void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-11 06:53:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move some V1-specific stuff into hypervisor code base.

Browse source
This commit is contained in:
Adam Ierymenko 2022-09-13 12:28:30 -04:00
parent d42a70544f
commit c3466078bf
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
3 changed files with 5 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
crypto/src/kbkdf.rs
View file

@ -1,21 +0,0 @@
// (c) 2020-2022 ZeroTier, Inc. -- currently propritery pending actual release and licensing. See LICENSE.md.
use crate::hash::*;
use crate::secret::Secret;
/*
* HMAC'd message is: preface | iteration[4], preface[2], label, 0x00, context, hash size[4]
*
* Iteration and context are always zero here. Preface is 'ZT'. Hash size is in bits. Integers
* larger than one byte are big-endian.
*
* See: https://csrc.nist.gov/publications/detail/sp/800-108/final (page 12)
*/
pub fn zt_kbkdf_hmac_sha384(key: &[u8], label: u8) -> Secret<48> {
Secret(hmac_sha384(key, &[0, 0, 0, 0, b'Z', b'T', label, 0, 0, 0, 0, 0x01, 0x80]))
}
//pub fn zt_kbkdf_hmac_sha512(key: &[u8], label: u8) -> Secret<64> {
// Secret(hmac_sha512(key, &[0, 0, 0, 0, b'Z', b'T', label, 0, 0, 0, 0, 0x02, 0x00]))
//}

1
crypto/src/lib.rs
View file

@ -3,7 +3,6 @@
pub mod aes; pub mod aes;
pub mod aes_gmac_siv; pub mod aes_gmac_siv;
pub mod hash; pub mod hash;
pub mod kbkdf;
pub mod p384; pub mod p384;
pub mod poly1305; pub mod poly1305;
pub mod random; pub mod random;

6
network-hypervisor/src/vl1/symmetricsecret.rs
View file

@ -1,7 +1,7 @@
// (c) 2020-2022 ZeroTier, Inc. -- currently propritery pending actual release and licensing. See LICENSE.md. // (c) 2020-2022 ZeroTier, Inc. -- currently propritery pending actual release and licensing. See LICENSE.md.
use zerotier_crypto::aes_gmac_siv::AesGmacSiv; use zerotier_crypto::aes_gmac_siv::AesGmacSiv;
use zerotier_crypto::kbkdf::zt_kbkdf_hmac_sha384; use zerotier_crypto::hash::hmac_sha384;
use zerotier_crypto::secret::Secret; use zerotier_crypto::secret::Secret;
use crate::vl1::protocol::*; use crate::vl1::protocol::*;
@ -19,6 +19,10 @@ pub(crate) struct SymmetricSecret {
pub aes_gmac_siv: Pool<AesGmacSiv, AesGmacSivPoolFactory>, pub aes_gmac_siv: Pool<AesGmacSiv, AesGmacSivPoolFactory>,
} }
fn zt_kbkdf_hmac_sha384(key: &[u8], label: u8) -> Secret<48> {
Secret(hmac_sha384(key, &[0, 0, 0, 0, b'Z', b'T', label, 0, 0, 0, 0, 0x01, 0x80]))
}
impl SymmetricSecret { impl SymmetricSecret {
/// Create a new symmetric secret, deriving all sub-keys and such. /// Create a new symmetric secret, deriving all sub-keys and such.
pub fn new(key: Secret<64>) -> SymmetricSecret { pub fn new(key: Secret<64>) -> SymmetricSecret {