diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-23 16:25:18 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-23 21:09:23 +0100 |
| commit | 6e4a10e8f2c73951f8e8fc2ac2821c5582d133bc (patch) | |
| tree | ca4a7d47dcc49b699c4916addfd7cc555b977fb2 /src/cookie.h | |
| parent | wg-config: cleanups (diff) | |
| download | wireguard-monolithic-historical-6e4a10e8f2c73951f8e8fc2ac2821c5582d133bc.tar.xz wireguard-monolithic-historical-6e4a10e8f2c73951f8e8fc2ac2821c5582d133bc.zip | |
cookies: use xchacha20poly1305 instead of chacha20poly1305
This allows us to precompute the blake2s calls and save cycles, since
hchacha is fast.
Diffstat (limited to 'src/cookie.h')
| -rw-r--r-- | src/cookie.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/cookie.h b/src/cookie.h index 4ea20e1..13c646d 100644 --- a/src/cookie.h +++ b/src/cookie.h @@ -13,6 +13,7 @@ struct sk_buff; struct cookie_checker { u8 secret[NOISE_HASH_LEN]; + u8 cookie_encryption_key[NOISE_SYMMETRIC_KEY_LEN]; u64 secret_birthdate; struct rw_semaphore secret_lock; struct ratelimiter ratelimiter; @@ -25,6 +26,7 @@ struct cookie { u8 cookie[COOKIE_LEN]; bool have_sent_mac1; u8 last_mac1_sent[COOKIE_LEN]; + u8 cookie_decryption_key[NOISE_SYMMETRIC_KEY_LEN]; struct rw_semaphore lock; }; @@ -37,6 +39,7 @@ enum cookie_mac_state { int cookie_checker_init(struct cookie_checker *checker, struct wireguard_device *wg); void cookie_checker_uninit(struct cookie_checker *checker); +void cookie_checker_precompute_keys(struct cookie_checker *checker, struct wireguard_peer *peer); void cookie_init(struct cookie *cookie); enum cookie_mac_state cookie_validate_packet(struct cookie_checker *checker, struct sk_buff *skb, void *data_start, size_t data_len, bool check_cookie); |