From 2dbc1750eabb3781ec8181b5a73b54f6b8d64ef6 Mon Sep 17 00:00:00 2001 From: Daniel Borkmann Date: Sat, 15 Jun 2013 19:16:29 +0200 Subject: [PATCH] curve: curve25519_encode/curve25519_decode: simplify crypto transforms Simplify curve25519_encode() and curve25519_decode() transforms by making the code more clear and by introducing macro accessors to nonces. Signed-off-by: Daniel Borkmann --- crypto.h | 4 ++++ curve.c | 54 +++++++++++++++++++++++++++--------------------------- 2 files changed, 31 insertions(+), 27 deletions(-) diff --git a/crypto.h b/crypto.h index 5e3af32b..dc145855 100644 --- a/crypto.h +++ b/crypto.h @@ -19,6 +19,10 @@ #define crypto_box_sec_key_size crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES #define NONCE_LENGTH (sizeof(struct taia)) +#define NONCE_RND_LENGTH (crypto_box_boxzerobytes - NONCE_LENGTH) +#define NONCE_ALL_LENGTH (crypto_box_boxzerobytes + NONCE_LENGTH) #define NONCE_OFFSET (crypto_box_noncebytes - NONCE_LENGTH) +#define NONCE_EDN_OFFSET(x) ((x) + NONCE_OFFSET) +#define NONCE_PKT_OFFSET(x) ((x) + NONCE_RND_LENGTH) #endif /* CRYPTO_H */ diff --git a/curve.c b/curve.c index c77a0ada..1064f3ce 100644 --- a/curve.c +++ b/curve.c @@ -101,34 +101,35 @@ void curve25519_proto_init(struct curve25519_proto *proto, xmemset(publickey_own, 0, sizeof(publickey_own)); } -ssize_t curve25519_encode(struct curve25519_struct *curve, struct curve25519_proto *proto, - unsigned char *plaintext, size_t size, unsigned char **chipertext) +ssize_t curve25519_encode(struct curve25519_struct *curve, + struct curve25519_proto *proto, + unsigned char *plaintext, size_t size, + unsigned char **chipertext) { int ret, i; ssize_t done = size; struct taia packet_taia; spinlock_lock(&curve->enc_lock); - if (unlikely(size > curve->enc_size)) { done = -ENOMEM; goto out; } taia_now(&packet_taia); - taia_pack(proto->enonce + NONCE_OFFSET, &packet_taia); + taia_pack(NONCE_EDN_OFFSET(proto->enonce), &packet_taia); - memset(curve->enc, 0, curve->enc_size); - ret = crypto_box_afternm(curve->enc, plaintext, size, proto->enonce, proto->key); + fmemset(curve->enc, 0, curve->enc_size); + ret = crypto_box_afternm(curve->enc, plaintext, size, + proto->enonce, proto->key); if (unlikely(ret)) { done = -EIO; goto out; } - fmemcpy(curve->enc + crypto_box_boxzerobytes - NONCE_LENGTH, - proto->enonce + NONCE_OFFSET, NONCE_LENGTH); - - for (i = 0; i < crypto_box_boxzerobytes - NONCE_LENGTH; ++i) + fmemcpy(NONCE_PKT_OFFSET(curve->enc), + NONCE_EDN_OFFSET(proto->enonce), NONCE_LENGTH); + for (i = 0; i < NONCE_RND_LENGTH; ++i) curve->enc[i] = (uint8_t) secrand(); (*chipertext) = curve->enc; @@ -137,40 +138,39 @@ out: return done; } -ssize_t curve25519_decode(struct curve25519_struct *curve, struct curve25519_proto *proto, - unsigned char *chipertext, size_t size, unsigned char **plaintext, +ssize_t curve25519_decode(struct curve25519_struct *curve, + struct curve25519_proto *proto, + unsigned char *chipertext, size_t size, + unsigned char **plaintext, struct taia *arrival_taia) { int ret; ssize_t done = size; - struct taia packet_taia, arrival_taia2; + struct taia packet_taia, tmp_taia; spinlock_lock(&curve->dec_lock); - - if (unlikely(size > curve->dec_size)) { - done = -ENOMEM; - goto out; - } - if (unlikely(size < crypto_box_boxzerobytes + NONCE_LENGTH)) { - done = 0; + if (unlikely(size > curve->dec_size || size < NONCE_ALL_LENGTH)) { + done = size < NONCE_ALL_LENGTH ? 0 : -ENOMEM; goto out; } + if (arrival_taia == NULL) { - taia_now(&arrival_taia2); - arrival_taia = &arrival_taia2; + taia_now(&tmp_taia); + arrival_taia = &tmp_taia; } - taia_unpack(chipertext + crypto_box_boxzerobytes - NONCE_LENGTH, &packet_taia); + taia_unpack(NONCE_PKT_OFFSET(chipertext), &packet_taia); if (taia_looks_good(arrival_taia, &packet_taia) == 0) { - syslog(LOG_ERR, "Bad packet time! Dropping connection!\n"); done = 0; goto out; } - memcpy(proto->dnonce + NONCE_OFFSET, chipertext + crypto_box_boxzerobytes - NONCE_LENGTH, NONCE_LENGTH); - memset(curve->dec, 0, curve->dec_size); + fmemcpy(NONCE_EDN_OFFSET(proto->dnonce), + NONCE_PKT_OFFSET(chipertext), NONCE_LENGTH); + fmemset(curve->dec, 0, curve->dec_size); - ret = crypto_box_open_afternm(curve->dec, chipertext, size, proto->dnonce, proto->key); + ret = crypto_box_open_afternm(curve->dec, chipertext, size, + proto->dnonce, proto->key); if (unlikely(ret)) { done = -EIO; goto out; -- 2.11.4.GIT