From 8d4c157146b37c673bd393b1070dd588f51a3700 Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Tue, 2 Feb 2016 11:57:46 +0000 Subject: Reserve rspamd_sig_t for signatures --- src/libcryptobox/cryptobox.c | 20 ++++++++++---------- src/libcryptobox/cryptobox.h | 17 ++++++++++------- test/rspamd_cryptobox_test.c | 4 ++-- 3 files changed, 22 insertions(+), 19 deletions(-) diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c index 4b4cd4da1..5f0bb3b64 100644 --- a/src/libcryptobox/cryptobox.c +++ b/src/libcryptobox/cryptobox.c @@ -590,7 +590,7 @@ rspamd_cryptobox_encrypt_final (void *enc_ctx, guchar *out, gsize remain) } static gboolean -rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_sig_t sig) +rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_mac_t sig) { if (G_LIKELY (!use_openssl)) { poly1305_finish (auth_ctx, sig); @@ -604,7 +604,7 @@ rspamd_cryptobox_auth_final (void *auth_ctx, rspamd_sig_t sig) EVP_CIPHER_CTX *s = auth_ctx; g_assert (EVP_CIPHER_CTX_ctrl (s, EVP_CTRL_GCM_GET_TAG, - sizeof (rspamd_sig_t), sig) == 1); + sizeof (rspamd_mac_t), sig) == 1); return TRUE; #endif @@ -757,10 +757,10 @@ rspamd_cryptobox_decrypt_final (void *enc_ctx, guchar *out, gsize remain) } static gboolean -rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_sig_t sig) +rspamd_cryptobox_auth_verify_final (void *auth_ctx, const rspamd_mac_t sig) { if (G_LIKELY (!use_openssl)) { - rspamd_sig_t mac; + rspamd_mac_t mac; poly1305_finish (auth_ctx, mac); @@ -808,7 +808,7 @@ rspamd_cryptobox_cleanup (void *enc_ctx, void *auth_ctx) void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, const rspamd_nm_t nm, - rspamd_sig_t sig) + rspamd_mac_t sig) { gsize r; void *enc_ctx, *auth_ctx; @@ -848,7 +848,7 @@ void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_sig_t sig) + const rspamd_nm_t nm, rspamd_mac_t sig) { struct rspamd_cryptobox_segment *cur = segments, *start_seg = segments; guchar outbuf[CHACHA_BLOCKBYTES * 16]; @@ -949,7 +949,7 @@ rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, - const rspamd_nonce_t nonce, const rspamd_nm_t nm, const rspamd_sig_t sig) + const rspamd_nonce_t nonce, const rspamd_nm_t nm, const rspamd_mac_t sig) { gsize r = 0; gboolean ret = TRUE; @@ -979,7 +979,7 @@ rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_sig_t sig) + const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; gboolean ret; @@ -995,7 +995,7 @@ rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig) + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; @@ -1008,7 +1008,7 @@ void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig) + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig) { guchar nm[rspamd_cryptobox_MAX_NMBYTES]; diff --git a/src/libcryptobox/cryptobox.h b/src/libcryptobox/cryptobox.h index 4a3d1e1f7..8673fa091 100644 --- a/src/libcryptobox/cryptobox.h +++ b/src/libcryptobox/cryptobox.h @@ -39,6 +39,9 @@ struct rspamd_cryptobox_segment { #define rspamd_cryptobox_HASHBYTES 64 #define rspamd_cryptobox_HASHKEYBYTES 64 #define rspamd_cryptobox_HASHSTATEBYTES 256 +#define rspamd_cryptobox_MAX_SIGSKBYTES 64 +#define rspamd_cryptobox_MAX_SIGPKBYTES 32 +#define rspamd_cryptobox_MAX_SIGBYTES 64 #define CPUID_AVX2 0x1 #define CPUID_AVX 0x2 @@ -50,7 +53,7 @@ struct rspamd_cryptobox_segment { typedef guchar rspamd_pk_t[rspamd_cryptobox_MAX_PKBYTES]; typedef guchar rspamd_sk_t[rspamd_cryptobox_MAX_SKBYTES]; -typedef guchar rspamd_sig_t[rspamd_cryptobox_MAX_MACBYTES]; +typedef guchar rspamd_mac_t[rspamd_cryptobox_MAX_MACBYTES]; typedef guchar rspamd_nm_t[rspamd_cryptobox_MAX_NMBYTES]; typedef guchar rspamd_nonce_t[rspamd_cryptobox_MAX_NONCEBYTES]; typedef guchar rspamd_sipkey_t[rspamd_cryptobox_SIPKEYBYTES]; @@ -86,7 +89,7 @@ void rspamd_cryptobox_keypair (rspamd_pk_t pk, rspamd_sk_t sk); */ void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig); + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -99,7 +102,7 @@ void rspamd_cryptobox_encrypt_inplace (guchar *data, gsize len, void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_sig_t sig); + const rspamd_pk_t pk, const rspamd_sk_t sk, rspamd_mac_t sig); /** @@ -113,7 +116,7 @@ void rspamd_cryptobox_encryptv_inplace (struct rspamd_cryptobox_segment *segment */ gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_sig_t sig); + const rspamd_pk_t pk, const rspamd_sk_t sk, const rspamd_mac_t sig); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -125,7 +128,7 @@ gboolean rspamd_cryptobox_decrypt_inplace (guchar *data, gsize len, */ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_sig_t sig); + const rspamd_nm_t nm, rspamd_mac_t sig); /** * Encrypt segments of data inplace adding signature to sig afterwards @@ -138,7 +141,7 @@ void rspamd_cryptobox_encrypt_nm_inplace (guchar *data, gsize len, void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segments, gsize cnt, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, rspamd_sig_t sig); + const rspamd_nm_t nm, rspamd_mac_t sig); /** @@ -152,7 +155,7 @@ void rspamd_cryptobox_encryptv_nm_inplace (struct rspamd_cryptobox_segment *segm */ gboolean rspamd_cryptobox_decrypt_nm_inplace (guchar *data, gsize len, const rspamd_nonce_t nonce, - const rspamd_nm_t nm, const rspamd_sig_t sig); + const rspamd_nm_t nm, const rspamd_mac_t sig); /** * Generate shared secret from local sk and remote pk diff --git a/test/rspamd_cryptobox_test.c b/test/rspamd_cryptobox_test.c index 97a21ec48..0ba4bbc93 100644 --- a/test/rspamd_cryptobox_test.c +++ b/test/rspamd_cryptobox_test.c @@ -56,7 +56,7 @@ create_mapping (int mapping_len, guchar **beg, guchar **end) static void check_result (const rspamd_nm_t key, const rspamd_nonce_t nonce, - const rspamd_sig_t mac, guchar *begin, guchar *end) + const rspamd_mac_t mac, guchar *begin, guchar *end) { guint64 *t = (guint64 *)begin; @@ -168,7 +168,7 @@ rspamd_cryptobox_test_func (void) guchar *begin, *end; rspamd_nm_t key; rspamd_nonce_t nonce; - rspamd_sig_t mac; + rspamd_mac_t mac; struct rspamd_cryptobox_segment *seg; double t1, t2; gint i, cnt, ms; -- cgit v1.2.3