wip: cleanup

aestests/aes_test.go

@@ -0,0 +1,79 @@
+package aestests
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"log"
+	"testing"
+)
+
+func must(err error) {
+	if err != nil {
+		panic(err)
+	}
+}
+
+func TestAES(t *testing.T) {
+	key := make([]byte, 32)
+	rand.Read(key)
+
+	block, err := aes.NewCipher(key)
+	must(err)
+
+	aesgcm, err := cipher.NewGCM(block)
+	must(err)
+
+	log.Print(aesgcm.NonceSize())
+	log.Print(aesgcm.Overhead())
+}
+
+func BenchmarkSeal(b *testing.B) {
+	key := make([]byte, 32)
+	rand.Read(key)
+
+	block, err := aes.NewCipher(key)
+	must(err)
+
+	cryptor, err := cipher.NewGCM(block)
+	must(err)
+
+	nonce := make([]byte, 12)
+	rand.Read(nonce)
+
+	data := make([]byte, 1400)
+	rand.Read(data)
+
+	out := make([]byte, 1500)
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		out = cryptor.Seal(out[:0], nonce, data, nil)
+	}
+}
+
+func BenchmarkOpen(b *testing.B) {
+	key := make([]byte, 32)
+	rand.Read(key)
+
+	block, err := aes.NewCipher(key)
+	must(err)
+
+	cryptor, err := cipher.NewGCM(block)
+	must(err)
+
+	nonce := make([]byte, 12)
+	rand.Read(nonce)
+
+	data := make([]byte, 1400)
+	rand.Read(data)
+
+	sealed := make([]byte, 1500)
+	sealed = cryptor.Seal(sealed[:0], nonce, data, nil)
+
+	dec := make([]byte, 1500)
+
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		dec, err = cryptor.Open(dec[:0], nonce, sealed, nil)
+	}
+}

node/conn.go

@@ -150,10 +150,6 @@ func (r *connReader) Read(buf []byte) (remoteAddr netip.AddrPort, h header, data
 
 		h.Parse(data)
 
-		if len(data) != headerSize+int(h.DataSize) {
-			continue // Invalid header.
-		}
-
 		peer := r.routing.Get(h.SourceIP)
 		if peer == nil {
 			continue

node/crypto.go

@@ -9,11 +9,10 @@ import (
 
 // Encrypting the packet will also set the header's DataSize field.
 func encryptPacket(h *header, sharedKey, data, out []byte) []byte {
-	h.DataSize = uint16(len(data) + box.Overhead)
+	out = out[:headerSize]
-	out = out[:h.DataSize+headerSize]
 	h.Marshal(out)
-	box.SealAfterPrecomputation(out[headerSize:headerSize], data, (*[24]byte)(out[:headerSize]), (*[32]byte)(sharedKey))
+	b := box.SealAfterPrecomputation(out[headerSize:headerSize], data, (*[24]byte)(out[:headerSize]), (*[32]byte)(sharedKey))
-	return out
+	return out[:len(b)+headerSize]
 }
 
 func decryptPacket(sharedKey, packetAndHeader, out []byte) (decrypted []byte, ok bool) {

node/crypto_test.go

@@ -35,8 +35,8 @@ func TestEncryptDecryptPacket(t *testing.T) {
 	h := header{
 		Counter:  2893749238,
 		SourceIP: 5,
-		ViaIP:    8,
 		DestIP:   12,
+		Forward:  1,
 		Stream:   1,
 	}
 
@@ -87,8 +87,8 @@ func BenchmarkEncryptPacket(b *testing.B) {
 	h := header{
 		Counter:  2893749238,
 		SourceIP: 5,
-		ViaIP:    8,
 		DestIP:   12,
+		Forward:  1,
 		Stream:   1,
 	}
 
@@ -123,8 +123,8 @@ func BenchmarkDecryptPacket(b *testing.B) {
 	h := header{
 		Counter:  2893749238,
 		SourceIP: 5,
-		ViaIP:    8,
 		DestIP:   12,
+		Forward:  1,
 		Stream:   1,
 	}
 

node/header.go

@@ -13,8 +13,7 @@ type header struct {
 	SourceIP byte
 	DestIP   byte
 	Forward  byte
-	Stream   byte   // See stream* constants.
+	Stream   byte // See stream* constants.
-	DataSize uint16 // Data size following associated data.
 }
 
 func (hdr *header) Parse(nb []byte) {
@@ -23,7 +22,6 @@ func (hdr *header) Parse(nb []byte) {
 	hdr.DestIP = nb[9]
 	hdr.Forward = nb[10]
 	hdr.Stream = nb[11]
-	hdr.DataSize = *(*uint16)(unsafe.Pointer(&nb[12]))
 }
 
 func (hdr header) Marshal(buf []byte) {
@@ -32,5 +30,4 @@ func (hdr header) Marshal(buf []byte) {
 	buf[9] = hdr.DestIP
 	buf[10] = hdr.Forward
 	buf[11] = hdr.Stream
-	*(*uint16)(unsafe.Pointer(&buf[12])) = hdr.DataSize
 }

node/header_test.go

@@ -6,10 +6,9 @@ func TestHeaderMarshalParse(t *testing.T) {
 	nIn := header{
 		Counter:  3212,
 		SourceIP: 34,
-		ViaIP:    20,
 		DestIP:   200,
+		Forward:  1,
 		Stream:   44,
-		DataSize: 1235,
 	}
 
 	buf := make([]byte, headerSize)