Difference between revisions of "AES LSL Helpers"

From Second Life Wiki
Jump to navigation Jump to search
m (Changed LSL tags to Source tags)
 
(One intermediate revision by one other user not shown)
Line 8: Line 8:


== Script ==
== Script ==
<lsl>// These variables are used to build communications. Commands are sent as  
<source lang="lsl2">// These variables are used to build communications. Commands are sent as  
// combined bits in the integer argument of a link-message, and are  
// combined bits in the integer argument of a link-message, and are  
// recovered using masks, you may wish to read about bit-masks before  
// recovered using masks, you may wish to read about bit-masks before  
Line 24: Line 24:
//          be the request's value for O.
//          be the request's value for O.
//      v  Variable, depends on mode.
//      v  Variable, depends on mode.
 
// This mask allows the filter byte to be retrieved quickly
// This mask allows the filter byte to be retrieved quickly
integer LSLAES_FILTER_MASK      = 0xFF000000;
integer LSLAES_FILTER_MASK      = 0xFF000000;
Line 37: Line 37:
// How many bits right variable must be shifted
// How many bits right variable must be shifted
integer LSLAES_VARIABLE_SHIFT  = 0;
integer LSLAES_VARIABLE_SHIFT  = 0;
 
// A request
// A request
integer LSLAES_FILTER_REQUEST  = 0x81000000;
integer LSLAES_FILTER_REQUEST  = 0x81000000;
// A reply
// A reply
integer LSLAES_FILTER_REPLY    = 0x82000000;
integer LSLAES_FILTER_REPLY    = 0x82000000;
 
// An error occurred
// An error occurred
integer LSLAES_COMMAND_ERROR    = 0x00000000;
integer LSLAES_COMMAND_ERROR    = 0x00000000;
Line 51: Line 51:
// Decrypt message using expanded key
// Decrypt message using expanded key
integer LSLAES_COMMAND_DECRYPT  = 0x00030000;
integer LSLAES_COMMAND_DECRYPT  = 0x00030000;
// Hash message using expanded key, variable is used to determine hash-
// length in 32-bit words. i.e - if var == 4 then length = 4 * 32 = 128.
// Max size is LSLAES_HASH_SIZE
integer LSLAES_COMMAND_HASH    = 0x00040000;
// Sets-up the engine by specifying comma-separated flags
// Sets-up the engine by specifying comma-separated flags
integer LSLAES_COMMAND_SETUP    = 0x00050000;
integer LSLAES_COMMAND_SETUP    = 0x00050000;
// Initialise the engine with an input-vector
// Initialise the engine with an input-vector
integer LSLAES_COMMAND_INIT    = 0x00060000;
integer LSLAES_COMMAND_INIT    = 0x00060000;
 
// Input type is hex
// Input type is hex
integer LSLAES_INPUT_HEX        = 0x00000000;
integer LSLAES_INPUT_HEX        = 0x00000000;
// Input type is base64
// Input type is base64
integer LSLAES_INPUT_BASE64    = 0x00001000;
integer LSLAES_INPUT_BASE64    = 0x00001000;
 
// Output type is hex
// Output type is hex
integer LSLAES_OUTPUT_HEX      = 0x00000000;
integer LSLAES_OUTPUT_HEX      = 0x00000000;
Line 120: Line 116:
     );
     );
}
}
 
// Initialises a 128-bit input-vector to be used by the AES engine
// Initialises a 128-bit input-vector to be used by the AES engine
lslAESInitHexIV(integer targetLink, string iv, key id) {
lslAESInitHexIV(integer targetLink, string iv, key id) {
Line 217: Line 213:
         requestID = id
         requestID = id
     );     
     );     
}
// Sends hexadecimal data and gets a length-bit hexadecimal hash back,
// where length is a multiple of 32-bits.
lslAESHashHexToHex(integer targetLink, string hexData, integer length, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_HASH |
            LSLAES_INPUT_HEX | LSLAES_OUTPUT_HEX | (length >> 5),
        (hexData = "") + hexData,
        requestID = id
    );
}
// Sends hexadecimal data and gets a length-bit base64 hash back,
// where length is a multiple of 32-bits.
lslAESHashHexToBase64(integer targetLink, string hexData, integer length, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_HASH |
            LSLAES_INPUT_HEX | LSLAES_OUTPUT_BASE64 | (length >> 5),
        (hexData = "") + hexData,
        requestID = id
    );
}
// Sends base64 data and gets a length-bit hexadecimal hash back,
// where length is a multiple of 32-bits.
lslAESHashBase64ToHex(integer targetLink, string b64Data, integer length, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_HASH |
            LSLAES_INPUT_BASE64 | LSLAES_OUTPUT_HEX | (length >> 5),
        (b64Data = "") + b64Data,
        requestID = id
    );
}
// Sends base64 data and gets a length-bit hexadecimal hash back,
// where length is a multiple of 32-bits.
lslAESHashBase64ToBase64(integer targetLink, string b64Data, integer length, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_HASH |
            LSLAES_INPUT_BASE64 | LSLAES_OUTPUT_BASE64 | (length >> 5),
        (b64Data = "") + b64Data,
        requestID = id
    );
}
}
   
   
Line 284: Line 232:
integer lslAESGetReplyDataType(integer int) {
integer lslAESGetReplyDataType(integer int) {
     return (int & LSLAES_INPUT_TYPE_MASK);
     return (int & LSLAES_INPUT_TYPE_MASK);
}</lsl>
}</source>

Latest revision as of 07:53, 10 April 2018

AES LSL Helpers

Description

The following LSL code contains helper-functions for using the AES engine by Haravikk Mistral. These functions are all individually documented. For examples on how to use them you should view the examples page.

To use, you may simply paste the following code at the top of your script(s). Remember to remove any functions/constants that you do not use in order to conserve memory.

Script

// These variables are used to build communications. Commands are sent as 
// combined bits in the integer argument of a link-message, and are 
// recovered using masks, you may wish to read about bit-masks before 
// editing these values. These are used so the string argument is 
// kept free for data only.
//
// Commands take the following form (in hex):
//      0xFFMMIOvv
// Where the letters are:
//      F   Filter, used to quickly determine if a message is for us.
//      C   Command; encrypt/decrypt etc.
//      I   Type of data provided (hex, base64, etc.).
//      O   Desired type of data to be returned (hex, base64, etc.), 
//          this is unused in replies as the reply's value for I will 
//          be the request's value for O.
//      v   Variable, depends on mode.
 
// This mask allows the filter byte to be retrieved quickly
integer LSLAES_FILTER_MASK      = 0xFF000000;
// This mask allows the mask byte to be retrieved quickly
integer LSLAES_COMMAND_MASK     = 0x00FF0000;
// This mask allows the input type to be retrieved quickly
integer LSLAES_INPUT_TYPE_MASK  = 0x0000F000;
// This mask allows the output type to be retireved quickly
integer LSLAES_OUTPUT_TYPE_MASK = 0x00000F00;
// This mask allows the variable to retrieved quickly
integer LSLAES_VARIABLE_MASK    = 0x000000FF;
// How many bits right variable must be shifted
integer LSLAES_VARIABLE_SHIFT   = 0;
 
// A request
integer LSLAES_FILTER_REQUEST   = 0x81000000;
// A reply
integer LSLAES_FILTER_REPLY     = 0x82000000;
 
// An error occurred
integer LSLAES_COMMAND_ERROR    = 0x00000000;
// Prime engine with key
integer LSLAES_COMMAND_PRIME    = 0x00010000;
// Encrypt message using expanded key
integer LSLAES_COMMAND_ENCRYPT  = 0x00020000;
// Decrypt message using expanded key
integer LSLAES_COMMAND_DECRYPT  = 0x00030000;
// Sets-up the engine by specifying comma-separated flags
integer LSLAES_COMMAND_SETUP    = 0x00050000;
// Initialise the engine with an input-vector
integer LSLAES_COMMAND_INIT     = 0x00060000;
 
// Input type is hex
integer LSLAES_INPUT_HEX        = 0x00000000;
// Input type is base64
integer LSLAES_INPUT_BASE64     = 0x00001000;
 
// Output type is hex
integer LSLAES_OUTPUT_HEX       = 0x00000000;
// Output type is base64
integer LSLAES_OUTPUT_BASE64    = 0x00000100;
 
// The following extra variables are used to track our messages
key     requestID               = NULL_KEY;
 
// Sets-up the AES engine. Flags is a comma-separated list with the 
// following possible entries:
//  MODE_ECB    - Sets Electronic Code-Book mode, a little faster but 
//                not especially secure
//  MODE_CBC    - Cipher-Block-Chaining mode, most commonly used, good 
//                security.
//  MODE_CFB    - Ciphertext Feed-Back mode. Similar to CBC, but does 
//                not require an inverse-cipher to decrypt.
//  MODE_NOFB   - Output Feed-Back mode. Similar to CFB.
//
//  PAD_RBT     - Residual Block Termination padding is a method of 
//                encrypting data that does not fit correctly within 
//                into blocks.
//  PAD_NULLS   - Mainly added to provide support for PHP's mcrypt 
//                library. Null-characters (zero-bytes) are added to 
//                pad the length. ALL nulls are removed from the end 
//                after decryption, so be careful if null-characters 
//                occur within the text naturally.
//  PAD_ZEROES  - Adds zero-bytes, with the final byte describing the 
//                number of bytes added. If data fits within padSize 
//                then an extra padSize bits is added.
//  PAD_RANDOM  - Identical to PAD_ZEROES except that random bytes are 
//                generated for padding.
//
//  PAD_SIZE    - Defines the length of padding for NULLS, ZEROES, and 
//                random to align on. After this should be an integer 
//                value defining the size. Must be a multiple of 128.
lslAESSetup(integer targetLink, string flags, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_SETUP,
        (flags = "") + flags,
        requestID = id
    );
}
 
