From 894eae567cff1f9914d3f64223c790f93bb2d271 Mon Sep 17 00:00:00 2001 From: Max Lv Date: Sat, 4 Feb 2017 20:04:48 +0800 Subject: [PATCH] Refine ciphers --- doc/shadowsocks-libev.asciidoc | 5 ++--- doc/ss-local.asciidoc | 9 +++++---- doc/ss-manager.asciidoc | 9 +++++---- doc/ss-redir.asciidoc | 9 +++++---- doc/ss-server.asciidoc | 11 +++++------ doc/ss-tunnel.asciidoc | 9 +++++---- src/aead.c | 31 +++++++++---------------------- src/aead.h | 4 ++-- src/stream.c | 16 ++-------------- src/stream.h | 4 ---- src/utils.c | 7 +------ 11 files changed, 41 insertions(+), 73 deletions(-) diff --git a/doc/shadowsocks-libev.asciidoc b/doc/shadowsocks-libev.asciidoc index 64debe17..fc625ae0 100644 --- a/doc/shadowsocks-libev.asciidoc +++ b/doc/shadowsocks-libev.asciidoc @@ -50,14 +50,13 @@ Set the password. The server and the client should use the same password. -m :: Set the cipher. + -*Shadowsocks-libev* accepts 21 different ciphers: +*Shadowsocks-libev* accepts 18 different ciphers: + aes-128-gcm, aes-192-gcm, aes-256-gcm, -chacha20-poly1305, chacha20-ietf-poly1305, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, -salsa20, chacha20 and chacha20-ietf. +chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + The default cipher is 'rc4-md5'. + diff --git a/doc/ss-local.asciidoc b/doc/ss-local.asciidoc index 151060ac..4ef443b1 100644 --- a/doc/ss-local.asciidoc +++ b/doc/ss-local.asciidoc @@ -45,12 +45,13 @@ Set the password. The server and the client should use the same password. -m :: Set the cipher. + -*Shadowsocks-libev* accepts 21 different ciphers: +*Shadowsocks-libev* accepts 18 different ciphers: + -table, rc4, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, +aes-128-gcm, aes-192-gcm, aes-256-gcm, +rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, -camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, cast5-cfb, des-cfb, -idea-cfb, rc2-cfb, seed-cfb, salsa20, chacha20 and chacha20-ietf. +camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, +chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + The default cipher is 'rc4-md5'. + diff --git a/doc/ss-manager.asciidoc b/doc/ss-manager.asciidoc index 41e875e9..a0248e4a 100644 --- a/doc/ss-manager.asciidoc +++ b/doc/ss-manager.asciidoc @@ -43,12 +43,13 @@ Set the password. The server and the client should use the same password. -m :: Set the cipher. + -*Shadowsocks-libev* accepts 21 different ciphers: +*Shadowsocks-libev* accepts 18 different ciphers: + -table, rc4, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, +aes-128-gcm, aes-192-gcm, aes-256-gcm, +rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, -camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, cast5-cfb, des-cfb, -idea-cfb, rc2-cfb, seed-cfb, salsa20, chacha20 and chacha20-ietf. +camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, +chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + The default cipher is 'rc4-md5'. + diff --git a/doc/ss-redir.asciidoc b/doc/ss-redir.asciidoc index dce386ce..954334af 100644 --- a/doc/ss-redir.asciidoc +++ b/doc/ss-redir.asciidoc @@ -46,12 +46,13 @@ password. -m :: Set the cipher. + -*Shadowsocks-libev* accepts 21 different ciphers: +*Shadowsocks-libev* accepts 18 different ciphers: + -table, rc4, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, +aes-128-gcm, aes-192-gcm, aes-256-gcm, +rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, -camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, cast5-cfb, des-cfb, -idea-cfb, rc2-cfb, seed-cfb, salsa20, chacha20 and chacha20-ietf. +camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, +chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + The default cipher is 'rc4-md5'. + diff --git a/doc/ss-server.asciidoc b/doc/ss-server.asciidoc index cd367f67..0d30c418 100644 --- a/doc/ss-server.asciidoc +++ b/doc/ss-server.asciidoc @@ -43,14 +43,13 @@ Set the password. The server and the client should use the same password. -m :: Set the cipher. + -*Shadowsocks-libev* accepts 21 different ciphers: +*Shadowsocks-libev* accepts 18 different ciphers: + -table, rc4, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, +aes-128-gcm, aes-192-gcm, aes-256-gcm, +rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, -camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, cast5-cfb, des-cfb, -idea-cfb, rc2-cfb, seed-cfb, salsa20, chacha20 and chacha20-ietf. -+ -The default cipher is 'rc4-md5'. +camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, +chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work. diff --git a/doc/ss-tunnel.asciidoc b/doc/ss-tunnel.asciidoc index 41838b8f..7a0c380e 100644 --- a/doc/ss-tunnel.asciidoc +++ b/doc/ss-tunnel.asciidoc @@ -45,12 +45,13 @@ Set the password. The server and the client should use the same password. -m :: Set the cipher. + -*Shadowsocks-libev* accepts 21 different ciphers: +*Shadowsocks-libev* accepts 18 different ciphers: + -table, rc4, rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, +aes-128-gcm, aes-192-gcm, aes-256-gcm, +rc4-md5, aes-128-cfb, aes-192-cfb, aes-256-cfb, aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, -camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, cast5-cfb, des-cfb, -idea-cfb, rc2-cfb, seed-cfb, salsa20, chacha20 and chacha20-ietf. +camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, +chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + The default cipher is 'rc4-md5'. + diff --git a/src/aead.c b/src/aead.c index 1e353a50..b25eba94 100644 --- a/src/aead.c +++ b/src/aead.c @@ -46,11 +46,10 @@ * methods below doesn't require it, * then we need to fake one */ -#define CHACHA20POLY1305 3 -#define CHACHA20POLY1305IETF 4 +#define CHACHA20POLY1305IETF 3 #ifdef FS_HAVE_XCHACHA20IETF -#define XCHACHA20POLY1305IETF 5 +#define XCHACHA20POLY1305IETF 4 #endif #define CHUNK_SIZE_LEN 2 @@ -146,7 +145,6 @@ const char *supported_aead_ciphers[AEAD_CIPHER_NUM] = { "aes-128-gcm", "aes-192-gcm", "aes-256-gcm", - "chacha20-poly1305", "chacha20-ietf-poly1305", #ifdef FS_HAVE_XCHACHA20IETF "xchacha20-ietf-poly1305" @@ -161,28 +159,27 @@ static const char *supported_aead_ciphers_mbedtls[AEAD_CIPHER_NUM] = { "AES-192-GCM", "AES-256-GCM", CIPHER_UNSUPPORTED, - CIPHER_UNSUPPORTED, #ifdef FS_HAVE_XCHACHA20IETF CIPHER_UNSUPPORTED #endif }; static const int supported_aead_ciphers_nonce_size[AEAD_CIPHER_NUM] = { - 12, 12, 12, 8, 12, + 12, 12, 12, 12, #ifdef FS_HAVE_XCHACHA20IETF 24 #endif }; static const int supported_aead_ciphers_key_size[AEAD_CIPHER_NUM] = { - 16, 24, 32, 32, 32, + 16, 24, 32, 32, #ifdef FS_HAVE_XCHACHA20IETF 32 #endif }; static const int supported_aead_ciphers_tag_size[AEAD_CIPHER_NUM] = { - 16, 16, 16, 16, 16, + 16, 16, 16, 16, #ifdef FS_HAVE_XCHACHA20IETF 16 #endif @@ -212,11 +209,6 @@ cipher_aead_encrypt(cipher_ctx_t *cipher_ctx, m, mlen, c, clen, c + mlen, tlen); *clen += tlen; break; - case CHACHA20POLY1305: - err = crypto_aead_chacha20poly1305_encrypt(c, &long_clen, m, mlen, - ad, adlen, NULL, n, k); - *clen = (size_t)long_clen; - break; case CHACHA20POLY1305IETF: err = crypto_aead_chacha20poly1305_ietf_encrypt(c, &long_clen, m, mlen, ad, adlen, NULL, n, k); @@ -259,11 +251,6 @@ cipher_aead_decrypt(cipher_ctx_t *cipher_ctx, err = mbedtls_cipher_auth_decrypt(cipher_ctx->evp, n, nlen, ad, adlen, m, mlen - tlen, p, plen, m + mlen - tlen, tlen); break; - case CHACHA20POLY1305: - err = crypto_aead_chacha20poly1305_decrypt(p, &long_plen, NULL, m, mlen, - ad, adlen, n, k); - *plen = (size_t)long_plen; // it's safe to cast 64bit to 32bit length here - break; case CHACHA20POLY1305IETF: err = crypto_aead_chacha20poly1305_ietf_decrypt(p, &long_plen, NULL, m, mlen, ad, adlen, n, k); @@ -296,7 +283,7 @@ aead_get_cipher_type(int method) } /* cipher that don't use mbed TLS, just return */ - if (method >= CHACHA20POLY1305) { + if (method >= CHACHA20POLY1305IETF) { return NULL; } @@ -318,7 +305,7 @@ aead_cipher_ctx_init(cipher_ctx_t *cipher_ctx, int method, int enc) return; } - if (method >= CHACHA20POLY1305) { + if (method >= CHACHA20POLY1305IETF) { return; } @@ -369,7 +356,7 @@ aead_ctx_init(cipher_t *cipher, cipher_ctx_t *cipher_ctx, int enc) void aead_ctx_release(cipher_ctx_t *cipher_ctx) { - if (cipher_ctx->cipher->method >= CHACHA20POLY1305) { + if (cipher_ctx->cipher->method >= CHACHA20POLY1305IETF) { return; } @@ -722,7 +709,7 @@ aead_key_init(int method, const char *pass) FATAL("Failed to initialize sodium"); } - if (method >= CHACHA20POLY1305) { + if (method >= CHACHA20POLY1305IETF) { cipher_kt_t *cipher_info = (cipher_kt_t *)ss_malloc(sizeof(cipher_kt_t)); cipher->info = cipher_info; cipher->info->base = NULL; diff --git a/src/aead.h b/src/aead.h index a0461149..b9fbc559 100644 --- a/src/aead.h +++ b/src/aead.h @@ -28,9 +28,9 @@ // currently, XCHACHA20POLY1305IETF is not released yet // XCHACHA20POLY1305 is removed in upstream #ifdef FS_HAVE_XCHACHA20IETF -#define AEAD_CIPHER_NUM 6 -#else #define AEAD_CIPHER_NUM 5 +#else +#define AEAD_CIPHER_NUM 4 #endif int aead_encrypt_all(buffer_t *, cipher_t *, size_t); diff --git a/src/stream.c b/src/stream.c index c530358c..876caa13 100644 --- a/src/stream.c +++ b/src/stream.c @@ -81,9 +81,7 @@ const char *supported_stream_ciphers[STREAM_CIPHER_NUM] = { "seed-cfb", "salsa20", "chacha20", -#if SODIUM_LIBRARY_VERSION_MAJOR >= 8 "chacha20-ietf" -#endif }; static const char *supported_stream_ciphers_mbedtls[STREAM_CIPHER_NUM] = { @@ -107,23 +105,15 @@ static const char *supported_stream_ciphers_mbedtls[STREAM_CIPHER_NUM] = { CIPHER_UNSUPPORTED, "salsa20", "chacha20", -#if SODIUM_LIBRARY_VERSION_MAJOR >= 8 "chacha20-ietf" -#endif }; static const int supported_stream_ciphers_nonce_size[STREAM_CIPHER_NUM] = { - 0, 0, 16, 16, 16, 16, 16, 16, 16, 8, 16, 16, 16, 8, 8, 8, 8, 16, 8, 8 -#if SODIUM_LIBRARY_VERSION_MAJOR >= 8 - , 12 -#endif + 0, 0, 16, 16, 16, 16, 16, 16, 16, 8, 16, 16, 16, 8, 8, 8, 8, 16, 8, 8, 12 }; static const int supported_stream_ciphers_key_size[STREAM_CIPHER_NUM] = { - 0, 16, 16, 16, 24, 32, 16, 24, 32, 16, 16, 24, 32, 16, 8, 16, 16, 16, 32, 32 -#if SODIUM_LIBRARY_VERSION_MAJOR >= 8 - , 32 -#endif + 0, 16, 16, 16, 24, 32, 16, 24, 32, 16, 16, 24, 32, 16, 8, 16, 16, 16, 32, 32, 32 }; static int @@ -136,10 +126,8 @@ crypto_stream_xor_ic(uint8_t *c, const uint8_t *m, uint64_t mlen, return crypto_stream_salsa20_xor_ic(c, m, mlen, n, ic, k); case CHACHA20: return crypto_stream_chacha20_xor_ic(c, m, mlen, n, ic, k); -#if SODIUM_LIBRARY_VERSION_MAJOR >= 8 case CHACHA20IETF: return crypto_stream_chacha20_ietf_xor_ic(c, m, mlen, n, (uint32_t)ic, k); -#endif } // always return 0 return 0; diff --git a/src/stream.h b/src/stream.h index 316d40e5..e22eee0a 100644 --- a/src/stream.h +++ b/src/stream.h @@ -35,11 +35,7 @@ #endif #include -#if SODIUM_LIBRARY_VERSION_MAJOR >= 8 #define STREAM_CIPHER_NUM 21 -#else -#define STREAM_CIPHER_NUM 20 -#endif #include "crypto.h" diff --git a/src/utils.c b/src/utils.c index ca7eb925..f19eddeb 100644 --- a/src/utils.c +++ b/src/utils.c @@ -281,15 +281,10 @@ usage() " camellia-128-cfb, camellia-192-cfb,\n"); printf( " camellia-256-cfb, bf-cfb,\n"); -#if SODIUM_LIBRARY_VERSION_MAJOR >= 8 printf( - " chacha20-poly1305, chacha20-ietf-poly1305\n"); + " chacha20-ietf-poly1305,\n"); printf( " salsa20, chacha20 and chacha20-ietf.\n"); -#else - printf( - " chacha20-poly1305, salsa20, chacha20.\n"); -#endif printf( " The default cipher is rc4-md5.\n"); printf("\n");