Git-Mirrors/Reticulum
1
0
Fork 0
mirror of https://github.com/markqvist/Reticulum.git synced 2025-06-04 13:08:58 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Handle AES-256 compatibility in Identity

Browse source
This commit is contained in:
Mark Qvist 2025-05-06 16:12:15 +02:00
parent 3cbcbec942
commit 437da99d63
2 changed files with 63 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

72
RNS/Identity.py
View file

@ -79,13 +79,16 @@ class Identity:
HASHLENGTH = 256 # In bits
SIGLENGTH = KEYSIZE # In bits
NAME_HASH_LENGTH = 80
TRUNCATED_HASHLENGTH = RNS.Reticulum.TRUNCATED_HASHLENGTH
NAME_HASH_LENGTH = 80
TRUNCATED_HASHLENGTH = RNS.Reticulum.TRUNCATED_HASHLENGTH
"""
Constant specifying the truncated hash length (in bits) used by Reticulum
for addressable hashes and other purposes. Non-configurable.
"""
DERIVED_KEY_LENGTH = 512//8
DERIVED_KEY_LENGTH_LEGACY = 256//8
# Storage
known_destinations = {}
known_ratchets = {}
@ -544,8 +547,6 @@ class Identity:
RNS.log("The contained exception was: "+str(e))
def __init__(self,create_keys=True):
self.derived_key_length = 64
# Initialize keys to none
self.prv = None
self.prv_bytes = None
@ -678,8 +679,20 @@ class Identity:
shared_key = ephemeral_key.exchange(target_public_key)
# TODO: Reset after migration
# derived_key = RNS.Cryptography.hkdf(
# length=Identity.DERIVED_KEY_LENGTH,
# derive_from=shared_key,
# salt=self.get_salt(),
# context=self.get_context(),
# )
# Use legacy derived key length (AES-128) during migration by
# default. This allows AES-256 capable instances on RNS 0.9.5
# to still communicate with older versions. This migration
# handling will be removed in RNS 0.9.6.
derived_key = RNS.Cryptography.hkdf(
length=self.derived_key_length,
length=Identity.DERIVED_KEY_LENGTH_LEGACY,
derive_from=shared_key,
salt=self.get_salt(),
context=self.get_context(),
@ -702,6 +715,37 @@ class Identity:
:returns: Plaintext as *bytes*, or *None* if decryption fails.
:raises: *KeyError* if the instance does not hold a private key.
"""
# This handles decryption during migration to AES-256 where
# older instances may still use AES-128. If decryption fails
# initially, AES-128 will be attempted as a fallback mode.
# This handler will be removed in RNS 0.9.6.
def migration_decrypt(shared_key, ciphertext):
try:
derived_key = RNS.Cryptography.hkdf(
length=Identity.DERIVED_KEY_LENGTH,
derive_from=shared_key,
salt=self.get_salt(),
context=self.get_context())
token = Token(derived_key)
plaintext = token.decrypt(ciphertext)
# TODO: Remove after migration
# If decryption fails, try legacy decryption mode
except Exception as e:
RNS.log("Decryption failed, attempting legacy mode fallback", RNS.LOG_DEBUG)
derived_key = RNS.Cryptography.hkdf(
length=Identity.DERIVED_KEY_LENGTH_LEGACY,
derive_from=shared_key,
salt=self.get_salt(),
context=self.get_context())
token = Token(derived_key)
plaintext = token.decrypt(ciphertext)
return plaintext
if self.prv != None:
if len(ciphertext_token) > Identity.KEYSIZE//8//2:
plaintext = None
@ -716,15 +760,8 @@ class Identity:
ratchet_prv = X25519PrivateKey.from_private_bytes(ratchet)
ratchet_id = Identity._get_ratchet_id(ratchet_prv.public_key().public_bytes())
shared_key = ratchet_prv.exchange(peer_pub)
derived_key = RNS.Cryptography.hkdf(
length=self.derived_key_length,
derive_from=shared_key,
salt=self.get_salt(),
context=self.get_context(),
)
plaintext = migration_decrypt(shared_key, ciphertext)
token = Token(derived_key)
plaintext = token.decrypt(ciphertext)
if ratchet_id_receiver:
ratchet_id_receiver.latest_ratchet_id = ratchet_id
@ -741,15 +778,8 @@ class Identity:
if plaintext == None:
shared_key = self.prv.exchange(peer_pub)
derived_key = RNS.Cryptography.hkdf(
length=self.derived_key_length,
derive_from=shared_key,
salt=self.get_salt(),
context=self.get_context(),
)
plaintext = migration_decrypt(shared_key, ciphertext)
token = Token(derived_key)
plaintext = token.decrypt(ciphertext)
if ratchet_id_receiver:
ratchet_id_receiver.latest_ratchet_id = None