Ana Sayfa Keşfet Yardım
Giriş Yap
cpp
/
ZeroTierOne
şunun yansıması https://github.com/zerotier/ZeroTierOne
2
0
Çatalla 0
Dosyalar Sorunlar 0 Wiki
Kaynağa Gözat

AES works! Only with this or newer nodes. Uses salsa with older ones as usual.

Adam Ierymenko 4 yıl önce
ebeveyn
1c9407e016
işleme
7219ca0c0f
7 değiştirilmiş dosya ile 20 ekleme ve 28 silme
Görünümü Böl Farklılık Durumunu Göster
  1. 1 2
      node/AES.hpp
  2. 0 5
      node/Constants.hpp
  3. 2 3
      node/Identity.hpp
  4. 2 2
      node/IncomingPacket.cpp
  5. 6 6
      node/Packet.cpp
  6. 4 5
      node/Peer.cpp
  7. 5 5
      node/Peer.hpp

+ 1 - 2
node/AES.hpp
Dosyayı Görüntüle 

@@ -376,9 +376,8 @@ public:
 
 		 */
 
 		ZT_INLINE void finish1() noexcept
 
 		{
 
-			uint64_t tmp[2];
 
-
 
 			// Compute 128-bit GMAC tag.
 
+			uint64_t tmp[2];
 
 			_gmac.finish(reinterpret_cast<uint8_t *>(tmp));
 
 
 			// Shorten to 64 bits, concatenate with message IV, and encrypt with AES to

+ 0 - 5
node/Constants.hpp
Dosyayı Görüntüle 

@@ -201,11 +201,6 @@
 
  */
 
 #define ZT_TX_QUEUE_SIZE 32
 
 
-/**
 
- * Length of secret key in bytes -- 256-bit -- do not change
 
- */
 
-#define ZT_PEER_SECRET_KEY_LENGTH 32
 
-
 
 /**
 
  * Minimum delay between timer task checks to prevent thrashing
 
  */

+ 2 - 3
node/Identity.hpp
Dosyayı Görüntüle 

@@ -173,13 +173,12 @@ public:
 
 	 *
 
 	 * @param id Identity to agree with
 
 	 * @param key Result parameter to fill with key bytes
 
-	 * @param klen Length of key in bytes
 
 	 * @return Was agreement successful?
 
 	 */
 
-	inline bool agree(const Identity &id,void *key,unsigned int klen) const
 
+	inline bool agree(const Identity &id,void *const key) const
 
 	{
 
 		if (_privateKey) {
 
-			C25519::agree(*_privateKey,id._publicKey,key,klen);
 
+			C25519::agree(*_privateKey,id._publicKey,key,ZT_SYMMETRIC_KEY_SIZE);
 
 			return true;
 
 		}
 
 		return false;

+ 2 - 2
node/IncomingPacket.cpp
Dosyayı Görüntüle 

@@ -286,8 +286,8 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,void *tPtr,const bool
 
 				if (!RR->node->rateGateIdentityVerification(now,_path->address()))
 
 					return true;
 
 
-				uint8_t key[ZT_PEER_SECRET_KEY_LENGTH];
 
-				if (RR->identity.agree(id,key,ZT_PEER_SECRET_KEY_LENGTH)) {
 
+				uint8_t key[ZT_SYMMETRIC_KEY_SIZE];
 
+				if (RR->identity.agree(id,key)) {
 
 					if (dearmor(key, peer->aesKeysIfSupported())) { // ensure packet is authentic, otherwise drop
 
 						RR->t->incomingPacketDroppedHELLO(tPtr,_path,pid,fromAddress,"address collision");
 
 						Packet outp(id.address(),RR->identity.address(),Packet::VERB_ERROR);

+ 6 - 6
node/Packet.cpp
Dosyayı Görüntüle 

@@ -881,7 +881,6 @@ void Packet::armor(const void *key,bool encryptPayload,const AES aesKeys[2])
 
 	uint8_t *const data = reinterpret_cast<uint8_t *>(unsafeData());
 
 	if ((aesKeys) && (encryptPayload)) {
 
 		char tmp0[16],tmp1[16];
 
-		printf("AES armor %.16llx %s -> %s %u\n",*reinterpret_cast<const uint64_t *>(data),Address(data + ZT_PACKET_IDX_SOURCE,5).toString(tmp0),Address(data + ZT_PACKET_IDX_DEST,5).toString(tmp1),size());
 
 		setCipher(ZT_PROTO_CIPHER_SUITE__AES_GMAC_SIV);
 
 
 		uint8_t *const payload = data + ZT_PACKET_IDX_VERB;
 
@@ -899,7 +898,7 @@ void Packet::armor(const void *key,bool encryptPayload,const AES aesKeys[2])
 
