voidio 0.1.14

VOID I/O - High-performance Cross-platform I/O for Rust.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

use ring::hkdf::{KeyType, Prk, Salt, HKDF_SHA256};
use ring::hmac::{self, Tag};
use sha2::{Digest, Sha256};
use aes::Aes128;
use aes::cipher::{BlockEncrypt, KeyInit};
use aes::cipher::generic_array::GenericArray;

pub(crate) static INITIAL_SALT: [u8; 20] = [
    0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17,
    0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a,
];


#[inline(always)]
pub(crate) fn build_key(salt: &[u8]) -> hmac::Key {
    hmac::Key::new(hmac::HMAC_SHA256, salt)
}

#[inline(always)]
pub(crate) fn hkdf_extract(key: &hmac::Key, ikm: &[u8], out: &mut [u8; 32]) {
    let tag = hmac::sign(key, ikm);
    out.copy_from_slice(tag.as_ref());
}

#[inline(always)]
pub(crate) fn hkdf_expand(prk: &[u8; 32], info: &[u8], out: &mut [u8]) {
    let mut t = [0u8; 32];
    let mut prev_len = 0;
    let mut ctr = 1u8;
    let mut offset = 0;

    while offset < out.len() {
        let mut h = Sha256::new();
        h.update(prk);
        if prev_len > 0 {
            h.update(&t[..prev_len]);
        }
        h.update(info);
        h.update(&[ctr]);
        t = h.finalize().into();
        let to_copy = usize::min(out.len() - offset, 32);
        out[offset..offset + to_copy].copy_from_slice(&t[..to_copy]);
        prev_len = 32;
        offset += to_copy;
        ctr = ctr.wrapping_add(1);
    }
}

// Generate the mask from ciphertext sample (16 bytes)
#[inline(always)]
pub(crate) fn generate_hp_mask(hp_key: &[u8; 16], sample: &[u8], hp_mask: &mut [u8; 16]) {
    let cipher = Aes128::new(GenericArray::from_slice(hp_key));
    let mut block = GenericArray::clone_from_slice(&sample[..16]);
    cipher.encrypt_block(&mut block);
    hp_mask.copy_from_slice(&block);
}

// Unmask the protected bits from the first byte and packet number bytes
#[inline(always)]
pub(crate) fn remove_header_protection(first_byte: &mut u8, packet_number: &mut [u8], mask: &[u8; 16]) {
    // First byte: XOR lowest 4 bits with mask[0]'s lowest 4 bits
    *first_byte ^= mask[0] & 0b1111;

    // Packet number bytes: XOR each byte with subsequent mask bytes
    for i in 0..packet_number.len() {
        packet_number[i] ^= mask[i + 1];
    }
}

#[inline(always)]
pub(crate) fn aes_ecb_encrypt(key: &[u8; 16], sample: &[u8], out: &mut [u8; 16]) {
    let cipher = Aes128::new_from_slice(key).unwrap();
    let mut block = GenericArray::<u8, _>::clone_from_slice(sample);
    cipher.encrypt_block(&mut block);
    out.copy_from_slice(&block);
}

#[inline(always)]
pub(crate) fn hkdf_expand_label(prk: &Prk, label: &[u8], out: &mut [u8]) {
    const PREFIX: &[u8] = b"tls13 ";
    let len = out.len() as u16;
    let mut info = Vec::with_capacity(2 + 1 + PREFIX.len() + label.len() + 1);
    info.extend_from_slice(&len.to_be_bytes());
    info.push((PREFIX.len() + label.len()) as u8);
    info.extend_from_slice(PREFIX);
    info.extend_from_slice(label);
    info.push(0);                             // zero-length context

    struct Len16;
    impl KeyType for Len16 { fn len(&self) -> usize { 16 } }

    prk.expand(&[&info], Len16).unwrap().fill(out).unwrap();
}

// --- helper: single AES-ECB block ---
#[inline(always)]
pub(crate) fn aes_ecb_block(key: &[u8;16], sample: &[u8;16]) -> [u8;16] {
    let cipher = Aes128::new_from_slice(key).unwrap();
    let mut block = GenericArray::<u8, _>::clone_from_slice(sample);
    cipher.encrypt_block(&mut block);
    block.into()
}

/* RFC 8446 HKDF-Expand-Label */
#[inline(always)]
pub(crate) fn expand_label(prk: &Prk, label: &[u8], out: &mut [u8]) {
    const PREFIX: &[u8] = b"tls13 ";
    let mut info = Vec::with_capacity(2 + 1 + PREFIX.len() + label.len() + 1);
    info.extend_from_slice(&(out.len() as u16).to_be_bytes());
    info.push((PREFIX.len() + label.len()) as u8);
    info.extend_from_slice(PREFIX);
    info.extend_from_slice(label);
    info.push(0); // empty context

    struct Len(usize);
    impl KeyType for Len { fn len(&self) -> usize { self.0 } }

    prk.expand(&[&info], Len(out.len())).unwrap().fill(out).unwrap();
}

#[inline(always)]
pub(crate) fn aes_block(key: &[u8; 16], sample: &[u8; 16]) -> [u8; 16] {
    let cipher = Aes128::new_from_slice(key).unwrap();
    let mut blk = GenericArray::<u8, _>::clone_from_slice(sample);
    cipher.encrypt_block(&mut blk);
    blk.into()
}

#[inline(always)]
pub(crate) fn varint(buf: &[u8]) -> Option<(usize, usize)> {
    if buf.is_empty() { return None }
    let first = buf[0];
    let (bytes, mask) = match first >> 6 { 0 => (1,0b00111111), 1 => (2,0b00111111), 2 => (4,0b00111111), _ => (8,0b00111111) };
    if buf.len() < bytes { return None }
    let mut v = (first & mask) as usize;
    for i in 1..bytes { v = (v << 8) | buf[i] as usize; }
    Some((v, bytes))
}