void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-06 20:43:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

ran cargo fmt

Browse source
This commit is contained in:
mamoniot 2023-03-14 18:16:21 -04:00
parent 3b3ed9765d
commit 87eb124551
No known key found for this signature in database
GPG key ID: ADCCDBBE0E3D3B3B
2 changed files with 16 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
zssp/src/proto.rs
View file

@ -27,14 +27,12 @@ pub const MAX_INIT_PAYLOAD_SIZE: usize = MAX_NOISE_HANDSHAKE_SIZE - ALICE_NOISE_
/// Initial value of 'h' /// Initial value of 'h'
/// echo -n 'Noise_XKpsk3_P384_AESGCM_SHA512_hybridKyber1024' | shasum -a 512 /// echo -n 'Noise_XKpsk3_P384_AESGCM_SHA512_hybridKyber1024' | shasum -a 512
pub(crate) const INITIAL_H: [u8; SHA512_HASH_SIZE] = hex!( pub(crate) const INITIAL_H: [u8; SHA512_HASH_SIZE] =
"12ae70954e8d93bf7f73d0fe48d487155666f541e532f9461af5ef52ab90c8fd9259ef9e48f5adcf9af63f869805a570004ae095655dcaddbc226a50623b2b25" hex!("12ae70954e8d93bf7f73d0fe48d487155666f541e532f9461af5ef52ab90c8fd9259ef9e48f5adcf9af63f869805a570004ae095655dcaddbc226a50623b2b25");
);
/// Initial value of 'h' /// Initial value of 'h'
/// echo -n 'Noise_KKpsk0_P384_AESGCM_SHA512' | shasum -a 512 /// echo -n 'Noise_KKpsk0_P384_AESGCM_SHA512' | shasum -a 512
pub(crate) const INITIAL_H_REKEY: [u8; SHA512_HASH_SIZE] = hex!( pub(crate) const INITIAL_H_REKEY: [u8; SHA512_HASH_SIZE] =
"daeedd651ac9c5173f2eaaff996beebac6f3f1bfe9a70bb1cc54fa1fb2bf46260d71a3c4fb4d4ee36f654c31773a8a15e5d5be974a0668dc7db70f4e13ed172e" hex!("daeedd651ac9c5173f2eaaff996beebac6f3f1bfe9a70bb1cc54fa1fb2bf46260d71a3c4fb4d4ee36f654c31773a8a15e5d5be974a0668dc7db70f4e13ed172e");
);
/// Version 0: Noise_XK with NIST P-384 plus Kyber1024 hybrid exchange on session init. /// Version 0: Noise_XK with NIST P-384 plus Kyber1024 hybrid exchange on session init.
pub(crate) const SESSION_PROTOCOL_VERSION: u8 = 0x00; pub(crate) const SESSION_PROTOCOL_VERSION: u8 = 0x00;

