Browse Source

check if chacha20 and poly1305 is presented in openssl build

pull/1281/head
orignal 6 years ago
parent
commit
f74b27c58c
  1. 2
      libi2pd/ChaCha20.cpp
  2. 2
      libi2pd/ChaCha20.h
  3. 79
      libi2pd/Crypto.cpp
  4. 3
      libi2pd/Crypto.h
  5. 2
      libi2pd/Poly1305.cpp
  6. 2
      libi2pd/Poly1305.h

2
libi2pd/ChaCha20.cpp

@ -11,7 +11,7 @@
#include "ChaCha20.h" #include "ChaCha20.h"
#if LEGACY_OPENSSL #if !OPENSSL_AEAD_CHACHA20_POLY1305
namespace i2p namespace i2p
{ {
namespace crypto namespace crypto

2
libi2pd/ChaCha20.h

@ -16,7 +16,7 @@
#include <string.h> #include <string.h>
#include "Crypto.h" #include "Crypto.h"
#if LEGACY_OPENSSL #if !OPENSSL_AEAD_CHACHA20_POLY1305
namespace i2p namespace i2p
{ {
namespace crypto namespace crypto

79
libi2pd/Crypto.cpp

@ -9,8 +9,7 @@
#include "TunnelBase.h" #include "TunnelBase.h"
#include <openssl/ssl.h> #include <openssl/ssl.h>
#include "Crypto.h" #include "Crypto.h"
#if LEGACY_OPENSSL #if !OPENSSL_AEAD_CHACHA20_POLY1305
#include <openssl/conf.h>
#include "ChaCha20.h" #include "ChaCha20.h"
#include "Poly1305.h" #include "Poly1305.h"
#endif #endif
@ -1091,7 +1090,32 @@ namespace crypto
if (len < msgLen) return false; if (len < msgLen) return false;
if (encrypt && len < msgLen + 16) return false; if (encrypt && len < msgLen + 16) return false;
bool ret = true; bool ret = true;
#if LEGACY_OPENSSL #if OPENSSL_AEAD_CHACHA20_POLY1305
int outlen = 0;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new ();
if (encrypt)
{
EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0);
EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce);
EVP_EncryptUpdate(ctx, NULL, &outlen, ad, adLen);
EVP_EncryptUpdate(ctx, buf, &outlen, msg, msgLen);
EVP_EncryptFinal_ex(ctx, buf, &outlen);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, buf + msgLen);
}
else
{
EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, (uint8_t *)(msg + msgLen));
EVP_DecryptInit_ex(ctx, NULL, NULL, key, nonce);
EVP_DecryptUpdate(ctx, NULL, &outlen, ad, adLen);
EVP_DecryptUpdate(ctx, buf, &outlen, msg, msgLen);
ret = EVP_DecryptFinal_ex(ctx, buf + outlen, &outlen) > 0;
}
EVP_CIPHER_CTX_free (ctx);
#else
chacha::Chacha20State state; chacha::Chacha20State state;
// generate one time poly key // generate one time poly key
chacha::Chacha20Init (state, nonce, key, 0); chacha::Chacha20Init (state, nonce, key, 0);
@ -1150,31 +1174,6 @@ namespace crypto
polyHash.Finish (tag); polyHash.Finish (tag);
if (memcmp (tag, msg + msgLen, 16)) ret = false; // compare with provided if (memcmp (tag, msg + msgLen, 16)) ret = false; // compare with provided
} }
#else
int outlen = 0;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new ();
if (encrypt)
{
EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0);
EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce);
EVP_EncryptUpdate(ctx, NULL, &outlen, ad, adLen);
EVP_EncryptUpdate(ctx, buf, &outlen, msg, msgLen);
EVP_EncryptFinal_ex(ctx, buf, &outlen);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, buf + msgLen);
}
else
{
EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, (uint8_t *)(msg + msgLen));
EVP_DecryptInit_ex(ctx, NULL, NULL, key, nonce);
EVP_DecryptUpdate(ctx, NULL, &outlen, ad, adLen);
EVP_DecryptUpdate(ctx, buf, &outlen, msg, msgLen);
ret = EVP_DecryptFinal_ex(ctx, buf + outlen, &outlen) > 0;
}
EVP_CIPHER_CTX_free (ctx);
#endif #endif
return ret; return ret;
} }
@ -1182,7 +1181,18 @@ namespace crypto
void AEADChaCha20Poly1305Encrypt (const std::vector<std::pair<uint8_t *, size_t> >& bufs, const uint8_t * key, const uint8_t * nonce, uint8_t * mac) void AEADChaCha20Poly1305Encrypt (const std::vector<std::pair<uint8_t *, size_t> >& bufs, const uint8_t * key, const uint8_t * nonce, uint8_t * mac)
{ {
if (bufs.empty ()) return; if (bufs.empty ()) return;
#if LEGACY_OPENSSL #if OPENSSL_AEAD_CHACHA20_POLY1305
int outlen = 0;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new ();
EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0);
EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce);
for (const auto& it: bufs)
EVP_EncryptUpdate(ctx, it.first, &outlen, it.first, it.second);
EVP_EncryptFinal_ex(ctx, NULL, &outlen);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, mac);
EVP_CIPHER_CTX_free (ctx);
#else
chacha::Chacha20State state; chacha::Chacha20State state;
// generate one time poly key // generate one time poly key
chacha::Chacha20Init (state, nonce, key, 0); chacha::Chacha20Init (state, nonce, key, 0);
@ -1215,17 +1225,6 @@ namespace crypto
polyHash.Update (padding, 16); polyHash.Update (padding, 16);
// MAC // MAC
polyHash.Finish ((uint64_t *)mac); polyHash.Finish ((uint64_t *)mac);
#else
int outlen = 0;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new ();
EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0);
EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce);
for (const auto& it: bufs)
EVP_EncryptUpdate(ctx, it.first, &outlen, it.first, it.second);
EVP_EncryptFinal_ex(ctx, NULL, &outlen);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, mac);
EVP_CIPHER_CTX_free (ctx);
#endif #endif
} }

3
libi2pd/Crypto.h

@ -30,6 +30,9 @@
# define OPENSSL_X25519 1 # define OPENSSL_X25519 1
# define OPENSSL_SIPHASH 1 # define OPENSSL_SIPHASH 1
# endif # endif
# if !defined OPENSSL_NO_CHACHA && !defined OPENSSL_NO_POLY1305 // some builds might not include them
# define OPENSSL_AEAD_CHACHA20_POLY1305 1
# endif
#endif #endif
namespace i2p namespace i2p

2
libi2pd/Poly1305.cpp

@ -7,7 +7,7 @@
*/ */
#if LEGACY_OPENSSL #if !OPENSSL_AEAD_CHACHA20_POLY1305
namespace i2p namespace i2p
{ {
namespace crypto namespace crypto

2
libi2pd/Poly1305.h

@ -11,7 +11,7 @@
#include <cstring> #include <cstring>
#include "Crypto.h" #include "Crypto.h"
#if LEGACY_OPENSSL #if !OPENSSL_AEAD_CHACHA20_POLY1305
namespace i2p namespace i2p
{ {
namespace crypto namespace crypto

Loading…
Cancel
Save