From 0520b28ac2d1918db4bd19d551448b8471cbb65a Mon Sep 17 00:00:00 2001 From: Mathias Hall-Andersen Date: Fri, 30 Aug 2019 19:46:00 +0200 Subject: Move to RustCrypto AEAD crate for handshake --- Cargo.lock | 173 +++++++++++++++++----------------------------- Cargo.toml | 3 +- src/handshake/macs.rs | 78 ++++++++++----------- src/handshake/messages.rs | 65 +++++++---------- src/handshake/noise.rs | 112 ++++++++++-------------------- src/main.rs | 3 - 6 files changed, 163 insertions(+), 271 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 33f5d2e..6bb5f81 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1,9 +1,12 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. [[package]] -name = "adler32" -version = "1.0.3" +name = "aead" +version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "generic-array 0.12.3 (registry+https://github.com/rust-lang/crates.io-index)", +] [[package]] name = "arraydeque" @@ -115,6 +118,27 @@ name = "cfg-if" version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "chacha20" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)", + "salsa20-core 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", + "stream-cipher 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "chacha20poly1305" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "aead 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", + "chacha20 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", + "poly1305 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "zeroize 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "clear_on_drop" version = "0.2.3" @@ -131,14 +155,6 @@ dependencies = [ "bitflags 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "crc32fast" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "crossbeam-deque" version = "0.7.1" @@ -227,17 +243,6 @@ dependencies = [ "synstructure 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "filetime" -version = "0.2.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", - "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "fnv" version = "1.0.6" @@ -358,30 +363,6 @@ name = "libc" version = "0.2.62" source = "registry+https://github.com/rust-lang/crates.io-index" -[[package]] -name = "libflate" -version = "0.1.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "adler32 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)", - "crc32fast 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)", - "rle-decode-fast 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)", - "take_mut 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "libsodium-sys" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "cc 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", - "libflate 0.1.27 (registry+https://github.com/rust-lang/crates.io-index)", - "pkg-config 0.3.15 (registry+https://github.com/rust-lang/crates.io-index)", - "tar 0.4.26 (registry+https://github.com/rust-lang/crates.io-index)", - "vcpkg 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "lock_api" version = "0.1.5" @@ -536,9 +517,13 @@ dependencies = [ ] [[package]] -name = "pkg-config" -version = "0.3.15" +name = "poly1305" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)", + "crypto-mac 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", +] [[package]] name = "ppv-lite86" @@ -774,11 +759,6 @@ dependencies = [ "winapi 0.3.7 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "rle-decode-fast" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" - [[package]] name = "rustc-demangle" version = "0.1.16" @@ -803,6 +783,15 @@ dependencies = [ "wait-timeout 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "salsa20-core" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "stream-cipher 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", + "zeroize 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "scopeguard" version = "0.3.3" @@ -826,11 +815,6 @@ name = "semver-parser" version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -[[package]] -name = "serde" -version = "1.0.99" -source = "registry+https://github.com/rust-lang/crates.io-index" - [[package]] name = "slab" version = "0.4.2" @@ -841,16 +825,6 @@ name = "smallvec" version = "0.6.10" source = "registry+https://github.com/rust-lang/crates.io-index" -[[package]] -name = "sodiumoxide" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", - "libsodium-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.99 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "sourcefile" version = "0.1.4" @@ -866,6 +840,14 @@ name = "stable_deref_trait" version = "1.