From 580496cbd7f38a3681c9e55eba5cd24fca801bc3 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 30 Nov 2022 09:43:31 -0500 Subject: [PATCH] Some docs, assert AES IV is 96 bits since anything else has security issues. --- artwork/zerotier_logo_black.png | Bin 0 -> 19815 bytes controller/src/cache.rs | 5 ++++ crypto/src/aes.rs | 13 +++------- crypto/src/zssp.rs | 42 +++++++++++++++----------------- 4 files changed, 29 insertions(+), 31 deletions(-) create mode 100644 artwork/zerotier_logo_black.png diff --git a/artwork/zerotier_logo_black.png b/artwork/zerotier_logo_black.png new file mode 100644 index 0000000000000000000000000000000000000000..1ac3af872dc07eb8f959a6d637a1ed282fb1ea0f GIT binary patch literal 19815 zcmeHvbyU^e(=Q+@p>PBQB@ZDT0@Bh45s{LTmXx>N;0tt%mnv3BNSL@+zmbumVjh7XKbL*2AO^nqKfnG5 zf&V`dScvB%0-j%5zmb+lGPr!H&*mQ2E`-Bh^;-~X?pC)r8T>S_Yx6sVfSQAu?15Ii z44>=g+?tNjmEF1i=CbriKPv_c7a{>2@62C27c;d{wr|j(->#yMH`>@@oF9Q~1pkgtu*BJT#Pa^*J z_Bww~$?WY3`YI-H;~fV|A`=P)5|V|F`+I+PG$f=ka_9&J6a@*%4h>O?hCo94PV)ci zM`G2~Xp+&zg;0@@HlBX^KVptoq1ginGLk!A!2c1ij$5U8Dx}P&PBJ+3K}jul(rK%U~b8I z*0@b`*3mVw-xyytIv#xCuzE7^bB&sAIQci>DVM~U==4t;w$+jQs%Tg?iJlF$DWADj zfe-x5E{IJvfaa+ZQO41RR?gAOBE`b@m1OM^cIm7dx2Oiz1_!NBAt=HiA}`Vz=G=HJt1P``;SW zyd*;|kW72fcJQ{bL7$zk`Jh=~_QJ_+x#Rmn`FKXl^Y4`#aUJjw9F#;|Use6uAIjL2 zQPIOyK6bGvMNTE8Tu#BI0%hv@1O9stAXV0c+G66;a+Ri~$N5!_~zv56^T}~hION6v$ z6D(6gZI_>kOcqbC&SysQR~knBOd@p=i8-+Ea0sqhob8aNywMQh>S2AL8b2Gd9-x;~ zz%z_pWL1dIhJgMtqTM-wjCr({<8T=f?0n`Rr#6R$MF zoazZGtfgh$=9`ZrEe+XoLs_5MLIVQQ;>=*u$Mgv@zZ8ePfHyouT6Wf_{k zEw{B=D-!sT$r{PYo`@%pJxD>(_6Prjv{?fbomO@4Q6}PpfKZO;xjh;|_Wj5D!0Pv? zjbg(I4};WcigGn7I2Llc%mdeV+tSu1;`I2QW^=Zvxh8Ztei1;?374kahGfggGK%kvaTQ&T8nIbPd}4){%Xm1 zs59npm9C5aZ@b~T#Ki(N(;wpA@<%!BHVTyWSKj~d`43{uY3D|R>dYPpAO4eyR>Jvu z|DIUot7js2v-X!-oZdALDl(vmu-$I@&5U1@5%xzgS9Bn)^h*s-HL?A~E{pUCEp`=E zf8>?NS8+1KbYq9ywUwHJ&Tz6g@cWDVX8dcfL&Zm*(RtU6Unz$#CqJ>2Gj>+|E7#?= zWw85->Rac6dARacT*Zq&+48MJHC`pw!#It!Xto`Fi3DmTZ4YH$SvX#>1nmPmdrdJm-L~NIF`s7^ z)_45W2M4A8O$dkL2F;RCvVO@PX@Tq!2hWpZeGAKM5BH@A1Nrhgy+!IdD|8uPWJiI; zLFJ#ak*`;`ABn!UcWgH)sbw(AXm!{l&~TN@_-(eYi|E+O^*4EOmzKbawPY{d8Yv5tkpt7VY$r!#dVf4L}%5j zh*a+=f(L!kuhPu1kNP_|-urD!Bj8#rhucvO5zpbV9DhG!F*8EW$ZTu1F43EXQPR8P$N_t}FHs@cK1A+NiVf*l_r3noY)Q!hK zx?WXOzSHJo#E!qiTHgZu(>m^ka*RfMMQdV2VDoT? z^yjcYO?ieD|3}iQ*Z4m9*1Of-$ssl7K$rSIUg^(1yU!{u5Hn)8^|<76sZ^4`_bhc> z4(p`|@z0fk$G@-2NEbHI?f zfMFwK_>YQ*sa6I$%K_i82@b<1aqrx2%w0ZD(ud*bke8_$wkA%B7sF?RYjw^=jk=R#;Guujr)aj?l)%X4t)wBAb@XY+Smj7n^T|9bt5y|c^p@CV1Z zL#TVX-i7QgeKTCFjkweM5+3CtR%keBz|uD&+?OETBoONn%}FvcZc*?_)Yz<`mXCwM zCeT0FWpT51J8tu&hF$4ml|gH-hf?b>fMnCvK3VkaLSkDw+WqY}2cZC0TrPtNyts(Y zNZ-`$(|Iqc2F-k~dx#vR#dovw=JxHTxkda(%JQldRZyn`Bc&;ibWz2VCkBUHs+rL9 z;#iZYuN7^hxlZe1;->ar(`pwt4l8u_Zq+Q*bpNWtWx_?ftQN#uwI>{WxqvKJ!e`R} zWneiksWLy@Xx^RrpmndnNI+fPFl?n6*|POVs>$SMNY47bi%xt64pr6-9iQ6vyJvFWiG z;xc|&Y>%$x;hx@lL2cVmPRF^4>DC#!?`qyT(4r|w8bk;o5{Ka=rra5|X9&i90Kp`U zV@i0yY8HI5lRrbhaaxCMV&8Yy#lo}U#K}ZVsBdnX+P1!y?vr8t{Bz6#If1d7>7lN4 zkA!>TlZ@{;@>d)y1&iel&v!GFxaA6moq<-eQETNeKF|6RMN%Mv%Jh&K|h;= z0tkfTxZGD`>o*>F-XwM;(Y>=`0^Zpi*i_(c6;0rPtnDVPwW{gQ0e zr#la949OH?4*WjXw{18Mr?=GZT|Ns$V9EqoZajDZ;c%$%CE4o6i~dASX;6i)6Y6ZA z4*w(@;Qr_Y6YnMB1z~__)}<0^CmJd&xS3hf> zo+XDGf3U(Gwd%ps&V#XyOQ#46#AK2&1>!=~dhdUW`)NnZWzsu6_~qi66N=6c37-*+ zQ+A4BL;5ak+RV8=Nu7tkkAH3l(%TDXqs%~|#yeKH(Yrl(v7bGcwzAkhZu#okn1?%2 z+-_7d5jf&!SIdk*i+4{iZ_)%^?o^7X1{;GL!{-(K?-etCZJM@n9fYpya5A$ujW(<% zj~*k-g(gK0Ma8G0MLY{#G^GE*FsMQ4m<>pgBfXWm%;@tT>YPwz`w1!|#CWtU8-6i| zs|EF)V4W0Jmu;?t`4)cXSj|7+HWs=^x}-;_qce?N>P3}wr6dch zgo7#8J3>dbYz-&l$b-EvvqJHxg+5-1f%?%OElUVPMMDC~dZpaZTFnhVVu+{~JNtds zj47kUj9LyFD89N)`VKleI_J~-Za*G?tcKcb zW(M0e3U28vnHZ#!Q}?}tPE`!fl2zYsvf4|cet+XHw#b_FVCGY_62 zvsw#DQ$oG73)-JG>WL`7GNu{R4+jnnB)l?w@;)5z>)_1kdns)vN5`6aqDAlbUljm(Ejioa*g2 z@^9|^s6=z30Hv=G_EQ5|nICE#oRu+vp!j1p={euB#TCy7))?i`UC3%+Mc?{=**nQv zZc3_*R-z%Ih$kAA&N#fbdSp0`UGle+sDf{5Y3_<=m@$x7QmV_oAmlF zg=gl|tHHQo`D?p}3XJ*)%v#8saRT#~YU36lXjtYt3>Q&}l$EAC4q0@UpDKnig-hHY zu^sS)OKEl~4!x4#mq^owKrk%42#c+|N4t}j?Wca_)HXHeOaUFtM1Qg1SD^iJ`F9B8@Z3jL6Ek z85-htFiGZGS$7oG2j8V7FU&4w`osxCl(y=z>^6bFO$nAFKegvHlj=m&$v)N=#+i4g zl|cX{Vw?0Tp$9jENvJ_#`!pewbg4KXWT-E;ih6X9O#mL$z<9J&03Nye*b1 z> zi5^0!NCc%bV^0wWEYEy>M&0H~eF?Q9)?0BoyboXA zHZ`)SQZto&0?oV%%k~i7EDl8fd?y`qVEHa=`vZc`ZX<%2y?#Ke;N4S_uOPnxQ3fiy zmu1TkLE~0ouaJ?0z6_q|&%QxNM5#|Saz5v5Do2GaBh9=w1XTm$um#=~;0VorSc)kY z+*IXy?F2n0f>(Pc57x55JN+gMMWk9weJwVS;Rz@*4!EORfEqUNvAeM8xQ|H_jp!(e zNAv!tlT?Dpn>8oTxTJ^*r2X4KgPBkYbDPTW^d%yttYogdcsYBdT}#1SdQLm~>Tg@r zIlY$ZEy-SZ9&V)vMpHmvb$O9D4)NZnhNfyxr}_Za4=4C7Aksa3o&1^obMuUe1^PHG zD-19>@j*6Ud2_8{yY_L>R=2>;CmRWrL~Fvt)4sUqJGc-tfz7KGz&1T`{w+s+qq(z` zwF=|$h&F}~_92#04Oz`Zu{2;uI9I{_a4GG>7gQ9}OwT_gzruxh^+Fzt1enyVQP8uW zG=P5R$_`heKrF>tvE)|#4wLhe@+q0<0SUm+9qQ8QLOK{h(5i{nb9e3&m1J~8Pld%j z^5$m@CVOmI{B59g^Y*cA;|sAUaobbog(x`_^s@aI1TOqkZ11uJx&8%1mOGLvZM};# zn@Ks5VLAVaEz*660(vk%nm~VMc8JvdF`U@E!s}I23e8KCi%R`SP>Gn$b%>awMXaZf zNV9OTpf9+66@ZqINRr6eVLIdOAp!+G008&>b=aZKriQg8&mReDudav;JYI zl8apf1pwgrMB@uU$497*4&8LH$QO~!&^Fg_moGtJ^FD)qaZB!E>OClZSB&;foW0by z%Umj7Kgf$CJO7=;t@8Fj?VbtMO|=4Pp$mbCX<5G(<58$|r{&99F9_nCK6ph~)u!WL z1ExtJyXjAB8Besa`JlY;sv4S;1o53G+QWA>^^__9Wanp%Gw-A)C2!