kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Merge pull request #400 from Logan007/revCc20 

reworked cc20
pull/407/head
Luca Deri 4 years ago
committed by GitHub
parent
b73b0c86ea 885877cda3
commit
43090bdcb4
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 560 additions and 161 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      CMakeLists.txt
  2. 71
      include/cc20.h
  3. 3
      include/n2n.h
  4. 442
      src/cc20.c
  5. 4
      src/edge.c
  6. 2
      src/edge_utils.c
  7. 190
      src/transform_cc20.c
  8. 8
      tools/benchmark.c

1
CMakeLists.txt
View File

@ -97,6 +97,7 @@ add_library(n2n STATIC
src/wire.c
src/minilzo.c
src/tf.c
src/cc20.c
src/transform_null.c
src/transform_tf.c
src/transform_aes.c

71
include/cc20.h
View File

@ -0,0 +1,71 @@
/**
* (C) 2007-20 - ntop.org and contributors
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not see see <http://www.gnu.org/licenses/>
*
*/
#ifndef CC20_H
#define CC20_H
#include <stdint.h>
#include "n2n.h" // HAVE_OPENSSL_1_1, traceEvent ...
#define CC20_IV_SIZE 16
#define CC20_KEY_BYTES (256/8)
#ifdef HAVE_OPENSSL_1_1 // openSSL 1.1 ----------------------------------------------------
#include <openssl/evp.h>
#include <openssl/err.h>
typedef struct cc20_context_t {
EVP_CIPHER_CTX *ctx; /* openssl's reusable evp_* en/de-cryption context */
const EVP_CIPHER *cipher; /* cipher to use: e.g. EVP_chacha20() */
uint8_t key[CC20_KEY_BYTES]; /* the pure key data for payload encryption & decryption */
} cc20_context_t;
#elif defined (__SSE2__) // SSE ----------------------------------------------------------
#include <immintrin.h>
typedef struct cc20_context {
uint32_t keystream32[16];
uint32_t state[16];
uint8_t key[CC20_KEY_BYTES];
} cc20_context_t;
#else // plain C --------------------------------------------------------------------------
typedef struct cc20_context {
uint32_t keystream32[16];
uint32_t state[16];
uint8_t key[CC20_KEY_BYTES];
} cc20_context_t;
#endif // openSSL 1.1, plain C ------------------------------------------------------------
int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, cc20_context_t *ctx);
int cc20_init (const unsigned char *key, cc20_context_t **ctx);
int cc20_deinit (cc20_context_t *ctx);
#endif // CC20_H

3
include/n2n.h
View File

@ -153,6 +153,7 @@ typedef struct ether_hdr ether_hdr_t;
#include "pearson.h"
#include "portable_endian.h"
#include "aes.h"
#include "cc20.h"
#include "speck.h"
#include "n2n_regex.h"
@ -415,9 +416,7 @@ typedef struct n2n_sn
int n2n_transop_null_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
int n2n_transop_tf_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
int n2n_transop_aes_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
#ifdef HAVE_OPENSSL_1_1
int n2n_transop_cc20_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
#endif
int n2n_transop_speck_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
/* Log */