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "stream-cipher" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "generic-array 0.12.3 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "subtle" version = "1.0.0" @@ -907,22 +889,6 @@ dependencies = [ "unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "take_mut" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "tar" -version = "0.4.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "filetime 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", - "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)", - "xattr 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "tempfile" version = "3.1.0" @@ -1135,11 +1101,6 @@ name = "untrusted" version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -[[package]] -name = "vcpkg" -version = "0.2.7" -source = "registry+https://github.com/rust-lang/crates.io-index" - [[package]] name = "version_check" version = "0.1.5" @@ -1275,9 +1236,11 @@ source = "registry+https://github.com/rust-lang/crates.io-index" name = "wireguard-rs" version = "0.1.0" dependencies = [ + "aead 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", "arraydeque 0.4.5 (registry+https://github.com/rust-lang/crates.io-index)", "blake2 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)", "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)", + "chacha20poly1305 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", "crossbeam-deque 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", "digest 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.28 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1289,7 +1252,6 @@ dependencies = [ "proptest 0.9.4 (registry+https://github.com/rust-lang/crates.io-index)", "rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)", "ring 0.16.7 (registry+https://github.com/rust-lang/crates.io-index)", - "sodiumoxide 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", "spin 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", "subtle 2.1.1 (registry+https://github.com/rust-lang/crates.io-index)", "tokio 0.1.22 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1317,14 +1279,6 @@ dependencies = [ "rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "xattr" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "zerocopy" version = "0.2.8" @@ -1344,8 +1298,13 @@ dependencies = [ "synstructure 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "zeroize" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" + [metadata] -"checksum adler32 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "7e522997b529f05601e05166c07ed17789691f562762c7f3b987263d2dedee5c" +"checksum aead 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "529ae27769da55d955d190396e67896f49b440aff94a5b2f50900e091d168b77" "checksum arraydeque 0.4.5 (registry+https://github.com/rust-lang/crates.io-index)" = "f0ffd3d69bd89910509a5d31d1f1353f38ccffdd116dd0099bbd6627f7bd8ad8" "checksum arrayvec 0.4.11 (registry+https://github.com/rust-lang/crates.io-index)" = "b8d73f9beda665eaa98ab9e4f7442bd4e7de6652587de55b2525e52e29c1b0ba" "checksum autocfg 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "b671c8fb71b457dd4ae18c4ba1e59aa81793daacc361d82fcd410cef0d491875" @@ -1362,9 +1321,10 @@ dependencies = [ "checksum c2-chacha 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7d64d04786e0f528460fc884753cf8dddcc466be308f6026f8e355c41a0e4101" "checksum cc 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)" = "b548a4ee81fccb95919d4e22cfea83c7693ebfd78f0495493178db20b3139da7" "checksum cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)" = "b486ce3ccf7ffd79fdeb678eac06a9e6c09fc88d33836340becb8fffe87c5e33" +"checksum chacha20 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "9ce602601e1450409cfe3a6dea32a5de678e08c43368e860c2afa2eec58ce3dc" +"checksum chacha20poly1305 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "40cd3ddeae0b0ea7fe848a06e4fbf3f02463648b9395bd1139368ce42b44543e" "checksum clear_on_drop 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "97276801e127ffb46b66ce23f35cc96bd454fa311294bced4bbace7baa8b1d17" "checksum cloudabi 0.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f" -"checksum crc32fast 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ba125de2af0df55319f41944744ad91c71113bf74a4646efff39afe1f6842db1" "checksum crossbeam-deque 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b18cd2e169ad86297e6bc0ad9aa679aee9daa4f19e8163860faf7c164e4f5a71" "checksum crossbeam-epoch 0.7.2 (registry+https://github.com/rust-lang/crates.io-index)" = "fedcd6772e37f3da2a9af9bf12ebe046c0dfe657992377b4df982a2b54cd37a9" "checksum crossbeam-queue 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7c979cd6cfe72335896575c6b5688da489e420d36a27a0b9eb0c73db574b4a4b" @@ -1374,7 +1334,6 @@ dependencies = [ "checksum digest 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)" = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" "checksum failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "795bd83d3abeb9220f257e597aa0080a508b27533824adf336529648f6abf7e2" "checksum failure_derive 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "ea1063915fd7ef4309e222a5a07cf9c319fb9c7836b1f89b85458672dbb127e1" -"checksum filetime 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)" = "6bd7380b54ced79dda72ecc35cc4fbbd1da6bba54afaa37e96fd1c2a308cd469" "checksum fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)" = "2fad85553e09a6f881f739c29f0b00b0f01357c743266d478b68951ce23285f3" "checksum fuchsia-cprng 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" "checksum fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" @@ -1392,8 +1351,6 @@ dependencies = [ "checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" "checksum lazycell 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f" "checksum libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)" = "34fcd2c08d2f832f376f4173a231990fa5aef4e99fb569867318a227ef4c06ba" -"checksum libflate 0.1.27 (registry+https://github.com/rust-lang/crates.io-index)" = "d9135df43b1f5d0e333385cb6e7897ecd1a43d7d11b91ac003f4d2c2d2401fdd" -"checksum libsodium-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "de29595a79ddae2612ad0f27793a0b86cdf05a12f94ad5b87674540cc568171e" "checksum lock_api 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "62ebf1391f6acad60e5c8b43706dde4582df75c06698ab44511d15016bc2442c" "checksum log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)" = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7" "checksum memchr 2.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "88579771288728879b57485cc7d6b07d648c9f0141eb955f8ab7f9d45394468e" @@ -1411,7 +1368,7 @@ dependencies = [ "checksum owning_ref 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "49a4b8ea2179e6a2e27411d3bca09ca6dd630821cf6894c6c7c8467a8ee7ef13" "checksum parking_lot 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)" = "ab41b4aed082705d1056416ae4468b6ea99d52599ecf3169b00088d43113e337" "checksum parking_lot_core 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "94c8c7923936b28d546dfd14d4472eaf34c99b14e1c973a32b3e6d4eb04298c9" -"checksum pkg-config 0.3.15 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c1d2cfa5a714db3b5f24f0915e74fcdf91d09d496ba61329705dda7774d2af" +"checksum poly1305 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fb59dfc6d8dd49677e39bf8fdf4c62235a8d84dbe2ef2913e139d3f62bb65f70" "checksum ppv-lite86 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "e3cbf9f658cdb5000fcf6f362b8ea2ba154b9f146a61c7a20d647034c6b6561b" "checksum proc-macro2 0.4.30 (registry+https://github.com/rust-lang/crates.io-index)" = "cf3d2011ab5c909338f7887f4fc896d35932e29146c12c8d01da6b22a80ba759" "checksum proc-macro2 