-
Notifications
You must be signed in to change notification settings - Fork 232
/
Copy pathHAPIPSecurityProtocol.c
143 lines (119 loc) · 5.55 KB
/
HAPIPSecurityProtocol.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
// Copyright (c) 2015-2019 The HomeKit ADK Contributors
//
// Licensed under the Apache License, Version 2.0 (the “License”);
// you may not use this file except in compliance with the License.
// See [CONTRIBUTORS.md] for the list of HomeKit ADK project authors.
#include "HAP+Internal.h"
/**
* Length of AAD data in the IP security protocol.
*/
#define kHAPIPSecurityProtocol_NumAADBytes ((size_t) 2)
HAP_RESULT_USE_CHECK
size_t HAPIPSecurityProtocolGetNumEncryptedBytes(size_t numPlaintextBytes) {
size_t numEncryptedBytes =
(numPlaintextBytes / kHAPIPSecurityProtocol_MaxFrameBytes) *
(kHAPIPSecurityProtocol_NumAADBytes + kHAPIPSecurityProtocol_MaxFrameBytes + CHACHA20_POLY1305_TAG_BYTES);
if (numPlaintextBytes % kHAPIPSecurityProtocol_MaxFrameBytes != 0) {
numEncryptedBytes += kHAPIPSecurityProtocol_NumAADBytes +
(numPlaintextBytes % kHAPIPSecurityProtocol_MaxFrameBytes) + CHACHA20_POLY1305_TAG_BYTES;
}
return numEncryptedBytes;
}
void HAPIPSecurityProtocolEncryptData(HAPAccessoryServerRef* server_, HAPSessionRef* session, HAPIPByteBuffer* buffer) {
HAPPrecondition(server_);
HAPPrecondition(session);
HAPPrecondition(buffer);
HAPPrecondition(buffer->data);
HAPPrecondition(buffer->position <= buffer->limit);
HAPPrecondition(buffer->limit <= buffer->capacity);
HAPError err;
size_t numEncryptedBytes = HAPIPSecurityProtocolGetNumEncryptedBytes(buffer->limit - buffer->position);
HAPAssert(numEncryptedBytes <= buffer->capacity);
HAPAssert(buffer->position <= buffer->capacity - numEncryptedBytes);
size_t position = buffer->position;
while (position < buffer->limit) {
size_t numFrameBytes = buffer->limit - position > kHAPIPSecurityProtocol_MaxFrameBytes ?
kHAPIPSecurityProtocol_MaxFrameBytes :
buffer->limit - position;
HAPRawBufferCopyBytes(
&buffer
->data[position + numFrameBytes + kHAPIPSecurityProtocol_NumAADBytes +
CHACHA20_POLY1305_TAG_BYTES],
&buffer->data[position + numFrameBytes],
buffer->limit - (position + numFrameBytes));
HAPRawBufferCopyBytes(&buffer->data[position + sizeof(uint16_t)], &buffer->data[position], numFrameBytes);
HAPWriteLittleUInt16(&buffer->data[position], numFrameBytes);
err = HAPSessionEncryptControlMessageWithAAD(
server_,
session,
/* ciphertext: */
&buffer->data[position + kHAPIPSecurityProtocol_NumAADBytes],
/* plaintext: */
&buffer->data[position + kHAPIPSecurityProtocol_NumAADBytes],
/* plaintext length: */
numFrameBytes,
/* aad: */
&buffer->data[position],
/* aad length: */
kHAPIPSecurityProtocol_NumAADBytes);
HAPAssert(!err);
position += numFrameBytes + kHAPIPSecurityProtocol_NumAADBytes + CHACHA20_POLY1305_TAG_BYTES;
buffer->limit += kHAPIPSecurityProtocol_NumAADBytes + CHACHA20_POLY1305_TAG_BYTES;
HAPAssert(position <= buffer->limit);
HAPAssert(buffer->limit <= buffer->capacity);
}
}
HAP_RESULT_USE_CHECK
HAPError HAPIPSecurityProtocolDecryptData(
HAPAccessoryServerRef* server_,
HAPSessionRef* session,
HAPIPByteBuffer* buffer) {
HAPPrecondition(server_);
HAPPrecondition(session);
HAPPrecondition(buffer);
HAPPrecondition(buffer->data);
HAPPrecondition(buffer->position <= buffer->limit);
HAPPrecondition(buffer->limit <= buffer->capacity);
HAPError err;
for (;;) {
if (buffer->limit - buffer->position < kHAPIPSecurityProtocol_NumAADBytes) {
break;
}
size_t numFrameBytes = HAPReadLittleUInt16(&buffer->data[buffer->position]);
if (numFrameBytes > kHAPIPSecurityProtocol_MaxFrameBytes) {
return kHAPError_InvalidData;
}
if (buffer->limit - buffer->position <
+numFrameBytes + kHAPIPSecurityProtocol_NumAADBytes + CHACHA20_POLY1305_TAG_BYTES) {
break;
}
err = HAPSessionDecryptControlMessageWithAAD(
server_,
session,
/* plaintext: */
&buffer->data[buffer->position],
/* ciphertext: */
&buffer->data[buffer->position + kHAPIPSecurityProtocol_NumAADBytes],
/* ciphertext length: */
numFrameBytes + CHACHA20_POLY1305_TAG_BYTES,
/* aad: */
&buffer->data[buffer->position],
/* aad length: */
kHAPIPSecurityProtocol_NumAADBytes);
if (err) {
return kHAPError_InvalidData;
}
HAPRawBufferCopyBytes(
&buffer->data[buffer->position + numFrameBytes],
&buffer
->data[buffer->position + numFrameBytes + kHAPIPSecurityProtocol_NumAADBytes +
CHACHA20_POLY1305_TAG_BYTES],
buffer->limit - (buffer->position + numFrameBytes + kHAPIPSecurityProtocol_NumAADBytes +
CHACHA20_POLY1305_TAG_BYTES));
buffer->position += numFrameBytes;
buffer->limit -= kHAPIPSecurityProtocol_NumAADBytes + CHACHA20_POLY1305_TAG_BYTES;
HAPAssert(buffer->position <= buffer->limit);
HAPAssert(buffer->limit <= buffer->capacity);
}
return kHAPError_None;
}