[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Minios-devel] [UNIKRAFT PATCH v4 3/4] lib/ukswrand: Add ChaCha algorithm


  • To: "minios-devel@xxxxxxxxxxxxx" <minios-devel@xxxxxxxxxxxxx>
  • From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
  • Date: Wed, 20 Nov 2019 12:12:56 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=stud.acs.upb.ro; dmarc=pass action=none header.from=stud.acs.upb.ro; dkim=pass header.d=stud.acs.upb.ro; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0/4npEOu7RaKyhR6P8NKHv7kKG/iqEtijz5YGR4OgyU=; b=YJBQPro/no0oMkJK27F2xbmHoDx6sjWyrwxuPcHIes7TZWNQFdZ3yJ3Zh/OHEOwfxHwQlzqydGkiqYO3lgBgq9xZNAZDDNVwahPcsycNgn6DbyKcXsvbEEfLjf0OaVpfZJB15hnb0k/Hz7cb9lC0JZ/prGg4gIsMMgglWDRFOxpcE901yMtz7ruixKEb5koeJdyIRseXoRd9DLuP4KwwAwVLDNIc3BfUZMmOAMVYZUPnOA6/DD3aYVU/jREtJ8DjSvjbWObLCBRK8mfUL+X2y25xXT5K61juiFPmEmjDqjvGQji3AEt6jIrpKO2FKIN7XMqtJKofEwLZ76vlV5GMpQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=azcwkfxI2nS6eNN+tGeKC3LVT5c451fQXE+7+0jM0s0yowInxzjgAAxNXIfMZtsGM+e115C/Hd/R58VM7fZW5LSGlJqoGEyOuIA0dMbLEDpJqSW/d0OcbgIe/3hCRlL6qR8Z+se7vGYUGNN3sa3CNlwDHWtNZWOTD82Wdh+zHnjcAqtZ/4FMufCHxQdMiIA8FOjdSIv5mvJdLk41eh0dkKsrNSXaRY5s7okAesFTP1mC/v0JRqhw8Km8PJF3OKARazyP+Vl6sfFBnUXJcHV8dPV1a5FJRpIjMDz27WwDonuNd96ZytAaQk6vJLfh5V3FmlO16zVZW+3+HzqayFDMEw==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=vlad_andrei.badoiu@xxxxxxxxxxxxxxx;
  • Cc: "felipe.huici@xxxxxxxxx" <felipe.huici@xxxxxxxxx>, "simon.kuenzer@xxxxxxxxx" <simon.kuenzer@xxxxxxxxx>, Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 20 Nov 2019 12:13:15 +0000
  • List-id: Mini-os development list <minios-devel.lists.xenproject.org>
  • Thread-index: AQHVn5vXt475it1BNE6E/47SYOh7ag==
  • Thread-topic: [UNIKRAFT PATCH v4 3/4] lib/ukswrand: Add ChaCha algorithm

From: Vlad-Andrei BĂDOIU (78692) <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>

ChaCha20 is a cryptographically secure pseudorandom number generator. We replace
the existing implementation, which is not secure, with ChaCha20. The
implementation is based on the reference implementation of the author[1].

[1] 
http://cr.yp.to/streamciphers/timings/estreambench/submissions/salsa20/chacha8/ref/chacha.c

Signed-off-by: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
---
 lib/ukswrand/Config.uk   |   7 +-
 lib/ukswrand/Makefile.uk |   1 +
 lib/ukswrand/chacha.c    | 158 +++++++++++++++++++++++++++++++++++++++
 lib/ukswrand/swrand.c    |   7 +-
 4 files changed, 171 insertions(+), 2 deletions(-)
 create mode 100644 lib/ukswrand/chacha.c

diff --git a/lib/ukswrand/Config.uk b/lib/ukswrand/Config.uk
index e056b4c5..199fa62b 100644
--- a/lib/ukswrand/Config.uk
+++ b/lib/ukswrand/Config.uk
@@ -6,12 +6,17 @@ menuconfig LIBUKSWRAND
 if LIBUKSWRAND
 choice
        prompt "Algorithm"
-       default LIBUKSWRAND_MWC
+       default LIBUKSWRAND_CHACHA
 
 config LIBUKSWRAND_MWC
        bool "Multiply-with-carry"
        help
                Use multiply-with-carry algorithm
+
+config LIBUKSWRAND_CHACHA
+       bool "ChaCha20"
+       help
+               Use ChaCha20 algorithm
 endchoice
 
 choice
diff --git a/lib/ukswrand/Makefile.uk b/lib/ukswrand/Makefile.uk
index da85d381..fe6a63e1 100644
--- a/lib/ukswrand/Makefile.uk
+++ b/lib/ukswrand/Makefile.uk
@@ -4,6 +4,7 @@ CINCLUDES-$(CONFIG_LIBUKSWRAND) += -I$(LIBUKSWRAND_BASE)/include
 CXXINCLUDES-$(CONFIG_LIBUKSWRAND) += -I$(LIBUKSWRAND_BASE)/include
 
