asherah 1.3.19 → 1.3.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/binding.gyp +6 -3
- package/package.json +3 -1
- package/scripts/download-libraries.sh +4 -4
- package/src/asherah.cc +162 -529
- package/src/cobhan.cc +2 -0
- package/src/cobhan.h +150 -0
- package/src/cobhan_napi_interop.cc +1 -10
- package/src/cobhan_napi_interop.h +113 -192
- package/src/logging.cc +1 -1
- package/src/logging.h +33 -1
package/src/asherah.cc
CHANGED
|
@@ -3,30 +3,31 @@
|
|
|
3
3
|
#include "hints.h"
|
|
4
4
|
#include "logging.h"
|
|
5
5
|
#include <iostream>
|
|
6
|
+
#include <mutex>
|
|
6
7
|
#include <napi.h>
|
|
7
8
|
|
|
8
9
|
size_t max_stack_alloc_size = 2048;
|
|
9
10
|
int32_t setup_state = 0;
|
|
11
|
+
std::mutex asherah_lock;
|
|
10
12
|
|
|
11
13
|
void setup(const Napi::CallbackInfo &info) {
|
|
12
|
-
|
|
14
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
13
15
|
|
|
14
16
|
if (unlikely(verbose_flag)) {
|
|
15
17
|
debug_log("setup", "called");
|
|
16
18
|
}
|
|
17
19
|
|
|
18
20
|
if (unlikely(setup_state == 1)) {
|
|
19
|
-
log_error_and_throw(
|
|
20
|
-
return;
|
|
21
|
+
log_error_and_throw("setup", "setup called twice");
|
|
21
22
|
}
|
|
22
23
|
|
|
23
24
|
if (unlikely(info.Length() < 1)) {
|
|
24
|
-
log_error_and_throw(
|
|
25
|
-
return;
|
|
25
|
+
log_error_and_throw("setup", "Wrong number of arguments");
|
|
26
26
|
}
|
|
27
27
|
|
|
28
28
|
Napi::String config;
|
|
29
29
|
Napi::Object config_json;
|
|
30
|
+
Napi::Env env = info.Env();
|
|
30
31
|
Napi::Object json = env.Global().Get("JSON").As<Napi::Object>();
|
|
31
32
|
if (likely(info[0].IsObject())) {
|
|
32
33
|
config_json = info[0].As<Napi::Object>();
|
|
@@ -37,14 +38,13 @@ void setup(const Napi::CallbackInfo &info) {
|
|
|
37
38
|
Napi::Function parse = json.Get("parse").As<Napi::Function>();
|
|
38
39
|
config_json = parse.Call(json, {config}).As<Napi::Object>();
|
|
39
40
|
} else {
|
|
40
|
-
log_error_and_throw(
|
|
41
|
-
return;
|
|
41
|
+
log_error_and_throw("setup", "Wrong argument type");
|
|
42
42
|
}
|
|
43
43
|
|
|
44
44
|
Napi::String product_id = config_json.Get("ProductID").As<Napi::String>();
|
|
45
45
|
Napi::String service_name = config_json.Get("ServiceName").As<Napi::String>();
|
|
46
46
|
|
|
47
|
-
|
|
47
|
+
est_intermediate_key_overhead =
|
|
48
48
|
product_id.Utf8Value().length() + service_name.Utf8Value().length();
|
|
49
49
|
|
|
50
50
|
Napi::Value verbose = config_json.Get("Verbose");
|
|
@@ -56,49 +56,15 @@ void setup(const Napi::CallbackInfo &info) {
|
|
|
56
56
|
debug_log("setup", "verbose_flag: defaulting to false");
|
|
57
57
|
}
|
|
58
58
|
|
|
59
|
-
// Determine size
|
|
60
|
-
size_t config_utf8_byte_length;
|
|
61
|
-
config_utf8_byte_length = nstring_utf8_byte_length(env, config);
|
|
62
|
-
if (unlikely(config_utf8_byte_length == (size_t)(-1))) {
|
|
63
|
-
log_error_and_throw(env, "setup", "Failed to get config utf8 length");
|
|
64
|
-
return;
|
|
65
|
-
}
|
|
66
|
-
|
|
67
|
-
// Allocate
|
|
68
59
|
char *config_cobhan_buffer;
|
|
69
|
-
std::unique_ptr<char[]> config_cobhan_buffer_unique_ptr;
|
|
70
|
-
if (config_utf8_byte_length < max_stack_alloc_size) {
|
|
71
|
-
// If the buffer is small enough, allocate it on the stack
|
|
72
|
-
size_t config_cobhan_buffer_size_bytes =
|
|
73
|
-
calculate_cobhan_buffer_size_bytes(config_utf8_byte_length);
|
|
74
|
-
debug_log_alloca("setup", "config_cobhan_buffer",
|
|
75
|
-
config_cobhan_buffer_size_bytes);
|
|
76
|
-
config_cobhan_buffer = (char *)alloca(config_cobhan_buffer_size_bytes);
|
|
77
|
-
configure_cbuffer(config_cobhan_buffer, config_utf8_byte_length);
|
|
78
|
-
} else {
|
|
79
|
-
// Otherwise, allocate it on the heap
|
|
80
|
-
config_cobhan_buffer_unique_ptr =
|
|
81
|
-
heap_allocate_cbuffer("config_cobhan_buffer", config_utf8_byte_length);
|
|
82
|
-
config_cobhan_buffer = config_cobhan_buffer_unique_ptr.get();
|
|
83
|
-
}
|
|
84
|
-
if (unlikely(config_cobhan_buffer == nullptr)) {
|
|
85
|
-
log_error_and_throw(env, "setup",
|
|
86
|
-
"Failed to allocate config cobhan buffer");
|
|
87
|
-
return;
|
|
88
|
-
}
|
|
89
|
-
|
|
90
|
-
// Copy
|
|
91
60
|
size_t config_copied_bytes;
|
|
92
|
-
config_cobhan_buffer
|
|
93
|
-
|
|
94
|
-
config_cobhan_buffer, &config_copied_bytes);
|
|
95
|
-
if (unlikely(config_cobhan_buffer == nullptr)) {
|
|
96
|
-
log_error_and_throw(env, "setup", "Failed to copy config to cobhan buffer");
|
|
97
|
-
return;
|
|
98
|
-
}
|
|
61
|
+
NAPI_STRING_TO_CBUFFER(env, config, config_cobhan_buffer, config_copied_bytes,
|
|
62
|
+
"setup");
|
|
99
63
|
|
|
100
|
-
|
|
101
|
-
|
|
64
|
+
char *config_canary_ptr = get_canary_ptr(config_cobhan_buffer);
|
|
65
|
+
if (unlikely(!check_canary_ptr(config_canary_ptr))) {
|
|
66
|
+
log_error_and_throw("encrypt_to_json",
|
|
67
|
+
"Failed initial canary check for config_cobhan_buffer");
|
|
102
68
|
}
|
|
103
69
|
|
|
104
70
|
// extern GoInt32 SetupJson(void* configJson);
|
|
@@ -108,17 +74,23 @@ void setup(const Napi::CallbackInfo &info) {
|
|
|
108
74
|
debug_log("setup", "Returned from asherah-cobhan SetupJson");
|
|
109
75
|
}
|
|
110
76
|
|
|
77
|
+
if (unlikely(!check_canary_ptr(config_canary_ptr))) {
|
|
78
|
+
log_error_and_throw(
|
|
79
|
+
"encrypt_to_json",
|
|
80
|
+
"Failed post-call canary check for config_cobhan_buffer");
