aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2016-02-05 14:47:25 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2016-02-05 14:47:25 +0000
commit1e0332c701c7ecc79c8ec2f94b2a2700a47b9133 (patch)
treec3fe11a950c1e2784974d11befb96b08b626f10d
parentce62c022fc1d51a8a3f042ac08e7b48820d401a8 (diff)
downloadrspamd-1e0332c701c7ecc79c8ec2f94b2a2700a47b9133.tar.gz
rspamd-1e0332c701c7ecc79c8ec2f94b2a2700a47b9133.zip
Add flexible x25519/nist modes for cryptobox
-rw-r--r--src/CMakeLists.txt4
-rw-r--r--src/libcryptobox/cryptobox.c257
-rw-r--r--src/libcryptobox/cryptobox.h60
-rw-r--r--src/libcryptobox/ed25519/ed25519.c3
-rw-r--r--src/libcryptobox/keypairs_cache.c12
5 files changed, 186 insertions, 150 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 4077ed52f..601b5eca7 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -101,8 +101,8 @@ AddModules(MODULES_LIST WORKERS_LIST)
LIST(LENGTH PLUGINSSRC RSPAMD_MODULES_NUM)
######################### LINK SECTION ###############################
-ADD_LIBRARY(rspamd-server STATIC ${RSPAMD_UTIL} ${RSPAMD_LUA} ${RSPAMD_SERVER}
- ${RSPAMD_STAT} ${RSPAMD_MIME} ${RSPAMD_CRYPTOBOX}
+ADD_LIBRARY(rspamd-server STATIC ${RSPAMD_CRYPTOBOX} ${RSPAMD_UTIL} ${RSPAMD_LUA} ${RSPAMD_SERVER}
+ ${RSPAMD_STAT} ${RSPAMD_MIME}
${CMAKE_CURRENT_BINARY_DIR}/modules.c ${PLUGINSSRC})
TARGET_LINK_LIBRARIES(rspamd-server rspamd-http-parser)
TARGET_LINK_LIBRARIES(rspamd-server rspamd-cdb)
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c
index d2d64a9d0..1971e42ce 100644
--- a/src/libcryptobox/cryptobox.c
+++ b/src/libcryptobox/cryptobox.c
@@ -56,7 +56,6 @@
unsigned long cpu_config = 0;
-static gboolean use_openssl = FALSE;
static gboolean cryptobox_loaded = FALSE;
static const guchar n0[16] = {0};
@@ -322,9 +321,10 @@ rspamd_cryptobox_init (void)
}
void
-rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk)
+rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
ottery_rand_bytes (sk, rspamd_cryptobox_MAX_SKBYTES);
sk[0] &= 248;
sk[31] &= 127;
@@ -357,7 +357,7 @@ rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk)
g_assert (len <= (gint)sizeof (rspamd_sk_t));
BN_bn2bin (bn_sec, sk);
len = BN_num_bytes (bn_pub);
- g_assert (len <= (gint)rspamd_cryptobox_pk_bytes ());
+ g_assert (len <= (gint)rspamd_cryptobox_pk_bytes (mode));
BN_bn2bin (bn_pub, pk);
BN_free (bn_pub);
EC_KEY_free (ec_sec);
@@ -366,9 +366,10 @@ rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk)
}
void
-rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk)
+rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
ed25519_keypair (pk, sk);
}
else {
@@ -396,7 +397,7 @@ rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk)
g_assert (len <= (gint)sizeof (rspamd_sk_t));
BN_bn2bin (bn_sec, sk);
len = BN_num_bytes (bn_pub);
- g_assert (len <= (gint)rspamd_cryptobox_pk_bytes ());
+ g_assert (len <= (gint)rspamd_cryptobox_pk_bytes (mode));
BN_bn2bin (bn_pub, pk);
BN_free (bn_pub);
EC_KEY_free (ec_sec);
@@ -405,9 +406,11 @@ rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk)
}
void
-rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk)
+rspamd_cryptobox_nm (rspamd_nm_t nm,
+ const rspamd_pk_t pk, const rspamd_sk_t sk,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
guchar s[32];
guchar e[32];
@@ -434,7 +437,7 @@ rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk)
lk = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID);
g_assert (lk != NULL);
- bn_pub = BN_bin2bn (pk, rspamd_cryptobox_pk_bytes (), NULL);
+ bn_pub = BN_bin2bn (pk, rspamd_cryptobox_pk_bytes (mode), NULL);
g_assert (bn_pub != NULL);
bn_sec = BN_bin2bn (sk, sizeof (rspamd_sk_t), NULL);
g_assert (bn_sec != NULL);