48
zssp/src/zssp.rs
View file

@ -15,7 +15,7 @@ use std::sync::atomic::{AtomicI64, AtomicU64, AtomicUsize, Ordering};
use std::sync::{Arc, Mutex, MutexGuard, RwLock, Weak}; use std::sync::{Arc, Mutex, MutexGuard, RwLock, Weak};
use zerotier_crypto::aes::{Aes, AesGcm}; use zerotier_crypto::aes::{Aes, AesGcm};
use zerotier_crypto::hash::{SHA512, hmac_sha512_secret, hmac_sha512_secret256}; use zerotier_crypto::hash::{hmac_sha512_secret, hmac_sha512_secret256, SHA512};
use zerotier_crypto::p384::{P384KeyPair, P384PublicKey}; use zerotier_crypto::p384::{P384KeyPair, P384PublicKey};
use zerotier_crypto::secret::Secret; use zerotier_crypto::secret::Secret;
use zerotier_crypto::{random, secure_eq}; use zerotier_crypto::{random, secure_eq};
@ -935,9 +935,10 @@ impl<Application: ApplicationLayer> Context<Application> {
let mut enc_start = ack_len; let mut enc_start = ack_len;
ack_len = append_to_slice(&mut ack, ack_len, alice_s_public_blob)?; ack_len = append_to_slice(&mut ack, ack_len, alice_s_public_blob)?;
let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>( let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(&hmac_sha512_secret(
&hmac_sha512_secret(noise_ck_es_ee.as_bytes(), hk.as_bytes()), noise_ck_es_ee.as_bytes(),
)); hk.as_bytes(),
)));
gcm.reset_init_gcm(&reply_message_nonce); gcm.reset_init_gcm(&reply_message_nonce);
gcm.aad(&noise_h_next); gcm.aad(&noise_h_next);
gcm.crypt_in_place(&mut ack[enc_start..ack_len]); gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
@ -953,9 +954,7 @@ impl<Application: ApplicationLayer> Context<Application> {
enc_start = ack_len; enc_start = ack_len;
ack_len = append_to_slice(&mut ack, ack_len, metadata)?; ack_len = append_to_slice(&mut ack, ack_len, metadata)?;
let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_SE_HK_PSK>( let mut gcm = AesGcm::new(&kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_SE_HK_PSK>(&noise_ck_es_ee_se_hk_psk));
&noise_ck_es_ee_se_hk_psk,
));
gcm.reset_init_gcm(&reply_message_nonce); gcm.reset_init_gcm(&reply_message_nonce);
gcm.aad(&noise_h_next); gcm.aad(&noise_h_next);
gcm.crypt_in_place(&mut ack[enc_start..ack_len]); gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
@ -1041,9 +1040,10 @@ impl<Application: ApplicationLayer> Context<Application> {
let alice_static_public_blob = r.read_decrypt_auth( let alice_static_public_blob = r.read_decrypt_auth(
alice_static_public_blob_size, alice_static_public_blob_size,
kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>( kbkdf256::<KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(&hmac_sha512_secret(
&hmac_sha512_secret(incoming.noise_ck_es_ee.as_bytes(), incoming.hk.as_bytes()), incoming.noise_ck_es_ee.as_bytes(),
), incoming.hk.as_bytes(),
)),
&incoming.noise_h, &incoming.noise_h,
&incoming_message_nonce, &incoming_message_nonce,
)?; )?;
@ -1706,34 +1706,10 @@ fn mix_hash(h: &[u8; NOISE_HASHLEN], m: &[u8]) -> [u8; NOISE_HASHLEN] {
/// These are the values we have assigned to the 5 variables involved in https://csrc.nist.gov/publications/detail/sp/800-108/final: /// These are the values we have assigned to the 5 variables involved in https://csrc.nist.gov/publications/detail/sp/800-108/final:
/// K_in = key, i = 1u8, Label = b'Z'||b'T'||LABEL, Context = 0u8, L = 512u16 or 256u16 /// K_in = key, i = 1u8, Label = b'Z'||b'T'||LABEL, Context = 0u8, L = 512u16 or 256u16
fn kbkdf512<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<NOISE_HASHLEN> { fn kbkdf512<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<NOISE_HASHLEN> {
hmac_sha512_secret( hmac_sha512_secret(key.as_bytes(), &[1, b'Z', b'T', LABEL, 0x00, 0, 2u8, 0u8])
key.as_bytes(),
&[
1,
b'Z',
b'T',
LABEL,
0x00,
0,
2u8,
0u8,
],
)
} }
fn kbkdf256<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<32> { fn kbkdf256<const LABEL: u8>(key: &Secret<NOISE_HASHLEN>) -> Secret<32> {
hmac_sha512_secret256( hmac_sha512_secret256(key.as_bytes(), &[1, b'Z', b'T', LABEL, 0x00, 0, 1u8, 0u8])
key.as_bytes(),
&[
1,
b'Z',
b'T',
LABEL,
0x00,
0,
1u8,
0u8,
],
)
} }
fn prng32(mut x: u32) -> u32 { fn prng32(mut x: u32) -> u32 {