forked from dotnet/runtime
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add ChaCha20Poly1305 skeleton (dotnet#52030)
- Also adds AesGcm.IsSupported and AesCcm.IsSupported - The IsSupported APIs will return false on browser rather than throw PNSE The current ChaCha20Poly1305 implementation only works on recent Win10 builds. However, we should be set up for somebody to add support for other OSes in the near future, assuming we can ride on top of other publicly-exposed implementations.
- Loading branch information
1 parent
0ebcb68
commit a50dcc8
Showing
28 changed files
with
1,018 additions
and
110 deletions.
There are no files selected for viewing
49 changes: 49 additions & 0 deletions
49
src/libraries/Common/src/Interop/Windows/BCrypt/AEADBCryptHandles.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
using System; | ||
using System.Security.Cryptography; | ||
using System.Threading; | ||
using Internal.NativeCrypto; | ||
|
||
namespace Internal.Cryptography | ||
{ | ||
internal static class AeadBCryptHandles | ||
{ | ||
private static SafeAlgorithmHandle? s_aesCcm; | ||
private static SafeAlgorithmHandle? s_aesGcm; | ||
private static SafeAlgorithmHandle? s_chaCha20Poly1305; | ||
|
||
internal static SafeAlgorithmHandle AesCcm => GetCachedAlgorithmHandle(ref s_aesCcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_CCM); | ||
internal static SafeAlgorithmHandle AesGcm => GetCachedAlgorithmHandle(ref s_aesGcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_GCM); | ||
|
||
internal static bool IsChaCha20Poly1305Supported { get; } = OperatingSystem.IsWindowsVersionAtLeast(10, 0, 20142); | ||
internal static SafeAlgorithmHandle ChaCha20Poly1305 => GetCachedAlgorithmHandle(ref s_chaCha20Poly1305, Cng.BCRYPT_CHACHA20_POLY1305_ALGORITHM); | ||
|
||
private static SafeAlgorithmHandle GetCachedAlgorithmHandle(ref SafeAlgorithmHandle? handle, string algId, string? chainingMode = null) | ||
{ | ||
// Do we already have a handle to this algorithm? | ||
SafeAlgorithmHandle? existingHandle = Volatile.Read(ref handle); | ||
if (existingHandle != null) { return existingHandle; } | ||
|
||
// No cached handle exists; create a new handle. It's ok if multiple threads call | ||
// this concurrently. Only one handle will "win" and the rest will be destroyed. | ||
SafeAlgorithmHandle newHandle = Cng.BCryptOpenAlgorithmProvider(algId, null, Cng.OpenAlgorithmProviderFlags.NONE); | ||
if (chainingMode != null) | ||
{ | ||
newHandle.SetCipherMode(chainingMode); | ||
} | ||
|
||
existingHandle = Interlocked.CompareExchange(ref handle, newHandle, null); | ||
if (existingHandle != null) | ||
{ | ||
newHandle.Dispose(); | ||
return existingHandle; | ||
} | ||
else | ||
{ | ||
return newHandle; | ||
} | ||
} | ||
} | ||
} |
52 changes: 52 additions & 0 deletions
52
src/libraries/Common/src/Interop/Windows/BCrypt/BCryptAeadHandleCache.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
using System; | ||
using System.Security.Cryptography; | ||
using System.Threading; | ||
using Internal.NativeCrypto; | ||
|
||
namespace Internal.Cryptography | ||
{ | ||
internal static class BCryptAeadHandleCache | ||
{ | ||
private static SafeAlgorithmHandle? s_aesCcm; | ||
private static SafeAlgorithmHandle? s_aesGcm; | ||
private static SafeAlgorithmHandle? s_chaCha20Poly1305; | ||
|
||
internal static SafeAlgorithmHandle AesCcm => GetCachedAlgorithmHandle(ref s_aesCcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_CCM); | ||
internal static SafeAlgorithmHandle AesGcm => GetCachedAlgorithmHandle(ref s_aesGcm, Cng.BCRYPT_AES_ALGORITHM, Cng.BCRYPT_CHAIN_MODE_GCM); | ||
|
||
internal static bool IsChaCha20Poly1305Supported { get; } = OperatingSystem.IsWindowsVersionAtLeast(10, 0, 20142); | ||
internal static SafeAlgorithmHandle ChaCha20Poly1305 => GetCachedAlgorithmHandle(ref s_chaCha20Poly1305, Cng.BCRYPT_CHACHA20_POLY1305_ALGORITHM); | ||
|
||
private static SafeAlgorithmHandle GetCachedAlgorithmHandle(ref SafeAlgorithmHandle? handle, string algId, string? chainingMode = null) | ||
{ | ||
// Do we already have a handle to this algorithm? | ||
SafeAlgorithmHandle? existingHandle = Volatile.Read(ref handle); | ||
if (existingHandle != null) | ||
{ | ||
return existingHandle; | ||
} | ||
|
||
// No cached handle exists; create a new handle. It's ok if multiple threads call | ||
// this concurrently. Only one handle will "win" and the rest will be destroyed. | ||
SafeAlgorithmHandle newHandle = Cng.BCryptOpenAlgorithmProvider(algId, null, Cng.OpenAlgorithmProviderFlags.NONE); | ||
if (chainingMode != null) | ||
{ | ||
newHandle.SetCipherMode(chainingMode); | ||
} | ||
|
||
existingHandle = Interlocked.CompareExchange(ref handle, newHandle, null); | ||
if (existingHandle != null) | ||
{ | ||
newHandle.Dispose(); | ||
return existingHandle; | ||
} | ||
else | ||
{ | ||
return newHandle; | ||
} | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3 changes: 3 additions & 0 deletions
3
src/libraries/System.Security.Cryptography.Algorithms/src/ExcludeApiList.PNSE.Browser.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
29 changes: 29 additions & 0 deletions
29
...es/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/AeadCommon.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
using Internal.Cryptography; | ||
|
||
namespace System.Security.Cryptography | ||
{ | ||
internal static partial class AeadCommon | ||
{ | ||
public static void CheckArgumentsForNull( | ||
byte[] nonce, | ||
byte[] plaintext, | ||
byte[] ciphertext, | ||
byte[] tag) | ||
{ | ||
if (nonce == null) | ||
throw new ArgumentNullException(nameof(nonce)); | ||
|
||
if (plaintext == null) | ||
throw new ArgumentNullException(nameof(plaintext)); | ||
|
||
if (ciphertext == null) | ||
throw new ArgumentNullException(nameof(ciphertext)); | ||
|
||
if (tag == null) | ||
throw new ArgumentNullException(nameof(tag)); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 changes: 10 additions & 0 deletions
10
....Security.Cryptography.Algorithms/src/System/Security/Cryptography/AesCcm.NotSupported.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
namespace System.Security.Cryptography | ||
{ | ||
public partial class AesCcm | ||
{ | ||
public static bool IsSupported => false; | ||
} | ||
} |
Oops, something went wrong.