mirror of
https://git.zx2c4.com/wireguard-go
synced 2024-11-15 01:05:15 +01:00
parent
bffe99aead
commit
ea4ea6f933
@ -3,6 +3,7 @@ package main
|
|||||||
import (
|
import (
|
||||||
"crypto/hmac"
|
"crypto/hmac"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
|
"git.zx2c4.com/wireguard-go/internal/xchacha20poly1305"
|
||||||
"golang.org/x/crypto/blake2s"
|
"golang.org/x/crypto/blake2s"
|
||||||
"golang.org/x/crypto/chacha20poly1305"
|
"golang.org/x/crypto/chacha20poly1305"
|
||||||
"sync"
|
"sync"
|
||||||
@ -157,7 +158,7 @@ func (st *CookieChecker) CreateReply(
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
XChaCha20Poly1305Encrypt(
|
xchacha20poly1305.Encrypt(
|
||||||
reply.Cookie[:0],
|
reply.Cookie[:0],
|
||||||
&reply.Nonce,
|
&reply.Nonce,
|
||||||
cookie[:],
|
cookie[:],
|
||||||
@ -201,7 +202,7 @@ func (st *CookieGenerator) ConsumeReply(msg *MessageCookieReply) bool {
|
|||||||
|
|
||||||
var cookie [blake2s.Size128]byte
|
var cookie [blake2s.Size128]byte
|
||||||
|
|
||||||
_, err := XChaCha20Poly1305Decrypt(
|
_, err := xchacha20poly1305.Decrypt(
|
||||||
cookie[:0],
|
cookie[:0],
|
||||||
&msg.Nonce,
|
&msg.Nonce,
|
||||||
msg.Cookie[:],
|
msg.Cookie[:],
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"git.zx2c4.com/wireguard-go/internal/ratelimiter"
|
||||||
"runtime"
|
"runtime"
|
||||||
"sync"
|
"sync"
|
||||||
"sync/atomic"
|
"sync/atomic"
|
||||||
@ -50,7 +51,7 @@ type Device struct {
|
|||||||
|
|
||||||
rate struct {
|
rate struct {
|
||||||
underLoadUntil atomic.Value
|
underLoadUntil atomic.Value
|
||||||
limiter Ratelimiter
|
limiter ratelimiter.Ratelimiter
|
||||||
}
|
}
|
||||||
|
|
||||||
pool struct {
|
pool struct {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
package main
|
package ratelimiter
|
||||||
|
|
||||||
/* Copyright (C) 2015-2017 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
|
/* Copyright (C) 2015-2017 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
|
||||||
|
|
@ -1,4 +1,4 @@
|
|||||||
package main
|
package ratelimiter
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"net"
|
"net"
|
@ -1,4 +1,4 @@
|
|||||||
package main
|
package tai64n
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
@ -11,7 +11,7 @@ const base = uint64(4611686018427387914)
|
|||||||
|
|
||||||
type Timestamp [TimestampSize]byte
|
type Timestamp [TimestampSize]byte
|
||||||
|
|
||||||
func TimestampNow() Timestamp {
|
func Now() Timestamp {
|
||||||
var tai64n Timestamp
|
var tai64n Timestamp
|
||||||
now := time.Now()
|
now := time.Now()
|
||||||
secs := base + uint64(now.Unix())
|
secs := base + uint64(now.Unix())
|
@ -1,4 +1,4 @@
|
|||||||
package main
|
package tai64n
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"testing"
|
"testing"
|
||||||
@ -9,10 +9,10 @@ import (
|
|||||||
* as used by WireGuard.
|
* as used by WireGuard.
|
||||||
*/
|
*/
|
||||||
func TestMonotonic(t *testing.T) {
|
func TestMonotonic(t *testing.T) {
|
||||||
old := TimestampNow()
|
old := Now()
|
||||||
for i := 0; i < 10000; i++ {
|
for i := 0; i < 10000; i++ {
|
||||||
time.Sleep(time.Nanosecond)
|
time.Sleep(time.Nanosecond)
|
||||||
next := TimestampNow()
|
next := Now()
|
||||||
if !next.After(old) {
|
if !next.After(old) {
|
||||||
t.Error("TAI64N, not monotonically increasing on nano-second scale")
|
t.Error("TAI64N, not monotonically increasing on nano-second scale")
|
||||||
}
|
}
|
@ -2,7 +2,7 @@
|
|||||||
// Use of this source code is governed by a license that can be
|
// Use of this source code is governed by a license that can be
|
||||||
// found in the LICENSE file.
|
// found in the LICENSE file.