442
src/cc20.c
View File

@ -0,0 +1,442 @@
/**
* (C) 2007-20 - ntop.org and contributors
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not see see <http://www.gnu.org/licenses/>
*
*/
#include "cc20.h"
#if defined (HAVE_OPENSSL_1_1) // openSSL 1.1 ---------------------------------------------
/* get any erorr message out of openssl
taken from https://en.wikibooks.org/wiki/OpenSSL/Error_handling */
static char *openssl_err_as_string (void) {
BIO *bio = BIO_new (BIO_s_mem ());
ERR_print_errors (bio);
char *buf = NULL;
size_t len = BIO_get_mem_data (bio, &buf);
char *ret = (char *) calloc (1, 1 + len);
if(ret)
memcpy (ret, buf, len);
BIO_free (bio);
return ret;
}
// encryption == decryption
int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, cc20_context_t *ctx) {
int evp_len;
int evp_ciphertext_len;
if(1 == EVP_EncryptInit_ex(ctx->ctx, ctx->cipher, NULL, ctx->key, iv)) {
if(1 == EVP_CIPHER_CTX_set_padding(ctx->ctx, 0)) {
if(1 == EVP_EncryptUpdate(ctx->ctx, out, &evp_len, in, in_len)) {
evp_ciphertext_len = evp_len;
if(1 == EVP_EncryptFinal_ex(ctx->ctx, out + evp_len, &evp_len)) {
evp_ciphertext_len += evp_len;
if(evp_ciphertext_len != in_len)
traceEvent(TRACE_ERROR, "cc20_crypt openssl encryption: encrypted %u bytes where %u were expected",
evp_ciphertext_len, in_len);
} else
traceEvent(TRACE_ERROR, "cc20_crypt openssl final encryption: %s",
openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "cc20_encrypt openssl encrpytion: %s",
openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "cc20_encrypt openssl padding setup: %s",
openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "cc20_encrypt openssl init: %s",
openssl_err_as_string());
EVP_CIPHER_CTX_reset(ctx->ctx);
return 0;
}
#elif defined (__SSE2__) // SSE ----------------------------------------------------------
// taken (and modified and enhanced) from
// https://github.com/Ginurx/chacha20-c (public domain)
static void cc20_init_block(cc20_context_t *ctx, const uint8_t nonce[]) {
const uint8_t *magic_constant = (uint8_t*)"expand 32-byte k";
memcpy(&(ctx->state[ 0]), magic_constant, 16);
memcpy(&(ctx->state[ 4]), ctx->key, CC20_KEY_BYTES);
memcpy(&(ctx->state[12]), nonce, CC20_IV_SIZE);
}
#define SL _mm_slli_epi32
#define SR _mm_srli_epi32
#define XOR _mm_xor_si128
#define AND _mm_and_si128
#define ADD _mm_add_epi32
#define ROL(X,r) (XOR(SL(X,r),SR(X,(32-r))))
#if defined (__SSE3__) // --- SSE3
#define L8 _mm_set_epi32(0x0e0d0c0fL, 0x0a09080bL, 0x06050407L, 0x02010003L)
#define L16 _mm_set_epi32(0x0d0c0f0eL, 0x09080b0aL, 0x05040706L, 0x01000302L)
#define ROL8(X) ( _mm_shuffle_epi8(X, L8)) /* SSE 3 */
#define ROL16(X) ( _mm_shuffle_epi8(X, L16)) /* SSE 3 */
#else // --- regular SSE2 --------
#define ROL8(X) ROL(X,8)
#define ROL16(X) ROL(X,16)
#endif // ------------------------
#define CC20_PERMUTE_ROWS(A,B,C,D) \
B = _mm_shuffle_epi32(B, _MM_SHUFFLE(0, 3, 2, 1)); \
C = _mm_shuffle_epi32(C, _MM_SHUFFLE(1, 0, 3, 2)); \
D = _mm_shuffle_epi32(D, _MM_SHUFFLE(2, 1, 0, 3))
#define CC20_PERMUTE_ROWS_INV(A,B,C,D) \
B = _mm_shuffle_epi32(B, _MM_SHUFFLE(2, 1, 0, 3)); \
C = _mm_shuffle_epi32(C, _MM_SHUFFLE(1, 0, 3, 2)); \
D = _mm_shuffle_epi32(D, _MM_SHUFFLE(0, 3, 2, 1))
#define CC20_ODD_ROUND(A,B,C,D) \
/* odd round */ \
A = ADD(A, B); D = ROL16(XOR(D, A)); \
C = ADD(C, D); B = ROL(XOR(B, C), 12); \
A = ADD(A, B); D = ROL8(XOR(D, A)); \
C = ADD(C, D); B = ROL(XOR(B, C), 7)
#define CC20_EVEN_ROUND(A,B,C,D) \
CC20_PERMUTE_ROWS (A, B, C, D); \
CC20_ODD_ROUND (A, B, C, D); \
CC20_PERMUTE_ROWS_INV(A, B, C, D)
#define CC20_DOUBLE_ROUND(A,B,C,D) \
CC20_ODD_ROUND (A, B, C, D); \
CC20_EVEN_ROUND(A, B, C, D)
static void cc20_block_next(cc20_context_t *ctx) {
uint32_t *counter = ctx->state + 12;
uint32_t cnt;
__m128i a, b, c, d, k0, k1, k2, k3;
a = _mm_loadu_si128 ((__m128i*)&(ctx->state[ 0]));
b = _mm_loadu_si128 ((__m128i*)&(ctx->state[ 4]));
c = _mm_loadu_si128 ((__m128i*)&(ctx->state[ 8]));
d = _mm_loadu_si128 ((__m128i*)&(ctx->state[12]));
k0 = a;
k1 = b;
k2 = c;
k3 = d;
// 10 double rounds
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
CC20_DOUBLE_ROUND(k0, k1, k2, k3);
k0 = ADD(k0, a);
k1 = ADD(k1, b);
k2 = ADD(k2, c);
k3 = ADD(k3, d);
_mm_storeu_si128 ((__m128i*)&(ctx->keystream32[ 0]), k0);
_mm_storeu_si128 ((__m128i*)&(ctx->keystream32[ 4]), k1);
_mm_storeu_si128 ((__m128i*)&(ctx->keystream32[ 8]), k2);
_mm_storeu_si128 ((__m128i*)&(ctx->keystream32[12]), k3);
// increment counter, make sure it is and stays little endian in memory
cnt = le32toh(counter[0]);
counter[0] = htole32(++cnt);
if(0 == counter[0]) {
// wrap around occured, increment higher 32 bits of counter
// unlikely with 1,500 byte sized packets
cnt = le32toh(counter[1]);
counter[1] = htole32(++cnt);
if(0 == counter[1]) {
// very unlikely
cnt = le32toh(counter[2]);
counter[2] = htole32(++cnt);
if(0 == counter[2]) {
// extremely unlikely
cnt = le32toh(counter[3]);
counter[3] = htole32(++cnt);
}
}
}
}
static void cc20_init_context(cc20_context_t *ctx, const uint8_t *nonce) {
cc20_init_block(ctx, nonce);
}
int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, cc20_context_t *ctx) {
uint8_t *keystream8 = (uint8_t*)ctx->keystream32;
uint32_t * in_p = (uint32_t*)in;
uint32_t * out_p = (uint32_t*)out;
size_t tmp_len = in_len;
cc20_init_context(ctx, iv);
while(in_len >= 64) {
cc20_block_next(ctx);
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 0]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 1]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 2]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 3]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 4]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 5]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 6]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 7]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 8]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 9]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[10]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[11]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[12]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[13]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[14]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[15]; in_p++; out_p++;
in_len -= 64;
}
if(in_len > 0) {
cc20_block_next(ctx);
tmp_len -= in_len;
while(in_len > 0) {
out[tmp_len] = in[tmp_len] ^ keystream8[tmp_len%64];
tmp_len++;
in_len--;
}
}
}
#else // plain C --------------------------------------------------------------------------
// taken (and modified) from https://github.com/Ginurx/chacha20-c (public domain)
static void cc20_init_block(cc20_context_t *ctx, const uint8_t nonce[]) {
const uint8_t *magic_constant = (uint8_t*)"expand 32-byte k";
memcpy(&(ctx->state[ 0]), magic_constant, 16);
memcpy(&(ctx->state[ 4]), ctx->key, CC20_KEY_BYTES);
memcpy(&(ctx->state[12]), nonce, CC20_IV_SIZE);
}
#define ROL32(x,r) (((x)<<(r))|((x)>>(32-(r))))
#define CC20_QUARTERROUND(x, a, b, c, d) \
x[a] += x[b]; x[d] = ROL32(x[d] ^ x[a], 16); \
x[c] += x[d]; x[b] = ROL32(x[b] ^ x[c], 12); \
x[a] += x[b]; x[d] = ROL32(x[d] ^ x[a], 8); \
x[c] += x[d]; x[b] = ROL32(x[b] ^ x[c], 7)
#define CC20_DOUBLE_ROUND(s) \
/* odd round */ \
CC20_QUARTERROUND(s, 0, 4, 8, 12); \
CC20_QUARTERROUND(s, 1, 5, 9, 13); \
CC20_QUARTERROUND(s, 2, 6, 10, 14); \
CC20_QUARTERROUND(s, 3, 7, 11, 15); \
/* even round */ \
CC20_QUARTERROUND(s, 0, 5, 10, 15); \
CC20_QUARTERROUND(s, 1, 6, 11, 12); \
CC20_QUARTERROUND(s, 2, 7, 8, 13); \
CC20_QUARTERROUND(s, 3, 4, 9, 14)
static void cc20_block_next(cc20_context_t *ctx) {
uint32_t *counter = ctx->state + 12;
uint32_t c;
ctx->keystream32[ 0] = ctx->state[ 0];
ctx->keystream32[ 1] = ctx->state[ 1];
ctx->keystream32[ 2] = ctx->state[ 2];
ctx->keystream32[ 3] = ctx->state[ 3];
ctx->keystream32[ 4] = ctx->state[ 4];
