Network constructor deuglification, remove unused old encrypt/decrypt methods from Identity.

This commit is contained in:
Adam Ierymenko 2013-08-06 10:15:05 -04:00
parent 28a73b620e
commit b342f56bec
5 changed files with 70 additions and 167 deletions

View file

@ -225,81 +225,5 @@ Address Identity::deriveAddress(const void *keyBytes,unsigned int keyLen)
return Address(dig,ZT_ADDRESS_LENGTH); // first 5 bytes of dig[]
}
std::string Identity::encrypt(const Identity &to,const void *data,unsigned int len) const
{
unsigned char key[64];
unsigned char mac[32];
unsigned char iv[8];
if (!agree(to,key,sizeof(key)))
return std::string();
Utils::getSecureRandom(iv,8);
for(int i=0;i<8;++i)
key[i + 32] ^= iv[i]; // perturb HMAC key with IV so IV is effectively included in HMAC
Salsa20 s20(key,256,iv);
std::string compressed;
compressed.reserve(len);
Utils::compress((const char *)data,(const char *)data + len,Utils::StringAppendOutput(compressed));
if (!compressed.length())
return std::string();
char *encrypted = new char[compressed.length() + 16];
try {
s20.encrypt(compressed.data(),encrypted + 16,(unsigned int)compressed.length());
HMAC::sha256(key + 32,32,encrypted + 16,(unsigned int)compressed.length(),mac);
for(int i=0;i<8;++i)
encrypted[i] = iv[i];
for(int i=0;i<8;++i)
encrypted[i + 8] = mac[i];
std::string s(encrypted,compressed.length() + 16);
delete [] encrypted;
return s;
} catch ( ... ) {
delete [] encrypted;
return std::string();
}
}
std::string Identity::decrypt(const Identity &from,const void *cdata,unsigned int len) const
{
unsigned char key[64];
unsigned char mac[32];
if (len < 16)
return std::string();
if (!agree(from,key,sizeof(key)))
return std::string();
for(int i=0;i<8;++i)
key[i + 32] ^= ((const unsigned char *)cdata)[i]; // apply IV to HMAC key
HMAC::sha256(key + 32,32,((const char *)cdata) + 16,(unsigned int)(len - 16),mac);
for(int i=0;i<8;++i) {
if (((const unsigned char *)cdata)[i + 8] != mac[i])
return std::string();
}
char *decbuf = new char[len - 16];
try {
Salsa20 s20(key,256,cdata); // first 8 bytes are IV
len -= 16;
s20.decrypt((const char *)cdata + 16,decbuf,len);
std::string decompressed;
if (Utils::decompress((const char *)decbuf,(const char *)decbuf + len,Utils::StringAppendOutput(decompressed))) {
delete [] decbuf;
return decompressed;
} else {
delete [] decbuf;
return std::string();
}
} catch ( ... ) {
delete [] decbuf;
return std::string();
}
}
} // namespace ZeroTier