From 5a032743e6113a54cff4f12b09a6178008158d77 Mon Sep 17 00:00:00 2001 From: Arseny Smirnov Date: Mon, 12 Aug 2019 16:53:17 +0300 Subject: [PATCH] Fix errors from tdutils import GitOrigin-RevId: 3709df12a3050cf05e2bb482b49490a4e874f075 --- benchmark/bench_crypto.cpp | 2 +- td/mtproto/Handshake.cpp | 4 ++-- td/mtproto/TcpTransport.cpp | 2 +- td/mtproto/Transport.cpp | 4 ++-- td/telegram/ConfigManager.cpp | 2 +- td/telegram/SecureStorage.cpp | 20 ++++++++++---------- td/telegram/files/FileDownloader.cpp | 5 +++-- td/telegram/files/FileUploader.cpp | 7 ++++--- tddb/td/db/binlog/Binlog.cpp | 2 +- tdutils/CMakeLists.txt | 2 +- tdutils/td/utils/AesCtrByteFlow.h | 2 +- tdutils/td/utils/crypto.cpp | 2 +- 12 files changed, 28 insertions(+), 26 deletions(-) diff --git a/benchmark/bench_crypto.cpp b/benchmark/bench_crypto.cpp index 8cc067529..82bbe06ff 100644 --- a/benchmark/bench_crypto.cpp +++ b/benchmark/bench_crypto.cpp @@ -69,7 +69,7 @@ class AESBench : public td::Benchmark { void run(int n) override { td::MutableSlice data_slice(data, DATA_SIZE); for (int i = 0; i < n; i++) { - td::aes_ige_encrypt(key, &iv, data_slice, data_slice); + td::aes_ige_encrypt(as_slice(key), as_slice(iv), data_slice, data_slice); } } }; diff --git a/td/mtproto/Handshake.cpp b/td/mtproto/Handshake.cpp index 0fc0c0ce7..6b5b12df4 100644 --- a/td/mtproto/Handshake.cpp +++ b/td/mtproto/Handshake.cpp @@ -148,7 +148,7 @@ Status AuthKeyHandshake::on_server_dh_params(Slice message, Callback *connection auto save_tmp_aes_iv = tmp_aes_iv; // encrypted_answer := AES256_ige_encrypt (answer_with_hash, tmp_aes_key, tmp_aes_iv); MutableSlice answer(const_cast(dh_params->encrypted_answer_.begin()), dh_params->encrypted_answer_.size()); - aes_ige_decrypt(tmp_aes_key, &tmp_aes_iv, answer, answer); + aes_ige_decrypt(as_slice(tmp_aes_key), as_slice(tmp_aes_iv), answer, answer); tmp_aes_iv = save_tmp_aes_iv; // answer_with_hash := SHA1(answer) + answer + (0-15 random bytes) @@ -204,7 +204,7 @@ Status AuthKeyHandshake::on_server_dh_params(Slice message, Callback *connection Random::secure_bytes(encrypted_data.ubegin() + encrypted_data_size, encrypted_data_size_with_pad - encrypted_data_size); tmp_KDF(server_nonce, new_nonce, &tmp_aes_key, &tmp_aes_iv); - aes_ige_encrypt(tmp_aes_key, &tmp_aes_iv, encrypted_data, encrypted_data); + aes_ige_encrypt(as_slice(tmp_aes_key), as_slice(tmp_aes_iv), encrypted_data, encrypted_data); mtproto_api::set_client_DH_params set_client_dh_params(nonce, server_nonce, encrypted_data); send(connection, create_storer(set_client_dh_params)); diff --git a/td/mtproto/TcpTransport.cpp b/td/mtproto/TcpTransport.cpp index af2b4e086..7537d0d40 100644 --- a/td/mtproto/TcpTransport.cpp +++ b/td/mtproto/TcpTransport.cpp @@ -196,7 +196,7 @@ void ObfuscatedTransport::init(ChainBufferReader *input, ChainBufferWriter *outp output_key_ = as(header.data() + 8); fix_key(output_key_); - output_state_.init(output_key_, as(header.data() + 8 + 32)); + output_state_.init(as_slice(output_key_), Slice(header.data() + 8 + 32, 16)); header_ = header; output_state_.encrypt(header_slice, header_slice); MutableSlice(header_).substr(56).copy_from(header_slice.substr(56)); diff --git a/td/mtproto/Transport.cpp b/td/mtproto/Transport.cpp index 3bcef7894..a3e3b8a8e 100644 --- a/td/mtproto/Transport.cpp +++ b/td/mtproto/Transport.cpp @@ -243,7 +243,7 @@ Status Transport::read_crypto_impl(int X, MutableSlice message, const AuthKey &a KDF2(auth_key.key(), header->message_key, X, &aes_key, &aes_iv); } - aes_ige_decrypt(aes_key, &aes_iv, to_decrypt, to_decrypt); + aes_ige_decrypt(as_slice(aes_key), as_slice(aes_iv), to_decrypt, to_decrypt); size_t tail_size = message.end() - reinterpret_cast(header->data); if (tail_size < sizeof(PrefixT)) { @@ -379,7 +379,7 @@ void Transport::write_crypto_impl(int X, const Storer &storer, const AuthKey &au KDF2(auth_key.key(), header->message_key, X, &aes_key, &aes_iv); } - aes_ige_encrypt(aes_key, &aes_iv, to_encrypt, to_encrypt); + aes_ige_encrypt(as_slice(aes_key), as_slice(aes_iv), to_encrypt, to_encrypt); } size_t Transport::write_crypto(const Storer &storer, const AuthKey &auth_key, PacketInfo *info, MutableSlice dest) { diff --git a/td/telegram/ConfigManager.cpp b/td/telegram/ConfigManager.cpp index f4ddb4741..674cf382c 100644 --- a/td/telegram/ConfigManager.cpp +++ b/td/telegram/ConfigManager.cpp @@ -171,7 +171,7 @@ Result decode_config(Slice input) { UInt128 iv; as_slice(key).copy_from(data_rsa_slice.substr(0, 32)); as_slice(iv).copy_from(data_rsa_slice.substr(16, 16)); - aes_cbc_decrypt(key, &iv, data_cbc, data_cbc); + aes_cbc_decrypt(as_slice(key), as_slice(iv), data_cbc, data_cbc); CHECK(data_cbc.size() == 224); string hash(32, ' '); diff --git a/td/telegram/SecureStorage.cpp b/td/telegram/SecureStorage.cpp index 193ad0c2d..cc6a8be6d 100644 --- a/td/telegram/SecureStorage.cpp +++ b/td/telegram/SecureStorage.cpp @@ -27,10 +27,10 @@ Result ValueHash::create(Slice data) { static AesCbcState calc_aes_cbc_state_hash(Slice hash) { CHECK(hash.size() == 64); - UInt256 key; - as_slice(key).copy_from(hash.substr(0, 32)); - UInt128 iv; - as_slice(iv).copy_from(hash.substr(32, 16)); + SecureString key(32); + as_mutable_slice(key).copy_from(hash.substr(0, 32)); + SecureString iv(16); + as_mutable_slice(iv).copy_from(hash.substr(32, 16)); LOG(INFO) << "End AES CBC state calculation"; return AesCbcState{key, iv}; } @@ -220,7 +220,7 @@ EncryptedSecret Secret::encrypt(Slice key, Slice salt, EnryptionAlgorithm algori return calc_aes_cbc_state_pbkdf2(key, salt); default: UNREACHABLE(); - return AesCbcState(UInt256(), UInt128()); + return AesCbcState(Slice(), Slice()); } }(); @@ -250,7 +250,7 @@ Result EncryptedSecret::decrypt(Slice key, Slice salt, EnryptionAlgorith return calc_aes_cbc_state_pbkdf2(key, salt); default: UNREACHABLE(); - return AesCbcState(UInt256(), UInt128()); + return AesCbcState(Slice(), Slice()); } }(); @@ -333,14 +333,14 @@ Result encrypt_value(const Secret &secret, Slice data) { TRY_RESULT(hash, calc_value_hash(full_view)); auto aes_cbc_state = calc_aes_cbc_state_sha512(PSLICE() << secret.as_slice() << hash.as_slice()); - Encryptor