vpncloud/src/crypto.rs

// VpnCloud - Peer-to-Peer VPN
// Copyright (C) 2015-2017  Dennis Schwerdel
// This software is licensed under GPL-3 or newer (see LICENSE.md)

use ring::aead::*;
use ring::pbkdf2;
use ring::rand::*;
use ring::digest::*;

use super::types::Error;


#[derive(Serialize, Deserialize, Debug, PartialEq, Clone, Copy)]
pub enum CryptoMethod {
    #[serde(rename = "chacha20")]
    ChaCha20,
    #[serde(rename = "aes256")]
    AES256
}

pub struct CryptoData {
    sealing_key: SealingKey,
    opening_key: OpeningKey,
    nonce: Vec<u8>
}

#[allow(unknown_lints, clippy::large_enum_variant)]
pub enum Crypto {
    None,
    ChaCha20Poly1305(CryptoData),
    AES256GCM(CryptoData)
}

fn inc_nonce(nonce: &mut [u8]) {
    let l = nonce.len();
    for i in (0..l).rev() {
        let mut num = nonce[i];
        num = num.wrapping_add(1);
        nonce[i] = num;
        if num > 0 {
            return
        }
    }
    warn!("Nonce overflowed");
}


impl Crypto {
    #[inline]
    pub fn init() {
    }

    #[inline]
    pub fn sodium_version() -> String {
        "0".to_string()
    }

    #[inline]
    pub fn aes256_available() -> bool {
        true
    }

    #[inline]
    pub fn method(&self) -> u8 {
        match *self {
            Crypto::None => 0,
            Crypto::ChaCha20Poly1305{..} => 1,
            Crypto::AES256GCM{..} => 2
        }
    }

    #[inline]
    pub fn nonce_bytes(&self) -> usize {
        match *self {
            Crypto::None => 0,
            Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) => data.sealing_key.algorithm().nonce_len()
        }
    }

    #[inline]
    #[allow(unknown_lints,clippy::match_same_arms)]
    pub fn additional_bytes(&self) -> usize {
        match *self {
            Crypto::None => 0,
            Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) => data.sealing_key.algorithm().tag_len()
        }
    }

    pub fn from_shared_key(method: CryptoMethod, password: &str) -> Self {
        let algo = match method {
            CryptoMethod::ChaCha20 => &CHACHA20_POLY1305,
            CryptoMethod::AES256 => &AES_256_GCM
        };
        let mut key: Vec<u8> = Vec::with_capacity(algo.key_len());
        for _ in 0..algo.key_len() {
            key.push(0);
        }
        let salt = b"vpncloudVPNCLOUDvpncl0udVpnCloud";
        pbkdf2::derive(&SHA256, 4096, salt, password.as_bytes(), &mut key);
        let sealing_key = SealingKey::new(algo, &key[..algo.key_len()]).expect("Failed to create key");
        let opening_key = OpeningKey::new(algo, &key[..algo.key_len()]).expect("Failed to create key");
        let mut nonce: Vec<u8> = Vec::with_capacity(algo.nonce_len());
        for _ in 0..algo.nonce_len() {
            nonce.push(0);
        }
        if SystemRandom::new().fill(&mut nonce).is_err() {
            fail!("Randomizing nonce failed");
        }
        let data = CryptoData { sealing_key, opening_key, nonce };
        match method {
            CryptoMethod::ChaCha20 => Crypto::ChaCha20Poly1305(data),
            CryptoMethod::AES256 => Crypto::AES256GCM(data)
        }
    }

    pub fn decrypt(&self, buf: &mut [u8], nonce: &[u8], header: &[u8]) -> Result<usize, Error> {
        match *self {
            Crypto::None => Ok(buf.len()),
            Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) => {
                match open_in_place(&data.opening_key, nonce, header, 0, buf) {
                   Ok(plaintext) => Ok(plaintext.len()),
                   Err(_) => Err(Error::Crypto("Failed to decrypt"))
                }
            }
        }
    }

