From 3dabc254bce4ccb4500b3c929fffc847faac7de7 Mon Sep 17 00:00:00 2001 From: Davide De Rosa Date: Thu, 30 Aug 2018 15:59:07 +0200 Subject: [PATCH] Improve naming in crypto classes - Consistency in encryption/decryption flow - Consistency in packet/payload - DataPathChannel method names --- TunnelKit/Sources/Core/CryptoAEAD.m | 40 +++++++------- TunnelKit/Sources/Core/CryptoCBC.m | 40 +++++++------- TunnelKit/Sources/Core/DataPath.m | 60 ++++++++++----------- TunnelKit/Sources/Core/DataPathEncryption.h | 8 +-- 4 files changed, 74 insertions(+), 74 deletions(-) diff --git a/TunnelKit/Sources/Core/CryptoAEAD.m b/TunnelKit/Sources/Core/CryptoAEAD.m index 51fbecf..5c7ccd7 100644 --- a/TunnelKit/Sources/Core/CryptoAEAD.m +++ b/TunnelKit/Sources/Core/CryptoAEAD.m @@ -290,25 +290,25 @@ const NSInteger CryptoAEADTagLength = 16; #pragma mark DataPathEncrypter -- (void)assembleDataPacketWithBlock:(DataPathAssembleBlock)block packetId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length +- (void)assembleDataPacketWithBlock:(DataPathAssembleBlock)block packetId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)packetBytes length:(NSInteger *)packetLength { - *length = payload.length; + *packetLength = payload.length; if (!block) { - memcpy(dest, payload.bytes, payload.length); + memcpy(packetBytes, payload.bytes, payload.length); return; } NSInteger packetLengthOffset; - block(dest, &packetLengthOffset, payload); - *length += packetLengthOffset; + block(packetBytes, &packetLengthOffset, payload); + *packetLength += packetLengthOffset; } -- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error +- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId packetBytes:(const uint8_t *)packetBytes packetLength:(NSInteger)packetLength error:(NSError *__autoreleasing *)error { - const int capacity = self.headerLength + PacketIdLength + (int)safe_crypto_capacity(payloadLength, self.crypto.overheadLength); + const int capacity = self.headerLength + PacketIdLength + (int)safe_crypto_capacity(packetLength, self.crypto.overheadLength); NSMutableData *encryptedPacket = [[NSMutableData alloc] initWithLength:capacity]; uint8_t *ptr = encryptedPacket.mutableBytes; - NSInteger encryptedPayloadLength = INT_MAX; + NSInteger encryptedPacketLength = INT_MAX; self.setDataHeader(ptr, key); *(uint32_t *)(ptr + self.headerLength) = htonl(packetId); @@ -318,26 +318,26 @@ const NSInteger CryptoAEADTagLength = 16; extra += self.headerLength; // AD = packet id only } - const BOOL success = [self.crypto encryptBytes:payload - length:payloadLength + const BOOL success = [self.crypto encryptBytes:packetBytes + length:packetLength dest:(ptr + self.headerLength + PacketIdLength) // skip header and packet id - destLength:&encryptedPayloadLength + destLength:&encryptedPacketLength extra:extra error:error]; - NSAssert(encryptedPayloadLength <= capacity, @"Did not allocate enough bytes for payload"); + NSAssert(encryptedPacketLength <= capacity, @"Did not allocate enough bytes for payload"); if (!success) { return nil; } - encryptedPacket.length = self.headerLength + PacketIdLength + encryptedPayloadLength; + encryptedPacket.length = self.headerLength + PacketIdLength + encryptedPacketLength; return encryptedPacket; } #pragma mark DataPathDecrypter -- (BOOL)decryptDataPacket:(NSData *)packet into:(uint8_t *)dest length:(NSInteger *)length packetId:(uint32_t *)packetId error:(NSError *__autoreleasing *)error +- (BOOL)decryptDataPacket:(NSData *)packet into:(uint8_t *)packetBytes length:(NSInteger *)packetLength packetId:(uint32_t *)packetId