From aa1d894e102e23d162b8e2bccd4b3bf1700de2f2 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 30 Nov 2013 05:34:49 +0100 Subject: Make the crypto implementations independent of fastd.h (and fix more minor bugs) --- src/crypto.h | 36 +++++++++++++++++----- .../aes128_ctr/nacl/cipher_aes128_ctr_nacl.c | 12 ++++---- .../cipher/aes128_ctr/openssl/aes128_ctr_openssl.c | 7 +++-- .../cipher/blowfish_ctr/builtin/blowfish_ctr.c | 8 +++-- src/crypto/cipher/ciphers.c.in | 1 + src/crypto/cipher/null/memcpy/null_memcpy.c | 6 ++-- src/crypto/cipher/salsa20/nacl/salsa20_nacl.c | 7 +++-- src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c | 7 +++-- src/crypto/mac/ghash/builtin/ghash_builtin.c | 10 +++--- src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c | 9 +----- src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h | 10 ++---- .../mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c | 30 ++++++++++++------ src/crypto/mac/macs.c.in | 1 + src/fastd.h | 18 ----------- src/methods/cipher_test/cipher_test.c | 10 +++--- src/methods/composed_gmac/composed_gmac.c | 32 +++++++++---------- src/methods/generic_gcm/generic_gcm.c | 22 ++++++------- src/methods/generic_gmac/generic_gmac.c | 18 +++++------ src/methods/generic_poly1305/generic_poly1305.c | 10 +++--- src/methods/xsalsa20_poly1305/xsalsa20_poly1305.c | 1 + src/protocols/ec25519_fhmqvc/state.c | 1 + src/types.h | 1 + 22 files changed, 136 insertions(+), 121 deletions(-) diff --git a/src/crypto.h b/src/crypto.h index c52fd42..124d06d 100644 --- a/src/crypto.h +++ b/src/crypto.h @@ -27,7 +27,10 @@ #ifndef _FASTD_CRYPTO_H_ #define _FASTD_CRYPTO_H_ -#include "fastd.h" +#include "types.h" + +#include +#include struct fastd_cipher_info { @@ -38,9 +41,9 @@ struct fastd_cipher_info { struct fastd_cipher { bool (*available)(void); - fastd_cipher_state_t* (*init)(fastd_context_t *ctx, const uint8_t *key); - bool (*crypt)(fastd_context_t *ctx, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv); - void (*free)(fastd_context_t *ctx, fastd_cipher_state_t *state); + fastd_cipher_state_t* (*init)(const uint8_t *key); + bool (*crypt)(const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv); + void (*free)(fastd_cipher_state_t *state); }; @@ -51,9 +54,9 @@ struct fastd_mac_info { struct fastd_mac { bool (*available)(void); - fastd_mac_state_t* (*init)(fastd_context_t *ctx, const uint8_t *key); - bool (*hash)(fastd_context_t *ctx, const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks); - void (*free)(fastd_context_t *ctx, fastd_mac_state_t *state); + fastd_mac_state_t* (*init)(const uint8_t *key); + bool (*hash)(const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks); + void (*free)(fastd_mac_state_t *state); }; @@ -71,4 +74,23 @@ bool fastd_mac_config(const fastd_mac_t **mac_conf, const char *name, const char const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name); const fastd_mac_t* fastd_mac_get(fastd_context_t *ctx, const fastd_mac_info_t *info); + +static inline void secure_memzero(void *s, size_t n) { + memset(s, 0, n); + __asm__ volatile("" : : "m"(s)); +} + +static inline void xor(fastd_block128_t *x, fastd_block128_t a, fastd_block128_t b) { + x->qw[0] = a.qw[0] ^ b.qw[0]; + x->qw[1] = a.qw[1] ^ b.qw[1]; +} + +static inline void xor_a(fastd_block128_t *x, fastd_block128_t a) { + xor(x, *x, a); +} + +static inline bool fastd_true(void) { + return true; +} + #endif /* _FASTD_CRYPTO_H_ */ diff --git a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c index f4756a3..ca32e72 100644 --- a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c +++ b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c @@ -25,6 +25,7 @@ #include "../../../../crypto.h" + #include @@ -33,26 +34,25 @@ struct __attribute__((aligned(16))) fastd_cipher_state { }; -static fastd_cipher_state_t* aes128_ctr_init(fastd_context_t *ctx, const uint8_t *key) { +static fastd_cipher_state_t* aes128_ctr_init(const uint8_t *key) { fastd_block128_t k; memcpy(k.b, key, sizeof(fastd_block128_t)); fastd_cipher_state_t *state; - int err = posix_memalign((void**)&state, 16, sizeof(fastd_cipher_state_t)); - if (err) - exit_error(ctx, "posix_memalign: %s", strerror(err)); + if (posix_memalign((void**)&state, 16, sizeof(fastd_cipher_state_t))) + abort(); crypto_stream_aes128ctr_beforenm(state->d, k.b); return state; } -static bool aes128_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { +static bool aes128_ctr_crypt(const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { crypto_stream_aes128ctr_xor_afternm(out->b, in->b, len, iv, state->d); return true; } -static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { +static void aes128_ctr_free(fastd_cipher_state_t *state) { if (state) { secure_memzero(state, sizeof(*state)); free(state); diff --git a/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c b/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c index b3c739c..22b0ebe 100644 --- a/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c +++ b/src/crypto/cipher/aes128_ctr/openssl/aes128_ctr_openssl.c @@ -25,6 +25,7 @@ #include "../../../../crypto.h" + #include @@ -33,7 +34,7 @@ struct fastd_cipher_state { }; -static fastd_cipher_state_t* aes128_ctr_init(fastd_context_t *ctx UNUSED, const uint8_t *key) { +static fastd_cipher_state_t* aes128_ctr_init(const uint8_t *key) { fastd_cipher_state_t *state = malloc(sizeof(fastd_cipher_state_t)); state->aes = EVP_CIPHER_CTX_new(); @@ -42,7 +43,7 @@ static fastd_cipher_state_t* aes128_ctr_init(fastd_context_t *ctx UNUSED, const return state; } -static bool aes128_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { +static bool aes128_ctr_crypt(const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { int clen, clen2; if (!EVP_EncryptInit(state->aes, NULL, NULL, iv)) @@ -60,7 +61,7 @@ static bool aes128_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_sta return true; } -static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { +static void aes128_ctr_free(fastd_cipher_state_t *state) { if (state) { EVP_CIPHER_CTX_free(state->aes); free(state); diff --git a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c index 3e82e38..feb1406 100644 --- a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c +++ b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c @@ -26,6 +26,8 @@ #include "../../../../crypto.h" +#include + typedef union bf_block { fastd_block128_t b; @@ -209,7 +211,7 @@ static inline uint32_t bf_f(const fastd_cipher_state_t *state, uint32_t x) { BF_SWAP(L, R); \ }) -static fastd_cipher_state_t* blowfish_ctr_init(fastd_context_t *ctx UNUSED, const uint8_t *key) { +static fastd_cipher_state_t* blowfish_ctr_init(const uint8_t *key) { uint32_t key32[14]; memcpy(key32, key, 56); bf_ntohl(key32, 14); @@ -241,7 +243,7 @@ static fastd_cipher_state_t* blowfish_ctr_init(fastd_context_t *ctx UNUSED, cons return state; } -static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { +static bool blowfish_ctr_crypt(const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { register bf_block_t block; register uint32_t ctr[2]; @@ -271,7 +273,7 @@ static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_s return true; } -static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { +static void blowfish_ctr_free(fastd_cipher_state_t *state) { if (state) { secure_memzero(state, sizeof(*state)); free(state); diff --git a/src/crypto/cipher/ciphers.c.in b/src/crypto/cipher/ciphers.c.in index 19893f6..735d28d 100644 --- a/src/crypto/cipher/ciphers.c.in +++ b/src/crypto/cipher/ciphers.c.in @@ -25,6 +25,7 @@ #include +#include @CIPHER_DEFINITIONS@ diff --git a/src/crypto/cipher/null/memcpy/null_memcpy.c b/src/crypto/cipher/null/memcpy/null_memcpy.c index 7f0b8b3..b3f5dd3 100644 --- a/src/crypto/cipher/null/memcpy/null_memcpy.c +++ b/src/crypto/cipher/null/memcpy/null_memcpy.c @@ -27,16 +27,16 @@ #include "../../../../crypto.h" -static fastd_cipher_state_t* null_init(fastd_context_t *ctx UNUSED, const uint8_t *key UNUSED) { +static fastd_cipher_state_t* null_init(const uint8_t *key UNUSED) { return NULL; } -static bool null_memcpy(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state UNUSED, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv UNUSED) { +static bool null_memcpy(const fastd_cipher_state_t *state UNUSED, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv UNUSED) { memcpy(out, in, len); return true; } -static void null_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state UNUSED) { +static void null_free(fastd_cipher_state_t *state UNUSED) { } const fastd_cipher_t fastd_cipher_null_memcpy = { diff --git a/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c b/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c index ed14c3c..fafc282 100644 --- a/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c +++ b/src/crypto/cipher/salsa20/nacl/salsa20_nacl.c @@ -25,6 +25,7 @@ #include "../../../../crypto.h" + #include @@ -33,19 +34,19 @@ struct __attribute__((aligned(16))) fastd_cipher_state { }; -static fastd_cipher_state_t* salsa20_init(fastd_context_t *ctx UNUSED, const uint8_t *key) { +static fastd_cipher_state_t* salsa20_init(const uint8_t *key) { fastd_cipher_state_t *state = malloc(sizeof(fastd_cipher_state_t)); memcpy(state->key, key, crypto_stream_salsa20_KEYBYTES); return state; } -static bool salsa20_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { +static bool salsa20_crypt(const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { crypto_stream_salsa20_xor(out->b, in->b, len, iv, state->key); return true; } -static void salsa20_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { +static void salsa20_free(fastd_cipher_state_t *state) { if (state) { secure_memzero(state, sizeof(*state)); free(state); diff --git a/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c b/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c index 79f01c4..69862f7 100644 --- a/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c +++ b/src/crypto/cipher/salsa2012/nacl/salsa2012_nacl.c @@ -25,6 +25,7 @@ #include "../../../../crypto.h" + #include @@ -33,19 +34,19 @@ struct __attribute__((aligned(16))) fastd_cipher_state { }; -static fastd_cipher_state_t* salsa2012_init(fastd_context_t *ctx UNUSED, const uint8_t *key) { +static fastd_cipher_state_t* salsa2012_init(const uint8_t *key) { fastd_cipher_state_t *state = malloc(sizeof(fastd_cipher_state_t)); memcpy(state->key, key, crypto_stream_salsa2012_KEYBYTES); return state; } -static bool salsa2012_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { +static bool salsa2012_crypt(const fastd_cipher_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t len, const uint8_t *iv) { crypto_stream_salsa2012_xor(out->b, in->b, len, iv, state->key); return true; } -static void salsa2012_free(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { +static void salsa2012_free(fastd_cipher_state_t *state) { if (state) { secure_memzero(state, sizeof(*state)); free(state); diff --git a/src/crypto/mac/ghash/builtin/ghash_builtin.c b/src/crypto/mac/ghash/builtin/ghash_builtin.c index 341408f..c518663 100644 --- a/src/crypto/mac/ghash/builtin/ghash_builtin.c +++ b/src/crypto/mac/ghash/builtin/ghash_builtin.c @@ -61,8 +61,10 @@ static inline void mulH_a(fastd_block128_t *x, const fastd_mac_state_t *cstate) } -static fastd_mac_state_t* ghash_init(fastd_context_t *ctx UNUSED, const uint8_t *key) { - fastd_mac_state_t *state = malloc(sizeof(fastd_mac_state_t)); +static fastd_mac_state_t* ghash_init(const uint8_t *key) { + fastd_mac_state_t *state; + if (posix_memalign((void**)&state, 16, sizeof(fastd_mac_state_t))) + abort(); fastd_block128_t Hbase[4]; fastd_block128_t Rbase[4]; @@ -105,7 +107,7 @@ static fastd_mac_state_t* ghash_init(fastd_context_t *ctx UNUSED, const uint8_t return state; } -static bool ghash_hash(fastd_context_t *ctx UNUSED, const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks) { +static bool ghash_hash(const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks) { memset(out, 0, sizeof(fastd_block128_t)); size_t i; @@ -117,7 +119,7 @@ static bool ghash_hash(fastd_context_t *ctx UNUSED, const fastd_mac_state_t *sta return true; } -static void ghash_free(fastd_context_t *ctx UNUSED, fastd_mac_state_t *state) { +static void ghash_free(fastd_mac_state_t *state) { if (state) { secure_memzero(state, sizeof(*state)); free(state); diff --git a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c index 8f1edb0..419d406 100644 --- a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c +++ b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.c @@ -34,17 +34,10 @@ static bool ghash_available(void) { return ((fastd_cpuid()&REQ) == REQ); } -static void ghash_free(fastd_context_t *ctx UNUSED, fastd_mac_state_t *state) { - if (state) { - secure_memzero(state, sizeof(*state)); - free(state); - } -} - const fastd_mac_t fastd_mac_ghash_pclmulqdq = { .available = ghash_available, .init = fastd_ghash_pclmulqdq_init, .hash = fastd_ghash_pclmulqdq_hash, - .free = ghash_free, + .free = fastd_ghash_pclmulqdq_free, }; diff --git a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h index ccb1ecf..81313a3 100644 --- a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h +++ b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq.h @@ -27,10 +27,6 @@ #include "../../../../crypto.h" -struct fastd_mac_state { - fastd_block128_t H; -}; - - -fastd_mac_state_t* fastd_ghash_pclmulqdq_init(fastd_context_t *ctx, const uint8_t *key); -bool fastd_ghash_pclmulqdq_hash(fastd_context_t *ctx, const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks); +fastd_mac_state_t* fastd_ghash_pclmulqdq_init(const uint8_t *key); +bool fastd_ghash_pclmulqdq_hash(const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks); +void fastd_ghash_pclmulqdq_free(fastd_mac_state_t *state); diff --git a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c index 134d4ed..201ec9a 100644 --- a/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c +++ b/src/crypto/mac/ghash/pclmulqdq/ghash_pclmulqdq_impl.c @@ -35,6 +35,11 @@ typedef union vecblock { fastd_block128_t b; } vecblock_t; +struct fastd_mac_state { + vecblock_t H; +}; + + static inline __m128i shl(__m128i v, int a) { __m128i tmpl = _mm_slli_epi64(v, a); __m128i tmpr = _mm_srli_epi64(v, 64-a); @@ -58,18 +63,24 @@ static inline __m128i byteswap(__m128i v) { } -fastd_mac_state_t* fastd_ghash_pclmulqdq_init(fastd_context_t *ctx UNUSED, const uint8_t *key) { - fastd_mac_state_t *state = malloc(sizeof(fastd_mac_state_t)); - - vecblock_t h; - memcpy(&h, key, sizeof(__m128i)); +fastd_mac_state_t* fastd_ghash_pclmulqdq_init(const uint8_t *key) { + fastd_mac_state_t *state; + if (posix_memalign((void**)&state, 16, sizeof(fastd_mac_state_t))) + abort(); - h.v = byteswap(h.v); - state->H = h.b; + memcpy(&state->H, key, sizeof(__m128i)); + state->H.v = byteswap(state->H.v); return state; } +void fastd_ghash_pclmulqdq_free(fastd_mac_state_t *state) { + if (state) { + secure_memzero(state, sizeof(*state)); + free(state); + } +} + static __m128i gmul(__m128i v, __m128i h) { /* multiply */ __m128i z0, z1, z2, tmp; @@ -123,15 +134,14 @@ static __m128i gmul(__m128i v, __m128i h) { } -bool fastd_ghash_pclmulqdq_hash(fastd_context_t *ctx UNUSED, const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks) { - vecblock_t h = {.b = state->H}; +bool fastd_ghash_pclmulqdq_hash(const fastd_mac_state_t *state, fastd_block128_t *out, const fastd_block128_t *in, size_t n_blocks) { vecblock_t v = {.v = _mm_setzero_si128()}; size_t i; for (i = 0; i < n_blocks; i++) { __m128i b = ((vecblock_t)in[i]).v; v.v = _mm_xor_si128(v.v, byteswap(b)); - v.v = gmul(v.v, h.v); + v.v = gmul(v.v, state->H.v); } v.v = byteswap(v.v); diff --git a/src/crypto/mac/macs.c.in b/src/crypto/mac/macs.c.in index 57f327a..cdf1b10 100644 --- a/src/crypto/mac/macs.c.in +++ b/src/crypto/mac/macs.c.in @@ -25,6 +25,7 @@ #include +#include @MAC_DEFINITIONS@ diff --git a/src/fastd.h b/src/fastd.h index ebbcf86..90f1f8f 100644 --- a/src/fastd.h +++ b/src/fastd.h @@ -478,22 +478,4 @@ static inline size_t min_size_t(size_t a, size_t b) { return (a < b) ? a : b; } -static inline void secure_memzero(void *s, size_t n) { - memset(s, 0, n); - __asm__ volatile("" : : "m"(s)); -} - -static inline void xor(fastd_block128_t *x, fastd_block128_t a, fastd_block128_t b) { - x->qw[0] = a.qw[0] ^ b.qw[0]; - x->qw[1] = a.qw[1] ^ b.qw[1]; -} - -static inline void xor_a(fastd_block128_t *x, fastd_block128_t a) { - xor(x, *x, a); -} - -static inline bool fastd_true(void) { - return true; -} - #endif /* _FASTD_FASTD_H_ */ diff --git a/src/methods/cipher_test/cipher_test.c b/src/methods/cipher_test/cipher_test.c index 240e15d..2516164 100644 --- a/src/methods/cipher_test/cipher_test.c +++ b/src/methods/cipher_test/cipher_test.c @@ -80,7 +80,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c fastd_method_common_init(ctx, &session->common, initiator); session->method = method; session->cipher = fastd_cipher_get(ctx, method->cipher_info); - session->cipher_state = session->cipher->init(ctx, secret); + session->cipher_state = session->cipher->init(secret); pr_warn(ctx, "using cipher-test method; this method must be used for testing and benchmarks only"); @@ -103,9 +103,9 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session fastd_method_session_common_superseded(ctx, &session->common); } -static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) { +static void method_session_free(fastd_context_t *ctx UNUSED, fastd_method_session_state_t *session) { if (session) { - session->cipher->free(ctx, session->cipher_state); + session->cipher->free(session->cipher_state); free(session); } } @@ -130,7 +130,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast fastd_block128_t *inblocks = in.data; fastd_block128_t *outblocks = out->data; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (!ok) { fastd_buffer_free(*out); @@ -183,7 +183,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_block128_t *inblocks = in.data; fastd_block128_t *outblocks = out->data; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (!ok) { fastd_buffer_free(*out); diff --git a/src/methods/composed_gmac/composed_gmac.c b/src/methods/composed_gmac/composed_gmac.c index fafc77b..87ce2e3 100644 --- a/src/methods/composed_gmac/composed_gmac.c +++ b/src/methods/composed_gmac/composed_gmac.c @@ -116,10 +116,10 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c session->method = method; session->cipher = fastd_cipher_get(ctx, method->cipher_info); - session->cipher_state = session->cipher->init(ctx, secret); + session->cipher_state = session->cipher->init(secret); session->gmac_cipher = fastd_cipher_get(ctx, method->gmac_cipher_info); - session->gmac_cipher_state = session->gmac_cipher->init(ctx, secret + method->cipher_info->key_length); + session->gmac_cipher_state = session->gmac_cipher->init(secret + method->cipher_info->key_length); fastd_block128_t H; @@ -127,16 +127,16 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c uint8_t zeroiv[gmac_iv_length]; memset(zeroiv, 0, gmac_iv_length); - if (!session->gmac_cipher->crypt(ctx, session->gmac_cipher_state, &H, &ZERO_BLOCK, sizeof(fastd_block128_t), zeroiv)) { - session->cipher->free(ctx, session->cipher_state); - session->gmac_cipher->free(ctx, session->gmac_cipher_state); + if (!session->gmac_cipher->crypt(session->gmac_cipher_state, &H, &ZERO_BLOCK, sizeof(fastd_block128_t), zeroiv)) { + session->cipher->free(session->cipher_state); + session->gmac_cipher->free(session->gmac_cipher_state); free(session); return NULL; } session->ghash = fastd_mac_get(ctx, method->ghash_info); - session->ghash_state = session->ghash->init(ctx, H.b); + session->ghash_state = session->ghash->init(H.b); return session; } @@ -157,11 +157,11 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session fastd_method_session_common_superseded(ctx, &session->common); } -static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) { +static void method_session_free(fastd_context_t *ctx UNUSED, fastd_method_session_state_t *session) { if (session) { - session->cipher->free(ctx, session->cipher_state); - session->gmac_cipher->free(ctx, session->gmac_cipher_state); - session->ghash->free(ctx, session->ghash_state); + session->cipher->free(session->cipher_state); + session->gmac_cipher->free(session->gmac_cipher_state); + session->ghash->free(session->ghash_state); free(session); } @@ -195,7 +195,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast memcpy(gmac_nonce, session->common.send_nonce, COMMON_NONCEBYTES); gmac_nonce[gmac_iv_length-1] = 1; - bool ok = session->gmac_cipher->crypt(ctx, session->gmac_cipher_state, outblocks, &ZERO_BLOCK, sizeof(fastd_block128_t), gmac_nonce); + bool ok = session->gmac_cipher->crypt(session->gmac_cipher_state, outblocks, &ZERO_BLOCK, sizeof(fastd_block128_t), gmac_nonce); if (ok) { size_t iv_length = session->method->cipher_info->iv_length; @@ -206,7 +206,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast nonce[iv_length-1] = 1; } - ok = session->cipher->crypt(ctx, session->cipher_state, outblocks+1, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + ok = session->cipher->crypt(session->cipher_state, outblocks+1, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); } if (ok) { @@ -215,7 +215,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast put_size(&outblocks[n_blocks+1], in.len); - ok = session->ghash->hash(ctx, session->ghash_state, &sig, outblocks+1, n_blocks+1); + ok = session->ghash->hash(session->ghash_state, &sig, outblocks+1, n_blocks+1); } if (!ok) { @@ -278,10 +278,10 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_block128_t *outblocks = out->data; fastd_block128_t sig; - bool ok = session->gmac_cipher->crypt(ctx, session->gmac_cipher_state, outblocks, inblocks, sizeof(fastd_block128_t), gmac_nonce); + bool ok = session->gmac_cipher->crypt(session->gmac_cipher_state, outblocks, inblocks, sizeof(fastd_block128_t), gmac_nonce); if (ok) - ok = session->cipher->crypt(ctx, session->cipher_state, outblocks+1, inblocks+1, (n_blocks-1)*sizeof(fastd_block128_t), nonce); + ok = session->cipher->crypt(session->cipher_state, outblocks+1, inblocks+1, (n_blocks-1)*sizeof(fastd_block128_t), nonce); if (ok) { if (tail_len) @@ -289,7 +289,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho put_size(&inblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(ctx, session->ghash_state, &sig, inblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &sig, inblocks+1, n_blocks); } if (!ok || memcmp(&sig, &outblocks[0], sizeof(fastd_block128_t)) != 0) { diff --git a/src/methods/generic_gcm/generic_gcm.c b/src/methods/generic_gcm/generic_gcm.c index 5aa4210..fc665dd 100644 --- a/src/methods/generic_gcm/generic_gcm.c +++ b/src/methods/generic_gcm/generic_gcm.c @@ -93,7 +93,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c session->method = method; session->cipher = fastd_cipher_get(ctx, method->cipher_info); - session->cipher_state = session->cipher->init(ctx, secret); + session->cipher_state = session->cipher->init(secret); static const fastd_block128_t zeroblock = {}; fastd_block128_t H; @@ -102,14 +102,14 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c uint8_t zeroiv[iv_length]; memset(zeroiv, 0, iv_length); - if (!session->cipher->crypt(ctx, session->cipher_state, &H, &zeroblock, sizeof(fastd_block128_t), zeroiv)) { - session->cipher->free(ctx, session->cipher_state); + if (!session->cipher->crypt(session->cipher_state, &H, &zeroblock, sizeof(fastd_block128_t), zeroiv)) { + session->cipher->free(session->cipher_state); free(session); return NULL; } session->ghash = fastd_mac_get(ctx, method->ghash_info); - session->ghash_state = session->ghash->init(ctx, H.b); + session->ghash_state = session->ghash->init(H.b); return session; } @@ -137,10 +137,10 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session fastd_method_session_common_superseded(ctx, &session->common); } -static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) { +static void method_session_free(fastd_context_t *ctx UNUSED, fastd_method_session_state_t *session) { if (session) { - session->cipher->free(ctx, session->cipher_state); - session->ghash->free(ctx, session->ghash_state); + session->cipher->free(session->cipher_state); + session->ghash->free(session->ghash_state); free(session); } @@ -177,7 +177,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast fastd_block128_t *outblocks = out->data; fastd_block128_t sig; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (ok) { if (tail_len) @@ -185,7 +185,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast put_size(&outblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(ctx, session->ghash_state, &sig, outblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &sig, outblocks+1, n_blocks); } if (!ok) { @@ -240,7 +240,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_block128_t *outblocks = out->data; fastd_block128_t sig; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (ok) { if (tail_len) @@ -248,7 +248,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho put_size(&inblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(ctx, session->ghash_state, &sig, inblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &sig, inblocks+1, n_blocks); } if (!ok || memcmp(&sig, &outblocks[0], sizeof(fastd_block128_t)) != 0) { diff --git a/src/methods/generic_gmac/generic_gmac.c b/src/methods/generic_gmac/generic_gmac.c index f7ea086..e9224f6 100644 --- a/src/methods/generic_gmac/generic_gmac.c +++ b/src/methods/generic_gmac/generic_gmac.c @@ -96,10 +96,10 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c session->method = method; session->cipher = fastd_cipher_get(ctx, method->cipher_info); - session->cipher_state = session->cipher->init(ctx, secret); + session->cipher_state = session->cipher->init(secret); session->ghash = fastd_mac_get(ctx, method->ghash_info); - session->ghash_state = session->ghash->init(ctx, secret + method->cipher_info->key_length); + session->ghash_state = session->ghash->init(secret + method->cipher_info->key_length); return session; } @@ -120,10 +120,10 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session fastd_method_session_common_superseded(ctx, &session->common); } -static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) { +static void method_session_free(fastd_context_t *ctx UNUSED, fastd_method_session_state_t *session) { if (session) { - session->cipher->free(ctx, session->cipher_state); - session->ghash->free(ctx, session->ghash_state); + session->cipher->free(session->cipher_state); + session->ghash->free(session->ghash_state); free(session); } @@ -160,7 +160,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast fastd_block128_t *outblocks = out->data; fastd_block128_t sig; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (ok) { if (tail_len) @@ -168,7 +168,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast put_size(&outblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(ctx, session->ghash_state, &sig, outblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &sig, outblocks+1, n_blocks); } if (!ok) { @@ -224,7 +224,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_block128_t *outblocks = out->data; fastd_block128_t sig; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (ok) { if (tail_len) @@ -232,7 +232,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho put_size(&inblocks[n_blocks], in.len-sizeof(fastd_block128_t)); - ok = session->ghash->hash(ctx, session->ghash_state, &sig, inblocks+1, n_blocks); + ok = session->ghash->hash(session->ghash_state, &sig, inblocks+1, n_blocks); } if (!ok || memcmp(&sig, &outblocks[0], sizeof(fastd_block128_t)) != 0) { diff --git a/src/methods/generic_poly1305/generic_poly1305.c b/src/methods/generic_poly1305/generic_poly1305.c index 1f40655..f547d5a 100644 --- a/src/methods/generic_poly1305/generic_poly1305.c +++ b/src/methods/generic_poly1305/generic_poly1305.c @@ -88,7 +88,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c fastd_method_common_init(ctx, &session->common, initiator); session->method = method; session->cipher = fastd_cipher_get(ctx, session->method->cipher_info); - session->cipher_state = session->cipher->init(ctx, secret); + session->cipher_state = session->cipher->init(secret); return session; } @@ -109,9 +109,9 @@ static void method_session_superseded(fastd_context_t *ctx, fastd_method_session fastd_method_session_common_superseded(ctx, &session->common); } -static void method_session_free(fastd_context_t *ctx, fastd_method_session_state_t *session) { +static void method_session_free(fastd_context_t *ctx UNUSED, fastd_method_session_state_t *session) { if (session) { - session->cipher->free(ctx, session->cipher_state); + session->cipher->free(session->cipher_state); free(session); } } @@ -138,7 +138,7 @@ static bool method_encrypt(fastd_context_t *ctx, fastd_peer_t *peer UNUSED, fast fastd_block128_t *outblocks = out->data; uint8_t tag[crypto_onetimeauth_poly1305_BYTES]; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (!ok) { /* restore original buffer */ @@ -199,7 +199,7 @@ static bool method_decrypt(fastd_context_t *ctx, fastd_peer_t *peer, fastd_metho fastd_block128_t *inblocks = in.data; fastd_block128_t *outblocks = out->data; - bool ok = session->cipher->crypt(ctx, session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); + bool ok = session->cipher->crypt(session->cipher_state, outblocks, inblocks, n_blocks*sizeof(fastd_block128_t), nonce); if (ok) { if (tail_len) diff --git a/src/methods/xsalsa20_poly1305/xsalsa20_poly1305.c b/src/methods/xsalsa20_poly1305/xsalsa20_poly1305.c index 9d964a3..19a929d 100644 --- a/src/methods/xsalsa20_poly1305/xsalsa20_poly1305.c +++ b/src/methods/xsalsa20_poly1305/xsalsa20_poly1305.c @@ -24,6 +24,7 @@ */ +#include "../../crypto.h" #include "../../method.h" #include "../common.h" diff --git a/src/protocols/ec25519_fhmqvc/state.c b/src/protocols/ec25519_fhmqvc/state.c index 46374cc..990d1f0 100644 --- a/src/protocols/ec25519_fhmqvc/state.c +++ b/src/protocols/ec25519_fhmqvc/state.c @@ -25,6 +25,7 @@ #include "handshake.h" +#include "../../crypto.h" static void init_protocol_state(fastd_context_t *ctx) { diff --git a/src/types.h b/src/types.h index d74c052..acf97c6 100644 --- a/src/types.h +++ b/src/types.h @@ -36,6 +36,7 @@ #include #include +#include #include -- cgit v1.2.3