chacha: Create common file to avoid code duplication

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

include/libssh/chacha.h

@@ -17,7 +17,6 @@ struct chacha_ctx {
 #define CHACHA_NONCELEN   8
 #define CHACHA_CTRLEN     8
 #define CHACHA_STATELEN   (CHACHA_NONCELEN+CHACHA_CTRLEN)
-#define CHACHA_BLOCKLEN   64
 
 void chacha_keysetup(struct chacha_ctx *x, const uint8_t *k, uint32_t kbits)
 #ifdef HAVE_GCC_BOUNDED_ATTRIBUTE

include/libssh/chacha20-poly1305-common.h

@@ -0,0 +1,54 @@
+/*
+ * This file is part of the SSH Library
+ *
+ * Copyright (c) 2020 Red Hat, Inc.
+ *
+ * Author: Jakub Jelen <jjelen@redhat.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+/*
+ * chacha20-poly1305.h file
+ * This file includes definitions needed for Chacha20-poly1305 AEAD cipher
+ * using different crypto backends.
+ */
+
+#ifndef CHACHA20_POLY1305_H
+#define CHACHA20_POLY1305_H
+
+#define CHACHA20_BLOCKSIZE 64
+#define CHACHA20_KEYLEN 32
+
+#define POLY1305_TAGLEN 16
+/* size of the keys k1 and k2 as defined in specs */
+#define POLY1305_KEYLEN 32
+
+#ifdef _MSC_VER
+#pragma pack(push, 1)
+#endif
+struct ssh_packet_header {
+    uint32_t length;
+    uint8_t payload[];
+}
+#if defined(__GNUC__)
+__attribute__ ((packed))
+#endif
+#ifdef _MSC_VER
+#pragma pack(pop)
+#endif
+;
+
+#endif /* CHACHA20_POLY1305_H */

include/libssh/poly1305.h

@@ -5,9 +5,7 @@
 
 #ifndef POLY1305_H
 #define POLY1305_H
-
-#define POLY1305_KEYLEN    32
-#define POLY1305_TAGLEN    16
+#include "libssh/chacha20-poly1305-common.h"
 
 void poly1305_auth(uint8_t out[POLY1305_TAGLEN], const uint8_t *m, size_t inlen,
     const uint8_t key[POLY1305_KEYLEN])

src/chachapoly.c

@@ -26,9 +26,8 @@
 #include "libssh/chacha.h"
 #include "libssh/poly1305.h"
 #include "libssh/misc.h"
+#include "libssh/chacha20-poly1305-common.h"
 
-/* size of the keys k1 and k2 as defined in specs */
-#define CHACHA20_KEYLEN 32
 struct chacha20_poly1305_keysched {
     /* key used for encrypting the length field*/
     struct chacha_ctx k1;
@@ -36,13 +35,6 @@ struct chacha20_poly1305_keysched {
     struct chacha_ctx k2;
 };
 
-#pragma pack(push, 1)
-struct ssh_packet_header {
-    uint32_t length;
-    uint8_t payload[];
-};
-#pragma pack(pop)
-
 static const uint8_t zero_block_counter[8] = {0, 0, 0, 0, 0, 0, 0, 0};
 static const uint8_t payload_block_counter[8] = {1, 0, 0, 0, 0, 0, 0, 0};
 

src/libgcrypt.c

@@ -33,18 +33,15 @@
 #include "libssh/wrapper.h"
 #include "libssh/string.h"
 #include "libssh/misc.h"
+#ifdef HAVE_GCRYPT_CHACHA_POLY
+#include "libssh/chacha20-poly1305-common.h"
+#endif
 
 #ifdef HAVE_LIBGCRYPT
 #include <gcrypt.h>
 
 #ifdef HAVE_GCRYPT_CHACHA_POLY
 
-#define CHACHA20_BLOCKSIZE 64
-#define CHACHA20_KEYLEN 32
-
-#define POLY1305_TAGLEN 16
-#define POLY1305_KEYLEN 32
-
 struct chacha20_poly1305_keysched {
     bool initialized;
     /* cipher handle used for encrypting the packets */
@@ -55,13 +52,6 @@ struct chacha20_poly1305_keysched {
     gcry_mac_hd_t mac_hd;
 };
 
-#pragma pack(push, 1)
-struct ssh_packet_header {
-    uint32_t length;
-    uint8_t payload[];
-};
-#pragma pack(pop)
-
 static const uint8_t zero_block[CHACHA20_BLOCKSIZE] = {0};
 #endif /* HAVE_GCRYPT_CHACHA_POLY */
 

tests/unittests/torture_crypto.c

@@ -4,6 +4,7 @@
 
 #include "torture.h"
 #include "libssh/crypto.h"
+#include "libssh/chacha20-poly1305-common.h"
 
 uint8_t key[32] =
     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e"
@@ -110,16 +111,15 @@ static void torture_crypto_aes256_cbc(void **state)
     ssh_cipher_clear(&cipher);
 }
 
-#define POLY1305_TAGLEN 16
-
-uint8_t chacha20poly1305_key[64] =
+uint8_t chacha20poly1305_key[CHACHA20_KEYLEN*2] =
     "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e"
     "\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d"
     "\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c"
     "\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b"
     "\x3c\x3d\x3e\x3f";
 
-uint8_t chacha20poly1305_cleartext[144] =
+#define CLEARTEXT_LENGTH 144
+uint8_t chacha20poly1305_cleartext[CLEARTEXT_LENGTH] =
     "\xb4\xfc\x5d\xc2\x49\x8d\x2c\x29\x4a\xc9\x9a\xb0\x1b\xf8\x29"
     "\xee\x85\x6d\x8c\x04\x34\x7c\x65\xf4\x89\x97\xc5\x71\x70\x41"
     "\x91\x40\x19\x60\xe1\xf1\x8f\x4d\x8c\x17\x51\xd6\xbc\x69\x6e"
@@ -133,7 +133,7 @@ uint8_t chacha20poly1305_cleartext[144] =
 
 uint64_t chacha20poly1305_seq = (uint64_t)1234567890 * 98765431;
 
-uint8_t chacha20poly1305_encrypted[sizeof(uint32_t) + 144 + POLY1305_TAGLEN] =
+uint8_t chacha20poly1305_encrypted[sizeof(uint32_t) + CLEARTEXT_LENGTH + POLY1305_TAGLEN] =
     "\xac\x2e\x4c\x54\xf6\x97\x75\xb4\x3b\x8f\xb0\x8e\xb0\x0a\x8e"
     "\xb3\x90\x21\x0d\x7a\xb6\xd3\x03\xf6\xbc\x6e\x3a\x32\x67\xe1"
     "\x13\x65\x43\x3b\x34\x9d\xcb\x62\x7e\x0a\x80\xb0\x45\x87\x07"