From 3b3dcac2d1bf0b7de9b8b30a3e4850a2695cae37 Mon Sep 17 00:00:00 2001 From: zonyitoo Date: Fri, 22 Apr 2022 16:25:57 +0800 Subject: [PATCH] aead-cipher-2022-extra: supporting chacha8-poly1305 non-standard cipher --- Cargo.lock | 251 +++++++++++++----- Cargo.toml | 2 + README.md | 2 + crates/shadowsocks-service/Cargo.toml | 2 + crates/shadowsocks/Cargo.toml | 2 + .../src/relay/udprelay/aead_2022.rs | 36 +++ 6 files changed, 234 insertions(+), 61 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d48b5c3f..44b3c404 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -17,7 +17,7 @@ version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9e8b47f52ea9bae42228d07ec09eb676433d7c4ed1ebdf0f1d1c29ed446f1ab8" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "cipher 0.3.0", "cpufeatures", "ctr", @@ -30,7 +30,7 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfe0133578c0986e1fe3dfcd4af1cc5b2dd6c3dbf534d69916ce16a2701d40ba" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "cipher 0.4.3", "cpufeatures", ] @@ -75,15 +75,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.56" +version = "1.0.57" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4361135be9122e0870de935d7c439aef945b9f9ddd4199a553b5270b49c82a27" - -[[package]] -name = "arc-swap" -version = "0.4.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dabe5a181f83789739c194cbe5a897dde195078fac08568d09221fd6137a7ba8" +checksum = "08f9b8508dccb7687a1d6c4ce66b2b0ecef467c94667de27d8d7fe1f8d2a9cdc" [[package]] name = "arc-swap" @@ -103,6 +97,18 @@ version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" +[[package]] +name = "as-slice" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "45403b49e3954a4b8428a0ac21a4b7afadccf92bfd96273f1a58cd4812496ae0" +dependencies = [ + "generic-array 0.12.4", + "generic-array 0.13.3", + "generic-array 0.14.5", + "stable_deref_trait", +] + [[package]] name = "async-trait" version = "0.1.53" @@ -164,7 +170,7 @@ dependencies = [ "arrayref", "arrayvec", "cc", - "cfg-if", + "cfg-if 1.0.0", "constant_time_eq", "digest 0.10.3", ] @@ -277,6 +283,12 @@ dependencies = [ "subtle", ] +[[package]] +name = "cfg-if" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" + [[package]] name = "cfg-if" version = "1.0.0" @@ -289,7 +301,7 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "01b72a433d0cf2aef113ba70f62634c56fddb0f244e6377185c56a7cadbd8f91" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "cipher 0.3.0", "cpufeatures", "zeroize", @@ -348,9 +360,9 @@ dependencies = [ [[package]] name = "clap" -version = "3.1.9" +version = "3.1.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6aad2534fad53df1cc12519c5cda696dd3e20e6118a027e24054aea14a0bdcbe" +checksum = "423af4bd829996d7de0b8bf0279f5b91a20306937be514e972a95c3d3ab13f33" dependencies = [ "atty", "bitflags", @@ -423,7 +435,7 @@ version = "0.5.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5aaa7bd5fb665c6864b5f963dd9097905c54125909c7aa94c9e18507cdbe6c53" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "crossbeam-utils", ] @@ -433,7 +445,7 @@ version = "0.8.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0bf124c720b7686e3c2663cf54062ab0f68a88af2fb6a030e87e30bf721fcb38" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "lazy_static", ] @@ -656,9 +668,9 @@ version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0408e2626025178a6a7f7ffc05a25bc47103229f19c113755de7bf63816290c" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "libc", - "redox_syscall 0.2.13", + "redox_syscall", "winapi", ] @@ -806,6 +818,15 @@ dependencies = [ "typenum", ] +[[package]] +name = "generic-array" +version = "0.13.