ctx->keystream32[ 5] = ctx->state[ 5];
ctx->keystream32[ 6] = ctx->state[ 6];
ctx->keystream32[ 7] = ctx->state[ 7];
ctx->keystream32[ 8] = ctx->state[ 8];
ctx->keystream32[ 9] = ctx->state[ 9];
ctx->keystream32[10] = ctx->state[10];
ctx->keystream32[11] = ctx->state[11];
ctx->keystream32[12] = ctx->state[12];
ctx->keystream32[13] = ctx->state[13];
ctx->keystream32[14] = ctx->state[14];
ctx->keystream32[15] = ctx->state[15];
// 10 double rounds
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
CC20_DOUBLE_ROUND(ctx->keystream32);
ctx->keystream32[ 0] += ctx->state[ 0];
ctx->keystream32[ 1] += ctx->state[ 1];
ctx->keystream32[ 2] += ctx->state[ 2];
ctx->keystream32[ 3] += ctx->state[ 3];
ctx->keystream32[ 4] += ctx->state[ 4];
ctx->keystream32[ 5] += ctx->state[ 5];
ctx->keystream32[ 6] += ctx->state[ 6];
ctx->keystream32[ 7] += ctx->state[ 7];
ctx->keystream32[ 8] += ctx->state[ 8];
ctx->keystream32[ 9] += ctx->state[ 9];
ctx->keystream32[10] += ctx->state[10];
ctx->keystream32[11] += ctx->state[11];
ctx->keystream32[12] += ctx->state[12];
ctx->keystream32[13] += ctx->state[13];
ctx->keystream32[14] += ctx->state[14];
ctx->keystream32[15] += ctx->state[15];
// increment counter, make sure it is and stays little endian in memory
c = le32toh(counter[0]);
counter[0] = htole32(++c);
if(0 == counter[0]) {
// wrap around occured, increment higher 32 bits of counter
// unlikely with 1,500 byte sized packets
c = le32toh(counter[1]);
counter[1] = htole32(++c);
if(0 == counter[1]) {
// very unlikely
c = le32toh(counter[2]);
counter[2] = htole32(++c);
if(0 == counter[2]) {
// extremely unlikely
c = le32toh(counter[3]);
counter[3] = htole32(++c);
}
}
}
}
static void cc20_init_context(cc20_context_t *ctx, const uint8_t *nonce) {
cc20_init_block(ctx, nonce);
}
int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, cc20_context_t *ctx) {
uint8_t *keystream8 = (uint8_t*)ctx->keystream32;
uint32_t * in_p = (uint32_t*)in;
uint32_t * out_p = (uint32_t*)out;
size_t tmp_len = in_len;
cc20_init_context(ctx, iv);
while(in_len >= 64) {
cc20_block_next(ctx);
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 0]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 1]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 2]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 3]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 4]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 5]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 6]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 7]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 8]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[ 9]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[10]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[11]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[12]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[13]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[14]; in_p++; out_p++;
*(uint32_t*)out_p = *(uint32_t*)in_p ^ ctx->keystream32[15]; in_p++; out_p++;
in_len -= 64;
}
if(in_len > 0) {
cc20_block_next(ctx);
tmp_len -= in_len;
while(in_len > 0) {
out[tmp_len] = in[tmp_len] ^ keystream8[tmp_len%64];
tmp_len++;
in_len--;
}
}
}
#endif // openSSL 1.1, plain C ------------------------------------------------------------
int cc20_init (const unsigned char *key, cc20_context_t **ctx) {
// allocate context...
*ctx = (cc20_context_t*) calloc(1, sizeof(cc20_context_t));
if (!(*ctx))
return -1;
#if defined (HAVE_OPENSSL_1_1)
if(!((*ctx)->ctx = EVP_CIPHER_CTX_new())) {
traceEvent(TRACE_ERROR, "cc20_init openssl's evp_* encryption context creation failed: %s",
openssl_err_as_string());
return -1;
}
(*ctx)->cipher = EVP_chacha20();
#endif
memcpy((*ctx)->key, key, CC20_KEY_BYTES);
return 0;
}
int cc20_deinit (cc20_context_t *ctx) {
#if defined (HAVE_OPENSSL_1_1)
if (ctx->ctx) EVP_CIPHER_CTX_free(ctx->ctx);
#endif
return 0;
}

