extension Data {
func isKey() -> Bool {
- return self.count == 32
+ return self.count == WG_KEY_LEN
}
func hexKey() -> String? {
- if self.count != 32 {
+ if self.count != WG_KEY_LEN {
return nil
}
- var nibble1, nibble2: UInt
- var hex: [UInt8] = Array(repeating: 0, count: 64)
-
- for i in 0..<32 {
- let n = UInt(self[i])
- nibble1 = 87 + (n >> 4)
- nibble1 += (((UInt(bitPattern: Int(n >> 4) - 10)) >> 8) & 217)
- nibble2 = 87 + (n & 0xf)
- nibble2 += (((UInt(bitPattern: Int(n & 0xf) - 10)) >> 8) & 217)
- hex[i * 2] = UInt8(truncatingIfNeeded: nibble1)
- hex[i * 2 + 1] = UInt8(truncatingIfNeeded: nibble2)
+ var out = Data(repeating: 0, count: Int(WG_KEY_LEN_HEX))
+ out.withUnsafeMutableBytes { outBytes in
+ self.withUnsafeBytes { inBytes in
+ key_to_hex(outBytes, inBytes)
+ }
}
- return String(bytes: hex, encoding: .ascii)
- }
-
- private func decodeHex(c: UInt8) -> (UInt8, UInt8) {
- var alpha0, alpha, num0, num, val, ret: UInt8
-
- num = c ^ 48
- num0 = UInt8(truncatingIfNeeded: UInt(bitPattern: Int(num) - 10) >> 8)
-
- alpha = UInt8(truncatingIfNeeded: Int(c & 223) - 55)
- alpha0 = UInt8(truncatingIfNeeded: (UInt(bitPattern: Int(alpha) - 10) ^ UInt(bitPattern: Int(alpha) - 16)) >> 8)
-
- ret = UInt8(truncatingIfNeeded: UInt(bitPattern: Int(num0 | alpha0) - 1) >> 8)
- val = (num0 & num) | (alpha0 & alpha)
-
- return (val, ret)
+ out.removeLast()
+ return String(data: out, encoding: .ascii)
}
init?(hexKey hexString: String) {
- let hex = [UInt8](hexString.utf8)
- if hex.count != 64 {
+ if hexString.utf8.count != WG_KEY_LEN_HEX - 1 {
return nil
}
- self.init(repeating: 0, count: 32)
-
- var ret: UInt8 = 0
- for i in stride(from: 0, to: 64, by: 2) {
- var v1, v2, r: UInt8
-
- (v1, r) = decodeHex(c: hex[i])
- ret |= r
-
- (v2, r) = decodeHex(c: hex[i + 1])
- ret |= r
-
- self[i / 2] = (v1 << 4) | v2
- }
+ self.init(repeating: 0, count: Int(WG_KEY_LEN))
- if 1 & (UInt8(truncatingIfNeeded: Int(ret) - 1) >> 8) != 0 {
+ if !self.withUnsafeMutableBytes { key_from_hex($0, hexString) } {
return nil
}
}
-
- private func encodeBase64<T: RandomAccessCollection>(dest: inout ArraySlice<UInt8>, src: T) where T.Index == Int, T.Element == UInt8 {
- let a = Int((src[src.startIndex + 0] >> 2) & 63)
- let b = Int(((src[src.startIndex + 0] << 4) | (src[src.startIndex + 1] >> 4)) & 63)
- let c = Int(((src[src.startIndex + 1] << 2) | (src[src.startIndex + 2] >> 6)) & 63)
- let d = Int(src[src.startIndex + 2] & 63)
-
- for (i, x) in [a, b, c, d].enumerated() {
- var y: Int = x + 65
