ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Wireshark-commits: [Wireshark-commits] master d7187e0: wsutil: Add Curve25519 ECDH (X25519) using G

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Wed, 08 Aug 2018 11:24:02 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d7187e0b1ba0303dc493c4a75d9949cfca8ede98
Submitter: "Anders Broman <a.broman58@xxxxxxxxx>"
Changed: branch: master
Repository: wireshark

Commits:

d7187e0 by Peter Wu (peter@xxxxxxxxxxxxx):

    wsutil: Add Curve25519 ECDH (X25519) using Gcrypt
    
    The WireGuard dissector will need X25519 to enable decryption, add a
    Gcrypt implementation that implements the NaCl/Sodium interface.
    
    While inspired by the MPI example in t-cv25519.c, note subtle but
    important correctness/interoperability fixes: add a check for infinity
    (gcry_mpi_ec_get_affine) and handle short values from gcry_mpi_print.
    The last issue is ugly, perhaps the high level API (gcry_pk_decrypt)
    should be used instead (which < 2% slower than this MPI implementation).
    (Both issues were found through fuzzing.)
    
    As for alternative options, Sodium is superior but would be a new
    dependency. For some older performance and usability notes (comparing
    crypto_scalarmult_curve25519_base (note "_base") against others), see
    https://lists.gnupg.org/pipermail/gcrypt-devel/2018-July/004532.html
    
    Performance comparison on Ubuntu 18.04 (i7-3770) between Sodium 1.0.16
    against Gcrypt 1.8.3 and Gcrypt 86e5e06a (git master, future 1.9.x) by
    computing 65536 times X25519(1, 8) via crypto_scalarmult_curve25519:
    
        Sodium (sandy2x):   1.4x faster than ref10
        Sodium (ref10):     1 (baseline)
        Gcrypt (git):       5x slower than ref10, 7x slower than sandy2x
        Gcrypt (1.8.3):     17x ref10, 24x sandy2x (took 65 seconds)
    
    Change-Id: Ia54e73cc3cc469a6697554729aff4edd19f55630
    Ping-Bug: 15011
    Reviewed-on: https://code.wireshark.org/review/28987
    Reviewed-by: Anders Broman <a.broman58@xxxxxxxxx>
    

Actions performed:

    from  e50ae0a   WireGuard: add session tracking
     add  d7187e0   wsutil: Add Curve25519 ECDH (X25519) using Gcrypt


Summary of changes:
 debian/libwsutil0.symbols |   2 +
 wsutil/CMakeLists.txt     |   2 +
 wsutil/curve25519.c       | 103 ++++++++++++++++++++++++++++++++++++++++++++++
 wsutil/curve25519.h       |  41 ++++++++++++++++++
 4 files changed, 148 insertions(+)
 create mode 100644 wsutil/curve25519.c
 create mode 100644 wsutil/curve25519.h
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube