|
|
|
@ -20,7 +20,6 @@
|
|
|
|
|
#include "../network/network.h"
|
|
|
|
|
#include "../network/network_func.h"
|
|
|
|
|
#include "../network/network_server.h"
|
|
|
|
|
#include "../3rdparty/randombytes/randombytes.h"
|
|
|
|
|
#include "../3rdparty/monocypher/monocypher.h"
|
|
|
|
|
|
|
|
|
|
#include "saveload.h"
|
|
|
|
@ -592,23 +591,23 @@ static void Load_PLYP()
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint8_t token[16];
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes(token, 16);
|
|
|
|
|
if (memcmp(token, _network_company_password_storage_token, 16) != 0) {
|
|
|
|
|
std::array<uint8_t, 16> token;
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes(token.data(), 16);
|
|
|
|
|
if (token != _network_company_password_storage_token) {
|
|
|
|
|
DEBUG(sl, 2, "Skipping encrypted company passwords");
|
|
|
|
|
SlSkipBytes(size - 16);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint8_t nonce[24];
|
|
|
|
|
uint8_t mac[16];
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes(nonce, 24);
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes(mac, 16);
|
|
|
|
|
std::array<uint8_t, 16> mac;
|
|
|
|
|
std::array<uint8_t, 24> nonce;
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes(nonce.data(), 24);
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes(mac.data(), 16);
|
|
|
|
|
|
|
|
|
|
std::vector<uint8_t> buffer(size - 16 - 24 - 16);
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes(buffer.data(), buffer.size());
|
|
|
|
|
|
|
|
|
|
if (crypto_aead_unlock(buffer.data(), mac, _network_company_password_storage_key, nonce, nullptr, 0, buffer.data(), buffer.size()) == 0) {
|
|
|
|
|
if (crypto_aead_unlock(buffer.data(), mac.data(), _network_company_password_storage_key.data(), nonce.data(), nullptr, 0, buffer.data(), buffer.size()) == 0) {
|
|
|
|
|
SlLoadFromBuffer(buffer.data(), buffer.size(), [invalid_mask]() {
|
|
|
|
|
_network_company_server_id.resize(SlReadUint32());
|
|
|
|
|
ReadBuffer::GetCurrent()->CopyBytes((uint8_t *)_network_company_server_id.data(), _network_company_server_id.size());
|
|
|
|
@ -652,13 +651,6 @@ static void Save_PLYP()
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint8_t nonce[24]; /* Use only once per key: random */
|
|
|
|
|
if (randombytes(nonce, 24) < 0) {
|
|
|
|
|
/* Can't get a random nonce, just give up */
|
|
|
|
|
SlSetLength(0);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
std::vector<byte> buffer = SlSaveToVector([]() {
|
|
|
|
|
SlWriteUint32((uint32_t)_network_company_server_id.size());
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes((const uint8_t *)_network_company_server_id.data(), _network_company_server_id.size());
|
|
|
|
@ -674,27 +666,30 @@ static void Save_PLYP()
|
|
|
|
|
SlWriteUint16(0xFFFF);
|
|
|
|
|
|
|
|
|
|
/* Add some random length padding to not make it too obvious from the length whether passwords are set or not */
|
|
|
|
|
uint8_t padding[256];
|
|
|
|
|
if (randombytes(padding, 256) >= 0) {
|
|
|
|
|
SlWriteByte(padding[0]);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(padding + 1, padding[0]);
|
|
|
|
|
} else {
|
|
|
|
|
SlWriteByte(0);
|
|
|
|
|
}
|
|
|
|
|
std::array<uint8_t, 256> padding;
|
|
|
|
|
RandomBytesWithFallback(padding);
|
|
|
|
|
SlWriteByte(padding[0]);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(padding.data() + 1, padding[0]);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
uint8_t mac[16]; /* Message authentication code */
|
|
|
|
|
/* Message authentication code */
|
|
|
|
|
std::array<uint8_t, 16> mac;
|
|
|
|
|
|
|
|
|
|
/* Use only once per key: random */
|
|
|
|
|
std::array<uint8_t, 24> nonce;
|
|
|
|
|
RandomBytesWithFallback(nonce);
|
|
|
|
|
|
|
|
|
|
/* Encrypt in place */
|
|
|
|
|
crypto_aead_lock(buffer.data(), mac, _network_company_password_storage_key, nonce, nullptr, 0, buffer.data(), buffer.size());
|
|
|
|
|
crypto_aead_lock(buffer.data(), mac.data(), _network_company_password_storage_key.data(), nonce.data(), nullptr, 0, buffer.data(), buffer.size());
|
|
|
|
|
|
|
|
|
|
SlSetLength(2 + 16 + 24 + 16 + buffer.size());
|
|
|
|
|
SlWriteUint16(0); // Invalid mask
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(_network_company_password_storage_token, 16);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(nonce, 24);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(mac, 16);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(buffer.data(), buffer.size());
|
|
|
|
|
static_assert(_network_company_password_storage_token.size() == 16);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(_network_company_password_storage_token.data(), 16);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(nonce);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(mac);
|
|
|
|
|
MemoryDumper::GetCurrent()->CopyBytes(buffer);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static const ChunkHandler company_chunk_handlers[] = {
|
|
|
|
|