mirror of https://github.com/dswd/vpncloud.git
Compare commits
No commits in common. "32a506be2fb1534bcf81f60639b0a4daf00d3b0a" and "b6dafdaeeedf1cfd20a539bff5f7d4e4935ae80f" have entirely different histories.
32a506be2f
...
b6dafdaeee
|
|
@ -2,13 +2,6 @@
|
|||
|
||||
This project follows [semantic versioning](http://semver.org).
|
||||
|
||||
|
||||
### UNRELEASED
|
||||
|
||||
- [added] Added crypto option AES128
|
||||
- [changed] Updated dependencies
|
||||
|
||||
|
||||
### v1.4.0 (2020-06-03)
|
||||
|
||||
- [added] Added option to listen on specified IP
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "igd"
|
||||
version = "0.11.1"
|
||||
version = "0.11.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"attohttpc 0.10.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -260,7 +260,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
dependencies = [
|
||||
"proc-macro-error-attr 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"version_check 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
|
@ -271,7 +271,7 @@ version = "1.0.2"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn-mid 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"version_check 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -292,7 +292,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "quote"
|
||||
version = "1.0.7"
|
||||
version = "1.0.6"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -399,7 +399,7 @@ version = "1.0.111"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
|
|
@ -455,11 +455,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
|
||||
[[package]]
|
||||
name = "standback"
|
||||
version = "0.2.9"
|
||||
version = "0.2.8"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"version_check 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "stdweb"
|
||||
|
|
@ -480,7 +477,7 @@ version = "0.5.3"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde 1.0.111 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde_derive 1.0.111 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -493,7 +490,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
dependencies = [
|
||||
"base-x 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde 1.0.111 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde_derive 1.0.111 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"serde_json 1.0.53 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -529,7 +526,7 @@ dependencies = [
|
|||
"heck 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"proc-macro-error 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
|
|
@ -539,7 +536,7 @@ version = "1.0.30"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"unicode-xid 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
|
|
@ -549,7 +546,7 @@ version = "0.5.0"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
|
|
@ -581,7 +578,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
dependencies = [
|
||||
"cfg-if 0.1.10 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"libc 0.2.71 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"standback 0.2.9 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"standback 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"stdweb 0.4.20 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"time-macros 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"version_check 0.9.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -604,8 +601,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||
dependencies = [
|
||||
"proc-macro-hack 0.5.16 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"standback 0.2.9 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"standback 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
|
|
@ -677,7 +674,7 @@ dependencies = [
|
|||
"cc 1.0.54 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"daemonize 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"fnv 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"igd 0.11.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"igd 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"libc 0.2.71 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -718,7 +715,7 @@ dependencies = [
|
|||
"lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"wasm-bindgen-shared 0.2.63 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
|
