lokinet/llarp/encrypted_frame.cpp

158 lines
3.6 KiB
C++
Raw Normal View History

2018-06-11 13:44:49 +00:00
#include <llarp/crypto.hpp>
2018-06-10 14:05:48 +00:00
#include <llarp/encrypted_frame.hpp>
2018-06-11 13:25:10 +00:00
#include "logger.hpp"
2018-06-18 22:03:50 +00:00
#include "mem.hpp"
2018-06-10 14:05:48 +00:00
namespace llarp
{
2018-06-22 00:25:30 +00:00
Encrypted::Encrypted()
{
UpdateBuffer();
}
2018-08-09 19:02:17 +00:00
Encrypted::Encrypted(const Encrypted& other)
2018-10-19 11:34:27 +00:00
: Encrypted(other.data(), other.size())
2018-08-09 19:02:17 +00:00
{
}
2018-10-19 11:34:27 +00:00
Encrypted::Encrypted(const byte_t* buf, size_t sz) : _data(sz)
2018-06-10 14:05:48 +00:00
{
2018-10-19 11:34:27 +00:00
if(buf)
memcpy(data(), buf, sz);
else
llarp::Zero(data(), sz);
UpdateBuffer();
2018-06-21 12:55:02 +00:00
}
2018-08-30 18:48:43 +00:00
2018-06-21 12:55:02 +00:00
Encrypted::~Encrypted()
{
2018-06-10 14:05:48 +00:00
}
2018-06-11 13:25:10 +00:00
Encrypted::Encrypted(size_t sz) : Encrypted(nullptr, sz)
2018-06-10 14:05:48 +00:00
{
}
2018-06-11 13:44:49 +00:00
bool
EncryptedFrame::EncryptInPlace(const byte_t* ourSecretKey,
const byte_t* otherPubkey,
2018-06-11 13:44:49 +00:00
llarp_crypto* crypto)
{
// format of frame is
// <32 bytes keyed hash of following data>
// <32 bytes nonce>
// <32 bytes pubkey>
// <N bytes encrypted payload>
//
2018-06-19 17:11:24 +00:00
byte_t* hash = data();
byte_t* nonce = hash + SHORTHASHSIZE;
byte_t* pubkey = nonce + TUNNONCESIZE;
byte_t* body = pubkey + PUBKEYSIZE;
2018-06-11 13:44:49 +00:00
SharedSecret shared;
2018-06-11 13:44:49 +00:00
auto DH = crypto->dh_client;
auto Encrypt = crypto->xchacha20;
auto MDS = crypto->hmac;
llarp_buffer_t buf;
buf.base = body;
buf.cur = buf.base;
2018-06-19 17:11:24 +00:00
buf.sz = size() - EncryptedFrame::OverheadSize;
2018-06-11 13:44:49 +00:00
// set our pubkey
memcpy(pubkey, llarp::seckey_topublic(ourSecretKey), PUBKEYSIZE);
2018-06-11 13:44:49 +00:00
// randomize nonce
crypto->randbytes(nonce, TUNNONCESIZE);
2018-06-11 13:44:49 +00:00
// derive shared key
2018-06-20 12:34:48 +00:00
if(!DH(shared, otherPubkey, ourSecretKey, nonce))
2018-06-11 13:44:49 +00:00
{
llarp::LogError("DH failed");
2018-06-11 13:44:49 +00:00
return false;
}
2018-06-20 12:34:48 +00:00
2018-06-11 13:44:49 +00:00
// encrypt body
if(!Encrypt(buf, shared, nonce))
{
llarp::LogError("encrypt failed");
2018-06-11 13:44:49 +00:00
return false;
}
// generate message auth
buf.base = nonce;
buf.cur = buf.base;
2018-06-19 17:11:24 +00:00
buf.sz = size() - SHORTHASHSIZE;
2018-06-11 13:44:49 +00:00
if(!MDS(hash, buf, shared))
{
llarp::LogError("Failed to generate messgae auth");
2018-06-11 13:44:49 +00:00
return false;
}
return true;
}
2018-06-10 14:05:48 +00:00
bool
EncryptedFrame::DecryptInPlace(const byte_t* ourSecretKey,
llarp_crypto* crypto)
2018-06-10 14:05:48 +00:00
{
2018-06-19 17:11:24 +00:00
if(size() <= size_t(EncryptedFrame::OverheadSize))
2018-06-11 13:25:10 +00:00
{
2018-07-17 04:37:50 +00:00
llarp::LogWarn("encrypted frame too small, ", size(),
" <= ", size_t(EncryptedFrame::OverheadSize));
2018-06-11 13:25:10 +00:00
return false;
}
// format of frame is
// <32 bytes keyed hash of following data>
// <32 bytes nonce>
// <32 bytes pubkey>
// <N bytes encrypted payload>
//
2018-06-19 17:11:24 +00:00
byte_t* hash = data();
byte_t* nonce = hash + SHORTHASHSIZE;
byte_t* otherPubkey = nonce + TUNNONCESIZE;
byte_t* body = otherPubkey + PUBKEYSIZE;
2018-06-11 13:25:10 +00:00
// use dh_server becuase we are not the creator of this message
auto DH = crypto->dh_server;
auto Decrypt = crypto->xchacha20;
2018-06-11 13:44:49 +00:00
auto MDS = crypto->hmac;
2018-06-11 13:25:10 +00:00
llarp_buffer_t buf;
2018-06-11 13:44:49 +00:00
buf.base = nonce;
2018-06-11 13:25:10 +00:00
buf.cur = buf.base;
2018-06-19 17:11:24 +00:00
buf.sz = size() - SHORTHASHSIZE;
2018-06-11 13:25:10 +00:00
SharedSecret shared;
ShortHash digest;
2018-06-11 13:25:10 +00:00
2018-06-20 12:34:48 +00:00
if(!DH(shared, otherPubkey, ourSecretKey, nonce))
2018-06-11 13:25:10 +00:00
{
llarp::LogError("DH failed");
2018-06-11 13:25:10 +00:00
return false;
}
2018-06-11 13:44:49 +00:00
if(!MDS(digest, buf, shared))
2018-06-11 13:25:10 +00:00
{
llarp::LogError("Digest failed");
2018-06-11 13:25:10 +00:00
return false;
}
if(memcmp(digest, hash, digest.size()))
2018-06-11 13:25:10 +00:00
{
llarp::LogError("message authentication failed");
2018-06-11 13:25:10 +00:00
return false;
}
2018-06-11 13:44:49 +00:00
buf.base = body;
buf.cur = body;
2018-06-19 17:11:24 +00:00
buf.sz = size() - EncryptedFrame::OverheadSize;
2018-06-11 13:44:49 +00:00
2018-06-11 13:25:10 +00:00
if(!Decrypt(buf, shared, nonce))
{
llarp::LogError("decrypt failed");
2018-06-11 13:25:10 +00:00
return false;
}
return true;
2018-06-10 14:05:48 +00:00
}
2018-06-18 22:03:50 +00:00
} // namespace llarp