From patchwork Sat Sep 21 14:16:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "flichtenheld (Code Review)" X-Patchwork-Id: 3848 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:10cd:b0:5b9:581e:f939 with SMTP id j13csp1337595mae; Sat, 21 Sep 2024 07:16:50 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWKLscqqPXpK2csKZerKTHByQr+n124oRSpSyBbYUzSFvB2a9WYTGjynWk82PrzPW6xG4YfixjBzc4=@openvpn.net X-Google-Smtp-Source: AGHT+IEt2zX3hxt1/mC+aIpUBvNd5faa9LrD6x488p2zpQ1oRzf3VUl5PmWGFVQlPpe/fBBgN+FR X-Received: by 2002:a05:6602:13cc:b0:82a:a7c6:dae1 with SMTP id ca18e2360f4ac-8320b34e71cmr473937339f.13.1726928210025; Sat, 21 Sep 2024 07:16:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1726928210; cv=none; d=google.com; s=arc-20240605; b=KWhlyEg/TbsFatICXz7erSADJ/vkV1ryN/+83+QGPjHYHALLd1jLziXf6jisJWeUN2 2s7Su8GOwXGICO0w64ikySL499wIaQcGNf2X57AlCtRfxBe827UzhTV5Ibe6PK08hroW XYWCRSZvh58Ro3/wdzk8nhJykQEamOiLYmiyiuor1ZUoYVQ4alJDjW/GqBD9bnUGWfDJ NC388yAhr8tKj5A6B1WGhjU0DaTDsgQj89dPhOKQE9xMug6qXmovnOl9jITEBWZ8LR5E 5DjwxPLdQ9nLF57yGtMY+Q4EKzHcqGmScp88ewwKgEZyPbtsUYHrqgo1e9hXP/1v3KTw j/iw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:date:from :dkim-signature:dkim-signature:dkim-signature; bh=LCzY/ZS17N8u072YSpmoeyynbQ6DS67BCI9WTJ6nW34=; fh=smjZBu6iNkWiUqneddhXe9SViGbN07L/0qKvVAHuico=; b=Anx6YqHoY4ohh+XE5fpFVuLnJUtstYzNIOUAwyRh6bFSt09w8nLW7iPU9OuZBWzqHY 8vzSZ/I1C0en+id8qAKRMl1czFOrjR3zXO+Bi4DEDWTsWC2ufZeZE14r9no6jcbLs6Wp B53iS4vW9IEwtMJtsPI9X9h+Rs8eCrBCjrgn21N0Wg/1kVmHT30o7yLTmnonPnNxcDtO H3FuwpmzHHugaACvHM5sEnlbTIQtqcNfaWJW//B+PkpJAn8MfARwb9ybatyHGV18j5dg EWeumOx6BpJ5NhkJFdj7xWCvkpVrbjy/Wxz3ykc2lrqbmOTbwtC6KLX1x9uSTinTUFsx Qiog==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ShlX78ja; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=StjYzXls; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=LSAZyV7b; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id ca18e2360f4ac-82d4936543asi748623939f.147.2024.09.21.07.16.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 21 Sep 2024 07:16:49 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ShlX78ja; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=StjYzXls; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=LSAZyV7b; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1ss0ue-0006pQ-Vr; Sat, 21 Sep 2024 14:16:40 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1ss0ud-0006pB-AE for openvpn-devel@lists.sourceforge.net; Sat, 21 Sep 2024 14:16:39 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:Date:From :Sender:To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=9B2/ctVrvQ7+jSCITxHUeRUdK6WuIil6LI9WJv5Y9KU=; b=ShlX78jaSM69DZ3w3P+qIFn+YB kIhMTJ/EyfkstLg+jxRw9vIL22peMIJsYZdvMERfFeKU5ZLD+7c5/fBSIWk2jxDWFRQ/mfZXHxs5A t3j06US5UuCh11i/Wet4t32LAEHM6/5Y1vSJjc/BkR7A82XtyAk8pnT1J9Mbn8n88B7I=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:Date:From:Sender:To:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=9B2/ctVrvQ7+jSCITxHUeRUdK6WuIil6LI9WJv5Y9KU=; b=S