@@ -459,9 +462,10 @@ rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk)
void
rspamd_cryptobox_sign (guchar *sig, gsize *siglen_p,
const guchar *m, gsize mlen,
- const rspamd_sk_t sk)
+ const rspamd_sk_t sk,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
ed25519_sign (sig, siglen_p, m, mlen, sk);
}
else {
@@ -472,7 +476,7 @@ rspamd_cryptobox_sign (guchar *sig, gsize *siglen_p,
BIGNUM *bn_sec, *kinv = NULL, *rp = NULL;
EVP_MD_CTX sha_ctx;
unsigned char h[64];
- guint diglen = rspamd_cryptobox_signature_bytes ();
+ guint diglen = rspamd_cryptobox_signature_bytes (mode);
/* Prehash */
g_assert (EVP_DigestInit (&sha_ctx, EVP_sha512()) == 1);
@@ -505,11 +509,12 @@ bool
rspamd_cryptobox_verify (const guchar *sig,
const guchar *m,
gsize mlen,
- const rspamd_pk_t pk)
+ const rspamd_pk_t pk,
+ enum rspamd_cryptobox_mode mode)
{
bool ret = false;
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
ret = ed25519_verify (sig, m, mlen, pk);
}
else {
@@ -530,7 +535,7 @@ rspamd_cryptobox_verify (const guchar *sig,
/* Key setup */
lk = EC_KEY_new_by_curve_name (CRYPTOBOX_CURVE_NID);
g_assert (lk != NULL);
- bn_pub = BN_bin2bn (pk, rspamd_cryptobox_pk_bytes (), NULL);
+ bn_pub = BN_bin2bn (pk, rspamd_cryptobox_pk_bytes (mode), NULL);
g_assert (bn_pub != NULL);
ec_pub = EC_POINT_bn2point (EC_KEY_get0_group (lk), bn_pub, NULL, NULL);
g_assert (ec_pub != NULL);
@@ -538,7 +543,7 @@ rspamd_cryptobox_verify (const guchar *sig,
/* ECDSA */
ret = ECDSA_verify (0, h, sizeof (h), sig,
- rspamd_cryptobox_signature_bytes (), lk) == 1;
+ rspamd_cryptobox_signature_bytes (mode), lk) == 1;
EC_KEY_free (lk);
BN_free (bn_pub);
@@ -550,9 +555,9 @@ rspamd_cryptobox_verify (const guchar *sig,
}
static gsize
-rspamd_cryptobox_encrypt_ctx_len (void)
+rspamd_cryptobox_encrypt_ctx_len (enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return sizeof (chacha_state) + CRYPTOBOX_ALIGNMENT;
}
else {
@@ -567,9 +572,9 @@ rspamd_cryptobox_encrypt_ctx_len (void)
}
static gsize
-rspamd_cryptobox_auth_ctx_len (void)
+rspamd_cryptobox_auth_ctx_len (enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return sizeof (poly1305_state) + CRYPTOBOX_ALIGNMENT;
}
else {
@@ -585,9 +590,10 @@ rspamd_cryptobox_auth_ctx_len (void)
static void *
rspamd_cryptobox_encrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
- const rspamd_nm_t nm)
+ const rspamd_nm_t nm,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
chacha_state *s;
s = cryptobox_align_ptr (enc_ctx, CRYPTOBOX_ALIGNMENT);
@@ -608,7 +614,7 @@ rspamd_cryptobox_encrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
memset (s, 0, sizeof (*s));
g_assert (EVP_EncryptInit_ex (s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1);
g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_SET_IVLEN,
- rspamd_cryptobox_nonce_bytes (), NULL) == 1);
+ rspamd_cryptobox_nonce_bytes (mode), NULL) == 1);
g_assert (EVP_EncryptInit_ex (s, NULL, NULL, nm, nonce) == 1);
return s;
@@ -619,9 +625,10 @@ rspamd_cryptobox_encrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
}
static void *
-rspamd_cryptobox_auth_init (void *auth_ctx, void *enc_ctx)
+rspamd_cryptobox_auth_init (void *auth_ctx, void *enc_ctx,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
poly1305_state *mac_ctx;
guchar RSPAMD_ALIGNED(32) subkey[CHACHA_BLOCKBYTES];
@@ -648,9 +655,10 @@ rspamd_cryptobox_auth_init (void *auth_ctx, void *enc_ctx)
static gboolean
rspamd_cryptobox_encrypt_update (void *enc_ctx, const guchar *in, gsize inlen,
- guchar *out, gsize *outlen)
+ guchar *out, gsize *outlen,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
gsize r;
r = chacha_update (enc_ctx, in, out, inlen);
@@ -683,9 +691,10 @@ rspamd_cryptobox_encrypt_update (void *enc_ctx, const guchar *in, gsize inlen,
