diff --git a/TunnelKit/Sources/Core/ControlChannelSerializer.swift b/TunnelKit/Sources/Core/ControlChannelSerializer.swift index 4714820..8e9f541 100644 --- a/TunnelKit/Sources/Core/ControlChannelSerializer.swift +++ b/TunnelKit/Sources/Core/ControlChannelSerializer.swift @@ -233,7 +233,7 @@ extension ControlChannel { headerLength = PacketOpcodeLength + PacketSessionIdLength adLength = headerLength + PacketReplayIdLength + PacketReplayTimestampLength - tagLength = 32 + tagLength = crypto.tagLength() currentReplayId = BidirectionalState(withResetValue: 1) plain = PlainSerializer() diff --git a/TunnelKit/Sources/Core/Crypto.h b/TunnelKit/Sources/Core/Crypto.h index 109758c..4fb29a2 100644 --- a/TunnelKit/Sources/Core/Crypto.h +++ b/TunnelKit/Sources/Core/Crypto.h @@ -55,6 +55,7 @@ typedef struct { - (void)configureEncryptionWithCipherKey:(nullable ZeroingData *)cipherKey hmacKey:(nullable ZeroingData *)hmacKey; - (int)digestLength; +- (int)tagLength; - (NSInteger)encryptionCapacityWithLength:(NSInteger)length; - (BOOL)encryptBytes:(const uint8_t *)bytes length:(NSInteger)length dest:(uint8_t *)dest destLength:(NSInteger *)destLength flags:(const CryptoFlags *_Nullable)flags error:(NSError **)error; @@ -68,6 +69,7 @@ typedef struct { - (void)configureDecryptionWithCipherKey:(nullable ZeroingData *)cipherKey hmacKey:(nullable ZeroingData *)hmacKey; - (int)digestLength; +- (int)tagLength; - (NSInteger)encryptionCapacityWithLength:(NSInteger)length; - (BOOL)decryptBytes:(const uint8_t *)bytes length:(NSInteger)length dest:(uint8_t *)dest destLength:(NSInteger *)destLength flags:(const CryptoFlags *_Nullable)flags error:(NSError **)error; diff --git a/TunnelKit/Sources/Core/CryptoAEAD.m b/TunnelKit/Sources/Core/CryptoAEAD.m index d5f4e06..a2b77f5 100644 --- a/TunnelKit/Sources/Core/CryptoAEAD.m +++ b/TunnelKit/Sources/Core/CryptoAEAD.m @@ -43,7 +43,7 @@ #import "Allocation.h" #import "Errors.h" -const NSInteger CryptoAEADTagLength = 16; +static const NSInteger CryptoAEADTagLength = 16; @interface CryptoAEAD () @@ -97,6 +97,11 @@ const NSInteger CryptoAEADTagLength = 16; return 0; } +- (int)tagLength +{ + return CryptoAEADTagLength; +} + - (NSInteger)encryptionCapacityWithLength:(NSInteger)length { return safe_crypto_capacity(length, CryptoAEADTagLength); diff --git a/TunnelKit/Sources/Core/CryptoBox.h b/TunnelKit/Sources/Core/CryptoBox.h index 037aa65..89dbf1f 100644 --- a/TunnelKit/Sources/Core/CryptoBox.h +++ b/TunnelKit/Sources/Core/CryptoBox.h @@ -73,6 +73,7 @@ NS_ASSUME_NONNULL_BEGIN - (id)decrypter; - (NSInteger)digestLength; +- (NSInteger)tagLength; @end diff --git a/TunnelKit/Sources/Core/CryptoBox.m b/TunnelKit/Sources/Core/CryptoBox.m index bbdd825..5a17557 100644 --- a/TunnelKit/Sources/Core/CryptoBox.m +++ b/TunnelKit/Sources/Core/CryptoBox.m @@ -52,6 +52,7 @@ @property (nonatomic, strong) NSString *cipherAlgorithm; @property (nonatomic, strong) NSString *digestAlgorithm; @property (nonatomic, assign) NSInteger digestLength; +@property (nonatomic, assign) NSInteger tagLength; @property (nonatomic, strong) id encrypter; @property (nonatomic, strong) id decrypter; @@ -147,6 +148,7 @@ NSAssert(self.encrypter.digestLength == self.decrypter.digestLength, @"Digest length mismatch in