@ -728,7 +725,7 @@ name = "wasm-bindgen-macro"
|
|||
version = "0.2.63"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"wasm-bindgen-macro-support 0.2.63 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
]
|
||||
|
||||
|
|
@ -738,7 +735,7 @@ version = "0.2.63"
|
|||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
dependencies = [
|
||||
"proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"syn 1.0.30 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"wasm-bindgen-backend 0.2.63 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"wasm-bindgen-shared 0.2.63 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
|
|
@ -819,7 +816,7 @@ dependencies = [
|
|||
"checksum hermit-abi 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)" = "91780f809e750b0a89f5544be56617ff6b1227ee485bcb06ebe10cdf89bd3b71"
|
||||
"checksum http 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "28d569972648b2c512421b5f2a405ad6ac9666547189d0c5477a3f200f3e02f9"
|
||||
"checksum idna 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "02e2673c30ee86b5b96a9cb52ad15718aa1f966f5ab9ad54a8b95d5ca33120a9"
|
||||
"checksum igd 0.11.1 (registry+https://github.com/rust-lang/crates.io-index)" = "2fd32c880165b2f776af0b38d206d1cabaebcf46c166ac6ae004a5d45f7d48ef"
|
||||
"checksum igd 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "9e8cad093dcfafa3770b737b9d570cf4d44177e90785385716d90322ef60ddc4"
|
||||
"checksum itoa 0.4.5 (registry+https://github.com/rust-lang/crates.io-index)" = "b8b7a7c0c47db5545ed3fef7468ee7bb5b74691498139e4b3f6a20685dc6dd8e"
|
||||
"checksum js-sys 0.3.40 (registry+https://github.com/rust-lang/crates.io-index)" = "ce10c23ad2ea25ceca0093bd3192229da4c5b3c0f2de499c1ecac0d98d452177"
|
||||
"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
|
||||
|
|
@ -838,7 +835,7 @@ dependencies = [
|
|||
"checksum proc-macro-error-attr 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "4f5444ead4e9935abd7f27dc51f7e852a0569ac888096d5ec2499470794e2e53"
|
||||
"checksum proc-macro-hack 0.5.16 (registry+https://github.com/rust-lang/crates.io-index)" = "7e0456befd48169b9f13ef0f0ad46d492cf9d2dbb918bcf38e01eed4ce3ec5e4"
|
||||
"checksum proc-macro2 1.0.18 (registry+https://github.com/rust-lang/crates.io-index)" = "beae6331a816b1f65d04c45b078fd8e6c93e8071771f41b8163255bbd8d7c8fa"
|
||||
"checksum quote 1.0.7 (registry+https://github.com/rust-lang/crates.io-index)" = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37"
|
||||
"checksum quote 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)" = "54a21852a652ad6f610c9510194f398ff6f8692e334fd1145fed931f7fbe44ea"
|
||||
"checksum rand 0.7.3 (registry+https://github.com/rust-lang/crates.io-index)" = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03"
|
||||
"checksum rand_chacha 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402"
|
||||
"checksum rand_core 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19"
|
||||
|
|
@ -859,7 +856,7 @@ dependencies = [
|
|||
"checksum siphasher 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "fa8f3741c7372e75519bd9346068370c9cdaabcc1f9599cbcf2a2719352286b7"
|
||||
"checksum smallvec 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c7cb5678e1615754284ec264d9bb5b4c27d2018577fd90ac0ceb578591ed5ee4"
|
||||
"checksum spin 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
|
||||
"checksum standback 0.2.9 (registry+https://github.com/rust-lang/crates.io-index)" = "b0437cfb83762844799a60e1e3b489d5ceb6a650fbacb86437badc1b6d87b246"
|
||||
"checksum standback 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "47e4b8c631c998468961a9ea159f064c5c8499b95b5e4a34b77849d45949d540"
|
||||
"checksum stdweb 0.4.20 (registry+https://github.com/rust-lang/crates.io-index)" = "d022496b16281348b52d0e30ae99e01a73d737b2f45d38fed4edf79f9325a1d5"
|
||||
"checksum stdweb-derive 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "c87a60a40fccc84bef0652345bbbbbe20a605bf5d0ce81719fc476f5c03b50ef"
|
||||
"checksum stdweb-internal-macros 0.2.9 (registry+https://github.com/rust-lang/crates.io-index)" = "58fa5ff6ad0d98d1ffa8cb115892b6e69d67799f6763e162a1c9db421dc22e11"
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
# Planned breaking changes
|
||||
|
||||
Due to semantic versioning, any breaking change after 1.0 requires a new major version number.