encryptor(aes_cbc_state, full_view); + Encryptor encryptor(std::move(aes_cbc_state), full_view); TRY_RESULT(encrypted_data, encryptor.pread(0, encryptor.size())); return EncryptedValue{std::move(encrypted_data), std::move(hash)}; } Result decrypt_value(const Secret &secret, const ValueHash &hash, Slice data) { auto aes_cbc_state = calc_aes_cbc_state_sha512(PSLICE() << secret.as_slice() << hash.as_slice()); - Decryptor decryptor(aes_cbc_state); + Decryptor decryptor(std::move(aes_cbc_state)); TRY_RESULT(decrypted_value, decryptor.append(BufferSlice(data))); TRY_RESULT(got_hash, decryptor.finish()); if (got_hash.as_slice() != hash.as_slice()) { @@ -362,7 +362,7 @@ Result encrypt_file(const Secret &secret, std::string src, std::strin TRY_RESULT(hash, calc_value_hash(full_view)); auto aes_cbc_state = calc_aes_cbc_state_sha512(PSLICE() << secret.as_slice() << hash.as_slice()); - Encryptor encryptor(aes_cbc_state, full_view); + Encryptor encryptor(std::move(aes_cbc_state), full_view); TRY_STATUS( data_view_for_each(encryptor, [&dest_file](BufferSlice bytes) { return dest_file.write(bytes.as_slice()); })); return std::move(hash); @@ -376,7 +376,7 @@ Status decrypt_file(const Secret &secret, const ValueHash &hash, std::string src FileDataView src_file_view(src_file, src_file_size); auto aes_cbc_state = calc_aes_cbc_state_sha512(PSLICE() << secret.as_slice() << hash.as_slice()); - Decryptor decryptor(aes_cbc_state); + Decryptor decryptor(std::move(aes_cbc_state)); TRY_STATUS(data_view_for_each(src_file_view, [&decryptor, &dest_file](BufferSlice bytes) { TRY_RESULT(decrypted_bytes, decryptor.append(std::move(bytes))); TRY_STATUS(dest_file.write(decrypted_bytes.as_slice())); diff --git a/td/telegram/files/FileDownloader.cpp b/td/telegram/files/FileDownloader.cpp index 2b95712ba..900c0cbb8 100644 --- a/td/telegram/files/FileDownloader.cpp +++ b/td/telegram/files/FileDownloader.cpp @@ -340,7 +340,7 @@ Result FileDownloader::process_part(Part part, NetQueryPtr net_query) { UInt256 key = as(cdn_encryption_key_.c_str()); AesCtrState ctr_state; - ctr_state.init(key, iv); + ctr_state.init(as_slice(key), as_slice(iv)); ctr_state.decrypt(bytes.as_slice(), bytes.as_slice()); } if (encryption_key_.is_secret()) { @@ -350,7 +350,8 @@ Result FileDownloader::process_part(Part part, NetQueryPtr net_query) { if (part.size % 16 != 0) { next_part_stop_ = true; } - aes_ige_decrypt(encryption_key_.key(), &encryption_key_.mutable_iv(), bytes.as_slice(), bytes.as_slice()); + aes_ige_decrypt(as_slice(encryption_key_.key()), as_slice(encryption_key_.mutable_iv()), bytes.as_slice(), + bytes.as_slice()); } auto slice = bytes.as_slice().truncate(part.size); diff --git a/td/telegram/files/FileUploader.cpp b/td/telegram/files/FileUploader.cpp index b970c8adf..da287605d 100644 --- a/td/telegram/files/FileUploader.cpp +++ b/td/telegram/files/FileUploader.cpp @@ -231,7 +231,8 @@ Status FileUploader::generate_iv_map() { if (read_size != part_size) { return Status::Error("Failed to read file part (for