mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2025-06-06 12:33:44 +02:00
ran cargo fmt
This commit is contained in:
parent
3b3ed9765d
commit
87eb124551
2 changed files with 16 additions and 42 deletions
|
@ -27,14 +27,12 @@ pub const MAX_INIT_PAYLOAD_SIZE: usize = MAX_NOISE_HANDSHAKE_SIZE - ALICE_NOISE_
|
||||||
|
|
||||||
/// Initial value of 'h'
|
/// Initial value of 'h'
|
||||||
/// echo -n 'Noise_XKpsk3_P384_AESGCM_SHA512_hybridKyber1024' | shasum -a 512
|
/// echo -n 'Noise_XKpsk3_P384_AESGCM_SHA512_hybridKyber1024' | shasum -a 512
|
||||||
pub(crate) const INITIAL_H: [u8; SHA512_HASH_SIZE] = hex!(
|
pub(crate) const INITIAL_H: [u8; SHA512_HASH_SIZE] =
|
||||||
"12ae70954e8d93bf7f73d0fe48d487155666f541e532f9461af5ef52ab90c8fd9259ef9e48f5adcf9af63f869805a570004ae095655dcaddbc226a50623b2b25"
|
hex!("12ae70954e8d93bf7f73d0fe48d487155666f541e532f9461af5ef52ab90c8fd9259ef9e48f5adcf9af63f869805a570004ae095655dcaddbc226a50623b2b25");
|
||||||
);
|
|
||||||
/// Initial value of 'h'
|
/// Initial value of 'h'
|
||||||
/// echo -n 'Noise_KKpsk0_P384_AESGCM_SHA512' | shasum -a 512
|
/// echo -n 'Noise_KKpsk0_P384_AESGCM_SHA512' | shasum -a 512
|
||||||
pub(crate) const INITIAL_H_REKEY: [u8; SHA512_HASH_SIZE] = hex!(
|
pub(crate) const INITIAL_H_REKEY: [u8; SHA512_HASH_SIZE] =
|
||||||
"daeedd651ac9c5173f2eaaff996beebac6f3f1bfe9a70bb1cc54fa1fb2bf46260d71a3c4fb4d4ee36f654c31773a8a15e5d5be974a0668dc7db70f4e13ed172e"
|
hex!("daeedd651ac9c5173f2eaaff996beebac6f3f1bfe9a70bb1cc54fa1fb2bf46260d71a3c4fb4d4ee36f654c31773a8a15e5d5be974a0668dc7db70f4e13ed172e");
|
||||||
);
|
|
||||||
|
|
||||||
/// Version 0: Noise_XK with NIST P-384 plus Kyber1024 hybrid exchange on session init.
|
/// Version 0: Noise_XK with NIST P-384 plus Kyber1024 hybrid exchange on session init.
|
||||||
pub(crate) const SESSION_PROTOCOL_VERSION: u8 = 0x00;
|
pub(crate) const SESSION_PROTOCOL_VERSION: u8 = 0x00;
|
||||||
|
|
|
@ -15,7 +15,7 @@ use std::sync::atomic::{AtomicI64, AtomicU64, AtomicUsize, Ordering};
|
||||||
use std::sync::{Arc, Mutex, MutexGuard, RwLock, Weak};
|
use std::sync::{Arc, Mutex, MutexGuard, RwLock, Weak};
|
||||||
|
|
||||||
use zerotier_crypto::aes::{Aes, AesGcm};
|
use zerotier_crypto::aes::{Aes, AesGcm};
|
||||||
use zerotier_crypto::hash::{SHA512, hmac_sha512_secret, hmac_sha512_secret256};
|
use zerotier_crypto::hash::{hmac_sha512_secret, hmac_sha512_secret256, SHA512};
|
||||||
use zerotier_crypto::p384::{P384KeyPair, P384PublicKey};
|
use zerotier_crypto::p384::{P384KeyPair, P384PublicKey};
|
||||||
use zerotier_crypto::secret::Secret;
|
use zerotier_crypto::secret::Secret;
|
||||||
use zerotier_crypto::{random, secure_eq};
|
use zerotier_crypto::{random, secure_eq};
|
||||||
|
@ -935,9 +935,10 @@ impl<Application: ApplicationLayer> Context<Application> {
|
||||||
let mut enc_start = ack_len;
|
let mut enc_start = ack_len;
|
||||||
ack_len = append_to_slice(&mut ack, ack_len, alice_s_public_blob)?;
|
ack_len = append_to_slice(&mut ack, ack_len, alice_s_public_blob)?;
|
||||||
|
|
||||||
let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(
|
let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(&hmac_sha512_secret(
|
||||||
&hmac_sha512_secret(noise_ck_es_ee.as_bytes(), hk.as_bytes()),
|
noise_ck_es_ee.as_bytes(),
|
||||||
));
|
hk.as_bytes(),
|
||||||
|
)));
|
||||||
gcm.reset_init_gcm(&reply_message_nonce);
|
gcm.reset_init_gcm(&reply_message_nonce);
