From 6d88ce23eca7991248c6b567fb181aea4b87796e Mon Sep 17 00:00:00 2001
From: iceiix <43691553+iceiix@users.noreply.github.com>
Date: Thu, 1 Nov 2018 20:45:40 -0700
Subject: [PATCH] Switch to RustCrypto for Cfb8 symmetric crypto, instead of
 OpenSSL (#10) (#2)

* Encrypt with both RustCrypto cfb8 and OpenSSL

* Switch to RustCrypto for decrypting

* Show encryption for both RustCrypto and OpenSSL, for comparison...

* Correct off-by-one error in encryption, cfb8 doesn't need extra byte

* Remove OpenSSL for symmetric crypto

* Update Cargo.lock
---
 Cargo.lock          | 62 +++++++++++++++++++++++++++++++++++++++++++++
 Cargo.toml          |  2 ++
 src/main.rs         |  2 ++
 src/protocol/mod.rs | 37 ++++++++++++++-------------
 4 files changed, 85 insertions(+), 18 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 55e6e88..5726279 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -3,6 +3,35 @@ name = "adler32"
 version = "1.0.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
+[[package]]
+name = "aes"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "aes-soft 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
+ "aesni 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "block-cipher-trait 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "aes-soft"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "block-cipher-trait 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "byteorder 1.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "opaque-debug 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
+[[package]]
+name = "aesni"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "block-cipher-trait 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "opaque-debug 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "approx"
 version = "0.1.1"
@@ -59,6 +88,14 @@ dependencies = [
  "generic-array 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "block-cipher-trait"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "generic-array 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "block-padding"
 version = "0.1.2"
@@ -114,6 +151,15 @@ name = "cc"
 version = "1.0.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 
+[[package]]
+name = "cfb8"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "block-cipher-trait 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)",
+ "stream-cipher 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "cfg-if"
 version = "0.1.5"
@@ -1219,8 +1265,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 name = "steven"
 version = "0.0.1"
 dependencies = [
+ "aes 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
  "base64 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)",
  "byteorder 1.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
+ "cfb8 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "cgmath 0.16.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "collision 0.18.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "flate2 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -1269,6 +1317,14 @@ version = "0.1.0"
 name = "steven_shared"
 version = "0.0.1"
 
+[[package]]
+name = "stream-cipher"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+dependencies = [
+ "generic-array 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "string"
 version = "0.1.1"
@@ -1636,6 +1692,9 @@ dependencies = [
 
 [metadata]
 "checksum adler32 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "7e522997b529f05601e05166c07ed17789691f562762c7f3b987263d2dedee5c"
+"checksum aes 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "54eb1d8fe354e5fc611daf4f2ea97dd45a765f4f1e4512306ec183ae2e8f20c9"
+"checksum aes-soft 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "acdc19c789666840bb86d1df8ee1f458418f74a6b9c8f10538fb700de5829cb8"
+"checksum aesni 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)" = "2f70a6b5f971e473091ab7cfb5ffac6cde81666c4556751d8d5620ead8abf100"
 "checksum approx 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "08abcc3b4e9339e33a3d0a5ed15d84a687350c05689d825e0f6655eef9e76a94"
 "checksum arrayvec 0.4.7 (registry+https://github.com/rust-lang/crates.io-index)" = "a1e964f9e24d588183fcb43503abda40d288c8657dfc27311516ce2f05675aef"
 "checksum base64 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)" = "489d6c0ed21b11d038c31b6ceccca973e65d73ba3bd8ecb9a2babf5546164643"
@@ -1644,6 +1703,7 @@ dependencies = [
 "checksum bitflags 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "aad18937a628ec6abcd26d1489012cc0e18c21798210f491af69ded9b881106d"
 "checksum bitflags 1.0.4 (registry+https://github.com/rust-lang/crates.io-index)" = "228047a76f468627ca71776ecdebd732a3423081fcf5125585bcd7c49886ce12"
 "checksum block-buffer 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "49665c62e0e700857531fa5d3763e91b539ff1abeebd56808d378b495870d60d"
+"checksum block-cipher-trait 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)" = "30668a4dc25ca695ad6f4c4734b96b0a4414a87158eefeec04155bcef580a3de"
 "checksum block-padding 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4fc4358306e344bf9775d0197fd00d2603e5afb0771bb353538630f022068ea3"
 "checksum build_const 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "39092a32794787acd8525ee150305ff051b0aa6cc2abaf193924f5ab05425f39"
 "checksum byte-tools 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "980479e6fde23246dfb54d47580d66b4e99202e7579c5eaa9fe10ecb5ebd2182"
@@ -1652,6 +1712,7 @@ dependencies = [
 "checksum bzip2 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "42b7c3cbf0fa9c1b82308d57191728ca0256cb821220f4e2fd410a72ade26e3b"
 "checksum bzip2-sys 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "2c5162604199bbb17690ede847eaa6120a3f33d5ab4dcc8e7c25b16d849ae79b"
 "checksum cc 1.0.25 (registry+https://github.com/rust-lang/crates.io-index)" = "f159dfd43363c4d08055a07703eb7a3406b0dac4d0584d96965a3262db3c9d16"
+"checksum cfb8 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "246262ff86ddd02c34d3373bc1feef8bcdb92347f801ef0326f9a4091cfa164a"
 "checksum cfg-if 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "0c4e7bb64a8ebb0d856483e1e682ea3422f883c5f5615a90d51a2c82fe87fdd3"
 "checksum cgmath 0.16.1 (registry+https://github.com/rust-lang/crates.io-index)" = "64a4b57c8f4e3a2e9ac07e0f6abc9c24b6fc9e1b54c3478cfb598f3d0023e51c"
 "checksum cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f"
@@ -1779,6 +1840,7 @@ dependencies = [
 "checksum slab 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)" = "5f9776d6b986f77b35c6cf846c11ad986ff128fe0b2b63a3628e3755e8d3102d"
 "checksum smallvec 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)" = "153ffa32fd170e9944f7e0838edf824a754ec4c1fc64746fcc9fe1f8fa602e5d"
 "checksum stable_deref_trait 1.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "dba1a27d3efae4351c8051072d619e3ade2820635c3958d826bfea39d59b54c8"
+"checksum stream-cipher 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "8861bc80f649f5b4c9bd38b696ae9af74499d479dbfb327f0607de6b326a36bc"
 "checksum string 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "00caf261d6f90f588f8450b8e1230fa0d5be49ee6140fdfbcb55335aff350970"
 "checksum syn 0.14.9 (registry+https://github.com/rust-lang/crates.io-index)" = "261ae9ecaa397c42b960649561949d69311f08eeaea86a65696e6e46517cf741"
 "checksum syn 0.15.14 (registry+https://github.com/rust-lang/crates.io-index)" = "baaba45c6bf60fe29aaf241fa33306c0b75c801edea8378263a8f043b09a5634"
diff --git a/Cargo.toml b/Cargo.toml
index b313dd8..579e98c 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -27,6 +27,8 @@ cgmath = "0.16.1"
 lazy_static = "1.1.0"
 collision = "0.18.0"
 openssl = "0.10.15"
+aes = "0.3.2"
+cfb8 = "0.3.1"
 # clippy = "*"
 
