mirror of
https://github.com/neocturne/fastd.git
synced 2025-05-15 04:35:08 +02:00
Slightly improve the SHA256 API
This commit is contained in:
parent
f12681b09b
commit
00d7406fe2
3 changed files with 49 additions and 49 deletions
|
|
@ -36,14 +36,11 @@
|
|||
|
||||
#define PUBLICKEYBYTES 32
|
||||
#define SECRETKEYBYTES 32
|
||||
#define HMACWORDS FASTD_SHA256_HASH_WORDS
|
||||
#define HMACBYTES FASTD_SHA256_HASH_BYTES
|
||||
#define HASHWORDS FASTD_SHA256_HASH_WORDS
|
||||
#define HASHBYTES FASTD_SHA256_HASH_BYTES
|
||||
|
||||
|
||||
#if HASHWORDS != FASTD_HMACSHA256_KEY_WORDS
|
||||
#error bug: HASHWORDS != FASTD_HMACSHA256_KEY_WORDS
|
||||
#if HASHBYTES != FASTD_HMACSHA256_KEY_BYTES
|
||||
#error bug: HASHBYTES != FASTD_HMACSHA256_KEY_BYTES
|
||||
#endif
|
||||
|
||||
#if HASHBYTES != SECRETKEYBYTES
|
||||
|
|
@ -279,10 +276,8 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock,
|
|||
const handshake_key_t *handshake_key, const ecc_int256_t *peer_handshake_key, const fastd_handshake_t *handshake, const fastd_method_t *method) {
|
||||
pr_debug(ctx, "responding handshake with %P[%I]...", peer, remote_addr);
|
||||
|
||||
uint32_t hashbuf[HASHWORDS];
|
||||
uint32_t hmacbuf[HMACWORDS];
|
||||
|
||||
fastd_sha256_blocks(hashbuf,
|
||||
fastd_sha256_t hashbuf;
|
||||
fastd_sha256_blocks(&hashbuf,
|
||||
handshake_key->public_key.p,
|
||||
peer_handshake_key->p,
|
||||
ctx->conf->protocol_config->public_key.p,
|
||||
|
|
@ -291,8 +286,8 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock,
|
|||
|
||||
ecc_int256_t d = {{0}}, e = {{0}}, eb, s;
|
||||
|
||||
memcpy(d.p, hashbuf, HASHBYTES/2);
|
||||
memcpy(e.p, hashbuf+HASHWORDS/2, HASHBYTES/2);
|
||||
memcpy(d.p, hashbuf.b, HASHBYTES/2);
|
||||
memcpy(e.p, hashbuf.b+HASHBYTES/2, HASHBYTES/2);
|
||||
|
||||
d.p[15] |= 0x80;
|
||||
e.p[15] |= 0x80;
|
||||
|
|
@ -321,8 +316,8 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock,
|
|||
ecc_int256_t sigma;
|
||||
ecc_25519_store_packed(&sigma, &work);
|
||||
|
||||
uint32_t shared_handshake_key[HASHWORDS];
|
||||
fastd_sha256_blocks(shared_handshake_key,
|
||||
fastd_sha256_t shared_handshake_key;
|
||||
fastd_sha256_blocks(&shared_handshake_key,
|
||||
handshake_key->public_key.p,
|
||||
peer_handshake_key->p,
|
||||
ctx->conf->protocol_config->public_key.p,
|
||||
|
|
@ -330,15 +325,16 @@ static void respond_handshake(fastd_context_t *ctx, const fastd_socket_t *sock,
|
|||
sigma.p,
|
||||
NULL);
|
||||
|
||||
fastd_hmacsha256_blocks(hmacbuf, shared_handshake_key, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL);
|
||||
fastd_sha256_t hmacbuf;
|
||||
fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key.w, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL);
|
||||
|
||||
fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HMACBYTES);
|
||||
fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HASHBYTES);
|
||||
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, ctx->conf->protocol_config->public_key.p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, peer->protocol_config->public_key.p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, handshake_key->public_key.p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key->p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_T, HMACBYTES, hmacbuf);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b);
