lokinet/llarp/crypto/encrypted_frame.cpp

120 lines
2.9 KiB
C++
Raw Normal View History

#include <crypto/encrypted_frame.hpp>
2019-01-13 14:00:50 +00:00
#include <crypto/crypto.hpp>
#include <util/logger.hpp>
#include <util/mem.hpp>
2018-06-10 14:05:48 +00:00
namespace llarp
{
2018-06-11 13:44:49 +00:00
bool
EncryptedFrame::EncryptInPlace(const SecretKey& ourSecretKey,
const PubKey& otherPubkey,
llarp::Crypto* crypto)
2018-06-11 13:44:49 +00:00
{
// format of frame is
// <32 bytes keyed hash of following data>
// <32 bytes nonce>
// <32 bytes pubkey>
// <N bytes encrypted payload>
//
byte_t* hash = data();
byte_t* noncePtr = hash + SHORTHASHSIZE;
byte_t* pubkey = noncePtr + TUNNONCESIZE;
byte_t* body = pubkey + PUBKEYSIZE;
2018-06-11 13:44:49 +00:00
SharedSecret shared;
2018-06-11 13:44:49 +00:00
llarp_buffer_t buf;
buf.base = body;
buf.cur = buf.base;
2018-12-20 16:49:05 +00:00
buf.sz = size() - EncryptedFrameOverheadSize;
2018-06-11 13:44:49 +00:00
// set our pubkey
memcpy(pubkey, ourSecretKey.toPublic().data(), PUBKEYSIZE);
2018-06-11 13:44:49 +00:00
// randomize nonce
crypto->randbytes(noncePtr, TUNNONCESIZE);
TunnelNonce nonce(noncePtr);
2018-06-11 13:44:49 +00:00
// derive shared key
if(!crypto->dh_client(shared, otherPubkey, ourSecretKey, nonce))
2018-06-11 13:44:49 +00:00
{
llarp::LogError("DH failed");
2018-06-11 13:44:49 +00:00
return false;
}
2018-06-20 12:34:48 +00:00
2018-06-11 13:44:49 +00:00
// encrypt body
if(!crypto->xchacha20(buf, shared, nonce))
2018-06-11 13:44:49 +00:00
{
llarp::LogError("encrypt failed");
2018-06-11 13:44:49 +00:00
return false;
}
// generate message auth
buf.base = noncePtr;
2018-06-11 13:44:49 +00:00
buf.cur = buf.base;
2018-06-19 17:11:24 +00:00
buf.sz = size() - SHORTHASHSIZE;
2018-06-11 13:44:49 +00:00
if(!crypto->hmac(hash, buf, shared))
2018-06-11 13:44:49 +00:00
{
llarp::LogError("Failed to generate message auth");
2018-06-11 13:44:49 +00:00
return false;
}
return true;
}
2018-06-10 14:05:48 +00:00
bool
EncryptedFrame::DecryptInPlace(const SecretKey& ourSecretKey,
llarp::Crypto* crypto)
2018-06-10 14:05:48 +00:00
{
2018-06-11 13:25:10 +00:00
// format of frame is
// <32 bytes keyed hash of following data>
// <32 bytes nonce>
// <32 bytes pubkey>
// <N bytes encrypted payload>
//
ShortHash hash(data());
byte_t* noncePtr = data() + SHORTHASHSIZE;
byte_t* body = data() + EncryptedFrameOverheadSize;
TunnelNonce nonce(noncePtr);
PubKey otherPubkey(noncePtr + TUNNONCESIZE);
2018-06-11 13:25:10 +00:00
SharedSecret shared;
2018-06-11 13:25:10 +00:00
// use dh_server because we are not the creator of this message
if(!crypto->dh_server(shared, otherPubkey, ourSecretKey, nonce))
2018-06-11 13:25:10 +00:00
{
llarp::LogError("DH failed");
2018-06-11 13:25:10 +00:00
return false;
}
llarp_buffer_t buf;
buf.base = noncePtr;
buf.cur = buf.base;
buf.sz = size() - SHORTHASHSIZE;
ShortHash digest;
if(!crypto->hmac(digest.data(), buf, shared))
2018-06-11 13:25:10 +00:00
{
llarp::LogError("Digest failed");
2018-06-11 13:25:10 +00:00
return false;
}
if(!std::equal(digest.begin(), digest.end(), hash.begin()))
2018-06-11 13:25:10 +00:00
{
llarp::LogError("message authentication failed");
2018-06-11 13:25:10 +00:00
return false;
}
2018-06-11 13:44:49 +00:00
buf.base = body;
buf.cur = body;
2018-12-20 16:49:05 +00:00
buf.sz = size() - EncryptedFrameOverheadSize;
2018-06-11 13:44:49 +00:00
if(!crypto->xchacha20(buf, shared, nonce))
2018-06-11 13:25:10 +00:00
{
llarp::LogError("decrypt failed");
2018-06-11 13:25:10 +00:00
return false;
}
return true;
2018-06-10 14:05:48 +00:00
}
2018-06-18 22:03:50 +00:00
} // namespace llarp