void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-04-26 08:57:26 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixed issue with the counter window

Browse source
This commit is contained in:
monica 2023-03-10 07:54:51 -05:00
parent d3baf083f1
commit 40111faf14
No known key found for this signature in database
GPG key ID: ADCCDBBE0E3D3B3B
1 changed files with 174 additions and 172 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
zssp/src/zssp.rs
View file

@ -640,9 +640,7 @@ impl<Application: ApplicationLayer> Context<Application> {
if aead_authentication_ok {
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence);
}
if session.update_receive_window(incoming_counter) {
// Update the current key to point to this key if it's newer, since having received
// a packet encrypted with it proves that the other side has successfully derived it
// as well.
@ -680,6 +678,9 @@ impl<Application: ApplicationLayer> Context<Application> {
} else {
return Ok(ReceiveResult::Ok(Some(session)));
}
} else {
return Err(Error::OutOfSequence);
}
}
}
@ -898,10 +899,7 @@ impl<Application: ApplicationLayer> Context<Application> {
let noise_se = app.get_local_s_keypair().agree(&bob_noise_e).ok_or(Error::FailedAuthentication)?;
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence);
}
if session.update_receive_window(incoming_counter) {
let noise_es_ee_se_hk_psk = hmac_sha512_secret::<BASE_KEY_SIZE>(
hmac_sha512_secret::<BASE_KEY_SIZE>(noise_es_ee.as_bytes(), noise_se.as_bytes()).as_bytes(),
hmac_sha512_secret::<BASE_KEY_SIZE>(session.psk.as_bytes(), hk.as_bytes()).as_bytes(),
@ -974,6 +972,9 @@ impl<Application: ApplicationLayer> Context<Application> {
)?;
return Ok(ReceiveResult::Ok(Some(session)));
} else {
return Err(Error::OutOfSequence);
}
} else {
return Err(Error::InvalidPacket);
}
@ -1124,11 +1125,6 @@ impl<Application: ApplicationLayer> Context<Application> {
drop(c);
if aead_authentication_ok {
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence);
}
let pkt: &RekeyInit = byte_array_as_proto_buffer(&pkt_assembled).unwrap();
if let Some(alice_e) = P384PublicKey::from_bytes(&pkt.alice_e) {
let bob_e_secret = P384KeyPair::generate();
@ -1137,6 +1133,8 @@ impl<Application: ApplicationLayer> Context<Application> {
bob_e_secret.agree(&alice_e).ok_or(Error::FailedAuthentication)?.as_bytes(),
);
// Packet fully authenticated
if session.update_receive_window(incoming_counter) {
let mut reply_buf = [0u8; RekeyAck::SIZE];
let reply: &mut RekeyAck = byte_array_as_proto_buffer_mut(&mut reply_buf).unwrap();
reply.session_protocol_version = SESSION_PROTOCOL_VERSION;
@ -1183,6 +1181,9 @@ impl<Application: ApplicationLayer> Context<Application> {
drop(state);
return Ok(ReceiveResult::Ok(Some(session)));
} else {
return Err(Error::OutOfSequence);
}
}
}
return Err(Error::FailedAuthentication);
@ -1217,9 +1218,6 @@ impl<Application: ApplicationLayer> Context<Application> {
if aead_authentication_ok {
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence);
}
let pkt: &RekeyAck = byte_array_as_proto_buffer(&pkt_assembled).unwrap();
if let Some(bob_e) = P384PublicKey::from_bytes(&pkt.bob_e) {
@ -1229,6 +1227,7 @@ impl<Application: ApplicationLayer> Context<Application> {
);
if secure_eq(&pkt.next_key_fingerprint, &SHA384::hash(next_session_key.as_bytes())) {
if session.update_receive_window(incoming_counter) {
// The new "Alice" knows Bob has the key since this is an ACK, so she can go
// ahead and set current_key to the new key. Then when she sends something
// to Bob the other side will automatically advance to the new key as well.
@ -1249,6 +1248,9 @@ impl<Application: ApplicationLayer> Context<Application> {
drop(state);
return Ok(ReceiveResult::Ok(Some(session)));
} else {
return Err(Error::OutOfSequence);
}
}
}
}