryptor::~cAesCfb128Encryptor()
+{
+	// Clear the leftover in-memory data, so that they can't be accessed by a backdoor
+	memset(&m_Aes, 0, sizeof(m_Aes));
+}
+
+
+
+
+
+void cAesCfb128Encryptor::Init(const Byte a_Key[16], const Byte a_IV[16])
+{
+	ASSERT(!IsValid());  // Cannot Init twice
+	ASSERT(m_IVOffset == 0);
+	
+	memcpy(m_IV, a_IV, 16);
+	aes_setkey_enc(&m_Aes, a_Key, 128);
+	m_IsValid = true;
+}
+
+
+
+
+
+void cAesCfb128Encryptor::ProcessData(Byte * a_EncryptedOut, const Byte * a_PlainIn, size_t a_Length)
+{
+	ASSERT(IsValid());  // Must Init() first
+	
+	// PolarSSL doesn't do AES-CFB8, so we need to implement it ourselves:
+	for (size_t i = 0; i < a_Length; i++)
+	{
+		Byte Buffer[sizeof(m_IV)];
+		aes_crypt_ecb(&m_Aes, AES_ENCRYPT, m_IV, Buffer);
+		for (size_t idx = 0; idx < sizeof(m_IV) - 1; idx++)
+		{
+			m_IV[idx] = m_IV[idx + 1];
+		}
+		a_EncryptedOut[i] = a_PlainIn[i] ^ Buffer[0];
+		m_IV[sizeof(m_IV) - 1] = a_EncryptedOut[i];
+	}
+}
+
+
+
+
+
diff --git a/src/PolarSSL++/AesCfb128Encryptor.h b/src/PolarSSL++/AesCfb128Encryptor.h
new file mode 100644
index 000000000..9dbb5d2c3
--- /dev/null
+++ b/src/PolarSSL++/AesCfb128Encryptor.h
@@ -0,0 +1,50 @@
+
+// AesCfb128Encryptor.h
+
+// Declares the cAesCfb128Encryptor class encrypting data using AES CFB-128
+
+
+
+
+
+#pragma once
+
+#include "polarssl/aes.h"
+
+
+
+
+
+/** Encrypts data using the AES / CFB (128) algorithm */
+class cAesCfb128Encryptor
+{
+public:
+	cAesCfb128Encryptor(void);
+	~cAesCfb128Encryptor();
+	
+	/** Initializes the decryptor with the specified Key / IV */
+	void Init(const Byte a_Key[16], const Byte a_IV[16]);
+	
+	/** Encrypts a_Length bytes of the plain data; produces a_Length output bytes */
+	void ProcessData(Byte * a_EncryptedOut, const Byte * a_PlainIn, size_t a_Length);
+	
+	/** Returns true if the object has been initialized with the Key / IV */
+	bool IsValid(void) const { return m_IsValid; }
+	
+protected:
+	aes_context m_Aes;
+	
+	/** The InitialVector, used by the CFB mode encryption */
+	Byte m_IV[16];
+	
+	/** Current offset in the m_IV, used by the CFB mode encryption */
+	size_t m_IVOffset;
+	
+	/** Indicates whether the object has been initialized with the Key / IV */
+	bool m_IsValid;
+} ;
+
+
+
+
+
diff --git a/src/PolarSSL++/CMakeLists.txt b/src/PolarSSL++/CMakeLists.txt
index bf7720abc..b0a592760 100644
--- a/src/PolarSSL++/CMakeLists.txt
+++ b/src/PolarSSL++/CMakeLists.txt
@@ -5,27 +5,33 @@ project (MCServer)
 include_directories ("${PROJECT_SOURCE_DIR}/../")
 
 set(SOURCES
-	"BlockingSslClientSocket.cpp"
-	"BufferedSslContext.cpp"
-	"CallbackSslContext.cpp"
-	"CtrDrbgContext.cpp"
-	"EntropyContext.cpp"
-	"PublicKey.cpp"
-	"RsaPrivateKey.cpp"
-	"SslContext.cpp"
-	"X509Cert.cpp"
+	AesCfb128Decryptor.cpp
+	AesCfb128Encryptor.cpp
+	BlockingSslClientSocket.cpp
+	BufferedSslContext.cpp
+	CallbackSslContext.cpp
+	CtrDrbgContext.cpp
+	EntropyContext.cpp
+	PublicKey.cpp
+	RsaPrivateKey.cpp
+	Sha1Checksum.cpp
+	SslContext.cpp
+	X509Cert.cpp
 )
 
 set(HEADERS
-	"BlockingSslClientSocket.h"
-	"BufferedSslContext.h"
-	"CallbackSslContext.h"
-	"CtrDrbgContext.h"
-	"EntropyContext.h"
-	"PublicKey.h"
-	"RsaPrivateKey.h"
-	"SslContext.h"
-	"X509Cert.h"
+	AesCfb128Decryptor.h
+	AesCfb128Encryptor.h
+	BlockingSslClientSocket.h
+	BufferedSslContext.h
+	CallbackSslContext.h
+	CtrDrbgContext.h
+	EntropyContext.h
+	PublicKey.h
+	RsaPrivateKey.h
+	SslContext.h
+	Sha1Checksum.h
+	X509Cert.h
 )
 
