From bae4a3701e6110ddf82e77d14142c504f35e982e Mon Sep 17 00:00:00 2001 From: zonyitoo Date: Sat, 10 Dec 2022 12:11:03 +0800 Subject: [PATCH] upgrade rust-crypto to v0.10 AArch64 SIMD intrinsics are available on stable since v1.59 https://blog.rust-lang.org/2022/02/24/Rust-1.59.0.html aes-gcm v0.10 aes-gcm-siv v0.11 ccm v0.5 chacha20poly1305 v0.10 chacha20 v0.9 aes v0.8 ctr v0.9 NOTE: ring-compat is still working on upgrading digest to v0.10 --- Cargo.toml | 24 +++++++++---------- src/v1/aeadcipher/aes_ccm.rs | 6 ++--- src/v1/aeadcipher/aes_gcm.rs | 14 +++++------ src/v1/aeadcipher/aes_gcm_siv.rs | 10 ++++---- src/v1/aeadcipher/chacha20_poly1305.rs | 6 ++--- src/v1/aeadcipher/xchacha20_poly1305.rs | 4 ++-- src/v1/streamcipher/chacha20.rs | 6 ++--- src/v1/streamcipher/crypto/aes.rs | 9 ++++--- src/v1/streamcipher/ctr.rs | 31 ++++++++++++++----------- src/v2/crypto/chacha8_poly1305.rs | 4 ++-- src/v2/crypto/xchacha8_poly1305.rs | 4 ++-- 11 files changed, 61 insertions(+), 57 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 5d79917..75e3f54 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "shadowsocks-crypto" -version = "0.4.1" +version = "0.5.0" authors = ["luozijun ", "ty "] edition = "2021" license = "MIT" @@ -16,31 +16,31 @@ default = [ "v1-aead", ] v1 = [] -v1-stream = ["v1", "chacha20", "aes"] +v1-stream = ["v1", "chacha20", "aes", "ctr"] v1-aead = ["v1", "aes-gcm", "chacha20poly1305", "hkdf", "sha1"] v1-aead-extra = ["v1-aead", "aes-gcm-siv", "ccm", "aes"] v2 = ["aes", "aes-gcm", "blake3", "chacha20poly1305", "bytes"] v2-extra = ["v2", "chacha20poly1305/reduced-round"] ring = ["ring-compat"] -armv8 = ["aes-gcm/armv8", "aes/armv8", "aes-gcm-siv/armv8"] -neon = ["chacha20/neon"] [dependencies] cfg-if = "1.0" rand = "0.8" -aes-gcm = { version = "0.9", optional = true } -aes-gcm-siv = { version = "0.10.3", optional = true } -ccm = { version = "0.4.4", optional = true } -chacha20poly1305 = { version = "0.9", optional = true } -ring-compat = { version = "0.4.1", optional = true } +aes-gcm = { version = "0.10", optional = true } +aes-gcm-siv = { version = "0.11", optional = true } +ccm = { version = "0.5", optional = true } +chacha20poly1305 = { version = "0.10", optional = true } +# ring-compat = { version = "0.4.1", optional = true } +ring-compat = { git = "https://github.com/RustCrypto/ring-compat.git", optional = true } md-5 = { version = "0.10" } hkdf = { version = "0.12", optional = true } sha1 = { version = "0.10", optional = true } blake3 = { version = "1.3", optional = true } -chacha20 = { version = "0.8.1", optional = true } -aes = { version = "0.7.5", features = ["ctr"], optional = true } -bytes = { version = "1.1", optional = true } +chacha20 = { version = "0.9", optional = true } +aes = { version = "0.8", optional = true } +ctr = { version = "0.9", optional = true } +bytes = { version = "1.3", optional = true } #[target.'cfg(all(unix, any(target_arch = "x86", target_arch = "x86_64")))'.dependencies] #md-5 = { version = "0.10", features = ["asm"] } diff --git a/src/v1/aeadcipher/aes_ccm.rs b/src/v1/aeadcipher/aes_ccm.rs index 527060f..1c3a7ad 100644 --- a/src/v1/aeadcipher/aes_ccm.rs +++ b/src/v1/aeadcipher/aes_ccm.rs @@ -1,6 +1,6 @@ use aes::{Aes128, Aes256}; use ccm::{ - aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead}, + aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser}, consts::{U12, U16}, Ccm, Nonce, @@ -15,7 +15,7 @@ impl Aes128Ccm { } pub fn key_size() -> usize { - as NewAead>::KeySize::to_usize() + as KeySizeUser>::KeySize::to_usize() } pub fn nonce_size() -> usize { @@ -54,7 +54,7 @@ impl Aes256Ccm { } pub fn key_size() -> usize { - as NewAead>::KeySize::to_usize() + as KeySizeUser>::KeySize::to_usize() } pub fn nonce_size() -> usize { diff --git a/src/v1/aeadcipher/aes_gcm.rs b/src/v1/aeadcipher/aes_gcm.rs index c3585e7..07a11e7 100644 --- a/src/v1/aeadcipher/aes_gcm.rs +++ b/src/v1/aeadcipher/aes_gcm.rs @@ -6,11 +6,11 @@ cfg_if! { pub use ring_compat::aead::{Aes128Gcm as CryptoAes128Gcm, Aes256Gcm as CryptoAes256Gcm}; use ring_compat::{ - aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, NewAead}, + aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, KeySizeUser, KeyInit}, generic_array::{typenum::Unsigned, GenericArray}, }; - type Key = GenericArray; + type Key = GenericArray::KeySize>; type Nonce = GenericArray; struct SliceBuffer<'a>(&'a mut [u8]); @@ -36,7 +36,7 @@ cfg_if! { } } else { use aes_gcm::{ - aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead}, + aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeySizeUser, KeyInit}, Key, Nonce, Tag, @@ -49,12 +49,12 @@ pub struct Aes128Gcm(CryptoAes128Gcm); impl Aes128Gcm { pub fn new(key: &[u8]) -> Aes128Gcm { - let key = Key::from_slice(key); + let key = Key::::from_slice(key); Aes128Gcm(CryptoAes128Gcm::new(key)) } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { @@ -100,12 +100,12 @@ pub struct Aes256Gcm(CryptoAes256Gcm); impl Aes256Gcm { pub fn new(key: &[u8]) -> Aes256Gcm { - let key = Key::from_slice(key); + let key = Key::::from_slice(key); Aes256Gcm(CryptoAes256Gcm::new(key)) } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { diff --git a/src/v1/aeadcipher/aes_gcm_siv.rs b/src/v1/aeadcipher/aes_gcm_siv.rs index 60eb3ee..4f07f41 100644 --- a/src/v1/aeadcipher/aes_gcm_siv.rs +++ b/src/v1/aeadcipher/aes_gcm_siv.rs @@ -1,5 +1,5 @@ use aes_gcm_siv::{ - aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead}, + aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser}, Aes128GcmSiv as CryptoAes128GcmSiv, Aes256GcmSiv as CryptoAes256GcmSiv, Key, @@ -11,12 +11,12 @@ pub struct Aes128GcmSiv(CryptoAes128GcmSiv); impl Aes128GcmSiv { pub fn new(key: &[u8]) -> Aes128GcmSiv { - let key = Key::from_slice(key); + let key = Key::::from_slice(key); Aes128GcmSiv(CryptoAes128GcmSiv::new(key)) } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { @@ -51,12 +51,12 @@ pub struct Aes256GcmSiv(CryptoAes256GcmSiv); impl Aes256GcmSiv { pub fn new(key: &[u8]) -> Aes256GcmSiv { - let key = Key::from_slice(key); + let key = Key::::from_slice(key); Aes256GcmSiv(CryptoAes256GcmSiv::new(key)) } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { diff --git a/src/v1/aeadcipher/chacha20_poly1305.rs b/src/v1/aeadcipher/chacha20_poly1305.rs index 63bf657..4464532 100644 --- a/src/v1/aeadcipher/chacha20_poly1305.rs +++ b/src/v1/aeadcipher/chacha20_poly1305.rs @@ -6,7 +6,7 @@ cfg_if! { pub use ring_compat::aead::{ChaCha20Poly1305 as CryptoChaCha20Poly1305}; use ring_compat::{ - aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, NewAead}, + aead::{AeadCore, AeadInPlace, Buffer, Error as AeadError, KeySizeUser, KeyInit}, generic_array::{typenum::Unsigned, GenericArray}, }; @@ -37,7 +37,7 @@ cfg_if! { } else { pub use chacha20poly1305::ChaCha20Poly1305 as CryptoChaCha20Poly1305; use chacha20poly1305::{ - aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead}, + aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeySizeUser, KeyInit}, Key, Nonce, Tag, @@ -54,7 +54,7 @@ impl ChaCha20Poly1305 { } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { diff --git a/src/v1/aeadcipher/xchacha20_poly1305.rs b/src/v1/aeadcipher/xchacha20_poly1305.rs index 1bc1ce5..aa77499 100644 --- a/src/v1/aeadcipher/xchacha20_poly1305.rs +++ b/src/v1/aeadcipher/xchacha20_poly1305.rs @@ -1,6 +1,6 @@ pub use chacha20poly1305::XChaCha20Poly1305 as CryptoXChaCha20Poly1305; use chacha20poly1305::{ - aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead}, + aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser}, Key, Tag, XNonce, @@ -15,7 +15,7 @@ impl XChaCha20Poly1305 { } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { diff --git a/src/v1/streamcipher/chacha20.rs b/src/v1/streamcipher/chacha20.rs index ca82b89..b30386c 100644 --- a/src/v1/streamcipher/chacha20.rs +++ b/src/v1/streamcipher/chacha20.rs @@ -1,5 +1,5 @@ use chacha20::{ - cipher::{generic_array::typenum::Unsigned, NewCipher, StreamCipher}, + cipher::{IvSizeUser, KeyIvInit, KeySizeUser, StreamCipher, Unsigned}, ChaCha20, Key, Nonce, @@ -30,10 +30,10 @@ impl Chacha20 { } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { - ::NonceSize::to_usize() + ::IvSize::to_usize() } } diff --git a/src/v1/streamcipher/crypto/aes.rs b/src/v1/streamcipher/crypto/aes.rs index efa9eb3..ed11342 100644 --- a/src/v1/streamcipher/crypto/aes.rs +++ b/src/v1/streamcipher/crypto/aes.rs @@ -1,19 +1,18 @@ #![allow(dead_code)] use aes::{ - cipher::{BlockDecrypt, BlockEncrypt}, + cipher::{BlockDecrypt, BlockEncrypt, BlockSizeUser, KeyInit, Unsigned}, Aes128 as CryptoAes128, Aes192 as CryptoAes192, Aes256 as CryptoAes256, Block, - NewBlockCipher, }; #[derive(Debug, Clone)] pub struct Aes128(CryptoAes128); impl Aes128 { - pub const BLOCK_LEN: usize = aes::BLOCK_SIZE; + pub const BLOCK_LEN: usize = ::BlockSize::USIZE; pub const KEY_LEN: usize = 16; pub fn new(key: &[u8]) -> Aes128 { @@ -35,7 +34,7 @@ impl Aes128 { pub struct Aes192(CryptoAes192); impl Aes192 { - pub const BLOCK_LEN: usize = aes::BLOCK_SIZE; + pub const BLOCK_LEN: usize = ::BlockSize::USIZE; pub const KEY_LEN: usize = 24; pub fn new(key: &[u8]) -> Aes192 { @@ -57,7 +56,7 @@ impl Aes192 { pub struct Aes256(CryptoAes256); impl Aes256 { - pub const BLOCK_LEN: usize = aes::BLOCK_SIZE; + pub const BLOCK_LEN: usize = ::BlockSize::USIZE; pub const KEY_LEN: usize = 32; pub fn new(key: &[u8]) -> Aes256 { diff --git a/src/v1/streamcipher/ctr.rs b/src/v1/streamcipher/ctr.rs index 90b327b..37650e2 100644 --- a/src/v1/streamcipher/ctr.rs +++ b/src/v1/streamcipher/ctr.rs @@ -2,29 +2,32 @@ // https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf use aes::{ - cipher::{generic_array::GenericArray, FromBlockCipher, NewBlockCipher, StreamCipher}, + cipher::{Iv, IvSizeUser, Key, KeyIvInit, StreamCipher, Unsigned}, Aes128 as CryptoAes128, - Aes128Ctr as CryptoAes128Ctr, Aes192 as CryptoAes192, - Aes192Ctr as CryptoAes192Ctr, Aes256 as CryptoAes256, - Aes256Ctr as CryptoAes256Ctr, }; +use ctr::Ctr64BE; use super::crypto::{ aes::{Aes128, Aes192, Aes256}, camellia::{Camellia128, Camellia192, Camellia256}, }; +type CryptoAes128Ctr = Ctr64BE; +type CryptoAes192Ctr = Ctr64BE; +type CryptoAes256Ctr = Ctr64BE; + pub struct Aes128Ctr(CryptoAes128Ctr); impl Aes128Ctr { - pub const IV_LEN: usize = aes::BLOCK_SIZE; + pub const IV_LEN: usize = ::IvSize::USIZE; pub const KEY_LEN: usize = Aes128::KEY_LEN; pub fn new(key: &[u8], iv: &[u8]) -> Aes128Ctr { - let cipher = CryptoAes128::new_from_slice(key).expect("Aes128"); - let ctr = CryptoAes128Ctr::from_block_cipher(cipher, GenericArray::from_slice(iv)); + let key = Key::::from_slice(key); + let iv = Iv::::from_slice(iv); + let ctr = CryptoAes128Ctr::new(key, iv); Aes128Ctr(ctr) } @@ -40,12 +43,13 @@ impl Aes128Ctr { pub struct Aes192Ctr(CryptoAes192Ctr); impl Aes192Ctr { - pub const IV_LEN: usize = aes::BLOCK_SIZE; + pub const IV_LEN: usize = ::IvSize::USIZE; pub const KEY_LEN: usize = Aes192::KEY_LEN; pub fn new(key: &[u8], iv: &[u8]) -> Aes192Ctr { - let cipher = CryptoAes192::new_from_slice(key).expect("Aes192"); - let ctr = CryptoAes192Ctr::from_block_cipher(cipher, GenericArray::from_slice(iv)); + let key = Key::::from_slice(key); + let iv = Iv::::from_slice(iv); + let ctr = CryptoAes192Ctr::new(key, iv); Aes192Ctr(ctr) } @@ -61,12 +65,13 @@ impl Aes192Ctr { pub struct Aes256Ctr(CryptoAes256Ctr); impl Aes256Ctr { - pub const IV_LEN: usize = aes::BLOCK_SIZE; + pub const IV_LEN: usize = ::IvSize::USIZE; pub const KEY_LEN: usize = Aes256::KEY_LEN; pub fn new(key: &[u8], iv: &[u8]) -> Aes256Ctr { - let cipher = CryptoAes256::new_from_slice(key).expect("Aes256"); - let ctr = CryptoAes256Ctr::from_block_cipher(cipher, GenericArray::from_slice(iv)); + let key = Key::::from_slice(key); + let iv = Iv::::from_slice(iv); + let ctr = CryptoAes256Ctr::new(key, iv); Aes256Ctr(ctr) } diff --git a/src/v2/crypto/chacha8_poly1305.rs b/src/v2/crypto/chacha8_poly1305.rs index 024dedd..341f307 100644 --- a/src/v2/crypto/chacha8_poly1305.rs +++ b/src/v2/crypto/chacha8_poly1305.rs @@ -1,6 +1,6 @@ pub use chacha20poly1305::ChaCha8Poly1305 as CryptoChaCha8Poly1305; use chacha20poly1305::{ - aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead}, + aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser}, Key, Nonce, Tag, @@ -15,7 +15,7 @@ impl ChaCha8Poly1305 { } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize { diff --git a/src/v2/crypto/xchacha8_poly1305.rs b/src/v2/crypto/xchacha8_poly1305.rs index d3746d7..a38751d 100644 --- a/src/v2/crypto/xchacha8_poly1305.rs +++ b/src/v2/crypto/xchacha8_poly1305.rs @@ -1,6 +1,6 @@ pub use chacha20poly1305::XChaCha8Poly1305 as CryptoXChaCha8Poly1305; use chacha20poly1305::{ - aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, NewAead}, + aead::{generic_array::typenum::Unsigned, AeadCore, AeadInPlace, KeyInit, KeySizeUser}, Key, Tag, XNonce, @@ -15,7 +15,7 @@ impl XChaCha8Poly1305 { } pub fn key_size() -> usize { - ::KeySize::to_usize() + ::KeySize::to_usize() } pub fn nonce_size() -> usize {