From patchwork Mon Feb 27 12:50:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3093 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:2310:b0:9f:bfa4:120f with SMTP id r16csp1132728dye; Mon, 27 Feb 2023 04:51:29 -0800 (PST) X-Google-Smtp-Source: AK7set+RnXYU4NX4PjJKMAINUBn7mMrZaKXfCXVwhDvIZWXVjM7x/RHYy1cByOIQf3Kqvj09x5/2 X-Received: by 2002:a05:6a20:3d17:b0:cc:75b8:7cba with SMTP id y23-20020a056a203d1700b000cc75b87cbamr13568094pzi.43.1677502289194; Mon, 27 Feb 2023 04:51:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677502289; cv=none; d=google.com; s=arc-20160816; b=VBlIY1CR4X2Bk/PoNDjg5E/hnJxrPNPgBRTx2MbQxecwuxcTU9Dvnxkvw8/HmPxbmH W+xwNrZNRSp04sWZsz8Fl2dmzzBKaIdrGXZfIGeZbW7xcep7OaiqaGNthCCebA1ozN8k udfRSo9402wydGT/+4L4Jtb5nJ0wNBT6m5aiAY0Afk/HprX5S1uoA5vuPXR+DmP45cUS jGDQZ2DYDZHDj+rQm+RS041Z6ZryHrpQBGjiWWCrbAZJwsDrYaZH8ZGAmPTcu+7GJ4mX AyAok89BRFZ/rEePvI2226HXncH2UKrVipR2ZrfvhyoIko13O+khm5ExV/QXHstUy9jX F2GQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature; bh=Hd/2FtLVK9aGS6vtAr7ekQXQzT96TeUFhhdDDwEnbps=; b=LBdGbosSfsZTvfsKJ3fvCH+TxnFVrHiGuOhxrLjQnHhFJjk9lD7nzNNdGSGZdKA+lA KZSDn90x6QlmluiPUcvB4AWnipRs5a1EbY8D5Ga6otpnbU9S6G3jxLZ6aJohESrwXDhP W8jbyx+2SzOoC2d4ZJf2JhVVY9hd/au8+vwrj89PPZkJwAVGB/usAgsYztK2LKdBpgIa KiH+fitQleXva/NQJYm0LJFvbJcPJ0a1pCrWeOqWPil7RuHs0ZtBVEeJAueyMQ15VE0o RHatlTV+HzEsuCQCjsddVFnmHXMhpWv5kVHClcu64JVJ6vRZEdbCdFs7QtD/PnjxyQAW bHxQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=TGKBPCYS; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=dGsA+LSm; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id e7-20020a63e007000000b004fba312c234si7432868pgh.401.2023.02.27.04.51.28 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Feb 2023 04:51:29 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=TGKBPCYS; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=dGsA+LSm; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pWcxj-00010K-HZ; Mon, 27 Feb 2023 12:50:39 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pWcxh-00010D-C4 for openvpn-devel@lists.sourceforge.net; Mon, 27 Feb 2023 12:50:37 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=c+7XKW5PRt32fmScs/RnL9/XBj3HZAN9ljNv7vcOtNQ=; b=TGKBPCYSbNLg5Pr/1xF/56qaIN 7vgsk5+duy6Hx70SyRGDM9P9WzL5pdmfNMZ1qwTtk332bmhDHfi95XNd1mstJ2J8ikm95sX+SPTtb tmBF3OegegHqFM3GPyX0/y7z1EWahOkMxBNQqGdFcKFIPjp9dRT49QwDCSPzD+sAnGUs=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=c+7XKW5PRt32fmScs/RnL9/XBj3HZAN9ljNv7vcOtNQ=; b=d GsA+LSmkqOg0cQKisc4qpXM/QWSwdDw9d+9om5d/D4+O57bkKZk7rEeP+XkNjIgUsYVhu6AJTAqw0 oIll41Y7Dzdl2AGj1YlGzVJqJ3KHvodA/E2QWBatCv9JC58YwGxTBAPc2ahyOczfDINZMsUX4vTol sdGjcyMDqYYMKF+0=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pWcxg-003KH1-Hs for openvpn-devel@lists.sourceforge.net; Mon, 27 Feb 2023 12:50:37 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pWcxT-000IK8-SP for openvpn-devel@lists.sourceforge.net; Mon, 27 Feb 2023 13:50:23 +0100 Received: (nullmailer pid 2561425 invoked by uid 10006); Mon, 27 Feb 2023 12:50:23 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Mon, 27 Feb 2023 13:50:21 +0100 Message-Id: <20230227125023.2561379-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: OpenSSL only supports SIPHASH with OpenSSL 3.1 and newer. The source code of siphash is quite small and has very liberal CC0 license, so include it instead of pulling an extra library for it. Change-Id: I1292894fe7f537049a97bee97af4419e5e854a00 Signed-off-by: Arne Schwabe --- src/openvpn/siphash.c | 212 ++++++++++++++++++++++++++++++++++++++++++ src/openvpn/siphash.h | 3 [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1pWcxg-003KH1-Hs Subject: [Openvpn-devel] [PATCH 1/3] Add siphash reference implementation X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1758988640437590326?= X-GMAIL-MSGID: =?utf-8?q?1758988640437590326?= OpenSSL only supports SIPHASH with OpenSSL 3.1 and newer. The source code of siphash is quite small and has very liberal CC0 license, so include it instead of pulling an extra library for it. Change-Id: I1292894fe7f537049a97bee97af4419e5e854a00 Signed-off-by: Arne Schwabe --- src/openvpn/siphash.c | 212 ++++++++++++++++++++++++++++++++++++++++++ src/openvpn/siphash.h | 31 ++++++ 2 files changed, 243 insertions(+) create mode 100644 src/openvpn/siphash.c create mode 100644 src/openvpn/siphash.h diff --git a/src/openvpn/siphash.c b/src/openvpn/siphash.c new file mode 100644 index 000000000..b8a7bbc11 --- /dev/null +++ b/src/openvpn/siphash.c @@ -0,0 +1,212 @@ +/* + * SipHash reference C implementation + * + * Copyright (c) 2012-2022 Jean-Philippe Aumasson + * + * Copyright (c) 2012-2014 Daniel J. Bernstein + * + * To the extent possible under law, the author(s) have dedicated all copyright + * and related and neighboring rights to this software to the public domain + * worldwide. This software is distributed without any warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication along + * with + * this software. If not, see + * . + */ + +#include "siphash.h" +#include +#include +#include + +/* default: SipHash-2-4 */ +#ifndef cROUNDS +#define cROUNDS 2 +#endif +#ifndef dROUNDS +#define dROUNDS 4 +#endif + +#define ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b)))) + +#define U32TO8_LE(p, v) \ + (p)[0] = (uint8_t)((v)); \ + (p)[1] = (uint8_t)((v) >> 8); \ + (p)[2] = (uint8_t)((v) >> 16); \ + (p)[3] = (uint8_t)((v) >> 24); + +#define U64TO8_LE(p, v) \ + U32TO8_LE((p), (uint32_t)((v))); \ + U32TO8_LE((p) + 4, (uint32_t)((v) >> 32)); + +#define U8TO64_LE(p) \ + (((uint64_t)((p)[0])) | ((uint64_t)((p)[1]) << 8) \ + |((uint64_t)((p)[2]) << 16) | ((uint64_t)((p)[3]) << 24) \ + |((uint64_t)((p)[4]) << 32) | ((uint64_t)((p)[5]) << 40) \ + |((uint64_t)((p)[6]) << 48) | ((uint64_t)((p)[7]) << 56)) + +#define SIPROUND \ + do { \ + v0 += v1; \ + v1 = ROTL(v1, 13); \ + v1 ^= v0; \ + v0 = ROTL(v0, 32); \ + v2 += v3; \ + v3 = ROTL(v3, 16); \ + v3 ^= v2; \ + v0 += v3; \ + v3 = ROTL(v3, 21); \ + v3 ^= v0; \ + v2 += v1; \ + v1 = ROTL(v1, 17); \ + v1 ^= v2; \ + v2 = ROTL(v2, 32); \ + } while (0) + +#ifdef DEBUG_SIPHASH +#include + +#define TRACE \ + do { \ + printf("(%3zu) v0 %016" PRIx64 "\n", inlen, v0); \ + printf("(%3zu) v1 %016" PRIx64 "\n", inlen, v1); \ + printf("(%3zu) v2 %016" PRIx64 "\n", inlen, v2); \ + printf("(%3zu) v3 %016" PRIx64 "\n", inlen, v3); \ + } while (0) +#else /* ifdef DEBUG_SIPHASH */ +#define TRACE +#endif + +/* + * Computes a SipHash value + * in: pointer to input data (read-only) + * inlen: input data length in bytes (any size_t value) + * k: pointer to the key data (read-only), must be 16 bytes + * out: pointer to output data (write-only), outlen bytes must be allocated + * outlen: length of the output in bytes, must be 8 or 16 + */ +int +siphash(const void *in, const size_t inlen, const void *k, uint8_t *out, + const size_t outlen) +{ + + const unsigned char *ni = (const unsigned char *)in; + const unsigned char *kk = (const unsigned char *)k; + + assert((outlen == 8) || (outlen == 16)); + uint64_t v0 = UINT64_C(0x736f6d6570736575); + uint64_t v1 = UINT64_C(0x646f72616e646f6d); + uint64_t v2 = UINT64_C(0x6c7967656e657261); + uint64_t v3 = UINT64_C(0x7465646279746573); + uint64_t k0 = U8TO64_LE(kk); + uint64_t k1 = U8TO64_LE(kk + 8); + uint64_t m; + int i; + const unsigned char *end = ni + inlen - (inlen % sizeof(uint64_t)); + const int left = inlen & 7; + uint64_t b = ((uint64_t)inlen) << 56; + v3 ^= k1; + v2 ^= k0; + v1 ^= k1; + v0 ^= k0; + + if (outlen == 16) + { + v1 ^= 0xee; + } + + for (; ni != end; ni += 8) + { + m = U8TO64_LE(ni); + v3 ^= m; + + TRACE; + for (i = 0; i < cROUNDS; ++i) + { + SIPROUND; + } + + v0 ^= m; + } + + switch (left) + { + case 7: + b |= ((uint64_t)ni[6]) << 48; + + /* FALLTHRU */ + case 6: + b |= ((uint64_t)ni[5]) << 40; + + /* FALLTHRU */ + case 5: + b |= ((uint64_t)ni[4]) << 32; + + /* FALLTHRU */ + case 4: + b |= ((uint64_t)ni[3]) << 24; + + /* FALLTHRU */ + case 3: + b |= ((uint64_t)ni[2]) << 16; + + /* FALLTHRU */ + case 2: + b |= ((uint64_t)ni[1]) << 8; + + /* FALLTHRU */ + case 1: + b |= ((uint64_t)ni[0]); + break; + + case 0: + break; + } + + v3 ^= b; + + TRACE; + for (i = 0; i < cROUNDS; ++i) + { + SIPROUND; + } + + v0 ^= b; + + if (outlen == 16) + { + v2 ^= 0xee; + } + else + { + v2 ^= 0xff; + } + + TRACE; + for (i = 0; i < dROUNDS; ++i) + { + SIPROUND; + } + + b = v0 ^ v1 ^ v2 ^ v3; + U64TO8_LE(out, b); + + if (outlen == 8) + { + return 0; + } + + v1 ^= 0xdd; + + TRACE; + for (i = 0; i < dROUNDS; ++i) + { + SIPROUND; + } + + b = v0 ^ v1 ^ v2 ^ v3; + U64TO8_LE(out + 8, b); + + return 0; +} diff --git a/src/openvpn/siphash.h b/src/openvpn/siphash.h new file mode 100644 index 000000000..d26ee36ec --- /dev/null +++ b/src/openvpn/siphash.h @@ -0,0 +1,31 @@ +/* + * SipHash reference C implementation + * + * Copyright (c) 2012-2021 Jean-Philippe Aumasson + * + * Copyright (c) 2012-2014 Daniel J. Bernstein + * + * To the extent possible under law, the author(s) have dedicated all copyright + * and related and neighboring rights to this software to the public domain + * worldwide. This software is distributed without any warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication along + * with + * this software. If not, see + * . + */ + +#ifndef SIPHASH_H +#define SIPHASH_H + +#include +#include + +int siphash(const void *in, size_t inlen, const void *k, uint8_t *out, + size_t outlen); + +/* siphash always uses 128-bit keys */ +#define SIPHASH_KEY_SIZE 16 +#define SIPHASH_HASH_SIZE 16 + +#endif