 [dependencies.steven_gl]
diff --git a/src/main.rs b/src/main.rs
index 0efd7a6..778729b 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -23,6 +23,8 @@ extern crate byteorder;
 #[macro_use]
 extern crate serde_json;
 extern crate openssl;
+extern crate aes;
+extern crate cfb8;
 extern crate sha1;
 extern crate reqwest;
 extern crate flate2;
diff --git a/src/protocol/mod.rs b/src/protocol/mod.rs
index 9785873..dddab91 100644
--- a/src/protocol/mod.rs
+++ b/src/protocol/mod.rs
@@ -14,7 +14,9 @@
 
 #![allow(dead_code)]
 
-use openssl::symm;
+use aes::Aes128;
+use cfb8::Cfb8;
+use cfb8::stream_cipher::{NewStreamCipher, StreamCipher};
 use serde_json;
 use reqwest;
 use openssl;
@@ -745,6 +747,8 @@ impl ::std::fmt::Display for Error {
     }
 }
 
+type Aes128Cfb = Cfb8<Aes128>;
+
 pub struct Conn {
     stream: TcpStream,
     pub host: String,
@@ -752,16 +756,13 @@ pub struct Conn {
     direction: Direction,
     pub state: State,
 
-    cipher: Option<symm::Crypter>,
+    cipher: Option<Aes128Cfb>,
 
     compression_threshold: i32,
     compression_read: Option<ZlibDecoder<io::Cursor<Vec<u8>>>>,
     compression_write: Option<ZlibEncoder<io::Cursor<Vec<u8>>>>,
 }
 
-// Needed because symm::Crypter isn't send
-unsafe impl Send for Conn {}
-
 impl Conn {
     pub fn new(target: &str) -> Result<Conn, Error> {
         // TODO SRV record support
@@ -866,11 +867,8 @@ impl Conn {
         }
     }
 
-    pub fn enable_encyption(&mut self, key: &[u8], decrypt: bool) {
-        let cipher = symm::Crypter::new(symm::Cipher::aes_128_cfb8(),
-            if decrypt { symm::Mode::Decrypt } else { symm::Mode::Encrypt },
-            key,
-            Some(key)).unwrap();
+    pub fn enable_encyption(&mut self, key: &[u8], _decrypt: bool) {
+        let cipher = Aes128Cfb::new_var(key, key).unwrap();
         self.cipher = Option::Some(cipher);
     }
 
@@ -979,11 +977,8 @@ impl Read for Conn {
             Option::None => self.stream.read(buf),
             Option::Some(cipher) => {
                 let ret = try!(self.stream.read(buf));
-                let mut data = vec![0; ret + symm::Cipher::aes_128_cfb8().block_size()];
-                let count = cipher.update(&buf[..ret], &mut data).unwrap();
-                for i in 0..count {
-                    buf[i] = data[i];
-                }
+                cipher.decrypt(&mut buf[..ret]);
+
                 Ok(ret)
             }
         }
@@ -995,9 +990,15 @@ impl Write for Conn {
         match self.cipher.as_mut() {
             Option::None => self.stream.write(buf),
             Option::Some(cipher) => {
-                let mut data = vec![0; buf.len() + symm::Cipher::aes_128_cfb8().block_size()];
-                let count = cipher.update(buf, &mut data).unwrap();
-                try!(self.stream.write_all(&data[..count]));
+                // TODO: avoid copying, but trait requires non-mutable buf
+                let mut data = vec![0; buf.len()];
+                for i in 0..buf.len() {
+                    data[i] = buf[i];
+                }
+
+                cipher.encrypt(&mut data);
+
+                try!(self.stream.write_all(&data));
                 Ok(buf.len())
             }
         }