Add padding to a plaintext (lib, foundation)

codegen/class.gsl

@@ -181,6 +181,7 @@ function class_resolve_property (property, class)
 
     if string_equal (my.property.class ?, "self")
         my.property.class = my.class.name
+        my.property. ?= "Class specific context."
     endif
 endfunction
 

codegen/java.gsl

@@ -49,6 +49,7 @@ gsl from "java_h.gsl"
 gsl from "java_java.gsl"
 gsl from "java_jni.gsl"
 gsl from "java_codegen.gsl"
+gsl from "wrapper_helpers.gsl"
 
 # ===========================================================================
 #   Name and type derivation.
@@ -1119,7 +1120,7 @@ function java_create_class_default_constructor (java_class, class, java_project,
     new java_constructor to my.java_class
         . = "/* Wrap underlying C context. */"
         .visibility = "package"
-        
+
         new java_argument to java_constructor
             .name = "contextHolder"
             .type = java_derive_context_holder_class_name (my.java_project)
@@ -1133,7 +1134,7 @@ function java_create_class_default_constructor (java_class, class, java_project,
             "
         endnew
     endnew
-    
+
 
     new java_method to my.java_class
         . = "
@@ -1699,7 +1700,7 @@ function java_create_class_module (class, java_project, meta)
 
             java_map_attr_visibility (java_class, my.class)
 
-            for my.class.constant
+            for my.class.constant where wrapper_should_wrap_class_constant(constant)
                 java_create_class_method_from_constant (constant, java_class, my.java_project, my.meta)
             endfor
 
@@ -1764,11 +1765,11 @@ function java_create_context_holder_class_module (java_project, meta)
                 .access = "readonly"
                 .visibility = "package"
             endnew
-            
+
             new java_constructor to java_class
                 . = "/* Create underlying C context. */"
                 .visibility = "package"
-                
+
                 new java_argument to java_constructor
                     .name = "cCtx"
                     .type = "long"
@@ -1821,7 +1822,7 @@ function java_create_implementation_module (implementation, java_project, meta)
 
             #java_create_class_field_context (java_class)
 
-            for my.implementation.constant
+            for my.implementation.constant where wrapper_should_wrap_class_constant(constant)
                 java_create_class_method_from_constant (constant, java_class, my.java_project, my.meta)
             endfor
 

codegen/models/project_foundation/class_alg_factory.xml

@@ -1,6 +1,7 @@
 <class name="alg factory" context="none">
     Create algorithms based on the given information.
 
+    <require interface="alg"/>
     <require interface="alg info"/>
     <require interface="public key"/>
     <require interface="private key"/>
@@ -24,6 +25,7 @@
     <require impl="ed25519" is_optional="1"/>
     <require impl="curve25519" is_optional="1"/>
     <require impl="ecc" is_optional="1"/>
+    <require impl="random padding" is_optional="1"/>
 
     <method name="create hash from info" is_static="1">
         Create algorithm that implements "hash stream" interface.
@@ -64,4 +66,13 @@
 
         <return interface="cipher" access="disown" is_optional="1"/>
     </method>
+
+    <method name="create padding from info" is_static="1">
+        Create algorithm that implements "padding" interface.
+
+        <argument name="alg info" interface="alg info"/>
+        <argument name="random" interface="random"/>
+
+        <return interface="padding" access="disown"/>
+    </method>
 </class>

codegen/models/project_foundation/class_message_info.xml

@@ -7,6 +7,7 @@
     <property name="data encryption alg info" interface="alg info"/>
     <property name="custom params" class="message info custom params"/>
     <property name="cipher kdf alg info" interface="alg info"/>
+    <property name="cipher padding alg info" interface="alg info"/>
     <property name="footer info" class="footer info"/>
 
 
@@ -112,6 +113,31 @@
         Remove cipher kdf alg info.
     </method>
 
+    <method name="has cipher padding alg info" is_const="1">
+        Return true if cipher padding alg info exists.
+
+        <return type="boolean"/>
+    </method>
+
+
+    <method name="set cipher padding alg info" visibility="private">
+        Setup cipher padding alg info.
+
+        <argument name="cipher padding alg info" interface="alg info" access="disown"/>
+    </method>
+
+
+    <method name="cipher padding alg info" is_const="1">
+        Return cipher padding alg info.
+
+        <return interface="alg info"/>
+    </method>
+
+
+    <method name="remove cipher padding alg info" visibility="private">
+        Remove cipher padding alg info.
+    </method>
+
 
     <method name="has footer info" is_const="1">
         Return true if footer info exists.

codegen/models/project_foundation/class_padding_cipher.xml

@@ -0,0 +1,90 @@
+<class name="padding cipher" scope="internal">
+    Wraps any symmetric cipher algorithm to add padding to plaintext
+    to prevent message guessing attacks based on a ciphertext length.
+
+    <require header="pb_decode.h" scope="private"/>
+    <require header="pb_encode.h" scope="private"/>
+
+    <dependency name="cipher" interface="cipher"/>
+    <dependency name="padding" interface="padding"/>
+    <property name="padding buffer" class="buffer"/>
+
+    <!-- start: duplicate interface cipher  -->
+    <method name="start encryption">
+        Start sequential encryption.
+    </method>
+
+    <method name="start decryption">
+        Start sequential decryption.
+    </method>
+
+    <method name="update">
+        Process encryption or decryption of the given data chunk.
+
+        <argument name="data" class="data"/>
+        <argument name="out" class="buffer">
+            <length method="out len">
+                <proxy argument="data" to="data len" cast="data_length"/>
+            </length>
+        </argument>
+    </method>
+
+    <method name="out len">
+        Return buffer length required to hold an output of the methods
+        "update" or "finish" in an current mode.
+        Pass zero length to define buffer length of the method "finish".
+
+        <argument name="data len" type="size"/>
+        <return type="size"/>
+    </method>
+
+    <method name="encrypted out len" is_const="1">
+        Return buffer length required to hold an output of the methods
+        "update" or "finish" in an encryption mode.
+        Pass zero length to define buffer length of the method "finish".
+
+        <argument name="data len" type="size"/>
+        <return type="size"/>
+    </method>
+
+    <method name="decrypted out len" is_const="1">
+        Return buffer length required to hold an output of the methods
+        "update" or "finish" in an decryption mode.
+        Pass zero length to define buffer length of the method "finish".
+
+        <argument name="data len" type="size"/>
+        <return type="size"/>
+    </method>
+
+    <method name="finish">
+        Accomplish encryption or decryption process.
+
+        <argument name="out" class="buffer">
+            <length method="out len">
+                <proxy constant="0" to="data len"/>
+            </length>
+        </argument>
+
+        <return enum="status"/>
+    </method>
+    <!-- end: duplicate interface cipher  -->
+
+    <method name="reset buffer" is_static="1" declaration="private">
+        Reset buffer. Ensures capacity is enough.
+
+        <argument name="buffer" class="buffer"/>
+        <argument name="capacity" type="size"/>
+    </method>
+
+    <method name="finish encryption" declaration="private">
+        <argument name="out" class="buffer"/>
+
+        <return enum="status"/>
+    </method>
+
+    <method name="finish decryption" declaration="private">
+        <argument name="out" class="buffer"/>
+
+        <return enum="status"/>
+    </method>
+</class>

codegen/models/project_foundation/class_padding_params.xml

@@ -0,0 +1,39 @@
+<class name="padding params">
+    Handles padding parameters and constraints.
+
+    <constant name="default frame" value="160" definition="public"/>
+    <constant name="default frame min" value="32" definition="public"/>
+    <constant name="default frame max" value="8 * 1024" definition="public"/>
+
+    <property name="frame" type="size"/>
+    <property name="frame min" type="size"/>
+    <property name="frame max" type="size"/>
+
+    <constructor name="with constraints">
+        Build padding params with given constraints.
+        Precondition: frame_length_min &lt;= frame_length &lt;= frame_length_max.
+        Next formula can clarify what frame is: padding_length = data_length MOD frame
+
+        <argument name="frame" type="size"/>
+        <argument name="frame min" type="size"/>
+        <argument name="frame max" type="size"/>
+    </constructor>
+
+    <method name="frame" type="size" is_const="1">
+        Return padding frame in bytes.
+
+        <return type="size"/>
+    </method>
+
+    <method name="frame min" type="size" is_const="1">
+        Return minimum padding frame in bytes.
+
+        <return type="size"/>
+    </method>
+
+    <method name="frame max" type="size" is_const="1">
+        Return minimum padding frame in bytes.
+
+        <return type="size"/>
+    </method>
+</class>

codegen/models/project_foundation/class_recipient_cipher.xml

@@ -20,10 +20,13 @@
     <require class="key alg factory"/>
     <require class="sha512"/>
     <require class="hkdf"/>
+    <require impl="random padding"/>
     <require module="message info der serializer internal"/>
 
