Home Explore Help
Sign In
cpp
/
ZeroTierOne
mirror of https://github.com/zerotier/ZeroTierOne
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Build fix for 32-bit Linux and tweaks to address derivation algorithm.

Adam Ierymenko 12 years ago
parent
e376c6f6a9
commit
4f53d09c7e
3 changed files with 27 additions and 27 deletions
Split View Show Diff Stats
  1. 5 10
      Makefile.linux
  2. 17 14
      node/Identity.cpp
  3. 5 3
      node/Multicaster.hpp

+ 5 - 10
Makefile.linux
View File 

@@ -6,21 +6,16 @@ ARCH=$(shell uname -m)
 
 DEFS=-DZT_ARCH="$(ARCH)" -DZT_OSNAME="linux" -DZT_TRACE
 
 
 # Uncomment for a release optimized build
 
-#CFLAGS=-Wall -O3 -fno-unroll-loops -fstack-protector -pthread $(INCLUDES) -DNDEBUG $(DEFS)
 
-#STRIP=strip --strip-all
 
+CFLAGS=-Wall -O3 -fno-unroll-loops -fstack-protector -pthread $(INCLUDES) -DNDEBUG $(DEFS)
 
+STRIP=strip --strip-all
 
 
 # Uncomment for a debug build
 
-CFLAGS=-Wall -g -pthread $(INCLUDES) -DZT_TRACE $(DEFS)
 
-STRIP=echo
 
+#CFLAGS=-Wall -g -pthread $(INCLUDES) -DZT_TRACE $(DEFS)
 
+#STRIP=echo
 
 
 CXXFLAGS=$(CFLAGS) -fno-rtti
 
 
-# We statically link against libcrypto because RedHat-derived distributions do
 
-# not ship the elliptic curve algorithms. If we didn't we'd have to build
 
-# separate binaries for the RedHat and Debian universes to distribute via
 
-# auto-update. This way we get one Linux binary for all systems of a given
 
-# architecture.
 
-LIBS=ext/bin/libcrypto/linux-$(ARCH)/libcrypto.a -lm -ldl
 
+LIBS=-lm
 
 
 include objects.mk

+ 17 - 14
node/Identity.cpp
View File 

@@ -32,6 +32,7 @@
 
 
 #include "Identity.hpp"
 
 #include "SHA512.hpp"
 
+#include "Salsa20.hpp"
 
 
 namespace ZeroTier {
 
 
@@ -130,8 +131,8 @@ bool Identity::fromString(const char *str)
 
 
 // These are fixed parameters and can't be changed without a new
 
 // identity type.
 
-#define ZT_IDENTITY_DERIVEADDRESS_DIGESTS 2048
 
-#define ZT_IDENTITY_DERIVEADDRESS_ROUNDS 8
 
+#define ZT_IDENTITY_DERIVEADDRESS_MEMORY 16777216
 
+#define ZT_IDENTITY_DERIVEADDRESS_ROUNDS 32
 
 
 Address Identity::deriveAddress(const void *keyBytes,unsigned int keyLen)
 
 {
 
@@ -149,24 +150,26 @@ Address Identity::deriveAddress(const void *keyBytes,unsigned int keyLen)
 
 	 * to similar concepts.
 
 	 */
 
 
-	unsigned char finalDigest[ZT_SHA512_DIGEST_LEN];
 
-	unsigned char *digests = new unsigned char[ZT_SHA512_DIGEST_LEN * ZT_IDENTITY_DERIVEADDRESS_DIGESTS];
 
+	unsigned char *ram = new unsigned char[ZT_IDENTITY_DERIVEADDRESS_MEMORY];
 
+	for(unsigned int i=0;i<ZT_IDENTITY_DERIVEADDRESS_MEMORY;++i)
 
+		ram[i] = ((const unsigned char *)keyBytes)[i % keyLen];
 
 
-	SHA512::hash(finalDigest,keyBytes,keyLen);
 
