summaryrefslogtreecommitdiffhomepage
path: root/src/cookie.c
AgeCommit message (Collapse)Author
2017-06-12random: wait for random bytes when generating nonces and ephemeralsJason A. Donenfeld
We can let userspace configure wireguard interfaces before the RNG is fully initialized, since what we mostly care about is having good randomness for ephemerals and xchacha nonces. By deferring the wait to actually asking for the randomness, we give a lot more opportunity for gathering entropy. This won't cover entropy for hash table secrets or cookie secrets (which rotate anyway), but those have far less catastrophic failure modes, so ensuring good randomness for elliptic curve points and nonces should be sufficient. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-31debug: print interface name in dmesgJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17noise: redesign preshared key modeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-04-21cookie: move the bangsJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-20data: big refactoringJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-03-19cookie: no need to hash rngJason A. Donenfeld
Since 4.8 or so, the RNG uses chacha, so we feel less scared about exposing its output directly. (Older kernels will simply suffer the paranoia.) Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-10Update copyrightJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-26cookie: optimizeJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-23cookies: use xchacha20poly1305 instead of chacha20poly1305Jason A. Donenfeld
This allows us to precompute the blake2s calls and save cycles, since hchacha is fast. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-12-16messages: increase header by 3 bytes for alignmentJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-21headers: cleanup noticesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-06cookie: avoid void pointer arithmaticJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-11-05c89: the static keyword is okay in c99, but not in c89Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-09-29Rework headers and includesJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-08-02c: specify static array size in function paramsJason A. Donenfeld
The C standard states: A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to type'', where the type qualifiers (if any) are those specified within the [ and ] of the array type derivation. If the keyword static also appears within the [ and ] of the array type derivation, then for each call to the function, the value of the corresponding actual argument shall provide access to the first element of an array with at least as many elements as specified by the size expression. By changing void func(int array[4]) to void func(int array[static 4]), we automatically get the compiler checking argument sizes for us, which is quite nice. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-07-22cookie: do not expose csprng directlyJason A. Donenfeld
It may not be wise to directly publish the output of the CSPRNG, so we run the output through a round of Blake2s first. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-06-25Initial commitJason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>