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "4c5c2380ae88876faae57698be9e9775e3544decad214599c3a6266cca6ac802" @@ -1438,28 +1395,25 @@ dependencies = [ "checksum regex-syntax 0.6.11 (registry+https://github.com/rust-lang/crates.io-index)" = "b143cceb2ca5e56d5671988ef8b15615733e7ee16cd348e064333b251b89343f" "checksum remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4a83fa3702a688b9359eccba92d153ac33fd2e8462f9e0e3fdf155239ea7792e" "checksum ring 0.16.7 (registry+https://github.com/rust-lang/crates.io-index)" = "796ae8317a07b04dffb1983bdc7045ccd02f741f0b411704f07fd35dbf99f757" -"checksum rle-decode-fast 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cabe4fa914dec5870285fa7f71f602645da47c486e68486d2b4ceb4a343e90ac" "checksum rustc-demangle 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)" = "4c691c0e608126e00913e33f0ccf3727d5fc84573623b8d65b2df340b5201783" "checksum rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" "checksum rusty-fork 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "3dd93264e10c577503e926bd1430193eeb5d21b059148910082245309b424fae" +"checksum salsa20-core 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c7fd325cb25b420aab2c035b5b76966d9f91b88fb54084ce6c0cd072a1ae5cda" "checksum scopeguard 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "94258f53601af11e6a49f722422f6e3425c52b06245a5cf9bc09908b174f5e27" "checksum scopeguard 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b42e15e59b18a828bbf5c58ea01debb36b9b096346de35d941dcb89009f24a0d" "checksum semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" "checksum semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" -"checksum serde 1.0.99 (registry+https://github.com/rust-lang/crates.io-index)" = "fec2851eb56d010dc9a21b89ca53ee75e6528bab60c11e89d38390904982da9f" "checksum slab 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8" "checksum smallvec 0.6.10 (registry+https://github.com/rust-lang/crates.io-index)" = "ab606a9c5e214920bb66c458cd7be8ef094f813f20fe77a54cc7dbfff220d4b7" -"checksum sodiumoxide 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "31532969f87f66ea5667b203fdee70aec8ddbe25aac69d243daff58c01688152" "checksum sourcefile 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "4bf77cb82ba8453b42b6ae1d692e4cdc92f9a47beaf89a847c8be83f4e328ad3" "checksum spin 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cbdb51a221842709c2dd65b62ad4b78289fc3e706a02c17a26104528b6aa7837" "checksum stable_deref_trait 1.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "dba1a27d3efae4351c8051072d619e3ade2820635c3958d826bfea39d59b54c8" +"checksum stream-cipher 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "8131256a5896cabcf5eb04f4d6dacbe1aefda854b0d9896e09cb58829ec5638c" "checksum subtle 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "2d67a5a62ba6e01cb2192ff309324cb4875d0c451d55fe2319433abe7a05a8ee" "checksum subtle 2.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "01f40907d9ffc762709e4ff3eb4a6f6b41b650375a3f09ac92b641942b7fb082" "checksum syn 0.15.44 (registry+https://github.com/rust-lang/crates.io-index)" = "9ca4b3b69a77cbe1ffc9e198781b7acb0c7365a883670e8f1c1bc66fba79a5c5" "checksum syn 1.0.5 (registry+https://github.com/rust-lang/crates.io-index)" = "66850e97125af79138385e9b88339cbcd037e3f28ceab8c5ad98e64f0f1f80bf" "checksum synstructure 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "02353edf96d6e4dc81aea2d8490a7e9db177bf8acb0e951c24940bf866cb313f" -"checksum take_mut 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f764005d11ee5f36500a149ace24e00e3da98b0158b3e2d53a7495660d3f4d60" -"checksum tar 0.4.26 (registry+https://github.com/rust-lang/crates.io-index)" = "b3196bfbffbba3e57481b6ea32249fbaf590396a52505a2615adbb79d9d826d3" "checksum tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6e24d9338a0a5be79593e2fa15a648add6138caa803e2d5bc782c371732ca9" "checksum tokio 0.1.22 (registry+https://github.com/rust-lang/crates.io-index)" = "5a09c0b5bb588872ab2f09afa13ee6e9dac11e10a0ec9e8e3ba39a5a5d530af6" "checksum tokio-codec 