iv_map)"); } - aes_ige_encrypt(encryption_key.key(), &encryption_key.mutable_iv(), bytes.as_slice(), bytes.as_slice()); + aes_ige_encrypt(as_slice(encryption_key.key()), as_slice(encryption_key.mutable_iv()), bytes.as_slice(), + bytes.as_slice()); iv_map_.push_back(encryption_key.mutable_iv()); } generate_iv_ = encryption_key.iv_slice().str(); @@ -259,7 +260,7 @@ Result> FileUploader::start_part(Part part, int32 p if (encryption_key_.is_secret()) { Random::secure_bytes(bytes.as_slice().substr(part.size)); if (next_offset_ == part.offset) { - aes_ige_encrypt(encryption_key_.key(), &iv_, bytes.as_slice(), bytes.as_slice()); + aes_ige_encrypt(as_slice(encryption_key_.key()), as_slice(iv_), bytes.as_slice(), bytes.as_slice()); next_offset_ += static_cast(bytes.size()); } else { if (part.id >= static_cast(iv_map_.size())) { @@ -267,7 +268,7 @@ Result> FileUploader::start_part(Part part, int32 p } CHECK(part.id < static_cast(iv_map_.size()) && part.id >= 0); auto iv = iv_map_[part.id]; - aes_ige_encrypt(encryption_key_.key(), &iv, bytes.as_slice(), bytes.as_slice()); + aes_ige_encrypt(as_slice(encryption_key_.key()), as_slice(iv), bytes.as_slice(), bytes.as_slice()); } } diff --git a/tddb/td/db/binlog/Binlog.cpp b/tddb/td/db/binlog/Binlog.cpp index be4f38035..aa66df98a 100644 --- a/tddb/td/db/binlog/Binlog.cpp +++ b/tddb/td/db/binlog/Binlog.cpp @@ -580,7 +580,7 @@ void Binlog::update_encryption(Slice key, Slice iv) { as_slice(aes_ctr_key_).copy_from(key); UInt128 aes_ctr_iv; as_slice(aes_ctr_iv).copy_from(iv); - aes_ctr_state_.init(aes_ctr_key_, aes_ctr_iv); + aes_ctr_state_.init(as_slice(aes_ctr_key_), as_slice(aes_ctr_iv)); } void Binlog::reset_encryption() { diff --git a/tdutils/CMakeLists.txt b/tdutils/CMakeLists.txt index 4375a479e..bb77063c7 100644 --- a/tdutils/CMakeLists.txt +++ b/tdutils/CMakeLists.txt @@ -305,7 +305,7 @@ if (CRC32C_FOUND) target_link_libraries(tdutils PRIVATE crc32c) endif() if (ABSL_FOUND) - target_link_libraries_system(tdutils PUBLIC absl::flat_hash_map absl::flat_hash_set absl::hash) + target_link_libraries(tdutils PUBLIC absl::flat_hash_map absl::flat_hash_set absl::hash) endif() if (WIN32 AND WINGETOPT_FOUND) diff --git a/tdutils/td/utils/AesCtrByteFlow.h b/tdutils/td/utils/AesCtrByteFlow.h index 171f427bf..f7c6a2be4 100644 --- a/tdutils/td/utils/AesCtrByteFlow.h +++ b/tdutils/td/utils/AesCtrByteFlow.h @@ -19,7 +19,7 @@ namespace td { class AesCtrByteFlow : public ByteFlowInplaceBase { public: void init(const UInt256 &key, const UInt128 &iv) { - state_.init(key, iv); + state_.init(as_slice(key), as_slice(iv)); } void init(AesCtrState &&state) { state_ = std::move(state); diff --git a/tdutils/td/utils/crypto.cpp b/tdutils/td/utils/crypto.cpp index f827762e0..2490bb342 100644 --- a/tdutils/td/utils/crypto.cpp +++ b/tdutils/td/utils/crypto.cpp @@ -243,7 +243,7 @@ int pq_factorize(Slice pq_str, string *p_str, string *q_str) { static void aes_ige_xcrypt(Slice aes_key, MutableSlice aes_iv, Slice from, MutableSlice to, bool encrypt_flag) { CHECK(aes_key.size() == 32); - CHECK(aes_iv.size() == 16); + CHECK(aes_iv.size() == 32); AES_KEY key; int err; if (encrypt_flag) {