210 lines
6.8 KiB
Dart
210 lines
6.8 KiB
Dart
///
|
||
/// Cipher Constants for Copious Cipher Chain
|
||
/// Integer constants for efficient cipher sequence storage and processing
|
||
///
|
||
|
||
class CipherConstants {
|
||
// Key Derivation Functions
|
||
static const int ARGON2ID = 1;
|
||
static const int PBKDF2 = 2;
|
||
static const int HKDF = 3;
|
||
static const int HCHACHA20 = 4;
|
||
|
||
// Symmetric Ciphers (AEAD)
|
||
static const int AES_GCM_128 = 10;
|
||
static const int AES_GCM_192 = 11;
|
||
static const int AES_GCM_256 = 12;
|
||
static const int CHACHA20_POLY1305 = 13;
|
||
static const int XCHACHA20_POLY1305 = 14;
|
||
|
||
// Symmetric Ciphers (Non-AEAD)
|
||
static const int AES_CBC_128 = 20;
|
||
static const int AES_CBC_192 = 21;
|
||
static const int AES_CBC_256 = 22;
|
||
static const int AES_CTR_128 = 23;
|
||
static const int AES_CTR_192 = 24;
|
||
static const int AES_CTR_256 = 25;
|
||
static const int CHACHA20 = 26;
|
||
static const int XCHACHA20 = 27;
|
||
|
||
// MAC Algorithms
|
||
static const int HMAC_SHA256 = 30;
|
||
static const int HMAC_SHA384 = 31;
|
||
static const int HMAC_SHA512 = 32;
|
||
static const int BLAKE2B = 33;
|
||
static const int BLAKE2S = 34;
|
||
static const int POLY1305 = 35;
|
||
|
||
// Hash Algorithms (for integrity verification)
|
||
static const int SHA256 = 40;
|
||
static const int SHA384 = 41;
|
||
static const int SHA512 = 42;
|
||
static const int BLAKE2B_HASH = 43;
|
||
static const int BLAKE2S_HASH = 44;
|
||
|
||
// Phase 1 Default Cipher Sequence (5 layers - Argon2id removed for proper reversibility)
|
||
static const List<int> PHASE1_SEQUENCE = [
|
||
AES_GCM_256, // Primary AEAD encryption
|
||
CHACHA20_POLY1305, // Stream cipher AEAD
|
||
XCHACHA20_POLY1305, // Extended nonce AEAD
|
||
HMAC_SHA512, // Additional authentication
|
||
BLAKE2B, // Final integrity check
|
||
];
|
||
|
||
// Complete sequence with key derivation (for future use)
|
||
static const List<int> PHASE1_COMPLETE_SEQUENCE = [
|
||
ARGON2ID, // Key strengthening (one-way - use for key derivation only)
|
||
AES_GCM_256, // Primary AEAD encryption
|
||
CHACHA20_POLY1305, // Stream cipher AEAD
|
||
XCHACHA20_POLY1305, // Extended nonce AEAD
|
||
HMAC_SHA512, // Additional authentication
|
||
BLAKE2B, // Final integrity check
|
||
];
|
||
|
||
// --- Basic / user-selectable cipher sequences (combo 5-9) ----------------
|
||
|
||
/// Single-layer AES-256-GCM (combo 5).
|
||
static const List<int> BASIC_AES_SEQUENCE = [AES_GCM_256];
|
||
|
||
/// Single-layer ChaCha20-Poly1305 (combo 6).
|
||
static const List<int> BASIC_CHACHA_SEQUENCE = [CHACHA20_POLY1305];
|
||
|
||
/// Single-layer XChaCha20-Poly1305 (combo 7).
|
||
static const List<int> BASIC_XCHACHA_SEQUENCE = [XCHACHA20_POLY1305];
|
||
|
||
/// Dual AEAD: AES-256-GCM + ChaCha20-Poly1305 (combo 8).
|
||
static const List<int> DUAL_AEAD_SEQUENCE = [AES_GCM_256, CHACHA20_POLY1305];
|
||
|
||
/// Triple AEAD: AES + ChaCha20 + XChaCha20 (combo 9).
