Browse Source

reworked cc20

pull/400/head
Logan007 4 years ago
parent
commit
8757312d41
  1. 29
      include/cc20.h
  2. 2
      include/n2n.h
  3. 126
      src/cc20.c
  4. 4
      src/edge.c
  5. 2
      src/edge_utils.c
  6. 4
      src/transform_cc20.c
  7. 8
      tools/benchmark.c

29
include/cc20.h

@ -20,26 +20,38 @@
#ifndef CC20_H #ifndef CC20_H
#define CC20_H #define CC20_H
#include <stdint.h>
#include "n2n.h" // HAVE_OPENSSL_1_1, traceEvent ... #include "n2n.h" // HAVE_OPENSSL_1_1, traceEvent ...
#define CC20_IV_SIZE 16
#define CC20_KEY_BYTES (256/8)
#ifdef HAVE_OPENSSL_1_1 #ifdef HAVE_OPENSSL_1_1 // openSSL 1.1 ----------------------------------------------------
#include <stdint.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/err.h> #include <openssl/err.h>
#define CC20_IV_SIZE 16
#define CC20_KEY_BYTES (256/8)
typedef struct cc20_context_t { typedef struct cc20_context_t {
EVP_CIPHER_CTX *ctx; /* openssl's reusable evp_* en/de-cryption context */ EVP_CIPHER_CTX *ctx; /* openssl's reusable evp_* en/de-cryption context */
const EVP_CIPHER *cipher; /* cipher to use: e.g. EVP_chacha20() */ const EVP_CIPHER *cipher; /* cipher to use: e.g. EVP_chacha20() */
uint8_t key[CC20_KEY_BYTES]; /* the pure key data for payload encryption & decryption */ uint8_t key[CC20_KEY_BYTES]; /* the pure key data for payload encryption & decryption */
} cc20_context_t; } cc20_context_t;
#else // plain C --------------------------------------------------------------------------
typedef struct cc20_context {
uint32_t keystream32[16];
size_t position;
uint8_t key[CC20_KEY_BYTES];
uint8_t nonce[CC20_IV_SIZE];
uint64_t counter;
uint32_t state[16];
} cc20_context_t;
#endif // openSSL 1.1, plain C ------------------------------------------------------------
int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len, int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, cc20_context_t *ctx); const unsigned char *iv, cc20_context_t *ctx);
@ -51,7 +63,4 @@ int cc20_init (const unsigned char *key, cc20_context_t **ctx);
int cc20_deinit (cc20_context_t *ctx); int cc20_deinit (cc20_context_t *ctx);
#endif // HAVE_OPENSSL_1_1
#endif // CC20_H #endif // CC20_H

2
include/n2n.h

@ -425,9 +425,7 @@ int n2n_transop_tf_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
#ifdef N2N_HAVE_AES #ifdef N2N_HAVE_AES
int n2n_transop_aes_cbc_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt); int n2n_transop_aes_cbc_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
#endif #endif
#ifdef HAVE_OPENSSL_1_1
int n2n_transop_cc20_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt); int n2n_transop_cc20_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
#endif
int n2n_transop_speck_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt); int n2n_transop_speck_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt);
/* Log */ /* Log */

