mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2025-06-07 13:03:45 +02:00
Some more merge fixes.
This commit is contained in:
Adam Ierymenko
parent
4192da956b
commit
8dfa991cef
1 changed files with 21 additions and 23 deletions
|
|
@ -125,7 +125,7 @@ struct OutgoingSessionOffer {
|
||||||
struct OutgoingSessionAck {
|
struct OutgoingSessionAck {
|
||||||
last_retry_time: AtomicI64,
|
last_retry_time: AtomicI64,
|
||||||
ack: [u8; MAX_NOISE_HANDSHAKE_SIZE],
|
ack: [u8; MAX_NOISE_HANDSHAKE_SIZE],
|
||||||
ack_size: usize,
|
ack_len: usize,
|
||||||
}
|
}
|
||||||
|
|
||||||
enum Offer {
|
enum Offer {
|
||||||
|
|
@ -214,7 +214,7 @@ impl<Application: ApplicationLayer> Context<Application> {
|
||||||
ack.last_retry_time.store(current_time, Ordering::Relaxed);
|
ack.last_retry_time.store(current_time, Ordering::Relaxed);
|
||||||
let _ = send_with_fragmentation(
|
let _ = send_with_fragmentation(
|
||||||
|b| send(&session, b),
|
|b| send(&session, b),
|
||||||
&mut (ack.ack.clone())[..ack.ack_size],
|
&mut (ack.ack.clone())[..ack.ack_len],
|
||||||
state.physical_mtu,
|
state.physical_mtu,
|
||||||
PACKET_TYPE_ALICE_NOISE_XK_ACK,
|
PACKET_TYPE_ALICE_NOISE_XK_ACK,
|
||||||
state.remote_session_id,
|
state.remote_session_id,
|
||||||
|
|
@ -747,6 +747,7 @@ impl<Application: ApplicationLayer> Context<Application> {
|
||||||
|
|
||||||
let mut sessions = self.sessions.write().unwrap();
|
let mut sessions = self.sessions.write().unwrap();
|
||||||
|
|
||||||
|
// Pick an unused session ID on this side.
|
||||||
let mut bob_session_id;
|
let mut bob_session_id;
|
||||||
loop {
|
loop {
|
||||||
bob_session_id = SessionId::random();
|
bob_session_id = SessionId::random();
|
||||||
|
|
@ -895,44 +896,41 @@ impl<Application: ApplicationLayer> Context<Application> {
|
||||||
|
|
||||||
// Create reply informing Bob of our static identity now that we've verified Bob and set
|
// Create reply informing Bob of our static identity now that we've verified Bob and set
|
||||||
// up forward secrecy. Also return Bob's opaque note.
|
// up forward secrecy. Also return Bob's opaque note.
|
||||||
let mut reply_buffer = [0u8; MAX_NOISE_HANDSHAKE_SIZE];
|
let mut ack = [0u8; MAX_NOISE_HANDSHAKE_SIZE];
|
||||||
reply_buffer[HEADER_SIZE] = SESSION_PROTOCOL_VERSION;
|
ack[HEADER_SIZE] = SESSION_PROTOCOL_VERSION;
|
||||||
let mut reply_len = HEADER_SIZE + 1;
|
let mut ack_len = HEADER_SIZE + 1;
|
||||||
|
|
||||||
let alice_s_public_blob = app.get_local_s_public_blob();
|
let alice_s_public_blob = app.get_local_s_public_blob();
|
||||||
assert!(alice_s_public_blob.len() <= (u16::MAX as usize));
|
assert!(alice_s_public_blob.len() <= (u16::MAX as usize));
|
||||||
reply_len = append_to_slice(&mut reply_buffer, reply_len, &(alice_s_public_blob.len() as u16).to_le_bytes())?;
|
ack_len = append_to_slice(&mut ack, ack_len, &(alice_s_public_blob.len() as u16).to_le_bytes())?;
|
||||||
let mut enc_start = reply_len;
|
let mut enc_start = ack_len;
|
||||||
reply_len = append_to_slice(&mut reply_buffer, reply_len, alice_s_public_blob)?;
|
ack_len = append_to_slice(&mut ack, ack_len, alice_s_public_blob)?;
|
||||||
|
|
||||||
let mut gcm = AesGcm::new(&kbkdf::<AES_256_KEY_SIZE, KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(
|
let mut gcm = AesGcm::new(&kbkdf::<AES_256_KEY_SIZE, KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_HK>(
|
||||||
hmac_sha512_secret::<BASE_KEY_SIZE>(noise_es_ee.as_bytes(), hk.as_bytes()).as_bytes(),
|
hmac_sha512_secret::<BASE_KEY_SIZE>(noise_es_ee.as_bytes(), hk.as_bytes()).as_bytes(),
|
||||||
));
|
));
|
||||||
gcm.reset_init_gcm(&reply_message_nonce);
|
gcm.reset_init_gcm(&reply_message_nonce);
|
||||||