}
static gboolean
-rspamd_cryptobox_auth_update (void *auth_ctx, const guchar *in, gsize inlen)
+rspamd_cryptobox_auth_update (void *auth_ctx, const guchar *in, gsize inlen,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
poly1305_update (auth_ctx, in, inlen);
return TRUE;
@@ -702,9 +711,10 @@ rspamd_cryptobox_auth_update (void *auth_ctx, const guchar *in, gsize inlen)
}
static gsize
-rspamd_cryptobox_encrypt_final (void *enc_ctx, guchar *out, gsize remain)
+rspamd_cryptobox_encrypt_final (void *enc_ctx, guchar *out, gsize remain,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return chacha_final (enc_ctx, out);
}
else {
@@ -724,9 +734,10 @@ rspamd_cryptobox_encrypt_final (void *enc_ctx, guchar *out, gsize remain)
}
static gboolean
-rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_mac_t sig)
+rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
poly1305_finish (auth_ctx, sig);
return TRUE;
@@ -749,9 +760,10 @@ rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_mac_t sig)
static void *
rspamd_cryptobox_decrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
- const rspamd_nm_t nm)
+ const rspamd_nm_t nm,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
chacha_state *s;
@@ -773,7 +785,7 @@ rspamd_cryptobox_decrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
memset (s, 0, sizeof (*s));
g_assert (EVP_DecryptInit_ex(s, EVP_aes_256_gcm (), NULL, NULL, NULL) == 1);
g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_SET_IVLEN,
- rspamd_cryptobox_nonce_bytes (), NULL) == 1);
+ rspamd_cryptobox_nonce_bytes (mode), NULL) == 1);
g_assert (EVP_DecryptInit_ex (s, NULL, NULL, nm, nonce) == 1);
return s;
@@ -784,9 +796,10 @@ rspamd_cryptobox_decrypt_init (void *enc_ctx, const rspamd_nonce_t nonce,
}
static void *
-rspamd_cryptobox_auth_verify_init (void *auth_ctx, void *enc_ctx)
+rspamd_cryptobox_auth_verify_init (void *auth_ctx, void *enc_ctx,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
poly1305_state *mac_ctx;
guchar RSPAMD_ALIGNED(32) subkey[CHACHA_BLOCKBYTES];
@@ -813,9 +826,10 @@ rspamd_cryptobox_auth_verify_init (void *auth_ctx, void *enc_ctx)
static gboolean
rspamd_cryptobox_decrypt_update (void *enc_ctx, const guchar *in, gsize inlen,
- guchar *out, gsize *outlen)
+ guchar *out, gsize *outlen,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
gsize r;
r = chacha_update (enc_ctx, in, out, inlen);
@@ -846,9 +860,11 @@ rspamd_cryptobox_decrypt_update (void *enc_ctx, const guchar *in, gsize inlen,
}
static gboolean
-rspamd_cryptobox_auth_verify_update (void *auth_ctx, const guchar *in, gsize inlen)
+rspamd_cryptobox_auth_verify_update (void *auth_ctx,
+ const guchar *in, gsize inlen,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
poly1305_update (auth_ctx, in, inlen);
return TRUE;
@@ -865,9 +881,10 @@ rspamd_cryptobox_auth_verify_update (void *auth_ctx, const guchar *in, gsize inl
}
static gboolean
-rspamd_cryptobox_decrypt_final (void *enc_ctx, guchar *out, gsize remain)
+rspamd_cryptobox_decrypt_final (void *enc_ctx, guchar *out, gsize remain,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
chacha_final (enc_ctx, out);
return TRUE;
@@ -891,9 +908,10 @@ rspamd_cryptobox_decrypt_final (void *enc_ctx, guchar *out, gsize remain)
}
static gboolean
-rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig)
+rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
rspamd_mac_t mac;
poly1305_finish (auth_ctx, mac);
@@ -923,9 +941,10 @@ rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig)
static void
-rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx)
+rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx,