error:(NSError *__autoreleasing *)error { const uint8_t *extra = packet.bytes; // AD = header + peer id + packet id if (!self.checkPeerId) { @@ -347,8 +347,8 @@ const NSInteger CryptoAEADTagLength = 16; // skip header + packet id const BOOL success = [self.crypto decryptBytes:(packet.bytes + self.headerLength + PacketIdLength) length:(int)(packet.length - (self.headerLength + PacketIdLength)) - dest:dest - destLength:length + dest:packetBytes + destLength:packetLength extra:extra error:error]; if (!success) { @@ -364,17 +364,17 @@ const NSInteger CryptoAEADTagLength = 16; return YES; } -- (const uint8_t *)parsePayloadWithBlock:(DataPathParseBlock)block dataPacket:(uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length +- (const uint8_t *)parsePayloadWithBlock:(DataPathParseBlock)block length:(NSInteger *)length packetBytes:(uint8_t *)packetBytes packetLength:(NSInteger)packetLength { - uint8_t *payload = packet; - *length = packetLength - (int)(payload - packet); + uint8_t *payload = packetBytes; + *length = packetLength - (int)(payload - packetBytes); if (!block) { return payload; } NSInteger payloadOffset; NSInteger payloadHeaderLength; - block(payload, &payloadOffset, &payloadHeaderLength, packet, packetLength); + block(payload, &payloadOffset, &payloadHeaderLength, packetBytes, packetLength); *length -= payloadHeaderLength; return payload + payloadOffset; } diff --git a/TunnelKit/Sources/Core/CryptoCBC.m b/TunnelKit/Sources/Core/CryptoCBC.m index 8fa6fee..12b9c46 100644 --- a/TunnelKit/Sources/Core/CryptoCBC.m +++ b/TunnelKit/Sources/Core/CryptoCBC.m @@ -288,12 +288,12 @@ const NSInteger CryptoCBCMaxHMACLength = 100; #pragma mark DataPathEncrypter -- (void)assembleDataPacketWithBlock:(DataPathAssembleBlock)block packetId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length +- (void)assembleDataPacketWithBlock:(DataPathAssembleBlock)block packetId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)packetBytes length:(NSInteger *)packetLength { - uint8_t *ptr = dest; + uint8_t *ptr = packetBytes; *(uint32_t *)ptr = htonl(packetId); ptr += sizeof(uint32_t); - *length = (int)(ptr - dest + payload.length); + *packetLength = (int)(ptr - packetBytes + payload.length); if (!block) { memcpy(ptr, payload.bytes, payload.length); return; @@ -301,42 +301,42 @@ const NSInteger CryptoCBCMaxHMACLength = 100; NSInteger packetLengthOffset; block(ptr, &packetLengthOffset, payload); - *length += packetLengthOffset; + *packetLength += packetLengthOffset; } -- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError *__autoreleasing *)error +- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId packetBytes:(const uint8_t *)packetBytes packetLength:(NSInteger)packetLength error:(NSError *__autoreleasing *)error { - const int capacity = self.headerLength + (int)safe_crypto_capacity(payloadLength, self.crypto.overheadLength); + const int capacity = self.headerLength + (int)safe_crypto_capacity(packetLength, self.crypto.overheadLength); NSMutableData *encryptedPacket = [[NSMutableData alloc] initWithLength:capacity]; uint8_t *ptr = encryptedPacket.mutableBytes; - NSInteger encryptedPayloadLength = INT_MAX; - const BOOL success = [self.crypto encryptBytes:payload - length:payloadLength + NSInteger encryptedPacketLength = INT_MAX; + const BOOL success = [self.crypto encryptBytes:packetBytes + length:packetLength dest:(ptr + self.headerLength) // skip header byte - destLength:&encryptedPayloadLength + destLength:&encryptedPacketLength extra:NULL error:error]; - NSAssert(encryptedPayloadLength <= capacity, @"Did