|
||
static const List<int> TRIPLE_AEAD_SEQUENCE = [AES_GCM_256, CHACHA20_POLY1305, XCHACHA20_POLY1305];
|
||
|
||
// Default cipher parameters
|
||
static const Map<String, dynamic> DEFAULT_CIPHER_PARAMS = {
|
||
// Argon2id parameters
|
||
'argon2_memory': 64 * 1024, // 64 MB
|
||
'argon2_parallelism': 4, // 4 CPU cores
|
||
'argon2_iterations': 3, // 3 iterations
|
||
'argon2_hash_length': 32, // 256-bit output
|
||
|
||
// AES parameters
|
||
'aes_key_size': 256, // 256-bit keys
|
||
'aes_nonce_size': 12, // 96-bit nonces for GCM
|
||
|
||
// ChaCha parameters
|
||
'chacha_nonce_size': 12, // 96-bit nonces
|
||
'xchacha_nonce_size': 24, // 192-bit nonces
|
||
|
||
// HMAC parameters
|
||
'hmac_key_size': 64, // 512-bit keys
|
||
|
||
// BLAKE2B parameters
|
||
'blake2b_hash_size': 64, // 512-bit hashes
|
||
};
|
||
|
||
// Cipher name mapping for debugging
|
||
static const Map<int, String> CIPHER_NAMES = {
|
||
// Key Derivation
|
||
ARGON2ID: 'Argon2id',
|
||
PBKDF2: 'PBKDF2',
|
||
HKDF: 'HKDF',
|
||
HCHACHA20: 'HChaCha20',
|
||
|
||
// AEAD Ciphers
|
||
AES_GCM_128: 'AES-128-GCM',
|
||
AES_GCM_192: 'AES-192-GCM',
|
||
AES_GCM_256: 'AES-256-GCM',
|
||
CHACHA20_POLY1305: 'ChaCha20-Poly1305',
|
||
XCHACHA20_POLY1305: 'XChaCha20-Poly1305',
|
||
|
||
// Non-AEAD Ciphers
|
||
AES_CBC_128: 'AES-128-CBC',
|
||
AES_CBC_192: 'AES-192-CBC',
|
||
AES_CBC_256: 'AES-256-CBC',
|
||
AES_CTR_128: 'AES-128-CTR',
|
||
AES_CTR_192: 'AES-192-CTR',
|
||
AES_CTR_256: 'AES-256-CTR',
|
||
CHACHA20: 'ChaCha20',
|
||
XCHACHA20: 'XChaCha20',
|
||
|
||
// MAC Algorithms
|
||
HMAC_SHA256: 'HMAC-SHA256',
|
||
HMAC_SHA384: 'HMAC-SHA384',
|
||
HMAC_SHA512: 'HMAC-SHA512',
|
||
BLAKE2B: 'BLAKE2b',
|
||
BLAKE2S: 'BLAKE2s',
|
||
POLY1305: 'Poly1305',
|
||
|
||
// Hash Algorithms
|
||
SHA256: 'SHA256',
|
||
SHA384: 'SHA384',
|
||
SHA512: 'SHA512',
|
||
BLAKE2B_HASH: 'BLAKE2b-Hash',
|
||
BLAKE2S_HASH: 'BLAKE2s-Hash',
|
||
};
|
||
|
||
/// Get human-readable name for cipher constant
|
||
static String getCipherName(int cipherConstant) {
|
||
return CIPHER_NAMES[cipherConstant] ?? 'Unknown Cipher ($cipherConstant)';
|
||
}
|
||
|
||
/// Get human-readable sequence description
|
||
static String getSequenceDescription(List<int> sequence) {
|
||
return sequence.map((cipher) => getCipherName(cipher)).join(' -> ');
|
||
}
|
||
|
||
/// Validate cipher sequence
|
||
static bool isValidSequence(List<int> sequence) {
|
||
// Empty sequence is valid – it represents the plaintext/legacy combo 0.
|
||
if (sequence.isEmpty) return true;
|
||
|
||
// Check all ciphers are known
|
||
for (final cipher in sequence) {
|
||
if (!CIPHER_NAMES.containsKey(cipher)) {
|
||
return false;
|
||
}
|
||
}
|
||
|
||
return true;
|
||
}
|
||
|
||
// --- Combo metadata -------------------------------------------------------
|
||
|
||
/// Human-readable names for each combo value.
|
||
///
|
||
/// Combos 0-4 are multi-layer / multi-provider configurations.
|
||
/// Combos 5-9 are user-selectable "basic" through "triple AEAD" options.
|
||
static const Map<int, String> COMBO_NAMES = {
|
||
0: 'Plaintext (legacy / unencrypted)',
|
||
1: 'Multi-Provider: wolfSSL + CCC',
|
||
2: 'Multi-Provider: BoringSSL + CCC',
|
||
3: 'Multi-Provider: OpenSSL + wolfSSL + CCC',
|
||
4: 'Multi-Provider: wolfSSL + OpenSSL + CCC',
|
||
5: 'Basic: AES-256-GCM',
|
||
6: 'Basic: ChaCha20-Poly1305',
|
||
7: 'Basic: XChaCha20-Poly1305',
|
||
8: 'Dual AEAD: AES + ChaCha20',
|
||
9: 'Triple AEAD: AES + ChaCha20 + XChaCha20',
|
||
};
|
||
|
||
/// Cipher sequence for each combo value.
|
||
static const Map<int, List<int>> COMBO_SEQUENCES = {
|
||
0: [], // plaintext / legacy – empty sequence = no cipher layers
|
||
5: BASIC_AES_SEQUENCE,
|
||
6: BASIC_CHACHA_SEQUENCE,
|
||
7: BASIC_XCHACHA_SEQUENCE,
|
||
8: DUAL_AEAD_SEQUENCE,
|
||
9: TRIPLE_AEAD_SEQUENCE,
|
||
};
|
||
|
||
/// Maximum supported combo value.
|
||
static const int MAX_COMBO = 9;
|
||
|
||
/// Whether [combo] is a valid, known combo value.
|
||
static bool isValidCombo(int combo) => COMBO_NAMES.containsKey(combo);
|
||
|
||
/// Get the human-readable name for a combo, or a fallback string.
|
||
static String getComboName(int combo) {
|
||
return COMBO_NAMES[combo] ?? 'Unknown Combo ($combo)';
|
||
}
|
||
}
|