Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat!: add skip_bits option to scramble() #11

Merged
merged 6 commits into from
May 15, 2024
Merged

feat!: add skip_bits option to scramble() #11

merged 6 commits into from
May 15, 2024

Conversation

WieeRd
Copy link
Collaborator

@WieeRd WieeRd commented May 13, 2024
edited
Loading

Addition of IP class preservation has been postponed and the class detection has been reverted.
The skip_bits feature is useful and ready to be used on its own, so this PR is now solely dedicated to that part.

Basically this:

// this amount of bits will be left unanonymized;
// preserving the exact same class prefix from the original addr
let skip_bits = match addr.octets()[0] >> 4 {
    0b0000..=0b0111 => 1, // class A: 0b0...
    0b1000..=0b1011 => 2, // class B: 0b10..
    0b1100..=0b1101 => 3, // class C: 0b110.
    0b1110..=0b1110 => 4, // class D: 0b1110
    _ => return addr, // class E: 0b1111 - do not anonymize
};

Based on this (cryptopANT.c)

#define MAX_CLASS_BITS		4
	static int _class_bits[1<<MAX_CLASS_BITS] = {
		1,1,1,1,1,1,1,1, /* class A: preserve 1 bit  */
		2,2,2,2,	 /* class B: preserve 2 bits */
		3,3,		 /* class C: preserve 3 bits */
		4,		 /* class D: preserve 4 bits */
		32 		 /* class bad, preserve all  */
	};

In detail:

  • Encryption loop is now stateless and ready to be parallelized
  • scramble(bytes, n_bits) -> scramble(bytes, skip_bits, max_bits).
  • scramble_ipv4() auto detects IP class and preserves its prefix.
  • test_scramble_ipv4_full() in OpenSSL backend module has been commented out.

Unresolved Tasks/Questions:

  • Is IP class still a thing? Do we really need this??
  • Should I make this behavior optional? New parameter or feature flag?
  • Ipv4 test dataset is now obsolete because of this change.

@WieeRd
fix: make the encryption loop stateless
27dcb55 
In preparation for the planned `pass_bits` feature.
Each iteration of the loop can now be executed out of order.
@WieeRd
feat: add pass_bits parameter to scramble()
02d47e1
@WieeRd
feat!: make scramble_ipv4() preserve IP class
be07485 
Disabled OpenSSL ipv4 tests due to altered output.
@WieeRd WieeRd added the enhancement New feature or request label May 13, 2024
@WieeRd WieeRd requested a review from SkuldNorniern May 13, 2024 13:26
@WieeRd WieeRd self-assigned this May 13, 2024
@WieeRd
fix!: rename params - n_bits to max_bits, pass_bits to skip_bits
ded1dee 
Also swapped their order because `skip_bits..max_bits` made more sense.
@WieeRd WieeRd marked this pull request as draft May 13, 2024 22:53
@WieeRd WieeRd marked this pull request as draft May 13, 2024 22:53
@SkuldNorniern SkuldNorniern marked this pull request as ready for review May 14, 2024 04:38
@WieeRd WieeRd changed the title feat!: make scramble_ipv4() preserve class bits feat!: add skip_bits option to scramble() May 15, 2024
SkuldNorniern
SkuldNorniern approved these changes May 15, 2024
View reviewed changes
Copy link
Owner

@SkuldNorniern SkuldNorniern left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@SkuldNorniern SkuldNorniern merged commit 8b216c9 into SkuldNorniern:main May 15, 2024
2 checks passed
@WieeRd WieeRd deleted the classified branch May 15, 2024 23:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SkuldNorniern SkuldNorniern SkuldNorniern approved these changes

Assignees

@WieeRd WieeRd

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@WieeRd @SkuldNorniern