mirror of
https://github.com/ntop/n2n.git
synced 2024-09-20 00:51:10 +02:00
replaced twofish implementation by a faster version
This commit is contained in:
parent
d5c1295bec
commit
bf6ef081e0
4
src/tf.c
4
src/tf.c
|
@ -465,6 +465,7 @@ int tf_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len,
|
||||||
const unsigned char *iv, tf_context_t *ctx) {
|
const unsigned char *iv, tf_context_t *ctx) {
|
||||||
|
|
||||||
uint8_t tmp[TF_BLOCK_SIZE];
|
uint8_t tmp[TF_BLOCK_SIZE];
|
||||||
|
uint8_t old[TF_BLOCK_SIZE];
|
||||||
size_t i;
|
size_t i;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
|
||||||
|
@ -472,9 +473,10 @@ int tf_cbc_decrypt (unsigned char *out, const unsigned char *in, size_t in_len,
|
||||||
|
|
||||||
n = in_len / TF_BLOCK_SIZE;
|
n = in_len / TF_BLOCK_SIZE;
|
||||||
for(i=0; i < n; i++) {
|
for(i=0; i < n; i++) {
|
||||||
|
memcpy(old, &in[i * TF_BLOCK_SIZE], TF_BLOCK_SIZE);
|
||||||
twofish_internal_decrypt(ctx->K, ctx->QF, &out[i * TF_BLOCK_SIZE], &in[i * TF_BLOCK_SIZE]);
|
twofish_internal_decrypt(ctx->K, ctx->QF, &out[i * TF_BLOCK_SIZE], &in[i * TF_BLOCK_SIZE]);
|
||||||
fix_xor(&out[i * TF_BLOCK_SIZE], tmp);
|
fix_xor(&out[i * TF_BLOCK_SIZE], tmp);
|
||||||
memcpy(tmp, &in[i * TF_BLOCK_SIZE], TF_BLOCK_SIZE);
|
memcpy(tmp, old, TF_BLOCK_SIZE);
|
||||||
}
|
}
|
||||||
|
|
||||||
return n * TF_BLOCK_SIZE;
|
return n * TF_BLOCK_SIZE;
|
||||||
|
|
|
@ -29,7 +29,7 @@
|
||||||
|
|
||||||
// cbc mode is being used with random value prepended to plaintext
|
// cbc mode is being used with random value prepended to plaintext
|
||||||
// instead of iv so, actual iv is null_iv
|
// instead of iv so, actual iv is null_iv
|
||||||
uint8_t null_iv[TF_IV_SIZE] = {0};
|
const uint8_t null_iv[TF_IV_SIZE] = {0};
|
||||||
|
|
||||||
typedef struct transop_tf {
|
typedef struct transop_tf {
|
||||||
tf_context_t *ctx;
|
tf_context_t *ctx;
|
||||||
|
@ -70,6 +70,7 @@ static int transop_encode_tf(n2n_trans_op_t * arg,
|
||||||
// the assembly buffer is a source for encrypting data
|
// the assembly buffer is a source for encrypting data
|
||||||
// the whole contents of assembly are encrypted
|
// the whole contents of assembly are encrypted
|
||||||
uint8_t assembly[N2N_PKT_BUF_SIZE];
|
uint8_t assembly[N2N_PKT_BUF_SIZE];
|
||||||
|
uint8_t assembly2[N2N_PKT_BUF_SIZE];
|
||||||
size_t idx = 0;
|
size_t idx = 0;
|
||||||
int padded_len;
|
int padded_len;
|
||||||
uint8_t padding;
|
uint8_t padding;
|
||||||
|
@ -83,10 +84,10 @@ static int transop_encode_tf(n2n_trans_op_t * arg,
|
||||||
// full block sized random value (128 bit)
|
// full block sized random value (128 bit)
|
||||||
// !!! replace with 2 calls to encode_uint64(...) as as available
|
// !!! replace with 2 calls to encode_uint64(...) as as available
|
||||||
// !!! which is still under consideration in pull request 'revAes'
|
// !!! which is still under consideration in pull request 'revAes'
|
||||||
encode_uint32(assembly, &idx, 0);
|
encode_uint32(assembly, &idx, n2n_rand());