+ enum rspamd_cryptobox_mode mode)
{
- if (G_LIKELY (!use_openssl)) {
+ if (G_LIKELY (RSPAMD_CRYPTOBOX_MODE_25519)) {
rspamd_explicit_memzero (auth_ctx, sizeof (poly1305_state));
}
else {
@@ -942,24 +961,25 @@ rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx)
void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce,
const rspamd_nm_t nm,
- rspamd_mac_t sig)
+ rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode)
{
gsize r;
void *enc_ctx, *auth_ctx;
- enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len ());
- auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len ());
+ enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len (mode));
+ auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len (mode));
- enc_ctx = rspamd_cryptobox_encrypt_init (enc_ctx, nonce, nm);
- auth_ctx = rspamd_cryptobox_auth_init (auth_ctx, enc_ctx);
+ enc_ctx = rspamd_cryptobox_encrypt_init (enc_ctx, nonce, nm, mode);
+ auth_ctx = rspamd_cryptobox_auth_init (auth_ctx, enc_ctx, mode);
- rspamd_cryptobox_encrypt_update (enc_ctx, data, len, data, &r);
- rspamd_cryptobox_encrypt_final (enc_ctx, data + r, len - r);
+ rspamd_cryptobox_encrypt_update (enc_ctx, data, len, data, &r, mode);
+ rspamd_cryptobox_encrypt_final (enc_ctx, data + r, len - r, mode);
- rspamd_cryptobox_auth_update (auth_ctx, data, len);
- rspamd_cryptobox_auth_final (auth_ctx, sig);
+ rspamd_cryptobox_auth_update (auth_ctx, data, len, mode);
+ rspamd_cryptobox_auth_final (auth_ctx, sig, mode);
- rspamd_cryptobox_cleanup (enc_ctx, auth_ctx);
+ rspamd_cryptobox_cleanup (enc_ctx, auth_ctx, mode);
}
static void
@@ -982,7 +1002,8 @@ void
rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments,
gsize cnt,
const rspamd_nonce_t nonce,
- const rspamd_nm_t nm, rspamd_mac_t sig)
+ const rspamd_nm_t nm, rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode)
{
struct rspamd_cryptobox_segment *cur = segments, *start_seg = segments;
guchar outbuf[CHACHA_BLOCKBYTES * 16];
@@ -990,11 +1011,11 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments,
guchar *out, *in;
gsize r, remain, inremain, seg_offset;
- enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len ());
- auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len ());
+ enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len (mode));
+ auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len (mode));
- enc_ctx = rspamd_cryptobox_encrypt_init (enc_ctx, nonce, nm);
- auth_ctx = rspamd_cryptobox_auth_init (auth_ctx, enc_ctx);
+ enc_ctx = rspamd_cryptobox_encrypt_init (enc_ctx, nonce, nm, mode);
+ auth_ctx = rspamd_cryptobox_auth_init (auth_ctx, enc_ctx, mode);
remain = sizeof (outbuf);
out = outbuf;
@@ -1014,8 +1035,9 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments,
if (remain == 0) {
rspamd_cryptobox_encrypt_update (enc_ctx, outbuf, sizeof (outbuf),
- outbuf, NULL);
- rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf));
+ outbuf, NULL, mode);
+ rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf),
+ mode);
rspamd_cryptobox_flush_outbuf (start_seg, outbuf,
sizeof (outbuf), seg_offset);
start_seg = cur;
@@ -1027,8 +1049,9 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments,
else {
memcpy (out, cur->data, remain);
rspamd_cryptobox_encrypt_update (enc_ctx, outbuf, sizeof (outbuf),
- outbuf, NULL);
- rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf));
+ outbuf, NULL, mode);
+ rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf),
+ mode);
rspamd_cryptobox_flush_outbuf (start_seg, outbuf, sizeof (outbuf),
seg_offset);
seg_offset = 0;
@@ -1046,10 +1069,12 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments,
outbuf,
sizeof (outbuf),
outbuf,
- NULL);
+ NULL,
+ mode);
rspamd_cryptobox_auth_update (auth_ctx,
outbuf,
- sizeof (outbuf));
+ sizeof (outbuf),
+ mode);
memcpy (in, outbuf, sizeof (outbuf));
in += sizeof (outbuf);
inremain -= sizeof (outbuf);
@@ -1069,43 +1094,46 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments,
}
rspamd_cryptobox_encrypt_update (enc_ctx, outbuf, sizeof (outbuf) - remain,
- outbuf, &r);
+ outbuf, &r, mode);
out = outbuf + r;
- rspamd_cryptobox_encrypt_final (enc_ctx, out, sizeof (outbuf) - remain - r);
+ rspamd_cryptobox_encrypt_final (enc_ctx, out, sizeof (outbuf) - remain - r,
+ mode);
- rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf) - remain);
- rspamd_cryptobox_auth_final (auth_ctx, sig);
+ rspamd_cryptobox_auth_update (auth_ctx, outbuf, sizeof (outbuf) - remain,
+ mode);
+ rspamd_cryptobox_auth_final (auth_ctx, sig, mode);
rspamd_cryptobox_flush_outbuf (start_seg, outbuf, sizeof (outbuf) - remain,
seg_offset);
- rspamd_cryptobox_cleanup (auth_ctx, enc_ctx);
+ rspamd_cryptobox_cleanup (auth_ctx, enc_ctx, mode);
}
gboolean
rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len,
- const rspamd_nonce_t nonce, const rspamd_nm_t nm, const rspamd_mac_t sig)
+ const rspamd_nonce_t nonce, const rspamd_nm_t nm,
+ const rspamd_mac_t sig, enum rspamd_cryptobox_mode mode)
{
gsize r = 0;
gboolean ret = TRUE;
void *enc_ctx, *auth_ctx;
- enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len ());
- auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len ());
+ enc_ctx = g_alloca (rspamd_cryptobox_encrypt_ctx_len (mode));
+ auth_ctx = g_alloca (rspamd_cryptobox_auth_ctx_len (mode));
- enc_ctx = rspamd_cryptobox_decrypt_init (enc_ctx, nonce, nm);
- auth_ctx = rspamd_cryptobox_auth_verify_init (auth_ctx, enc_ctx);
+ enc_ctx = rspamd_cryptobox_decrypt_init (enc_ctx, nonce, nm, mode);
+ auth_ctx = rspamd_cryptobox_auth_verify_init (auth_ctx, enc_ctx, mode);
- rspamd_cryptobox_auth_verify_update (auth_ctx, data, len);
+ rspamd_cryptobox_auth_verify_update (auth_ctx, data, len, mode);
- if (!rspamd_cryptobox_auth_verify_final (auth_ctx, sig)) {
+ if (!rspamd_cryptobox_auth_verify_final (auth_ctx, sig, mode)) {
ret = FALSE;
}
else {
- rspamd_cryptobox_decrypt_update (enc_ctx, data, len, data, &r);
- ret = rspamd_cryptobox_decrypt_final (enc_ctx, data + r, len - r);
+ rspamd_cryptobox_decrypt_update (enc_ctx, data, len, data, &r, mode);
+ ret = rspamd_cryptobox_decrypt_final (enc_ctx, data + r, len - r, mode);
}
- rspamd_cryptobox_cleanup (enc_ctx, auth_ctx);
+ rspamd_cryptobox_cleanup (enc_ctx, auth_ctx, mode);
return ret;
}
@@ -1113,13 +1141,15 @@ rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len,
gboolean
rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce,
- const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig)
+ const rspamd_pk_t pk, const rspamd_sk_t sk,
+ const rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode)
{
guchar nm[rspamd_cryptobox_MAX_NMBYTES];
gboolean ret;
- rspamd_cryptobox_nm (nm, pk, sk);
- ret = rspamd_cryptobox_decrypt_nm_inplace (data, len, nonce, nm, sig);
+ rspamd_cryptobox_nm (nm, pk, sk, mode);
+ ret = rspamd_cryptobox_decrypt_nm_inplace (data, len, nonce, nm, sig, mode);
rspamd_explicit_memzero (nm, sizeof (nm));
@@ -1129,12 +1159,14 @@ rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len,
void
rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce,
- const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig)
+ const rspamd_pk_t pk, const rspamd_sk_t sk,
+ rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode)
{
guchar nm[rspamd_cryptobox_MAX_NMBYTES];
- rspamd_cryptobox_nm (nm, pk, sk);
- rspamd_cryptobox_encrypt_nm_inplace (data, len, nonce, nm, sig);
+ rspamd_cryptobox_nm (nm, pk, sk, mode);
+ rspamd_cryptobox_encrypt_nm_inplace (data, len, nonce, nm, sig, mode);
rspamd_explicit_memzero (nm, sizeof (nm));
}
@@ -1142,12 +1174,14 @@ void
rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments,
gsize cnt,
const rspamd_nonce_t nonce,
- const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig)
+ const rspamd_pk_t pk, const rspamd_sk_t sk,
+ rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode)
{
guchar nm[rspamd_cryptobox_MAX_NMBYTES];
- rspamd_cryptobox_nm (nm, pk, sk);
- rspamd_cryptobox_encryptv_nm_inplace (segments, cnt, nonce, nm, sig);
+ rspamd_cryptobox_nm (nm, pk, sk, mode);
+ rspamd_cryptobox_encryptv_nm_inplace (segments, cnt, nonce, nm, sig, mode);
rspamd_explicit_memzero (nm, sizeof (nm));
}
@@ -1217,20 +1251,11 @@ rspamd_cryptobox_pbkdf (const char *pass, gsize pass_len,
return TRUE;
}
-gboolean
-rspamd_cryptobox_openssl_mode (gboolean enable)
-{
-#ifdef HAVE_USABLE_OPENSSL
- use_openssl = enable;
-#endif
-
- return use_openssl;
-}
guint
-rspamd_cryptobox_pk_bytes (void)
+rspamd_cryptobox_pk_bytes (enum rspamd_cryptobox_mode mode)
{
- if (G_UNLIKELY (!use_openssl)) {
+ if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return 32;
}
else {
@@ -1239,9 +1264,9 @@ rspamd_cryptobox_pk_bytes (void)
}
guint
-rspamd_cryptobox_pk_sig_bytes (void)
+rspamd_cryptobox_pk_sig_bytes (enum rspamd_cryptobox_mode mode)
{
- if (G_UNLIKELY (!use_openssl)) {
+ if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return 32;
}
else {
@@ -1250,9 +1275,9 @@ rspamd_cryptobox_pk_sig_bytes (void)
}
guint
-rspamd_cryptobox_nonce_bytes (void)
+rspamd_cryptobox_nonce_bytes (enum rspamd_cryptobox_mode mode)
{
- if (G_UNLIKELY (!use_openssl)) {
+ if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return 24;
}
else {
@@ -1262,15 +1287,15 @@ rspamd_cryptobox_nonce_bytes (void)
guint
-rspamd_cryptobox_sk_bytes (void)
+rspamd_cryptobox_sk_bytes (enum rspamd_cryptobox_mode mode)
{
return 32;
}
guint
-rspamd_cryptobox_sk_sig_bytes (void)
+rspamd_cryptobox_sk_sig_bytes (enum rspamd_cryptobox_mode mode)
{
- if (G_UNLIKELY (!use_openssl)) {
+ if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return 64;
}
else {
@@ -1279,11 +1304,11 @@ rspamd_cryptobox_sk_sig_bytes (void)
}
guint
-rspamd_cryptobox_signature_bytes (void)
+rspamd_cryptobox_signature_bytes (enum rspamd_cryptobox_mode mode)
{
static guint ssl_keylen;
- if (G_UNLIKELY (!use_openssl)) {
+ if (G_UNLIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
return 64;
}
else {
@@ -1302,13 +1327,13 @@ rspamd_cryptobox_signature_bytes (void)
}
guint
-rspamd_cryptobox_nm_bytes (void)
+rspamd_cryptobox_nm_bytes (enum rspamd_cryptobox_mode mode)
{
return 32;
}
guint
-rspamd_cryptobox_mac_bytes (void)
+rspamd_cryptobox_mac_bytes (enum rspamd_cryptobox_mode mode)
{
return 16;
}
diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h
index 16214f6f8..fffbc098b 100644
--- a/src/libcryptobox/cryptobox.h
+++ b/src/libcryptobox/cryptobox.h
@@ -54,6 +54,11 @@ typedef guchar rspamd_signature_t[rspamd_cryptobox_MAX_SIGBYTES];
typedef guchar rspamd_sig_pk_t[rspamd_cryptobox_MAX_SIGPKBYTES];
typedef guchar rspamd_sig_sk_t[rspamd_cryptobox_MAX_SIGSKBYTES];
+enum rspamd_cryptobox_mode {
+ RSPAMD_CRYPTOBOX_MODE_25519 = 0,
+ RSPAMD_CRYPTOBOX_MODE_NIST
+};
+
struct rspamd_cryptobox_library_ctx {
gchar *cpu_extensions;
const gchar *curve25519_impl;
@@ -75,14 +80,16 @@ struct rspamd_cryptobox_library_ctx* rspamd_cryptobox_init (void);
* @param pk public key buffer
* @param sk secret key buffer
*/
-void rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk);
+void rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk,
+ enum rspamd_cryptobox_mode mode);