|
|
81
|
+
}
|
|
82
|
+
|
|
111
83
|
if (unlikely(result < 0)) {
|
|
112
84
|
// TODO: Convert this to a proper error message
|
|
113
|
-
log_error_and_throw(
|
|
114
|
-
return;
|
|
85
|
+
log_error_and_throw("setup", std::to_string(result));
|
|
115
86
|
}
|
|
116
87
|
setup_state = 1;
|
|
117
88
|
}
|
|
118
89
|
|
|
119
|
-
Napi::
|
|
120
|
-
|
|
121
|
-
|
|
90
|
+
Napi::String encrypt_to_json(Napi::Env &env, size_t partition_bytes,
|
|
91
|
+
size_t data_bytes,
|
|
92
|
+
char *partition_id_cobhan_buffer,
|
|
93
|
+
char *input_cobhan_buffer) {
|
|
122
94
|
|
|
123
95
|
size_t asherah_output_size_bytes =
|
|
124
96
|
estimate_asherah_output_size_bytes(data_bytes, partition_bytes);
|
|
@@ -129,40 +101,24 @@ Napi::Value encrypt_to_json(Napi::Env &env, size_t partition_bytes,
|
|
|
129
101
|
}
|
|
130
102
|
|
|
131
103
|
char *output_cobhan_buffer;
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
// If the buffer is small enough, allocate it on the stack
|
|
135
|
-
size_t output_cobhan_buffer_size_bytes =
|
|
136
|
-
calculate_cobhan_buffer_size_bytes(asherah_output_size_bytes);
|
|
137
|
-
debug_log_alloca("encrypt_to_json", "output_cobhan_buffer",
|
|
138
|
-
output_cobhan_buffer_size_bytes);
|
|
139
|
-
output_cobhan_buffer = (char *)alloca(output_cobhan_buffer_size_bytes);
|
|
140
|
-
configure_cbuffer(output_cobhan_buffer, asherah_output_size_bytes);
|
|
141
|
-
} else {
|
|
142
|
-
// Otherwise, allocate it on the heap
|
|
143
|
-
output_cobhan_buffer_unique_ptr = heap_allocate_cbuffer(
|
|
144
|
-
"output_cobhan_buffer", asherah_output_size_bytes);
|
|
145
|
-
output_cobhan_buffer = output_cobhan_buffer_unique_ptr.get();
|
|
146
|
-
}
|
|
147
|
-
if (unlikely(output_cobhan_buffer == nullptr)) {
|
|
148
|
-
return log_error_and_throw(env, "encrypt_to_json",
|
|
149
|
-
"Failed to allocate cobhan output buffer");
|
|
150
|
-
}
|
|
104
|
+
ALLOCATE_CBUFFER(output_cobhan_buffer, asherah_output_size_bytes,
|
|
105
|
+
"encrypt_to_json");
|
|
151
106
|
|
|
152
107
|
char *partition_id_canary_ptr = get_canary_ptr(partition_id_cobhan_buffer);
|
|
153
|
-
if(!check_canary_ptr(partition_id_canary_ptr)) {
|
|
154
|
-
|
|
155
|
-
|
|
108
|
+
if (unlikely(!check_canary_ptr(partition_id_canary_ptr))) {
|
|
109
|
+
log_error_and_throw(
|
|
110
|
+
"encrypt_to_json",
|
|
111
|
+
"Failed initial canary check for partition_id_cobhan_buffer");
|
|
156
112
|
}
|
|
157
113
|
char *input_canary_ptr = get_canary_ptr(input_cobhan_buffer);
|
|
158
|
-
if(!check_canary_ptr(input_canary_ptr)) {
|
|
159
|
-
|
|
160
|
-
|
|
114
|
+
if (unlikely(!check_canary_ptr(input_canary_ptr))) {
|
|
115
|
+
log_error_and_throw("encrypt_to_json",
|
|
116
|
+
"Failed initial canary check for input_cobhan_buffer");
|
|
161
117
|
}
|
|
162
118
|
char *output_canary_ptr = get_canary_ptr(output_cobhan_buffer);
|
|
163
|
-
if(!check_canary_ptr(output_canary_ptr)) {
|
|
164
|
-
|
|
165
|
-
|
|
119
|
+
if (unlikely(!check_canary_ptr(output_canary_ptr))) {
|
|
120
|
+
log_error_and_throw("encrypt_to_json",
|
|
121
|
+
"Failed initial canary check for output_cobhan_buffer");
|
|
166
122
|
}
|
|
167
123
|
|
|
168
124
|
if (unlikely(verbose_flag)) {
|
|
@@ -178,132 +134,67 @@ Napi::Value encrypt_to_json(Napi::Env &env, size_t partition_bytes,
|
|
|
178
134
|
debug_log("encrypt_to_json", "Returning from asherah-cobhan EncryptToJson");
|
|
179
135
|
}
|
|
180
136
|
|
|
181
|
-
if(!check_canary_ptr(partition_id_canary_ptr)) {
|
|
182
|
-
|
|
183
|
-
|
|
137
|
+
if (unlikely(!check_canary_ptr(partition_id_canary_ptr))) {
|
|
138
|
+
log_error_and_throw(
|
|
139
|
+
"encrypt_to_json",
|
|
140
|
+
"Failed post-call canary check for partition_id_cobhan_buffer");
|
|
184
141
|
}
|
|
185
|
-
if(!check_canary_ptr(input_canary_ptr)) {
|
|
186
|
-
|
|
187
|
-
|
|
142
|
+
if (unlikely(!check_canary_ptr(input_canary_ptr))) {
|
|
143
|
+
log_error_and_throw(
|
|
144
|
+
"encrypt_to_json",
|
|
145
|
+
"Failed post-call canary check for input_cobhan_buffer");
|
|
188
146
|
}
|
|
189
|
-
if(!check_canary_ptr(output_canary_ptr)) {
|
|
190
|
-
|
|
191
|
-
|
|
147
|
+
if (unlikely(!check_canary_ptr(output_canary_ptr))) {
|
|
148
|
+
log_error_and_throw(
|
|
149
|
+
"encrypt_to_json",
|
|
150
|
+
"Failed post-call canary check for output_cobhan_buffer");
|
|
192
151
|
}
|
|
193
152
|
|
|
194
153
|
if (unlikely(result < 0)) {
|
|
195
154
|
// TODO: Convert this to a proper error message
|
|
196
|
-
|
|
155
|
+
log_error_and_throw("encrypt_to_json", std::to_string(result));
|
|
197
156
|
}
|
|
198
157
|
|
|
199
|
-
Napi::
|
|
158
|
+
Napi::String output = cbuffer_to_nstring(env, output_cobhan_buffer);
|
|
200
159
|
return output;
|
|
201
160
|
}
|
|
202
161
|
|
|
203
|
-
Napi::
|
|
204
|
-
|
|
162
|
+
Napi::String encrypt(const Napi::CallbackInfo &info) {
|
|
163
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
205
164
|
|
|
206
165
|
if (unlikely(verbose_flag)) {
|
|
207
166
|
debug_log("encrypt", "called");
|
|
208
167
|
}
|
|
209
168
|
|
|
210
169
|
if (unlikely(setup_state == 0)) {
|
|
211
|
-
|
|
170
|
+
log_error_and_throw("encrypt", "setup() not called");
|
|
212
171
|
}
|
|
213
172
|
|
|
214
173
|
if (unlikely(info.Length() < 2)) {
|
|
215
|
-
|
|
174
|
+
log_error_and_throw("encrypt", "Wrong number of arguments");
|
|
216
175
|
}
|
|
217
176
