Skip to content
This repository has been archived by the owner on Sep 19, 2024. It is now read-only.

Commit

Permalink
Remove me
Browse files Browse the repository at this point in the history
  • Loading branch information
@baluchicken
baluchicken committed Mar 11, 2024
1 parent d9e8420 commit e152064
Showing 1 changed file with 44 additions and 15 deletions.
59 changes: 44 additions & 15 deletions socket.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -886,7 +886,7 @@ static int configure_ktls_sock(camblet_socket *s)
br_ssl_engine_context *eng = get_ssl_engine_context(s);
br_ssl_session_parameters *params = &eng->session;

if (params->cipher_suite != BR_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 || !ktls_available)
if (params->cipher_suite != BR_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 || !ktls_available)
{
if (!ktls_available)
pr_warn("configure kTLS error: kTLS is not available on this system # command[%s]", current->comm);
Expand All @@ -902,20 +902,49 @@ static int configure_ktls_sock(camblet_socket *s)
pr_debug("configure kTLS for output # command[%s] cipher_suite[%x] version[%x] iv[%.*s]", current->comm, params->cipher_suite, params->version, 12, eng->out.chapol.iv);
pr_debug("configure kTLS for input # command[%s] cipher_suite[%x] version[%x] iv[%.*s]", current->comm, params->cipher_suite, params->version, 12, eng->in.chapol.iv);

struct tls12_crypto_info_chacha20_poly1305 crypto_info_tx = {.info = {.version = TLS_1_2_VERSION,
.cipher_type = TLS_CIPHER_CHACHA20_POLY1305}};
memcpy(crypto_info_tx.iv, eng->out.chapol.iv, TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
memcpy(crypto_info_tx.key, eng->out.chapol.key, TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE);
uint64_t outseq = m3_bswap64(eng->out.chapol.seq);
memcpy(crypto_info_tx.rec_seq, &outseq, TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
// memcpy(crypto_info.salt, eng->out.chapol.salt, TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE);

struct tls12_crypto_info_chacha20_poly1305 crypto_info_rx = {.info = {.version = TLS_1_2_VERSION,
.cipher_type = TLS_CIPHER_CHACHA20_POLY1305}};
memcpy(crypto_info_rx.iv, eng->in.chapol.iv, TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
memcpy(crypto_info_rx.key, eng->in.chapol.key, TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE);
uint64_t inseq = m3_bswap64(eng->in.chapol.seq);
memcpy(crypto_info_rx.rec_seq, &inseq, TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
// struct tls12_crypto_info_aes_gcm_128 crypto_info_tx = {.info= {.version = TLS_1_2_VERSION,
// .cipher_type = TLS_CIPHER_AES_GCM_128}};
// memcpy(crypto_info_tx.iv, eng->out.gcm.iv, TLS_CIPHER_AES_GCM_128_IV_SIZE);
// memcpy(crypto_info_tx.key, eng->out.gcm.key.k16, TLS_CIPHER_AES_GCM_128_KEY_SIZE);
// uint64_t outseq = m3_bswap64(eng->out.gcm.seq);
// memcpy(crypto_info_tx.rec_seq, &outseq, TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);

// struct tls12_crypto_info_aes_gcm_128 crypto_info_rx = {.info= {.version = TLS_1_2_VERSION,
// .cipher_type = TLS_CIPHER_AES_GCM_128}};
// memcpy(crypto_info_rx.iv, eng->in.gcm.iv, TLS_CIPHER_AES_GCM_128_IV_SIZE);
// memcpy(crypto_info_rx.key, eng->in.gcm.key.k16, TLS_CIPHER_AES_GCM_128_KEY_SIZE);
// uint64_t inseq = m3_bswap64(eng->in.gcm.seq);
// memcpy(crypto_info_rx.rec_seq, &inseq, TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);

struct tls12_crypto_info_aes_gcm_256 crypto_info_tx = {.info= {.version = TLS_1_2_VERSION,
.cipher_type = TLS_CIPHER_AES_GCM_256}};
memcpy(crypto_info_tx.iv, eng->out.gcm.iv, TLS_CIPHER_AES_GCM_256_IV_SIZE);
memcpy(crypto_info_tx.key, eng->out.gcm.key.k32, TLS_CIPHER_AES_GCM_256_KEY_SIZE);
uint64_t outseq = m3_bswap64(eng->out.gcm.seq);
memcpy(crypto_info_tx.rec_seq, &outseq, TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);

struct tls12_crypto_info_aes_gcm_256 crypto_info_rx = {.info= {.version = TLS_1_2_VERSION,
.cipher_type = TLS_CIPHER_AES_GCM_256}};
memcpy(crypto_info_rx.iv, eng->in.gcm.iv, TLS_CIPHER_AES_GCM_256_IV_SIZE);
memcpy(crypto_info_rx.key, eng->in.gcm.key.k32, TLS_CIPHER_AES_GCM_256_KEY_SIZE);
uint64_t inseq = m3_bswap64(eng->in.gcm.seq);
memcpy(crypto_info_rx.rec_seq, &inseq, TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);


// struct tls12_crypto_info_chacha20_poly1305 crypto_info_tx = {.info = {.version = TLS_1_2_VERSION,
// .cipher_type = TLS_CIPHER_CHACHA20_POLY1305}};
// memcpy(crypto_info_tx.iv, eng->out.chapol.iv, TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
// memcpy(crypto_info_tx.key, eng->out.chapol.key, TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE);
// uint64_t outseq = m3_bswap64(eng->out.chapol.seq);
// memcpy(crypto_info_tx.rec_seq, &outseq, TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
// // memcpy(crypto_info.salt, eng->out.chapol.salt, TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE);

// struct tls12_crypto_info_chacha20_poly1305 crypto_info_rx = {.info = {.version = TLS_1_2_VERSION,
// .cipher_type = TLS_CIPHER_CHACHA20_POLY1305}};
// memcpy(crypto_info_rx.iv, eng->in.chapol.iv, TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
// memcpy(crypto_info_rx.key, eng->in.chapol.key, TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE);
// uint64_t inseq = m3_bswap64(eng->in.chapol.seq);
// memcpy(crypto_info_rx.rec_seq, &inseq, TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
// memcpy(crypto_info.salt, eng->out.chapol.salt, TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE);

// We have to set the protocol to the original here because the kTLS proto gets created from the sockets original protocol,
Expand Down

0 comments on commit e152064

Please sign in to comment.