Merge branch 'expose-tag-length'

TunnelKit/Sources/Core/ControlChannelSerializer.swift

@@ -233,7 +233,7 @@ extension ControlChannel {
             
             headerLength = PacketOpcodeLength + PacketSessionIdLength
             adLength = headerLength + PacketReplayIdLength + PacketReplayTimestampLength
-            tagLength = 32
+            tagLength = crypto.tagLength()
 
             currentReplayId = BidirectionalState(withResetValue: 1)
             plain = PlainSerializer()

TunnelKit/Sources/Core/Crypto.h

@@ -55,6 +55,7 @@ typedef struct {
 
 - (void)configureEncryptionWithCipherKey:(nullable ZeroingData *)cipherKey hmacKey:(nullable ZeroingData *)hmacKey;
 - (int)digestLength;
+- (int)tagLength;
 
 - (NSInteger)encryptionCapacityWithLength:(NSInteger)length;
 - (BOOL)encryptBytes:(const uint8_t *)bytes length:(NSInteger)length dest:(uint8_t *)dest destLength:(NSInteger *)destLength flags:(const CryptoFlags *_Nullable)flags error:(NSError **)error;
@@ -68,6 +69,7 @@ typedef struct {
 
 - (void)configureDecryptionWithCipherKey:(nullable ZeroingData *)cipherKey hmacKey:(nullable ZeroingData *)hmacKey;
 - (int)digestLength;
+- (int)tagLength;
 
 - (NSInteger)encryptionCapacityWithLength:(NSInteger)length;
 - (BOOL)decryptBytes:(const uint8_t *)bytes length:(NSInteger)length dest:(uint8_t *)dest destLength:(NSInteger *)destLength flags:(const CryptoFlags *_Nullable)flags error:(NSError **)error;

TunnelKit/Sources/Core/CryptoAEAD.m

@@ -43,7 +43,7 @@
 #import "Allocation.h"
 #import "Errors.h"
 
-const NSInteger CryptoAEADTagLength     = 16;
+static const NSInteger CryptoAEADTagLength = 16;
 
 @interface CryptoAEAD ()
 
@@ -97,6 +97,11 @@ const NSInteger CryptoAEADTagLength     = 16;
     return 0;
 }
 
+- (int)tagLength
+{
+    return CryptoAEADTagLength;
+}
+
 - (NSInteger)encryptionCapacityWithLength:(NSInteger)length
 {
     return safe_crypto_capacity(length, CryptoAEADTagLength);

TunnelKit/Sources/Core/CryptoBox.h

@@ -73,6 +73,7 @@ NS_ASSUME_NONNULL_BEGIN
 - (id<Decrypter>)decrypter;
 
 - (NSInteger)digestLength;
+- (NSInteger)tagLength;
 
 @end
 

TunnelKit/Sources/Core/CryptoBox.m

@@ -52,6 +52,7 @@
 @property (nonatomic, strong) NSString *cipherAlgorithm;
 @property (nonatomic, strong) NSString *digestAlgorithm;
 @property (nonatomic, assign) NSInteger digestLength;
+@property (nonatomic, assign) NSInteger tagLength;
 
 @property (nonatomic, strong) id<Encrypter> encrypter;
 @property (nonatomic, strong) id<Decrypter> decrypter;
@@ -147,6 +148,7 @@
 
     NSAssert(self.encrypter.digestLength == self.decrypter.digestLength, @"Digest length mismatch in encrypter/decrypter");
     self.digestLength = self.encrypter.digestLength;
+    self.tagLength = self.encrypter.tagLength;
 
     return YES;
 }

TunnelKit/Sources/Core/CryptoCBC.m

@@ -113,6 +113,11 @@ const NSInteger CryptoCBCMaxHMACLength = 100;
     self.digest = NULL;
 }
 
+- (int)tagLength
+{
+    return 0;
+}
+
 - (NSInteger)encryptionCapacityWithLength:(NSInteger)length
 {
     return safe_crypto_capacity(length, self.digestLength + self.cipherIVLength);

TunnelKit/Sources/Core/CryptoCTR.h

@@ -30,8 +30,6 @@
 
 NS_ASSUME_NONNULL_BEGIN
 
-extern const NSInteger CryptoCTRADLength;
-
 @interface CryptoCTR : NSObject <Encrypter, Decrypter>
 
 - (instancetype)initWithCipherName:(nullable NSString *)cipherName digestName:(NSString *)digestName;

TunnelKit/Sources/Core/CryptoCTR.m

@@ -33,7 +33,7 @@
 #import "Allocation.h"
 #import "Errors.h"
 
-const NSInteger CryptoCTRTagLength      = 32;
+static const NSInteger CryptoCTRTagLength = 32;
 
 @interface CryptoCTR ()
 
@@ -42,7 +42,6 @@ const NSInteger CryptoCTRTagLength      = 32;
 @property (nonatomic, assign) int cipherKeyLength;
 @property (nonatomic, assign) int cipherIVLength;
 @property (nonatomic, assign) int hmacKeyLength;
-@property (nonatomic, assign) int digestLength;
 
 @property (nonatomic, unsafe_unretained) EVP_CIPHER_CTX *cipherCtxEnc;
 @property (nonatomic, unsafe_unretained) EVP_CIPHER_CTX *cipherCtxDec;
@@ -70,14 +69,13 @@ const NSInteger CryptoCTRTagLength      = 32;
         self.cipherIVLength = EVP_CIPHER_iv_length(self.cipher);
         // as seen in OpenVPN's crypto_openssl.c:md_kt_size()
         self.hmacKeyLength = EVP_MD_size(self.digest);
-        self.digestLength = EVP_MD_size(self.digest);
+        NSAssert(EVP_MD_size(self.digest) == CryptoCTRTagLength, @"Expected digest size to be tag length (%ld)", CryptoCTRTagLength);
-        NSAssert(self.digestLength == CryptoCTRTagLength, @"Expected digest size to be tag length (%ld)", CryptoCTRTagLength);
         
         self.cipherCtxEnc = EVP_CIPHER_CTX_new();
         self.cipherCtxDec = EVP_CIPHER_CTX_new();
         self.hmacCtxEnc = HMAC_CTX_new();
         self.hmacCtxDec = HMAC_CTX_new();
-        self.bufferDecHMAC = allocate_safely(self.digestLength);
+        self.bufferDecHMAC = allocate_safely(CryptoCTRTagLength);
     }
     return self;
 }
@@ -88,13 +86,23 @@ const NSInteger CryptoCTRTagLength      = 32;
     EVP_CIPHER_CTX_free(self.cipherCtxDec);
     HMAC_CTX_free(self.hmacCtxEnc);
     HMAC_CTX_free(self.hmacCtxDec);
-    bzero(self.bufferDecHMAC, self.digestLength);
+    bzero(self.bufferDecHMAC, CryptoCTRTagLength);
     free(self.bufferDecHMAC);
     
     self.cipher = NULL;
     self.digest = NULL;
 }
 
+- (int)digestLength
+{
+    return CryptoCTRTagLength;
+}
+
+- (int)tagLength
+{
+    return CryptoCTRTagLength;
+}
+
 - (NSInteger)encryptionCapacityWithLength:(NSInteger)length
 {
     return safe_crypto_capacity(length, PacketOpcodeLength + PacketSessionIdLength + PacketReplayIdLength + PacketReplayTimestampLength + CryptoCTRTagLength);