|
|
|
218
177
|
if (unlikely(!info[0].IsString() || !info[1].IsBuffer())) {
|
|
219
|
-
|
|
178
|
+
log_error_and_throw("encrypt", "Wrong argument types");
|
|
220
179
|
}
|
|
221
180
|
|
|
222
|
-
|
|
223
|
-
size_t partition_utf8_byte_length;
|
|
224
|
-
Napi::String partition_id = info[0].As<Napi::String>();
|
|
225
|
-
partition_utf8_byte_length = nstring_utf8_byte_length(env, partition_id);
|
|
226
|
-
if (unlikely(partition_utf8_byte_length == (size_t)(-1))) {
|
|
227
|
-
return log_error_and_throw(env, "encrypt",
|
|
228
|
-
"Failed to get partition_id utf8 length");
|
|
229
|
-
}
|
|
230
|
-
if (unlikely(partition_utf8_byte_length == 0)) {
|
|
231
|
-
return log_error_and_throw(env, "encrypt", "partition_id is empty");
|
|
232
|
-
}
|
|
181
|
+
Napi::Env env = info.Env();
|
|
233
182
|
|
|
234
|
-
|
|
183
|
+
Napi::String partition_id = info[0].As<Napi::String>();
|
|
235
184
|
char *partition_id_cobhan_buffer;
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
size_t partition_id_cobhan_buffer_size_bytes =
|
|
240
|
-
calculate_cobhan_buffer_size_bytes(partition_utf8_byte_length);
|
|
241
|
-
debug_log_alloca("encrypt", "partition_id_cobhan_buffer",
|
|
242
|
-
partition_id_cobhan_buffer_size_bytes);
|
|
243
|
-
partition_id_cobhan_buffer =
|
|
244
|
-
(char *)alloca(partition_id_cobhan_buffer_size_bytes);
|
|
245
|
-
configure_cbuffer(partition_id_cobhan_buffer, partition_utf8_byte_length);
|
|
246
|
-
} else {
|
|
247
|
-
// Otherwise, allocate it on the heap
|
|
248
|
-
partition_id_cobhan_buffer_unique_ptr = heap_allocate_cbuffer(
|
|
249
|
-
"partition_id_cobhan_buffer", partition_utf8_byte_length);
|
|
250
|
-
partition_id_cobhan_buffer = partition_id_cobhan_buffer_unique_ptr.get();
|
|
251
|
-
}
|
|
252
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
253
|
-
return log_error_and_throw(env, "encrypt",
|
|
254
|
-
"Failed to allocate partitionId cobhan buffer");
|
|
255
|
-
}
|
|
256
|
-
|
|
257
|
-
// Copy
|
|
258
|
-
size_t partition_copied_bytes;
|
|
259
|
-
partition_id_cobhan_buffer = copy_nstring_to_cbuffer(
|
|
260
|
-
env, partition_id, partition_utf8_byte_length, partition_id_cobhan_buffer,
|
|
261
|
-
&partition_copied_bytes);
|
|
262
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
263
|
-
return log_error_and_throw(env, "encrypt",
|
|
264
|
-
"Failed to copy partitionId to cobhan buffer");
|
|
265
|
-
}
|
|
185
|
+
size_t partition_id_copied_bytes;
|
|
186
|
+
NAPI_STRING_TO_CBUFFER(env, partition_id, partition_id_cobhan_buffer,
|
|
187
|
+
partition_id_copied_bytes, "encrypt");
|
|
266
188
|
|
|
267
|
-
// Determine size
|
|
268
189
|
Napi::Buffer<unsigned char> input_napi_buffer =
|
|
269
190
|
info[1].As<Napi::Buffer<unsigned char>>();
|
|
270
|
-
size_t input_byte_length = input_napi_buffer.ByteLength();
|
|
271
|
-
if (unlikely(input_byte_length == 0)) {
|
|
272
|
-
return log_error_and_throw(env, "encrypt", "input is empty");
|
|
273
|
-
}
|
|
274
|
-
|
|
275
|
-
// Allocate
|
|
276
191
|
char *input_cobhan_buffer;
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
size_t input_cobhan_buffer_size_bytes =
|
|
281
|
-
calculate_cobhan_buffer_size_bytes(input_byte_length);
|
|
282
|
-
debug_log_alloca("encrypt", "input_cobhan_buffer",
|
|
283
|
-
input_cobhan_buffer_size_bytes);
|
|
284
|
-
input_cobhan_buffer = (char *)alloca(input_cobhan_buffer_size_bytes);
|
|
285
|
-
configure_cbuffer(input_cobhan_buffer, input_byte_length);
|
|
286
|
-
} else {
|
|
287
|
-
// Otherwise, allocate it on the heap
|
|
288
|
-
input_buffer_unique_ptr =
|
|
289
|
-
heap_allocate_cbuffer("input_cobhan_buffer", input_byte_length);
|
|
290
|
-
input_cobhan_buffer = input_buffer_unique_ptr.get();
|
|
291
|
-
}
|
|
292
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
293
|
-
return log_error_and_throw(
|
|
294
|
-
env, "encrypt", "Failed to allocate cobhan buffer for input buffer");
|
|
295
|
-
}
|
|
296
|
-
|
|
297
|
-
// Copy
|
|
298
|
-
input_cobhan_buffer =
|
|
299
|
-
copy_nbuffer_to_cbuffer(env, input_napi_buffer, input_cobhan_buffer);
|
|
300
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
301
|
-
return log_error_and_throw(env, "encrypt",
|
|
302
|
-
"Failed to copy input buffer to cobhan buffer");
|
|
303
|
-
}
|
|
192
|
+
size_t input_copied_bytes;
|
|
193
|
+
NAPI_BUFFER_TO_CBUFFER(env, input_napi_buffer, input_cobhan_buffer,
|
|
194
|
+
input_copied_bytes, "encrypt");
|
|
304
195
|
|
|
305
|
-
Napi::
|
|
306
|
-
encrypt_to_json(env,
|
|
196
|
+
Napi::String output =
|
|
197
|
+
encrypt_to_json(env, partition_id_copied_bytes, input_copied_bytes,
|
|
307
198
|
partition_id_cobhan_buffer, input_cobhan_buffer);
|
|
308
199
|
|
|
309
200
|
if (unlikely(verbose_flag)) {
|
|
@@ -313,117 +204,41 @@ Napi::Value encrypt(const Napi::CallbackInfo &info) {
|
|
|
313
204
|
return output;
|
|
314
205
|
}
|
|
315
206
|
|
|
316
|
-
Napi::
|
|
317
|
-
|
|
207
|
+
Napi::String encrypt_string(const Napi::CallbackInfo &info) {
|
|
208
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
318
209
|
|
|
319
210
|
if (unlikely(verbose_flag)) {
|
|
320
211
|
debug_log("encrypt_string", "called");
|
|
321
212
|
}
|
|
322
213
|
|
|
323
214
|
if (unlikely(setup_state == 0)) {
|
|
324
|
-
|
|
215
|
+
log_error_and_throw("encrypt_string", "setup() not called");
|
|
325
216
|
}
|
|
