Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Experimental code from HACL* for AES128-GCM #18

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

karthikbhargavan
Copy link

This is a first (version 0) commit of HACL* code for AES128-GCM.
The code is not yet verified.
It relies on AES-NI and PCLMUL instruction sets.
The API it provides is somewhat crude (one-shot).
Future versions of this code will be verified and will provide an incremental IOBuf-friendly interface.
This version is primarily for testing and refining the verification -> deployment workflow.

@facebook-github-bot
Copy link
Contributor

Thank you for your pull request and welcome to our community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. In order for us to review and merge your code, please sign up at https://code.facebook.com/cla. If you are contributing on behalf of someone else (eg your employer), the individual CLA may not be sufficient and your employer may need the corporate CLA signed.

If you have received this in error or have any questions, please contact us at [email protected]. Thanks!

@siyengar
Copy link
Contributor

Thanks for the PR, do you mind signing the CLA. If you have any issues, please let me know.

@karthikbhargavan
Copy link
Author

karthikbhargavan commented Nov 21, 2018 via email

@facebook-github-bot
Copy link
Contributor

Thank you for signing our Contributor License Agreement. We can now accept your code for this (and any) Facebook open source project. Thanks!

@karthikbhargavan
Copy link
Author

karthikbhargavan commented Nov 28, 2018 via email

@siyengar
Copy link
Contributor

siyengar commented Dec 6, 2018

Thanks for signing the CLA. If it's not too much work, would it be possible to re-organize this as

experimental/crypto instead of

crypto/experimental

It'd be great to have a top level directory for all experimental functions. I've also left a few review comments. Apart from that this looks great

// get iv and init hacl
auto iv = createIV(seqNum);
uint8_t* keyData = const_cast<uint8_t*>(key_.key->data());
Hacl_AesGCM_NI_aes128_gcm_init(ctx, keyData, iv.data());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do you need to modify the key here? or is it just a limitation of the hacl interface?

iobuf has a writableData() as well which will give you a non const ptr to the data

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

const cast is fine if you dont have to change the key but its just takes a non const ptr

auto out = folly::IOBuf::create(headroom_ + inputLen + getCipherOverhead());
out->advance(headroom_);
out->append(inputLen + getCipherOverhead());
auto inData = const_cast<uint8_t*>(plaintext->data());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

writableData() here will do what you want.

auto cipherData = const_cast<uint8_t*>(ciphertext->data());

auto res = Hacl_AesGCM_NI_aes128_gcm_decrypt(
ctx, inputLen-16, out->writableData(), cipherData, aadLen, aad);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: spacing here inputLen - 16

@karthikbhargavan
Copy link
Author

karthikbhargavan commented Dec 21, 2018 via email

Copy link
Contributor

@facebook-github-bot facebook-github-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@knekritz has imported this pull request. If you are a Facebook employee, you can view this diff on Phabricator.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants