void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-08 21:43:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

A little cleanup and renaming.

Browse source
This commit is contained in:
Adam Ierymenko 2022-12-13 09:55:21 -05:00
parent cfa1d8434e
commit 035d8203c4
4 changed files with 16 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
crypto/src/aes.rs
View file

@ -223,7 +223,7 @@ mod fruit_flavored {
} }
#[inline(always)] #[inline(always)]
pub fn init(&mut self, iv: &[u8]) { pub fn reset_init_gcm(&mut self, iv: &[u8]) {
assert_eq!(iv.len(), 12); assert_eq!(iv.len(), 12);
unsafe { unsafe {
assert_eq!(CCCryptorGCMReset(self.0), 0); assert_eq!(CCCryptorGCMReset(self.0), 0);
@ -406,7 +406,7 @@ mod openssl_aes {
/// Initialize AES-CTR for encryption or decryption with the given IV. /// Initialize AES-CTR for encryption or decryption with the given IV.
/// If it's already been used, this also resets the cipher. There is no separate reset. /// If it's already been used, this also resets the cipher. There is no separate reset.
#[inline] #[inline]
pub fn init(&mut self, iv: &[u8]) { pub fn reset_init_gcm(&mut self, iv: &[u8]) {
assert_eq!(iv.len(), 12); assert_eq!(iv.len(), 12);
let mut c = Crypter::new( let mut c = Crypter::new(
aes_gcm_by_key_size(self.1), aes_gcm_by_key_size(self.1),
@ -495,7 +495,7 @@ mod tests {
let benchmark_iterations: usize = 80000; let benchmark_iterations: usize = 80000;
let start = SystemTime::now(); let start = SystemTime::now();
for _ in 0..benchmark_iterations { for _ in 0..benchmark_iterations {
c.init(&iv); c.reset_init_gcm(&iv);
c.crypt_in_place(&mut buf); c.crypt_in_place(&mut buf);
} }
let duration = SystemTime::now().duration_since(start).unwrap(); let duration = SystemTime::now().duration_since(start).unwrap();
@ -508,7 +508,7 @@ mod tests {
let start = SystemTime::now(); let start = SystemTime::now();
for _ in 0..benchmark_iterations { for _ in 0..benchmark_iterations {
c.init(&iv); c.reset_init_gcm(&iv);
c.crypt_in_place(&mut buf); c.crypt_in_place(&mut buf);
} }
let duration = SystemTime::now().duration_since(start).unwrap(); let duration = SystemTime::now().duration_since(start).unwrap();
@ -523,7 +523,7 @@ mod tests {
// Even though we are just wrapping other implementations, it's still good to test thoroughly! // Even though we are just wrapping other implementations, it's still good to test thoroughly!
for tv in NIST_AES_GCM_TEST_VECTORS.iter() { for tv in NIST_AES_GCM_TEST_VECTORS.iter() {
let mut gcm = AesGcm::new(tv.key, true); let mut gcm = AesGcm::new(tv.key, true);
gcm.init(tv.nonce); gcm.reset_init_gcm(tv.nonce);
gcm.aad(tv.aad); gcm.aad(tv.aad);
let mut ciphertext = Vec::new(); let mut ciphertext = Vec::new();
ciphertext.resize(tv.plaintext.len(), 0); ciphertext.resize(tv.plaintext.len(), 0);
@ -533,13 +533,13 @@ mod tests {
assert!(ciphertext.as_slice().eq(tv.ciphertext)); assert!(ciphertext.as_slice().eq(tv.ciphertext));
let mut gcm = AesGcm::new(tv.key, false); let mut gcm = AesGcm::new(tv.key, false);
gcm.init(tv.nonce); gcm.reset_init_gcm(tv.nonce);
gcm.aad(tv.aad); gcm.aad(tv.aad);
let mut ct_copy = ciphertext.clone(); let mut ct_copy = ciphertext.clone();
gcm.crypt_in_place(ct_copy.as_mut()); gcm.crypt_in_place(ct_copy.as_mut());
assert!(gcm.finish_decrypt(&tag)); assert!(gcm.finish_decrypt(&tag));
gcm.init(tv.nonce); gcm.reset_init_gcm(tv.nonce);
gcm.aad(tv.aad); gcm.aad(tv.aad);
gcm.crypt_in_place(ciphertext.as_mut()); gcm.crypt_in_place(ciphertext.as_mut());
tag[0] ^= 1; tag[0] ^= 1;