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "5c501eceaf96f0e1793cf26beb63da3d11c738c4a943fdf3746d81d64684c39f" @@ -1480,7 +1434,6 @@ dependencies = [ "checksum unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc" "checksum unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c" "checksum untrusted 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "60369ef7a31de49bcb3f6ca728d4ba7300d9a1658f94c727d4cab8c8d9f4aece" -"checksum vcpkg 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)" = "33dd455d0f96e90a75803cfeb7f948768c08d70a6de9a8d2362461935698bf95" "checksum version_check 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "914b1a6776c4c929a602fafd8bc742e06365d4bcbe48c30f9cca5824f70dc9dd" "checksum wait-timeout 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "9f200f5b12eb75f8c1ed65abd4b2db8a6e1b138a20de009dacee265a2498f3f6" "checksum wasi 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fd5442abcac6525a045cc8c795aedb60da7a2e5e89c7bf18a0d5357849bb23c7" @@ -1499,6 +1452,6 @@ dependencies = [ "checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" "checksum ws2_32-sys 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "d59cefebd0c892fa2dd6de581e937301d8552cb44489cdff035c6187cb63fa5e" "checksum x25519-dalek 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7ee1585dc1484373cbc1cee7aafda26634665cf449436fd6e24bfd1fad230538" -"checksum xattr 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "244c3741f4240ef46274860397c7c74e50eb23624996930e484c16679633a54c" "checksum zerocopy 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "992b9b31f80fd4a167f903f879b8ca43d6716cc368ea01df90538baa2dd34056" "checksum zerocopy-derive 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "b090467ecd0624026e8a6405d343ac7382592530d54881330b3fc8e400280fa5" +"checksum zeroize 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)" = "45af6a010d13e4cf5b54c94ba5a2b2eba5596b9e46bf5875612d332a1f2b3f86" diff --git a/Cargo.toml b/Cargo.toml index 6f285bb..5a9464d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,7 +15,6 @@ generic-array = "0.12.3" zerocopy = "0.2.7" byteorder = "1.3.1" digest = "0.8.0" -sodiumoxide = "0.2.2" lazy_static = "^1.3" tokio = "0.1.22" futures = "0.1.28" @@ -24,6 +23,8 @@ treebitmap = "^0.4" crossbeam-deque = "0.7" hjul = "0.1.2" ring = "0.16.7" +chacha20poly1305 = "^0.1" +aead = "^0.1.1" [dependencies.x25519-dalek] version = "^0.5" diff --git a/src/handshake/macs.rs b/src/handshake/macs.rs index 5773f3d..516b9dc 100644 --- a/src/handshake/macs.rs +++ b/src/handshake/macs.rs @@ -1,14 +1,20 @@ +use generic_array::GenericArray; use lazy_static::lazy_static; use rand::{CryptoRng, RngCore}; use spin::RwLock; use std::time::{Duration, Instant}; -use blake2::Blake2s; -use sodiumoxide::crypto::aead::xchacha20poly1305_ietf; -use subtle::ConstantTimeEq; +// types to coalesce into bytes +use std::net::SocketAddr; use x25519_dalek::PublicKey; -use std::net::SocketAddr; +// AEAD +use aead::{Aead, NewAead, Payload}; +use chacha20poly1305::XChaCha20Poly1305; + +// MAC +use blake2::Blake2s; +use subtle::ConstantTimeEq; use super::messages::{CookieReply, MacsFooter, TYPE_COOKIE_REPLY}; use super::types::HandshakeError; @@ -19,6 +25,7 @@ const LABEL_COOKIE: &[u8] = b"cookie--"; const SIZE_COOKIE: usize = 16; const SIZE_SECRET: usize = 32; const SIZE_MAC: usize = 16; // blake2s-mac128 +const SIZE_TAG: usize = 16; // xchacha20poly1305 tag lazy_static! { pub static ref COOKIE_UPDATE_INTERVAL: Duration = Duration::new(120, 0); @@ -51,41 +58,28 @@ macro_rules! MAC { } macro_rules! XSEAL { - ($key:expr, $nonce:expr, $ad:expr, $pt:expr, $ct:expr, $tag:expr) => {{ - let s_key = xchacha20poly1305_ietf::Key::from_slice($key).unwrap(); - let s_nonce = xchacha20poly1305_ietf::Nonce::from_slice($nonce).unwrap(); - - debug_assert_eq!($tag.len(), xchacha20poly1305_ietf::TAGBYTES); - debug_assert_eq!($pt.len(), $ct.len()); - - $ct.copy_from_slice($pt); - let tag = xchacha20poly1305_ietf::seal_detached( - $ct, - if $ad.len() == 0 { None } else { Some($ad) }, - &s_nonce, - &s_key, - ); - $tag.copy_from_slice(tag.as_ref()); + ($key:expr, $nonce:expr, $ad:expr, $pt:expr, $ct:expr) => {{ + let ct = XChaCha20Poly1305::new(*GenericArray::from_slice($key)) + .encrypt( + GenericArray::from_slice($nonce), + Payload { msg: $pt, aad: $ad }, + ) + .unwrap(); + debug_assert_eq!