326
217
|
|
|
327
218
|
if (unlikely(info.Length() < 2)) {
|
|
328
|
-
|
|
329
|
-
"Wrong number of arguments");
|
|
219
|
+
log_error_and_throw("encrypt_string", "Wrong number of arguments");
|
|
330
220
|
}
|
|
331
221
|
|
|
332
222
|
if (unlikely(!info[0].IsString() || !info[1].IsString())) {
|
|
333
|
-
|
|
223
|
+
log_error_and_throw("encrypt_string", "Wrong argument types");
|
|
334
224
|
}
|
|
335
225
|
|
|
336
|
-
|
|
337
|
-
size_t partition_utf8_byte_length;
|
|
338
|
-
Napi::String partition_id = info[0].As<Napi::String>();
|
|
339
|
-
partition_utf8_byte_length = nstring_utf8_byte_length(env, partition_id);
|
|
340
|
-
if (unlikely(partition_utf8_byte_length == (size_t)(-1))) {
|
|
341
|
-
return log_error_and_throw(env, "encrypt_string",
|
|
342
|
-
"Failed to get partition_id utf8 length");
|
|
343
|
-
}
|
|
344
|
-
if (unlikely(partition_utf8_byte_length == 0)) {
|
|
345
|
-
return log_error_and_throw(env, "encrypt_string", "partition_id is empty");
|
|
346
|
-
}
|
|
226
|
+
Napi::Env env = info.Env();
|
|
347
227
|
|
|
348
|
-
|
|
228
|
+
Napi::String partition_id = info[0].As<Napi::String>();
|
|
349
229
|
char *partition_id_cobhan_buffer;
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
size_t partition_id_cobhan_buffer_size_bytes =
|
|
354
|
-
calculate_cobhan_buffer_size_bytes(partition_utf8_byte_length);
|
|
355
|
-
debug_log_alloca("encrypt_string", "partition_id_cobhan_buffer",
|
|
356
|
-
partition_id_cobhan_buffer_size_bytes);
|
|
357
|
-
partition_id_cobhan_buffer =
|
|
358
|
-
(char *)alloca(partition_id_cobhan_buffer_size_bytes);
|
|
359
|
-
configure_cbuffer(partition_id_cobhan_buffer, partition_utf8_byte_length);
|
|
360
|
-
} else {
|
|
361
|
-
// Otherwise, allocate it on the heap
|
|
362
|
-
partition_id_cobhan_buffer_unique_ptr = heap_allocate_cbuffer(
|
|
363
|
-
"partition_id_cobhan_buffer", partition_utf8_byte_length);
|
|
364
|
-
partition_id_cobhan_buffer = partition_id_cobhan_buffer_unique_ptr.get();
|
|
365
|
-
}
|
|
366
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
367
|
-
return log_error_and_throw(env, "encrypt_string",
|
|
368
|
-
"Failed to allocate partitionId cobhan buffer");
|
|
369
|
-
}
|
|
230
|
+
size_t partition_id_copied_bytes;
|
|
231
|
+
NAPI_STRING_TO_CBUFFER(env, partition_id, partition_id_cobhan_buffer,
|
|
232
|
+
partition_id_copied_bytes, "encrypt_string");
|
|
370
233
|
|
|
371
|
-
// Copy
|
|
372
|
-
size_t partition_copied_bytes;
|
|
373
|
-
partition_id_cobhan_buffer = copy_nstring_to_cbuffer(
|
|
374
|
-
env, partition_id, partition_utf8_byte_length, partition_id_cobhan_buffer,
|
|
375
|
-
&partition_copied_bytes);
|
|
376
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
377
|
-
return log_error_and_throw(env, "encrypt_string",
|
|
378
|
-
"Failed to copy partitionId to cobhan buffer");
|
|
379
|
-
}
|
|
380
|
-
|
|
381
|
-
// Determine size
|
|
382
|
-
size_t input_utf8_byte_length;
|
|
383
234
|
Napi::String input = info[1].As<Napi::String>();
|
|
384
|
-
input_utf8_byte_length = nstring_utf8_byte_length(env, input);
|
|
385
|
-
if (unlikely(input_utf8_byte_length == (size_t)(-1))) {
|
|
386
|
-
return log_error_and_throw(env, "encrypt_string",
|
|
387
|
-
"Failed to get input utf8 length");
|
|
388
|
-
}
|
|
389
|
-
if (unlikely(input_utf8_byte_length == 0)) {
|
|
390
|
-
return log_error_and_throw(env, "encrypt_string", "input is empty");
|
|
391
|
-
}
|
|
392
|
-
|
|
393
|
-
// Allocate
|
|
394
235
|
char *input_cobhan_buffer;
|
|
395
|
-
std::unique_ptr<char[]> input_cobhan_buffer_unique_ptr;
|
|
396
|
-
if (input_utf8_byte_length < max_stack_alloc_size) {
|
|
397
|
-
// If the buffer is small enough, allocate it on the stack
|
|
398
|
-
size_t input_cobhan_buffer_size_bytes =
|
|
399
|
-
calculate_cobhan_buffer_size_bytes(input_utf8_byte_length);
|
|
400
|
-
debug_log_alloca("encrypt_string", "input_cobhan_buffer",
|
|
401
|
-
input_cobhan_buffer_size_bytes);
|
|
402
|
-
input_cobhan_buffer = (char *)alloca(input_cobhan_buffer_size_bytes);
|
|
403
|
-
configure_cbuffer(input_cobhan_buffer, input_utf8_byte_length);
|
|
404
|
-
} else {
|
|
405
|
-
// Otherwise, allocate it on the heap
|
|
406
|
-
input_cobhan_buffer_unique_ptr =
|
|
407
|
-
heap_allocate_cbuffer("input_cobhan_buffer", input_utf8_byte_length);
|
|
408
|
-
input_cobhan_buffer = input_cobhan_buffer_unique_ptr.get();
|
|
409
|
-
}
|
|
410
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
411
|
-
return log_error_and_throw(env, "encrypt_string",
|
|
412
|
-
"Failed to allocate input cobhan buffer");
|
|
413
|
-
}
|
|
414
|
-
|
|
415
|
-
// Copy
|
|
416
236
|
size_t input_copied_bytes;
|
|
417
|
-
input_cobhan_buffer
|
|
418
|
-
|
|
419
|
-
input_cobhan_buffer, &input_copied_bytes);
|
|
420
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
421
|
-
return log_error_and_throw(env, "encrypt_string",
|
|
422
|
-
"Failed to copy input to cobhan buffer");
|
|
423
|
-
}
|
|
237
|
+
NAPI_STRING_TO_CBUFFER(env, input, input_cobhan_buffer, input_copied_bytes,
|
|
238
|
+
"encrypt_string");
|
|
424
239
|
|
|
425
|
-
Napi::
|
|
426
|
-
encrypt_to_json(env,
|
|
240
|
+
Napi::String output =
|
|
241
|
+
encrypt_to_json(env, partition_id_copied_bytes, input_copied_bytes,
|
|
427
242
|
partition_id_cobhan_buffer, input_cobhan_buffer);
|
|
428
243
|
|
|