encrypter/decrypter"); self.digestLength = self.encrypter.digestLength; + self.tagLength = self.encrypter.tagLength; return YES; } diff --git a/TunnelKit/Sources/Core/CryptoCBC.m b/TunnelKit/Sources/Core/CryptoCBC.m index b9fc3b9..d6e5acb 100644 --- a/TunnelKit/Sources/Core/CryptoCBC.m +++ b/TunnelKit/Sources/Core/CryptoCBC.m @@ -113,6 +113,11 @@ const NSInteger CryptoCBCMaxHMACLength = 100; self.digest = NULL; } +- (int)tagLength +{ + return 0; +} + - (NSInteger)encryptionCapacityWithLength:(NSInteger)length { return safe_crypto_capacity(length, self.digestLength + self.cipherIVLength); diff --git a/TunnelKit/Sources/Core/CryptoCTR.h b/TunnelKit/Sources/Core/CryptoCTR.h index a627078..451124f 100644 --- a/TunnelKit/Sources/Core/CryptoCTR.h +++ b/TunnelKit/Sources/Core/CryptoCTR.h @@ -30,8 +30,6 @@ NS_ASSUME_NONNULL_BEGIN -extern const NSInteger CryptoCTRADLength; - @interface CryptoCTR : NSObject - (instancetype)initWithCipherName:(nullable NSString *)cipherName digestName:(NSString *)digestName; diff --git a/TunnelKit/Sources/Core/CryptoCTR.m b/TunnelKit/Sources/Core/CryptoCTR.m index d91ef42..d2728fe 100644 --- a/TunnelKit/Sources/Core/CryptoCTR.m +++ b/TunnelKit/Sources/Core/CryptoCTR.m @@ -33,7 +33,7 @@ #import "Allocation.h" #import "Errors.h" -const NSInteger CryptoCTRTagLength = 32; +static const NSInteger CryptoCTRTagLength = 32; @interface CryptoCTR () @@ -42,7 +42,6 @@ const NSInteger CryptoCTRTagLength = 32; @property (nonatomic, assign) int cipherKeyLength; @property (nonatomic, assign) int cipherIVLength; @property (nonatomic, assign) int hmacKeyLength; -@property (nonatomic, assign) int digestLength; @property (nonatomic, unsafe_unretained) EVP_CIPHER_CTX *cipherCtxEnc; @property (nonatomic, unsafe_unretained) EVP_CIPHER_CTX *cipherCtxDec; @@ -70,14 +69,13 @@ const NSInteger CryptoCTRTagLength = 32; self.cipherIVLength = EVP_CIPHER_iv_length(self.cipher); // as seen in OpenVPN's crypto_openssl.c:md_kt_size() self.hmacKeyLength = EVP_MD_size(self.digest); - self.digestLength = EVP_MD_size(self.digest); - NSAssert(self.digestLength == CryptoCTRTagLength, @"Expected digest size to be tag length (%ld)", CryptoCTRTagLength); + NSAssert(EVP_MD_size(self.digest) == CryptoCTRTagLength, @"Expected digest size to be tag length (%ld)", CryptoCTRTagLength); self.cipherCtxEnc = EVP_CIPHER_CTX_new(); self.cipherCtxDec = EVP_CIPHER_CTX_new(); self.hmacCtxEnc = HMAC_CTX_new(); self.hmacCtxDec = HMAC_CTX_new(); - self.bufferDecHMAC = allocate_safely(self.digestLength); + self.bufferDecHMAC = allocate_safely(CryptoCTRTagLength); } return self; } @@ -88,13 +86,23 @@ const NSInteger CryptoCTRTagLength = 32; EVP_CIPHER_CTX_free(self.cipherCtxDec); HMAC_CTX_free(self.hmacCtxEnc); HMAC_CTX_free(self.hmacCtxDec); - bzero(self.bufferDecHMAC, self.digestLength); + bzero(self.bufferDecHMAC, CryptoCTRTagLength); free(self.bufferDecHMAC); self.cipher = NULL; self.digest = NULL; } +- (int)digestLength +{ + return CryptoCTRTagLength; +} + +- (int)tagLength +{ + return CryptoCTRTagLength; +} + - (NSInteger)encryptionCapacityWithLength:(NSInteger)length { return safe_crypto_capacity(length, PacketOpcodeLength + PacketSessionIdLength + PacketReplayIdLength + PacketReplayTimestampLength + CryptoCTRTagLength);