miegl/mud
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Import and use aegis256

Browse Source 
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
This commit is contained in:
Adrien Gallouët
2019-09-17 08:21:25 +00:00
parent a6befda070
commit 0397bc63e7
3 changed files with 13 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitmodules vendored Normal file
View File

@@ -0,0 +1,4 @@
[submodule "aegis256"]
path = aegis256
url = https://github.com/angt/aegis256
ignore = dirty

1
aegis256 Submodule

Submodule aegis256 added at 0a7dad4dee

29
mud.c
View File

@@ -22,6 +22,7 @@
#include <netinet/in.h> #include <netinet/in.h>
#include <sodium.h> #include <sodium.h>
#include "aegis256/aegis256.h"
#if !defined MSG_CONFIRM #if !defined MSG_CONFIRM
#define MSG_CONFIRM 0 #define MSG_CONFIRM 0
@@ -98,7 +99,6 @@ struct mud_crypto_opt {
struct mud_crypto_key { struct mud_crypto_key {
struct { struct {
unsigned char key[MUD_KEY_SIZE]; unsigned char key[MUD_KEY_SIZE];
crypto_aead_aes256gcm_state state;
} encrypt, decrypt; } encrypt, decrypt;
int aes; int aes;
}; };
@@ -179,21 +179,20 @@ mud_encrypt_opt(const struct mud_crypto_key *k,
const struct mud_crypto_opt *c) const struct mud_crypto_opt *c)
{ {
if (k->aes) { if (k->aes) {
unsigned char npub[crypto_aead_aes256gcm_NPUBBYTES]; unsigned char npub[AEGIS256_NPUBBYTES];
memcpy(npub, c->dst, MUD_U48_SIZE); memcpy(npub, c->dst, MUD_U48_SIZE);
memset(npub + MUD_U48_SIZE, 0, sizeof(npub) - MUD_U48_SIZE); memset(npub + MUD_U48_SIZE, 0, sizeof(npub) - MUD_U48_SIZE);
return crypto_aead_aes256gcm_encrypt_afternm( return aegis256_encrypt(
c->dst + MUD_U48_SIZE, c->dst + MUD_U48_SIZE,
NULL, NULL,
c->src, c->src,
c->size, c->size,
c->dst, c->dst,
MUD_U48_SIZE, MUD_U48_SIZE,
NULL,
npub, npub,
(const crypto_aead_aes256gcm_state *)&k->encrypt.state k->encrypt.key
); );
} else { } else {
unsigned char npub[crypto_aead_chacha20poly1305_NPUBBYTES]; unsigned char npub[crypto_aead_chacha20poly1305_NPUBBYTES];
@@ -220,20 +219,19 @@ mud_decrypt_opt(const struct mud_crypto_key *k,
const struct mud_crypto_opt *c) const struct mud_crypto_opt *c)
{ {
if (k->aes) { if (k->aes) {
unsigned char npub[crypto_aead_aes256gcm_NPUBBYTES]; unsigned char npub[AEGIS256_NPUBBYTES];
memcpy(npub, c->src, MUD_U48_SIZE); memcpy(npub, c->src, MUD_U48_SIZE);
memset(npub + MUD_U48_SIZE, 0, sizeof(npub) - MUD_U48_SIZE); memset(npub + MUD_U48_SIZE, 0, sizeof(npub) - MUD_U48_SIZE);
return crypto_aead_aes256gcm_decrypt_afternm( return aegis256_decrypt(
c->dst, c->dst,
NULL, NULL,
NULL,
c->src + MUD_U48_SIZE, c->src + MUD_U48_SIZE,
c->size - MUD_U48_SIZE, c->size - MUD_U48_SIZE,
c->src, MUD_U48_SIZE, c->src, MUD_U48_SIZE,
npub, npub,
(const crypto_aead_aes256gcm_state *)&k->decrypt.state k->decrypt.key
); );
} else { } else {
unsigned char npub[crypto_aead_chacha20poly1305_NPUBBYTES]; unsigned char npub[crypto_aead_chacha20poly1305_NPUBBYTES];
@@ -889,17 +887,6 @@ mud_keyx(struct mud *mud, unsigned char *remote, int aes)
mud->crypto.next.aes = mud->crypto.aes && aes; mud->crypto.next.aes = mud->crypto.aes && aes;
if (!mud->crypto.next.aes)
return 0;
crypto_aead_aes256gcm_beforenm((crypto_aead_aes256gcm_state *)
&mud->crypto.next.encrypt.state,
mud->crypto.next.encrypt.key);
crypto_aead_aes256gcm_beforenm((crypto_aead_aes256gcm_state *)
&mud->crypto.next.decrypt.state,
mud->crypto.next.decrypt.key);
return 0; return 0;
} }
@@ -935,7 +922,7 @@ mud_keyx_init(struct mud *mud, uint64_t now)
int int
mud_set_aes(struct mud *mud) mud_set_aes(struct mud *mud)
{ {
if (!crypto_aead_aes256gcm_is_available()) { if (!aegis256_is_available()) {
errno = ENOTSUP; errno = ENOTSUP;
return -1; return -1;
} }