kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

replaced twofish implementation by a faster version

pull/389/head
Logan007 4 years ago
parent
d5c1295bec
commit
bf6ef081e0
2 changed files with 12 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      src/tf.c
  2. 16
      src/transform_tf.c

4
src/tf.c
View File

@ -465,6 +465,7 @@ int tf_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len,
const unsigned char *iv, tf_context_t *ctx) {
uint8_t tmp[TF_BLOCK_SIZE];
uint8_t old[TF_BLOCK_SIZE];
size_t i;
size_t n;
@ -472,9 +473,10 @@ int tf_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len,
n = in_len / TF_BLOCK_SIZE;
for(i=0; i < n; i++) {
memcpy(old, &in[i * TF_BLOCK_SIZE], TF_BLOCK_SIZE);
twofish_internal_decrypt(ctx->K, ctx->QF, &out[i * TF_BLOCK_SIZE], &in[i * TF_BLOCK_SIZE]);
fix_xor(&out[i * TF_BLOCK_SIZE], tmp);
memcpy(tmp, &in[i * TF_BLOCK_SIZE], TF_BLOCK_SIZE);
memcpy(tmp, old, TF_BLOCK_SIZE);
}
return n * TF_BLOCK_SIZE;

16
src/transform_tf.c
View File

@ -29,7 +29,7 @@
// cbc mode is being used with random value prepended to plaintext
// instead of iv so, actual iv is null_iv
uint8_t null_iv[TF_IV_SIZE] = {0};
const uint8_t null_iv[TF_IV_SIZE] = {0};
typedef struct transop_tf {
tf_context_t *ctx;
@ -70,6 +70,7 @@ static int transop_encode_tf(n2n_trans_op_t * arg,
// the assembly buffer is a source for encrypting data
// the whole contents of assembly are encrypted
uint8_t assembly[N2N_PKT_BUF_SIZE];
uint8_t assembly2[N2N_PKT_BUF_SIZE];
size_t idx = 0;
int padded_len;
uint8_t padding;
@ -83,10 +84,10 @@ static int transop_encode_tf(n2n_trans_op_t * arg,
// full block sized random value (128 bit)
// !!! replace with 2 calls to encode_uint64(...) as as available
// !!! which is still under consideration in pull request 'revAes'
encode_uint32(assembly, &idx, 0);
encode_uint32(assembly, &idx, 0);
encode_uint32(assembly, &idx, 0);
encode_uint32(assembly, &idx, 0);
encode_uint32(assembly, &idx, n2n_rand());
encode_uint32(assembly, &idx, n2n_rand());
encode_uint32(assembly, &idx, n2n_rand());
encode_uint32(assembly, &idx, n2n_rand());
// adjust for maybe differently chosen TF_PREAMBLE_SIZE
idx = TF_PREAMBLE_SIZE;
@ -100,12 +101,11 @@ static int transop_encode_tf(n2n_trans_op_t * arg,
// pad the following bytes with zero, fixed length (TF_BLOCK_SIZE) seems to compile
// to slightly faster code than run-time dependant 'padding'
memset (assembly + idx, 0, TF_BLOCK_SIZE);
tf_cbc_encrypt(outbuf, assembly, padded_len, null_iv, priv->ctx);
if(padding) {
// exchange last two cipher blocks
memcpy (buf, outbuf+padded_len - TF_BLOCK_SIZE, TF_BLOCK_SIZE);
memcpy (buf, outbuf + padded_len - TF_BLOCK_SIZE, TF_BLOCK_SIZE);
memcpy (outbuf + padded_len - TF_BLOCK_SIZE, outbuf + padded_len - 2 * TF_BLOCK_SIZE, TF_BLOCK_SIZE);
memcpy (outbuf + padded_len - 2 * TF_BLOCK_SIZE, buf, TF_BLOCK_SIZE);
}
@ -156,7 +156,9 @@ static int transop_decode_tf(n2n_trans_op_t * arg,
// write new penultimate block from buf
memcpy(assembly + penultimate_block, buf, TF_BLOCK_SIZE);
// regular cbc decryption on the re-arranged ciphertext
tf_cbc_decrypt(assembly, assembly, in_len + TF_BLOCK_SIZE - rest, null_iv, priv->ctx);
// check for expected zero padding and give a warning otherwise
if (memcmp(assembly + in_len, null_iv, TF_BLOCK_SIZE - rest)) {
traceEvent(TRACE_WARNING, "transop_decode_tf payload decryption failed with unexpected cipher text stealing padding");

Write Preview
Loading…
Cancel
Save