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f797e67af32588215eaaab8327027ee8e71b9dd0b2b26996aedf20c030fce309" +dependencies = [ + "typenum", +] + [[package]] name = "generic-array" version = "0.14.5" @@ -822,7 +843,7 @@ version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9be70c98951c83b8d2f8f60d7065fa6d5146873094452a1008da8c2f1e4205ad" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "libc", "wasi 0.10.2+wasi-snapshot-preview1", ] @@ -856,12 +877,33 @@ dependencies = [ "tracing", ] +[[package]] +name = "hash32" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d4041af86e63ac4298ce40e5cca669066e75b6f1aa3390fe2561ffa5e1d9f4cc" +dependencies = [ + "byteorder", +] + [[package]] name = "hashbrown" version = "0.11.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ab5ef0d4909ef3724cc8cce6ccc8572c5c817592e9285f5464f8e86f8bd3726e" +[[package]] +name = "heapless" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "74911a68a1658cfcfb61bc0ccfbd536e3b6e906f8c2f7883ee50157e3e2184f1" +dependencies = [ + "as-slice", + "generic-array 0.13.3", + "hash32", + "stable_deref_trait", +] + [[package]] name = "heck" version = "0.4.0" @@ -1026,7 +1068,7 @@ version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", ] [[package]] @@ -1137,9 +1179,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.123" +version = "0.2.124" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb691a747a7ab48abc15c5b42066eaafde10dc427e3b6ee2a1cf43db04c763bd" +checksum = "21a41fed9d98f27ab1c6d161da622a4fa35e8a54a8adc24bbf3ddd0ef70b0e50" [[package]] name = "libmimalloc-sys" @@ -1172,7 +1214,7 @@ version = "0.4.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6389c490849ff5bc16be905ae24bc913a9c8892e19b2341dbc175e14c341c2b8" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "serde", ] @@ -1184,12 +1226,12 @@ checksum = "a94d21414c1f4a51209ad204c1776a3d0765002c76c6abcb602a6f09f1e881c7" [[package]] name = "log4rs" -version = "1.0.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1572a880d1115ff867396eee7ae2bc924554225e67a0d3c85c745b3e60ca211" +checksum = "e4938855505d062af68430b345bf11e26228542cd823bad77533bb39c5c32266" dependencies = [ "anyhow", - "arc-swap 0.4.8", + "arc-swap", "chrono", "derivative", "fnv", @@ -1197,8 +1239,8 @@ dependencies = [ "libc", "log", "log-mdc", + "palaver", "parking_lot 0.11.2", - "regex", "serde", "serde-value", "serde_json", @@ -1224,6 +1266,15 @@ version = "0.11.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9106e1d747ffd48e6be5bb2d97fa706ed25b144fbee4d5c02eae110cd8d6badd" +[[package]] +name = "mach" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b823e83b2affd8f40a9ee8c29dbc56404c1e34cd2710921f2801e2cf29527afa" +dependencies = [ + "libc", +] + [[package]] name = "managed" version = "0.8.0" @@ -1332,6 +1383,19 @@ dependencies = [ "tempfile", ] +[[package]] +name = "nix" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b2e0b4f3320ed72aaedb9a5ac838690a8047c7b275da22711fddff4f8a14229" +dependencies = [ + "bitflags", + "cc", + "cfg-if 0.1.10", + "libc", + "void", +] + [[package]] name = "nix" version = "0.23.1" @@ -1340,11 +1404,17 @@ checksum = "9f866317acbd3a240710c63f065ffb1e4fd466259045ccb504130b7f668f35c6" dependencies = [ "bitflags", "cc", - "cfg-if", + "cfg-if 1.0.0", "libc", "memoffset", ] +[[package]] +name = "nom" +version = "2.