14
crypto/src/zssp.rs
View file

@ -466,7 +466,7 @@ impl<H: Host> Session<H> {
// Get an initialized AES-GCM cipher and re-initialize with a 96-bit IV built from remote session ID, // Get an initialized AES-GCM cipher and re-initialize with a 96-bit IV built from remote session ID,
// packet type, and counter. // packet type, and counter.
let mut c = key.get_send_cipher(counter)?; let mut c = key.get_send_cipher(counter)?;
c.init(CanonicalHeader::make(remote_session_id, PACKET_TYPE_DATA, counter.to_u32()).as_bytes()); c.reset_init_gcm(CanonicalHeader::make(remote_session_id, PACKET_TYPE_DATA, counter.to_u32()).as_bytes());
// Send first N-1 fragments of N total fragments. // Send first N-1 fragments of N total fragments.
if packet_len > mtu_buffer.len() { if packet_len > mtu_buffer.len() {
@ -754,7 +754,7 @@ impl<H: Host> ReceiveContext<H> {
let key_ptr = (state.key_ptr + p) % KEY_HISTORY_SIZE; let key_ptr = (state.key_ptr + p) % KEY_HISTORY_SIZE;
if let Some(key) = state.keys[key_ptr].as_ref() { if let Some(key) = state.keys[key_ptr].as_ref() {
let mut c = key.get_receive_cipher(); let mut c = key.get_receive_cipher();
c.init(canonical_header_bytes); c.reset_init_gcm(canonical_header_bytes);
let mut data_len = 0; let mut data_len = 0;
@ -905,7 +905,7 @@ impl<H: Host> ReceiveContext<H> {
kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB).first_n::<AES_KEY_SIZE>(), kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB).first_n::<AES_KEY_SIZE>(),
false, false,
); );
c.init(canonical_header_bytes); c.reset_init_gcm(canonical_header_bytes);
c.crypt_in_place(&mut kex_packet[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..payload_end]); c.crypt_in_place(&mut kex_packet[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..payload_end]);
if !c.finish_decrypt(&kex_packet[payload_end..aes_gcm_tag_end]) { if !c.finish_decrypt(&kex_packet[payload_end..aes_gcm_tag_end]) {
return Err(Error::FailedAuthentication); return Err(Error::FailedAuthentication);
@ -1093,7 +1093,7 @@ impl<H: Host> ReceiveContext<H> {
kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE).first_n::<AES_KEY_SIZE>(), kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE).first_n::<AES_KEY_SIZE>(),
true, true,
); );
c.init(reply_canonical_header.as_bytes()); c.reset_init_gcm(reply_canonical_header.as_bytes());
c.crypt_in_place(&mut reply_buf[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..reply_len]); c.crypt_in_place(&mut reply_buf[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..reply_len]);
let c = c.finish_encrypt(); let c = c.finish_encrypt();
reply_buf[reply_len..(reply_len + AES_GCM_TAG_SIZE)].copy_from_slice(&c); reply_buf[reply_len..(reply_len + AES_GCM_TAG_SIZE)].copy_from_slice(&c);
@ -1171,7 +1171,7 @@ impl<H: Host> ReceiveContext<H> {
kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE).first_n::<AES_KEY_SIZE>(), kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE).first_n::<AES_KEY_SIZE>(),
false, false,
); );
c.init(canonical_header_bytes); c.reset_init_gcm(canonical_header_bytes);
c.crypt_in_place(&mut kex_packet[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..payload_end]); c.crypt_in_place(&mut kex_packet[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..payload_end]);
if !c.finish_decrypt(&kex_packet[payload_end..aes_gcm_tag_end]) { if !c.finish_decrypt(&kex_packet[payload_end..aes_gcm_tag_end]) {
return Err(Error::FailedAuthentication); return Err(Error::FailedAuthentication);
@ -1233,7 +1233,7 @@ impl<H: Host> ReceiveContext<H> {
)?; )?;
let mut c = key.get_send_cipher(counter)?; let mut c = key.get_send_cipher(counter)?;
c.init(CanonicalHeader::make(bob_session_id.into(), PACKET_TYPE_NOP, counter.to_u32()).as_bytes()); c.reset_init_gcm(CanonicalHeader::make(bob_session_id.into(), PACKET_TYPE_NOP, counter.to_u32()).as_bytes());
reply_buf[HEADER_SIZE..].copy_from_slice(&c.finish_encrypt()); reply_buf[HEADER_SIZE..].copy_from_slice(&c.finish_encrypt());
key.return_send_cipher(c); key.return_send_cipher(c);
@ -1428,7 +1428,7 @@ fn send_ephemeral_offer<SendFunction: FnMut(&mut [u8])>(
kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB).first_n::<AES_KEY_SIZE>(), kbkdf512(key.as_bytes(), KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB).first_n::<AES_KEY_SIZE>(),
true, true,
); );
c.init(canonical_header.as_bytes()); c.reset_init_gcm(canonical_header.as_bytes());
c.crypt_in_place(&mut packet_buf[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..packet_len]); c.crypt_in_place(&mut packet_buf[(HEADER_SIZE + 1 + P384_PUBLIC_KEY_SIZE)..packet_len]);
c.finish_encrypt() c.finish_encrypt()
}; };

2
network-hypervisor/src/vl1/node.rs
View file

@ -794,7 +794,7 @@ impl Node {
fragment_header.total_fragments() fragment_header.total_fragments()
); );
if let Some(assembled_packet) = path.receive_fragment( if let Some(assembled_packet) = path.v1_proto_receive_fragment(
fragment_header.packet_id(), fragment_header.packet_id(),
fragment_header.fragment_no(), fragment_header.fragment_no(),
fragment_header.total_fragments(), fragment_header.total_fragments(),

2
network-hypervisor/src/vl1/path.rs
View file

@ -66,7 +66,7 @@ impl Path {
/// Receive a fragment and return a FragmentedPacket if the entire packet was assembled. /// Receive a fragment and return a FragmentedPacket if the entire packet was assembled.
/// This returns None if more fragments are needed to assemble the packet. /// This returns None if more fragments are needed to assemble the packet.
pub(crate) fn receive_fragment( pub(crate) fn v1_proto_receive_fragment(
&self, &self,
packet_id: u64, packet_id: u64,
fragment_no: u8, fragment_no: u8,