|
||||||
gcm.aad(&noise_h_next);
|
gcm.aad(&noise_h_next);
|
||||||
gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
|
gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
|
||||||
|
@ -953,9 +954,7 @@ impl<Application: ApplicationLayer> Context<Application> {
|
||||||
enc_start = ack_len;
|
enc_start = ack_len;
|
||||||
ack_len = append_to_slice(&mut ack, ack_len, metadata)?;
|
ack_len = append_to_slice(&mut ack, ack_len, metadata)?;
|
||||||
|
|
||||||
let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_SE_HK_PSK>(
|
let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_SE_HK_PSK>(&noise_ck_es_ee_se_hk_psk));
|
||||||
&noise_ck_es_ee_se_hk_psk,
|
|
||||||
));
|
|
||||||
gcm.reset_init_gcm(&reply_message_nonce);
|
gcm.reset_init_gcm(&reply_message_nonce);
|
||||||
gcm.aad(&noise_h_next);
|
gcm.aad(&noise_h_next);
|
||||||
gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
|
gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
|
||||||
|
@ -1041,9 +1040,10 @@ impl<Application: ApplicationLayer> Context<Application> {
|
||||||
|
|
||||||
let alice_static_public_blob = r.read_decrypt_auth(
|
let alice_static_public_blob = r.read_decrypt_auth(
|
||||||
alice_static_public_blob_size,
|
alice_static_public_blob_size,
|
||||||
kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(
|
kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(&hmac_sha512_secret(
|
||||||
&hmac_sha512_secret(incoming.noise_ck_es_ee.as_bytes(), incoming.hk.as_bytes()),
|
incoming.noise_ck_es_ee.as_bytes(),
|
||||||
),
|
incoming.hk.as_bytes(),
|
||||||
|
)),
|
||||||
&incoming.noise_h,
|
&incoming.noise_h,
|
||||||
&incoming_message_nonce,
|
&incoming_message_nonce,
|
||||||
)?;
|
)?;
|
||||||
|
@ -1706,34 +1706,10 @@ fn mix_hash(h: &[u8; NOISE_HASHLEN], m: &[u8]) -> [u8; NOISE_HASHLEN] {
|
||||||
/// These are the values we have assigned to the 5 variables involved in https://csrc.nist.gov/publications/detail/sp/800-108/final:
|
/// These are the values we have assigned to the 5 variables involved in https://csrc.nist.gov/publications/detail/sp/800-108/final:
|
||||||
/// K_in = key, i = 1u8, Label = b'Z'||b'T'||LABEL, Context = 0u8, L = 512u16 or 256u16
|
/// K_in = key, i = 1u8, Label = b'Z'||b'T'||LABEL, Context = 0u8, L = 512u16 or 256u16
|
||||||
fn kbkdf512<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<NOISE_HASHLEN> {
|
fn kbkdf512<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<NOISE_HASHLEN> {
|
||||||
hmac_sha512_secret(
|
hmac_sha512_secret(key.as_bytes(), &[1, b'Z', b'T', LABEL, 0x00, 0, 2u8, 0u8])
|
||||||
key.as_bytes(),
|
|
||||||
&[
|
|
||||||
1,
|
|
||||||
b'Z',
|
|
||||||
b'T',
|
|
||||||
LABEL,
|
|
||||||
0x00,
|
|
||||||
0,
|
|
||||||
2u8,
|
|
||||||
0u8,
|
|
||||||
],
|
|
||||||
)
|
|
||||||
}
|
}
|
||||||
fn kbkdf256<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<32> {
|
fn kbkdf256<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<32> {
|
||||||
hmac_sha512_secret256(
|
hmac_sha512_secret256(key.as_bytes(), &[1, b'Z', b'T', LABEL, 0x00, 0, 1u8, 0u8])
|
||||||
key.as_bytes(),
|
|
||||||
&[
|
|
||||||
1,
|
|
||||||
b'Z',
|
|
||||||
b'T',
|
|
||||||
LABEL,
|
|
||||||
0x00,
|
|
||||||
0,
|
|
||||||
1u8,
|
|
||||||
0u8,
|
|
||||||
],
|
|
||||||
)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
fn prng32(mut x: u32) -> u32 {
|
fn prng32(mut x: u32) -> u32 {
|
||||||
|
|
Loading…
Add table
Reference in a new issue