#P5l^9Qweps+ zV@2dz!tn3bYu|1RS*U^uuH}e@!>U|nnYyw0qcFX^1SfJ~f69#Z-d%H8VwzKO7Z1)I z*l-oSfV}U!${+Ynskd<jhPm0KU;LnKt(!RlJx%_38$x+$%=cVS#lHRLsI3OG_Ls8wTB$qjk8a-;;3R77n|+ z9rOT>DgmKbb-#cFUzM>907Kh{-iZ>|*LyC9t9VXJnKo(5KRW+G^d((R_x=&peMBNTENgtC*=LRN2xFDt^rrHclF97F zW(d&onx3K;1QU5!@P$QpVEp_1LP2|et&%sM)NgUIn45jET~#d*r#CWwAC zBFlaFvF7LSy_It9tbL7=2dKyueRz=OUl8mRwpO0jEC462XUUf-&I|@Xj7yoeXx#uY zcU!yqK|GKz#!o!9SNf$VmsS5GTL$0=x|cN>T`iHa7z(}(E($WPkh-smZUu@iz=;jG z4&O$UNNKb6nV|jbm)E`iLy5j17Jk}QH4D7cxDckYp;byKezi?{PdlCMSNrg_d>MOn z0L4xjSxEn-V-gs=M^%qEdXIsYrOocCL1CN;>b$tKa2zl6l{aJz$i~N9N&wf~&?7?wW#m zP+P<8I~Z zV6CHjNeX!)_x&Qt_ci(;72R&P9Ej>KUWMhm+uf5te-0#a@2UY>w3q2+?Wvn6kb(>= ziXI9nN?rPS^013&U4jDM;e`@<7uKpX9At=8PF-^$8E}J#vrYO8iG$9in4R|;C|J%z zh*~DTTS?;w01fBy#?%;&Ch2aDSzh-wX?2$qciM7;q2P+g%llev<{DNXL9GTIyWO1c zxw7{b!@HKM4->C!@5mHp1c8|LOPRJS%fHlm>g4K0mo8vj79jwArKF^bqk}uM>gE-W z-3)5A3`wT5c-)e|$Qp#?;QM3XMOS~}w^M|a4G3x+Tt_!IN<;v;y~U(N8x^~)JS!v_ z8q^*^}@S6HY;r73=Twc&FGK zcjK6O*H~T%m?{*WM|4#;C3A!L$gRRNn8Dvt@QT+2up%r(_mAceBCV@}1 z^KJd3FS7g5BmUYn7}Lu+nW4mXBSeL@s!j#DQKV7vZDr%wF*;HK;)P@Fzx(O^y!-Ok zQC(t#=7ZCGOBV%eoJo$1K=*WC_eTSGbSOGMPdT`7^9FF9(*QlHsIVV{UtWvc!(*E% zGVKPX(FN!U#j-Jxr4*|RlEx!BXez)a8f=HrY>R}BfUu(>w57g4p})Ktkrug~(MH&J z@<0{2y%|BHi(w7}siYCu1G*<>-adZqcB5u8#06cqWjxt=xg5WwHI5zUA5%`SPdkMh zXk6>Gzr7X?aEAH2(;f%$TnM*B*-Okm%)OAlDzDb*(V}I$L6h;dD%N93Nn~7^f)8Rn zJ8O4A{81b8Q-5P2dbN9Z`Q6B)YgwgG5~072#_x4g9)~m=6ZE_X-RLeB2RAAGURqZu z$&vTc-JlgR7>(tWC4LFmVLgB}M2Q^A;XT6E5Xb(Z%XYwTf&;nj(A;&m^zmmFqvsGi zj?OP2mr_Yq_Tplv2|`5N9D|n1gAOIvE9U(Zd+iZoX8+i64-spYpb?e#C6r#+!tb0i z8URZL8*~Zf0v#0ZDLZIfp03EIm6;9~Q94ta$LgrY#^h)eKiW4*XTa&E6 zUXhx|q))jMn-W?S`vE!d>K#tvBJrk_2Ue@vAec2ET-z!l)1z)T2zXuWB_!UutUJ0J zw91~?TORhW8i#?djp5OBU8`#US6Mc+E@~sFjVG%H;q`JY3LX~o@Dv(QGgpiBH3-=& zwP<;F&L0L5_uGl3S;k)L&@|V{LuTDcW#cn6Anf?MY{g%eb3wVVRF*9zgg1xml@ydF z4fbdo0&}3Rs}@ijNU?kpOV7JAjUgVi^1j<>tR?Xo$cH?xfrYr&0pXA(k;di@FX{1z8) zthdBhiJzys;lv`E28aF@o@qW~+9-H+?)_-nO()5n_9#GQK7Td^tS>2Y@mFgDk4?I2 zsL+bxh&8|F^3nqmO5QJAkNy}A@0hPDDLetw80#_&gnvoPJo^G~>>af=hnVaBSHCYI zld1ILR`)c^Ag}ZDcv~lme;(}ZT&u>ACFpb1QjCGfwqmcW32CowGYJQro$F0lalvF6 zHQMA+^$A|oOvEjCRCYD6bHv4kaLrg+24^mhSjk4fj2=P``$@rYMD&1O`V_^_!~N~g zR8hq<{ELD_l-gX|v-bkjykE%v!`|=nGo*_9*b-jCvRUqL-R2uFp@!8RoI^TY>tqtB zjUt>RnKKOrKI!gcD-R)(=Wp(7U~{AgfXcrr^;&35=+3O%l`zo&Jv1t2?XA&M>hqrgH*{?LHRu#H~R-WL81;M9I4P z(|8cyPoTt0SjEuN&u7rRdMxEKIkKba^B1giC3K4ju{P$G)ZsYpeJEfT1k8EkYI7ih-aun~$-CRAYZ--^>bHIS$ItIf{JV;}?rzeWu8d~^8$M0G zz9vtnunAFx?(Ss_;}tD2nhy;BJ}%_;;3^7slXAyH)JE+C|J;i;!VqBLZ~`-xnYSBm z|6ak@Cmg#P0L;m2FyjH31#7bK1|KGr8G4?%s5w9l^`Fy9VE*&mHXSp%M^pHcIdi27 zOu=9Wx~c(sH$#^yG=z)KhZB1T;J>htdKNoeZEgR0`_R|qk#YI`=rXZ#<6C*=9ldy6 zx323)xp7&79&l*gS#AoPXfuqlbn3jzTe_1zWT;Vu1{&QQQGUHG+2g|WLc3HJ#y&GK znjO&_$Hp5$8Z@wUrun&IrE6rInaKxTdG%@QYt%;P4sY{|lUt7cN&CjEtS z*KnGoF`q@Lge5W-Zb^Z}Z!nLcfMS)ebQxr;>B3N9>!F=$=bGat#D%#k;9?MHgiGy) zpVgNn&cO5Oq&GCcn*ZhR#Tr@bT&1)K8}q6PE!HRsWovb@6uDURwQ_D`Zq?l!Rb+{B zjC@+Woj5}J?v0xJB0_qWi|G}}S@6uGm9E0aERW%p2dEF3>9gG5@3h+fN^PKl8tf6^ zA{RhcWC^$emk5_{>+QZ-U{4$o&;}a95z-A*p4UClUFX}dz?`KwnSwvA>-Ij83@(HL zkfP)LJ+RS!xof)2_>zS@RFGAZj=s~zaoI6!>DlWA2QV{z0J#g3D#&+&`6o&y#GXTR z&e5CQ^xr>(lnq{0@BuI`m&TL;-JowA(~RJnlw;qi@2gWQ{~nRE?4@U=Z?6_>m=N*H zUcCKH&G1fr_C@3Lj1k-bvZ!oOxPmi245@RxeaY+3bO5$rUa+ojK}Yn3_H4gmU z=rJwZ2|&N{_3tL^BTUNjr8QG=tX6l)idI##8<{p9Wc3hF^EbC??$sR2fCEKRh%wo* z6yc=cPY%;|KCcxvLe^yB^^KM?zQK~p7-RcLVnP(LpY!-Khyw$$U$>+;CM3e1n5A|6 zrW>4%U5RV8(RLVT(41N=x!wu8ZJ)D5Rr~G@5waXEvL#eezAre3sa;=tDq$tu)z?k& z@m23YvwNH@$8m(uSabmI{PkNj1L?yVj5nvrcZ<_zm%m z{VMXrcpCTDJA5FkGAt*RdM}W>r(PG8$Xg8O6?RoF$b$8w($Ie~oXw3YtHXwXeDr;u zOR|LJb@TesT8f-hq{Cq@<09{5$?exD=z)7BrqdlV<0C7ZzuI*E08#Yp`gS5#@-4-U z&T2##=5;Q#SUI*6 z--Mpla<>(ZNcV{8=jx#AoG)tHmW(X(TjAaMIp^gYYg@F0w_zqva)W}l{LusnebDhq zk^i{LC=lPZ9_M;etZdPg7t(vZM-pi>^q&o9oBaInpc%+(F!OoP3@eD=@OcPthrF>v z>4^5hb86kmB5Gtgi?}bN%SUhy5iMt~>RfziQuFqYM&; z{r&J^yjnXSKhZ6H?K#RQ)JBa~8Fm>GVbPp#i@zBFYJ0;oM=2eA`Zi_~8sU8;`umr$ zat=4)OO~2;v`gnc=#N*QOW*+ev9}OsHh4Vmr*`evgh7Bfr=}0Iv|4>2ZqTe%c*bf- zrSv~@4FEco8OAmwv1vor60P=)Z}pu*F(JH|l+|3ihr)b0rJt8mKo^+oQhMY9@;5ts zbeNIy?W(DYqfy;N`qjYz%8bxR>Q*(M0`aGUlAl>2Du6t)Pvs%uq>~_b7e?TKc{7Io zqv332F?3n0bvT1h_U@?cr@ig}+wW1lIN&$z^T%0N&vy_A-=`_u(+D0g1?aX3u6+Oy z-@ZniuXV*yc&5-39-?S|@R0K+-j?zR9|*fTeL3{~@ABP`_rR8G`CDtb6X#V4bG=#U zGUA!`ow%4l1G#WfScv5;XsJOV6K?i!sCFz<=*EGWRESJln=P8$)?Wctk$%ELF&Tp5 zgZ%P@Gt)Z{F?DND-bcHaGtLw>txHBOqOVpm0~PgW`^UX81WT1fph7`yD44_ytC~{CF-wG zMc1Nk0VmJ~GlS^uq*`1>FN8+Fql~}x)=c&kYLP}N?Ke=jid>nlg6~#Z?n1YVr>(I_ zotrgq=;_5^D)$83bhugqCh&r;qGw@TMM28!AoSHaCfa7e_b&N#_^1i-6iF;Big9G>rC2|2*=mLmRv6kv9PT(KD~n@dSzo`-9t+D_76o zv96zdDrsO8q!tQ7hTnys$D%L5l(Sl5v^o-D5nf|^I(g3@%x7<8CxPr2swsO7n;Cc7 z$7C7-4&Tq7MY=Cl(u9Maj4_T$(+9%x`P;m)nx}4xV!Ym4s%z4IPo!&hL6a-icwL;! zYbo^AGrn4|?9s4h>!wzin;|$DjsS=qq-%u@*eH!ua_$ftbt%HGzbFNkmwm4eU9ZynG9Xgj9cCvO(mj5K7pDUCFUjt2OWIRtwP zUte?GT|&Nm95A(2*Ox3?>8(v50jQK#s$mkj??LzOsx|iOj76=6WVwS*FTrXngMY)!yxL~BW3_d|N z(pcA$Q5$ls{ZLsv<;Im0dL6ZQy?FA8lDe(VYm{l^Jauo)okD=3MS|lx7Lt$e_sWgi zDiVKWZSB%u!d9om2)SN8hKR*a zzTTriB;sePKJurF2K$TdqNY{JNVA^Gk@(kYLl%ON@KfEk$-3R02RPEMrcOj+X>tI1yXZF;tQbg;+XsnOj8GW}}3 zi-ZeN55rk{w%*sf(>l8FcKbs)Biy;EZ{-3L`maskl2|pan^iMnAew2I(a|zh|64wj zE{1uX&_BB>h|TsZIJYsV4{jhJkOGSxH#Iva7^4;$`uB#jT`~d#YNdMWz3qLg2L>O9 zzq;XqF-9I(Ybh|k%hk$D5I_uJf^Xw|1u(W@`5|LBW8eRYDEhoK&^yC;otXv0*52Tbl2a)tu)PQA zGqDmQ>ns;~J#9)AQy2~@PK=oA;64jTgb2{Jn8mD`IBV1+5o@2(DhlB>$3L&5_Y>i) zS7jBjjJnoh4+;oi{$aEQF^`2AqhA}d+Jw{7PuLh|#gCIpNPW2vDVUt>ET-S@qX!znxbcK<1$1ZZFYE6rc6 zs(zT#H8Np%u6X9?+FHg$ukLk|9z%GVprVQmX>5{gKLv-e?>E1*4l9;F(7qMM6wrm* z2&Pb7JHr%YB7Hm;jzMUT<4oeCOUrZfhzZ_It@jd?-?=fSkS=Be>!E*f6{)5BGq9vf z3w2m$bDB1h?>lN`b%ES9Dcft&`v; z&cCL>gaJ5nbnVPwip|4`m^G%|+sIC0b~RLr+C(=k-VmqP(P&rWRo-b<+Im+1MFMHs zHe`cGl<-z1*X{Vd&Re_>_WsRX_+>2mpmLZFpZ9*<$9BV48c^%`s`$4nqt_u$p}g>@ zJth*LcjsmzB_%2gPkl3^(WD&EeKXA8za|PplNZzJHWPa0NsoAgpX0_MF5VMxsYA~N zmrrL5Y&l9_*B#@zrH`M<8;rZtl95`C6VTyYHa^jfNC5?8)zIG_jddS-K$7CMKYs9L zKT7klYHxgII2G(abTk5g#3(Pa^DRXb?jv@bxxGDfD0UtUJWMkGzK(r;C3E}qje$>b zeyxdMu6lR02*b{90a(pK_odblHaDreZATwSP$hRC!9KIoVlr%40nS?U3UXC$0r~NS z6Oc9E2VXL*o<^;dIGV&|r%S5U(!Ra`L#H)! z9j=aOk?JtH8$ON3CcWHhHQW-LCfw!9IT$e-+Wi z2`L@p(}bHVk+{gL*>u*Y?As8X+|aVd)28BRDj2v=_7%Hjr)bRau|eXeW?jmLX4&_* z2}m-*M)3y&Hok2wuM%?C>9~KiA|%V5`|o3;T`K0zq`4^+_|gx|C&R0 z`7x%4l8BAkNb02ou}$a7Bz6=!QyY^m3(}T0J<=UtOkoXjU3ROk7@l@pE`H<_>~odb z;B>3aZOaiTBs`ue(fH^#V1f$UzG&yyEoVW1&X4nhm-|rCZ;X0$_mOxXP_pV0)PF)2 zInFEMK5V4>T&x*>;++Y}Gs+t#0r+3*YcVFNfs%?mS1iNg*Ouur6TU1H5sJZX^O*%I zg?=_78=@ijF>;_C2H*x#^@mSCATv&vRomFMO{Z}~XXS&JMziln;97W_XR|jOQv`lz z&qi0XD;n#TUo^UdA(0@|d)=2K0T2$*;vyW)k(A{D_Vc*`|)}9yHLuj4g-6!4RmtJ${CMk6oOO_V87n!_#AGtt0 z;bDw*`c61oUU#k@Lgv|J>$jK>y^^F4ZL1|01s_+pYc-L_+FspEy;^g`+^FM{?51ev zU-fxPiQaSQB<6v7*Jy&z4h3ENIF&4FRuUA-`KhVBSDfpz69fBlAzYB=`GDZ$tbP*d z`t$zg_ukh9b}C5__Y!&xH^)6edRS)=Lz&_ zgpS}jfIhh<$W~86DQ|puX+24w$zzHhq_YFE*rQpuinA@d^9gN+%l$AG$K@||7kQ(a z_Jd_y=XwtPtko{x$3%ttzG@%l_Tx#P6q!qolF!0$IPY7wa&|*?8r{n|to7^AW8EY4 zvB5`HuA;&PZndp8Fh|#rUpzx<`+`Jf@wr>esTbV849H&vyklLc|H z$pxqB5@Ulkf>QNr(pk~a=W1-g|cmrlOx;Vl8-Wm}sl ziK>@$v&}3fXCoDfx$m~fDqoi`lk7f(9_unxI+W4wf6wVNXt0At7{Ik-wassw4R$zq z?2Vz(mln(Ro&TDWB8V%f1^;D-Rv;mg?bbz11KlvnHy@i@XdwO%1@kQW*-GJ^Q1Z(E z5KR@Vk{iLnB1pl(Wsy;Oa~Q|-LMSHINOq|9Wnf6spXa0T_01|`)wJ0quWxPO_1~Ko zAV2vJE!0o}@e!Of!