4
src/edge.c
View File

@ -165,9 +165,7 @@ static void help() {
printf("-A1 | Disable payload encryption. Do not use with key (defaulting to Twofish then).\n");
printf("-A2 ... -A5 or -A | Choose a cipher for payload encryption, requires a key: -A2 = Twofish (default),\n");
printf(" | -A3 or -A (deprecated) = AES, "
#ifdef HAVE_OPENSSL_1_1
"-A4 = ChaCha20, "
#endif
"-A5 = Speck-CTR.\n");
printf("-H | Enable full header encryption. Requires supernode with fixed community.\n");
printf("-z1 ... -z2 or -z | Enable compression for outgoing data packets: -z1 or -z = lzo1x"
@ -245,13 +243,11 @@ static void setPayloadEncryption( n2n_edge_conf_t *conf, int cipher) {
conf->transop_id = N2N_TRANSFORM_ID_AES;
break;
}
#ifdef HAVE_OPENSSL_1_1
case 4:
{
conf->transop_id = N2N_TRANSFORM_ID_CHACHA20;
break;
}
#endif
case 5:
{
conf->transop_id = N2N_TRANSFORM_ID_SPECK;

2
src/edge_utils.c
View File

@ -224,11 +224,9 @@ n2n_edge_t* edge_init(const n2n_edge_conf_t *conf, int *rv) {
case N2N_TRANSFORM_ID_AES:
rc = n2n_transop_aes_init(&eee->conf, &eee->transop);
break;
#ifdef HAVE_OPENSSL_1_1
case N2N_TRANSFORM_ID_CHACHA20:
rc = n2n_transop_cc20_init(&eee->conf, &eee->transop);
break;
#endif
case N2N_TRANSFORM_ID_SPECK:
rc = n2n_transop_speck_init(&eee->conf, &eee->transop);
break;

190
src/transform_cc20.c
View File

@ -16,37 +16,25 @@
*
*/
#include "n2n.h"
#ifdef HAVE_OPENSSL_1_1
#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#define N2N_CC20_IVEC_SIZE 16
#include "n2n.h"
#define CC20_KEY_BYTES (256/8)
/* ChaCha20 plaintext preamble */
#define TRANSOP_CC20_PREAMBLE_SIZE (N2N_CC20_IVEC_SIZE)
typedef unsigned char n2n_cc20_ivec_t[N2N_CC20_IVEC_SIZE];
#define CC20_PREAMBLE_SIZE (CC20_IV_SIZE)
typedef struct transop_cc20 {
EVP_CIPHER_CTX *enc_ctx; /* openssl's reusable evp_* encryption context */
EVP_CIPHER_CTX *dec_ctx; /* openssl's reusable evp_* decryption context */
const EVP_CIPHER *cipher; /* cipher to use: EVP_chacha20() */
uint8_t key[32]; /* the pure key data for payload encryption & decryption */
cc20_context_t *ctx;
} transop_cc20_t;
/* ****************************************************** */
static int transop_deinit_cc20(n2n_trans_op_t *arg) {
transop_cc20_t *priv = (transop_cc20_t *)arg->priv;
EVP_CIPHER_CTX_free(priv->enc_ctx);
EVP_CIPHER_CTX_free(priv->dec_ctx);
if(priv->ctx)
cc20_deinit(priv->ctx);
if(priv)
free(priv);
@ -56,35 +44,6 @@ static int transop_deinit_cc20(n2n_trans_op_t *arg) {
/* ****************************************************** */
/* get any erorr message out of openssl
taken from https://en.wikibooks.org/wiki/OpenSSL/Error_handling */
static char *openssl_err_as_string (void) {
BIO *bio = BIO_new (BIO_s_mem ());
ERR_print_errors (bio);
char *buf = NULL;
size_t len = BIO_get_mem_data (bio, &buf);
char *ret = (char *) calloc (1, 1 + len);
if(ret)
memcpy (ret, buf, len);
BIO_free (bio);
return ret;
}
/* ****************************************************** */
static void set_cc20_iv(transop_cc20_t *priv, n2n_cc20_ivec_t ivec) {
// keep in mind the following condition: N2N_CC20_IVEC_SIZE % sizeof(rand_value) == 0 !
uint64_t rand_value;
for (uint8_t i = 0; i < N2N_CC20_IVEC_SIZE; i += sizeof(rand_value)) {
rand_value = n2n_rand();
memcpy(ivec + i, &rand_value, sizeof(rand_value));
}
}
/* ****************************************************** */
/** The ChaCha20 packet format consists of:
*
* - a 128-bit random IV
@ -99,56 +58,30 @@ static int transop_encode_cc20(n2n_trans_op_t * arg,
const uint8_t * inbuf,
size_t in_len,
const uint8_t * peer_mac) {
int len=-1;
transop_cc20_t * priv = (transop_cc20_t *)arg->priv;
uint8_t assembly[N2N_PKT_BUF_SIZE] = {0};
if(in_len <= N2N_PKT_BUF_SIZE) {
if((in_len + TRANSOP_CC20_PREAMBLE_SIZE) <= out_len) {
if((in_len + CC20_PREAMBLE_SIZE) <= out_len) {
size_t idx=0;
n2n_cc20_ivec_t enc_ivec = {0};
traceEvent(TRACE_DEBUG, "encode_cc20 %lu bytes", in_len);
/* Generate and encode the IV. */
set_cc20_iv(priv, enc_ivec);
encode_buf(outbuf, &idx, &enc_ivec, N2N_CC20_IVEC_SIZE);
// full IV sized random value (128 bit)
encode_uint64(outbuf, &idx, n2n_rand());
encode_uint64(outbuf, &idx, n2n_rand());
/* Encrypt the assembly contents and write the ciphertext after the iv. */
/* len is set to the length of the cipher plain text to be encrpyted
which is (in this case) identical to original packet lentgh */
len = in_len;
cc20_crypt(outbuf + CC20_PREAMBLE_SIZE,
inbuf,
in_len,
outbuf, // IV
priv->ctx);
/* The assembly buffer is a source for encrypting data.
* The whole contents of assembly are encrypted. */
memcpy(assembly, inbuf, in_len);
EVP_CIPHER_CTX *ctx = priv->enc_ctx;
int evp_len;
int evp_ciphertext_len;
if(1 == EVP_EncryptInit_ex(ctx, priv->cipher, NULL, priv->key, enc_ivec)) {
if(1 == EVP_CIPHER_CTX_set_padding(ctx, 0)) {
if(1 == EVP_EncryptUpdate(ctx, outbuf + TRANSOP_CC20_PREAMBLE_SIZE, &evp_len, assembly, len)) {
evp_ciphertext_len = evp_len;
if(1 == EVP_EncryptFinal_ex(ctx, outbuf + TRANSOP_CC20_PREAMBLE_SIZE + evp_len, &evp_len)) {
evp_ciphertext_len += evp_len;
if(evp_ciphertext_len != len)
traceEvent(TRACE_ERROR, "encode_cc20 openssl encryption: encrypted %u bytes where %u were expected.\n",
evp_ciphertext_len, len);
} else
traceEvent(TRACE_ERROR, "encode_cc20 openssl final encryption: %s\n", openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "encode_cc20 openssl encrpytion: %s\n", openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "encode_cc20 openssl padding setup: %s\n", openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "encode_cc20 openssl init: %s\n", openssl_err_as_string());
EVP_CIPHER_CTX_reset(ctx);
len += TRANSOP_CC20_PREAMBLE_SIZE; /* size of data carried in UDP. */
