Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
585b2b08bc | ||
|
|
a3aa6fc4fb |
104
src/main.c
104
src/main.c
@@ -986,6 +986,53 @@ static int gt_track (uint8_t **db, struct ip_common *ic, uint8_t *data, int rev)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void gt_bench (int chacha)
|
||||
{
|
||||
unsigned char npub[crypto_aead_aes256gcm_NPUBBYTES];
|
||||
memset(npub, 0, sizeof(npub));
|
||||
|
||||
unsigned char key[crypto_aead_aes256gcm_KEYBYTES];
|
||||
memset(key, 1, sizeof(key));
|
||||
|
||||
crypto_aead_aes256gcm_state ctx;
|
||||
|
||||
if (!chacha)
|
||||
crypto_aead_aes256gcm_beforenm(&ctx, key);
|
||||
|
||||
int count = 2000000;
|
||||
size_t size = 8;
|
||||
|
||||
gt_print("bench: %s\n", chacha?"chacha20poly1305":"aes256gcm");
|
||||
|
||||
_align_(16) unsigned char buf[32*1024+crypto_aead_aes256gcm_ABYTES];
|
||||
|
||||
for (size_t size=8; size<=sizeof(buf); size*=2) {
|
||||
struct timeval tv1;
|
||||
gettimeofday(&tv1, NULL);
|
||||
|
||||
for (int i=0; !gt.quit && i<count; i++) {
|
||||
if (chacha) {
|
||||
crypto_aead_chacha20poly1305_encrypt(buf, NULL,
|
||||
buf, size, NULL, 0, NULL, npub, key);
|
||||
} else {
|
||||
crypto_aead_aes256gcm_encrypt_afternm(buf, NULL,
|
||||
buf, size, NULL, 0, NULL, npub,
|
||||
(const crypto_aead_aes256gcm_state *)&ctx);
|
||||
}
|
||||
}
|
||||
|
||||
if (gt.quit)
|
||||
break;
|
||||
|
||||
struct timeval tv2;
|
||||
gettimeofday(&tv2, NULL);
|
||||
|
||||
double dt = (tv2.tv_usec+tv2.tv_sec*1e6)-(tv1.tv_usec+tv1.tv_sec*1e6);
|
||||
|
||||
gt_print("block size: %-6zu bps: %.2f\n", size, size*count*8.0/dt);
|
||||
}
|
||||
}
|
||||
|
||||
static int gt_setup_secretkey (struct crypto_ctx *ctx, char *keyfile)
|
||||
{
|
||||
const size_t size = sizeof(ctx->skey);
|
||||
@@ -1064,17 +1111,26 @@ static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
|
||||
if (fd_read_all(fd, data_r, size)!=size)
|
||||
return -1;
|
||||
|
||||
if (memcmp(&data_r[size-hash_size-sizeof(proto)], proto, 3))
|
||||
if (memcmp(&data_r[size-hash_size-sizeof(proto)], proto, 3)) {
|
||||
gt_log("bad packet [%02X%02X%02X] !\n",
|
||||
&data_r[size-hash_size-sizeof(proto)+0],
|
||||
&data_r[size-hash_size-sizeof(proto)+1],
|
||||
&data_r[size-hash_size-sizeof(proto)+2]);
|
||||
return -2;
|
||||
}
|
||||
|
||||
if (data_r[size-hash_size-sizeof(proto)+3])
|
||||
if (data_r[size-hash_size-sizeof(proto)+3] && !ctx->chacha) {
|
||||
gt_log("peer wants chacha20\n");
|
||||
ctx->chacha = 1;
|
||||
}
|
||||
|
||||
crypto_generichash(hash, hash_size,
|
||||
data_r, size-hash_size, ctx->skey, sizeof(ctx->skey));
|
||||
|
||||
if (sodium_memcmp(&data_r[size-hash_size], hash, hash_size))
|
||||
if (sodium_memcmp(&data_r[size-hash_size], hash, hash_size)) {
|
||||
gt_log("peer sends a bad hash!\n");
|
||||
return -2;
|
||||
}
|
||||
|
||||
if (listener && fd_write_all(fd, data_w, size)!=size)
|
||||
return -1;
|
||||
@@ -1091,11 +1147,15 @@ static int gt_setup_crypto (struct crypto_ctx *ctx, int fd, int listener)
|
||||
crypto_generichash(hash, hash_size,
|
||||
data_w, size, ctx->skey, sizeof(ctx->skey));
|
||||
|
||||
if (sodium_memcmp(auth_r, hash, hash_size))
|
||||
if (sodium_memcmp(auth_r, hash, hash_size)) {
|
||||
gt_log("peer sends a bad hash (challenge-response)!\n");
|
||||
return -2;
|
||||
}
|
||||
|
||||
if (crypto_scalarmult(shared, secret, data_r))
|
||||
if (crypto_scalarmult(shared, secret, data_r)) {
|
||||
gt_log("I'm just gonna hurt you really, really, BAD\n");
|
||||
return -2;
|
||||
}
|
||||
|
||||
crypto_generichash_init(&state, ctx->skey, sizeof(ctx->skey), sizeof(key_r));
|
||||
crypto_generichash_update(&state, shared, sizeof(shared));
|
||||
@@ -1182,6 +1242,7 @@ int main (int argc, char **argv)
|
||||
{ "retry", &retry_opts, option_option },
|
||||
{ "statefile", &statefile, option_str },
|
||||
{ "timeout", >.timeout, option_long },
|
||||
{ "bench", NULL, option_option },
|
||||
{ "chacha20", NULL, option_option },
|
||||
{ "mptcp", NULL, option_option },
|
||||
{ "debug", NULL, option_option },
|
||||
@@ -1207,6 +1268,21 @@ int main (int argc, char **argv)
|
||||
|
||||
gt.mptcp = option_is_set(opts, "mptcp");
|
||||
|
||||
if (sodium_init()==-1) {
|
||||
gt_log("libsodium initialization has failed\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!chacha && !crypto_aead_aes256gcm_is_available()) {
|
||||
gt_na("AES-256-GCM");
|
||||
chacha = 1;
|
||||
}
|
||||
|
||||
if (option_is_set(opts, "bench")) {
|
||||
gt_bench(chacha);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (buffer_size < GT_PKT_MAX) {
|
||||
buffer_size = GT_PKT_MAX;
|
||||
gt_log("buffer size must be greater than or equal to %li\n", buffer_size);
|
||||
@@ -1227,16 +1303,6 @@ int main (int argc, char **argv)
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (sodium_init()==-1) {
|
||||
gt_log("libsodium initialization has failed\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!chacha && !crypto_aead_aes256gcm_is_available()) {
|
||||
gt_na("AES-256-GCM");
|
||||
chacha = 1;
|
||||
}
|
||||
|
||||
struct addrinfo *ai = ai_create(host, port, listener);
|
||||
|
||||
if (!ai)
|
||||
@@ -1339,15 +1405,9 @@ int main (int argc, char **argv)
|
||||
|
||||
ctx.chacha = chacha;
|
||||
|
||||
switch (gt_setup_crypto(&ctx, sock.fd, listener)) {
|
||||
case -2:
|
||||
gt_log("%s: key exchange could not be verified!\n", sockname);
|
||||
goto restart;
|
||||
case -1:
|
||||
if (gt_setup_crypto(&ctx, sock.fd, listener)) {
|
||||
gt_log("%s: key exchange failed\n", sockname);
|
||||
goto restart;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
retry = 0;
|
||||
|
||||
Reference in New Issue
Block a user