X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=src%2Fcypherpunks.ru%2Fgovpn%2Fpeer.go;h=e43dc9c75c235f54dcf206209e17b62105cde430;hb=f47fff1e42f75b736e7067ec06c2e81394833d46;hp=213e8174786df4db45d72abfa40a20043851b9a4;hpb=da9420230cd4ed2ff1d8685c96b99043e529da62;p=govpn.git diff --git a/src/cypherpunks.ru/govpn/peer.go b/src/cypherpunks.ru/govpn/peer.go index 213e817..e43dc9c 100644 --- a/src/cypherpunks.ru/govpn/peer.go +++ b/src/cypherpunks.ru/govpn/peer.go @@ -1,6 +1,6 @@ /* GoVPN -- simple secure free software virtual private network daemon -Copyright (C) 2014-2016 Sergey Matveev +Copyright (C) 2014-2017 Sergey Matveev This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -28,16 +28,16 @@ import ( "sync/atomic" "time" + "chacha20" "golang.org/x/crypto/blake2b" "golang.org/x/crypto/poly1305" - "golang.org/x/crypto/salsa20" ) const ( NonceSize = 8 NonceBucketSize = 256 TagSize = poly1305.TagSize - // S20BS is Salsa20's internal blocksize in bytes + // S20BS is ChaCha20's internal blocksize in bytes S20BS = 64 // Maximal amount of bytes transfered with single key (4 GiB) MaxBytesPerKey uint64 = 1 << 32 @@ -51,18 +51,20 @@ const ( func newNonces(key *[32]byte, i uint64) chan *[NonceSize]byte { macKey := make([]byte, 32) - salsa20.XORKeyStream(macKey, make([]byte, 32), make([]byte, 8), key) + chacha20.XORKeyStream(macKey, make([]byte, 32), new([16]byte), key) mac, err := blake2b.New256(macKey) if err != nil { panic(err) } + sum := make([]byte, mac.Size()) nonces := make(chan *[NonceSize]byte, NonceBucketSize*3) go func() { for { buf := new([NonceSize]byte) binary.BigEndian.PutUint64(buf[:], i) mac.Write(buf[:]) - mac.Sum(buf[:0]) + mac.Sum(sum[0:]) + copy(buf[:], sum) nonces <- buf mac.Reset() i += 2 @@ -86,7 +88,7 @@ type Peer struct { // Basic Addr string - Id *PeerId + ID *PeerID Conn io.Writer `json:"-"` // Traffic behaviour @@ -96,7 +98,7 @@ type Peer struct { Encless bool MTU int - key *[SSize]byte `json:"-"` + key *[SSize]byte // Timers Timeout time.Duration `json:"-"` @@ -108,6 +110,7 @@ type Peer struct { bufR []byte tagR *[TagSize]byte keyAuthR *[SSize]byte + nonceR *[16]byte pktSizeR int // UDP-related @@ -126,12 +129,13 @@ type Peer struct { bufT []byte tagT *[TagSize]byte keyAuthT *[SSize]byte + nonceT *[16]byte frameT []byte noncesT chan *[NonceSize]byte } func (p *Peer) String() string { - return p.Id.String() + ":" + p.Addr + return p.ID.String() + ":" + p.Addr } // Zero peer's memory state. @@ -181,7 +185,7 @@ func newPeer(isClient bool, addr string, conn io.Writer, conf *PeerConf, key *[S peer := Peer{ Addr: addr, - Id: conf.Id, + ID: conf.ID, Conn: conn, NoiseEnable: noiseEnable, @@ -201,7 +205,9 @@ func newPeer(isClient bool, addr string, conn io.Writer, conf *PeerConf, key *[S tagR: new([TagSize]byte), tagT: new([TagSize]byte), keyAuthR: new([SSize]byte), + nonceR: new([16]byte), keyAuthT: new([SSize]byte), + nonceT: new([16]byte), } if isClient { @@ -271,22 +277,19 @@ func (p *Peer) EthProcess(data []byte) { } copy(p.frameT[len(p.frameT)-NonceSize:], (<-p.noncesT)[:]) var out []byte + copy(p.nonceT[8:], p.frameT[len(p.frameT)-NonceSize:]) if p.Encless { var err error - out, err = EnclessEncode( - p.key, - p.frameT[len(p.frameT)-NonceSize:], - p.frameT[:len(p.frameT)-NonceSize], - ) + out, err = EnclessEncode(p.key, p.nonceT, p.frameT[:len(p.frameT)-NonceSize]) if err != nil { panic(err) } out = append(out, p.frameT[len(p.frameT)-NonceSize:]...) } else { - salsa20.XORKeyStream( + chacha20.XORKeyStream( p.bufT[:S20BS+len(p.frameT)-NonceSize], p.bufT[:S20BS+len(p.frameT)-NonceSize], - p.frameT[len(p.frameT)-NonceSize:], + p.nonceT, p.key, ) copy(p.keyAuthT[:], p.bufT[:SSize]) @@ -308,13 +311,10 @@ func (p *Peer) PktProcess(data []byte, tap io.Writer, reorderable bool) bool { } var out []byte p.BusyR.Lock() + copy(p.nonceR[8:], data[len(data)-NonceSize:]) if p.Encless { var err error - out, err = EnclessDecode( - p.key, - data[len(data)-NonceSize:], - data[:len(data)-NonceSize], - ) + out, err = EnclessDecode(p.key, p.nonceR, data[:len(data)-NonceSize]) if err != nil { p.FramesUnauth++ p.BusyR.Unlock() @@ -325,10 +325,10 @@ func (p *Peer) PktProcess(data []byte, tap io.Writer, reorderable bool) bool { p.bufR[i] = 0 } copy(p.bufR[S20BS:], data[TagSize:]) - salsa20.XORKeyStream( + chacha20.XORKeyStream( p.bufR[:S20BS+len(data)-TagSize-NonceSize], p.bufR[:S20BS+len(data)-TagSize-NonceSize], - data[len(data)-NonceSize:], + p.nonceR, p.key, ) copy(p.keyAuthR[:], p.bufR[:SSize])