{?quwB)6RoM&+kd+yvdWfF=!clW>O4|#x3WI5rf3ZKwLwIwKj z+1%GH5f0n+T;e9ffhg(^)tGR2MY|7Gz8%3+30CJA{b84c02h=^@v&+6$QJ&Q{vj{) zb+fFDU4lonTpAI#OO7n3=sjMgB!7gC$otCK6v=~4UW&zWdOjG8NV?tVy`9e=wjcbo z@Q)Ma7>Jp0wsrSd{#i$@-bv}n0@A@2QjoE2`A&nz7=p+JHr2&U>RS6Hgw%}(x%>^6 zb#fr0)K=J4)X)FJ4n-kT7pV~(cB7TYGp>Pd{Q8$h15{UsV>iU0h5Fg~@IKkJ#;Ja1 zJ9)t0AYJVs^t{sOdCb`D!c(?2VeknaP)(*7prn*=j3PjcHFPOA0mZJTCXmPAGQhnm zyPQ-DJP2Q!BvHe@zE&1{{}Fw}sMB85Wv;eR%y{=Z?Pz^W+$tekEpPspUOsUbWmGTO0)Ze zgDy2+aCE9_OiXy7cked-ii@QriF5vwO9y%dBMx4vy?3+5t7S8Aca}XltCoXOE@%p2q zSoL%bi@#CsZgQYDFTe|2vvh0vSsG2P&-xGgklSI{MkFpJgD;~g56K&8(Jfnl<)|^| zor_B%7Zg2t!L44%cj_HX(Lf45lzO$;^e~9d|84*+=@1rqsp_T!Xqs3v%i;`1@4fkl z7vybp{;J|y>lBtwb9G7IFYk_8Uuso|F3|K3JvvU2*$Xrn~7tt}|0Z~NGz+&z2URuC3 zhhVY5CDP5~OQjNQ_DUKhtAc(&bWAw&Jnes1)|~y!zY9M8cvbG}z#ZrKQ9}XGa_fg? z<|n#AD+^Wpzfa~w!G;MW`6#E?K=)t>%R28J@POfNeAsJa?TN|~;@1Dr!10dS9~>}b z*^H3+g~J0@nys?Co_BDg!tmRIewNY|2MKsqyFKzCZ&afB)zX3fI#AR~JoJzIJ|vlY zJY%-3oH+%3e?0J6`Z=oiyt(*;eP_q&yyCy;<%^ox%(;E4 zd?cd2<5b2|vm8vgHgYC2}>>&CY1 z!lHQ(O;>wO5$@@94IAUvuzh{+v=qnsSY+=!Dsr%0^k2g1`;1h+7^52P#V;*rIJkV% z8?Q8zbXn1KaxWU}VL)jtGsDP9!scKx53_tMVtsZc-e5ZMl|3-S0PIg2usG(*ET4G} z+00Qg!;fYM97gNhex1y{0J{#D&^^;DSsJZyZBuVZ4LqxGs?z5pS#0O9oYCFkcr1D! z&G<9(yN1XG{k-deRoJl2fw=t5qJc$@M5Ey+8z*^Ab;xoszSZ`%VtF1*DY$S>|G0L&o*ltSY zc&(iZzb4xe`Q4}Sot?`gxfm~V_+c~|cgKk-(qG8R@$BX+Z@KOw?WsHN(bPRv^*LzA zK5ep7iNB5XY<`h{7e2v!Yimx9rDFNW`+T^h>!inMVE)$km(JPtML$P4k;WXxz6BE# zo%FYjX^o#4uT~;MKb;?JMmkj8`<~J3dQo>!x6(8yP*qA+HB;~Ay!OLs;`6HU5K_LX zVW=7GdE=-)(!{t$*C6R`c8y)-Zh;*SJmrx0!ZZH3TSMloqH6rSeY3KsQV0o=TO?77 zucwC@jqpL*+4)Whcbl8GrIZ`VgcLaOT#hs}_KcQIHQQO?Y`UjNf6 zI@Bz;a0yPJ1b*NiN9>GKn3oH{8XbIDF)UiyK0&ObXbNQ3I<%6)u+p&Db|K(350bGS z7*1PEg-bx4(67`(@pC=>LuzVL6eOfM^W9Wha!cdM=jPwQ+fkaE5#(Piz#AZ*1}z+} z!*`5!H$*)}fkM_&2iIPX`X7xMjr8DHlnPA`Rd(J zbXTviK#~;}x_ZsSZRD%}dWZ@Ge=0!!+kb>)>>, } diff --git a/crypto/src/aes.rs b/crypto/src/aes.rs index 72bdcae77..f43eff20a 100644 --- a/crypto/src/aes.rs +++ b/crypto/src/aes.rs @@ -224,17 +224,10 @@ mod fruit_flavored { #[inline(always)] pub fn init(&mut self, iv: &[u8]) { + assert_eq!(iv.len(), 12); unsafe { assert_eq!(CCCryptorGCMReset(self.0), 0); - if iv.len() == 16 { - assert_eq!(CCCryptorGCMSetIV(self.0, iv.as_ptr().cast(), 16), 0); - } else if iv.len() < 16 { - let mut tmp = [0_u8; 16]; - tmp[..iv.len()].copy_from_slice(iv); - assert_eq!(CCCryptorGCMSetIV(self.0, tmp.as_ptr().cast(), 16), 0); - } else { - panic!(); - } + assert_eq!(CCCryptorGCMSetIV(self.0, iv.as_ptr().cast(), 12), 0); } } @@ -408,7 +401,9 @@ mod openssl_aes { /// Initialize AES-CTR for encryption or decryption with the given IV. /// If it's already been used, this also resets the cipher. There is no separate reset. + #[inline] pub fn init(&mut self, iv: &[u8]) { + assert_eq!