126
src/cc20.c

@ -20,11 +20,9 @@
#include "cc20.h" #include "cc20.h"
#ifdef HAVE_OPENSSL_1_1 #if defined (HAVE_OPENSSL_1_1) // openSSL 1.1 ---------------------------------------------
/* ****************************************************** */
/* get any erorr message out of openssl /* get any erorr message out of openssl
taken from https://en.wikibooks.org/wiki/OpenSSL/Error_handling */ taken from https://en.wikibooks.org/wiki/OpenSSL/Error_handling */
static char *openssl_err_as_string (void) { static char *openssl_err_as_string (void) {
@ -41,7 +39,6 @@ static char *openssl_err_as_string (void) {
return ret; return ret;
} }
/* ****************************************************** */
// encryption == decryption // encryption == decryption
int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len, int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
@ -78,13 +75,124 @@ int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
} }
#else // plain C --------------------------------------------------------------------------
// taken (and modified) from https://github.com/Ginurx/chacha20-c (public domain)
static uint32_t rotl32(uint32_t x, int n) {
return (x << n) | (x >> (32 - n));
}
// little endian
static uint32_t pack4(const uint8_t *a) {
uint32_t res = 0;
res |= (uint32_t)a[0] << 0 * 8;
res |= (uint32_t)a[1] << 1 * 8;
res |= (uint32_t)a[2] << 2 * 8;
res |= (uint32_t)a[3] << 3 * 8;
return res;
}
static void unpack4(uint32_t src, uint8_t *dst) {
dst[0] = (src >> 0 * 8) & 0xff;
dst[1] = (src >> 1 * 8) & 0xff;
dst[2] = (src >> 2 * 8) & 0xff;
dst[3] = (src >> 3 * 8) & 0xff;
}
static void chacha20_init_block(cc20_context_t *ctx, const uint8_t nonce[]) {
const uint8_t *magic_constant = (uint8_t*)"expand 32-byte k";
memcpy(&(ctx->state[0]), magic_constant, 16);
memcpy (&(ctx->state[4]), ctx->key, CC20_KEY_BYTES);
memcpy(&(ctx->state[12]), nonce, CC20_IV_SIZE);
}
#define CHACHA20_QUARTERROUND(x, a, b, c, d) \
x[a] += x[b]; x[d] = rotl32(x[d] ^ x[a], 16); \
x[c] += x[d]; x[b] = rotl32(x[b] ^ x[c], 12); \
x[a] += x[b]; x[d] = rotl32(x[d] ^ x[a], 8); \
x[c] += x[d]; x[b] = rotl32(x[b] ^ x[c], 7);
static void chacha20_block_next(cc20_context_t *ctx) {
int i;
for(i = 0; i < 16; i++)
ctx->keystream32[i] = ctx->state[i];
for(i = 0; i < 10; i++) {
CHACHA20_QUARTERROUND(ctx->keystream32, 0, 4, 8, 12)
CHACHA20_QUARTERROUND(ctx->keystream32, 1, 5, 9, 13)
CHACHA20_QUARTERROUND(ctx->keystream32, 2, 6, 10, 14)
CHACHA20_QUARTERROUND(ctx->keystream32, 3, 7, 11, 15)
CHACHA20_QUARTERROUND(ctx->keystream32, 0, 5, 10, 15)
CHACHA20_QUARTERROUND(ctx->keystream32, 1, 6, 11, 12)
CHACHA20_QUARTERROUND(ctx->keystream32, 2, 7, 8, 13)
CHACHA20_QUARTERROUND(ctx->keystream32, 3, 4, 9, 14)
}
for(i = 0; i < 16; i++)
ctx->keystream32[i] += ctx->state[i];
uint32_t *counter = ctx->state + 12;
// increment counter
counter[0]++;
if(0 == counter[0]) {
// wrap around occured, increment higher 32 bits of counter
counter[1]++;
// Limited to 2^64 blocks of 64 bytes each.
// if you want to process more than 1180591620717411303424 bytes
// you have other problems.
// we could keep counting with counter[2] and counter[3] (nonce),
// but then we risk reusing the nonce which is very bad.
}
}
static void chacha20_init_context(cc20_context_t *ctx, const uint8_t *nonce) {
chacha20_init_block(ctx, nonce);
ctx->position = 64;
}
int cc20_crypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, cc20_context_t *ctx) {
chacha20_init_context(ctx, iv);
uint8_t *keystream8 = (uint8_t*)ctx->keystream32;
for(size_t i = 0; i < in_len; i++) {
if(ctx->position >= 64) {
chacha20_block_next(ctx);
ctx->position = 0;
}
out[i] = in[i] ^ keystream8[ctx->position];
ctx->position++;
}
}
#endif // openSSL 1.1, plain C ------------------------------------------------------------
int cc20_init (const unsigned char *key, cc20_context_t **ctx) { int cc20_init (const unsigned char *key, cc20_context_t **ctx) {
// allocate context... // allocate context...
*ctx = (cc20_context_t*) calloc(1, sizeof(cc20_context_t)); *ctx = (cc20_context_t*) calloc(1, sizeof(cc20_context_t));
if (!(*ctx)) if (!(*ctx))
return -1; return -1;
#if defined (HAVE_OPENSSL_1_1)
if(!((*ctx)->ctx = EVP_CIPHER_CTX_new())) { if(!((*ctx)->ctx = EVP_CIPHER_CTX_new())) {
traceEvent(TRACE_ERROR, "cc20_init openssl's evp_* encryption context creation failed: %s", traceEvent(TRACE_ERROR, "cc20_init openssl's evp_* encryption context creation failed: %s",
openssl_err_as_string()); openssl_err_as_string());
@ -92,7 +200,7 @@ int cc20_init (const unsigned char *key, cc20_context_t **ctx) {
} }
(*ctx)->cipher = EVP_chacha20(); (*ctx)->cipher = EVP_chacha20();
#endif
memcpy((*ctx)->key, key, CC20_KEY_BYTES); memcpy((*ctx)->key, key, CC20_KEY_BYTES);
return 0; return 0;
@ -101,10 +209,8 @@ int cc20_init (const unsigned char *key, cc20_context_t **ctx) {
int cc20_deinit (cc20_context_t *ctx) { int cc20_deinit (cc20_context_t *ctx) {
#if defined (HAVE_OPENSSL_1_1)
if (ctx->ctx) EVP_CIPHER_CTX_free(ctx->ctx); if (ctx->ctx) EVP_CIPHER_CTX_free(ctx->ctx);
#endif
return 0; return 0;
} }
#endif // HAVE_OPENSSL_1_1

4
src/edge.c

@ -168,9 +168,7 @@ static void help() {
#ifdef N2N_HAVE_AES #ifdef N2N_HAVE_AES
"-A3 or -A (deprecated) = AES-CBC, " "-A3 or -A (deprecated) = AES-CBC, "
#endif #endif
#ifdef HAVE_OPENSSL_1_1
"-A4 = ChaCha20, " "-A4 = ChaCha20, "
#endif
"-A5 = Speck-CTR.\n"); "-A5 = Speck-CTR.\n");
printf("-H | Enable full header encryption. Requires supernode with fixed community.\n"); printf("-H | Enable full header encryption. Requires supernode with fixed community.\n");
printf("-z1 ... -z2 or -z | Enable compression for outgoing data packets: -z1 or -z = lzo1x" printf("-z1 ... -z2 or -z | Enable compression for outgoing data packets: -z1 or -z = lzo1x"
@ -250,13 +248,11 @@ static void setPayloadEncryption( n2n_edge_conf_t *conf, int cipher) {
break; break;
} }
#endif #endif
#ifdef HAVE_OPENSSL_1_1
case 4: case 4:
{ {
conf->transop_id = N2N_TRANSFORM_ID_CHACHA20; conf->transop_id = N2N_TRANSFORM_ID_CHACHA20;
break; break;
} }
#endif
case 5: case 5:
{ {
conf->transop_id = N2N_TRANSFORM_ID_SPECK; conf->transop_id = N2N_TRANSFORM_ID_SPECK;

2
src/edge_utils.c

@ -226,11 +226,9 @@ n2n_edge_t* edge_init(const n2n_edge_conf_t *conf, int *rv) {
rc = n2n_transop_aes_cbc_init(&eee->conf, &eee->transop); rc = n2n_transop_aes_cbc_init(&eee->conf, &eee->transop);
break; break;
#endif #endif
#ifdef HAVE_OPENSSL_1_1
case N2N_TRANSFORM_ID_CHACHA20: case N2N_TRANSFORM_ID_CHACHA20:
rc = n2n_transop_cc20_init(&eee->conf, &eee->transop); rc = n2n_transop_cc20_init(&eee->conf, &eee->transop);
break; break;
#endif
case N2N_TRANSFORM_ID_SPECK: case N2N_TRANSFORM_ID_SPECK:
rc = n2n_transop_speck_init(&eee->conf, &eee->transop); rc = n2n_transop_speck_init(&eee->conf, &eee->transop);
break; break;

4
src/transform_cc20.c

@ -16,9 +16,9 @@
* *
*/ */
#include "n2n.h" #include "n2n.h"
#ifdef HAVE_OPENSSL_1_1
/* ChaCha20 plaintext preamble */ /* ChaCha20 plaintext preamble */
#define CC20_PREAMBLE_SIZE (CC20_IV_SIZE) #define CC20_PREAMBLE_SIZE (CC20_IV_SIZE)
@ -177,5 +177,3 @@ int n2n_transop_cc20_init(const n2n_edge_conf_t *conf, n2n_trans_op_t *ttt) {
/* Setup the cipher and key */ /* Setup the cipher and key */
return setup_cc20_key(priv, encrypt_key, encrypt_key_len); return setup_cc20_key(priv, encrypt_key, encrypt_key_len);
} }
#endif /* HAVE_OPENSSL_1_1 */

8
tools/benchmark.c

@ -66,9 +66,7 @@ int main(int argc, char * argv[]) {
#ifdef N2N_HAVE_AES #ifdef N2N_HAVE_AES
n2n_trans_op_t transop_aes_cbc; n2n_trans_op_t transop_aes_cbc;
#endif #endif
#ifdef HAVE_OPENSSL_1_1
n2n_trans_op_t transop_cc20; n2n_trans_op_t transop_cc20;
#endif
n2n_trans_op_t transop_speck; n2n_trans_op_t transop_speck;
n2n_edge_conf_t conf; n2n_edge_conf_t conf;
@ -86,9 +84,7 @@ int main(int argc, char * argv[]) {
#ifdef N2N_HAVE_AES #ifdef N2N_HAVE_AES
n2n_transop_aes_cbc_init(&conf, &transop_aes_cbc); n2n_transop_aes_cbc_init(&conf, &transop_aes_cbc);
#endif #endif
#ifdef HAVE_OPENSSL_1_1
n2n_transop_cc20_init(&conf, &transop_cc20); n2n_transop_cc20_init(&conf, &transop_cc20);
#endif
n2n_transop_speck_init(&conf, &transop_speck); n2n_transop_speck_init(&conf, &transop_speck);
/* Run the tests */ /* Run the tests */
@ -97,9 +93,7 @@ int main(int argc, char * argv[]) {
#ifdef N2N_HAVE_AES #ifdef N2N_HAVE_AES
run_transop_benchmark("transop_aes", &transop_aes_cbc, &conf, pktbuf); run_transop_benchmark("transop_aes", &transop_aes_cbc, &conf, pktbuf);
#endif #endif
#ifdef HAVE_OPENSSL_1_1
run_transop_benchmark("transop_cc20", &transop_cc20, &conf, pktbuf); run_transop_benchmark("transop_cc20", &transop_cc20, &conf, pktbuf);
#endif
run_transop_benchmark("transop_speck", &transop_speck, &conf, pktbuf); run_transop_benchmark("transop_speck", &transop_speck, &conf, pktbuf);
/* Cleanup */ /* Cleanup */
@ -108,9 +102,7 @@ int main(int argc, char * argv[]) {
#ifdef N2N_HAVE_AES #ifdef N2N_HAVE_AES
transop_aes_cbc.deinit(&transop_aes_cbc); transop_aes_cbc.deinit(&transop_aes_cbc);
#endif #endif
#ifdef HAVE_OPENSSL_1_1
transop_cc20.deinit(&transop_cc20); transop_cc20.deinit(&transop_cc20);
#endif
transop_speck.deinit(&transop_speck); transop_speck.deinit(&transop_speck);
return 0; return 0;

Loading…
Cancel
Save