passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Deprecate LZO compression framing 

Prepend NO_COMPRESS if enabled, omit if not (default).
This commit is contained in:
Davide De Rosa 2018-08-17 11:02:45 +02:00
parent 1e7d1beefe
commit 8836d2b175
10 changed files with 58 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
TunnelKit/Sources/Core/CryptoAEAD.h
View File

@ -24,6 +24,7 @@ NS_ASSUME_NONNULL_BEGIN
@interface DataPathCryptoAEAD : NSObject <DataPathEncrypter, DataPathDecrypter>
@property (nonatomic, assign) uint32_t peerId;
@property (nonatomic, assign) BOOL LZOFraming DEPRECATED_ATTRIBUTE;
- (instancetype)initWithCrypto:(nonnull CryptoAEAD *)crypto;

19
TunnelKit/Sources/Core/CryptoAEAD.m
View File

@ -227,6 +227,8 @@ const NSInteger CryptoAEADTagLength = 16;
return self;
}
#pragma mark DataPathChannel
- (int)overheadLength
{
return self.crypto.overheadLength;
@ -259,11 +261,13 @@ const NSInteger CryptoAEADTagLength = 16;
#pragma mark DataPathEncrypter
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId compression:(uint8_t)compression payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length
{
uint8_t *ptr = dest;
*ptr = compression;
ptr += sizeof(uint8_t);
if (self.LZOFraming) {
*ptr = DataPacketLZONoCompress;
ptr += sizeof(uint8_t);
}
memcpy(ptr, payload.bytes, payload.length);
*length = (int)(ptr - dest + payload.length);
}
@ -329,11 +333,14 @@ const NSInteger CryptoAEADTagLength = 16;
return YES;
}
- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length compression:(uint8_t *)compression
- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length
{
const uint8_t *ptr = packet;
*compression = *ptr;
ptr += sizeof(uint8_t); // compression byte
if (self.LZOFraming) {
NSAssert(*ptr == DataPacketLZONoCompress, @"Expected LZO NO_COMPRESS");
// *compression = *ptr;
ptr += sizeof(uint8_t); // compression byte
}
*length = packetLength - (int)(ptr - packet);
return ptr;
}

1
TunnelKit/Sources/Core/CryptoCBC.h
View File

@ -23,6 +23,7 @@ NS_ASSUME_NONNULL_BEGIN
@interface DataPathCryptoCBC : NSObject <DataPathEncrypter, DataPathDecrypter>
@property (nonatomic, assign) uint32_t peerId;
@property (nonatomic, assign) BOOL LZOFraming DEPRECATED_ATTRIBUTE;
- (instancetype)initWithCrypto:(nonnull CryptoCBC *)crypto;

19
TunnelKit/Sources/Core/CryptoCBC.m
View File

@ -229,6 +229,8 @@ const NSInteger CryptoCBCMaxHMACLength = 100;
return self;
}
#pragma mark DataPathChannel
- (int)overheadLength
{
return self.crypto.overheadLength;
@ -257,13 +259,15 @@ const NSInteger CryptoCBCMaxHMACLength = 100;
#pragma mark DataPathEncrypter
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId compression:(uint8_t)compression payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId payload:(NSData *)payload into:(uint8_t *)dest length:(NSInteger *)length
{
uint8_t *ptr = dest;
*(uint32_t *)ptr = htonl(packetId);
ptr += sizeof(uint32_t);
*ptr = compression;
ptr += sizeof(uint8_t);
if (self.LZOFraming) {
*ptr = DataPacketLZONoCompress;
ptr += sizeof(uint8_t);
}
memcpy(ptr, payload.bytes, payload.length);
*length = (int)(ptr - dest + payload.length);
}
@ -316,12 +320,15 @@ const NSInteger CryptoCBCMaxHMACLength = 100;
return YES;
}
- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length compression:(uint8_t *)compression
- (const uint8_t *)parsePayloadWithDataPacket:(const uint8_t *)packet packetLength:(NSInteger)packetLength length:(NSInteger *)length
{
const uint8_t *ptr = packet;
ptr += sizeof(uint32_t); // packet id
*compression = *ptr;
ptr += sizeof(uint8_t); // compression byte
if (self.LZOFraming) {
NSAssert(*ptr == DataPacketLZONoCompress, @"Expected LZO NO_COMPRESS");
// *compression = *ptr;
ptr += sizeof(uint8_t); // compression byte
}
*length = packetLength - (int)(ptr - packet);
return ptr;
}

1
TunnelKit/Sources/Core/DataPath.h
View File

@ -23,6 +23,7 @@
usesReplayProtection:(BOOL)usesReplayProtection;
- (void)setPeerId:(uint32_t)peerId; // 24-bit, discard most significant byte
- (void)setLZOFraming:(BOOL)LZOFraming DEPRECATED_ATTRIBUTE;
- (NSArray<NSData *> *)encryptPackets:(nonnull NSArray<NSData *> *)packets key:(uint8_t)key error:(NSError **)error;
- (NSArray<NSData *> *)decryptPackets:(nonnull NSArray<NSData *> *)packets keepAlive:(nullable bool *)keepAlive error:(NSError **)error;

18
TunnelKit/Sources/Core/DataPath.m
View File

@ -128,8 +128,17 @@
NSAssert(self.encrypter, @"Setting peer-id to nil encrypter");
NSAssert(self.decrypter, @"Setting peer-id to nil decrypter");
[self.encrypter setPeerId:peerId];
[self.decrypter setPeerId:peerId];
self.encrypter.peerId = peerId;
self.decrypter.peerId = peerId;
}
- (void)setLZOFraming:(BOOL)LZOFraming
{
NSAssert(self.encrypter, @"Setting LZOFraming to nil encrypter");
NSAssert(self.decrypter, @"Setting LZOFraming to nil decrypter");
self.encrypter.LZOFraming = LZOFraming;
self.decrypter.LZOFraming = LZOFraming;
}
#pragma mark DataPath
@ -156,7 +165,6 @@
uint8_t *payload = self.encBufferAligned;
NSInteger payloadLength;
[self.encrypter assembleDataPacketWithPacketId:self.outPacketId
compression:DataPacketCompressNone
payload:raw
into:payload
length:&payloadLength];
@ -211,11 +219,9 @@
}
NSInteger payloadLength;
uint8_t compression;
const uint8_t *payload = [self.decrypter parsePayloadWithDataPacket:packet
packetLength:packetLength
length:&payloadLength
compression:&compression];
length:&payloadLength];
if ((payloadLength == sizeof(DataPacketPingData)) && !memcmp(payload, DataPacketPingData, payloadLength)) {
if (keepAlive) {

18
TunnelKit/Sources/Core/DataPathEncryption.h
View File

@ -8,22 +8,26 @@
#import <Foundation/Foundation.h>
@protocol DataPathEncrypter
@protocol DataPathChannel
- (int)overheadLength;
- (uint32_t)peerId;
- (void)setPeerId:(uint32_t)peerId;
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId compression:(uint8_t)compression payload:(NSData *)payload into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length;
- (BOOL)LZOFraming DEPRECATED_ATTRIBUTE;
- (void)setLZOFraming:(BOOL)LZOFraming DEPRECATED_ATTRIBUTE;
@end
@protocol DataPathEncrypter <DataPathChannel>
- (void)assembleDataPacketWithPacketId:(uint32_t)packetId payload:(NSData *)payload into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length;
- (NSData *)encryptedDataPacketWithKey:(uint8_t)key packetId:(uint32_t)packetId payload:(const uint8_t *)payload payloadLength:(NSInteger)payloadLength error:(NSError **)error;
@end
@protocol DataPathDecrypter
@protocol DataPathDecrypter <DataPathChannel>
- (int)overheadLength;
- (uint32_t)peerId;
- (void)setPeerId:(uint32_t)peerId;
- (BOOL)decryptDataPacket:(nonnull NSData *)packet into:(nonnull uint8_t *)dest length:(nonnull NSInteger *)length packetId:(nonnull uint32_t *)packetId error:(NSError **)error;
- (nonnull const uint8_t *)parsePayloadWithDataPacket:(nonnull const uint8_t *)packet packetLength:(NSInteger)packetLength length:(nonnull NSInteger *)length compression:(nonnull uint8_t *)compression;
- (nonnull const uint8_t *)parsePayloadWithDataPacket:(nonnull const uint8_t *)packet packetLength:(NSInteger)packetLength length:(nonnull NSInteger *)length;
@end

2
TunnelKit/Sources/Core/PacketMacros.h
View File

@ -22,7 +22,7 @@ typedef NS_ENUM(uint8_t, PacketCode) {
PacketCodeUnknown = 0xff
};
extern const uint8_t DataPacketCompressNone;
extern const uint8_t DataPacketLZONoCompress;
extern const uint8_t DataPacketPingData[16];
static inline int PacketHeaderSet(uint8_t *_Nonnull to, PacketCode code, uint8_t key)

2
TunnelKit/Sources/Core/PacketMacros.m
View File

@ -8,5 +8,5 @@
#import "PacketMacros.h"
const uint8_t DataPacketCompressNone = 0xfa;
const uint8_t DataPacketLZONoCompress = 0xfa;
const uint8_t DataPacketPingData[] = { 0x2a, 0x18, 0x7b, 0xf3, 0x64, 0x1e, 0xb4, 0xcb, 0x07, 0xed, 0x2d, 0x0a, 0x98, 0x1f, 0xc7, 0x48 };

9
TunnelKitTests/DataPathEncryptionTests.swift
View File

@ -52,27 +52,26 @@ class DataPathEncryptionTests: XCTestCase {
XCTAssertEqual(enc.peerId(), peerId & 0xffffff)
XCTAssertEqual(dec.peerId(), peerId & 0xffffff)
}
// enc.setDeprecatedLZOFraming(true)
// dec.setDeprecatedLZOFraming(true)
let payload = Data(hex: "00112233445566778899")
let packetId: UInt32 = 0x56341200
let key: UInt8 = 4
let compression: UInt8 = DataPacketCompressNone
var encryptedPayload: [UInt8] = [UInt8](repeating: 0, count: 1000)
var encryptedPayloadLength: Int = 0
enc.assembleDataPacket(withPacketId: packetId, compression: compression, payload: payload, into: &encryptedPayload, length: &encryptedPayloadLength)
enc.assembleDataPacket(withPacketId: packetId, payload: payload, into: &encryptedPayload, length: &encryptedPayloadLength)
let encrypted = try! enc.encryptedDataPacket(withKey: key, packetId: packetId, payload: encryptedPayload, payloadLength: encryptedPayloadLength)
var decrypted: [UInt8] = [UInt8](repeating: 0, count: 1000)
var decryptedLength: Int = 0
var decryptedPacketId: UInt32 = 0
var decryptedPayloadLength: Int = 0
var decryptedCompression: UInt8 = 0
try! dec.decryptDataPacket(encrypted, into: &decrypted, length: &decryptedLength, packetId: &decryptedPacketId)
let decryptedPtr = dec.parsePayload(withDataPacket: &decrypted, packetLength: decryptedLength, length: &decryptedPayloadLength, compression: &decryptedCompression)
let decryptedPtr = dec.parsePayload(withDataPacket: &decrypted, packetLength: decryptedLength, length: &decryptedPayloadLength)
let decryptedPayload = Data(bytes: decryptedPtr, count: decryptedPayloadLength)
XCTAssertEqual(payload, decryptedPayload)
XCTAssertEqual(packetId, decryptedPacketId)
XCTAssertEqual(compression, decryptedCompression)
}
}