not allocate enough bytes for payload"); + NSAssert(encryptedPacketLength <= capacity, @"Did not allocate enough bytes for payload"); if (!success) { return nil; } self.setDataHeader(ptr, key); - encryptedPacket.length = self.headerLength + encryptedPayloadLength; + encryptedPacket.length = self.headerLength + encryptedPacketLength; return encryptedPacket; } #pragma mark DataPathDecrypter -- (BOOL)decryptDataPacket:(NSData *)packet into:(uint8_t *)dest length:(NSInteger *)length packetId:(nonnull uint32_t *)packetId error:(NSError *__autoreleasing *)error +- (BOOL)decryptDataPacket:(NSData *)packet into:(uint8_t *)packetBytes length:(NSInteger *)packetLength packetId:(uint32_t *)packetId error:(NSError *__autoreleasing *)error { // skip header = (code, key) const BOOL success = [self.crypto decryptBytes:(packet.bytes + self.headerLength) length:(int)(packet.length - self.headerLength) - dest:dest - destLength:length + dest:packetBytes + destLength:packetLength extra:NULL error:error]; if (!success) { @@ -348,22 +348,22 @@ const NSInteger CryptoCBCMaxHMACLength = 100; } return NO; } - *packetId = ntohl(*(uint32_t *)dest); + *packetId = ntohl(*(uint32_t *)packetBytes); return YES; } -- (const uint8_t *)parsePayloadWithBlock:(DataPathParseBlock)block dataPacket:(uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length +- (const uint8_t *)parsePayloadWithBlock:(DataPathParseBlock)block length:(NSInteger *)length packetBytes:(uint8_t *)packetBytes packetLength:(NSInteger)packetLength { - uint8_t *payload = packet; + uint8_t *payload = packetBytes; payload += sizeof(uint32_t); // packet id - *length = packetLength - (int)(payload - packet); + *length = packetLength - (int)(payload - packetBytes); if (!block) { return payload; } NSInteger payloadOffset; NSInteger payloadHeaderLength; - block(payload, &payloadOffset, &payloadHeaderLength, packet, packetLength); + block(payload, &payloadOffset, &payloadHeaderLength, packetBytes, packetLength); *length -= payloadHeaderLength; return payload + payloadOffset; } diff --git a/TunnelKit/Sources/Core/DataPath.m b/TunnelKit/Sources/Core/DataPath.m index 3d63597..85ac496 100644 --- a/TunnelKit/Sources/Core/DataPath.m +++ b/TunnelKit/Sources/Core/DataPath.m @@ -225,31 +225,31 @@ [self.outPackets removeAllObjects]; - for (NSData *raw in packets) { + for (NSData *payload in packets) { self.outPacketId += 1; // may resize encBuffer to hold encrypted payload - [self adjustEncBufferToPacketSize:(int)raw.length]; + [self adjustEncBufferToPacketSize:(int)payload.length]; - uint8_t *payload = self.encBufferAligned; - NSInteger payloadLength; + uint8_t *dataPacketBytes = self.encBufferAligned; + NSInteger dataPacketLength; [self.encrypter assembleDataPacketWithBlock:self.assemblePayloadBlock packetId:self.outPacketId - payload:raw - into:payload - length:&payloadLength]; - MSSFix(payload, payloadLength); + payload:payload + into:dataPacketBytes + length:&dataPacketLength]; + MSSFix(dataPacketBytes, dataPacketLength); - NSData *encryptedPacket = [self.encrypter encryptedDataPacketWithKey:key - packetId:self.outPacketId - payload:payload - payloadLength:payloadLength - error:error]; - if (!encryptedPacket) { + NSData *encryptedDataPacket = [self.encrypter encryptedDataPacketWithKey:key + packetId:self.outPacketId + packetBytes:dataPacketBytes + packetLength:dataPacketLength + error:error]; + if (!encryptedDataPacket) { return nil; } - [self.outPackets addObject:encryptedPacket]; + [self.outPackets addObject:encryptedDataPacket]; } return self.outPackets; @@ -261,17 +261,17 @@ [self.inPackets removeAllObjects]; - for (NSData *encryptedPacket in packets) { + for (NSData *encryptedDataPacket in packets) { // may resize decBuffer to encryptedPacket.length - [self adjustDecBufferToPacketSize:(int)encryptedPacket.length]; + [self adjustDecBufferToPacketSize:(int)encryptedDataPacket.length]; - uint8_t *packet = self.decBufferAligned; - NSInteger packetLength = INT_MAX; + uint8_t *dataPacketBytes = self.decBufferAligned; + NSInteger dataPacketLength = INT_MAX; uint32_t packetId; - const BOOL success = [self.decrypter decryptDataPacket:encryptedPacket - into:packet - length:&packetLength + const BOOL success = [self.decrypter decryptDataPacket:encryptedDataPacket + into:dataPacketBytes + length:&dataPacketLength packetId:&packetId error:error]; if (!success) { @@ -288,22 +288,22 @@ } NSInteger payloadLength; - const uint8_t *payload = [self.decrypter parsePayloadWithBlock:self.parsePayloadBlock - dataPacket:packet - packetLength:packetLength - length:&payloadLength]; + const uint8_t *payloadBytes = [self.decrypter parsePayloadWithBlock:self.parsePayloadBlock + length:&payloadLength + packetBytes:dataPacketBytes + packetLength:dataPacketLength]; - if ((payloadLength == sizeof(DataPacketPingData)) && !memcmp(payload, DataPacketPingData, payloadLength)) { + if ((payloadLength == sizeof(DataPacketPingData)) && !memcmp(payloadBytes, DataPacketPingData, payloadLength)) { if (keepAlive) { *keepAlive = true; } continue; } -// MSSFix(payload, payloadLength); +// MSSFix(payloadBytes, payloadLength); - NSData *raw = [[NSData alloc] initWithBytes:payload length:payloadLength]; - [self.inPackets addObject:raw]; + NSData *payload = [[NSData alloc] initWithBytes:payloadBytes length:payloadLength]; + [self.inPackets addObject:payload]; } return self.inPackets; diff --git a/TunnelKit/Sources/Core/DataPathEncryption.h b/TunnelKit/Sources/Core/DataPathEncryption.h index c8989d6..f3e4fdd 100644 --- a/TunnelKit/Sources/Core/DataPathEncryption.h +++ b/TunnelKit/Sources/Core/DataPathEncryption.h @@ -48,14 +48,14 @@ typedef void (^DataPathParseBlock)(uint8_t *_Nonnull payload, NSInteger *_Nonnul @protocol DataPathEncrypter -- (void)assembleDataPacketWithBlock:(DataPathAssembleBlock)block packetId:(uint32_t)packetId payload:(NSData *)payload into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length; -- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError **)error; +- (void)assembleDataPacketWithBlock:(DataPathAssembleBlock)block packetId:(uint32_t)packetId payload:(NSData *)payload into:(nonnull uint8_t *)packetBytes length:(nonnull NSInteger *)packetLength; +- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId packetBytes:(const uint8_t *)packetBytes packetLength:(NSInteger)packetLength error:(NSError **)error; @end @protocol DataPathDecrypter -- (BOOL)decryptDataPacket:(nonnull NSData *)packet into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length packetId:(nonnull uint32_t *)packetId error:(NSError **)error; -- (nonnull const uint8_t *)parsePayloadWithBlock:(DataPathParseBlock)block dataPacket:(nonnull uint8_t *)packet packetLength:(NSInteger)packetLength length:(nonnull NSInteger *)length; +- (BOOL)decryptDataPacket:(nonnull NSData *)packet into:(nonnull uint8_t *)packetBytes length:(nonnull NSInteger *)packetLength packetId:(nonnull uint32_t *)packetId error:(NSError **)error; +- (nonnull const uint8_t *)parsePayloadWithBlock:(DataPathParseBlock)block length:(nonnull NSInteger *)length packetBytes:(nonnull uint8_t *)packetBytes packetLength:(NSInteger)packetLength; @end