// Sends a link message to targetLink, requesting that aesKey be used to 
// prime the AES engine. aesKey should be a hexadecimal string representing 
// a value that is 128, 192, or 256-bits in length.
lslAESPrimeHexKey(integer targetLink, string aesKey, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_PRIME | LSLAES_INPUT_HEX,
        (aesKey = "") + aesKey,
        requestID = id
    );
}
 
// Initialises a 128-bit input-vector to be used by the AES engine
lslAESInitHexIV(integer targetLink, string iv, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_INIT | LSLAES_INPUT_HEX,
        (iv = "") + iv,
        requestID = id
    );
}
 
// Sends hexadecimal data and gets encrypted hexadecimal data back
lslAESEncryptHexToHex(integer targetLink, string hexData, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_ENCRYPT | 
            LSLAES_INPUT_HEX | LSLAES_OUTPUT_HEX,
        (hexData = "") + hexData,
        requestID = id
    );
}
 
// Sends hexadecimal data and gets encrypted base64 data back
lslAESEncryptHexToBase64(integer targetLink, string hexData, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_ENCRYPT | 
            LSLAES_INPUT_HEX | LSLAES_OUTPUT_BASE64,
        (hexData = "") + hexData,
        requestID = id
    );
}
 
// Send base64 data and gets encrypted hexadecimal data back
lslAESEncryptBase64ToHex(integer targetLink, string b64Data, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_ENCRYPT | 
            LSLAES_INPUT_BASE64 | LSLAES_OUTPUT_HEX,
        (b64Data = "") + b64Data,
        requestID = id
    );    
}
 
// Send base64 data and gets encrypted hexadecimal data back
lslAESEncryptBase64ToBase64(integer targetLink, string b64Data, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_ENCRYPT | 
            LSLAES_INPUT_BASE64 | LSLAES_OUTPUT_BASE64,
        (b64Data = "") + b64Data,
        requestID = id
    );    
}
 
// Sends hexadecimal data and gets decrypted hexadecimal data back
lslAESDecryptHexToHex(integer targetLink, string hexData, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_DECRYPT | 
            LSLAES_INPUT_HEX | LSLAES_OUTPUT_HEX,
        (hexData = "") + hexData,
        requestID = id
    );
}
 
// Sends hexadecimal data and gets decrypted base64 data back
lslAESDecryptHexToBase64(integer targetLink, string hexData, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_DECRYPT | 
            LSLAES_INPUT_HEX | LSLAES_OUTPUT_BASE64,
        (hexData = "") + hexData,
        requestID = id
    );
}
 
// Send base64 data and gets decrypted hexadecimal data back
lslAESDecryptBase64ToHex(integer targetLink, string b64Data, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_DECRYPT | 
            LSLAES_INPUT_BASE64 | LSLAES_OUTPUT_HEX,
        (b64Data = "") + b64Data,
        requestID = id
    );    
}
 
// Send base64 data and gets decrypted hexadecimal data back
lslAESDecryptBase64ToBase64(integer targetLink, string b64Data, key id) {
    llMessageLinked(
        targetLink,
        LSLAES_FILTER_REQUEST | LSLAES_COMMAND_DECRYPT | 
            LSLAES_INPUT_BASE64 | LSLAES_OUTPUT_BASE64,
        (b64Data = "") + b64Data,
        requestID = id
    );    
}
 
// Tests to see if a message is a reply or not (TRUE/FALSE)
integer lslAESIsReply(integer int, key id) {
    return (
        ((int & LSLAES_FILTER_MASK) == LSLAES_FILTER_REPLY) && 
        (id == requestID)
    );
}
 
// Grabs the mode of this reply. Should be one of the LSLAES_COMMAND_* constants
integer lslAESGetReplyMode(integer int) {
    return (int & LSLAES_COMMAND_MASK);
}
 
// Grabs the data type of this reply. Should be one of the LSLAES_INPUT_* 
// constants.
integer lslAESGetReplyDataType(integer int) {
    return (int & LSLAES_INPUT_TYPE_MASK);
}