|
||||
This is a list of breaking changes to do in such a case:
|
||||
|
||||
- Change default crypto to AES128
|
||||
- Remove network-id parameter
|
||||
- Remove port config option
|
||||
|
|
@ -34,8 +34,6 @@ runcmd:
|
|||
|
||||
MAX_WAIT = 300
|
||||
|
||||
CRYPTO = ["aes256", "aes128", "chacha20"] if VERSION >= "1.5.0" else ["aes256", "chacha20"]
|
||||
|
||||
def eprint(*args, **kwargs):
|
||||
print(*args, file=sys.stderr, **kwargs)
|
||||
|
||||
|
|
@ -352,7 +350,7 @@ class PerfTest:
|
|||
},
|
||||
"native": self.run_suite(self.receiver_ip)
|
||||
}
|
||||
for crypto in [None] + CRYPTO:
|
||||
for crypto in [None, "aes256", "chacha20"]:
|
||||
eprint("Running with crypto {}".format(crypto or "plain"))
|
||||
self.start_vpncloud(mtu=8800, crypto=crypto)
|
||||
res = self.run_suite(self.receiver_ip_vpncloud)
|
||||
|
|
@ -360,12 +358,12 @@ class PerfTest:
|
|||
results[str(crypto or "plain")] = res
|
||||
results['results'] = {
|
||||
"throughput_mbits": dict([
|
||||
(k, results[k]["iperf"]["throughput"] / 1000000.0) for k in ["native", "plain"] + CRYPTO
|
||||
(k, results[k]["iperf"]["throughput"] / 1000000.0) for k in ["native", "plain", "aes256", "chacha20"]
|
||||
]),
|
||||
"latency_us": dict([
|
||||
(k, dict([
|
||||
(str(s), (results[k]["ping_%s" % s]["rtt_avg"] - results["native"]["ping_%s" % s]["rtt_avg"])*1000.0/2.0) for s in [100, 500, 1000]
|
||||
])) for k in ["plain"] + CRYPTO
|
||||
])) for k in ["plain", "aes256", "chacha20"]
|
||||
])
|
||||
}
|
||||
return results
|
||||
|
|
|
|||
|
|
@ -50,19 +50,6 @@ fn crypto_aes256(b: &mut Bencher) {
|
|||
b.bytes = 1400;
|
||||
}
|
||||
|
||||
#[bench]
|
||||
fn crypto_aes128(b: &mut Bencher) {
|
||||
let mut crypto = Crypto::from_shared_key(CryptoMethod::AES128, "test");
|
||||
let mut payload = [0; 1500];
|
||||
let header = [0; 8];
|
||||
let mut nonce_bytes = [0; 12];
|
||||
b.iter(|| {
|
||||
let len = crypto.encrypt(&mut payload, 1400, &mut nonce_bytes, &header);
|
||||
assert!(crypto.decrypt(&mut payload[..len], &nonce_bytes, &header).is_ok());
|
||||
});
|
||||
b.bytes = 1400;
|
||||
}
|
||||
|
||||
#[bench]
|
||||
fn message_encode(b: &mut Bencher) {
|
||||
let mut crypto = Crypto::None;
|
||||
|
|
|
|||
|
|
@ -17,9 +17,7 @@ pub enum CryptoMethod {
|
|||
#[serde(rename = "chacha20")]
|
||||
ChaCha20,
|
||||
#[serde(rename = "aes256")]
|
||||
AES256,
|
||||
#[serde(rename = "aes128")]
|
||||
AES128
|
||||
AES256
|
||||
}
|
||||
impl FromStr for CryptoMethod {
|
||||
type Err = &'static str;
|
||||
|
|
@ -27,8 +25,7 @@ impl FromStr for CryptoMethod {
|
|||
fn from_str(text: &str) -> Result<Self, Self::Err> {
|
||||
Ok(match &text.to_lowercase() as &str {
|
||||
"chacha20" | "chacha" => Self::ChaCha20,
|
||||
"aes256" => Self::AES256,
|
||||
"aes128" | "aes" => Self::AES128,
|
||||
"aes256" | "aes" => Self::AES256,
|
||||
_ => return Err("Unknown method")
|
||||
})
|
||||
}
|
||||
|
|
@ -44,8 +41,7 @@ pub struct CryptoData {
|
|||
pub enum Crypto {
|
||||
None,
|
||||
ChaCha20Poly1305(CryptoData),
|
||||
AES256GCM(CryptoData),
|
||||
AES128GCM(CryptoData)
|
||||
AES256GCM(CryptoData)
|
||||
}
|
||||
|
||||
fn inc_nonce(nonce: &mut [u8]) {
|
||||
|
|
@ -67,8 +63,7 @@ impl Crypto {
|
|||
match *self {
|
||||
Crypto::None => 0,
|
||||
Crypto::ChaCha20Poly1305 { .. } => 1,