(ct.len(), $pt.len() + SIZE_TAG); + $ct.copy_from_slice(&ct); }}; } macro_rules! XOPEN { - ($key:expr, $nonce:expr, $ad:expr, $pt:expr, $ct:expr, $tag:expr) => {{ - let s_key = xchacha20poly1305_ietf::Key::from_slice($key).unwrap(); - let s_nonce = xchacha20poly1305_ietf::Nonce::from_slice($nonce).unwrap(); - let s_tag = xchacha20poly1305_ietf::Tag::from_slice($tag).unwrap(); - - debug_assert_eq!($pt.len(), $ct.len()); - - $pt.copy_from_slice($ct); - xchacha20poly1305_ietf::open_detached( - $pt, - if $ad.len() == 0 { None } else { Some($ad) }, - &s_tag, - &s_nonce, - &s_key, - ) - .map_err(|_| HandshakeError::DecryptionFailure) + ($key:expr, $nonce:expr, $ad:expr, $pt:expr, $ct:expr) => {{ + debug_assert_eq!($ct.len(), $pt.len() + SIZE_TAG); + XChaCha20Poly1305::new(*GenericArray::from_slice($key)) + .decrypt( + GenericArray::from_slice($nonce), + Payload { msg: $ct, aad: $ad }, + ) + .map_err(|_| HandshakeError::DecryptionFailure) + .map(|pt| $pt.copy_from_slice(&pt)) }}; } @@ -151,12 +145,11 @@ impl Generator { let mac1 = self.last_mac1.ok_or(HandshakeError::InvalidState)?; let mut tau = [0u8; SIZE_COOKIE]; XOPEN!( - &self.cookie_key, // key - &reply.f_nonce, // nonce - &mac1, // ad - &mut tau, // pt - &reply.f_cookie, // ct - &reply.f_cookie_tag // tag + &self.cookie_key, // key + &reply.f_nonce, // nonce + &mac1, // ad + &mut tau, // pt + &reply.f_cookie // ct || tag )?; self.cookie = Some(Cookie { birth: Instant::now(), @@ -260,8 +253,7 @@ impl Validator { &msg.f_nonce, // nonce &macs.f_mac1, // ad &self.get_set_tau(rng, &src), // pt - &mut msg.f_cookie, // ct - &mut msg.f_cookie_tag // tagf + &mut msg.f_cookie // ct || tag ); } diff --git a/src/handshake/messages.rs b/src/handshake/messages.rs index d068f26..6dca413 100644 --- a/src/handshake/messages.rs +++ b/src/handshake/messages.rs @@ -16,6 +16,7 @@ const SIZE_TAG: usize = 16; // poly1305 tag const SIZE_XNONCE: usize = 24; // xchacha20 nonce const SIZE_COOKIE: usize = 16; // const SIZE_X25519_POINT: usize = 32; // x25519 public key +const SIZE_TIMESTAMP: usize = 12; pub const TYPE_INITIATION: u8 = 1; pub const TYPE_RESPONSE: u8 = 2; @@ -43,8 +44,7 @@ pub struct CookieReply { pub f_type: U32, pub f_receiver: U32, pub f_nonce: [u8; SIZE_XNONCE], - pub f_cookie: [u8; SIZE_COOKIE], - pub f_cookie_tag: [u8; SIZE_TAG], + pub f_cookie: [u8; SIZE_COOKIE + SIZE_TAG], } /* Inner sub-messages */ @@ -62,10 +62,8 @@ pub struct NoiseInitiation { pub f_type: U32, pub f_sender: U32, pub f_ephemeral: [u8; SIZE_X25519_POINT], - pub f_static: [u8; SIZE_X25519_POINT], - pub f_static_tag: [u8; SIZE_TAG], - pub f_timestamp: timestamp::TAI64N, - pub f_timestamp_tag: [u8; SIZE_TAG], + pub f_static: [u8; SIZE_X25519_POINT + SIZE_TAG], + pub f_timestamp: [u8; SIZE_TIMESTAMP + SIZE_TAG], } #[repr(packed)] @@ -75,7 +73,7 @@ pub struct NoiseResponse { pub f_sender: U32, pub f_receiver: U32, pub f_ephemeral: [u8; SIZE_X25519_POINT], - pub f_empty_tag: [u8; SIZE_TAG], + pub f_empty: [u8; SIZE_TAG], } /* Zero copy parsing of handshake messages */ @@ -145,8 +143,7 @@ impl Default for CookieReply { f_type: >::new(TYPE_COOKIE_REPLY as u32), f_receiver: >::ZERO, f_nonce: [0u8; SIZE_XNONCE], - f_cookie: [0u8; SIZE_COOKIE], - f_cookie_tag: [0u8; SIZE_TAG], + f_cookie: [0u8; SIZE_COOKIE + SIZE_TAG], } } } @@ -164,13 +161,10 @@ impl Default for NoiseInitiation { fn default() -> Self { Self { f_type: >::new(TYPE_INITIATION as u32), - f_sender: >::ZERO, f_ephemeral: [0u8; SIZE_X25519_POINT], - f_static: [0u8; SIZE_X25519_POINT], - f_static_tag: [0u8; SIZE_TAG], - f_timestamp: timestamp::ZERO, - f_timestamp_tag: [0u8; SIZE_TAG], + f_static: [0u8; SIZE_X25519_POINT + SIZE_TAG], + f_timestamp: [0u8; SIZE_TIMESTAMP + SIZE_TAG], } } } @@ -182,7 +176,7 @@ impl Default for NoiseResponse { f_sender: >::ZERO, f_receiver: >::ZERO, f_ephemeral: [0u8; SIZE_X25519_POINT], - f_empty_tag: [0u8; SIZE_TAG], + f_empty: [0u8; SIZE_TAG], } } } @@ -208,12 +202,11 @@ impl fmt::Debug for CookieReply { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!( f, - "CookieReply {{ type = {}, receiver = {}, nonce = {}, cookie = {}|{} }}", + "CookieReply {{ type = {}, receiver = {}, nonce = {}, cookie = {} }}", self.f_type, self.f_receiver, - hex::encode(self.f_nonce), - hex::encode(self.f_cookie), - hex::encode(self.f_cookie_tag) + hex::encode(&self.f_nonce[..]), + hex::encode(&self.f_cookie[..]), ) } } @@ -222,14 +215,12 @@ impl fmt::Debug for CookieReply { impl fmt::Debug for NoiseInitiation { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, - "NoiseInitiation {{ type = {}, sender = {}, ephemeral = {}, static = {}|{}, timestamp = {}|{} }}", + "NoiseInitiation {{ type = {}, sender = {}, ephemeral = {}, static = {}, timestamp = {} }}", self.f_type.get(), self.f_sender.get(), - hex::encode(self.f_ephemeral), - hex::encode(self.f_static), - hex::encode(self.f_static_tag), - hex::encode(self.f_timestamp), - hex::encode(self.f_timestamp_tag) + hex::encode(&self.f_ephemeral[..]), + hex::encode(&self.f_static[..]), + hex::encode(&self.f_timestamp[..]), ) } } @@ -242,8 +233,8 @@ impl fmt::Debug for NoiseResponse { self.f_type, self.f_sender, self.f_receiver, - hex::encode(self.f_ephemeral), - hex::encode(self.f_empty_tag) + hex::encode(&self.f_ephemeral[..]), + hex::encode(&self.f_empty[..]) ) } } @@ -254,8 +245,8 @@ impl fmt::Debug for MacsFooter { write!( f, "Macs {{ mac1 = {}, mac2 = {} }}", - hex::encode(self.f_mac1), - hex::encode(self.f_mac2) + hex::encode(&self.f_mac1[..]), + hex::encode(&self.f_mac2[..]) ) } } @@ -306,7 +297,7 @@ mod tests { 0xde, 0x1e, 0xf7, 0xf1, 0xca, 0x90, 0x86, 0x72, 0xad, 0x67, 0xea, 0x89, 0x45, 0x44, 0x13, 0x56, 0x52, 0x1f, ]; - msg.noise.f_empty_tag = [ + msg.noise.f_empty = [ 0x60, 0x0e, 0x1e, 0x95, 0x41, 0x6b, 0x52, 0x05, 0xa2, 0x09, 0xe1, 0xbf, 0x40, 0x05, 0x2f, 0xde, ]; @@ -337,18 +328,12 @@ mod tests { msg.noise.f_static = [ 0xdc, 0x33, 0x90, 0x15, 0x8f, 0x82, 0x3e, 0x06, 0x44, 0xa0, 0xde, 0x4c, 0x15, 0x6c, 0x5d, 0xa4, 0x65, 0x99, 0xf6, 0x6c, 0xa1, 0x14, 0x77, 0xf9, 0xeb, 0x6a, 0xec, 0xc3, - 0x3c, 0xda, 0x47, 0xe1, - ]; - msg.noise.f_static_tag = [ - 0x45, 0xac, 0x8d, 0x43, 0xea, 0x1b, 0x2f, 0x02, 0x45, 0x5d, 0x86, 0x37, 0xee, 0x83, - 0x6b, 0x42, + 0x3c, 0xda, 0x47, 0xe1, 0x45, 0xac, 0x8d, 0x43, 0xea, 0x1b, 0x2f, 0x02, 0x45, 0x5d, + 0x86, 0x37, 0xee, 0x83, 0x6b, 0x42, ]; msg.noise.f_timestamp = [ - 0x4f, 0x1c, 0x60, 0xec, 0x0e, 0xf6, 0x36, 0xf0, 0x78, 0x28, 0x57, 0x42, - ]; - msg.noise.f_timestamp_tag = [ - 0x60, 0x0e, 0x1e, 0x95, 0x41, 0x6b, 0x52, 0x05, 0xa2, 0x09, 0xe1, 0xbf, 0x40, 0x05, - 0x2f, 0xde, + 0x4f, 0x1c, 0x60, 0xec, 0x0e, 0xf6, 0x36, 0xf0, 0x78, 0x28, 0x57, 0x42, 0x60, 0x0e, + 0x1e, 0x95, 0x41, 0x6b, 0x52, 0x05, 0xa2, 0x09, 0xe1, 0xbf, 0x40, 0x05, 0x2f, 0xde, ]; msg.macs.f_mac1 = [ 0xf2, 0xad, 0x40, 0xb5, 0xf7, 0xde, 0x77, 0x35, 0x89, 0x19, 0xb7, 0x5c, 0xf9, 0x54, diff --git a/src/handshake/noise.rs b/src/handshake/noise.rs index 8e8f517..8efe4aa 100644 --- a/src/handshake/noise.rs +++ b/src/handshake/noise.rs @@ -6,13 +6,14 @@ use x25519_dalek::StaticSecret; use blake2::Blake2s; use hmac::Hmac; -// AEAD (from libsodium) -use sodiumoxide::crypto::aead::chacha20poly1305; +// AEAD +use aead::{Aead, NewAead, Payload}; +use chacha20poly1305::ChaCha20Poly1305; use rand::{CryptoRng, RngCore}; use generic_array::typenum::*; -use generic_array::GenericArray; +use generic_array::*; use super::device::Device; use super::messages::{NoiseInitiation, NoiseResponse}; @@ -36,6 +37,7 @@ type TemporaryState = (u32, PublicKey, GenericArray, GenericArray {{ @@ -101,52 +103,20 @@ macro_rules! KDF3 { } macro_rules! SEAL { - ($key:expr, $ad:expr, $pt:expr, $ct:expr, $tag:expr) => {{ - // create annoying nonce and key objects - let s_nonce = chacha20poly1305::Nonce::from_slice(&ZERO_NONCE).unwrap(); - let s_key = chacha20poly1305::Key::from_slice($key).unwrap(); - - // type annontate the ct and pt arguments - let pt: &[u8] = $pt; - let ct: &mut [u8] = $ct; - - // basic sanity checks - debug_assert_eq!