-	for(unsigned int i=0;i<(unsigned int)sizeof(digests);++i)
 
-		digests[i] = ((const unsigned char *)keyBytes)[i % keyLen];
 
+	unsigned char salsaKey[ZT_SHA512_DIGEST_LEN];
 
+	SHA512::hash(salsaKey,keyBytes,keyLen);
 
 
+	uint64_t nonce = 0;
 
 	for(unsigned int r=0;r<ZT_IDENTITY_DERIVEADDRESS_ROUNDS;++r) {
 
-		for(unsigned int i=0;i<(ZT_SHA512_DIGEST_LEN * ZT_IDENTITY_DERIVEADDRESS_DIGESTS);++i)
 
-			digests[i] ^= finalDigest[i % ZT_SHA512_DIGEST_LEN];
 
-		for(unsigned int d=0;d<ZT_IDENTITY_DERIVEADDRESS_DIGESTS;++d)
 
-			SHA512::hash(digests + (ZT_SHA512_DIGEST_LEN * d),digests,ZT_SHA512_DIGEST_LEN * ZT_IDENTITY_DERIVEADDRESS_DIGESTS);
 
-		SHA512::hash(finalDigest,digests,ZT_SHA512_DIGEST_LEN * ZT_IDENTITY_DERIVEADDRESS_DIGESTS);
 
+		nonce = Utils::crc64(nonce,ram,ZT_IDENTITY_DERIVEADDRESS_MEMORY);
 
+		Salsa20 s20(salsaKey,256,&nonce);
 
+		s20.encrypt(ram,ram,ZT_IDENTITY_DERIVEADDRESS_MEMORY);
 
 	}
 
 
-	delete [] digests;
 
+	unsigned char finalDigest[ZT_SHA512_DIGEST_LEN];
 
+	SHA512::hash(finalDigest,ram,ZT_IDENTITY_DERIVEADDRESS_MEMORY);
 
+
 
+	delete [] ram;
 
 
-	return Address(finalDigest,ZT_ADDRESS_LENGTH); // first 5 bytes of dig[]
 
+	return Address(finalDigest,ZT_ADDRESS_LENGTH);
 
 }
 
 
 } // namespace ZeroTier

+ 5 - 3
node/Multicaster.hpp
View File 

@@ -99,10 +99,11 @@ public:
 
 		throw(std::runtime_error)
 
 	{
 
 		char tmp[65536];
 
-		*((uint64_t *)tmp) = Utils::hton(nwid);
 
+		void *tmp2 = (void *)tmp;
 
+		*((uint64_t *)tmp2) = Utils::hton((uint64_t)nwid);
 
 		memcpy(tmp + 8,from.data,6);
 
 		memcpy(tmp + 14,to.mac().data,6);
 
-		*((uint32_t *)(tmp + 20)) = Utils::hton(to.adi());
 
+		*((uint32_t *)(tmp + 20)) = Utils::hton((uint32_t)to.adi());
 
 		*((uint16_t *)(tmp + 24)) = Utils::hton((uint16_t)etherType);
 
 		memcpy(tmp + 26,data,std::min((unsigned int)(sizeof(tmp) - 26),len)); // min() is a sanity check here, no packet is that big
 
 		return id.sign(tmp,len + 26);
 
@@ -125,7 +126,8 @@ public:
 
 	static bool verifyMulticastPacket(const Identity &id,uint64_t nwid,const MAC &from,const MulticastGroup &to,unsigned int etherType,const void *data,unsigned int len,const void *signature,unsigned int siglen)
 
 	{
 
 		char tmp[65536];
 
-		*((uint64_t *)tmp) = Utils::hton(nwid);
 
+		void *tmp2 = (void *)tmp;
 
+		*((uint64_t *)tmp2) = Utils::hton(nwid);
 
 		memcpy(tmp + 8,from.data,6);
 
 		memcpy(tmp + 14,to.mac().data,6);
 
 		*((uint32_t *)(tmp + 20)) = Utils::hton(to.adi());