|
||||||
|
|
||||||
package main
|
package xchacha20poly1305
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/binary"
|
"encoding/binary"
|
||||||
@ -138,7 +138,7 @@ func hChaCha20(out *[32]byte, nonce []byte, key *[32]byte) {
|
|||||||
binary.LittleEndian.PutUint32(out[28:], v15)
|
binary.LittleEndian.PutUint32(out[28:], v15)
|
||||||
}
|
}
|
||||||
|
|
||||||
func XChaCha20Poly1305Encrypt(
|
func Encrypt(
|
||||||
dst []byte,
|
dst []byte,
|
||||||
nonceFull *[24]byte,
|
nonceFull *[24]byte,
|
||||||
plaintext []byte,
|
plaintext []byte,
|
||||||
@ -153,7 +153,7 @@ func XChaCha20Poly1305Encrypt(
|
|||||||
return aead.Seal(dst, nonce[:], plaintext, additionalData)
|
return aead.Seal(dst, nonce[:], plaintext, additionalData)
|
||||||
}
|
}
|
||||||
|
|
||||||
func XChaCha20Poly1305Decrypt(
|
func Decrypt(
|
||||||
dst []byte,
|
dst []byte,
|
||||||
nonceFull *[24]byte,
|
nonceFull *[24]byte,
|
||||||
plaintext []byte,
|
plaintext []byte,
|
@ -1,4 +1,4 @@
|
|||||||
package main
|
package xchacha20poly1305
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
@ -60,7 +60,7 @@ func TestXChaCha20(t *testing.T) {
|
|||||||
|
|
||||||
// test encryption
|
// test encryption
|
||||||
|
|
||||||
ct := XChaCha20Poly1305Encrypt(
|
ct := Encrypt(
|
||||||
nil,
|
nil,
|
||||||
&nonceArray,
|
&nonceArray,
|
||||||
pt,
|
pt,
|
||||||
@ -74,7 +74,7 @@ func TestXChaCha20(t *testing.T) {
|
|||||||
|
|
||||||
// test decryption
|
// test decryption
|
||||||
|
|
||||||
ptp, err := XChaCha20Poly1305Decrypt(
|
ptp, err := Decrypt(
|
||||||
nil,
|
nil,
|
||||||
&nonceArray,
|
&nonceArray,
|
||||||
ct,
|
ct,
|
@ -2,6 +2,7 @@ package main
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
|
"git.zx2c4.com/wireguard-go/internal/tai64n"
|
||||||
"golang.org/x/crypto/blake2s"
|
"golang.org/x/crypto/blake2s"
|
||||||
"golang.org/x/crypto/chacha20poly1305"
|
"golang.org/x/crypto/chacha20poly1305"
|
||||||
"golang.org/x/crypto/poly1305"
|
"golang.org/x/crypto/poly1305"
|
||||||
@ -58,7 +59,7 @@ type MessageInitiation struct {
|
|||||||
Sender uint32
|
Sender uint32
|
||||||
Ephemeral NoisePublicKey
|
Ephemeral NoisePublicKey
|
||||||
Static [NoisePublicKeySize + poly1305.TagSize]byte
|
Static [NoisePublicKeySize + poly1305.TagSize]byte
|
||||||
Timestamp [TimestampSize + poly1305.TagSize]byte
|
Timestamp [tai64n.TimestampSize + poly1305.TagSize]byte
|
||||||
MAC1 [blake2s.Size128]byte
|
MAC1 [blake2s.Size128]byte
|
||||||
MAC2 [blake2s.Size128]byte
|
MAC2 [blake2s.Size128]byte
|
||||||
}
|
}
|
||||||
@ -99,7 +100,7 @@ type Handshake struct {
|
|||||||
remoteStatic NoisePublicKey // long term key
|
remoteStatic NoisePublicKey // long term key
|
||||||
remoteEphemeral NoisePublicKey // ephemeral public key
|
remoteEphemeral NoisePublicKey // ephemeral public key
|
||||||
precomputedStaticStatic [NoisePublicKeySize]byte // precomputed shared secret
|
precomputedStaticStatic [NoisePublicKeySize]byte // precomputed shared secret
|
||||||
lastTimestamp Timestamp
|
lastTimestamp tai64n.Timestamp
|
||||||
lastInitiationConsumption time.Time
|
lastInitiationConsumption time.Time
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -206,7 +207,7 @@ func (device *Device) CreateMessageInitiation(peer *Peer) (*MessageInitiation, e
|
|||||||
|
|
||||||
// encrypt timestamp
|
// encrypt timestamp
|
||||||
|
|
||||||
timestamp := TimestampNow()
|
timestamp := tai64n.Now()
|
||||||
func() {
|
func() {
|
||||||
var key [chacha20poly1305.KeySize]byte
|
var key [chacha20poly1305.KeySize]byte
|
||||||
KDF2(
|
KDF2(
|
||||||
@ -271,7 +272,7 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer {
|
|||||||
|
|
||||||
// verify identity
|
// verify identity
|
||||||
|
|
||||||
var timestamp Timestamp
|
var timestamp tai64n.Timestamp
|
||||||
var key [chacha20poly1305.KeySize]byte
|
var key [chacha20poly1305.KeySize]byte
|
||||||
|
|
||||||
handshake.mutex.RLock()
|
handshake.mutex.RLock()
|
||||||
|
Loading…
Reference in New Issue
Block a user