     <dependency name="random" interface="random"/>
     <dependency name="encryption cipher" interface="cipher"/>
+    <dependency name="encryption padding" interface="padding"/>
+    <dependency name="padding params" class="padding params"/>
     <dependency name="signer hash" interface="hash"/>
 
     <property name="key recipients" class="key recipient list"/>
@@ -35,6 +38,8 @@
     <property name="decryption recipient key" interface="private key"/>
     <property name="decryption password" class="buffer"/>
     <property name="decryption cipher" interface="cipher"/>
+    <property name="decryption padding" interface="padding"/>
+    <property name="padding cipher" impl="padding cipher"/>
     <property name="verifier hash" interface="hash"/>
     <property name="message info" class="message info"/>
     <property name="message info der serializer" impl="message info der serializer"/>
@@ -401,4 +406,17 @@
         <argument name="data" class="data"/>
         <argument name="out" class="buffer"/>
     </method>
+
+    <method name="update message info for encryption" declaration="private">
+        Add information related to encryption to a message info.
+
+        <return enum="status"/>
+    </method>
+
+    <method name="configure padding cipher" declaration="private">
+        Configure padding cipher with given padding and cipher.
+
+        <argument name="padding" interface="padding" access="readwrite"/>
+        <argument name="cipher" interface="cipher" access="readwrite"/>
+    </method>
 </class>

codegen/models/project_foundation/class_tail_filter.xml

@@ -0,0 +1,30 @@
+<class name="tail filter" scope="internal">
+    This class filter incoming data stream to keep a tail of the given length.
+
+    <property name="tail" class="buffer"/>
+
+    <method name="reset">
+        Prepare filter for a new byte stream.
+
+        <argument name="len" type="size"/>
+    </method>
+
+    <method name="tail">
+        Return filtered tail.
+
+        <return class="data"/>
+    </method>
+
+    <method name="process">
+        Process given data and return filtered data guaranteed without a tail.
+
+        <argument name="data" class="data"/>
+        <argument name="out" class="buffer"/>
+    </method>
+
+    <method name="shift" declaration="private">
+        Shift tail left for a given distance.
+
+        <argument name="distance" type="size"/>
+    </method>
+</class>

codegen/models/project_foundation/enum_alg_id.xml

@@ -23,4 +23,5 @@
     <constant name="falcon"/>
     <constant name="round5"/>
     <constant name="round5 nd 5pke 5d"/>
+    <constant name="random padding"/>
 </enum>

codegen/models/project_foundation/enum_cipher_state.xml

@@ -0,0 +1,15 @@
+<enum name="cipher state" definition="public">
+    Enumerates possible sequentail cipher's states.
+
+    <constant name="initial">
+        Cipher is ready for new encryption / decryption operation.
+    </constant>
+
+    <constant name="encryption">
+        Cipher is configured for encryption.
+    </constant>
+
+    <constant name="decryption">
+        Cipher is configured for decryption.
+    </constant>
+</enum>

codegen/models/project_foundation/enum_oid_id.xml

@@ -29,4 +29,5 @@
     <constant name="falcon"/>
     <constant name="round5"/>
     <constant name="round5 nd 5pke 5d"/>
+    <constant name="random padding"/>
 </enum>

codegen/models/project_foundation/implementor_mbedtls.xml

@@ -113,7 +113,7 @@
 
         <property name="auth data" class="buffer"/>
 
-        <property name="do decrypt" type="boolean"/>
+        <property name="state" enum="cipher state"/>
 
         <property name="cached data" type="byte">
             <array length="fixed" length_constant=".(class_aes256_gcm_constant_block_len)"/>
@@ -170,7 +170,7 @@
             <array length="fixed" length_constant=".(class_aes256_cbc_constant_nonce_len)"/>
         </property>
 
-        <property name="do decrypt" type="boolean"/>
+        <property name="state" enum="cipher state"/>
     </implementation>