|
||||
Crypto::AES256GCM { .. } => 2,
|
||||
Crypto::AES128GCM { .. } => 3
|
||||
Crypto::AES256GCM { .. } => 2
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -76,9 +71,7 @@ impl Crypto {
|
|||
pub fn nonce_bytes(&self) -> usize {
|
||||
match *self {
|
||||
Crypto::None => 0,
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) | Crypto::AES128GCM(ref data) => {
|
||||
data.crypto_key.algorithm().nonce_len()
|
||||
}
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) => data.crypto_key.algorithm().nonce_len()
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -86,7 +79,7 @@ impl Crypto {
|
|||
pub fn get_key(&self) -> &[u8] {
|
||||
match *self {
|
||||
Crypto::None => &[],
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) | Crypto::AES128GCM(ref data) => &data.key
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) => &data.key
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -95,17 +88,14 @@ impl Crypto {
|
|||
pub fn additional_bytes(&self) -> usize {
|
||||
match *self {
|
||||
Crypto::None => 0,
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) | Crypto::AES128GCM(ref data) => {
|
||||
data.crypto_key.algorithm().tag_len()
|
||||
}
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) => data.crypto_key.algorithm().tag_len()
|
||||
}
|
||||
}
|
||||
|
||||
pub fn from_shared_key(method: CryptoMethod, password: &str) -> Self {
|
||||
let algo = match method {
|
||||
CryptoMethod::ChaCha20 => &CHACHA20_POLY1305,
|
||||
CryptoMethod::AES256 => &AES_256_GCM,
|
||||
CryptoMethod::AES128 => &AES_128_GCM
|
||||
CryptoMethod::AES256 => &AES_256_GCM
|
||||
};
|
||||
let mut key: Vec<u8> = Vec::with_capacity(algo.key_len());
|
||||
for _ in 0..algo.key_len() {
|
||||
|
|
@ -147,15 +137,14 @@ impl Crypto {
|
|||
let data = CryptoData { crypto_key, nonce, key };
|
||||
match method {
|
||||
CryptoMethod::ChaCha20 => Crypto::ChaCha20Poly1305(data),
|
||||
CryptoMethod::AES256 => Crypto::AES256GCM(data),
|
||||
CryptoMethod::AES128 => Crypto::AES128GCM(data)
|
||||
CryptoMethod::AES256 => Crypto::AES256GCM(data)
|
||||
}
|
||||
}
|
||||
|
||||
pub fn decrypt(&self, buf: &mut [u8], nonce: &[u8], header: &[u8]) -> Result<usize, Error> {
|
||||
match *self {
|
||||
Crypto::None => Ok(buf.len()),
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) | Crypto::AES128GCM(ref data) => {
|
||||
Crypto::ChaCha20Poly1305(ref data) | Crypto::AES256GCM(ref data) => {
|
||||
let nonce = Nonce::try_assume_unique_for_key(nonce).unwrap();
|
||||
match data.crypto_key.open_in_place(nonce, Aad::from(header), buf) {
|
||||
Ok(plaintext) => Ok(plaintext.len()),
|
||||
|
|
@ -169,9 +158,7 @@ impl Crypto {
|
|||
let tag_len = self.additional_bytes();
|
||||
match *self {
|
||||
Crypto::None => mlen,
|
||||
Crypto::ChaCha20Poly1305(ref mut data)
|
||||
| Crypto::AES256GCM(ref mut data)
|
||||
| Crypto::AES128GCM(ref mut data) => {
|
||||
Crypto::ChaCha20Poly1305(ref mut data) | Crypto::AES256GCM(ref mut data) => {
|
||||
inc_nonce(&mut data.nonce);
|
||||
assert!(buf.len() - mlen >= tag_len);
|
||||
let nonce = Nonce::try_assume_unique_for_key(&data.nonce).unwrap();
|
||||
|
|
@ -230,25 +217,3 @@ fn encrypt_decrypt_aes256() {
|
|||
receiver.decrypt(&mut buffer[..size], &nonce2, &header).unwrap();
|
||||
assert_eq!(msg_bytes, &buffer[..msg_bytes.len()] as &[u8]);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn encrypt_decrypt_aes128() {
|
||||
let mut sender = Crypto::from_shared_key(CryptoMethod::AES128, "test");
|
||||
let receiver = Crypto::from_shared_key(CryptoMethod::AES128, "test");
|
||||
let msg = "HelloWorld0123456789";
|
||||
let msg_bytes = msg.as_bytes();
|
||||
let mut buffer = [0u8; 1024];
|
||||
let header = [0u8; 8];
|
||||
buffer[..msg_bytes.len()].clone_from_slice(&msg_bytes);
|
||||
let mut nonce1 = [0u8; 12];
|
||||
let size = sender.encrypt(&mut buffer, msg_bytes.len(), &mut nonce1, &header);
|
||||
assert_eq!(size, msg_bytes.len() + sender.additional_bytes());
|
||||
assert!(msg_bytes != &buffer[..msg_bytes.len()] as &[u8]);
|
||||
receiver.decrypt(&mut buffer[..size], &nonce1, &header).unwrap();
|
||||
assert_eq!(msg_bytes, &buffer[..msg_bytes.len()] as &[u8]);
|
||||
let mut nonce2 = [0u8; 12];
|
||||
let size = sender.encrypt(&mut buffer, msg_bytes.len(), &mut nonce2, &header);
|
||||
assert!(nonce1 != nonce2);
|
||||
receiver.decrypt(&mut buffer[..size], &nonce2, &header).unwrap();
|
||||
assert_eq!(msg_bytes, &buffer[..msg_bytes.len()] as &[u8]);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -83,7 +83,7 @@ pub struct Args {
|
|||
#[structopt(short, long, aliases=&["shared-key", "secret-key", "secret"])]
|
||||
key: Option<String>,
|
||||
|
||||
/// The encryption method to use ("aes128", "aes256", or "chacha20")
|
||||
/// The encryption method to use ("aes256", or "chacha20")
|
||||
#[structopt(long)]
|
||||
crypto: Option<CryptoMethod>,
|
||||
|
||||
|
|
|
|||
|
|
@ -59,9 +59,9 @@ vpncloud - Peer-to-peer VPN
|
|||
the traffic will be sent unencrypted.
|
||||
|
||||
*--crypto <method>*::
|
||||
The encryption method to use ("aes128", "aes256", or "chacha20"). Most
|
||||
current CPUs have special support for AES256 so this should be faster. For
|
||||
older computers lacking this support, CHACHA20 is the fastest option.
|
||||
The encryption method to use ("aes256", or "chacha20"). Most current CPUs
|
||||
have special support for AES256 so this should be faster. For older
|
||||
computers lacking this support, only CHACHA20 is supported.
|
||||
[default: *chacha20*]
|
||||
|
||||
*--magic <id>*::
|
||||
|
|
@ -258,10 +258,10 @@ side effects.
|
|||
. VpnCloud is not designed for high security use cases. Although the used crypto
|
||||
primitives are expected to be very secure, their application has not been
|
||||
reviewed.
|
||||
The shared key is hashed using _PBKDF2_HMAC_SHA256_ to derive a key,
|
||||
which is used to encrypt the payload of messages using _ChaCha20Poly1305_,
|
||||
_AES128-GCM_, or _AES256-GCM_. The encryption includes an authentication that
|
||||
also protects the header.
|
||||
The shared key is hashed using _ScryptSalsa208Sha256_ to derive a key,
|
||||
which is used to encrypt the payload of messages using _ChaCha20Poly1305_ or
|
||||
_AES256-GCM_. The encryption includes an authentication that also protects the
|
||||
header.
|
||||
This method does only protect against attacks on single messages but not
|
||||
against attacks that manipulate the message series itself (i.e. suppress
|
||||
messages, reorder them, or duplicate them).
|
||||
|
|
|
|||
Loading…
Reference in New Issue