- y += ((25 - x) >> 8) & 6
- y -= ((51 - x) >> 8) & 75
- y -= ((61 - x) >> 8) & 15
- y += ((62 - x) >> 8) & 3
- dest[dest.startIndex + i] = UInt8(y)
- }
- }
-
func base64Key() -> String? {
- if self.count != 32 {
+ if self.count != WG_KEY_LEN {
return nil
}
- var base64: [UInt8] = Array(repeating: 0, count: 44)
-
- for i in 0..<(32 / 3) {
- encodeBase64(dest: &base64[(i * 4)..<(i * 4 + 4)], src: self[(i * 3)..<(i * 3 + 3)])
- }
- encodeBase64(dest: &base64[40..<44], src: [self[30], self[31], 0])
- base64[43] = 61
-
- return String(bytes: base64, encoding: .ascii)
- }
-
- private func decodeBase64<T: RandomAccessCollection>(src: T) -> Int where T.Index == Int, T.Element == UInt8 {
- var val: Int = 0
- for i in 0..<4 {
- let n = Int(src[src.startIndex + i])
- var a: Int = -1
- var b: Int
- b = ((((65 - 1) - n) & (n - (90 + 1))) >> 8)
- a += b & (n - 64)
- b = ((((97 - 1) - n) & (n - (122 + 1))) >> 8)
- a += b & (n - 70)
- b = ((((48 - 1) - n) & (n - (57 + 1))) >> 8)
- a += b & (n + 5)
- b = ((((43 - 1) - n) & (n - (43 + 1))) >> 8)
- a += b & 63
- b = ((((47 - 1) - n) & (n - (47 + 1))) >> 8)
- a += b & 64
- val |= a << (18 - 6 * i)
+ var out = Data(repeating: 0, count: Int(WG_KEY_LEN_BASE64))
+ out.withUnsafeMutableBytes { outBytes in
+ self.withUnsafeBytes { inBytes in
+ key_to_base64(outBytes, inBytes)
+ }
}
- return val
+ out.removeLast()
+ return String(data: out, encoding: .ascii)
}
init?(base64Key base64String: String) {
- let base64 = [UInt8](base64String.utf8)
- if base64.count != 44 || base64[43] != 61 {
+ if base64String.utf8.count != WG_KEY_LEN_BASE64 - 1 {
return nil
}
- self.init(repeating: 0, count: 32)
-
- var ret: UInt8 = 0
- var val: Int
- for i in 0..<(32/3) {
- val = decodeBase64(src: base64[(i * 4)..<(i * 4 + 4)])
- ret |= UInt8(UInt32(val) >> UInt32(31))
- self[i * 3 + 0] = UInt8((val >> 16) & 0xff)
- self[i * 3 + 1] = UInt8((val >> 8) & 0xff)
- self[i * 3 + 2] = UInt8(val & 0xff)
- }
- val = decodeBase64(src: [base64[40], base64[41], base64[42], 65])
- ret |= UInt8((UInt32(val) >> 31) | UInt32(val & 0xff))
- self[30] = UInt8((val >> 16) & 0xff)
- self[31] = UInt8((val >> 8) & 0xff)
+ self.init(repeating: 0, count: Int(WG_KEY_LEN))
- if 1 & (UInt8(truncatingIfNeeded: Int(ret) - 1) >> 8) != 0 {
+ if !self.withUnsafeMutableBytes { key_from_base64($0, base64String) } {
return nil
}
}
--- /dev/null
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ *
+ * This is a specialized constant-time base64/hex implementation that resists side-channel attacks.