(iv.len(), 12); let mut c = Crypter::new( aes_gcm_by_key_size(self.1), if self.3 { diff --git a/crypto/src/zssp.rs b/crypto/src/zssp.rs index 1c8d9a1aa..db6aac4bd 100644 --- a/crypto/src/zssp.rs +++ b/crypto/src/zssp.rs @@ -20,7 +20,7 @@ use zerotier_utils::ringbuffermap::RingBufferMap; use zerotier_utils::unlikely_branch; use zerotier_utils::varint; -/// Minimum size of a valid physical packet. +/// Minimum size of a valid physical ZSSP packet or packet fragment. pub const MIN_PACKET_SIZE: usize = HEADER_SIZE + AES_GCM_TAG_SIZE; /// Minimum physical MTU for ZSSP to function. @@ -43,7 +43,7 @@ pub const SERVICE_INTERVAL: u64 = 10000; const JEDI: bool = true; /// Maximum number of fragments for data packets. -const MAX_FRAGMENTS: usize = 48; // protocol max: 63 +const MAX_FRAGMENTS: usize = 48; // hard protocol max: 63 /// Maximum number of fragments for key exchange packets (can be smaller to save memory, only a few needed) const KEY_EXCHANGE_MAX_FRAGMENTS: usize = 2; // enough room for p384 + ZT identity + kyber1024 + tag/hmac/etc. @@ -93,9 +93,7 @@ const HMAC_SIZE: usize = 48; /// This is large since some ZeroTier nodes handle huge numbers of links, like roots and controllers. const SESSION_ID_SIZE: usize = 6; -/// Number of session keys to hold at a given time. -/// -/// This provides room for a current, previous, and next key. +/// Number of session keys to hold at a given time (current, previous, next). const KEY_HISTORY_SIZE: usize = 3; // Packet types can range from 0 to 15 (4 bits) -- 0-3 are defined and 4-15 are reserved for future use @@ -105,11 +103,11 @@ const PACKET_TYPE_KEY_OFFER: u8 = 2; // "alice" const PACKET_TYPE_KEY_COUNTER_OFFER: u8 = 3; // "bob" // Key usage labels for sub-key derivation using NIST-style KBKDF (basically just HMAC KDF). -const KBKDF_KEY_USAGE_LABEL_HMAC: u8 = b'M'; -const KBKDF_KEY_USAGE_LABEL_HEADER_CHECK: u8 = b'H'; -const KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB: u8 = b'A'; -const KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE: u8 = b'B'; -const KBKDF_KEY_USAGE_LABEL_RATCHETING: u8 = b'R'; +const KBKDF_KEY_USAGE_LABEL_HMAC: u8 = b'M'; // HMAC-SHA384 authentication for key exchanges +const KBKDF_KEY_USAGE_LABEL_HEADER_CHECK: u8 = b'H'; // AES-based header check code generation +const KBKDF_KEY_USAGE_LABEL_AES_GCM_ALICE_TO_BOB: u8 = b'A'; // AES-GCM in A->B direction +const KBKDF_KEY_USAGE_LABEL_AES_GCM_BOB_TO_ALICE: u8 = b'B'; // AES-GCM in B->A direction +const KBKDF_KEY_USAGE_LABEL_RATCHETING: u8 = b'R'; // Key input for next ephemeral ratcheting /// Aribitrary