    pub fn encrypt(&mut self, buf: &mut [u8], mlen: usize, nonce_bytes: &mut [u8], header: &[u8]) -> usize {
        let tag_len = self.additional_bytes();
        match *self {
            Crypto::None => mlen,
            Crypto::ChaCha20Poly1305(ref mut data) | Crypto::AES256GCM(ref mut data) => {
                inc_nonce(&mut data.nonce);
                assert!(buf.len() - mlen >= tag_len);
                let buf = &mut buf[.. mlen + tag_len];
                let new_len = seal_in_place(&data.sealing_key, &data.nonce, header, buf, tag_len).expect("Failed to encrypt");
                nonce_bytes.clone_from_slice(&data.nonce);
                new_len
            }
        }
    }
}
Added license and copyright information 2016-02-05 15:58:32 +00:00			`// VpnCloud - Peer-to-Peer VPN`
Updated copyright headers 2017-07-22 14:49:53 +00:00			`// Copyright (C) 2015-2017 Dennis Schwerdel`
Added license and copyright information 2016-02-05 15:58:32 +00:00			`// This software is licensed under GPL-3 or newer (see LICENSE.md)`

Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`use ring::aead::*;`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`use ring::pbkdf2;`
			`use ring::rand::*;`
			`use ring::digest::*;`
Include libsodium in builds 2015-11-30 16:27:50 +00:00
			`use super::types::Error;`


Many changes for 0.9.0 2019-01-10 18:36:50 +00:00			`#[derive(Serialize, Deserialize, Debug, PartialEq, Clone, Copy)]`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`pub enum CryptoMethod {`
Fixed tests and serialization constants 2017-07-22 14:42:32 +00:00			`#[serde(rename = "chacha20")]`
			`ChaCha20,`
			`#[serde(rename = "aes256")]`
			`AES256`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`

Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`pub struct CryptoData {`
			`sealing_key: SealingKey,`
			`opening_key: OpeningKey,`
			`nonce: Vec<u8>`
			`}`

Removed libsodium completely 2019-01-08 19:32:47 +00:00			`#[allow(unknown_lints, clippy::large_enum_variant)]`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`pub enum Crypto {`
			`None,`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`ChaCha20Poly1305(CryptoData),`
			`AES256GCM(CryptoData)`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`

Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`fn inc_nonce(nonce: &mut [u8]) {`
			`let l = nonce.len();`
			`for i in (0..l).rev() {`
			`let mut num = nonce[i];`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`num = num.wrapping_add(1);`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`nonce[i] = num;`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`if num > 0 {`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`return`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`
			`}`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`warn!("Nonce overflowed");`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`


			`impl Crypto {`
Code cleanup 2016-06-29 06:43:39 +00:00			`#[inline]`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`pub fn init() {`
			`}`

Code cleanup 2016-06-29 06:43:39 +00:00			`#[inline]`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`pub fn sodium_version() -> String {`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`"0".to_string()`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`

Code cleanup 2016-06-29 06:43:39 +00:00			`#[inline]`
Checking AES support 2015-11-30 22:04:24 +00:00			`pub fn aes256_available() -> bool {`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`true`
Checking AES support 2015-11-30 22:04:24 +00:00			`}`

Code cleanup 2016-06-29 06:43:39 +00:00			`#[inline]`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`pub fn method(&self) -> u8 {`
Making clippy happy 2016-06-11 14:08:57 +00:00			`match *self {`
			`Crypto::None => 0,`
			`Crypto::ChaCha20Poly1305{..} => 1,`
			`Crypto::AES256GCM{..} => 2`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`
			`}`

Code cleanup 2016-06-29 06:43:39 +00:00			`#[inline]`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`pub fn nonce_bytes(&self) -> usize {`
Making clippy happy 2016-06-11 14:08:57 +00:00			`match *self {`
			`Crypto::None => 0,`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`Crypto::ChaCha20Poly1305(ref data) \| Crypto::AES256GCM(ref data) => data.sealing_key.algorithm().nonce_len()`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`
			`}`