 		Utils::copy<8>(data,tag);
 
 		Utils::copy<8>(data + ZT_PACKET_IDX_MAC,tag + 1);
 
 #else
 
-		*reinterpret_cast<uint64_t *>(data) = tag[0];
 
+		*reinterpret_cast<uint64_t *>(data + ZT_PACKET_IDX_IV) = tag[0];
 
 		*reinterpret_cast<uint64_t *>(data + ZT_PACKET_IDX_MAC) = tag[1];
 
 #endif
 
 	} else {
 
@@ -947,20 +946,21 @@ bool Packet::dearmor(const void *key,const AES aesKeys[2])
 
 
 	if (cs == ZT_PROTO_CIPHER_SUITE__AES_GMAC_SIV) {
 
 		if (aesKeys) {
 
-			printf("AES dearmor\n");
 
-			AES::GMACSIVDecryptor dec(aesKeys[0],aesKeys[1]);
 
-
 
 			uint64_t tag[2];
 
 #ifdef ZT_NO_UNALIGNED_ACCESS
 
 			Utils::copy<8>(tag, data);
 
 			Utils::copy<8>(tag + 1, data + ZT_PACKET_IDX_MAC);
 
 #else
 
-			tag[0] = *reinterpret_cast<uint64_t *>(data);
 
+			tag[0] = *reinterpret_cast<uint64_t *>(data + ZT_PACKET_IDX_IV);
 
 			tag[1] = *reinterpret_cast<uint64_t *>(data + ZT_PACKET_IDX_MAC);
 
 #endif
 
 
+			AES::GMACSIVDecryptor dec(aesKeys[0],aesKeys[1]);
 
 			dec.init(tag, payload);
 
+			const uint8_t oldFlags = data[ZT_PACKET_IDX_FLAGS];
 
+			data[ZT_PACKET_IDX_FLAGS] &= 0xf8;
 
 			dec.aad(data + ZT_PACKET_IDX_DEST,11);
 
+			data[ZT_PACKET_IDX_FLAGS] = oldFlags;
 
 			dec.update(payload, payloadLen);
 
 			return dec.finish();
 
 		}

+ 4 - 5
node/Peer.cpp
Dosyayı Görüntüle 

@@ -58,16 +58,15 @@ Peer::Peer(const RuntimeEnvironment *renv,const Identity &myIdentity,const Ident
 
 	_bondingPolicy(0),
 
 	_lastComputedAggregateMeanLatency(0)
 
 {
 
-	if (!myIdentity.agree(peerIdentity,_key,ZT_PEER_SECRET_KEY_LENGTH)) {
 
+	if (!myIdentity.agree(peerIdentity,_key))
 
 		throw ZT_EXCEPTION_INVALID_ARGUMENT;
 
-	}
 
 
-	uint8_t ktmp[48];
 
+	uint8_t ktmp[ZT_SYMMETRIC_KEY_SIZE];
 
 	KBKDFHMACSHA384(_key,ZT_KBKDF_LABEL_AES_GMAC_SIV_K0,0,0,ktmp);
 
 	_aesKeys[0].init(ktmp);
 
 	KBKDFHMACSHA384(_key,ZT_KBKDF_LABEL_AES_GMAC_SIV_K1,0,0,ktmp);
 
-	_aesKeys[0].init(ktmp);
 
-	Utils::burn(ktmp, 48);
 
+	_aesKeys[1].init(ktmp);
 
+	Utils::burn(ktmp,ZT_SYMMETRIC_KEY_SIZE);
 
 }
 
 
 void Peer::received(

+ 5 - 5
node/Peer.hpp
Dosyayı Görüntüle 

@@ -533,11 +533,11 @@ public:
 
 	 */
 
 	inline int8_t bondingPolicy() { return _bondingPolicy; }
 
 
-	const AES *aesKeysIfSupported() const
 
-	{ return (const AES *)0; }
 
-
 
 	//const AES *aesKeysIfSupported() const
 
-	//{ return (_vProto >= 12) ? _aesKeys : (const AES *)0; }
 
+	//{ return (const AES *)0; }
 
+
 
+	const AES *aesKeysIfSupported() const
 
+	{ return (_vProto >= 12) ? _aesKeys : (const AES *)0; }
 
 
 private:
 
 	struct _PeerPath
 
@@ -548,7 +548,7 @@ private:
 
 		long priority; // >= 1, higher is better
 
 	};
 
 
-	uint8_t _key[ZT_PEER_SECRET_KEY_LENGTH];
 
+	uint8_t _key[ZT_SYMMETRIC_KEY_SIZE];
 
 	AES _aesKeys[2];
 
 
 	const RuntimeEnvironment *RR;