429
244
|
if (unlikely(verbose_flag)) {
|
|
@@ -433,153 +248,57 @@ Napi::Value encrypt_string(const Napi::CallbackInfo &info) {
|
|
|
433
248
|
return output;
|
|
434
249
|
}
|
|
435
250
|
|
|
436
|
-
Napi::
|
|
437
|
-
|
|
251
|
+
Napi::Buffer<unsigned char> decrypt(const Napi::CallbackInfo &info) {
|
|
252
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
438
253
|
|
|
439
254
|
if (unlikely(verbose_flag)) {
|
|
440
255
|
debug_log("decrypt", "called");
|
|
441
256
|
}
|
|
442
257
|
|
|
443
258
|
if (unlikely(setup_state == 0)) {
|
|
444
|
-
|
|
259
|
+
log_error_and_throw("decrypt", "setup() not called");
|
|
445
260
|
}
|
|
446
261
|
|
|
447
262
|
if (unlikely(info.Length() < 2)) {
|
|
448
|
-
|
|
263
|
+
log_error_and_throw("decrypt", "Wrong number of arguments");
|
|
449
264
|
}
|
|
450
265
|
|
|
451
266
|
if (unlikely(!info[0].IsString() || !info[1].IsString())) {
|
|
452
|
-
|
|
267
|
+
log_error_and_throw("decrypt", "Wrong argument types");
|
|
453
268
|
}
|
|
454
269
|
|
|
455
|
-
|
|
456
|
-
size_t partition_utf8_byte_length, partition_copied_bytes;
|
|
457
|
-
Napi::String partition_id = info[0].As<Napi::String>();
|
|
458
|
-
partition_utf8_byte_length = nstring_utf8_byte_length(env, partition_id);
|
|
459
|
-
if (unlikely(partition_utf8_byte_length == (size_t)(-1))) {
|
|
460
|
-
return log_error_and_throw(env, "decrypt",
|
|
461
|
-
"Failed to get partition_id utf8 length");
|
|
462
|
-
}
|
|
463
|
-
if (unlikely(partition_utf8_byte_length == 0)) {
|
|
464
|
-
return log_error_and_throw(env, "decrypt", "partition_id is empty");
|
|
465
|
-
}
|
|
270
|
+
Napi::Env env = info.Env();
|
|
466
271
|
|
|
467
|
-
|
|
272
|
+
Napi::String partition_id = info[0].As<Napi::String>();
|
|
468
273
|
char *partition_id_cobhan_buffer;
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
472
|
-
size_t partition_id_cobhan_buffer_size_bytes =
|
|
473
|
-
calculate_cobhan_buffer_size_bytes(partition_utf8_byte_length);
|
|
474
|
-
debug_log_alloca("decrypt", "partition_id_cobhan_buffer",
|
|
475
|
-
partition_id_cobhan_buffer_size_bytes);
|
|
476
|
-
partition_id_cobhan_buffer =
|
|
477
|
-
(char *)alloca(partition_id_cobhan_buffer_size_bytes);
|
|
478
|
-
configure_cbuffer(partition_id_cobhan_buffer, partition_utf8_byte_length);
|
|
479
|
-
} else {
|
|
480
|
-
// Otherwise, allocate it on the heap
|
|
481
|
-
partition_id_cobhan_buffer_unique_ptr = heap_allocate_cbuffer(
|
|
482
|
-
"partition_id_cobhan_buffer", partition_utf8_byte_length);
|
|
483
|
-
partition_id_cobhan_buffer = partition_id_cobhan_buffer_unique_ptr.get();
|
|
484
|
-
}
|
|
485
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
486
|
-
return log_error_and_throw(env, "decrypt",
|
|
487
|
-
"Failed to allocate partition_id cobhan buffer");
|
|
488
|
-
}
|
|
274
|
+
size_t partition_id_copied_bytes;
|
|
275
|
+
NAPI_STRING_TO_CBUFFER(env, partition_id, partition_id_cobhan_buffer,
|
|
276
|
+
partition_id_copied_bytes, "decrypt");
|
|
489
277
|
|
|
490
|
-
// Copy
|
|
491
|
-
partition_id_cobhan_buffer = copy_nstring_to_cbuffer(
|
|
492
|
-
env, partition_id, partition_utf8_byte_length, partition_id_cobhan_buffer,
|
|
493
|
-
&partition_copied_bytes);
|
|
494
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
495
|
-
return log_error_and_throw(env, "decrypt",
|
|
496
|
-
"Failed to copy partition_id to cobhan buffer");
|
|
497
|
-
}
|
|
498
|
-
|
|
499
|
-
// Determine size
|
|
500
|
-
size_t input_utf8_byte_length;
|
|
501
278
|
Napi::String input = info[1].As<Napi::String>();
|
|
502
|
-
input_utf8_byte_length = nstring_utf8_byte_length(env, input);
|
|
503
|
-
if (unlikely(input_utf8_byte_length == (size_t)(-1))) {
|
|
504
|
-
return log_error_and_throw(env, "decrypt",
|
|
505
|
-
"Failed to get input utf8 length");
|
|
506
|
-
}
|
|
507
|
-
if (unlikely(input_utf8_byte_length == 0)) {
|
|
508
|
-
return log_error_and_throw(env, "decrypt", "input is empty");
|
|
509
|
-
}
|
|
510
|
-
|
|
511
|
-
if (unlikely(verbose_flag)) {
|
|
512
|
-
debug_log("decrypt",
|
|
513
|
-
"input size " + std::to_string(input_utf8_byte_length));
|
|
514
|
-
}
|
|
515
|
-
|
|
516
|
-
// Allocate
|
|
517
279
|
char *input_cobhan_buffer;
|
|
518
|
-
std::unique_ptr<char[]> input_cobhan_buffer_unique_ptr;
|
|
519
|
-
if (input_utf8_byte_length < max_stack_alloc_size) {
|
|
520
|
-
// If the buffer is small enough, allocate it on the stack
|
|
521
|
-
size_t input_cobhan_buffer_size_bytes =
|
|
522
|
-
calculate_cobhan_buffer_size_bytes(input_utf8_byte_length);
|
|
523
|
-
debug_log_alloca("decrypt", "input_cobhan_buffer",
|
|
524
|
-
input_cobhan_buffer_size_bytes);
|
|
525
|
-
input_cobhan_buffer = (char *)alloca(input_cobhan_buffer_size_bytes);
|
|
526
|
-
configure_cbuffer(input_cobhan_buffer, input_utf8_byte_length);
|
|
527
|
-
} else {
|
|
528
|
-
// Otherwise, allocate it on the heap
|
|
529
|
-
input_cobhan_buffer_unique_ptr =
|
|
530
|
-
heap_allocate_cbuffer("input_cobhan_buffer", input_utf8_byte_length);
|
|
531
|
-
input_cobhan_buffer = input_cobhan_buffer_unique_ptr.get();
|
|
532
|
-
}
|
|
533
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
534
|
-
return log_error_and_throw(env, "decrypt",
|
|
535
|
-
"Failed to allocate input cobhan buffer");
|
|
536
|
-
}
|
|
537
|
-
|
|
538
|
-
// Copy
|
|
539
280
|
size_t input_copied_bytes;