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf51a729ecf40266a2368ad335a5fdde43471f545a967109cd62146ecf8b66ff" + [[package]] name = "notify" version = "5.0.0-pre.14" @@ -1426,7 +1496,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0c7ae222234c30df141154f159066c5093ff73b63204dcda7121eb082fc56a95" dependencies = [ "bitflags", - "cfg-if", + "cfg-if 1.0.0", "foreign-types", "libc", "once_cell", @@ -1489,6 +1559,23 @@ dependencies = [ "sec1", ] +[[package]] +name = "palaver" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49dfc200733ac34dcd9a1e4a7e454b521723936010bef3710e2d8024a32d685f" +dependencies = [ + "bitflags", + "heapless", + "lazy_static", + "libc", + "mach", + "nix 0.15.0", + "procinfo", + "typenum", + "winapi", +] + [[package]] name = "parking_lot" version = "0.11.2" @@ -1516,10 +1603,10 @@ version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d76e8e1493bcac0d2766c42737f34458f1c8c50c0d23bcb24ea953affb273216" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "instant", "libc", - "redox_syscall 0.2.13", + "redox_syscall", "smallvec", "winapi", ] @@ -1530,9 +1617,9 @@ version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "995f667a6c822200b0433ac218e05582f0e2efa1b922a3fd2fbaadc5f87bab37" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "libc", - "redox_syscall 0.2.13", + "redox_syscall", "smallvec", "windows-sys", ] @@ -1641,7 +1728,7 @@ version = "0.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8419d2b623c7c0896ff2d5d96e2cb4ede590fed28fcc34934f4c33c036e620a1" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "cpufeatures", "opaque-debug 0.3.0", "universal-hash", @@ -1662,6 +1749,18 @@ dependencies = [ "unicode-xid", ] +[[package]] +name = "procinfo" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ab1427f3d2635891f842892dda177883dca0639e05fe66796a62c9d2f23b49c" +dependencies = [ + "byteorder", + "libc", + "nom", + "rustc_version", +] + [[package]] name = "qrcode" version = "0.12.0" @@ -1716,12 +1815,6 @@ dependencies = [ "getrandom", ] -[[package]] -name = "redox_syscall" -version = "0.1.57" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41cc0f7e4d5d4544e8861606a285bb08d3e70712ccc7d2b84d7c0ccfaf4b05ce" - [[package]] name = "redox_syscall" version = "0.2.13" @@ -1738,7 +1831,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" dependencies = [ "getrandom", - "redox_syscall 0.2.13", + "redox_syscall", "thiserror", ] @@ -1842,6 +1935,15 @@ dependencies = [ "pkg-config", ] +[[package]] +name = "rustc_version" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" +dependencies = [ + "semver", +] + [[package]] name = "rustls" version = "0.20.4" @@ -1960,6 +2062,21 @@ dependencies = [ "libc", ] +[[package]] +name = "semver" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" +dependencies = [ + "semver-parser", +] + +[[package]] +name = "semver-parser" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" + [[package]] name = "sendfd" version = "0.4.1" @@ -2053,7 +2170,7 @@ version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c77f4e7f65455545c2153c1253d25056825e77ee2533f0e41deb65a93a34852f" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "cpufeatures", "digest 0.10.3", "sha1-asm", @@ -2073,19 +2190,19 @@ name = "shadowsocks" version = "1.15.0" dependencies = [ "aes 0.8.1", - "arc-swap 1.5.0", + "arc-swap", "async-trait", "base64", "bloomfilter", "byte_string", "bytes", - "cfg-if", + "cfg-if 1.0.0", "env_logger", "futures", "libc", "log", "lru_time_cache", - "nix", + "nix 0.23.1", "notify", "once_cell", "pin-project", @@ -2108,7 +2225,7 @@ dependencies = [ [[package]] name = "shadowsocks-crypto" version = "0.4.0" -source = "git+https://github.com/shadowsocks/shadowsocks-crypto.git#d0d9914fbf01ac85cf1120cbc7888de6bd0e5817" +source = "git+https://github.com/shadowsocks/shadowsocks-crypto.git#d3e0fc1d8d26473618f53c9e48770d753e3ec4c8" dependencies = [ "aes 0.7.5", "aes-gcm", @@ -2116,7 +2233,7 @@ dependencies = [ "blake3", "bytes", "ccm", - "cfg-if", + "cfg-if 1.0.0", "chacha20", "chacha20poly1305", "hkdf", @@ -2133,7 +2250,7 @@ dependencies = [ "build-time", "byte_string", "byteorder", - "cfg-if", + "cfg-if 