|
||||
|
||||
fastd_send_handshake(ctx, sock, local_addr, remote_addr, buffer);
|
||||
}
|
||||
|
|
@ -370,14 +366,14 @@ static bool establish(fastd_context_t *ctx, fastd_peer_t *peer, const fastd_meth
|
|||
peer->protocol_state->old_session = (protocol_session_t){};
|
||||
}
|
||||
|
||||
uint32_t hash[HASHWORDS];
|
||||
fastd_sha256_blocks(hash, X->p, Y->p, A->p, B->p, sigma->p, NULL);
|
||||
fastd_sha256_t hash;
|
||||
fastd_sha256_blocks(&hash, X->p, Y->p, A->p, B->p, sigma->p, NULL);
|
||||
|
||||
peer->protocol_state->session.established = ctx->now;
|
||||
peer->protocol_state->session.handshakes_cleaned = false;
|
||||
peer->protocol_state->session.refreshing = false;
|
||||
peer->protocol_state->session.method = method;
|
||||
peer->protocol_state->session.method_state = method->session_init(ctx, (uint8_t*)hash, HASHBYTES, initiator);
|
||||
peer->protocol_state->session.method_state = method->session_init(ctx, hash.b, HASHBYTES, initiator);
|
||||
peer->protocol_state->last_serial = serial;
|
||||
|
||||
fastd_peer_seen(ctx, peer);
|
||||
|
|
@ -404,10 +400,8 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
|
|||
const fastd_handshake_t *handshake, const fastd_method_t *method) {
|
||||
pr_debug(ctx, "finishing handshake with %P[%I]...", peer, remote_addr);
|
||||
|
||||
uint32_t hashbuf[HASHWORDS];
|
||||
uint32_t hmacbuf[HMACWORDS];
|
||||
|
||||
fastd_sha256_blocks(hashbuf,
|
||||
fastd_sha256_t hashbuf;
|
||||
fastd_sha256_blocks(&hashbuf,
|
||||
peer_handshake_key->p,
|
||||
handshake_key->public_key.p,
|
||||
peer->protocol_config->public_key.p,
|
||||
|
|
@ -416,8 +410,8 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
|
|||
|
||||
ecc_int256_t d = {{0}}, e = {{0}}, da, s;
|
||||
|
||||
memcpy(d.p, hashbuf, HASHBYTES/2);
|
||||
memcpy(e.p, hashbuf+HASHWORDS/2, HASHBYTES/2);
|
||||
memcpy(d.p, hashbuf.b, HASHBYTES/2);
|
||||
memcpy(e.p, hashbuf.b+HASHBYTES/2, HASHBYTES/2);
|
||||
|
||||
d.p[15] |= 0x80;
|
||||
e.p[15] |= 0x80;
|
||||
|
|
@ -446,8 +440,8 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
|
|||
ecc_int256_t sigma;
|
||||
ecc_25519_store_packed(&sigma, &work);
|
||||
|
||||
uint32_t shared_handshake_key[HASHWORDS];
|
||||
fastd_sha256_blocks(shared_handshake_key,
|
||||
fastd_sha256_t shared_handshake_key;
|
||||
fastd_sha256_blocks(&shared_handshake_key,
|
||||
peer_handshake_key->p,
|
||||
handshake_key->public_key.p,
|
||||
peer->protocol_config->public_key.p,
|
||||
|
|
@ -455,24 +449,25 @@ static void finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, const f
|
|||
sigma.p,
|
||||
NULL);
|
||||
|
||||
if(!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) {
|
||||
if(!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) {
|
||||
pr_warn(ctx, "received invalid protocol handshake response from %P[%I]", peer, remote_addr);
|
||||
return;
|
||||
}
|
||||
|
||||
fastd_hmacsha256_blocks(hmacbuf, shared_handshake_key, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL);
|
||||
fastd_sha256_t hmacbuf;
|
||||
fastd_hmacsha256_blocks(&hmacbuf, shared_handshake_key.w, ctx->conf->protocol_config->public_key.p, handshake_key->public_key.p, NULL);
