vacp2p/nim-libp2p-experimental
1
0
Fork 0
mirror of https://github.com/vacp2p/nim-libp2p-experimental.git synced 2025-01-28 11:05:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
nim-libp2p-experimental/libp2p/crypto/chacha20poly1305.nim
Giovanni Petrantoni c02fca25f8
Noise (#90) 
* Start ChaCha20Poly1305 integration (BearSSL)

* Add Curve25519 (BearSSL) required operations for noise

* Fix curve mulgen iterate/derive

* Fix misleading header

* Add chachapoly proper test

* Curve25519 integration tests (failing, something is wrong)

* Add few converters, finish c25519 integration tests

* Remove implicit converters

* removed internal globals

* Start noise implementation

* Fix public() using proper bear mulgen

* Noise protocol WIP

* Noise progress

* Add a quick nim version of HKDF

* Converted hkdf to iterator, useful for noise

* Noise protocol implementation progress

* Noise progress

* XX handshake almost there

* noise progress

* Noise, testing handshake with test vectors

* Noise handshake progress, still wrong somewhere!

* Noise handshake success!

* Full verified noise XX handshake completed

* Fix and rewrite test to be similar to switch one

* Start with connection upgrade

* Switch chachapoly to CT implementations

* Improve HKDF implementation

* Use a type insted of tuple for HandshakeResult

* Remove unnecessary Let

* More cosmetic fixes

* Properly check randomBytes result

* Fix chachapoly signature

* Noise full circle (altho dispatcher is nil cursed)

* Allow nil aads in chachapoly routines

* Noise implementation up to running full test

* Use bearssl HKDF as well

* Directly use bearssl rng for curve25519 keys

* Add a (disabled/no CI) noise interop test server

* WIP on fixing interop issues

* More fixes in noise implementation for interop

* bump chronos requirement (nimble)

* Add a chachapoly test for very small size payloads

* Noise, more tracing

* Add 2 properly working noise tests

* Fix payload packing, following the spec properly (and not go version but
rather rust)

* Sanity, replace discard with asyncCheck

* Small fixes and optimization

* Use stew endian2 rather then system endian module

* Update nimble deps (chronos)

* Minor cosmetic/code sanity fixes

* Noise, handle Nonce max

* Noise tests, make sure to close secured conns

* More polish, improve code readability too

* More polish and testing again which test fails

* Further polishing

* Restore noise tests

* Remove useless Future[void]

* Remove useless CipherState initializer

* add a proper read wait future in second noise test

* Remove noise generic secure implementation for now

* Few fixes to run eth2 sim

* Add more debug info in noise traces

* Merge size + payload write in sendEncryptedMessage

* Revert secure interface, add outgoing property directly in newNoise

* remove sendEncrypted and receiveEncrypted

* Use openarray in chachapoly and curve25519 helpers
2020-03-17 13:30:01 +01:00

102 lines
2.7 KiB
Nim
Raw Blame History

## Nim-Libp2p
## Copyright (c) 2020 Status Research & Development GmbH
## Licensed under either of
## * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE))
## * MIT license ([LICENSE-MIT](LICENSE-MIT))
## at your option.
## This file may not be copied, modified, or distributed except according to
## those terms.
## This module integrates BearSSL ChaCha20+Poly1305
##
## This module uses unmodified parts of code from
## BearSSL library <https://bearssl.org/>
## Copyright(C) 2018 Thomas Pornin <pornin@bolet.org>.
# RFC @ https://tools.ietf.org/html/rfc7539
import bearssl
const
ChaChaPolyKeySize = 32
ChaChaPolyNonceSize = 12
ChaChaPolyTagSize = 16
type
ChaChaPoly* = object
ChaChaPolyKey* = array[ChaChaPolyKeySize, byte]
ChaChaPolyNonce* = array[ChaChaPolyNonceSize, byte]
ChaChaPolyTag* = array[ChaChaPolyTagSize, byte]
proc intoChaChaPolyKey*(s: openarray[byte]): ChaChaPolyKey =
assert s.len == ChaChaPolyKeySize
copyMem(addr result[0], unsafeaddr s[0], ChaChaPolyKeySize)
proc intoChaChaPolyNonce*(s: openarray[byte]): ChaChaPolyNonce =
assert s.len == ChaChaPolyNonceSize
copyMem(addr result[0], unsafeaddr s[0], ChaChaPolyNonceSize)
proc intoChaChaPolyTag*(s: openarray[byte]): ChaChaPolyTag =
assert s.len == ChaChaPolyTagSize
copyMem(addr result[0], unsafeaddr s[0], ChaChaPolyTagSize)
# bearssl allows us to use optimized versions
# this is reconciled at runtime
# we do this in the global scope / module init
template fetchImpl: untyped =
# try for the best first
let
chachapoly_native_impl {.inject.}: Poly1305Run = poly1305CtmulRun
chacha_native_impl {.inject.}: Chacha20Run = chacha20CtRun
proc encrypt*(_: type[ChaChaPoly],
key: ChaChaPolyKey,
nonce: ChaChaPolyNonce,
tag: var ChaChaPolyTag,
data: var openarray[byte],
aad: openarray[byte]) =
fetchImpl()
let
ad = if aad.len > 0:
unsafeaddr aad[0]
else:
nil
chachapoly_native_impl(
unsafeaddr key[0],
unsafeaddr nonce[0],
addr data[0],
data.len,
ad,
aad.len,
addr tag[0],
chacha_native_impl,
#[encrypt]# 1.cint)
proc decrypt*(_: type[ChaChaPoly],
key: ChaChaPolyKey,
nonce: ChaChaPolyNonce,
tag: var ChaChaPolyTag,
data: var openarray[byte],
aad: openarray[byte]) =
fetchImpl()
let
ad = if aad.len > 0:
unsafeaddr aad[0]
else:
nil
chachapoly_native_impl(
unsafeaddr key[0],
unsafeaddr nonce[0],
addr data[0],
data.len,
ad,
aad.len,
addr tag[0],
chacha_native_impl,
#[decrypt]# 0.cint)
Reference in New Issue View Git Blame Copy Permalink