+ */
+
+#include <string.h>
+#include "key.h"
+
+static inline void encode_base64(char dest[static 4], const uint8_t src[static 3])
+{
+ const uint8_t input[] = { (src[0] >> 2) & 63, ((src[0] << 4) | (src[1] >> 4)) & 63, ((src[1] << 2) | (src[2] >> 6)) & 63, src[2] & 63 };
+
+ for (unsigned int i = 0; i < 4; ++i)
+ dest[i] = input[i] + 'A'
+ + (((25 - input[i]) >> 8) & 6)
+ - (((51 - input[i]) >> 8) & 75)
+ - (((61 - input[i]) >> 8) & 15)
+ + (((62 - input[i]) >> 8) & 3);
+
+}
+
+void key_to_base64(char base64[static WG_KEY_LEN_BASE64], const uint8_t key[static WG_KEY_LEN])
+{
+ unsigned int i;
+
+ for (i = 0; i < WG_KEY_LEN / 3; ++i)
+ encode_base64(&base64[i * 4], &key[i * 3]);
+ encode_base64(&base64[i * 4], (const uint8_t[]){ key[i * 3 + 0], key[i * 3 + 1], 0 });
+ base64[WG_KEY_LEN_BASE64 - 2] = '=';
+ base64[WG_KEY_LEN_BASE64 - 1] = '\0';
+}
+
+static inline int decode_base64(const char src[static 4])
+{
+ int val = 0;
+
+ for (unsigned int i = 0; i < 4; ++i)
+ val |= (-1
+ + ((((('A' - 1) - src[i]) & (src[i] - ('Z' + 1))) >> 8) & (src[i] - 64))
+ + ((((('a' - 1) - src[i]) & (src[i] - ('z' + 1))) >> 8) & (src[i] - 70))
+ + ((((('0' - 1) - src[i]) & (src[i] - ('9' + 1))) >> 8) & (src[i] + 5))
+ + ((((('+' - 1) - src[i]) & (src[i] - ('+' + 1))) >> 8) & 63)
+ + ((((('/' - 1) - src[i]) & (src[i] - ('/' + 1))) >> 8) & 64)
+ ) << (18 - 6 * i);
+ return val;
+}
+
+bool key_from_base64(uint8_t key[static WG_KEY_LEN], const char *base64)
+{
+ unsigned int i;
+ volatile uint8_t ret = 0;
+ int val;
+
+ if (strlen(base64) != WG_KEY_LEN_BASE64 - 1 || base64[WG_KEY_LEN_BASE64 - 2] != '=')
+ return false;
+
+ for (i = 0; i < WG_KEY_LEN / 3; ++i) {
+ val = decode_base64(&base64[i * 4]);
+ ret |= (uint32_t)val >> 31;
+ key[i * 3 + 0] = (val >> 16) & 0xff;
+ key[i * 3 + 1] = (val >> 8) & 0xff;
+ key[i * 3 + 2] = val & 0xff;
+ }
+ val = decode_base64((const char[]){ base64[i * 4 + 0], base64[i * 4 + 1], base64[i * 4 + 2], 'A' });
+ ret |= ((uint32_t)val >> 31) | (val & 0xff);
+ key[i * 3 + 0] = (val >> 16) & 0xff;
+ key[i * 3 + 1] = (val >> 8) & 0xff;
+
+ return 1 & ((ret - 1) >> 8);
+}
+
+void key_to_hex(char hex[static WG_KEY_LEN_HEX], const uint8_t key[static WG_KEY_LEN])
+{
+ unsigned int i;
+
+ for (i = 0; i < WG_KEY_LEN; ++i) {
+ hex[i * 2] = 87U + (key[i] >> 4) + ((((key[i] >> 4) - 10U) >> 8) & ~38U);
+ hex[i * 2 + 1] = 87U + (key[i] & 0xf) + ((((key[i] & 0xf) - 10U) >> 8) & ~38U);
+ }
+ hex[i * 2] = '\0';
+}
+
+bool key_from_hex(uint8_t key[static WG_KEY_LEN], const char *hex)
+{
+ uint8_t c, c_acc, c_alpha0, c_alpha, c_num0, c_num, c_val;
+ volatile uint8_t ret = 0;
+
+ if (strlen(hex) != WG_KEY_LEN_HEX - 1)
+ return false;
+
+ for (unsigned int i = 0; i < WG_KEY_LEN_HEX - 1; i += 2) {
+ c = (uint8_t)hex[i];
+ c_num = c ^ 48U;
+ c_num0 = (c_num - 10U) >> 8;
+ c_alpha = (c & ~32U) - 55U;
+ c_alpha0 = ((c_alpha - 10U) ^ (c_alpha - 16U)) >> 8;
+ ret |= ((c_num0 | c_alpha0) - 1) >> 8;
+ c_val = (c_num0 & c_num) | (c_alpha0 & c_alpha);
+ c_acc = c_val * 16U;
+
+ c = (uint8_t)hex[i + 1];
+ c_num = c ^ 48U;
+ c_num0 = (c_num - 10U) >> 8;
+ c_alpha = (c & ~32U) - 55U;
+ c_alpha0 = ((c_alpha - 10U) ^ (c_alpha - 16U)) >> 8;
+ ret |= ((c_num0 | c_alpha0) - 1) >> 8;
+ c_val = (c_num0 & c_num) | (c_alpha0 & c_alpha);
+ key[i / 2] = c_acc | c_val;
+ }
+
+ return 1 & ((ret - 1) >> 8);
+}
--- /dev/null
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+ */
+
+#ifndef KEY_H
+#define KEY_H
+
+#include <stdbool.h>
+#include <stdint.h>
+
+#define WG_KEY_LEN (32)
+#define WG_KEY_LEN_BASE64 (45)
+#define WG_KEY_LEN_HEX (65)
+
+void key_to_base64(char base64[static WG_KEY_LEN_BASE64], const uint8_t key[static WG_KEY_LEN]);
+bool key_from_base64(uint8_t key[static WG_KEY_LEN], const char *base64);
+
+void key_to_hex(char hex[static WG_KEY_LEN_HEX], const uint8_t key[static WG_KEY_LEN]);
+bool key_from_hex(uint8_t key[static WG_KEY_LEN], const char *hex);
+
+#endif
6B62E460220A6FA900EF34A6 /* PrivateDataConfirmation.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B62E45E220A6FA900EF34A6 /* PrivateDataConfirmation.swift */; };
6B707D8421F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B707D8321F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift */; };
6B707D8621F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B707D8321F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift */; };
+ 6BD5C97B220D1AE200784E08 /* key.c in Sources */ = {isa = PBXBuildFile; fileRef = 6BD5C979220D1AE100784E08 /* key.c */; };
+ 6BD5C97C220D1AE200784E08 /* key.c in Sources */ = {isa = PBXBuildFile; fileRef = 6BD5C979220D1AE100784E08 /* key.c */; };
+ 6BD5C97D220D1AE200784E08 /* key.c in Sources */ = {isa = PBXBuildFile; fileRef = 6BD5C979220D1AE100784E08 /* key.c */; };
+ 6BD5C97E220D1AE200784E08 /* key.c in Sources */ = {isa = PBXBuildFile; fileRef = 6BD5C979220D1AE100784E08 /* key.c */; };
6F4DD16B21DA558800690EAE /* TunnelListRow.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F4DD16A21DA558800690EAE /* TunnelListRow.swift */; };
6F4DD16C21DA558F00690EAE /* NSTableView+Reuse.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F4DD16721DA552B00690EAE /* NSTableView+Reuse.swift */; };
6F4DD16E21DBEA0700690EAE /* ManageTunnelsRootViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F4DD16D21DBEA0700690EAE /* ManageTunnelsRootViewController.swift */; };
6B5C5E26220A48D30024272E /* Keychain.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Keychain.swift; sourceTree = "<group>"; };
6B62E45E220A6FA900EF34A6 /* PrivateDataConfirmation.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PrivateDataConfirmation.swift; sourceTree = "<group>"; };
6B707D8321F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "TunnelConfiguration+UapiConfig.swift"; sourceTree = "<group>"; };
+ 6BD5C979220D1AE100784E08 /* key.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = key.c; sourceTree = "<group>"; };
+ 6BD5C97A220D1AE200784E08 /* key.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = key.h; sourceTree = "<group>"; };
6F4DD16721DA552B00690EAE /* NSTableView+Reuse.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NSTableView+Reuse.swift"; sourceTree = "<group>"; };
6F4DD16A21DA558800690EAE /* TunnelListRow.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TunnelListRow.swift; sourceTree = "<group>"; };
6F4DD16D21DBEA0700690EAE /* ManageTunnelsRootViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ManageTunnelsRootViewController.swift; sourceTree = "<group>"; };
6F7774E6217201E0006A79B3 /* Model */ = {
isa = PBXGroup;
children = (
+ 6BD5C979220D1AE100784E08 /* key.c */,
+ 6BD5C97A220D1AE200784E08 /* key.h */,
5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */,
6FFA5D942194454A0001E2F7 /* NETunnelProviderProtocol+Extension.swift */,
5F4541B121CBFAEE00994C13 /* String+ArrayConversion.swift */,
6FFA5D902194370D0001E2F7 /* Endpoint.swift in Sources */,
5FF7B96321CC95DE00A7DD74 /* InterfaceConfiguration.swift in Sources */,
6FFA5D9321943BC90001E2F7 /* DNSResolver.swift in Sources */,
+ 6BD5C97C220D1AE200784E08 /* key.c in Sources */,
6FFA5D912194370D0001E2F7 /* DNSServer.swift in Sources */,
6FFA5D8921942F320001E2F7 /* PacketTunnelSettingsGenerator.swift in Sources */,
6F5D0C1D218352EF000F85AD /* PacketTunnelProvider.swift in Sources */,
6FDB3C3B21DCF47400A0C0BF /* TunnelDetailTableViewController.swift in Sources */,
6FB1BDD721D50F5300A991BF /* WireGuardAppError.swift in Sources */,
5F52D0BD21E3785C00283CEA /* ConfTextStorage.swift in Sources */,
+ 6BD5C97D220D1AE200784E08 /* key.c in Sources */,
5F52D0C221E378C000283CEA /* highlighter.c in Sources */,
6F4DD16E21DBEA0700690EAE /* ManageTunnelsRootViewController.swift in Sources */,
6F4DD16C21DA558F00690EAE /* NSTableView+Reuse.swift in Sources */,
6FB1BDAA21D4F53300A991BF /* IPAddressRange.swift in Sources */,
6FB1BDAB21D4F53300A991BF /* Endpoint.swift in Sources */,
6FB1BDAC21D4F53300A991BF /* DNSServer.swift in Sources */,
+ 6BD5C97E220D1AE200784E08 /* key.c in Sources */,
6FB1BDAD21D4F53300A991BF /* InterfaceConfiguration.swift in Sources */,
6FB1BDAE21D4F53300A991BF /* PeerConfiguration.swift in Sources */,
6FB1BDAF21D4F53300A991BF /* FileManager+Extension.swift in Sources */,
6FBA103B21D6B4290051C35F /* ErrorPresenterProtocol.swift in Sources */,
6FDEF802218646BA00D8FBF6 /* ZipArchive.swift in Sources */,
5F45419021C2D53800994C13 /* SwitchCell.swift in Sources */,
+ 6BD5C97B220D1AE200784E08 /* key.c in Sources */,
6FB1017921C57DE600766195 /* MockTunnels.swift in Sources */,
6B707D8421F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift in Sources */,
6FDEF806218725D200D8FBF6 /* SettingsTableViewController.swift in Sources */,
#include "wireguard-go-version.h"
#include "ringlogger.h"
#include "highlighter.h"
+#include "key.h"
#include "../../wireguard-go-bridge/wireguard.h"
#include "wireguard-go-version.h"
#include "ringlogger.h"
+#include "key.h"
projects / thirdparty / wireguard-apple.git / commitdiff