|
|
540
|
-
input_cobhan_buffer
|
|
541
|
-
|
|
542
|
-
input_cobhan_buffer, &input_copied_bytes);
|
|
543
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
544
|
-
return log_error_and_throw(env, "decrypt",
|
|
545
|
-
"Failed to copy input to cobhan buffer");
|
|
546
|
-
}
|
|
281
|
+
NAPI_STRING_TO_CBUFFER(env, input, input_cobhan_buffer, input_copied_bytes,
|
|
282
|
+
"decrypt");
|
|
547
283
|
|
|
548
284
|
char *output_cobhan_buffer;
|
|
549
|
-
|
|
550
|
-
if (input_utf8_byte_length < max_stack_alloc_size) {
|
|
551
|
-
// If the buffer is small enough, allocate it on the stack
|
|
552
|
-
size_t output_cobhan_buffer_size_bytes =
|
|
553
|
-
calculate_cobhan_buffer_size_bytes(input_utf8_byte_length);
|
|
554
|
-
debug_log_alloca("decrypt", "output_cobhan_buffer",
|
|
555
|
-
output_cobhan_buffer_size_bytes);
|
|
556
|
-
output_cobhan_buffer = (char *)alloca(output_cobhan_buffer_size_bytes);
|
|
557
|
-
configure_cbuffer(output_cobhan_buffer, input_utf8_byte_length);
|
|
558
|
-
} else {
|
|
559
|
-
// Otherwise, allocate it on the heap
|
|
560
|
-
output_cobhan_buffer_unique_ptr =
|
|
561
|
-
heap_allocate_cbuffer("output_cobhan_buffer", input_utf8_byte_length);
|
|
562
|
-
output_cobhan_buffer = output_cobhan_buffer_unique_ptr.get();
|
|
563
|
-
}
|
|
564
|
-
if (unlikely(output_cobhan_buffer == nullptr)) {
|
|
565
|
-
return log_error_and_throw(env, "decrypt",
|
|
566
|
-
"Failed to allocate cobhan output buffer");
|
|
567
|
-
}
|
|
285
|
+
ALLOCATE_CBUFFER(output_cobhan_buffer, input_copied_bytes, "decrypt");
|
|
568
286
|
|
|
569
287
|
char *partition_id_canary_ptr = get_canary_ptr(partition_id_cobhan_buffer);
|
|
570
|
-
if(!check_canary_ptr(partition_id_canary_ptr)) {
|
|
571
|
-
|
|
572
|
-
|
|
288
|
+
if (unlikely(!check_canary_ptr(partition_id_canary_ptr))) {
|
|
289
|
+
log_error_and_throw(
|
|
290
|
+
"encrypt_to_json",
|
|
291
|
+
"Failed initial canary check for partition_id_cobhan_buffer");
|
|
573
292
|
}
|
|
574
293
|
char *input_canary_ptr = get_canary_ptr(input_cobhan_buffer);
|
|
575
|
-
if(!check_canary_ptr(input_canary_ptr)) {
|
|
576
|
-
|
|
577
|
-
|
|
294
|
+
if (unlikely(!check_canary_ptr(input_canary_ptr))) {
|
|
295
|
+
log_error_and_throw("encrypt_to_json",
|
|
296
|
+
"Failed initial canary check for input_cobhan_buffer");
|
|
578
297
|
}
|
|
579
298
|
char *output_canary_ptr = get_canary_ptr(output_cobhan_buffer);
|
|
580
|
-
if(!check_canary_ptr(output_canary_ptr)) {
|
|
581
|
-
|
|
582
|
-
|
|
299
|
+
if (unlikely(!check_canary_ptr(output_canary_ptr))) {
|
|
300
|
+
log_error_and_throw("encrypt_to_json",
|
|
301
|
+
"Failed initial canary check for output_cobhan_buffer");
|
|
583
302
|
}
|
|
584
303
|
|
|
585
304
|
if (unlikely(verbose_flag)) {
|
|
@@ -595,25 +314,29 @@ Napi::Value decrypt(const Napi::CallbackInfo &info) {
|
|
|
595
314
|
debug_log("decrypt", "Returned from asherah-cobhan DecryptFromJson");
|
|
596
315
|
}
|
|
597
316
|
|
|
598
|
-
if(!check_canary_ptr(partition_id_canary_ptr)) {
|
|
599
|
-
|
|
600
|
-
|
|
317
|
+
if (unlikely(!check_canary_ptr(partition_id_canary_ptr))) {
|
|
318
|
+
log_error_and_throw(
|
|
319
|
+
"encrypt_to_json",
|
|
320
|
+
"Failed post-call canary check for partition_id_cobhan_buffer");
|
|
601
321
|
}
|
|
602
|
-
if(!check_canary_ptr(input_canary_ptr)) {
|
|
603
|
-
|
|
604
|
-
|
|
322
|
+
if (unlikely(!check_canary_ptr(input_canary_ptr))) {
|
|
323
|
+
log_error_and_throw(
|
|
324
|
+
"encrypt_to_json",
|
|
325
|
+
"Failed post-call canary check for input_cobhan_buffer");
|
|
605
326
|
}
|
|
606
|
-
if(!check_canary_ptr(output_canary_ptr)) {
|
|
607
|
-
|
|
608
|
-
|
|
327
|
+
if (unlikely(!check_canary_ptr(output_canary_ptr))) {
|
|
328
|
+
log_error_and_throw(
|
|
329
|
+
"encrypt_to_json",
|
|
330
|
+
"Failed post-call canary check for output_cobhan_buffer");
|
|
609
331
|
}
|
|
610
332
|
|
|
611
333
|
if (unlikely(result < 0)) {
|
|
612
334
|
// TODO: Convert this to a proper error message
|
|
613
|
-
|
|
335
|
+
log_error_and_throw("decrypt", std::to_string(result));
|
|
614
336
|
}
|
|
615
337
|
|
|
616
|
-
Napi::
|
|
338
|
+
Napi::Buffer<unsigned char> output =
|
|
339
|
+
cbuffer_to_nbuffer(env, output_cobhan_buffer);
|
|
617
340
|
|
|
618
341
|
if (unlikely(verbose_flag)) {
|
|
619
342
|
debug_log("decrypt", "finished");
|
|
@@ -622,150 +345,57 @@ Napi::Value decrypt(const Napi::CallbackInfo &info) {
|
|
|
622
345
|
return output;
|
|
623
346
|
}
|
|
624
347
|
|
|
625
|
-
Napi::
|
|
626
|
-
|
|
348
|
+
Napi::String decrypt_string(const Napi::CallbackInfo &info) {
|
|
349
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
627
350
|
|
|
628
351
|
if (unlikely(verbose_flag)) {
|
|
629
352
|
debug_log("decrypt_string", "called");
|
|
630
353
|
}
|
|
631
354
|
|
|
632
355
|
if (unlikely(setup_state == 0)) {
|
|
633
|
-
|
|
356
|
+
log_error_and_throw("decrypt_string", "setup() not called");
|
|
634
357
|
}
|
|
635
358
|
|
|
636
359
|
if (unlikely(info.Length() < 2)) {
|
|
637
|
-
|
|
638
|
-
"Wrong number of arguments");
|
|
360
|
+
log_error_and_throw("decrypt_string", "Wrong number of arguments");
|
|
639
361
|
}
|
|
640
362
|
|
|
641
363
|
if (unlikely(!info[0].IsString() || !info[1].IsString())) {
|
|
642
|
-
|
|
364
|
+
log_error_and_throw("decrypt_string", "Wrong argument types");
|
|
643
365
