;; This file is part of eris-cl. ;; Copyright (C) 2022 Piotr SzarmaƄski ;; eris-cl is free software: you can redistribute it and/or modify it under the ;; terms of the GNU Lesser General Public License as published by the Free ;; Software Foundation, either version 3 of the License, or (at your option) any ;; later version. ;; eris-cl is distributed in the hope that it will be useful, but WITHOUT ANY ;; WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR ;; A PARTICULAR PURPOSE. See the GNU General Public License for more details. ;; You should have received a copy of the GNU General Public License along with ;; eris-cl. If not, see . (in-package :eris) (deftype block-size () `(member 1024 32768)) (defconstant 32kib 32768) (defconstant 1kib 1024) (defclass reference-pair () ((reference :initarg :reference :accessor reference :type (octet-vector 32)) (key :initarg :key :accessor key :type (octet-vector 32)))) (define-constant null-secret (make-array 32 :element-type 'octet :initial-element 0) :test #'equalp :documentation "32-byte null vector.") (defun reference-pair-to-octets (pair buf &optional (start 0)) "Convert a reference-pair object PAIR into the standard binary representation by filling the buffer BUF from the START keyword argument. " (declare (type vector buf)) (replace buf (reference pair) :start1 start) (replace buf (key pair) :start1 (+ 32 start))) (defun octets-to-reference-pair (octets &optional (start 0)) "Convert the standard reference-pair binary representation into a reference-pair object, using the bytes from the OCTETS vector from at START." (declare (type vector octets)) (make-instance 'reference-pair :key (subseq octets (+ 32 start) (+ 64 start)) :reference (subseq octets start (+ 32 start)))) (defun compute-reference (block) (declare (type octet-vector block)) (let ((reference (make-array 32 :element-type 'octet))) (ironclad:digest-sequence :blake2/256 block :digest reference) reference)) (defun make-nonce (level) (let ((nonce (make-array 12 :element-type 'octet :initial-element 0))) (setf (aref nonce 0) level) nonce)) (defun encrypt-block (input secret reference) (declare (type octet-vector input secret reference)) (let ((mac (ironclad:make-mac :blake2-mac secret :digest-length 32)) (key (make-array 32 :element-type 'octet))) (ironclad:update-mac mac input) (ironclad:produce-mac mac :digest key) ;; NOT the IETF chacha. Need to fix this by patching ironclad. Maybe. (ironclad:encrypt-in-place (ironclad:make-cipher :chacha :mode :stream :key key :initialization-vector null-secret) input) (ironclad:digest-sequence :blake2/256 input :digest reference) (make-instance 'reference-pair :key key :reference reference))) (defun encrypt-internal-block (input reference nonce) (declare (type octet-vector input reference)) (let ((key (make-array 32 :element-type 'octet))) (ironclad:digest-sequence :blake2/256 input :digest key) ;; NOT the IETF chacha. Need to fix this by patching ironclad. Maybe. (ironclad:encrypt-in-place (ironclad:make-cipher :chacha :mode :stream :key key :initialization-vector nonce) input) (ironclad:digest-sequence :blake2/256 input :digest reference) (make-instance 'reference-pair :key key :reference reference))) (defun decrypt-block (input key &optional (nonce null-secret)) (declare (type octet-vector input key nonce)) (ironclad:decrypt-in-place (ironclad:make-cipher :chacha :mode :stream :key key :initialization-vector nonce) input) input) (defclass read-capability () ((block-size :initarg :block-size :accessor block-size :type block-size :documentation "A value of either 1024 or 1kb blocks.") (level :initarg :level :accessor level :type octet) (root-reference-pair :initarg :reference-pair :accessor reference-pair)) (:documentation "Class representing the concept of an ERIS read capability.")) (-> read-capability-to-octets (read-capability) (octet-vector 66)) (defun read-capability-to-octets (read-capability) "Convert a read-capability object to its standard binary representation. Returns a (simple-array (unsigned-byte 8)) object." (declare (type read-capability read-capability)) (let ((cap (make-array 66 :element-type 'octet))) (case (block-size read-capability) ;; This depends on the version of the standard (1024 (setf (aref cap 0) #x0a)) (32768 (setf (aref cap 0) #x0f))) (setf (aref cap 1) (level read-capability)) (reference-pair-to-octets (reference-pair read-capability) cap 2))) (-> octets-to-read-capability ((octet-vector 66)) (values read-capability &optional)) (defun octets-to-read-capability (octets) "Convert the standard binary representation for ERIS read capabilities into a read-capability object. Returns the read-capability. An ERIS:VERSION-MISMATCH condition may be signaled if the corresponding versioning bytes are not supported by eris-cl." (declare (type (octet-vector 66) octets)) (let ((capability (make-instance 'read-capability))) (setf (block-size capability) (case (aref octets 0) (#x0a 1kib) (#x0f 32kib) (t (error 'version-mismatch)))) (setf (level capability) (aref octets 1)) (setf (reference-pair capability) (octets-to-reference-pair octets 2)) capability)) (-> read-capability-to-urn (read-capability) string) (defun read-capability-to-urn (capability) "Convert a read-capability object into a URN string." (declare (type read-capability capability)) (concatenate 'string "urn:eris:" (bytes-to-base32-unpadded (read-capability-to-octets capability)))) (-> urn-to-read-capability (string) (values read-capability &optional)) (defun urn-to-read-capability (urn) "Convert a urn:eris URN string into a read-capability object." (declare (type string urn)) (octets-to-read-capability (base32-to-bytes-unpadded (subseq urn (1+ (position #\: urn :from-end t)))))) (-> reference-to-block-urn ((octet-vector 32)) string) (defun reference-to-block-urn (reference) "Convert a 32-byte block reference into a URN string." (declare (type (octet-vector 32) reference)) (concatenate 'string "urn:blake2b:" (bytes-to-base32-unpadded reference))) (-> block-urn-to-reference (string) (values (octet-vector 32) &optional)) (defun block-urn-to-reference (urn) "Convert a urn:blake2b URN string into a 32-byte block reference vector." (declare (type string urn)) (base32-to-bytes-unpadded (subseq urn (1+ (position #\: urn :from-end t))))) (defun pad (input block-size) (declare (type octet-vector input) (type integer block-size)) (let* ((pad-size (- block-size (mod (length input) block-size))) (padded-input (adjust-array input (+ pad-size (length input)) :initial-element 0))) (replace padded-input input) (setf (aref padded-input (length input)) #x80) padded-input)) (defvar *output-hashmap* nil) (defmacro output-block (ref-vector) `(let ((reference (compute-reference block))) (if hash-output (if (gethash reference *output-hashmap*) block (let ((rk (encrypt-block block secret reference))) (vector-push-extend rk ,ref-vector) (setf (gethash reference *output-hashmap*) t) (funcall output-function block (reference rk)))) (let ((rk (encrypt-block block secret reference))) (vector-push-extend rk ,ref-vector) (funcall output-function block (reference rk)))))) (defmacro output-internal-block (ref-vector nonce) `(let ((reference (compute-reference block))) (if hash-output (unless (gethash reference *output-hashmap*) (let ((rk (encrypt-internal-block block reference ,nonce))) (vector-push-extend rk ,ref-vector) (setf (gethash reference *output-hashmap*) t) (funcall output-function block (reference rk)))) (let ((rk (encrypt-internal-block block reference ,nonce))) (vector-push-extend rk ,ref-vector) (funcall output-function block (reference rk)))))) (defgeneric eris-encode (input block-size output-function &key secret hash-output) (:documentation "Encode an INPUT into BLOCK-SIZE (32kib or 1kib) blocks, that are output using the function OUTPUT-FUNCTION. This function wil be called with two arguments: an encoded block and a 32-byte reference octet vector, and it MUST return a (SIMPLE-ARRAY (UNSIGNED-BYTE 8)) of equal size to the one given, which will be destructively modified. Returns a read-capability object. An optional 32-byte secret can be passed for additional encryption using the SECRET keyword argument. The HASH-OUTPUT keyword argument controls whether a hash-table is used to guarantee that a reference is only output once.")) (defmethod eris-encode ((input vector) block-size output-function &key (secret null-secret) (hash-output t)) (declare (type block-size block-size) (type function output-function) (type (octet-vector 32) secret)) (setf input (pad input block-size)) (let ((reference-vector (make-array 16 :adjustable t :fill-pointer 0)) (*output-hashmap* (if hash-output (make-hash-table :test #'equalp) nil)) (block (make-array block-size :element-type 'octet :initial-element 0))) (declare (type octet-vector block)) (loop for i = 0 then (incf i) until (= (length input) (* i block-size)) do (progn (replace block input :start2 (* i block-size)) (setf block (output-block reference-vector)) (fill block 0))) ;; always bzero the buffer; this is unoptimal (it only needs to be zeroed out to eliminate trailing junk) ;; TODO: consider removing this entire function and replacing it with an octet stream (eris-create-tree reference-vector block-size output-function :hash-output hash-output))) (defmethod eris-encode ((input stream) block-size output-function &key (secret null-secret) hash-output) "This method does not handle any IO related conditions." (declare (type block-size block-size) (type function output-function) (type (octet-vector 32) secret)) (let ((reference-vector (make-array 16 :adjustable t :fill-pointer 0)) (*output-hashmap* (if hash-output (make-hash-table :test #'equalp) nil)) (block (make-array block-size :element-type 'octet :initial-element 0))) (declare (type octet-vector block)) (loop for bytes-read = (read-sequence block input) for i = 0 then (incf i) if (< bytes-read block-size) do (progn (setf (aref block bytes-read) #x80) (fill block 0 :start (1+ bytes-read))) ;; bzero the buffer here to eliminate trailing junk do (progn (setf block (output-block reference-vector))) until (< bytes-read block-size)) (eris-create-tree reference-vector block-size output-function :hash-output hash-output))) (defun eris-create-tree (reference-vector block-size output-function &key hash-output) (declare (type block-size block-size) (type function output-function)) (loop with block-keys = (/ block-size 64) with level = 0 with reference-vector-l = (make-array 16 :adjustable t :fill-pointer 0) for nonce = (make-nonce (1+ level)) when (eql (length reference-vector) 1) do (return (make-instance 'read-capability :reference-pair (aref reference-vector 0) :level level :block-size block-size)) do (progn (incf level) ;; loop across the key-reference vector and build the tree (loop with block = (make-array block-size :element-type 'octet :initial-element 0) for rk across reference-vector with i = 0 when (eql i block-keys) do (progn (setf block (output-internal-block reference-vector-l nonce)) (setf i 0) (fill block 0)) do (progn (reference-pair-to-octets rk block (* 64 i)) (incf i)) finally (unless (zerop i) ;; If i is zero, then the amount of blocks is just ;; right. Otherwise add a final unfinished block. (output-internal-block reference-vector-l nonce))) (setf reference-vector reference-vector-l) (setf reference-vector-l (make-array 16 :adjustable t :fill-pointer 0)))))