From f74b27c58c9416083bcab5c7a8c0ff2f4bc57586 Mon Sep 17 00:00:00 2001 From: orignal Date: Sun, 6 Jan 2019 17:43:05 -0500 Subject: [PATCH] check if chacha20 and poly1305 is presented in openssl build --- libi2pd/ChaCha20.cpp | 2 +- libi2pd/ChaCha20.h | 2 +- libi2pd/Crypto.cpp | 81 ++++++++++++++++++++++---------------------- libi2pd/Crypto.h | 3 ++ libi2pd/Poly1305.cpp | 2 +- libi2pd/Poly1305.h | 2 +- 6 files changed, 47 insertions(+), 45 deletions(-) diff --git a/libi2pd/ChaCha20.cpp b/libi2pd/ChaCha20.cpp index be012cbd..91a1fbd5 100644 --- a/libi2pd/ChaCha20.cpp +++ b/libi2pd/ChaCha20.cpp @@ -11,7 +11,7 @@ #include "ChaCha20.h" -#if LEGACY_OPENSSL +#if !OPENSSL_AEAD_CHACHA20_POLY1305 namespace i2p { namespace crypto diff --git a/libi2pd/ChaCha20.h b/libi2pd/ChaCha20.h index a5a8aafc..b2eec320 100644 --- a/libi2pd/ChaCha20.h +++ b/libi2pd/ChaCha20.h @@ -16,7 +16,7 @@ #include #include "Crypto.h" -#if LEGACY_OPENSSL +#if !OPENSSL_AEAD_CHACHA20_POLY1305 namespace i2p { namespace crypto diff --git a/libi2pd/Crypto.cpp b/libi2pd/Crypto.cpp index 7caa3dca..82def00c 100644 --- a/libi2pd/Crypto.cpp +++ b/libi2pd/Crypto.cpp @@ -9,8 +9,7 @@ #include "TunnelBase.h" #include #include "Crypto.h" -#if LEGACY_OPENSSL -#include +#if !OPENSSL_AEAD_CHACHA20_POLY1305 #include "ChaCha20.h" #include "Poly1305.h" #endif @@ -1091,7 +1090,32 @@ namespace crypto if (len < msgLen) return false; if (encrypt && len < msgLen + 16) return false; bool ret = true; -#if LEGACY_OPENSSL +#if OPENSSL_AEAD_CHACHA20_POLY1305 + int outlen = 0; + EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new (); + if (encrypt) + { + EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0); + EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce); + EVP_EncryptUpdate(ctx, NULL, &outlen, ad, adLen); + EVP_EncryptUpdate(ctx, buf, &outlen, msg, msgLen); + EVP_EncryptFinal_ex(ctx, buf, &outlen); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, buf + msgLen); + } + else + { + EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, (uint8_t *)(msg + msgLen)); + EVP_DecryptInit_ex(ctx, NULL, NULL, key, nonce); + EVP_DecryptUpdate(ctx, NULL, &outlen, ad, adLen); + EVP_DecryptUpdate(ctx, buf, &outlen, msg, msgLen); + ret = EVP_DecryptFinal_ex(ctx, buf + outlen, &outlen) > 0; + } + + EVP_CIPHER_CTX_free (ctx); +#else chacha::Chacha20State state; // generate one time poly key chacha::Chacha20Init (state, nonce, key, 0); @@ -1150,31 +1174,6 @@ namespace crypto polyHash.Finish (tag); if (memcmp (tag, msg + msgLen, 16)) ret = false; // compare with provided } -#else - int outlen = 0; - EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new (); - if (encrypt) - { - EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0); - EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce); - EVP_EncryptUpdate(ctx, NULL, &outlen, ad, adLen); - EVP_EncryptUpdate(ctx, buf, &outlen, msg, msgLen); - EVP_EncryptFinal_ex(ctx, buf, &outlen); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, buf + msgLen); - } - else - { - EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, (uint8_t *)(msg + msgLen)); - EVP_DecryptInit_ex(ctx, NULL, NULL, key, nonce); - EVP_DecryptUpdate(ctx, NULL, &outlen, ad, adLen); - EVP_DecryptUpdate(ctx, buf, &outlen, msg, msgLen); - ret = EVP_DecryptFinal_ex(ctx, buf + outlen, &outlen) > 0; - } - - EVP_CIPHER_CTX_free (ctx); #endif return ret; } @@ -1182,7 +1181,18 @@ namespace crypto void AEADChaCha20Poly1305Encrypt (const std::vector >& bufs, const uint8_t * key, const uint8_t * nonce, uint8_t * mac) { if (bufs.empty ()) return; -#if LEGACY_OPENSSL +#if OPENSSL_AEAD_CHACHA20_POLY1305 + int outlen = 0; + EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new (); + EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0); + EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce); + for (const auto& it: bufs) + EVP_EncryptUpdate(ctx, it.first, &outlen, it.first, it.second); + EVP_EncryptFinal_ex(ctx, NULL, &outlen); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, mac); + EVP_CIPHER_CTX_free (ctx); +#else chacha::Chacha20State state; // generate one time poly key chacha::Chacha20Init (state, nonce, key, 0); @@ -1214,18 +1224,7 @@ namespace crypto htole64buf (padding + 8, size); polyHash.Update (padding, 16); // MAC - polyHash.Finish ((uint64_t *)mac); -#else - int outlen = 0; - EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new (); - EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0); - EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce); - for (const auto& it: bufs) - EVP_EncryptUpdate(ctx, it.first, &outlen, it.first, it.second); - EVP_EncryptFinal_ex(ctx, NULL, &outlen); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, mac); - EVP_CIPHER_CTX_free (ctx); + polyHash.Finish ((uint64_t *)mac); #endif } diff --git a/libi2pd/Crypto.h b/libi2pd/Crypto.h index b5b40631..625edf5b 100644 --- a/libi2pd/Crypto.h +++ b/libi2pd/Crypto.h @@ -30,6 +30,9 @@ # define OPENSSL_X25519 1 # define OPENSSL_SIPHASH 1 # endif +# if !defined OPENSSL_NO_CHACHA && !defined OPENSSL_NO_POLY1305 // some builds might not include them +# define OPENSSL_AEAD_CHACHA20_POLY1305 1 +# endif #endif namespace i2p diff --git a/libi2pd/Poly1305.cpp b/libi2pd/Poly1305.cpp index 4ce67d39..bf94c9a9 100644 --- a/libi2pd/Poly1305.cpp +++ b/libi2pd/Poly1305.cpp @@ -7,7 +7,7 @@ */ -#if LEGACY_OPENSSL +#if !OPENSSL_AEAD_CHACHA20_POLY1305 namespace i2p { namespace crypto diff --git a/libi2pd/Poly1305.h b/libi2pd/Poly1305.h index d9529c81..800fbfd9 100644 --- a/libi2pd/Poly1305.h +++ b/libi2pd/Poly1305.h @@ -11,7 +11,7 @@ #include #include "Crypto.h" -#if LEGACY_OPENSSL +#if !OPENSSL_AEAD_CHACHA20_POLY1305 namespace i2p { namespace crypto