1.0.0", "clap", "daemonize", "directories", @@ -2163,12 +2280,12 @@ dependencies = [ name = "shadowsocks-service" version = "1.15.0" dependencies = [ - "arc-swap 1.5.0", + "arc-swap", "async-trait", "byte_string", "byteorder", "bytes", - "cfg-if", + "cfg-if 1.0.0", "env_logger", "etherparse", "futures", @@ -2181,7 +2298,7 @@ dependencies = [ "log", "lru_time_cache", "native-tls", - "nix", + "nix 0.23.1", "once_cell", "pin-project", "rand", @@ -2308,6 +2425,12 @@ dependencies = [ "lock_api", ] +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + [[package]] name = "strsim" version = "0.10.0" @@ -2352,10 +2475,10 @@ version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "fastrand", "libc", - "redox_syscall 0.2.13", + "redox_syscall", "remove_dir_all", "winapi", ] @@ -2410,12 +2533,12 @@ dependencies = [ [[package]] name = "thread-id" -version = "3.3.0" +version = "4.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7fbf4c9d56b320106cd64fd024dadfa0be7cb4706725fc44a7d7ce952d820c1" +checksum = "5fdfe0627923f7411a43ec9ec9c39c3a9b4151be313e0922042581fb6c9b717f" dependencies = [ "libc", - "redox_syscall 0.1.57", + "redox_syscall", "winapi", ] @@ -2502,7 +2625,7 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4279aec5ded232170bf39130dd0e0deaed2c9f31cd3b5db1f2021056bcf5f94a" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "futures", "libc", "log", @@ -2570,7 +2693,7 @@ version = "0.1.34" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5d0ecdcb44a79f0fe9844f0c4f33a342cbcbb5117de8001e6ba0dc2351327d09" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "log", "pin-project-lite", "tracing-attributes", @@ -2611,7 +2734,7 @@ checksum = "9c31f240f59877c3d4bb3b3ea0ec5a6a0cff07323580ff8c7a605cd7d08b255d" dependencies = [ "async-trait", "bytes", - "cfg-if", + "cfg-if 1.0.0", "data-encoding", "enum-as-inner", "futures-channel", @@ -2643,7 +2766,7 @@ version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e4ba72c2ea84515690c9fcef4c6c660bb9df3036ed1051686de84605b74fd558" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "futures-util", "ipconfig", "lazy_static", @@ -2775,6 +2898,12 @@ version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +[[package]] +name = "void" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d" + [[package]] name = "walkdir" version = "2.3.2" @@ -2814,7 +2943,7 @@ version = "0.2.80" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "27370197c907c55e3f1a9fbe26f44e937fe6451368324e009cba39e139dc08ad" dependencies = [ - "cfg-if", + "cfg-if 1.0.0", "wasm-bindgen-macro", ] diff --git a/Cargo.toml b/Cargo.toml index 8b3bd313..0576ff07 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -128,6 +128,8 @@ aead-cipher-extra = ["shadowsocks-service/aead-cipher-extra"] # Enable AEAD 2022 aead-cipher-2022 = ["shadowsocks-service/aead-cipher-2022"] +# Enable AEAD 2022 with extra ciphers +aead-cipher-2022-extra = ["shadowsocks-service/aead-cipher-2022-extra"] # Enable detection against replay attack (Stream / AEAD) security-replay-attack-detect = ["shadowsocks-service/security-replay-attack-detect"] diff --git a/README.md b/README.md index 2266cb06..60cfa59c 100644 --- a/README.md +++ b/README.md @@ -57,6 +57,8 @@ Related Projects: - `aead-cipher-2022` - Enable AEAD-2022 ciphers ([Draft](https://github.com/shadowsocks/shadowsocks-org/issues/194#issuecomment-1065833908)) +- `aead-cipher-2022-extra` - Enable AEAD-2022 extra ciphers (non-standard ciphers) + #### Memory Allocators This project uses system (libc) memory allocator (Rust's default). But it also allows you to use other famous allocators by features: diff --git a/crates/shadowsocks-service/Cargo.toml b/crates/shadowsocks-service/Cargo.toml index 97038608..094fc1e4 100644 --- a/crates/shadowsocks-service/Cargo.toml +++ b/crates/shadowsocks-service/Cargo.toml @@ -70,6 +70,8 @@ aead-cipher-extra = ["shadowsocks/aead-cipher-extra"] # Enable AEAD 2022 aead-cipher-2022 = ["shadowsocks/aead-cipher-2022"] +# Enable AEAD 2022 with extra ciphers +aead-cipher-2022-extra = ["shadowsocks/aead-cipher-2022-extra"] # Enable detection against replay attack security-replay-attack-detect = ["shadowsocks/security-replay-attack-detect"] diff --git a/crates/shadowsocks/Cargo.toml b/crates/shadowsocks/Cargo.toml index 9ff865cb..f45dd203 100644 --- a/crates/shadowsocks/Cargo.toml +++ b/crates/shadowsocks/Cargo.toml @@ -33,6 +33,8 @@ aead-cipher-extra = ["shadowsocks-crypto/v1-aead-extra"] # Enable AEAD 2022 aead-cipher-2022 = ["shadowsocks-crypto/v2", "rand/small_rng", "aes", "lru_time_cache"] +# Enable AEAD 2022 with extra ciphers +aead-cipher-2022-extra = ["shadowsocks-crypto/v2-extra"] # Enable detection against replay attack security-replay-attack-detect = ["bloomfilter"] diff --git a/crates/shadowsocks/src/relay/udprelay/aead_2022.rs b/crates/shadowsocks/src/relay/udprelay/aead_2022.rs index 6641d397..52192b9b 100644 --- a/crates/shadowsocks/src/relay/udprelay/aead_2022.rs +++ b/crates/shadowsocks/src/relay/udprelay/aead_2022.rs @@ -66,6 +66,8 @@ use bytes::{Buf, BufMut, BytesMut}; use log::trace; use lru_time_cache::LruCache; +#[cfg(feature = "aead-cipher-2022-extra")] +use crate::crypto::v2::udp::ChaCha8Poly1305Cipher; use crate::{ context::Context, crypto::{ @@ -171,6 +173,16 @@ fn encrypt_message(_context: &Context, method: CipherKind, key: &[u8], packet: & let (nonce, message) = packet.split_at_mut(nonce_size); cipher.encrypt_packet(nonce, message); } + #[cfg(feature = "aead-cipher-2022-extra")] + CipherKind::AEAD2022_BLAKE3_CHACHA8_POLY1305 => { + // ChaCha8-Poly1305 uses PSK as key, prepended nonce in packet + let nonce_size = ChaCha8Poly1305Cipher::nonce_size(); + + let cipher = get_cipher(method, key, session_id); + + let (nonce, message) = packet.split_at_mut(nonce_size); + cipher.encrypt_packet(nonce, message); + } CipherKind::AEAD2022_BLAKE3_AES_128_GCM | CipherKind::AEAD2022_BLAKE3_AES_256_GCM => { // AES-*-GCM uses derived key, and part of the packet header as nonce @@ -224,6 +236,28 @@ fn decrypt_message(_context: &Context, method: CipherKind, key: &[u8], packet: & return false; } } + #[cfg(feature = "aead-cipher-2022-extra")] + CipherKind::AEAD2022_BLAKE3_CHACHA8_POLY1305 => { + // ChaCha8-Poly1305 uses PSK as key, prepended nonce in packet + let nonce_size = ChaCha8Poly1305Cipher::nonce_size(); + + let (nonce, message) = packet.split_at_mut(nonce_size); + + // NOTE: ChaCha20-Poly1305's session_id is not required because it uses PSK directly + // + // But still, we get the session_id for cache + let session_id = { + let session_id_buf = &message[0..8]; + let session_id_slice: &[u64] = unsafe { slice::from_raw_parts(session_id_buf.as_ptr() as *const _, 1) }; + u64::from_be(session_id_slice[0]) + }; + + let cipher = get_cipher(method, key, session_id); + + if !cipher.decrypt_packet(nonce, message) { + return false; + } + } CipherKind::AEAD2022_BLAKE3_AES_128_GCM | CipherKind::AEAD2022_BLAKE3_AES_256_GCM => { // AES-*-GCM uses derived key, and part of the packet header as nonce // @@ -274,6 +308,8 @@ fn get_nonce_len(method: CipherKind) -> usize { match method { CipherKind::AEAD2022_BLAKE3_AES_128_GCM | CipherKind::AEAD2022_BLAKE3_AES_256_GCM => 0, CipherKind::AEAD2022_BLAKE3_CHACHA20_POLY1305 => method.nonce_len(), + #[cfg(feature = "aead-cipher-2022-extra")] + CipherKind::AEAD2022_BLAKE3_CHACHA8_POLY1305 => method.nonce_len(), _ => unreachable!("{} is not an AEAD 2022 cipher", method), } }