|
||||
|
||||
if (!establish(ctx, peer, method, sock, local_addr, remote_addr, true, &handshake_key->public_key, peer_handshake_key, &ctx->conf->protocol_config->public_key,
|
||||
&peer->protocol_config->public_key, &sigma, handshake_key->serial))
|
||||
return;
|
||||
|
||||
fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HMACBYTES);
|
||||
fastd_buffer_t buffer = fastd_handshake_new_reply(ctx, handshake, method, 4*(4+PUBLICKEYBYTES) + 4+HASHBYTES);
|
||||
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_SENDER_KEY, PUBLICKEYBYTES, ctx->conf->protocol_config->public_key.p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_KEY, PUBLICKEYBYTES, peer->protocol_config->public_key.p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_SENDER_HANDSHAKE_KEY, PUBLICKEYBYTES, handshake_key->public_key.p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_RECEIPIENT_HANDSHAKE_KEY, PUBLICKEYBYTES, peer_handshake_key->p);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_T, HMACBYTES, hmacbuf);
|
||||
fastd_handshake_add(ctx, &buffer, RECORD_T, HASHBYTES, hmacbuf.b);
|
||||
|
||||
fastd_send_handshake(ctx, sock, local_addr, remote_addr, buffer);
|
||||
}
|
||||
|
|
@ -482,9 +477,8 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock,
|
|||
const fastd_handshake_t *handshake, const fastd_method_t *method) {
|
||||
pr_debug(ctx, "handling handshake finish with %P[%I]...", peer, remote_addr);
|
||||
|
||||
uint32_t hashbuf[HASHWORDS];
|
||||
|
||||
fastd_sha256_blocks(hashbuf,
|
||||
fastd_sha256_t hashbuf;
|
||||
fastd_sha256_blocks(&hashbuf,
|
||||
handshake_key->public_key.p,
|
||||
peer_handshake_key->p,
|
||||
ctx->conf->protocol_config->public_key.p,
|
||||
|
|
@ -493,8 +487,8 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock,
|
|||
|
||||
ecc_int256_t d = {{0}}, e = {{0}}, eb, s;
|
||||
|
||||
memcpy(d.p, hashbuf, HASHBYTES/2);
|
||||
memcpy(e.p, hashbuf+HASHWORDS/2, HASHBYTES/2);
|
||||
memcpy(d.p, hashbuf.b, HASHBYTES/2);
|
||||
memcpy(e.p, hashbuf.b+HASHBYTES/2, HASHBYTES/2);
|
||||
|
||||
d.p[15] |= 0x80;
|
||||
e.p[15] |= 0x80;
|
||||
|
|
@ -523,8 +517,8 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock,
|
|||
ecc_int256_t sigma;
|
||||
ecc_25519_store_packed(&sigma, &work);
|
||||
|
||||
uint32_t shared_handshake_key[HASHWORDS];
|
||||
fastd_sha256_blocks(shared_handshake_key,
|
||||
fastd_sha256_t shared_handshake_key;
|
||||
fastd_sha256_blocks(&shared_handshake_key,
|
||||
handshake_key->public_key.p,
|
||||
peer_handshake_key->p,
|
||||
ctx->conf->protocol_config->public_key.p,
|
||||
|
|
@ -532,7 +526,7 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock,
|
|||
sigma.p,
|
||||
NULL);
|
||||
|
||||
if (!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) {
|
||||
if (!fastd_hmacsha256_blocks_verify(handshake->records[RECORD_T].data, shared_handshake_key.w, peer->protocol_config->public_key.p, peer_handshake_key->p, NULL)) {
|
||||
pr_warn(ctx, "received invalid protocol handshake finish from %P[%I]", peer, remote_addr);
|
||||
return;
|
||||
}
|
||||
|
|
@ -699,7 +693,7 @@ static void protocol_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock
|
|||
return;
|
||||
}
|
||||
|
||||