/**
* Generate new keypair for signing
* @param pk public key buffer
* @param sk secret key buffer
*/
-void rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk);
+void rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk,
+ enum rspamd_cryptobox_mode mode);
/**
* Encrypt data inplace adding signature to sig afterwards
@@ -93,7 +100,8 @@ void rspamd_cryptobox_keypair_sig (rspamd_sig_pk_t pk, rspamd_sig_sk_t sk);
*/
void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce,
- const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig);
+ const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode);
/**
* Encrypt segments of data inplace adding signature to sig afterwards
@@ -106,7 +114,8 @@ void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len,
void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments,
gsize cnt,
const rspamd_nonce_t nonce,
- const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig);
+ const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode);
/**
@@ -120,7 +129,8 @@ void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segment
*/
gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce,
- const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig);
+ const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode);
/**
* Encrypt segments of data inplace adding signature to sig afterwards
@@ -132,7 +142,8 @@ gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len,
*/
void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce,
- const rspamd_nm_t nm, rspamd_mac_t sig);
+ const rspamd_nm_t nm, rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode);
/**
* Encrypt segments of data inplace adding signature to sig afterwards
@@ -145,7 +156,8 @@ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len,
void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments,
gsize cnt,
const rspamd_nonce_t nonce,
- const rspamd_nm_t nm, rspamd_mac_t sig);
+ const rspamd_nm_t nm, rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode);
/**
@@ -159,7 +171,8 @@ void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segm
*/
gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len,
const rspamd_nonce_t nonce,
- const rspamd_nm_t nm, const rspamd_mac_t sig);
+ const rspamd_nm_t nm, const rspamd_mac_t sig,
+ enum rspamd_cryptobox_mode mode);
/**
* Generate shared secret from local sk and remote pk
@@ -167,7 +180,8 @@ gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len,
* @param pk remote pubkey
* @param sk local privkey
*/
-void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_t sk);
+void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk,
+ const rspamd_sk_t sk, enum rspamd_cryptobox_mode mode);
/**
* Create digital signature for the specified message and place result in `sig`
@@ -179,7 +193,8 @@ void rspamd_cryptobox_nm (rspamd_nm_t nm, const rspamd_pk_t pk, const rspamd_sk_
*/
void rspamd_cryptobox_sign (guchar *sig, gsize *siglen_p,
const guchar *m, gsize mlen,
- const rspamd_sk_t sk);
+ const rspamd_sk_t sk,
+ enum rspamd_cryptobox_mode mode);
/**
* Verifies digital signature for the specified message using the specified
@@ -193,7 +208,8 @@ void rspamd_cryptobox_sign (guchar *sig, gsize *siglen_p,
bool rspamd_cryptobox_verify (const guchar *sig,
const guchar *m,
gsize mlen,
- const rspamd_pk_t pk);
+ const rspamd_pk_t pk,
+ enum rspamd_cryptobox_mode mode);
/**
* Securely clear the buffer specified
@@ -229,50 +245,44 @@ gboolean rspamd_cryptobox_pbkdf(const char *pass, gsize pass_len,
unsigned int rounds);
/**
- * Enable openssl mode in rspamd_cryptobox
- * @param enable if TRUE then crypto code will use openssl, chacha20/poly1305 otherwize