len += CC20_PREAMBLE_SIZE; /* size of data carried in UDP. */
} else
traceEvent(TRACE_ERROR, "encode_cc20 outbuf too small.");
} else
@ -166,72 +99,51 @@ static int transop_decode_cc20(n2n_trans_op_t * arg,
const uint8_t * inbuf,
size_t in_len,
const uint8_t * peer_mac) {
int len=0;
transop_cc20_t * priv = (transop_cc20_t *)arg->priv;
uint8_t assembly[N2N_PKT_BUF_SIZE];
if(((in_len - TRANSOP_CC20_PREAMBLE_SIZE) <= N2N_PKT_BUF_SIZE) /* Cipher text fits in assembly */
&& (in_len >= TRANSOP_CC20_PREAMBLE_SIZE) /* Has at least iv */
if(((in_len - CC20_PREAMBLE_SIZE) <= N2N_PKT_BUF_SIZE) /* Cipher text fits in assembly */
&& (in_len >= CC20_PREAMBLE_SIZE) /* Has at least iv */
)
{
size_t rem=in_len;
size_t idx=0;
n2n_cc20_ivec_t dec_ivec = {0};
traceEvent(TRACE_DEBUG, "decode_cc20 %lu bytes", in_len);
len = (in_len - TRANSOP_CC20_PREAMBLE_SIZE);
/* Get the IV */
decode_buf((uint8_t *)&dec_ivec, N2N_CC20_IVEC_SIZE, inbuf, &rem, &idx);
EVP_CIPHER_CTX *ctx = priv->dec_ctx;
int evp_len;
int evp_plaintext_len;
if(1 == EVP_DecryptInit_ex(ctx, priv->cipher, NULL, priv->key, dec_ivec)) {
if(1 == EVP_CIPHER_CTX_set_padding(ctx, 0)) {
if(1 == EVP_DecryptUpdate(ctx, assembly, &evp_len, inbuf + TRANSOP_CC20_PREAMBLE_SIZE, len)) {
evp_plaintext_len = evp_len;
if(1 == EVP_DecryptFinal_ex(ctx, assembly + evp_len, &evp_len)) {
evp_plaintext_len += evp_len;
if(evp_plaintext_len != len)
traceEvent(TRACE_ERROR, "decode_cc20 openssl decryption: decrypted %u bytes where %u were expected.\n",
evp_plaintext_len, len);
} else
traceEvent(TRACE_ERROR, "decode_cc20 openssl final decryption: %s\n", openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "decode_cc20 openssl decrpytion: %s\n", openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "decode_cc20 openssl padding setup: %s\n", openssl_err_as_string());
} else
traceEvent(TRACE_ERROR, "decode_cc20 openssl init: %s\n", openssl_err_as_string());
EVP_CIPHER_CTX_reset(ctx);
memcpy(outbuf, assembly, len);
traceEvent(TRACE_DEBUG, "decode_cc20 %lu bytes", in_len);
len = (in_len - CC20_PREAMBLE_SIZE);
cc20_crypt(outbuf,
inbuf + CC20_PREAMBLE_SIZE,
in_len,
inbuf, // IV
priv->ctx);
} else
traceEvent(TRACE_ERROR, "decode_cc20 inbuf wrong size (%ul) to decrypt.", in_len);
traceEvent(TRACE_ERROR, "decode_cc20 inbuf wrong size (%ul) to decrypt.", in_len);
return len;
}
/* ****************************************************** */
static int setup_cc20_key(transop_cc20_t *priv, const uint8_t *key, ssize_t key_size) {
uint8_t key_mat_buf[SHA256_DIGEST_LENGTH];
static int setup_cc20_key(transop_cc20_t *priv, const uint8_t *password, ssize_t password_len) {
priv->cipher = EVP_chacha20();
uint8_t key_mat[CC20_KEY_BYTES];
/* Clear out any old possibly longer key matter. */
memset(&(priv->key), 0, sizeof(priv->key) );
/* The input key always gets hashed to make a more unpredictable and more complete use of the key space */
SHA256(key, key_size, key_mat_buf);
memcpy (priv->key, key_mat_buf, SHA256_DIGEST_LENGTH);
pearson_hash_256(key_mat, password, password_len);
if(cc20_init(key_mat, &(priv->ctx))) {
traceEvent(TRACE_ERROR, "setup_cc20_key setup unsuccessful");
return -1;
}
traceEvent(TRACE_DEBUG, "ChaCha20 key setup completed\n");
traceEvent(TRACE_DEBUG, "setup_cc20_key completed");
return(0);
return 0;
}
/* ****************************************************** */
@ -242,6 +154,7 @@ static void transop_tick_cc20(n2n_trans_op_t * arg, time_t now) { ; }
/* ChaCha20 initialization function */
int n2n_transop_cc20_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
transop_cc20_t *priv;
const u_char *encrypt_key = (const u_char *)conf->encrypt_key;
size_t encrypt_key_len = strlen(conf->encrypt_key);
@ -261,19 +174,6 @@ int n2n_transop_cc20_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
}
ttt->priv = priv;
/* Setup openssl's reusable evp_* contexts for encryption and decryption*/
if(!(priv->enc_ctx = EVP_CIPHER_CTX_new())) {
traceEvent(TRACE_ERROR, "openssl's evp_* encryption context creation: %s\n", openssl_err_as_string());
return(-1);
}
if(!(priv->dec_ctx = EVP_CIPHER_CTX_new())) {
traceEvent(TRACE_ERROR, "openssl's evp_* decryption context creation: %s\n", openssl_err_as_string());
return(-1);
}
/* Setup the cipher and key */
return(setup_cc20_key(priv, encrypt_key, encrypt_key_len));
return setup_cc20_key(priv, encrypt_key, encrypt_key_len);
}
#endif /* HAVE_OPENSSL_1_1 */