tjYzXlsc6IYxxLkjZVOn/hoBw5m1Y0Wci6R0K2aoBPpGAaXSmnE/cVRSvvCNTFpZY1zskpr3Q7kNF wIXeW8qwPaDvbIZDwo5HOQp3F1+Q24+8vDL10fgeHATr4GItoOQBzVhJnVR8O6BXt6Y3jDpTo4ONd S3NOsy9fgEF/Q+Yw=; Received: from mail-wm1-f53.google.com ([209.85.128.53]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1ss0ub-0002rs-Os for openvpn-devel@lists.sourceforge.net; Sat, 21 Sep 2024 14:16:39 +0000 Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-42e82f7f36aso4373705e9.0 for ; Sat, 21 Sep 2024 07:16:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1726928191; x=1727532991; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:date:from:from:to:cc :subject:date:message-id:reply-to; bh=9B2/ctVrvQ7+jSCITxHUeRUdK6WuIil6LI9WJv5Y9KU=; b=LSAZyV7b4tFi/F60jFTemu5h9NaMTT61dNaK1PWNnmKJofJU5NB/q0MAPYMAEjab/s MjW5cUFwB868mU15wLpsxQTT+NEorELZvuKmyTX5XoEd/RZySrOuQLqgG5MjMU5x+uX1 5gJcsbh35zhqPsSfHS8BkbWMMJMePRp3YK/EZal9XsQk8aUuWP4jqKftqYhF1+NVq7yp HaSmxBYPlE0f9LDqplpZ55mDuBY4JCPIgg8xyYRyDLoY3eeXhrrHkENmvPkPLkIHq5ii eW+UEmEYv6m/ioap+gMjQJMx8HjS0XX8kEmZx2BTj+6W4iA4zM6Yh1eKKlMMXVf7amYK HKng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726928191; x=1727532991; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=9B2/ctVrvQ7+jSCITxHUeRUdK6WuIil6LI9WJv5Y9KU=; b=dqROCSf/FKJf5xb3BMMhlSkAUhBubXVFy2Z5PxlkfFB707z9+AOhfl9EE+4EUxpPt/ hw74Bg8tnbUnSH3VcDpoY+gbsr//bZfy59nn75mjQdXMKMoHkkWYpU/GJ/HLYetl4H+p wpSnmTEzOqSXhS0m3MsRc8M1LMzFWvwdgrogd0N/jSeXR8FOFivi/IrOk/uVV5akZ5I9 FTvdG8234QOPX+iVqxizTsj6zAYABemSLDEBMtJidg71nHQOJjs8DGPZstk2Gn1/Jz1E VYKiESLWKNuqC3a4QcCH7qX6ts0GPib/3djC0zVIx/10IBbFvCmDidixFWramoO+xOWU TzUQ== X-Gm-Message-State: AOJu0Yz2emEo3fmgjTOxUWXEYr3JcCBFoD+eU7LCYQWVYjgas0A9oofO bEkQLbGE7CPLNMhwC13nGFSCQbV+NW1lTRvlDTcfNtjle6JsSAZTQAMglYMHURiVfSDBh8iPODZ o X-Received: by 2002:a05:600c:4f07:b0:42c:b2fa:1c15 with SMTP id 5b1f17b1804b1-42e7abfcbc0mr43649725e9.15.1726928189982; Sat, 21 Sep 2024 07:16:29 -0700 (PDT) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-378e78054cesm20222767f8f.108.2024.09.21.07.16.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 21 Sep 2024 07:16:29 -0700 (PDT) From: "plaisthos (Code Review)" X-Google-Original-From: "plaisthos (Code Review)" X-Gerrit-PatchSet: 6 Date: Sat, 21 Sep 2024 14:16:28 +0000 Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: I1292894fe7f537049a97bee97af4419e5e854a00 X-Gerrit-Change-Number: 29 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: 9a0182bba221d885c91fc510ec8678c061c608a0 References: Message-ID: <1f8129cefc768d6c5da3de4b65aa236b0d80dbe6-HTML@gerrit.openvpn.net> MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -0.0 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: flichtenheld. plaisthos has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/29?usp=email ) Change subject: Add siphash reference implementation Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.53 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -1.