 LIBUKSWRAND_SRCS-$(CONFIG_LIBUKSWRAND_MWC) += $(LIBUKSWRAND_BASE)/mwc.c
+LIBUKSWRAND_SRCS-$(CONFIG_LIBUKSWRAND_CHACHA) += $(LIBUKSWRAND_BASE)/chacha.c
 LIBUKSWRAND_SRCS-$(CONFIG_LIBUKSWRAND_DEVFS) += $(LIBUKSWRAND_BASE)/dev.c
 LIBUKSWRAND_SRCS-y += $(LIBUKSWRAND_BASE)/swrand.c
 LIBUKSWRAND_SRCS-y += $(LIBUKSWRAND_BASE)/getrandom.c
diff --git a/lib/ukswrand/chacha.c b/lib/ukswrand/chacha.c
new file mode 100644
index 00000000..b986eaec
--- /dev/null
+++ b/lib/ukswrand/chacha.c
@@ -0,0 +1,158 @@
+/* SPDX-License-Identifier: BSD-3-Clause */
+/*
+ * Authors: Vlad-Andrei Badoiu <vlad_andrei.badoiu@xxxxxxxxxxxxxxx>
+ *
+ * Copyright (c) 2019, University Politehnica of Bucharest. All rights 
reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the copyright holder nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ * THIS HEADER MAY NOT BE EXTRACTED OR MODIFIED IN ANY WAY.
+ */
+
+#include <string.h>
+#include <uk/swrand.h>
+#include <uk/print.h>
+#include <uk/assert.h>
+#include <uk/ctors.h>
+
+struct uk_swrand {
+       int k;
+       __u32 input[16], output[16];
+};
+
+struct uk_swrand uk_swrand_def;
+
+/* This value isn't important, as long as it's sufficiently asymmetric */
+static const char sigma[16] = "expand 32-byte k";
+
+static inline __u32 _uk_rotl32(__u32 v, int c)
+{
+       return (v << c) | (v >> (32 - c));
+}
+
+static inline void _uk_quarterround(__u32 x[16], int a, int b, int c, int d)
+{
+       x[a] = x[a] + x[b];
+       x[d] = _uk_rotl32(x[d] ^ x[a], 16);
+
+       x[c] = x[c] + x[d];
+       x[b] = _uk_rotl32(x[b] ^ x[c], 12);
+
+       x[a] = x[a] + x[b];
+       x[d] = _uk_rotl32(x[d] ^ x[a], 8);
+
+       x[c] = x[c] + x[d];
+       x[b] = _uk_rotl32(x[b] ^ x[c], 7);
+}
+
+static inline void
+_uk_salsa20_wordtobyte(__u32 output[16], const __u32 input[16])
+{
+       __u32 i;
+
+       for (i = 0; i < 16; i++)
+               output[i] = input[i];
+
+       for (i = 8; i > 0; i -= 2) {
+               _uk_quarterround(output, 0, 4, 8, 12);
+               _uk_quarterround(output, 1, 5, 9, 13);
+               _uk_quarterround(output, 2, 6, 10, 14);
+               _uk_quarterround(output, 3, 7, 11, 15);
+               _uk_quarterround(output, 0, 5, 10, 15);
+               _uk_quarterround(output, 1, 6, 11, 12);
+               _uk_quarterround(output, 2, 7, 8, 13);
+               _uk_quarterround(output, 3, 4, 9, 14);
+       }
+
+       for (i = 0; i < 16; i++)
+               output[i] += input[i];
+}
+
+static inline void _uk_key_setup(struct uk_swrand *r, __u32 k[8])
+{
+       int i;
+
+       for (i = 0; i < 8; i++)
+               r->input[i + 4] = k[i];
+
+       for (i = 0; i < 4; i++)
+               r->input[i] = ((__u32 *)sigma)[i];
+}
+
+static inline void _uk_iv_setup(struct uk_swrand *r, __u32 iv[2])
+{
+       r->input[12] = 0;
+       r->input[13] = 0;
+       r->input[14] = iv[0];
+       r->input[15] = iv[1];
+}
+
+static inline __u32 _infvec_val(unsigned int c, const __u32 v[], unsigned int 
pos)
+{
+    if (c == 0)
+        return 0x0;
+    return v[pos % c];
+}
+
+void uk_swrand_init_r(struct uk_swrand *r, unsigned int seedc, const __u32 
seedv[])
+{
+       __u32 i;
+
+       UK_ASSERT(r);
+       /* Initialize chacha */
+       __u32 k[8], iv[2];
+
+       for (i = 0; i < 8; i++)
+               k[i] = _infvec_val(10, seedv, i);
+
+       iv[0] = _infvec_val(seedc, seedv, i);
+       iv[1] = _infvec_val(seedc, seedv, i + 1);
+
+       _uk_key_setup(r, k);
+       _uk_iv_setup(r, iv);
+
+       r->k = 16;
+}
+
+__u32 uk_swrand_randr_r(struct uk_swrand *r)
+{
+       __u32 res;
+
+       for (;;) {
+               _uk_salsa20_wordtobyte(r->output, r->input);
+               r->input[12] = r->input[12] + 1;
+               if (r->input[12] == 0)
+                       r->input[13]++;
+
+               if (r->k < 16) {
+                       res = r->output[r->k];
+                       r->k += 1;
+                       return res;
+               }
+
+               r->k = 0;
+       }
+}
diff --git a/lib/ukswrand/swrand.c b/lib/ukswrand/swrand.c
index b3f410fb..ca267bf0 100644
--- a/lib/ukswrand/swrand.c
+++ b/lib/ukswrand/swrand.c
@@ -80,13 +80,18 @@ ssize_t uk_swrand_fill_buffer(void *buf, size_t buflen)
 static void _uk_swrand_ctor(void)
 {
        unsigned int i;
+#ifdef CONFIG_LIBUKSWRAND_CHACHA
+       unsigned int seedc = 10;
+       __u32 seedv[10];
+#else
        unsigned int seedc = 2;
        __u32 seedv[2];
+#endif
+       uk_pr_info("Initialize random number generator...\n");
 
        for (i = 0; i < seedc; i++)
                seedv[i] = uk_swrandr_gen_seed32();
 
-       uk_pr_info("Initialize random number generator...\n");
        uk_swrand_init_r(&uk_swrand_def, seedc, seedv);
 }
 
-- 
2.20.1

_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.