mirror of
https://github.com/neocturne/fastd.git
synced 2025-06-07 21:15:08 +02:00
generic-gmac: convert to the new common method helpers
This commit is contained in:
parent
bba8249f4a
commit
eb891d772d
1 changed files with 19 additions and 33 deletions
|
|
@ -139,8 +139,7 @@ static inline void put_size(fastd_block128_t *out, size_t len) {
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fastd_method_session_state_t *session, fastd_buffer_t *out, fastd_buffer_t in) {
|
static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fastd_method_session_state_t *session, fastd_buffer_t *out, fastd_buffer_t in) {
|
||||||
fastd_buffer_pull_head(ctx, &in, sizeof(fastd_block128_t));
|
fastd_buffer_pull_head_zero(ctx, &in, sizeof(fastd_block128_t));
|
||||||
memset(in.data, 0, sizeof(fastd_block128_t));
|
|
||||||
|
|
||||||
size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len;
|
size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len;
|
||||||
*out = fastd_buffer_alloc(ctx, in.len, alignto(COMMON_HEADBYTES, 16), sizeof(fastd_block128_t)+tail_len);
|
*out = fastd_buffer_alloc(ctx, in.len, alignto(COMMON_HEADBYTES, 16), sizeof(fastd_block128_t)+tail_len);
|
||||||
|
|
@ -148,17 +147,14 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast
|
||||||
if (tail_len)
|
if (tail_len)
|
||||||
memset(in.data+in.len, 0, tail_len);
|
memset(in.data+in.len, 0, tail_len);
|
||||||
|
|
||||||
size_t iv_length = session->method->cipher_info->iv_length;
|
uint8_t nonce[session->method->cipher_info->iv_length];
|
||||||
uint8_t nonce[iv_length];
|
fastd_method_expand_nonce(nonce, session->common.send_nonce, sizeof(nonce));
|
||||||
memset(nonce, 0, iv_length);
|
|
||||||
memcpy(nonce, session->common.send_nonce, COMMON_NONCEBYTES);
|
|
||||||
nonce[iv_length-1] = 1;
|
|
||||||
|
|
||||||
int n_blocks = block_count(in.len, sizeof(fastd_block128_t));
|
int n_blocks = block_count(in.len, sizeof(fastd_block128_t));
|
||||||
|
|
||||||
fastd_block128_t *inblocks = in.data;
|
fastd_block128_t *inblocks = in.data;
|
||||||
fastd_block128_t *outblocks = out->data;
|
fastd_block128_t *outblocks = out->data;
|
||||||
fastd_block128_t sig;
|
fastd_block128_t tag;
|
||||||
|
|
||||||
bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce);
|
bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce);
|
||||||
|
|
||||||
|
|
@ -168,27 +164,21 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast
|
||||||
|
|
||||||
put_size(&outblocks[n_blocks], in.len-sizeof(fastd_block128_t));
|
put_size(&outblocks[n_blocks], in.len-sizeof(fastd_block128_t));
|
||||||
|
|
||||||
ok = session->ghash->hash(session->ghash_state, &sig, outblocks+1, n_blocks);
|
ok = session->ghash->hash(session->ghash_state, &tag, outblocks+1, n_blocks);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!ok) {
|
if (!ok) {
|
||||||
/* restore original buffer */
|
|
||||||
fastd_buffer_push_head(ctx, &in, sizeof(fastd_block128_t));
|
|
||||||
fastd_buffer_free(*out);
|
fastd_buffer_free(*out);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
xor_a(&outblocks[0], sig);
|
xor_a(&outblocks[0], tag);
|
||||||
|
|
||||||
fastd_buffer_free(in);
|
fastd_buffer_free(in);
|
||||||
|
|
||||||
fastd_buffer_pull_head(ctx, out, COMMON_HEADBYTES);
|
fastd_method_put_common_header(ctx, out, session->common.send_nonce, 0);
|
||||||
|
|
||||||
memcpy(out->data, session->common.send_nonce, COMMON_NONCEBYTES);
|
|
||||||
fastd_method_increment_nonce(&session->common);
|
fastd_method_increment_nonce(&session->common);
|
||||||
|
|
||||||
((uint8_t*)out->data)[COMMON_NONCEBYTES] = 0; /* flags */
|
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -199,21 +189,17 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho
|
||||||
if (!method_session_is_valid(ctx, session))
|
if (!method_session_is_valid(ctx, session))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if (((const uint8_t*)in.data)[COMMON_NONCEBYTES]) /* flags */
|
uint8_t in_nonce[COMMON_NONCEBYTES];
|
||||||
return false;
|
uint8_t flags;
|
||||||
|
|
||||||
|
|
||||||
size_t iv_length = session->method->cipher_info->iv_length;
|
|
||||||
uint8_t nonce[iv_length];
|
|
||||||
memset(nonce, 0, iv_length);
|
|
||||||
memcpy(nonce, in.data, COMMON_NONCEBYTES);
|
|
||||||
nonce[iv_length-1] = 1;
|
|
||||||
|
|
||||||
int64_t age;
|
int64_t age;
|
||||||
if (!fastd_method_is_nonce_valid(ctx, &session->common, nonce, &age))
|
if (!fastd_method_handle_common_header(ctx, &session->common, &in, in_nonce, &flags, &age))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
fastd_buffer_push_head(ctx, &in, COMMON_HEADBYTES);
|
if (flags)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
uint8_t nonce[session->method->cipher_info->iv_length];
|
||||||
|
fastd_method_expand_nonce(nonce, in_nonce, sizeof(nonce));
|
||||||
|
|
||||||
size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len;
|
size_t tail_len = alignto(in.len, sizeof(fastd_block128_t))-in.len;
|
||||||
*out = fastd_buffer_alloc(ctx, in.len, 0, tail_len);
|
*out = fastd_buffer_alloc(ctx, in.len, 0, tail_len);
|
||||||
|
|
@ -222,7 +208,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho
|
||||||
|
|
||||||
fastd_block128_t *inblocks = in.data;
|
fastd_block128_t *inblocks = in.data;
|
||||||
fastd_block128_t *outblocks = out->data;
|
fastd_block128_t *outblocks = out->data;
|
||||||
fastd_block128_t sig;
|
fastd_block128_t tag;
|
||||||
|
|
||||||
bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce);
|
bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce);
|
||||||
|
|
||||||
|
|
@ -232,10 +218,10 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho
|
||||||
|
|
||||||
put_size(&inblocks[n_blocks], in.len-sizeof(fastd_block128_t));
|
put_size(&inblocks[n_blocks], in.len-sizeof(fastd_block128_t));
|
||||||
|
|
||||||
ok = session->ghash->hash(session->ghash_state, &sig, inblocks+1, n_blocks);
|
ok = session->ghash->hash(session->ghash_state, &tag, inblocks+1, n_blocks);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!ok || memcmp(&sig, &outblocks[0], sizeof(fastd_block128_t)) != 0) {
|
if (!ok || memcmp(&tag, &outblocks[0], sizeof(fastd_block128_t)) != 0) {
|
||||||
fastd_buffer_free(*out);
|
fastd_buffer_free(*out);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -244,7 +230,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho
|
||||||
|
|
||||||
fastd_buffer_push_head(ctx, out, sizeof(fastd_block128_t));
|
fastd_buffer_push_head(ctx, out, sizeof(fastd_block128_t));
|
||||||
|
|
||||||
if (!fastd_method_reorder_check(ctx, peer, &session->common, nonce, age)) {
|
if (!fastd_method_reorder_check(ctx, peer, &session->common, in_nonce, age)) {
|
||||||
fastd_buffer_free(*out);
|
fastd_buffer_free(*out);
|
||||||
*out = fastd_buffer_alloc(ctx, 0, 0, 0);
|
*out = fastd_buffer_alloc(ctx, 0, 0, 0);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue