Docs, code cleanup, and protect the extra new fields of HELLO with encryption as a precaution.
This commit is contained in:
parent
594cb1fad8
commit
43182f8f57
13 changed files with 163 additions and 116 deletions
|
@ -18,9 +18,21 @@
|
|||
|
||||
#include <stdint.h>
|
||||
#include <stddef.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "Packet.hpp"
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#define FORCE_INLINE static __forceinline
|
||||
#include <intrin.h>
|
||||
#pragma warning(disable : 4127) /* disable: C4127: conditional expression is constant */
|
||||
#pragma warning(disable : 4293) /* disable: C4293: too large shift (32-bits) */
|
||||
#else
|
||||
#define FORCE_INLINE static inline
|
||||
#endif
|
||||
|
||||
namespace ZeroTier {
|
||||
|
||||
/************************************************************************** */
|
||||
|
@ -367,7 +379,7 @@ LZ4_decompress_*_continue() :
|
|||
#define LZ4_HASH_SIZE_U32 (1 << LZ4_HASHLOG) /* required as macro for static allocation */
|
||||
|
||||
#if defined(__cplusplus) || (defined (__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */)
|
||||
#include <stdint.h>
|
||||
//#include <stdint.h>
|
||||
|
||||
typedef struct {
|
||||
uint32_t hashTable[LZ4_HASH_SIZE_U32];
|
||||
|
@ -536,6 +548,7 @@ union LZ4_streamDecode_u {
|
|||
/*-************************************
|
||||
* Compiler Options
|
||||
**************************************/
|
||||
#if 0
|
||||
#ifdef _MSC_VER /* Visual Studio */
|
||||
# define FORCE_INLINE static __forceinline
|
||||
# include <intrin.h>
|
||||
|
@ -550,6 +563,7 @@ union LZ4_streamDecode_u {
|
|||
# define FORCE_INLINE static
|
||||
# endif
|
||||
#endif /* _MSC_VER */
|
||||
#endif
|
||||
|
||||
#if (defined(__GNUC__) && (__GNUC__ >= 3)) || (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 800)) || defined(__clang__)
|
||||
# define expect(expr,value) (__builtin_expect ((expr),(value)) )
|
||||
|
@ -564,38 +578,39 @@ union LZ4_streamDecode_u {
|
|||
/*-************************************
|
||||
* Memory routines
|
||||
**************************************/
|
||||
#include <stdlib.h> /* malloc, calloc, free */
|
||||
//#include <stdlib.h> /* malloc, calloc, free */
|
||||
#define ALLOCATOR(n,s) calloc(n,s)
|
||||
#define FREEMEM free
|
||||
#include <string.h> /* memset, memcpy */
|
||||
//#include <string.h> /* memset, memcpy */
|
||||
#define MEM_INIT memset
|
||||
|
||||
|
||||
/*-************************************
|
||||
* Basic Types
|
||||
**************************************/
|
||||
#if defined(__cplusplus) || (defined (__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */)
|
||||
# include <stdint.h>
|
||||
//#if defined(__cplusplus) || (defined (__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) /* C99 */)
|
||||
//# include <stdint.h>
|
||||
typedef uint8_t BYTE;
|
||||
typedef uint16_t U16;
|
||||
typedef uint32_t U32;
|
||||
typedef int32_t S32;
|
||||
typedef uint64_t U64;
|
||||
typedef uintptr_t uptrval;
|
||||
#else
|
||||
/*#else
|
||||
typedef unsigned char BYTE;
|
||||
typedef unsigned short U16;
|
||||
typedef unsigned int U32;
|
||||
typedef signed int S32;
|
||||
typedef unsigned long long U64;
|
||||
typedef size_t uptrval; /* generally true, except OpenVMS-64 */
|
||||
#endif
|
||||
typedef size_t uptrval;
|
||||
#endif */
|
||||
|
||||
#if defined(__x86_64__)
|
||||
typedef U64 reg_t; /* 64-bits in x32 mode */
|
||||
#else
|
||||
typedef size_t reg_t; /* 32-bits in x32 mode */
|
||||
#endif
|
||||
typedef uintptr_t reg_t;
|
||||
//#if defined(__x86_64__)
|
||||
// typedef U64 reg_t; /* 64-bits in x32 mode */
|
||||
//#else
|
||||
// typedef size_t reg_t; /* 32-bits in x32 mode */
|
||||
//#endif
|
||||
|
||||
/*-************************************
|
||||
* Reading and writing into memory
|
||||
|
@ -606,7 +621,6 @@ static unsigned LZ4_isLittleEndian(void)
|
|||
return one.c[0];
|
||||
}
|
||||
|
||||
|
||||
#if defined(LZ4_FORCE_MEMORY_ACCESS) && (LZ4_FORCE_MEMORY_ACCESS==2)
|
||||
/* lie to the compiler about data alignment; use with caution */
|
||||
|
||||
|
@ -1975,10 +1989,10 @@ void Packet::armor(const void *key,bool encryptPayload)
|
|||
|
||||
// MAC key is always the first 32 bytes of the Salsa20 key stream
|
||||
// This is the same construction DJB's NaCl library uses
|
||||
s20.encrypt12(ZERO_KEY,macKey,sizeof(macKey));
|
||||
s20.crypt12(ZERO_KEY,macKey,sizeof(macKey));
|
||||
|
||||
if (encryptPayload)
|
||||
s20.encrypt12(payload,payload,payloadLen);
|
||||
s20.crypt12(payload,payload,payloadLen);
|
||||
|
||||
Poly1305::compute(mac,payload,payloadLen,macKey);
|
||||
memcpy(field(ZT_PACKET_IDX_MAC,8),mac,8);
|
||||
|
@ -1995,20 +2009,30 @@ bool Packet::dearmor(const void *key)
|
|||
|
||||
if ((cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE)||(cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)) {
|
||||
_salsa20MangleKey((const unsigned char *)key,mangledKey);
|
||||
Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8)/*,ZT_PROTO_SALSA20_ROUNDS*/);
|
||||
Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8));
|
||||
|
||||
s20.encrypt12(ZERO_KEY,macKey,sizeof(macKey));
|
||||
s20.crypt12(ZERO_KEY,macKey,sizeof(macKey));
|
||||
Poly1305::compute(mac,payload,payloadLen,macKey);
|
||||
if (!Utils::secureEq(mac,field(ZT_PACKET_IDX_MAC,8),8))
|
||||
return false;
|
||||
|
||||
if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)
|
||||
s20.decrypt12(payload,payload,payloadLen);
|
||||
s20.crypt12(payload,payload,payloadLen);
|
||||
|
||||
return true;
|
||||
} else return false; // unrecognized cipher suite
|
||||
}
|
||||
|
||||
void Packet::cryptField(const void *key,unsigned int start,unsigned int len)
|
||||
{
|
||||
unsigned char mangledKey[32];
|
||||
uint64_t iv = Utils::hton((uint64_t)start ^ at<uint64_t>(ZT_PACKET_IDX_IV));
|
||||
_salsa20MangleKey((const unsigned char *)key,mangledKey);
|
||||
Salsa20 s20(mangledKey,256,&iv);
|
||||
unsigned char *const ptr = field(start,len);
|
||||
s20.crypt12(ptr,ptr,len);
|
||||
}
|
||||
|
||||
bool Packet::compress()
|
||||
{
|
||||
unsigned char buf[ZT_PROTO_MAX_PACKET_LENGTH * 2];
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue