From 8c9b73f67b786d9c08ffc98cc4b0f9b7c44b7717 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 18 Oct 2013 17:39:48 -0400
Subject: Make Salsa20 variable-round, allowing for Salsa20/12 to be used for
 Packet encrypt and decrypt. Profiling analysis found that Salsa20 encrypt was
 accounting for a nontrivial percentage of CPU time, so it makes sense to cut
 this load fundamentally. There are no published attacks against Salsa20/12,
 and DJB believes 20 rounds to be overkill. This should be more than enough
 for our needs. Obviously incorporating ASM Salsa20 is among the next steps
 for performance.

---
 node/NodeConfig.cpp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'node/NodeConfig.cpp')

diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp
index 0dda8da7..f26cd8ea 100644
--- a/node/NodeConfig.cpp
+++ b/node/NodeConfig.cpp
@@ -49,6 +49,7 @@
 #include "Logger.hpp"
 #include "Topology.hpp"
 #include "Demarc.hpp"
+#include "Packet.hpp"
 #include "InetAddress.hpp"
 #include "Peer.hpp"
 #include "Salsa20.hpp"
@@ -283,7 +284,7 @@ std::vector< Buffer<ZT_NODECONFIG_MAX_PACKET_SIZE> > NodeConfig::encodeControlMe
 			Utils::getSecureRandom(iv,8);
 			memcpy(packet.field(8,8),iv,8);
 
-			Salsa20 s20(key,256,iv);
+			Salsa20 s20(key,256,iv,ZT_PROTO_SALSA20_ROUNDS);
 			s20.encrypt(packet.field(16,packet.size() - 16),packet.field(16,packet.size() - 16),packet.size() - 16);
 
 			memcpy(keytmp,key,32);
@@ -322,7 +323,7 @@ bool NodeConfig::decodeControlMessagePacket(const void *key,const void *data,uns
 		if (!Utils::secureEq(packet.field(0,8),poly1305tag,8))
 			return false;
 
-		Salsa20 s20(key,256,packet.field(8,8));
+		Salsa20 s20(key,256,packet.field(8,8),ZT_PROTO_SALSA20_ROUNDS);
 		s20.decrypt(packet.field(16,packet.size() - 16),packet.field(16,packet.size() - 16),packet.size() - 16);
 
 		conversationId = packet.at<uint32_t>(16);
-- 
cgit v1.2.3