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.53 listed in wl.mailspike.net] 1.2 MISSING_HEADERS Missing To: header 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1ss0ub-0002rs-Os Subject: [Openvpn-devel] [L] Change in openvpn[master]: Add siphash reference implementation X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1810815475173705495?= X-GMAIL-MSGID: =?utf-8?q?1810815475173705495?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: flichtenheld. plaisthos has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/29?usp=email ) Change subject: Add siphash reference implementation ...................................................................... Add siphash reference implementation OpenSSL only supports SIPHASH with OpenSSL 3.1 and newer. The source code of siphash is quite small and has very liberal CC0 license, so include it instead of pulling an extra library for it. Change-Id: I1292894fe7f537049a97bee97af4419e5e854a00 Signed-off-by: Arne Schwabe --- A src/openvpn/siphash.h A src/openvpn/siphash_reference.c 2 files changed, 254 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/29/29/6 diff --git a/src/openvpn/siphash.h b/src/openvpn/siphash.h new file mode 100644 index 0000000..d26ee36 --- /dev/null +++ b/src/openvpn/siphash.h @@ -0,0 +1,31 @@ +/* + * SipHash reference C implementation + * + * Copyright (c) 2012-2021 Jean-Philippe Aumasson + * + * Copyright (c) 2012-2014 Daniel J. Bernstein + * + * To the extent possible under law, the author(s) have dedicated all copyright + * and related and neighboring rights to this software to the public domain + * worldwide. This software is distributed without any warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication along + * with + * this software. If not, see + * . + */ + +#ifndef SIPHASH_H +#define SIPHASH_H + +#include +#include + +int siphash(const void *in, size_t inlen, const void *k, uint8_t *out, + size_t outlen); + +/* siphash always uses 128-bit keys */ +#define SIPHASH_KEY_SIZE 16 +#define SIPHASH_HASH_SIZE 16 + +#endif diff --git a/src/openvpn/siphash_reference.c b/src/openvpn/siphash_reference.c new file mode 100644 index 0000000..35af707 --- /dev/null +++ b/src/openvpn/siphash_reference.c @@ -0,0 +1,223 @@ +/* + * SipHash reference C implementation + * + * Copyright 2012-2024 JP Aumasson + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + * + */ + +/* Note: the reference implementation is also available under CC0 license + * (dual licensed) we included the MIT license here since it is shorter */ + + #include "siphash.h" +#include +#include +#include + +/* default: SipHash-2-4 */ +#ifndef cROUNDS +#define cROUNDS 2 +#endif +#ifndef dROUNDS +#define dROUNDS 4 +#endif + +#define ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b)))) + +#define U32TO8_LE(p, v) \ + (p)[0] = (uint8_t)((v)); \ + (p)[1] = (uint8_t)((v) >> 8); \ + (p)[2] = (uint8_t)((v) >> 16); \ + (p)[3] = (uint8_t)((v) >> 24); + +#define U64TO8_LE(p, v) \ + U32TO8_LE((p), (uint32_t)((v))); \ + U32TO8_LE((p) + 4, (uint32_t)((v) >> 32)); + +#define U8TO64_LE(p) \ + (((uint64_t)((p)[0])) | ((uint64_t)((p)[1]) << 