|
||||||
encode_uint32(assembly, &idx, 0);
|
encode_uint32(assembly, &idx, n2n_rand());
|
||||||
encode_uint32(assembly, &idx, 0);
|
encode_uint32(assembly, &idx, n2n_rand());
|
||||||
encode_uint32(assembly, &idx, 0);
|
encode_uint32(assembly, &idx, n2n_rand());
|
||||||
|
|
||||||
// adjust for maybe differently chosen TF_PREAMBLE_SIZE
|
// adjust for maybe differently chosen TF_PREAMBLE_SIZE
|
||||||
idx = TF_PREAMBLE_SIZE;
|
idx = TF_PREAMBLE_SIZE;
|
||||||
|
@ -100,12 +101,11 @@ static int transop_encode_tf(n2n_trans_op_t * arg,
|
||||||
// pad the following bytes with zero, fixed length (TF_BLOCK_SIZE) seems to compile
|
// pad the following bytes with zero, fixed length (TF_BLOCK_SIZE) seems to compile
|
||||||
// to slightly faster code than run-time dependant 'padding'
|
// to slightly faster code than run-time dependant 'padding'
|
||||||
memset (assembly + idx, 0, TF_BLOCK_SIZE);
|
memset (assembly + idx, 0, TF_BLOCK_SIZE);
|
||||||
|
|
||||||
tf_cbc_encrypt(outbuf, assembly, padded_len, null_iv, priv->ctx);
|
tf_cbc_encrypt(outbuf, assembly, padded_len, null_iv, priv->ctx);
|
||||||
|
|
||||||
if(padding) {
|
if(padding) {
|
||||||
// exchange last two cipher blocks
|
// exchange last two cipher blocks
|
||||||
memcpy (buf, outbuf+padded_len - TF_BLOCK_SIZE, TF_BLOCK_SIZE);
|
memcpy (buf, outbuf + padded_len - TF_BLOCK_SIZE, TF_BLOCK_SIZE);
|
||||||
memcpy (outbuf + padded_len - TF_BLOCK_SIZE, outbuf + padded_len - 2 * TF_BLOCK_SIZE, TF_BLOCK_SIZE);
|
memcpy (outbuf + padded_len - TF_BLOCK_SIZE, outbuf + padded_len - 2 * TF_BLOCK_SIZE, TF_BLOCK_SIZE);
|
||||||
memcpy (outbuf + padded_len - 2 * TF_BLOCK_SIZE, buf, TF_BLOCK_SIZE);
|
memcpy (outbuf + padded_len - 2 * TF_BLOCK_SIZE, buf, TF_BLOCK_SIZE);
|
||||||
}
|
}
|
||||||
|
@ -156,7 +156,9 @@ static int transop_decode_tf(n2n_trans_op_t * arg,
|
||||||
// write new penultimate block from buf
|
// write new penultimate block from buf
|
||||||
memcpy(assembly + penultimate_block, buf, TF_BLOCK_SIZE);
|
memcpy(assembly + penultimate_block, buf, TF_BLOCK_SIZE);
|
||||||
// regular cbc decryption on the re-arranged ciphertext
|
// regular cbc decryption on the re-arranged ciphertext
|
||||||
|
|
||||||
tf_cbc_decrypt(assembly, assembly, in_len + TF_BLOCK_SIZE - rest, null_iv, priv->ctx);
|
tf_cbc_decrypt(assembly, assembly, in_len + TF_BLOCK_SIZE - rest, null_iv, priv->ctx);
|
||||||
|
|
||||||
// check for expected zero padding and give a warning otherwise
|
// check for expected zero padding and give a warning otherwise
|
||||||
if (memcmp(assembly + in_len, null_iv, TF_BLOCK_SIZE - rest)) {
|
if (memcmp(assembly + in_len, null_iv, TF_BLOCK_SIZE - rest)) {
|
||||||
traceEvent(TRACE_WARNING, "transop_decode_tf payload decryption failed with unexpected cipher text stealing padding");
|
traceEvent(TRACE_WARNING, "transop_decode_tf payload decryption failed with unexpected cipher text stealing padding");
|
||||||
|
|
Loading…
Reference in New Issue
Block a user