Code cleanup 2016-06-29 06:43:39 +00:00			`#[inline]`
Updated dependencies 2019-01-01 23:35:14 +00:00			`#[allow(unknown_lints,clippy::match_same_arms)]`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`pub fn additional_bytes(&self) -> usize {`
Making clippy happy 2016-06-11 14:08:57 +00:00			`match *self {`
			`Crypto::None => 0,`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`Crypto::ChaCha20Poly1305(ref data) \| Crypto::AES256GCM(ref data) => data.sealing_key.algorithm().tag_len()`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`
			`}`

			`pub fn from_shared_key(method: CryptoMethod, password: &str) -> Self {`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`let algo = match method {`
			`CryptoMethod::ChaCha20 => &CHACHA20_POLY1305,`
			`CryptoMethod::AES256 => &AES_256_GCM`
			`};`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`let mut key: Vec<u8> = Vec::with_capacity(algo.key_len());`
			`for _ in 0..algo.key_len() {`
			`key.push(0);`
			`}`
			`let salt = b"vpncloudVPNCLOUDvpncl0udVpnCloud";`
			`pbkdf2::derive(&SHA256, 4096, salt, password.as_bytes(), &mut key);`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`let sealing_key = SealingKey::new(algo, &key[..algo.key_len()]).expect("Failed to create key");`
			`let opening_key = OpeningKey::new(algo, &key[..algo.key_len()]).expect("Failed to create key");`
			`let mut nonce: Vec<u8> = Vec::with_capacity(algo.nonce_len());`
			`for _ in 0..algo.nonce_len() {`
			`nonce.push(0);`
			`}`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`if SystemRandom::new().fill(&mut nonce).is_err() {`
			`fail!("Randomizing nonce failed");`
			`}`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`let data = CryptoData { sealing_key, opening_key, nonce };`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`match method {`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`CryptoMethod::ChaCha20 => Crypto::ChaCha20Poly1305(data),`
			`CryptoMethod::AES256 => Crypto::AES256GCM(data)`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`
			`}`

Fixed wrong address 2019-01-01 21:55:15 +00:00			`pub fn decrypt(&self, buf: &mut [u8], nonce: &[u8], header: &[u8]) -> Result<usize, Error> {`
Making clippy happy 2016-06-11 14:08:57 +00:00			`match *self {`
			`Crypto::None => Ok(buf.len()),`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`Crypto::ChaCha20Poly1305(ref data) \| Crypto::AES256GCM(ref data) => {`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`match open_in_place(&data.opening_key, nonce, header, 0, buf) {`
			`Ok(plaintext) => Ok(plaintext.len()),`
			`Err(_) => Err(Error::Crypto("Failed to decrypt"))`
			`}`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`
			`}`
			`}`

Fixed wrong address 2019-01-01 21:55:15 +00:00			`pub fn encrypt(&mut self, buf: &mut [u8], mlen: usize, nonce_bytes: &mut [u8], header: &[u8]) -> usize {`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`let tag_len = self.additional_bytes();`
Making clippy happy 2016-06-11 14:08:57 +00:00			`match *self {`
			`Crypto::None => mlen,`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`Crypto::ChaCha20Poly1305(ref mut data) \| Crypto::AES256GCM(ref mut data) => {`
			`inc_nonce(&mut data.nonce);`
			`assert!(buf.len() - mlen >= tag_len);`
			`let buf = &mut buf[.. mlen + tag_len];`
Removed libsodium completely 2019-01-08 19:32:47 +00:00			`let new_len = seal_in_place(&data.sealing_key, &data.nonce, header, buf, tag_len).expect("Failed to encrypt");`
			`nonce_bytes.clone_from_slice(&data.nonce);`
Ring instead of libsodium 2019-01-04 12:53:12 +00:00			`new_len`
Include libsodium in builds 2015-11-30 16:27:50 +00:00			`}`
			`}`
			`}`
			`}`