package org.graalvm.compiler.hotspot.replacements;
import static org.graalvm.compiler.hotspot.GraalHotSpotVMConfigBase.INJECTED_METAACCESS;
import static org.graalvm.compiler.hotspot.HotSpotBackend.DECRYPT;
import static org.graalvm.compiler.hotspot.HotSpotBackend.DECRYPT_WITH_ORIGINAL_KEY;
import static org.graalvm.compiler.hotspot.HotSpotBackend.ENCRYPT;
import static org.graalvm.compiler.hotspot.replacements.HotSpotReplacementsUtil.getArrayBaseOffset;
import static org.graalvm.compiler.hotspot.replacements.UnsafeAccess.UNSAFE;
import org.graalvm.compiler.api.replacements.ClassSubstitution;
import org.graalvm.compiler.api.replacements.Fold;
import org.graalvm.compiler.api.replacements.MethodSubstitution;
import org.graalvm.compiler.core.common.spi.ForeignCallDescriptor;
import org.graalvm.compiler.debug.GraalError;
import org.graalvm.compiler.graph.Node.ConstantNodeParameter;
import org.graalvm.compiler.graph.Node.NodeIntrinsic;
import org.graalvm.compiler.hotspot.nodes.ComputeObjectAddressNode;
import org.graalvm.compiler.nodes.PiNode;
import org.graalvm.compiler.nodes.extended.ForeignCallNode;
import org.graalvm.compiler.nodes.extended.RawLoadNode;
import org.graalvm.compiler.word.Word;
import jdk.internal.vm.compiler.word.LocationIdentity;
import jdk.internal.vm.compiler.word.Pointer;
import jdk.internal.vm.compiler.word.WordFactory;
import jdk.vm.ci.meta.JavaKind;
@ClassSubstitution(className = "com.sun.crypto.provider.CipherBlockChaining", optional = true)
public class CipherBlockChainingSubstitutions {
private static final long embeddedCipherOffset;
private static final long rOffset;
private static final Class<?> cipherBlockChainingClass;
private static final Class<?> feedbackCipherClass;
static {
try {
ClassLoader cl = ClassLoader.getSystemClassLoader();
feedbackCipherClass = Class.forName("com.sun.crypto.provider.FeedbackCipher", true, cl);
embeddedCipherOffset = UNSAFE.objectFieldOffset(feedbackCipherClass.getDeclaredField("embeddedCipher"));
cipherBlockChainingClass = Class.forName("com.sun.crypto.provider.CipherBlockChaining", true, cl);
rOffset = UNSAFE.objectFieldOffset(cipherBlockChainingClass.getDeclaredField("r"));
} catch (Exception ex) {
throw new GraalError(ex);
}
}
@Fold
static Class<?> getAESCryptClass() {
return AESCryptSubstitutions.AESCryptClass;
}
@MethodSubstitution(isStatic = false)
static int encrypt(Object rcvr, byte[] in, int inOffset, int inLength, byte[] out, int outOffset) {
Object realReceiver = PiNode.piCastNonNull(rcvr, cipherBlockChainingClass);
Object embeddedCipher = RawLoadNode.load(realReceiver, embeddedCipherOffset, JavaKind.Object, LocationIdentity.any());
if (getAESCryptClass().isInstance(embeddedCipher)) {
Object aesCipher = getAESCryptClass().cast(embeddedCipher);
crypt(realReceiver, in, inOffset, inLength, out, outOffset, aesCipher, true, false);
return inLength;
} else {
return encrypt(realReceiver, in, inOffset, inLength, out, outOffset);
}
}
@MethodSubstitution(isStatic = false, value = "implEncrypt")
static int implEncrypt(Object rcvr, byte[] in, int inOffset, int inLength, byte[] out, int outOffset) {
Object realReceiver = PiNode.piCastNonNull(rcvr, cipherBlockChainingClass);
Object embeddedCipher = RawLoadNode.load(realReceiver, embeddedCipherOffset, JavaKind.Object, LocationIdentity.any());
if (getAESCryptClass().isInstance(embeddedCipher)) {
Object aesCipher = getAESCryptClass().cast(embeddedCipher);
crypt(realReceiver, in, inOffset, inLength, out, outOffset, aesCipher, true, false);
return inLength;
} else {
return implEncrypt(realReceiver, in, inOffset, inLength, out, outOffset);
}
}
@MethodSubstitution(isStatic = false)
static int decrypt(Object rcvr, byte[] in, int inOffset, int inLength, byte[] out, int outOffset) {
Object realReceiver = PiNode.piCastNonNull(rcvr, cipherBlockChainingClass);
Object embeddedCipher = RawLoadNode.load(realReceiver, embeddedCipherOffset, JavaKind.Object, LocationIdentity.any());
if (in != out && getAESCryptClass().isInstance(embeddedCipher)) {
Object aesCipher = getAESCryptClass().cast(embeddedCipher);
crypt(realReceiver, in, inOffset, inLength, out, outOffset, aesCipher, false, false);
return inLength;
} else {
return decrypt(realReceiver, in, inOffset, inLength, out, outOffset);
}
}
@MethodSubstitution(isStatic = false)
