From 035d8203c44be3c73498143b3c617be723595baf Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Tue, 13 Dec 2022 09:55:21 -0500 Subject: [PATCH] A little cleanup and renaming. --- crypto/src/aes.rs | 14 +++++++------- crypto/src/zssp.rs | 14 +++++++------- network-hypervisor/src/vl1/node.rs | 2 +- network-hypervisor/src/vl1/path.rs | 2 +- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/crypto/src/aes.rs b/crypto/src/aes.rs index 8ba3e9f62..b13e21a45 100644 --- a/crypto/src/aes.rs +++ b/crypto/src/aes.rs @@ -223,7 +223,7 @@ mod fruit_flavored { } #[inline(always)] - pub fn init(&mut self, iv: &[u8]) { + pub fn reset_init_gcm(&mut self, iv: &[u8]) { assert_eq!(iv.len(), 12); unsafe { assert_eq!(CCCryptorGCMReset(self.0), 0); @@ -406,7 +406,7 @@ mod openssl_aes { /// Initialize AES-CTR for encryption or decryption with the given IV. /// If it's already been used, this also resets the cipher. There is no separate reset. #[inline] - pub fn init(&mut self, iv: &[u8]) { + pub fn reset_init_gcm(&mut self, iv: &[u8]) { assert_eq!(iv.len(), 12); let mut c = Crypter::new( aes_gcm_by_key_size(self.1), @@ -495,7 +495,7 @@ mod tests { let benchmark_iterations: usize = 80000; let start = SystemTime::now(); for _ in 0..benchmark_iterations { - c.init(&iv); + c.reset_init_gcm(&iv); c.crypt_in_place(&mut buf); } let duration = SystemTime::now().duration_since(start).unwrap(); @@ -508,7 +508,7 @@ mod tests { let start = SystemTime::now(); for _ in 0..benchmark_iterations { - c.init(&iv); + c.reset_init_gcm(&iv); c.crypt_in_place(&mut buf); } let duration = SystemTime::now().duration_since(start).unwrap(); @@ -523,7 +523,7 @@ mod tests { // Even though we are just wrapping other implementations, it's still good to test thoroughly! for tv in NIST_AES_GCM_TEST_VECTORS.iter() { let mut gcm = AesGcm::new(tv.key, true); - gcm.init(tv.nonce); + gcm.reset_init_gcm(tv.nonce); gcm.aad(tv.aad); let mut ciphertext = Vec::new(); ciphertext.resize(tv.plaintext.len(), 0); @@ -533,13 +533,13 @@ mod tests { assert!(ciphertext.as_slice().eq(tv.ciphertext)); let mut gcm = AesGcm::new(tv.key, false); - gcm.init(tv.nonce); + gcm.reset_init_gcm(tv.nonce); gcm.aad(tv.aad); let mut ct_copy = ciphertext.clone(); gcm.crypt_in_place(ct_copy.as_mut()); assert!(gcm.finish_decrypt(&tag)); - gcm.init(tv.nonce); + gcm.reset_init_gcm(tv.nonce); gcm.aad(tv.aad); gcm.crypt_in_place(ciphertext.as_mut()); tag[0] ^= 1; diff --git a/crypto/src/zssp.rs b/crypto/src/zssp.rs index ff8269f64..6db42cfc9 100644 --- a/crypto/src/zssp.rs +++ b/crypto/src/zssp.rs @@ -466,7 +466,7 @@ impl Session { // Get an initialized AES-GCM cipher and re-initialize with a 96-bit IV built from remote session ID, // packet type, and counter. let mut c = key.get_send_cipher(counter)?; - c.init(CanonicalHeader::make(remote_session_id, PACKET_TYPE_DATA, counter.to_u32()).as_bytes()); + c.reset_init_gcm(CanonicalHeader::make(remote_session_id, PACKET_TYPE_DATA, counter.to_u32()).as_bytes()); // Send first N-1 fragments of N total fragments. if packet_len > mtu_buffer.len() { @@ -754,7 +754,7 @@ impl ReceiveContext { let key_ptr = (state.key_ptr + p) % KEY_HISTORY_SIZE; if let Some(key) = state.keys[key_ptr].as_ref() { let mut c = key.get_receive_cipher(); - c.init(canonical_header_bytes); + c.reset_init_gcm(canonical_header_bytes); let mut data_len = 0; @@ -905,7 +905,7 @@ impl ReceiveContext { kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB).first_n::(), false, ); - c.init(canonical_header_bytes); + c.reset_init_gcm(canonical_header_bytes); c.crypt_in_place(&mut kex_packet[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..payload_end]); if !c.finish_decrypt(&kex_packet[payload_end..aes_gcm_tag_end]) { return Err(Error::FailedAuthentication); @@ -1093,7 +1093,7 @@ impl ReceiveContext { kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE).first_n::(), true, ); - c.init(reply_canonical_header.as_bytes()); + c.reset_init_gcm(reply_canonical_header.as_bytes()); c.crypt_in_place(&mut reply_buf[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..reply_len]); let c = c.finish_encrypt(); reply_buf[reply_len..(reply_len + AES_GCM_TAG_SIZE)].copy_from_slice(&c); @@ -1171,7 +1171,7 @@ impl ReceiveContext { kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE).first_n::(), false, ); - c.init(canonical_header_bytes); + c.reset_init_gcm(canonical_header_bytes); c.crypt_in_place(&mut kex_packet[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..payload_end]); if !c.finish_decrypt(&kex_packet[payload_end..aes_gcm_tag_end]) { return Err(Error::FailedAuthentication); @@ -1233,7 +1233,7 @@ impl ReceiveContext { )?; let mut c = key.get_send_cipher(counter)?; - c.init(CanonicalHeader::make(bob_session_id.into(), PACKET_TYPE_NOP, counter.to_u32()).as_bytes()); + c.reset_init_gcm(CanonicalHeader::make(bob_session_id.into(), PACKET_TYPE_NOP, counter.to_u32()).as_bytes()); reply_buf[HEADER_SIZE..].copy_from_slice(&c.finish_encrypt()); key.return_send_cipher(c); @@ -1428,7 +1428,7 @@ fn send_ephemeral_offer( kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB).first_n::(), true, ); - c.init(canonical_header.as_bytes()); + c.reset_init_gcm(canonical_header.as_bytes()); c.crypt_in_place(&mut packet_buf[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..packet_len]); c.finish_encrypt() }; diff --git a/network-hypervisor/src/vl1/node.rs b/network-hypervisor/src/vl1/node.rs index 7ccb536b7..da51d81cb 100644 --- a/network-hypervisor/src/vl1/node.rs +++ b/network-hypervisor/src/vl1/node.rs @@ -794,7 +794,7 @@ impl Node { fragment_header.total_fragments() ); - if let Some(assembled_packet) = path.receive_fragment( + if let Some(assembled_packet) = path.v1_proto_receive_fragment( fragment_header.packet_id(), fragment_header.fragment_no(), fragment_header.total_fragments(), diff --git a/network-hypervisor/src/vl1/path.rs b/network-hypervisor/src/vl1/path.rs index e6b1aee98..11068a6eb 100644 --- a/network-hypervisor/src/vl1/path.rs +++ b/network-hypervisor/src/vl1/path.rs @@ -66,7 +66,7 @@ impl Path { /// Receive a fragment and return a FragmentedPacket if the entire packet was assembled. /// This returns None if more fragments are needed to assemble the packet. - pub(crate) fn receive_fragment( + pub(crate) fn v1_proto_receive_fragment( &self, packet_id: u64, fragment_no: u8,