Epoch data channel #127
Merged
Epoch data channel #127
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Introduce OvpnAcquire/ReleaseSpinLock(), which acquire/release spinlock taking into account dpc and shared/exclusive. Signed-off-by: Lev Stipakov <[email protected]>
Member
Author
|
@mfil it would be nice if you could check (at least) the crypto part. It mirrors the userspace implementation. |
mfil
reviewed
Sep 25, 2025
mfil
reviewed
Sep 25, 2025
lstipakov
force-pushed
the
multipeer
branch
5 times, most recently
from
6d8e3c3 to
44f8e07
Compare
mfil
reviewed
Sep 26, 2025
This implements epoch data channel format for AEAD ciphers, based on RFC and userspace implementation. - https://openvpn.github.io/openvpn-rfc/openvpn-wire-protocol.html#name-openvpn-epoch-data-channel- - https://gerrit.openvpn.net/c/openvpn/+/806 The differences with userspace implemenation are: - use BCrypt key derivation API instead of own implementation - receive key usage limits are ignored Note that this lacks proper locking on updating epoch keys, this will be implemented in follow-up commit. Driver version is bumped to 2.8.0. GitHub: OpenVPN#104 Signed-off-by: Lev Stipakov <[email protected]>
AEAD needs to tweak its epoch keys whenever we hit the usage limit (TX) or see a packet from a new epoch (RX). That update isn’t atomic: we rebuild send/recv contexts, refresh future keys, and advance nonce counters. The code used to do this while the peer spin lock was held in shared mode, so another thread could see half-written state. Introduce OvpnCryptoCallWithRetry() plus small invoke helpers. The crypto routines keep working under the shared lock on the fast path, but they return STATUS_OVPN_CRYPTO_RETRY when a real mutation is required. The caller then upgrades to the exclusive lock, retries with allowRekey = TRUE, and commits the changes once they’re consistent. That keeps normal traffic on the cheap shared lock while epoch rotations happen safely under exclusive ownership. Signed-off-by: Lev Stipakov <[email protected]>
Uninit key slot, set keId/peerId and reset crypto options. Signed-off-by: Lev Stipakov <[email protected]>
lstipakov
force-pushed
the
multipeer
branch
from
44f8e07 to
3bfb494
Compare
mfil
reviewed
Sep 29, 2025
schwabe
reviewed
Sep 29, 2025
schwabe
reviewed
Sep 29, 2025
The common function OvpnCryptoAEADDoWork() has grown too large and now it doesn't make sense to have it. Do encrypt/decrypt in itn own functions. While on it, improve comments. Signed-off-by: Lev Stipakov <[email protected]>
lstipakov
force-pushed
the
multipeer
branch
2 times, most recently
from
2883266 to
814a36b
Compare
Create a separate googletest-based project. Move some of epoch crypto code into own compilation unit. Add test run to GHA. Signed-off-by: Lev Stipakov <[email protected]>
Contributor
|
The crypto code looks good to me, but I don't feel like I understand the Windows driver stuff enough to approve. Can we get someone else to take another look? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.