if (handshake->type > 1 && !has_field(handshake, RECORD_T, HMACBYTES)) {
|
||||
if (handshake->type > 1 && !has_field(handshake, RECORD_T, HASHBYTES)) {
|
||||
pr_debug(ctx, "received handshake reply without HMAC from %P[%I]", peer, remote_addr);
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
14
src/sha256.c
14
src/sha256.c
|
|
@ -133,7 +133,7 @@ static void sha256_blocks_va(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32
|
|||
out[i] = htonl(h[i]);
|
||||
}
|
||||
|
||||
static void hmacsha256_blocks_va(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], va_list ap) {
|
||||
static void hmacsha256_blocks_va(fastd_sha256_t *out, const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], va_list ap) {
|
||||
static const uint32_t ipad2[8] = {
|
||||
0x36363636,
|
||||
0x36363636,
|
||||
|
|
@ -170,17 +170,17 @@ static void hmacsha256_blocks_va(uint32_t out[FASTD_SHA256_HASH_WORDS], const ui
|
|||
}
|
||||
|
||||
|
||||
void fastd_sha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], ...) {
|
||||
void fastd_sha256_blocks(fastd_sha256_t *out, ...) {
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, out);
|
||||
const uint32_t *in1 = va_arg(ap, const uint32_t*);
|
||||
const uint32_t *in2 = in1 ? va_arg(ap, const uint32_t*) : NULL;
|
||||
sha256_blocks_va(out, in1, in2, ap);
|
||||
sha256_blocks_va(out->w, in1, in2, ap);
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
void fastd_hmacsha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...) {
|
||||
void fastd_hmacsha256_blocks(fastd_sha256_t *out, const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...) {
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, key);
|
||||
|
|
@ -190,11 +190,11 @@ void fastd_hmacsha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32
|
|||
|
||||
bool fastd_hmacsha256_blocks_verify(const uint8_t mac[FASTD_SHA256_HASH_BYTES], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...) {
|
||||
va_list ap;
|
||||
uint32_t out[8];
|
||||
fastd_sha256_t out;
|
||||
|
||||
va_start(ap, key);
|
||||
hmacsha256_blocks_va(out, key, ap);
|
||||
hmacsha256_blocks_va(&out, key, ap);
|
||||
va_end(ap);
|
||||
|
||||
return !memcmp(out, mac, sizeof(out));
|
||||
return !memcmp(out.b, mac, FASTD_SHA256_HASH_BYTES);
|
||||
}
|
||||
|
|
|
|||
10
src/sha256.h
10
src/sha256.h
|
|
@ -42,8 +42,14 @@
|
|||
#define FASTD_HMACSHA256_KEY_BYTES (4*FASTD_HMACSHA256_KEY_WORDS)
|
||||
|
||||
|
||||
void fastd_sha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], ...);
|
||||
void fastd_hmacsha256_blocks(uint32_t out[FASTD_SHA256_HASH_WORDS], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...);
|
||||
typedef union fastd_sha256 {
|
||||
uint32_t w[FASTD_SHA256_HASH_WORDS];
|
||||
uint8_t b[FASTD_SHA256_HASH_BYTES];
|
||||
} fastd_sha256_t;
|
||||
|
||||
|
||||
void fastd_sha256_blocks(fastd_sha256_t *out, ...);
|
||||
void fastd_hmacsha256_blocks(fastd_sha256_t *out, const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...);
|
||||
bool fastd_hmacsha256_blocks_verify(const uint8_t mac[FASTD_SHA256_HASH_BYTES], const uint32_t key[FASTD_HMACSHA256_KEY_WORDS], ...);
|
||||
|
||||
#endif /* _FASTD_SHA256_H_ */
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue