Add: aes128-CCM en- and decryption

greenbone · May 3, 2022 · a3dd09a · a3dd09a
1 parent 66d5937
commit a3dd09a
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 17 deletions.
diff --git a/nasl/nasl_crypto2.c b/nasl/nasl_crypto2.c
@@ -1702,8 +1702,7 @@ crypt_data (lex_ctxt *lexic, int cipher, int mode, int crypt)
   gcry_cipher_hd_t hd;
   gcry_error_t error;
   void *result, *data, *key, *iv;
-  void *tmp = NULL;
-  size_t resultlen, datalen, keylen, tmplen, ivlen;
+  size_t resultlen, datalen, keylen, ivlen;
   tree_cell *retc;
 
   data = get_str_var_by_name (lexic, "data");
@@ -1713,9 +1712,9 @@ crypt_data (lex_ctxt *lexic, int cipher, int mode, int crypt)
   iv = get_str_var_by_name (lexic, "iv");
   ivlen = get_var_size_by_name (lexic, "iv");
 
-  if (!data || datalen <= 0 || !key || keylen <= 0)
+  if (!data || datalen == 0 || !key || keylen == 0)
     {
-      nasl_perror (lexic, "Syntax: encrypt_data: Missing data or key argument");
+      nasl_perror (lexic, "Syntax: crypt_data: Missing data or key argument");
       return NULL;
     }
 
@@ -1725,13 +1724,24 @@ crypt_data (lex_ctxt *lexic, int cipher, int mode, int crypt)
       gcry_cipher_close (hd);
       return NULL;
     }
+
   if ((error = gcry_cipher_setkey (hd, key, keylen)))
     {
       nasl_perror (lexic, "gcry_cipher_setkey: %s", gcry_strerror (error));
       gcry_cipher_close (hd);
       return NULL;
     }
 
+  if (iv && ivlen)
+    {
+      if ((error = gcry_cipher_setiv (hd, iv, ivlen)))
+        {
+          nasl_perror (lexic, "gcry_cipher_setiv: %s", gcry_strerror (error));
+          gcry_cipher_close (hd);
+          return NULL;
+        }
+    }
+
   if (cipher == GCRY_CIPHER_ARCFOUR)
     resultlen = datalen;
   else if (cipher == GCRY_CIPHER_3DES)
@@ -1746,40 +1756,55 @@ crypt_data (lex_ctxt *lexic, int cipher, int mode, int crypt)
       gcry_cipher_close (hd);
       return NULL;
     }
-  tmp = g_malloc0 (resultlen);
-  tmplen = resultlen;
-  memcpy (tmp, data, datalen);
 
-  if (iv && ivlen)
+  if (mode == GCRY_CIPHER_MODE_CCM)
     {
-      if ((error = gcry_cipher_setiv (hd, iv, ivlen)))
+      if (crypt == NASL_DECRYPT)
         {
-          nasl_perror (lexic, "gcry_cipher_setiv: %s", gcry_strerror (error));
-          g_free (tmp);
+          resultlen = get_int_var_by_name (lexic, "len", 0);
+          if (resultlen == 0)
+            {
+              nasl_perror (lexic, "Syntax: crypt_data: Missing or invalid "
+                                  "message length required "
+                                  "for CCM decryption");
+              return NULL;
+            }
+        }
+      else
+        resultlen = datalen;
+
+      u_int64_t params[3];
+      params[0] = datalen;
+      params[1] = 0;
+      params[2] = 10;
+      if ((error = gcry_cipher_ctl (hd, GCRYCTL_SET_CCM_LENGTHS, params,
+                                    sizeof (params))))
+        {
+          nasl_perror (lexic, "gcry_cipher_ctl: %s", gcry_strerror (error));
           return NULL;
         }
     }
 
   result = g_malloc0 (resultlen);
   if (crypt == NASL_ENCRYPT)
     {
-      if ((error = gcry_cipher_encrypt (hd, result, resultlen, tmp, tmplen)))
+      if ((error =
+             gcry_cipher_encrypt (hd, result, resultlen, data, resultlen)))
         {
           g_message ("gcry_cipher_encrypt: %s", gcry_strerror (error));
           gcry_cipher_close (hd);
           g_free (result);
-          g_free (tmp);
           return NULL;
         }
     }
   else if (crypt == NASL_DECRYPT)
     {
-      if ((error = gcry_cipher_decrypt (hd, result, resultlen, tmp, tmplen)))
+      if ((error =
+             gcry_cipher_decrypt (hd, result, resultlen, data, resultlen)))
         {
           g_message ("gcry_cipher_decrypt: %s", gcry_strerror (error));
           gcry_cipher_close (hd);
           g_free (result);
-          g_free (tmp);
           return NULL;
         }
     }
@@ -1788,11 +1813,9 @@ crypt_data (lex_ctxt *lexic, int cipher, int mode, int crypt)
       g_message ("crypt_data: invalid crypt value");
       gcry_cipher_close (hd);
       g_free (result);
-      g_free (tmp);
       return NULL;
     }
 
-  g_free (tmp);
   gcry_cipher_close (hd);
   retc = alloc_typed_cell (CONST_DATA);
   retc->x.str_val = result;
@@ -1893,3 +1916,17 @@ nasl_aes256_gcm_encrypt (lex_ctxt *lexic)
   return crypt_data (lexic, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM,
                      NASL_ENCRYPT);
 }
+
+tree_cell *
+nasl_aes128_ccm_encrypt (lex_ctxt *lexic)
+{
+  return crypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM,
+                     NASL_ENCRYPT);
+}
+
+tree_cell *
+nasl_aes128_ccm_decrypt (lex_ctxt *lexic)
+{
+  return crypt_data (lexic, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CCM,
+                     NASL_DECRYPT);
+}
diff --git a/nasl/nasl_crypto2.h b/nasl/nasl_crypto2.h
@@ -93,6 +93,12 @@ nasl_aes128_gcm_encrypt (lex_ctxt *lexic);
 tree_cell *
 nasl_aes256_gcm_encrypt (lex_ctxt *lexic);
 
+tree_cell *
+nasl_aes128_ccm_encrypt (lex_ctxt *lexic);
+
+tree_cell *
+nasl_aes128_ccm_decrypt (lex_ctxt *lexic);
+
 int
 generate_script_signature (char *);
 #endif
diff --git a/nasl/nasl_init.c b/nasl/nasl_init.c
@@ -306,6 +306,8 @@ static init_func libfuncs[] = {
   {"aes256_ctr_encrypt", nasl_aes256_ctr_encrypt},
   {"aes128_gcm_encrypt", nasl_aes128_gcm_encrypt},
   {"aes256_gcm_encrypt", nasl_aes256_gcm_encrypt},
+  {"aes128_ccm_encrypt", nasl_aes128_ccm_encrypt},
+  {"aes128_ccm_decrypt", nasl_aes128_ccm_decrypt},
   {"des_ede_cbc_encrypt", nasl_des_ede_cbc_encrypt},
   {"open_rc4_cipher", nasl_open_rc4_cipher},
   {"close_stream_cipher", nasl_close_stream_cipher},