Mercurial > hg > quicktun
comparison src/proto.nacltai.c @ 26:68c67c6d2080 V2.1.7
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
| author | Ivo Smits <Ivo@UCIS.nl> |
|---|---|
| date | Fri, 08 Apr 2011 17:08:04 +0200 |
| parents | 24e09485a8a3 |
| children | 5ba185ca7102 |
comparison
equal
deleted
inserted
replaced
| 25:24e09485a8a3 | 26:68c67c6d2080 |
|---|---|
| 41 }; | 41 }; |
| 42 | 42 |
| 43 struct qt_proto_data_nacltai { | 43 struct qt_proto_data_nacltai { |
| 44 unsigned char cenonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES], cdnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES]; | 44 unsigned char cenonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES], cdnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES]; |
| 45 unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; | 45 unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; |
| 46 struct taia cdtaip, cdtaic; | 46 struct taia cdtaip, cdtaie; |
| 47 }; | 47 }; |
| 48 | 48 |
| 49 #define noncelength 16 | 49 #define noncelength 16 |
| 50 #define nonceoffset (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES - noncelength) | 50 #define nonceoffset (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES - noncelength) |
| 51 /*static unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; | 51 /*static unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; |
| 112 void taia_now(struct taia *t) { | 112 void taia_now(struct taia *t) { |
| 113 struct timeval now; | 113 struct timeval now; |
| 114 gettimeofday(&now,(struct timezone *) 0); | 114 gettimeofday(&now,(struct timezone *) 0); |
| 115 t->sec.x = 4611686018427387914ULL + (uint64) now.tv_sec; | 115 t->sec.x = 4611686018427387914ULL + (uint64) now.tv_sec; |
| 116 t->nano = 1000 * now.tv_usec + 500; | 116 t->nano = 1000 * now.tv_usec + 500; |
| 117 t->atto = 0; | 117 t->atto++; |
| 118 } | 118 } |
| 119 | 119 |
| 120 static int encode(struct qtsession* sess, char* raw, char* enc, int len) { | 120 static int encode(struct qtsession* sess, char* raw, char* enc, int len) { |
| 121 if (debug) fprintf(stderr, "Encoding packet of %d bytes from %d to %d\n", len, (int)raw, (int)enc); | 121 if (debug) fprintf(stderr, "Encoding packet of %d bytes from %d to %d\n", len, (int)raw, (int)enc); |
| 122 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; | 122 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
| 123 memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); | 123 memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); |
| 124 taia_now(&d->cdtaic); | 124 taia_now(&d->cdtaie); |
| 125 taia_pack(d->cenonce + nonceoffset, &(d->cdtaic)); | 125 taia_pack(d->cenonce + nonceoffset, &(d->cdtaie)); |
| 126 if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed"); | 126 if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed"); |
| 127 memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength); | 127 memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength); |
| 128 len += overhead; | 128 len += overhead; |
| 129 if (debug) fprintf(stderr, "Encoded packet of %d bytes from %d to %d\n", len, (int)raw, (int)enc); | 129 if (debug) fprintf(stderr, "Encoded packet of %d bytes from %d to %d\n", len, (int)raw, (int)enc); |
| 130 return len; | 130 return len; |
| 131 } | 131 } |
| 132 | 132 |
| 133 static int decode(struct qtsession* sess, char* enc, char* raw, int len) { | 133 static int decode(struct qtsession* sess, char* enc, char* raw, int len) { |
| 134 if (debug) fprintf(stderr, "Decoding packet of %d bytes from %d to %d\n", len, (int)enc, (int)raw); | 134 if (debug) fprintf(stderr, "Decoding packet of %d bytes from %d to %d\n", len, (int)enc, (int)raw); |
| 135 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; | 135 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
| 136 struct taia cdtaic; | |
| 136 int i; | 137 int i; |
| 137 if (len < overhead) { | 138 if (len < overhead) { |
| 138 fprintf(stderr, "Short packet received: %d\n", len); | 139 fprintf(stderr, "Short packet received: %d\n", len); |
| 139 return 0; | 140 return 0; |
| 140 } | 141 } |
| 141 len -= overhead; | 142 len -= overhead; |
| 142 taia_unpack((char*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), &d->cdtaic); | 143 taia_unpack((char*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), &cdtaic); |
| 143 if (d->cdtaic.sec.x <= d->cdtaip.sec.x && d->cdtaic.nano <= d->cdtaip.nano && d->cdtaic.atto <= d->cdtaip.atto) { | 144 if (cdtaic.sec.x <= d->cdtaip.sec.x && cdtaic.nano <= d->cdtaip.nano && cdtaic.atto <= d->cdtaip.atto) { |
| 144 fprintf(stderr, "Timestamp going back, ignoring packet\n"); | 145 fprintf(stderr, "Timestamp going back, ignoring packet\n"); |
| 145 return 0; | 146 return 0; |
| 146 } | 147 } |
| 147 memcpy(d->cdnonce + nonceoffset, enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength, noncelength); | 148 memcpy(d->cdnonce + nonceoffset, enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength, noncelength); |
| 148 memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); | 149 memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); |
| 149 if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) { | 150 if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) { |
| 150 fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); | 151 fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); |
| 151 return 0; | 152 return 0; |
| 152 } | 153 } |
| 153 d->cdtaip = d->cdtaic; | 154 d->cdtaip = cdtaic; |
| 154 if (debug) fprintf(stderr, "Decoded packet of %d bytes from %d to %d\n", len, (int)enc, (int)raw); | 155 if (debug) fprintf(stderr, "Decoded packet of %d bytes from %d to %d\n", len, (int)enc, (int)raw); |
| 155 return len; | 156 return len; |
| 156 } | 157 } |
| 157 | 158 |
| 158 static int init(struct qtsession* sess) { | 159 static int init(struct qtsession* sess) { |