8
tools/benchmark.c
View File

@ -64,9 +64,7 @@ int main(int argc, char * argv[]) {
uint8_t pktbuf[N2N_PKT_BUF_SIZE];
n2n_trans_op_t transop_null, transop_tf;
n2n_trans_op_t transop_aes;
#ifdef HAVE_OPENSSL_1_1
n2n_trans_op_t transop_cc20;
#endif
n2n_trans_op_t transop_speck;
n2n_edge_conf_t conf;
@ -82,27 +80,21 @@ int main(int argc, char * argv[]) {
n2n_transop_null_init(&conf, &transop_null);
n2n_transop_tf_init(&conf, &transop_tf);
n2n_transop_aes_init(&conf, &transop_aes);
#ifdef HAVE_OPENSSL_1_1
n2n_transop_cc20_init(&conf, &transop_cc20);
#endif
n2n_transop_speck_init(&conf, &transop_speck);
/* Run the tests */
run_transop_benchmark("transop_null", &transop_null, &conf, pktbuf);
run_transop_benchmark("transop_tf", &transop_tf, &conf, pktbuf);
run_transop_benchmark("transop_aes", &transop_aes, &conf, pktbuf);
#ifdef HAVE_OPENSSL_1_1
run_transop_benchmark("transop_cc20", &transop_cc20, &conf, pktbuf);
#endif
run_transop_benchmark("transop_speck", &transop_speck, &conf, pktbuf);
/* Cleanup */
transop_null.deinit(&transop_null);
transop_tf.deinit(&transop_tf);
transop_aes.deinit(&transop_aes);
#ifdef HAVE_OPENSSL_1_1
transop_cc20.deinit(&transop_cc20);
#endif
transop_speck.deinit(&transop_speck);
return 0;

Write Preview
Loading…
Cancel
Save