From 1df6843e94abdf8acb0ea76227a222e0b12ac671 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Thu, 23 Jun 2022 17:41:34 -0400 Subject: [PATCH] Identity hashes really just need to be SHA384, good enough for top secret. --- zerotier-network-hypervisor/src/vl1/endpoint.rs | 13 ++++++------- zerotier-network-hypervisor/src/vl1/identity.rs | 12 ++++++------ zerotier-network-hypervisor/src/vl1/protocol.rs | 3 +++ 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/zerotier-network-hypervisor/src/vl1/endpoint.rs b/zerotier-network-hypervisor/src/vl1/endpoint.rs index 52b11b2fc..e28777e8a 100644 --- a/zerotier-network-hypervisor/src/vl1/endpoint.rs +++ b/zerotier-network-hypervisor/src/vl1/endpoint.rs @@ -6,12 +6,11 @@ use std::str::FromStr; use serde::{Deserialize, Deserializer, Serialize, Serializer}; -use zerotier_core_crypto::hash::SHA512_HASH_SIZE; - use crate::error::InvalidFormatError; use crate::util::buffer::Buffer; use crate::util::marshalable::Marshalable; use crate::vl1::inetaddress::InetAddress; +use crate::vl1::protocol::IDENTITY_FINGERPRINT_SIZE; use crate::vl1::{Address, MAC}; pub const TYPE_NIL: u8 = 0; @@ -38,7 +37,7 @@ pub enum Endpoint { /// Via another node using unencapsulated relaying (e.g. via a root) /// This is the address and the full identity fingerprint. - ZeroTier(Address, [u8; SHA512_HASH_SIZE]), + ZeroTier(Address, [u8; IDENTITY_FINGERPRINT_SIZE]), /// Direct L2 Ethernet Ethernet(MAC), @@ -66,7 +65,7 @@ pub enum Endpoint { /// Via another node using inner encapsulation via VERB_ENCAP. /// This is the address and the full identity fingerprint. - ZeroTierEncap(Address, [u8; SHA512_HASH_SIZE]), + ZeroTierEncap(Address, [u8; IDENTITY_FINGERPRINT_SIZE]), } impl Default for Endpoint { @@ -203,7 +202,7 @@ impl Marshalable for Endpoint { TYPE_NIL => Ok(Endpoint::Nil), TYPE_ZEROTIER => { let zt = Address::unmarshal(buf, cursor)?; - Ok(Endpoint::ZeroTier(zt, buf.read_bytes_fixed::(cursor)?.clone())) + Ok(Endpoint::ZeroTier(zt, buf.read_bytes_fixed::(cursor)?.clone())) } TYPE_ETHERNET => Ok(Endpoint::Ethernet(MAC::unmarshal(buf, cursor)?)), TYPE_WIFIDIRECT => Ok(Endpoint::WifiDirect(MAC::unmarshal(buf, cursor)?)), @@ -215,7 +214,7 @@ impl Marshalable for Endpoint { TYPE_WEBRTC => Ok(Endpoint::WebRTC(buf.read_bytes(buf.read_varint(cursor)? as usize, cursor)?.to_vec())), TYPE_ZEROTIER_ENCAP => { let zt = Address::unmarshal(buf, cursor)?; - Ok(Endpoint::ZeroTierEncap(zt, buf.read_bytes_fixed::(cursor)?.clone())) + Ok(Endpoint::ZeroTierEncap(zt, buf.read_bytes_fixed(cursor)?.clone())) } _ => Err(std::io::Error::new(std::io::ErrorKind::InvalidData, "unrecognized endpoint type in stream")), } @@ -339,7 +338,7 @@ impl FromStr for Endpoint { let hash = base64::decode_config(hash, base64::URL_SAFE_NO_PAD); if hash.is_ok() { let hash = hash.unwrap(); - if hash.len() == SHA512_HASH_SIZE { + if hash.len() == IDENTITY_FINGERPRINT_SIZE { if endpoint_type == "zt" { return