5c3ed5c9c1
add IETF-compatible Chacha20 cipher support
Note:
- ChaCha20 with an extended (96 bit) nonce and a 32-bit counter has
been implemented as crypto_stream_chacha20_ietf() from LibSodium 1.0.4
- The name of new cipher is "chacha20-ietf"
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
9 years ago
d2ef245a05
Refine buffer allocation (2)
9 years ago
596f03665b
Refine buffer allocation
9 years ago
06eef7fdd1
use sha1_hmac function directly for PolarSSL
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
9 years ago
125cce3ff1
Remove internal hmac-sha1
9 years ago
0f4db65e23
use mbed TLS provided sha1-hmac function
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
9 years ago
156223a366
Fix a potential timing attack by @swordfeng
9 years ago
d57b63fd31
fix #466
9 years ago
b0600a8784
Refine buffer handling
9 years ago
f4fa30da5c
Refine buffer handling
9 years ago
12ff6c8f2f
fix a buffer corruption
9 years ago
25c575cb78
clean up
9 years ago
c1959cac7f
refine the log
9 years ago
99633b9908
fix #441
9 years ago
032c609c4d
truncate HMAC-SHA1 to 10 bytes
9 years ago
5be0c9c55d
fix #404
9 years ago
529eab29f4
fix a typo
9 years ago
a76fae5b37
fix missing hmac-sha1
9 years ago
b8e282b6d5
use OpenSSL's HMAC by default
9 years ago
8d46ced3c9
fix auth in udprelay
9 years ago
c1db81d7db
fix a buffer overflow
9 years ago
4301ded40e
fix a typo
9 years ago
0e79c93ad1
add auth to udprelay
9 years ago
f0f23b4199
replace poly1305 with hmac-sha1
9 years ago
0987fb3632
fix an issue of endian
9 years ago
f3686420ea
fix typos
9 years ago
9f553536cb
Use IV + Chunk id as key of BLAKE2b
9 years ago
552fca1bff
Use one time key for BLAKE2b
9 years ago
d3e43e09a2
Refine the authentication for true CCA
9 years ago
441ac45547
Use one time key for BLAKE2b
9 years ago
1e10661a51
Refine the authentication for true CCA
9 years ago
5ae4df94e4
Update the hash function
9 years ago
b49edb9095
fix a buffer overflow
9 years ago
53c2900b19
refine onetime auth
9 years ago
8d13b2d34e
fix #398
9 years ago
de8041b618
fix a buffer issue
9 years ago
6d79387715
use crc16
9 years ago
703374cae8
fix a buf issue
9 years ago
9e021aa919
add CRC8 for payload authentication
9 years ago
9f4c4953dc
fix #391
9 years ago
4daab0e869
disable iv check for rc4
9 years ago
42ee808681
add onetime authentication
9 years ago
e686d6594f
fix iv cache
9 years ago
a50e00c240
refine conn cache
9 years ago
a8059f4e6f
Fix typo in encrypt.c
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
9 years ago
ac186749ee
clean up
9 years ago
e81b205e61
Add mbed TLS support for shadowsocks-libev
Notes:
- Test cipher CFB support just in case (i.e. OpenWrt disabled it)
- Added some inline notes, please feel free to modify or remove them.
- Sorry for my bad English
- If you want to compile for OpenWrt, please make sure this hunk[1] not exists.
- Only tested on ARM mamba (Linksys WRT1900AC v1), it works.
[1] https://github.com/openwrt-mirror/openwrt/blob/master/package/libs/mbedtls/patches/200-config.patch#L12-L20
Have fun!
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
10 years ago
d5765a8bbe
fix incorrect p_len in ss_decrypt_all
10 years ago
3bcba86432
fix #211
10 years ago
e5289e9ba4
Replace libasyncns with libudns
10 years ago
Syrone Wong
Max Lv
Max Lv