starting value for master key derivation. /// @@ -125,7 +123,7 @@ const INITIAL_KEY: [u8; 64] = [ ]; pub enum Error { - /// The packet was addressed to an unrecognized local session + /// The packet was addressed to an unrecognized local session (should usually be ignored) UnknownLocalSessionId(SessionId), /// Packet was not well formed @@ -137,36 +135,36 @@ pub enum Error { /// Packet failed one or more authentication (MAC) checks FailedAuthentication, - /// New session was rejected by caller's supplied authentication check function + /// New session was rejected via Host::check_new_session_attempt or Host::accept_new_session. NewSessionRejected, - /// Rekeying failed and session secret has reached its maximum usage count + /// Rekeying failed and session secret has reached its hard usage count limit MaxKeyLifetimeExceeded, - /// Attempt to send using session without established key. + /// Attempt to send using session without established key SessionNotEstablished, /// Packet ignored by rate limiter. RateLimited, - /// Other end sent a protocol version we don't support. + /// The other peer specified an unrecognized protocol version UnknownProtocolVersion, - /// Supplied data buffer is too small to receive data. + /// Caller supplied data buffer is too small to receive data DataBufferTooSmall, - /// Data object is too large to send, even fragmented. + /// Data object is too large to send, even with fragmentation DataTooLarge, - /// An unexpected I/O error such as a buffer overrun occurred. - IoError(std::io::Error), + /// An unexpected I/O error such as a buffer overrun occurred (possible bug) + UnexpectedIoError(std::io::Error), } impl From for Error { #[cold] #[inline(never)] fn from(e: std::io::Error) -> Self { - Self::IoError(e) + Self::UnexpectedIoError(e) } } @@ -184,7 +182,7 @@ impl std::fmt::Display for Error { Self::UnknownProtocolVersion => f.write_str("UnknownProtocolVersion"), Self::DataBufferTooSmall => f.write_str("DataBufferTooSmall"), Self::DataTooLarge => f.write_str("DataTooLarge"), - Self::IoError(e) => f.write_str(format!("OtherError({})", e.to_string()).as_str()), + Self::UnexpectedIoError(e) => f.write_str(format!("UnexpectedIoError({})", e.to_string()).as_str()), } } } @@ -239,7 +237,7 @@ impl SessionId { #[inline] pub fn new_from_reader(r: &mut R) -> std::io::Result> { - let mut tmp = [0_u8; 8]; + let mut tmp = 0_u64.to_ne_bytes(); r.read_exact(&mut tmp[..SESSION_ID_SIZE])?; Ok(Self::new_from_u64(u64::from_le_bytes(tmp))) }