Hesham/wintun
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

api: rework pool hashing

Browse Source 
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2020-10-30 16:31:41 +01:00 committed by Simon Rozman
parent 0a8bf9d1ff
commit b4a1494fb2
1 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
api/namespace.c
View File

@ -52,8 +52,6 @@ NamespaceRuntimeInit(void)
return ERROR_SUCCESS; return ERROR_SUCCESS;
} }
/* TODO: wireguard-go uses Blake2s hashing in tun\wintun\namespace_windows.go, unfortunately not available in
* Windows API. SHA-256 is used instead. */
if (!BCRYPT_SUCCESS(BCryptOpenAlgorithmProvider(&AlgProvider, BCRYPT_SHA256_ALGORITHM, NULL, 0))) if (!BCRYPT_SUCCESS(BCryptOpenAlgorithmProvider(&AlgProvider, BCRYPT_SHA256_ALGORITHM, NULL, 0)))
{ {
Result = ERROR_GEN_FAILURE; Result = ERROR_GEN_FAILURE;
@ -116,19 +114,16 @@ NamespaceTakeMutex(_In_z_ const WCHAR *Pool)
if (NamespaceRuntimeInit() != ERROR_SUCCESS) if (NamespaceRuntimeInit() != ERROR_SUCCESS)
return NULL; return NULL;
/* TODO: wireguard-go uses Blake2s hashing in tun\wintun\namespace_windows.go, unfortunately not available in
* Windows API. SHA-256 is used instead. */
BCRYPT_HASH_HANDLE Sha256 = NULL; BCRYPT_HASH_HANDLE Sha256 = NULL;
if (!BCRYPT_SUCCESS(BCryptCreateHash(AlgProvider, &Sha256, NULL, 0, NULL, 0, 0))) if (!BCRYPT_SUCCESS(BCryptCreateHash(AlgProvider, &Sha256, NULL, 0, NULL, 0, 0)))
return NULL; return NULL;
static const char mutex_label[] = "WireGuard Adapter Name Mutex Stable Suffix v1 jason@zx2c4.com"; static const WCHAR mutex_label[] = L"Wintun Adapter Name Mutex Stable Suffix v1 jason@zx2c4.com";
if (!BCRYPT_SUCCESS(BCryptHashData(Sha256, (PUCHAR)mutex_label, sizeof(mutex_label) - sizeof(char), 0))) if (!BCRYPT_SUCCESS(BCryptHashData(Sha256, (PUCHAR)mutex_label, sizeof(mutex_label) /* Including NULL 2 bytes */, 0)))
goto cleanupSha256; goto cleanupSha256;
WCHAR *PoolNorm = NormalizeStringAlloc(NormalizationC, Pool); WCHAR *PoolNorm = NormalizeStringAlloc(NormalizationC, Pool);
if (!PoolNorm) if (!PoolNorm)
goto cleanupSha256; goto cleanupSha256;
/* TODO: wireguard-go hashes UTF-8 normalized pool name. We hash UTF-16 here. */ if (!BCRYPT_SUCCESS(BCryptHashData(Sha256, (PUCHAR)PoolNorm, (int)wcslen(PoolNorm) + 2 /* Add in NULL 2 bytes */, 0)))
if (!BCRYPT_SUCCESS(BCryptHashData(Sha256, (PUCHAR)PoolNorm, (int)wcslen(PoolNorm), 0)))
goto cleanupPoolNorm; goto cleanupPoolNorm;
BYTE Hash[32]; BYTE Hash[32];
if (!BCRYPT_SUCCESS(BCryptFinishHash(Sha256, Hash, sizeof(Hash), 0))) if (!BCRYPT_SUCCESS(BCryptFinishHash(Sha256, Hash, sizeof(Hash), 0)))