|
}
|
|
644
366
|
|
|
645
|
-
|
|
646
|
-
size_t partition_utf8_byte_length;
|
|
647
|
-
Napi::String partition_id = info[0].As<Napi::String>();
|
|
648
|
-
partition_utf8_byte_length = nstring_utf8_byte_length(env, partition_id);
|
|
649
|
-
if (unlikely(partition_utf8_byte_length == (size_t)(-1))) {
|
|
650
|
-
return log_error_and_throw(env, "decrypt_string",
|
|
651
|
-
"Failed to get partition_id utf8 length");
|
|
652
|
-
}
|
|
653
|
-
if (unlikely(partition_utf8_byte_length == 0)) {
|
|
654
|
-
return log_error_and_throw(env, "decrypt_string", "partition_id is empty");
|
|
655
|
-
}
|
|
367
|
+
Napi::Env env = info.Env();
|
|
656
368
|
|
|
657
|
-
|
|
369
|
+
Napi::String partition_id = info[0].As<Napi::String>();
|
|
658
370
|
char *partition_id_cobhan_buffer;
|
|
659
|
-
|
|
660
|
-
|
|
661
|
-
|
|
662
|
-
size_t partition_id_cobhan_buffer_size_bytes =
|
|
663
|
-
calculate_cobhan_buffer_size_bytes(partition_utf8_byte_length);
|
|
664
|
-
debug_log_alloca("decrypt_string", "partition_id_cobhan_buffer",
|
|
665
|
-
partition_id_cobhan_buffer_size_bytes);
|
|
666
|
-
partition_id_cobhan_buffer =
|
|
667
|
-
(char *)alloca(partition_id_cobhan_buffer_size_bytes);
|
|
668
|
-
configure_cbuffer(partition_id_cobhan_buffer, partition_utf8_byte_length);
|
|
669
|
-
} else {
|
|
670
|
-
// Otherwise, allocate it on the heap
|
|
671
|
-
partition_id_cobhan_buffer_unique_ptr = heap_allocate_cbuffer(
|
|
672
|
-
"partition_id_cobhan_buffer", partition_utf8_byte_length);
|
|
673
|
-
partition_id_cobhan_buffer = partition_id_cobhan_buffer_unique_ptr.get();
|
|
674
|
-
}
|
|
675
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
676
|
-
return log_error_and_throw(env, "decrypt_string",
|
|
677
|
-
"Failed to allocate partitionId cobhan buffer");
|
|
678
|
-
}
|
|
679
|
-
|
|
680
|
-
// Copy
|
|
681
|
-
size_t partition_copied_bytes;
|
|
682
|
-
partition_id_cobhan_buffer = copy_nstring_to_cbuffer(
|
|
683
|
-
env, partition_id, partition_utf8_byte_length, partition_id_cobhan_buffer,
|
|
684
|
-
&partition_copied_bytes);
|
|
685
|
-
if (unlikely(partition_id_cobhan_buffer == nullptr)) {
|
|
686
|
-
return log_error_and_throw(env, "decrypt_string",
|
|
687
|
-
"Failed to copy partitionId to cobhan buffer");
|
|
688
|
-
}
|
|
371
|
+
size_t partition_id_copied_bytes;
|
|
372
|
+
NAPI_STRING_TO_CBUFFER(env, partition_id, partition_id_cobhan_buffer,
|
|
373
|
+
partition_id_copied_bytes, "decrypt_string");
|
|
689
374
|
|
|
690
|
-
// Determine size
|
|
691
|
-
size_t input_utf8_byte_length;
|
|
692
375
|
Napi::String input = info[1].As<Napi::String>();
|
|
693
|
-
input_utf8_byte_length = nstring_utf8_byte_length(env, input);
|
|
694
|
-
if (unlikely(input_utf8_byte_length == (size_t)(-1))) {
|
|
695
|
-
return log_error_and_throw(env, "decrypt_string",
|
|
696
|
-
"Failed to get input utf8 length");
|
|
697
|
-
}
|
|
698
|
-
if (unlikely(input_utf8_byte_length == 0)) {
|
|
699
|
-
return log_error_and_throw(env, "decrypt_string", "input is empty");
|
|
700
|
-
}
|
|
701
|
-
|
|
702
|
-
// Allocate
|
|
703
376
|
char *input_cobhan_buffer;
|
|
704
|
-
std::unique_ptr<char[]> input_cobhan_buffer_unique_ptr;
|
|
705
|
-
if (input_utf8_byte_length < max_stack_alloc_size) {
|
|
706
|
-
// If the buffer is small enough, allocate it on the stack
|
|
707
|
-
size_t input_cobhan_buffer_size_bytes =
|
|
708
|
-
calculate_cobhan_buffer_size_bytes(input_utf8_byte_length);
|
|
709
|
-
debug_log_alloca("decrypt_string", "input_cobhan_buffer",
|
|
710
|
-
input_cobhan_buffer_size_bytes);
|
|
711
|
-
input_cobhan_buffer = (char *)alloca(input_cobhan_buffer_size_bytes);
|
|
712
|
-
configure_cbuffer(input_cobhan_buffer, input_utf8_byte_length);
|
|
713
|
-
} else {
|
|
714
|
-
// Otherwise, allocate it on the heap
|
|
715
|
-
input_cobhan_buffer_unique_ptr =
|
|
716
|
-
heap_allocate_cbuffer("input_cobhan_buffer", input_utf8_byte_length);
|
|
717
|
-
input_cobhan_buffer = input_cobhan_buffer_unique_ptr.get();
|
|
718
|
-
}
|
|
719
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
720
|
-
return log_error_and_throw(env, "decrypt_string",
|
|
721
|
-
"Failed to allocate input cobhan buffer");
|
|
722
|
-
}
|
|
723
|
-
|
|
724
|
-
// Copy
|
|
725
377
|
size_t input_copied_bytes;
|
|
726
|
-
input_cobhan_buffer
|
|
727
|
-
|
|
728
|
-
input_cobhan_buffer, &input_copied_bytes);
|
|
729
|
-
if (unlikely(input_cobhan_buffer == nullptr)) {
|
|
730
|
-
return log_error_and_throw(env, "decrypt_string",
|
|
731
|
-
"Failed to copy input to cobhan buffer");
|
|
732
|
-
}
|
|
378
|
+
NAPI_STRING_TO_CBUFFER(env, input, input_cobhan_buffer, input_copied_bytes,
|
|
379
|
+
"decrypt_string");
|
|
733
380
|
|
|
734
381
|
char *output_cobhan_buffer;
|
|
735
|
-
|
|
736
|
-
if (input_utf8_byte_length < max_stack_alloc_size) {
|
|
737
|
-
// If the buffer is small enough, allocate it on the stack
|
|
738
|
-
size_t output_cobhan_buffer_size_bytes =
|
|
739
|
-
calculate_cobhan_buffer_size_bytes(input_utf8_byte_length);
|
|
740
|
-
debug_log_alloca("decrypt_string", "output_cobhan_buffer",
|
|
741
|
-
output_cobhan_buffer_size_bytes);
|
|
742
|
-
output_cobhan_buffer = (char *)alloca(output_cobhan_buffer_size_bytes);
|
|
743
|
-
configure_cbuffer(output_cobhan_buffer, input_utf8_byte_length);
|
|
744
|
-
} else {
|
|
745
|
-
// Otherwise, allocate it on the heap
|
|
746
|
-
output_cobhan_buffer_unique_ptr =
|
|
747
|
-
heap_allocate_cbuffer("output_cobhan_buffer", input_utf8_byte_length);
|
|
748
|
-
output_cobhan_buffer = output_cobhan_buffer_unique_ptr.get();
|
|
749
|
-
}
|
|
750
|
-
if (unlikely(output_cobhan_buffer == nullptr)) {
|
|
751
|
-
return log_error_and_throw(env, "decrypt_string",
|
|
752
|
-
"Failed to allocate cobhan output buffer");
|
|
753
|
-
}
|
|
382
|
+
ALLOCATE_CBUFFER(output_cobhan_buffer, input_copied_bytes, "decrypt_string");
|
|
754
383
|
|
|
755
384
|
char *partition_id_canary_ptr = get_canary_ptr(partition_id_cobhan_buffer);
|
|
756
|
-
if(!check_canary_ptr(partition_id_canary_ptr)) {
|
|
757
|
-
|
|
758
|
-
|
|
385
|
+
if (unlikely(!check_canary_ptr(partition_id_canary_ptr))) {
|
|
386
|
+
log_error_and_throw(
|
|
387
|
+
"encrypt_to_json",
|
|
388
|
+
"Failed initial canary check for partition_id_cobhan_buffer");
|
|
759
389
|
}
|
|
760
390
|
char *input_canary_ptr = get_canary_ptr(input_cobhan_buffer);
|
|
761
|
-
if(!check_canary_ptr(input_canary_ptr)) {
|
|
762
|
-
|
|
763
|
-
|
|
391
|
+
if (unlikely(!check_canary_ptr(input_canary_ptr))) {
|
|
392
|
+
log_error_and_throw("encrypt_to_json",
|
|
393
|
+
"Failed initial canary check for input_cobhan_buffer");
|
|
764
394
|
}
|
|
765
395
|
char *output_canary_ptr = get_canary_ptr(output_cobhan_buffer);
|
|
766
|
-
if(!check_canary_ptr(output_canary_ptr)) {
|
|
767
|
-
|
|
768
|
-
|
|
396
|
+
if (unlikely(!check_canary_ptr(output_canary_ptr))) {
|
|
397
|
+
log_error_and_throw("encrypt_to_json",
|
|
398
|
+
"Failed initial canary check for output_cobhan_buffer");
|
|
769
399
|
}
|
|
770
400
|
|
|
771
401
|
if (unlikely(verbose_flag)) {
|
|
@@ -781,25 +411,28 @@ Napi::Value decrypt_string(const Napi::CallbackInfo &info) {
|
|
|
781
411
|
debug_log("decrypt_string", "Returned from asherah-cobhan DecryptFromJson");
|
|
782
412
|
}
|
|
783
413
|
|
|
784
|
-
if(!check_canary_ptr(partition_id_canary_ptr)) {
|
|
785
|
-
|
|
786
|
-
|
|
414
|
+
if (unlikely(!check_canary_ptr(partition_id_canary_ptr))) {
|
|
415
|
+
log_error_and_throw(
|
|
416
|
+
"encrypt_to_json",
|
|
417
|
+
"Failed post-call canary check for partition_id_cobhan_buffer");
|
|
787
418
|
}
|
|
788
|
-
if(!check_canary_ptr(input_canary_ptr)) {
|
|
789
|
-
|
|
790
|
-
|
|
419
|
+
if (unlikely(!check_canary_ptr(input_canary_ptr))) {
|
|
420
|
+
log_error_and_throw(
|
|
421
|
+
"encrypt_to_json",
|
|
422
|
+
"Failed post-call canary check for input_cobhan_buffer");
|
|
791
423
|
}
|
|
792
|
-
if(!check_canary_ptr(output_canary_ptr)) {
|
|
793
|
-
|
|
794
|
-
|
|
424
|
+
if (unlikely(!check_canary_ptr(output_canary_ptr))) {
|
|
425
|
+
log_error_and_throw(
|
|
426
|
+
"encrypt_to_json",
|
|
427
|
+
"Failed post-call canary check for output_cobhan_buffer");
|
|
795
428
|
}
|
|
796
429
|
|
|
797
430
|
if (unlikely(result < 0)) {
|
|
798
431
|
// TODO: Convert this to a proper error message
|
|
799
|
-
|
|
432
|
+
log_error_and_throw("decrypt_string", std::to_string(result));
|
|
800
433
|
}
|
|
801
434
|
|
|
802
|
-
Napi::
|
|
435
|
+
Napi::String output = cbuffer_to_nstring(env, output_cobhan_buffer);
|
|
803
436
|
|
|
804
437
|
if (unlikely(verbose_flag)) {
|
|
805
438
|
debug_log("decrypt_string", "finished");
|
|
@@ -809,6 +442,8 @@ Napi::Value decrypt_string(const Napi::CallbackInfo &info) {
|
|
|
809
442
|
}
|
|
810
443
|
|
|
811
444
|
void shutdown(const Napi::CallbackInfo &info) {
|
|
445
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
446
|
+
|
|
812
447
|
if (unlikely(verbose_flag)) {
|
|
813
448
|
debug_log("shutdown", "called");
|
|
814
449
|
}
|
|
@@ -828,16 +463,15 @@ void shutdown(const Napi::CallbackInfo &info) {
|
|
|
828
463
|
}
|
|
829
464
|
|
|
830
465
|
void set_max_stack_alloc_item_size(const Napi::CallbackInfo &info) {
|
|
831
|
-
|
|
466
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
832
467
|
|
|
833
468
|
if (unlikely(verbose_flag)) {
|
|
834
469
|
debug_log("set_max_stack_alloc_item_size", "called");
|
|
835
470
|
}
|
|
836
471
|
|
|
837
472
|
if (unlikely(info.Length() < 1)) {
|
|
838
|
-
log_error_and_throw(
|
|
473
|
+
log_error_and_throw("set_max_stack_alloc_item_size",
|
|
839
474
|
"Wrong number of arguments");
|
|
840
|
-
return;
|
|
841
475
|
}
|
|
842
476
|
|
|
843
477
|
Napi::Number item_size = info[0].ToNumber();
|
|
@@ -846,21 +480,20 @@ void set_max_stack_alloc_item_size(const Napi::CallbackInfo &info) {
|
|
|
846
480
|
}
|
|
847
481
|
|
|
848
482
|
void set_safety_padding_overhead(const Napi::CallbackInfo &info) {
|
|
849
|
-
|
|
483
|
+
std::lock_guard<std::mutex> lock(asherah_lock);
|
|
850
484
|
|
|
851
485
|
if (unlikely(verbose_flag)) {
|
|
852
486
|
debug_log("set_safety_padding_overhead", "called");
|
|
853
487
|
}
|
|
854
488
|
|
|
855
489
|
if (unlikely(info.Length() < 1)) {
|
|
856
|
-
log_error_and_throw(
|
|
490
|
+
log_error_and_throw("set_safety_padding_overhead",
|
|
857
491
|
"Wrong number of arguments");
|
|
858
|
-
return;
|
|
859
492
|
}
|
|
860
493
|
|
|
861
494
|
Napi::Number safety_padding_number = info[0].ToNumber();
|
|
862
495
|
|
|
863
|
-
|
|
496
|
+
set_safety_padding_bytes((size_t)safety_padding_number.Int32Value());
|
|
864
497
|
}
|
|
865
498
|
|
|
866
499
|
Napi::Object Init(Napi::Env env, Napi::Object exports) {
|