refactor(picky-krb): crypto: small code improvements;

Devolutions · Feb 3, 2025 · 504d075 · 504d075
1 parent 928c357
commit 504d075
Show file tree

Hide file tree

Showing 7 changed files with 30 additions and 27 deletions.
diff --git a/picky-krb/src/crypto/aes/decrypt.rs b/picky-krb/src/crypto/aes/decrypt.rs
@@ -61,10 +61,12 @@ pub fn decrypt_message_no_checksum(
 
     let ki = derive_key(key, &usage_ki(key_usage), aes_size)?;
 
+    // [0..AES_BLOCK_SIZE] = the first block is a random confounder bytes.
+    let (confounder, plaintext) = plaintext.split_at(AES_BLOCK_SIZE);
+
     Ok(DecryptWithoutChecksum {
-        // [0..AES_BLOCK_SIZE] = the first block is a random confounder bytes. skip them
-        plaintext: plaintext[AES_BLOCK_SIZE..].to_vec(),
-        confounder: plaintext[0..AES_BLOCK_SIZE].to_vec(),
+        plaintext: plaintext.to_vec(),
+        confounder: confounder.to_vec(),
         checksum: checksum.to_vec(),
         ki,
     })

diff --git a/picky-krb/src/crypto/aes/encrypt.rs b/picky-krb/src/crypto/aes/encrypt.rs
@@ -24,10 +24,11 @@ pub fn encrypt_message(
 ) -> KerberosCryptoResult<Vec<u8>> {
     let mut encryption_result = encrypt_message_no_checksum(key, key_usage, payload, aes_size, confounder)?;
     // prepare for checksum generation
-    let mut data_to_encrypt = vec![0; aes_size.confounder_byte_size() + payload.len()];
+    let mut data_to_encrypt = vec![0; AES_BLOCK_SIZE + payload.len()];
 
-    data_to_encrypt[0..aes_size.confounder_byte_size()].copy_from_slice(&confounder);
-    data_to_encrypt[aes_size.confounder_byte_size()..].copy_from_slice(payload);
+    let (confounder_buf, payload_buf) = data_to_encrypt.split_at_mut(AES_BLOCK_SIZE);
+    confounder_buf.copy_from_slice(&confounder);
+    payload_buf.copy_from_slice(payload);
 
     // H1 = HMAC(Ki, conf | plaintext | pad)
     let hmac = hmac_sha1(&encryption_result.ki, &data_to_encrypt, AES_MAC_SIZE);
@@ -51,10 +52,11 @@ pub fn encrypt_message_no_checksum(
         return Err(KerberosCryptoError::KeyLength(key.len(), aes_size.key_length()));
     }
 
-    let mut data_to_encrypt = vec![0; aes_size.confounder_byte_size() + payload.len()];
+    let mut data_to_encrypt = vec![0; AES_BLOCK_SIZE + payload.len()];
 
-    data_to_encrypt[0..aes_size.confounder_byte_size()].copy_from_slice(&confounder);
-    data_to_encrypt[aes_size.confounder_byte_size()..].copy_from_slice(payload);
+    let (confounder_buf, payload_buf) = data_to_encrypt.split_at_mut(AES_BLOCK_SIZE);
+    confounder_buf.copy_from_slice(&confounder);
+    payload_buf.copy_from_slice(payload);
 
     let ke = derive_key(key, &usage_ke(key_usage), aes_size)?;
     // (C1, newIV) = E(Ke, conf | plaintext | pad, oldstate.ivec)
@@ -96,7 +98,7 @@ pub fn encrypt_aes_cts(key: &[u8], payload: &[u8], aes_size: &AesSize) -> Kerber
     let pad_length = (AES_BLOCK_SIZE - (payload.len() % AES_BLOCK_SIZE)) % AES_BLOCK_SIZE;
 
     let mut padded_payload = payload.to_vec();
-    padded_payload.extend_from_slice(&vec![0; pad_length]);
+    padded_payload.resize(padded_payload.len() + pad_length, 0);
 
     let mut cipher = encrypt_aes_cbc(key, &padded_payload, aes_size)?;
 

diff --git a/picky-krb/src/crypto/aes/mod.rs b/picky-krb/src/crypto/aes/mod.rs
@@ -45,10 +45,6 @@ impl AesSize {
     pub fn seed_bit_len(&self) -> usize {
         self.key_length() * 8
     }
-
-    fn confounder_byte_size(&self) -> usize {
-        AES_BLOCK_SIZE
-    }
 }
 
 pub fn swap_two_last_blocks(data: &mut [u8]) -> KerberosCryptoResult<()> {

diff --git a/picky-krb/src/crypto/common.rs b/picky-krb/src/crypto/common.rs
@@ -3,11 +3,10 @@ use sha1::Sha1;
 
 //= [Checksum Profiles Based on Simplified Profile](https://datatracker.ietf.org/doc/html/rfc3961#section-5.4) =//
 pub fn hmac_sha1(key: &[u8], payload: &[u8], mac_size: usize) -> Vec<u8> {
-    let key_len = key.len();
     let mut key = key.to_vec();
 