static int implDecrypt(Object rcvr, byte[] in, int inOffset, int inLength, byte[] out, int outOffset) {
Object realReceiver = PiNode.piCastNonNull(rcvr, cipherBlockChainingClass);
Object embeddedCipher = RawLoadNode.load(realReceiver, embeddedCipherOffset, JavaKind.Object, LocationIdentity.any());
if (in != out && getAESCryptClass().isInstance(embeddedCipher)) {
Object aesCipher = getAESCryptClass().cast(embeddedCipher);
crypt(realReceiver, in, inOffset, inLength, out, outOffset, aesCipher, false, false);
return inLength;
} else {
return implDecrypt(realReceiver, in, inOffset, inLength, out, outOffset);
}
}
@MethodSubstitution(isStatic = false, value = "decrypt")
static int decryptWithOriginalKey(Object rcvr, byte[] in, int inOffset, int inLength, byte[] out, int outOffset) {
Object realReceiver = PiNode.piCastNonNull(rcvr, cipherBlockChainingClass);
Object embeddedCipher = RawLoadNode.load(realReceiver, embeddedCipherOffset, JavaKind.Object, LocationIdentity.any());
if (in != out && getAESCryptClass().isInstance(embeddedCipher)) {
Object aesCipher = getAESCryptClass().cast(embeddedCipher);
crypt(realReceiver, in, inOffset, inLength, out, outOffset, aesCipher, false, true);
return inLength;
} else {
return decryptWithOriginalKey(realReceiver, in, inOffset, inLength, out, outOffset);
}
}
@MethodSubstitution(isStatic = false, value = "implDecrypt")
static int implDecryptWithOriginalKey(Object rcvr, byte[] in, int inOffset, int inLength, byte[] out, int outOffset) {
Object realReceiver = PiNode.piCastNonNull(rcvr, cipherBlockChainingClass);
Object embeddedCipher = RawLoadNode.load(realReceiver, embeddedCipherOffset, JavaKind.Object, LocationIdentity.any());
if (in != out && getAESCryptClass().isInstance(embeddedCipher)) {
Object aesCipher = getAESCryptClass().cast(embeddedCipher);
crypt(realReceiver, in, inOffset, inLength, out, outOffset, aesCipher, false, true);
return inLength;
} else {
return implDecryptWithOriginalKey(realReceiver, in, inOffset, inLength, out, outOffset);
}
}
private static void crypt(Object rcvr, byte[] in, int inOffset, int inLength, byte[] out, int outOffset, Object embeddedCipher, boolean encrypt, boolean withOriginalKey) {
AESCryptSubstitutions.checkArgs(in, inOffset, out, outOffset);
Object realReceiver = PiNode.piCastNonNull(rcvr, cipherBlockChainingClass);
Object aesCipher = getAESCryptClass().cast(embeddedCipher);
Object kObject = RawLoadNode.load(aesCipher, AESCryptSubstitutions.kOffset, JavaKind.Object, LocationIdentity.any());
Object rObject = RawLoadNode.load(realReceiver, rOffset, JavaKind.Object, LocationIdentity.any());
Pointer kAddr = Word.objectToTrackedPointer(kObject).add(getArrayBaseOffset(INJECTED_METAACCESS, JavaKind.Int));
Pointer rAddr = Word.objectToTrackedPointer(rObject).add(getArrayBaseOffset(INJECTED_METAACCESS, JavaKind.Byte));
Word inAddr = WordFactory.unsigned(ComputeObjectAddressNode.get(in, getArrayBaseOffset(INJECTED_METAACCESS, JavaKind.Byte) + inOffset));
Word outAddr = WordFactory.unsigned(ComputeObjectAddressNode.get(out, getArrayBaseOffset(INJECTED_METAACCESS, JavaKind.Byte) + outOffset));
if (encrypt) {
encryptAESCryptStub(ENCRYPT, inAddr, outAddr, kAddr, rAddr, inLength);
} else {
if (withOriginalKey) {
Object lastKeyObject = RawLoadNode.load(aesCipher, AESCryptSubstitutions.lastKeyOffset, JavaKind.Object, LocationIdentity.any());
Pointer lastKeyAddr = Word.objectToTrackedPointer(lastKeyObject).add(getArrayBaseOffset(INJECTED_METAACCESS, JavaKind.Byte));
decryptAESCryptWithOriginalKeyStub(DECRYPT_WITH_ORIGINAL_KEY, inAddr, outAddr, kAddr, rAddr, inLength, lastKeyAddr);
} else {
decryptAESCryptStub(DECRYPT, inAddr, outAddr, kAddr, rAddr, inLength);
}
}
}
@NodeIntrinsic(ForeignCallNode.class)
public static native void encryptAESCryptStub(@ConstantNodeParameter ForeignCallDescriptor descriptor, Word in, Word out, Pointer key, Pointer r, int inLength);
@NodeIntrinsic(ForeignCallNode.class)
public static native void decryptAESCryptStub(@ConstantNodeParameter ForeignCallDescriptor descriptor, Word in, Word out, Pointer key, Pointer r, int inLength);
@NodeIntrinsic(ForeignCallNode.class)
public static native void decryptAESCryptWithOriginalKeyStub(@ConstantNodeParameter ForeignCallDescriptor descriptor, Word in, Word out, Pointer key, Pointer r, int inLength, Pointer originalKey);
}