gcm.aad(&noise_h_next);
|
gcm.aad(&noise_h_next);
|
||||||
gcm.crypt_in_place(&mut reply_buffer[enc_start..reply_len]);
|
gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
|
||||||
reply_len = append_to_slice(&mut reply_buffer, reply_len, &gcm.finish_encrypt())?;
|
ack_len = append_to_slice(&mut ack, ack_len, &gcm.finish_encrypt())?;
|
||||||
|
|
||||||
let metadata = outgoing_offer.metadata.as_ref().map_or(&[][..0], |md| md.as_slice());
|
let metadata = outgoing_offer.metadata.as_ref().map_or(&[][..0], |md| md.as_slice());
|
||||||
|
|
||||||
assert!(metadata.len() <= (u16::MAX as usize));
|
assert!(metadata.len() <= (u16::MAX as usize));
|
||||||
reply_len = append_to_slice(&mut reply_buffer, reply_len, &(metadata.len() as u16).to_le_bytes())?;
|
ack_len = append_to_slice(&mut ack, ack_len, &(metadata.len() as u16).to_le_bytes())?;
|
||||||
|
|
||||||
let noise_h_next = mix_hash(
|
let noise_h_next = mix_hash(&mix_hash(&noise_h_next, &ack[HEADER_SIZE..ack_len]), outgoing_offer.psk.as_bytes());
|
||||||
&mix_hash(&noise_h_next, &reply_buffer[HEADER_SIZE..reply_len]),
|
|
||||||
outgoing_offer.psk.as_bytes(),
|
|
||||||
);
|
|
||||||
|
|
||||||
enc_start = reply_len;
|
enc_start = ack_len;
|
||||||
reply_len = append_to_slice(&mut reply_buffer, reply_len, metadata)?;
|
ack_len = append_to_slice(&mut ack, ack_len, metadata)?;
|
||||||
|
|
||||||
let mut gcm = AesGcm::new(&kbkdf::<AES_256_KEY_SIZE, KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_SE_HK_PSK>(
|
let mut gcm = AesGcm::new(&kbkdf::<AES_256_KEY_SIZE, KBKDF_KEY_USAGE_LABEL_KEX_ES_EE_SE_HK_PSK>(
|
||||||
noise_es_ee_se_hk_psk.as_bytes(),
|
noise_es_ee_se_hk_psk.as_bytes(),
|
||||||
));
|
));
|
||||||
gcm.reset_init_gcm(&reply_message_nonce);
|
gcm.reset_init_gcm(&reply_message_nonce);
|
||||||
gcm.aad(&noise_h_next);
|
gcm.aad(&noise_h_next);
|
||||||
gcm.crypt_in_place(&mut reply_buffer[enc_start..reply_len]);
|
gcm.crypt_in_place(&mut ack[enc_start..ack_len]);
|
||||||
reply_len = append_to_slice(&mut reply_buffer, reply_len, &gcm.finish_encrypt())?;
|
ack_len = append_to_slice(&mut ack, ack_len, &gcm.finish_encrypt())?;
|
||||||
|
|
||||||
let mtu = state.physical_mtu;
|
let mtu = state.physical_mtu;
|
||||||
|
|
||||||
|
|
@ -952,14 +950,14 @@ impl<Application: ApplicationLayer> Context<Application> {
|
||||||
state.current_key = 0;
|
state.current_key = 0;
|
||||||
state.current_offer = Offer::NoiseXKAck(Box::new(OutgoingSessionAck {
|
state.current_offer = Offer::NoiseXKAck(Box::new(OutgoingSessionAck {
|
||||||
last_retry_time: AtomicI64::new(current_time),
|
last_retry_time: AtomicI64::new(current_time),
|
||||||
ack: reply_buffer,
|
ack,
|
||||||
ack_size: reply_len,
|
ack_len,
|
||||||
}));
|
}));
|
||||||
}
|
}
|
||||||
|
|
||||||
send_with_fragmentation(
|
send_with_fragmentation(
|
||||||
|b| send(Some(&session), b),
|
|b| send(Some(&session), b),
|
||||||
&mut reply_buffer[..reply_len],
|
&mut ack[..ack_len],
|
||||||
mtu,
|
mtu,
|
||||||
PACKET_TYPE_ALICE_NOISE_XK_ACK,
|
PACKET_TYPE_ALICE_NOISE_XK_ACK,
|
||||||
Some(bob_session_id),
|
Some(bob_session_id),
|
||||||
|
|
@ -1575,7 +1573,7 @@ impl SessionKey {
|
||||||
rekey_at_counter: current_counter.checked_add(Application::REKEY_AFTER_USES).unwrap(),
|
rekey_at_counter: current_counter.checked_add(Application::REKEY_AFTER_USES).unwrap(),
|
||||||
expire_at_counter: current_counter.checked_add(Application::EXPIRE_AFTER_USES).unwrap(),
|
expire_at_counter: current_counter.checked_add(Application::EXPIRE_AFTER_USES).unwrap(),
|
||||||
ratchet_count,
|
ratchet_count,
|
||||||
initiate_rekey: bob,
|
my_turn_to_rekey: bob,
|
||||||
confirmed,
|
confirmed,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue