cookies: use xchacha20poly1305 instead of chacha20poly1305

This allows us to precompute the blake2s calls and save cycles, since hchacha is fast. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2016-12-23 16:25:18 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2016-12-23 21:09:23 +0100
commit: 23fcffe5a6731591c0611f56f920d6d29184337d (patch)
tree: c68b92313b27b334ee3650f4a573fbb8d91a7c53 /src/cookie.h
parent: 2dea6b0f8353ddaaf0925614c58bcf9a45d68ae5 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/cookie.h b/src/cookie.h
index 4ea20e1..13c646d 100644
--- a/src/cookie.h
+++ b/src/cookie.h
@@ -13,6 +13,7 @@ struct sk_buff;
 
 struct cookie_checker {
 	u8 secret[NOISE_HASH_LEN];
+	u8 cookie_encryption_key[NOISE_SYMMETRIC_KEY_LEN];
 	u64 secret_birthdate;
 	struct rw_semaphore secret_lock;
 	struct ratelimiter ratelimiter;
@@ -25,6 +26,7 @@ struct cookie {
 	u8 cookie[COOKIE_LEN];
 	bool have_sent_mac1;
 	u8 last_mac1_sent[COOKIE_LEN];
+	u8 cookie_decryption_key[NOISE_SYMMETRIC_KEY_LEN];
 	struct rw_semaphore lock;
 };
 
@@ -37,6 +39,7 @@ enum cookie_mac_state {
 
 int cookie_checker_init(struct cookie_checker *checker, struct wireguard_device *wg);
 void cookie_checker_uninit(struct cookie_checker *checker);
+void cookie_checker_precompute_keys(struct cookie_checker *checker, struct wireguard_peer *peer);
 void cookie_init(struct cookie *cookie);
 
 enum cookie_mac_state cookie_validate_packet(struct cookie_checker *checker, struct sk_buff *skb, void *data_start, size_t data_len, bool check_cookie);
author	Jason A. Donenfeld <Jason@zx2c4.com>	2016-12-23 16:25:18 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2016-12-23 21:09:23 +0100
commit	23fcffe5a6731591c0611f56f920d6d29184337d (patch)
tree	c68b92313b27b334ee3650f4a573fbb8d91a7c53 /src/cookie.h
parent	2dea6b0f8353ddaaf0925614c58bcf9a45d68ae5 (diff)