8) \ + |((uint64_t)((p)[2]) << 16) | ((uint64_t)((p)[3]) << 24) \ + |((uint64_t)((p)[4]) << 32) | ((uint64_t)((p)[5]) << 40) \ + |((uint64_t)((p)[6]) << 48) | ((uint64_t)((p)[7]) << 56)) + +#define SIPROUND \ + do { \ + v0 += v1; \ + v1 = ROTL(v1, 13); \ + v1 ^= v0; \ + v0 = ROTL(v0, 32); \ + v2 += v3; \ + v3 = ROTL(v3, 16); \ + v3 ^= v2; \ + v0 += v3; \ + v3 = ROTL(v3, 21); \ + v3 ^= v0; \ + v2 += v1; \ + v1 = ROTL(v1, 17); \ + v1 ^= v2; \ + v2 = ROTL(v2, 32); \ + } while (0) + +#ifdef DEBUG_SIPHASH +#include + +#define TRACE \ + do { \ + printf("(%3zu) v0 %016" PRIx64 "\n", inlen, v0); \ + printf("(%3zu) v1 %016" PRIx64 "\n", inlen, v1); \ + printf("(%3zu) v2 %016" PRIx64 "\n", inlen, v2); \ + printf("(%3zu) v3 %016" PRIx64 "\n", inlen, v3); \ + } while (0) +#else /* ifdef DEBUG_SIPHASH */ +#define TRACE +#endif + +/* + * Computes a SipHash value + * in: pointer to input data (read-only) + * inlen: input data length in bytes (any size_t value) + * k: pointer to the key data (read-only), must be 16 bytes + * out: pointer to output data (write-only), outlen bytes must be allocated + * outlen: length of the output in bytes, must be 8 or 16 + */ +int +siphash(const void *in, const size_t inlen, const void *k, uint8_t *out, + const size_t outlen) +{ + + const unsigned char *ni = (const unsigned char *)in; + const unsigned char *kk = (const unsigned char *)k; + + assert((outlen == 8) || (outlen == 16)); + uint64_t v0 = UINT64_C(0x736f6d6570736575); + uint64_t v1 = UINT64_C(0x646f72616e646f6d); + uint64_t v2 = UINT64_C(0x6c7967656e657261); + uint64_t v3 = UINT64_C(0x7465646279746573); + uint64_t k0 = U8TO64_LE(kk); + uint64_t k1 = U8TO64_LE(kk + 8); + uint64_t m; + int i; + const unsigned char *end = ni + inlen - (inlen % sizeof(uint64_t)); + const int left = inlen & 7; + uint64_t b = ((uint64_t)inlen) << 56; + v3 ^= k1; + v2 ^= k0; + v1 ^= k1; + v0 ^= k0; + + if (outlen == 16) + { + v1 ^= 0xee; + } + + for (; ni != end; ni += 8) + { + m = U8TO64_LE(ni); + v3 ^= m; + + TRACE; + for (i = 0; i < cROUNDS; ++i) + { + SIPROUND; + } + + v0 ^= m; + } + + switch (left) + { + case 7: + b |= ((uint64_t)ni[6]) << 48; + + /* FALLTHRU */ + case 6: + b |= ((uint64_t)ni[5]) << 40; + + /* FALLTHRU */ + case 5: + b |= ((uint64_t)ni[4]) << 32; + + /* FALLTHRU */ + case 4: + b |= ((uint64_t)ni[3]) << 24; + + /* FALLTHRU */ + case 3: + b |= ((uint64_t)ni[2]) << 16; + + /* FALLTHRU */ + case 2: + b |= ((uint64_t)ni[1]) << 8; + + /* FALLTHRU */ + case 1: + b |= ((uint64_t)ni[0]); + break; + + case 0: + break; + } + + v3 ^= b; + + TRACE; + for (i = 0; i < cROUNDS; ++i) + { + SIPROUND; + } + + v0 ^= b; + + if (outlen == 16) + { + v2 ^= 0xee; + } + else + { + v2 ^= 0xff; + } + + TRACE; + for (i = 0; i < dROUNDS; ++i) + { + SIPROUND; + } + + b = v0 ^ v1 ^ v2 ^ v3; + U64TO8_LE(out, b); + + if (outlen == 8) + { + return 0; + } + + v1 ^= 0xdd; + + TRACE; + for (i = 0; i < dROUNDS; ++i) + { + SIPROUND; + } + + b = v0 ^ v1 ^ v2 ^ v3; + U64TO8_LE(out + 8, b); + + return 0; +}