Ok(Endpoint::ZeroTier(Address::from_str(address)?, hash.as_slice().try_into().unwrap())); } else { diff --git a/zerotier-network-hypervisor/src/vl1/identity.rs b/zerotier-network-hypervisor/src/vl1/identity.rs index b44bce482..1321c7376 100644 --- a/zerotier-network-hypervisor/src/vl1/identity.rs +++ b/zerotier-network-hypervisor/src/vl1/identity.rs @@ -23,7 +23,7 @@ use crate::error::{InvalidFormatError, InvalidParameterError}; use crate::util::buffer::Buffer; use crate::util::marshalable::Marshalable; use crate::util::pool::{Pool, PoolFactory, Pooled}; -use crate::vl1::protocol::{ADDRESS_SIZE, ADDRESS_SIZE_STRING, IDENTITY_POW_THRESHOLD}; +use crate::vl1::protocol::{ADDRESS_SIZE, ADDRESS_SIZE_STRING, IDENTITY_FINGERPRINT_SIZE, IDENTITY_POW_THRESHOLD}; use crate::vl1::Address; /// Secret keys associated with NIST P-384 public keys. @@ -67,7 +67,7 @@ pub struct Identity { pub ed25519: [u8; ED25519_PUBLIC_KEY_SIZE], pub p384: Option, pub secret: Option, - pub fingerprint: [u8; SHA512_HASH_SIZE], + pub fingerprint: [u8; IDENTITY_FINGERPRINT_SIZE], } #[inline(always)] @@ -136,7 +136,7 @@ impl Identity { ed25519: ed25519_pub, p384: None, secret: Some(IdentitySecret { c25519, ed25519, p384: None }), - fingerprint: [0_u8; 64], // replaced in upgrade() + fingerprint: [0_u8; IDENTITY_FINGERPRINT_SIZE], // replaced in upgrade() }; // Then "upgrade" to add NIST P-384 keys and compute fingerprint. @@ -174,7 +174,7 @@ impl Identity { let _ = self_sign_buf.write_all(p384_ecdsa.public_key_bytes()); // Fingerprint includes only the above fields, so calc before appending the ECDSA signature. - self.fingerprint = SHA512::hash(self_sign_buf.as_slice()); + self.fingerprint = SHA384::hash(self_sign_buf.as_slice()); // Sign all keys including the x25519 ones with the new P-384 keys. let ecdsa_self_signature = p384_ecdsa.sign(self_sign_buf.as_slice()); @@ -505,7 +505,7 @@ impl FromStr for Identity { return Err(InvalidFormatError); } - let mut sha = SHA512::new(); + let mut sha = SHA384::new(); sha.update(&address.to_bytes()); sha.update(&keys[0].as_slice()[0..64]); if !keys[2].is_empty() { @@ -675,7 +675,7 @@ impl Marshalable for Identity { } let x25519_public = x25519_public.unwrap(); - let mut sha = SHA512::new(); + let mut sha = SHA384::new(); sha.update(&address.to_bytes()); sha.update(x25519_public.0); sha.update(x25519_public.1); diff --git a/zerotier-network-hypervisor/src/vl1/protocol.rs b/zerotier-network-hypervisor/src/vl1/protocol.rs index a9d5b510a..708e22a68 100644 --- a/zerotier-network-hypervisor/src/vl1/protocol.rs +++ b/zerotier-network-hypervisor/src/vl1/protocol.rs @@ -107,6 +107,9 @@ pub const ADDRESS_SIZE_STRING: usize = 10; /// Prefix indicating reserved addresses (that can't actually be addresses). pub const ADDRESS_RESERVED_PREFIX: u8 = 0xff; +/// Size of an identity fingerprint (SHA384) +pub const IDENTITY_FINGERPRINT_SIZE: usize = 48; + pub mod packet_constants { /// Size of packet header that lies outside the encryption envelope. pub const HEADER_SIZE: usize = 27;