     // this Hmac implementation requires 64-byte key
-    key.extend_from_slice(&vec![0; 64 - key_len]);
+    key.resize(64, 0);
 
     let mut hmacker = Hmac::<Sha1>::new(key.as_slice().into());
 

diff --git a/picky-krb/src/crypto/des/decrypt.rs b/picky-krb/src/crypto/des/decrypt.rs
@@ -50,10 +50,12 @@ pub fn decrypt_message_no_checksum(
 
     let ki = derive_key(key, &usage_ki(key_usage))?;
 
+    // [0..DES3_BLOCK_SIZE] = the first block is random confounder bytes.
+    let (confounder, plaintext) = plaintext.split_at(DES3_BLOCK_SIZE);
+
     Ok(DecryptWithoutChecksum {
-        // [0..DES3_BLOCK_SIZE] = the first block is random confounder bytes. skip them
-        plaintext: plaintext[DES3_BLOCK_SIZE..].to_vec(),
-        confounder: plaintext[0..DES3_BLOCK_SIZE].to_vec(),
+        plaintext: plaintext.to_vec(),
+        confounder: confounder.to_vec(),
         checksum: checksum.to_vec(),
         ki,
     })

diff --git a/picky-krb/src/crypto/des/des3_cbc_sha1_kd.rs b/picky-krb/src/crypto/des/des3_cbc_sha1_kd.rs
@@ -145,7 +145,7 @@ mod tests {
         let mut conf_with_plaintext: Vec<u8> = encryption_result.confounder;
         conf_with_plaintext.extend_from_slice(&plaintext);
         let pad_len = (DES3_BLOCK_SIZE - (conf_with_plaintext.len() % DES3_BLOCK_SIZE)) % DES3_BLOCK_SIZE;
-        conf_with_plaintext.extend_from_slice(&vec![0; pad_len]);
+        conf_with_plaintext.resize(conf_with_plaintext.len() + pad_len, 0);
 
         assert_eq!(
             hmac_sha1(&encryption_result.ki, &conf_with_plaintext, DES3_MAC_SIZE),

diff --git a/picky-krb/src/crypto/des/encrypt.rs b/picky-krb/src/crypto/des/encrypt.rs
@@ -22,12 +22,13 @@ pub fn encrypt_message(
     // prepare for checksum generation
     let mut data_to_encrypt = vec![0; DES3_BLOCK_SIZE + payload.len()];
 
-    data_to_encrypt[0..DES3_BLOCK_SIZE].copy_from_slice(&confounder);
-    data_to_encrypt[DES3_BLOCK_SIZE..].copy_from_slice(payload);
+    let (confounder_buf, payload_buf) = data_to_encrypt.split_at_mut(DES3_BLOCK_SIZE);
+    confounder_buf.copy_from_slice(&confounder);
+    payload_buf.copy_from_slice(payload);
 
     let pad_len = (DES3_BLOCK_SIZE - (data_to_encrypt.len() % DES3_BLOCK_SIZE)) % DES3_BLOCK_SIZE;
     // pad
-    data_to_encrypt.extend_from_slice(&vec![0; pad_len]);
+    data_to_encrypt.resize(data_to_encrypt.len() + pad_len, 0);
 
     let hmac = hmac_sha1(&encryption_result.ki, &data_to_encrypt, DES3_MAC_SIZE);
 
@@ -51,12 +52,13 @@ pub fn encrypt_message_no_checksum(
 
     let mut data_to_encrypt = vec![0; DES3_BLOCK_SIZE + payload.len()];
 
-    data_to_encrypt[0..DES3_BLOCK_SIZE].copy_from_slice(&confounder);
-    data_to_encrypt[DES3_BLOCK_SIZE..].copy_from_slice(payload);
+    let (confounder_buf, payload_buf) = data_to_encrypt.split_at_mut(DES3_BLOCK_SIZE);
+    confounder_buf.copy_from_slice(&confounder);
+    payload_buf.copy_from_slice(payload);
 
     let pad_len = (DES3_BLOCK_SIZE - (data_to_encrypt.len() % DES3_BLOCK_SIZE)) % DES3_BLOCK_SIZE;
     // pad
-    data_to_encrypt.extend_from_slice(&vec![0; pad_len]);
+    data_to_encrypt.resize(data_to_encrypt.len() + pad_len, 0);
 
     let ke = derive_key(key, &usage_ke(key_usage))?;
     // (C1, newIV) = E(Ke, conf | plaintext | pad, oldstate.ivec)
@@ -79,7 +81,7 @@ pub fn encrypt_des(key: &[u8], payload: &[u8]) -> KerberosCryptoResult<Vec<u8>>
     let pad_length = (DES3_BLOCK_SIZE - (payload.len() % DES3_BLOCK_SIZE)) % DES3_BLOCK_SIZE;
 
     let mut payload = payload.to_vec();
-    payload.extend_from_slice(&vec![0; pad_length]);
+    payload.resize(payload.len() + pad_length, 0);
 
     let payload_len = payload.len();