 add_library(PolarSSL++ ${SOURCES} ${HEADERS})
diff --git a/src/PolarSSL++/Sha1Checksum.cpp b/src/PolarSSL++/Sha1Checksum.cpp
new file mode 100644
index 000000000..a1ee9d7b9
--- /dev/null
+++ b/src/PolarSSL++/Sha1Checksum.cpp
@@ -0,0 +1,138 @@
+
+// Sha1Checksum.cpp
+
+// Declares the cSha1Checksum class representing the SHA-1 checksum calculator
+
+#include "Globals.h"
+#include "Sha1Checksum.h"
+
+
+
+
+
+/*
+// Self-test the hash formatting for known values:
+// sha1(Notch) : 4ed1f46bbe04bc756bcb17c0c7ce3e4632f06a48
+// sha1(jeb_)  : -7c9d5b0044c130109a5d7b5fb5c317c02b4e28c1
+// sha1(simon) : 88e16a1019277b15d58faf0541e11910eb756f6
+
+static class Test
+{
+public:
+	Test(void)
+	{
+		AString DigestNotch, DigestJeb, DigestSimon;
+		Byte Digest[20];
+		cSha1Checksum Checksum;
+		Checksum.Update((const Byte *)"Notch", 5);
+		Checksum.Finalize(Digest);
+		cSha1Checksum::DigestToJava(Digest, DigestNotch);
+		Checksum.Restart();
+		Checksum.Update((const Byte *)"jeb_", 4);
+		Checksum.Finalize(Digest);
+		cSha1Checksum::DigestToJava(Digest, DigestJeb);
+		Checksum.Restart();
+		Checksum.Update((const Byte *)"simon", 5);
+		Checksum.Finalize(Digest);
+		cSha1Checksum::DigestToJava(Digest, DigestSimon);
+		printf("Notch: \"%s\"\n", DigestNotch.c_str());
+		printf("jeb_:  \"%s\"\n",  DigestJeb.c_str());
+		printf("simon: \"%s\"\n", DigestSimon.c_str());
+		assert(DigestNotch == "4ed1f46bbe04bc756bcb17c0c7ce3e4632f06a48");
+		assert(DigestJeb   == "-7c9d5b0044c130109a5d7b5fb5c317c02b4e28c1");
+		assert(DigestSimon == "88e16a1019277b15d58faf0541e11910eb756f6");
+	}
+} test;
+*/
+
+
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+// cSha1Checksum:
+
+cSha1Checksum::cSha1Checksum(void) :
+	m_DoesAcceptInput(true)
+{
+	sha1_starts(&m_Sha1);
+}
+
+
+
+
+
+void cSha1Checksum::Update(const Byte * a_Data, size_t a_Length)
+{
+	ASSERT(m_DoesAcceptInput);  // Not Finalize()-d yet, or Restart()-ed
+	
+	sha1_update(&m_Sha1, a_Data, a_Length);
+}
+
+
+
+
+
+void cSha1Checksum::Finalize(cSha1Checksum::Checksum & a_Output)
+{
+	ASSERT(m_DoesAcceptInput);  // Not Finalize()-d yet, or Restart()-ed
+	
+	sha1_finish(&m_Sha1, a_Output);
+	m_DoesAcceptInput = false;
+}
+
+
+
+
+
+void cSha1Checksum::DigestToJava(const Checksum & a_Digest, AString & a_Out)
+{
+	Checksum Digest;
+	memcpy(Digest, a_Digest, sizeof(Digest));
+	
+	bool IsNegative = (Digest[0] >= 0x80);
+	if (IsNegative)
+	{
+		// Two's complement:
+		bool carry = true;  // Add one to the whole number
+		for (int i = 19; i >= 0; i--)
+		{
+			Digest[i] = ~Digest[i];
+			if (carry)
+			{
+				carry = (Digest[i] == 0xff);
+				Digest[i]++;
+			}
+		}
+	}
+	a_Out.clear();
+	a_Out.reserve(40);
+	for (int i = 0; i < 20; i++)
+	{
+		AppendPrintf(a_Out, "%02x", Digest[i]);
+	}
+	while ((a_Out.length() > 0) && (a_Out[0] == '0'))
+	{
+		a_Out.erase(0, 1);
+	}
+	if (IsNegative)
+	{
+		a_Out.insert(0, "-");
+	}
+}
+
+
+
+
+
+
+void cSha1Checksum::Restart(void)
+{
+	sha1_starts(&m_Sha1);
+	m_DoesAcceptInput = true;
+}
+
+
+
+
diff --git a/src/PolarSSL++/Sha1Checksum.h b/src/PolarSSL++/Sha1Checksum.h
new file mode 100644
index 000000000..68fdbcf1b
--- /dev/null
+++ b/src/PolarSSL++/Sha1Checksum.h
@@ -0,0 +1,52 @@
+
+// Sha1Checksum.h
+
+// Declares the cSha1Checksum class representing the SHA-1 checksum calculator
+
+
+
+
+
+#pragma once
+
+#include "polarssl/sha1.h"
+
+
+
+
+
+/** Calculates a SHA1 checksum for data stream */
+class cSha1Checksum
+{
+public:
+	typedef Byte Checksum[20];  // The type used for storing the checksum
+	
+	cSha1Checksum(void);
+	
+	/** Adds the specified data to the checksum */
+	void Update(const Byte * a_Data, size_t a_Length);
+	
+	/** Calculates and returns the final checksum */
+	void Finalize(Checksum & a_Output);
+	
+	/** Returns true if the object is accepts more input data, false if Finalize()-d (need to Restart()) */
+	bool DoesAcceptInput(void) const { return m_DoesAcceptInput; }
+	
+	/** Converts a raw 160-bit SHA1 digest into a Java Hex representation
+	According to http://wiki.vg/wiki/index.php?title=Protocol_Encryption&oldid=2802
+	*/
+	static void DigestToJava(const Checksum & a_Digest, AString & a_JavaOut);
+	
+	/** Clears the current context and start a new checksum calculation */
+	void Restart(void);
+	
+protected:
+	/** True if the object is accepts more input data, false if Finalize()-d (need to Restart()) */
+	bool m_DoesAcceptInput;
+	
+	sha1_context m_Sha1;
+} ;
+
+
+
+