(pt.len(), ct.len()); - debug_assert_eq!($tag.len(), chacha20poly1305::TAGBYTES); - - // encrypt - ct.copy_from_slice(pt); - let tag = chacha20poly1305::seal_detached( - ct, - if $ad.len() == 0 { None } else { Some($ad) }, - &s_nonce, - &s_key, - ); - $tag.copy_from_slice(tag.as_ref()); + ($key:expr, $ad:expr, $pt:expr, $ct:expr) => {{ + let ct = ChaCha20Poly1305::new(*GenericArray::from_slice($key)) + .encrypt(&ZERO_NONCE.into(), Payload { msg: $pt, aad: $ad }) + .unwrap(); + $ct.copy_from_slice(&ct); }}; } macro_rules! OPEN { - ($key:expr, $ad:expr, $pt:expr, $ct:expr, $tag:expr) => {{ - // create annoying nonce and key objects - let s_nonce = chacha20poly1305::Nonce::from_slice(&ZERO_NONCE).unwrap(); - let s_key = chacha20poly1305::Key::from_slice($key).unwrap(); - let s_tag = chacha20poly1305::Tag::from_slice($tag).unwrap(); - - // type annontate the ct and pt arguments - let pt: &mut [u8] = $pt; - let ct: &[u8] = $ct; - - // decrypt - pt.copy_from_slice(ct); - chacha20poly1305::open_detached( - pt, - if $ad.len() == 0 { None } else { Some($ad) }, - &s_tag, - &s_nonce, - &s_key, - ) - .map_err(|_| HandshakeError::DecryptionFailure) + ($key:expr, $ad:expr, $pt:expr, $ct:expr) => {{ + ChaCha20Poly1305::new(*GenericArray::from_slice($key)) + .decrypt(&ZERO_NONCE.into(), Payload { msg: $ct, aad: $ad }) + .map_err(|_| HandshakeError::DecryptionFailure) + .map(|pt| $pt.copy_from_slice(&pt)) }}; } @@ -275,15 +245,14 @@ pub fn create_initiation( SEAL!( &key, - &hs, // ad - device.pk.as_bytes(), // pt - &mut msg.f_static, // ct - &mut msg.f_static_tag // tag + &hs, // ad + device.pk.as_bytes(), // pt + &mut msg.f_static // ct || tag ); // H := Hash(H || msg.static) - let hs = HASH!(&hs, &msg.f_static, &msg.f_static_tag); + let hs = HASH!(&hs, &msg.f_static[..]); // (C, k) := Kdf2(C, DH(S_priv, S_pub)) @@ -293,15 +262,14 @@ pub fn create_initiation( SEAL!( &key, - &hs, // ad - ×tamp::now(), // pt - &mut msg.f_timestamp, // ct - &mut msg.f_timestamp_tag // tag + &hs, // ad + ×tamp::now(), // pt + &mut msg.f_timestamp // ct || tag ); // H := Hash(H || msg.timestamp) - let hs = HASH!(&hs, &msg.f_timestamp, &msg.f_timestamp_tag); + let hs = HASH!(&hs, &msg.f_timestamp); // update state of peer @@ -344,17 +312,16 @@ pub fn consume_initiation<'a, T: Copy>( OPEN!( &key, - &hs, // ad - &mut pk, // pt - &msg.f_static, // ct - &msg.f_static_tag // tag + &hs, // ad + &mut pk, // pt + &msg.f_static // ct || tag )?; let peer = device.lookup_pk(&PublicKey::from(pk))?; // H := Hash(H || msg.static) - let hs = HASH!(&hs, &msg.f_static, &msg.f_static_tag); + let hs = HASH!(&hs, &msg.f_static[..]); // (C, k) := Kdf2(C, DH(S_priv, S_pub)) @@ -366,10 +333,9 @@ pub fn consume_initiation<'a, T: Copy>( OPEN!( &key, - &hs, // ad - &mut ts, // pt - &msg.f_timestamp, // ct - &msg.f_timestamp_tag // tag + &hs, // ad + &mut ts, // pt + &msg.f_timestamp // ct || tag )?; // check and update timestamp @@ -378,7 +344,7 @@ pub fn consume_initiation<'a, T: Copy>( // H := Hash(H || msg.timestamp) - let hs = HASH!(&hs, &msg.f_timestamp, &msg.f_timestamp_tag); + let hs = HASH!(&hs, &msg.f_timestamp); // return state (to create response) @@ -437,10 +403,9 @@ pub fn create_response( SEAL!( &key, - &hs, // ad - &[], // pt - &mut [], // ct - &mut msg.f_empty_tag // tag + &hs, // ad + &[], // pt + &mut msg.f_empty // \epsilon || tag ); /* not strictly needed @@ -515,10 +480,9 @@ pub fn consume_response( OPEN!( &key, - &hs, // ad - &mut [], // pt - &[], // ct - &msg.f_empty_tag // tag + &hs, // ad + &mut [], // pt + &msg.f_empty // \epsilon || tag )?; // derive key-pair diff --git a/src/main.rs b/src/main.rs index fc1a26a..600e144 100644 --- a/src/main.rs +++ b/src/main.rs @@ -13,7 +13,6 @@ use std::net::SocketAddr; use std::sync::Arc; use std::time::Duration; -use sodiumoxide; use types::{Bind, KeyPair}; struct Test {} @@ -71,8 +70,6 @@ struct PeerTimer { fn main() { let runner = Runner::new(Duration::from_millis(100), 1000, 1024); - // choose optimal crypto implementations for platform - sodiumoxide::init().unwrap(); { let router = router::Device::new( 4, -- cgit v1.2.3-59-g8ed1b