- */
-gboolean rspamd_cryptobox_openssl_mode (gboolean enable);
-
-/**
* Real size of rspamd cryptobox public key
*/
-guint rspamd_cryptobox_pk_bytes (void);
+guint rspamd_cryptobox_pk_bytes (enum rspamd_cryptobox_mode mode);
/**
* Real size of rspamd cryptobox signing public key
*/
-guint rspamd_cryptobox_pk_sig_bytes (void);
+guint rspamd_cryptobox_pk_sig_bytes (enum rspamd_cryptobox_mode mode);
/**
* Real size of crypto nonce
*/
-guint rspamd_cryptobox_nonce_bytes (void);
+guint rspamd_cryptobox_nonce_bytes (enum rspamd_cryptobox_mode mode);
/**
* Real size of rspamd cryptobox secret key
*/
-guint rspamd_cryptobox_sk_bytes (void);
+guint rspamd_cryptobox_sk_bytes (enum rspamd_cryptobox_mode mode);
/**
* Real size of rspamd cryptobox signing secret key
*/
-guint rspamd_cryptobox_sk_sig_bytes (void);
+guint rspamd_cryptobox_sk_sig_bytes (enum rspamd_cryptobox_mode mode);
/**
* Real size of rspamd cryptobox shared key
*/
-guint rspamd_cryptobox_nm_bytes (void);
+guint rspamd_cryptobox_nm_bytes (enum rspamd_cryptobox_mode mode);
/**
* Real size of rspamd cryptobox MAC signature
*/
-guint rspamd_cryptobox_mac_bytes (void);
+guint rspamd_cryptobox_mac_bytes (enum rspamd_cryptobox_mode mode);
/**
* Real size of rspamd cryptobox digital signature
*/
-guint rspamd_cryptobox_signature_bytes (void);
+guint rspamd_cryptobox_signature_bytes (enum rspamd_cryptobox_mode mode);
/* Hash IUF interface */
typedef struct RSPAMD_ALIGNED(32) rspamd_cryptobox_hash_state_s {
diff --git a/src/libcryptobox/ed25519/ed25519.c b/src/libcryptobox/ed25519/ed25519.c
index e5355a673..b022c16cc 100644
--- a/src/libcryptobox/ed25519/ed25519.c
+++ b/src/libcryptobox/ed25519/ed25519.c
@@ -269,7 +269,8 @@ ed25519_test (const ed25519_impl_t *impl)
impl->sign (sig, NULL, msg, strlen (test_vectors[i].message) / 2, joint_sk);
- if (memcmp (sig, expected, rspamd_cryptobox_signature_bytes ()) != 0) {
+ if (memcmp (sig, expected,
+ rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519)) != 0) {
return false;
}
diff --git a/src/libcryptobox/keypairs_cache.c b/src/libcryptobox/keypairs_cache.c
index 2e87561da..5df5e8a27 100644
--- a/src/libcryptobox/keypairs_cache.c
+++ b/src/libcryptobox/keypairs_cache.c
@@ -81,23 +81,23 @@ rspamd_keypair_cache_process (struct rspamd_keypair_cache *c,
g_assert (kp_remote != NULL);
memset (&search, 0, sizeof (search));
- memcpy (search.pair, kp_remote->pk, rspamd_cryptobox_pk_bytes ());
+ memcpy (search.pair, kp_remote->pk, rspamd_cryptobox_pk_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
memcpy (&search.pair[rspamd_cryptobox_MAX_PKBYTES], kp_local->sk,
- rspamd_cryptobox_sk_bytes ());
+ rspamd_cryptobox_sk_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
new = rspamd_lru_hash_lookup (c->hash, &search, time (NULL));
if (new == NULL) {
new = g_slice_alloc0 (sizeof (*new));
- memcpy (new->pair, kp_remote->pk, rspamd_cryptobox_pk_bytes ());
+ memcpy (new->pair, kp_remote->pk, rspamd_cryptobox_pk_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
memcpy (&new->pair[rspamd_cryptobox_MAX_PKBYTES], kp_local->sk,
- rspamd_cryptobox_sk_bytes ());
- rspamd_cryptobox_nm (new->nm, kp_remote->pk, kp_local->sk);
+ rspamd_cryptobox_sk_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
+ rspamd_cryptobox_nm (new->nm, kp_remote->pk, kp_local->sk, RSPAMD_CRYPTOBOX_MODE_25519);
rspamd_lru_hash_insert (c->hash, new, new, time (NULL), -1);
}
g_assert (new != NULL);
- memcpy (kp_remote->nm, new->nm, rspamd_cryptobox_nm_bytes ());
+ memcpy (kp_remote->nm, new->nm, rspamd_cryptobox_nm_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
kp_remote->has_nm = TRUE;
#if 0
memcpy (kp_local->nm, new->nm, rspamd_cryptobox_NMBYTES);