diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-09 11:37:33 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-16 06:35:58 +0100 |
| commit | 1c5a090cfd20d6168d6e2950c9b2bc8e13ebc506 (patch) | |
| tree | d29c19222b66433d28327239fdce71076724d07e | |
| parent | siphash: update against upstream submission (diff) | |
| download | wireguard-monolithic-historical-1c5a090cfd20d6168d6e2950c9b2bc8e13ebc506.tar.xz wireguard-monolithic-historical-1c5a090cfd20d6168d6e2950c9b2bc8e13ebc506.zip | |
messages: increase header by 3 bytes for alignment
| -rw-r--r-- | src/cookie.c | 2 | ||||
| -rw-r--r-- | src/data.c | 2 | ||||
| -rw-r--r-- | src/messages.h | 29 | ||||
| -rw-r--r-- | src/noise.c | 4 |
4 files changed, 22 insertions, 15 deletions
diff --git a/src/cookie.c b/src/cookie.c index 21f287f..a2d1b22 100644 --- a/src/cookie.c +++ b/src/cookie.c @@ -163,7 +163,7 @@ void cookie_message_create(struct message_handshake_cookie *dst, struct sk_buff u8 key[NOISE_SYMMETRIC_KEY_LEN]; u8 cookie[COOKIE_LEN]; - dst->header.type = MESSAGE_HANDSHAKE_COOKIE; + dst->header.type = cpu_to_le32(MESSAGE_HANDSHAKE_COOKIE); dst->receiver_index = index; get_random_bytes(dst->salt, COOKIE_SALT_LEN); blake2s(dst->salt, dst->salt, NULL, COOKIE_SALT_LEN, COOKIE_SALT_LEN, 0); /* Avoid directly transmitting RNG output. */ @@ -146,7 +146,7 @@ static inline void skb_encrypt(struct sk_buff *skb, struct noise_keypair *keypai /* Only after checksumming can we safely add on the padding at the end and the header. */ header = (struct message_data *)skb_push(skb, sizeof(struct message_data)); - header->header.type = MESSAGE_DATA; + header->header.type = cpu_to_le32(MESSAGE_DATA); header->key_idx = keypair->remote_index; header->counter = cpu_to_le64(cb->nonce); pskb_put(skb, cb->trailer, cb->trailer_len); diff --git a/src/messages.h b/src/messages.h index e39bdab..f5362ac 100644 --- a/src/messages.h +++ b/src/messages.h @@ -63,13 +63,20 @@ enum message_type { }; struct message_header { - u8 type; -} __packed; + /* The actual layout of this that we want is: + * u8 type + * u8 reserved_zero[3] + * + * But it turns out that by encoding this as little endian, + * we achieve the same thing, and it makes checking faster. + */ + __le32 type; +}; struct message_macs { u8 mac1[COOKIE_LEN]; u8 mac2[COOKIE_LEN]; -} __packed; +}; struct message_handshake_initiation { struct message_header header; @@ -78,7 +85,7 @@ struct message_handshake_initiation { u8 encrypted_static[noise_encrypted_len(NOISE_PUBLIC_KEY_LEN)]; u8 encrypted_timestamp[noise_encrypted_len(NOISE_TIMESTAMP_LEN)]; struct message_macs macs; -} __packed; +}; struct message_handshake_response { struct message_header header; @@ -87,21 +94,21 @@ struct message_handshake_response { u8 unencrypted_ephemeral[NOISE_PUBLIC_KEY_LEN]; u8 encrypted_nothing[noise_encrypted_len(0)]; struct message_macs macs; -} __packed; +}; struct message_handshake_cookie { struct message_header header; __le32 receiver_index; u8 salt[COOKIE_SALT_LEN]; u8 encrypted_cookie[noise_encrypted_len(COOKIE_LEN)]; -} __packed; +}; struct message_data { struct message_header header; __le32 key_idx; __le64 counter; u8 encrypted_data[]; -} __packed; +}; #define message_data_len(plain_len) (noise_encrypted_len(plain_len) + sizeof(struct message_data)) @@ -122,13 +129,13 @@ static inline enum message_type message_determine_type(void *src, size_t src_len struct message_header *header = src; if (unlikely(src_len < sizeof(struct message_header))) return MESSAGE_INVALID; - if (header->type == MESSAGE_DATA && src_len >= MESSAGE_MINIMUM_LENGTH) + if (header->type == cpu_to_le32(MESSAGE_DATA) && src_len >= MESSAGE_MINIMUM_LENGTH) return MESSAGE_DATA; - if (header->type == MESSAGE_HANDSHAKE_INITIATION && src_len == sizeof(struct message_handshake_initiation)) + if (header->type == cpu_to_le32(MESSAGE_HANDSHAKE_INITIATION) && src_len == sizeof(struct message_handshake_initiation)) return MESSAGE_HANDSHAKE_INITIATION; - if (header->type == MESSAGE_HANDSHAKE_RESPONSE && src_len == sizeof(struct message_handshake_response)) + if (header->type == cpu_to_le32(MESSAGE_HANDSHAKE_RESPONSE) && src_len == sizeof(struct message_handshake_response)) return MESSAGE_HANDSHAKE_RESPONSE; - if (header->type == MESSAGE_HANDSHAKE_COOKIE && src_len == sizeof(struct message_handshake_cookie)) + if (header->type == cpu_to_le32(MESSAGE_HANDSHAKE_COOKIE) && src_len == sizeof(struct message_handshake_cookie)) return MESSAGE_HANDSHAKE_COOKIE; return MESSAGE_INVALID; } diff --git a/src/noise.c b/src/noise.c index 7fd16b7..3fccd1e 100644 --- a/src/noise.c +++ b/src/noise.c @@ -339,7 +339,7 @@ bool noise_handshake_create_initiation(struct message_handshake_initiation *dst, if (unlikely(!handshake->static_identity->has_identity)) goto out; - dst->header.type = MESSAGE_HANDSHAKE_INITIATION; + dst->header.type = cpu_to_le32(MESSAGE_HANDSHAKE_INITIATION); handshake_init(handshake->key, handshake->chaining_key, handshake->hash, handshake->remote_static, handshake->static_identity->has_psk ? handshake->static_identity->preshared_key : NULL); @@ -459,7 +459,7 @@ bool noise_handshake_create_response(struct message_handshake_response *dst, str if (handshake->state != HANDSHAKE_CONSUMED_INITIATION) goto out; - dst->header.type = MESSAGE_HANDSHAKE_RESPONSE; + dst->header.type = cpu_to_le32(MESSAGE_HANDSHAKE_RESPONSE); dst->receiver_index = handshake->remote_index; /* e */ |