mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-10-01 02:35:48 -04:00
added ft decryption routine
This commit is contained in:
parent
3ad0a81d8f
commit
9d32406669
@ -28,10 +28,13 @@
|
||||
#include <string>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
#include <iostream>
|
||||
#include <stdlib.h>
|
||||
|
||||
#pragma once
|
||||
|
||||
#define rotl(x,n) { x = (x << n) | (x >> (-n & 31)) ;}
|
||||
|
||||
namespace librs {
|
||||
@ -431,10 +434,16 @@ void poly1305_tag(uint8_t key[32],uint8_t *message,uint32_t size,uint8_t tag[16]
|
||||
tag[12] = (acc.b[3] >> 0) & 0xff ; tag[13] = (acc.b[3] >> 8) & 0xff ; tag[14] = (acc.b[3] >>16) & 0xff ; tag[15] = (acc.b[3] >>24) & 0xff ;
|
||||
}
|
||||
|
||||
void AEAD_chacha20_poly1305(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint32_t data_size,uint8_t *aad,uint32_t aad_size,uint8_t tag[16])
|
||||
bool AEAD_chacha20_poly1305(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint32_t data_size,uint8_t *aad,uint32_t aad_size,uint8_t tag[16])
|
||||
{
|
||||
#warning this part is not implemented yet.
|
||||
memset(tag,0xff,16) ;
|
||||
return false;
|
||||
}
|
||||
|
||||
bool constant_time_memory_compare(const uint8_t *m1,const uint8_t *m2,uint32_t size)
|
||||
{
|
||||
return !CRYPTO_memcmp(m1,m2,size) ;
|
||||
}
|
||||
|
||||
void perform_tests()
|
||||
@ -658,7 +667,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0xa8,0x06,0x1d,0xc1,0x30,0x51,0x36,0xc6,0xc2,0x2b,0x8b,0xaf,0x0c,0x01,0x27,0xa9 };
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
|
||||
std::cerr << " RFC7539 poly1305 test vector #001 OK" << std::endl;
|
||||
@ -676,7 +685,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
|
||||
std::cerr << " RFC7539 poly1305 test vector #002 OK" << std::endl;
|
||||
@ -695,7 +704,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x36,0xe5,0xf6,0xb5,0xc5,0xe0,0x60,0x70,0xf0,0xef,0xca,0x96,0x22,0x7a,0x86,0x3e };
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
|
||||
std::cerr << " RFC7539 poly1305 test vector #003 OK" << std::endl;
|
||||
@ -714,7 +723,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0xf3,0x47,0x7e,0x7c,0xd9,0x54,0x17,0xaf,0x89,0xa6,0xb8,0x79,0x4c,0x31,0x0c,0xf0 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
|
||||
std::cerr << " RFC7539 poly1305 test vector #004 OK" << std::endl;
|
||||
@ -731,7 +740,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x45,0x41,0x66,0x9a,0x7e,0xaa,0xee,0x61,0xe7,0x08,0xdc,0x7c,0xbc,0xc5,0xeb,0x62 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
|
||||
std::cerr << " RFC7539 poly1305 test vector #005 OK" << std::endl;
|
||||
@ -749,7 +758,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
|
||||
std::cerr << " RFC7539 poly1305 test vector #006 OK" << std::endl;
|
||||
@ -767,7 +776,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
std::cerr << " RFC7539 poly1305 test vector #007 OK" << std::endl;
|
||||
|
||||
@ -786,7 +795,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
std::cerr << " RFC7539 poly1305 test vector #008 OK" << std::endl;
|
||||
|
||||
@ -805,7 +814,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
std::cerr << " RFC7539 poly1305 test vector #009 OK" << std::endl;
|
||||
|
||||
@ -822,7 +831,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0xfa,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
std::cerr << " RFC7539 poly1305 test vector #010 OK" << std::endl;
|
||||
|
||||
@ -843,7 +852,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x55,0x00,0x00,0x00,0x00,0x00,0x00,0x00 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
std::cerr << " RFC7539 poly1305 test vector #011 OK" << std::endl;
|
||||
|
||||
@ -863,7 +872,7 @@ void perform_tests()
|
||||
|
||||
uint8_t test_tag[16] = { 0x13,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 } ;
|
||||
|
||||
assert(!memcmp(tag,test_tag,16)) ;
|
||||
assert(constant_time_memory_compare(tag,test_tag,16)) ;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -37,7 +37,7 @@ namespace librs
|
||||
* \param data data that gets encrypted/decrypted in place
|
||||
* \param size size of the data.
|
||||
*/
|
||||
static void chacha20_encrypt(uint8_t key[32], uint32_t block_counter, uint8_t nonce[12], uint8_t *data, uint32_t size) ;
|
||||
void chacha20_encrypt(uint8_t key[32], uint32_t block_counter, uint8_t nonce[12], uint8_t *data, uint32_t size) ;
|
||||
|
||||
/*!
|
||||
* \brief poly1305_tag
|
||||
@ -48,7 +48,7 @@ namespace librs
|
||||
* \param tag place where the tag is stored.
|
||||
*/
|
||||
|
||||
static void poly1305_tag(uint8_t key[32],uint8_t *message,uint32_t size,uint8_t tag[16]);
|
||||
void poly1305_tag(uint8_t key[32],uint8_t *message,uint32_t size,uint8_t tag[16]);
|
||||
|
||||
/*!
|
||||
* \brief AEAD_chacha20_poly1305
|
||||
@ -62,24 +62,26 @@ namespace librs
|
||||
* \param size size of the data
|
||||
* \param tag generated poly1305 tag.
|
||||
*/
|
||||
static void AEAD_chacha20_poly1305(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint32_t data_size,uint8_t *aad,uint32_t aad_size,uint8_t tag[16]) ;
|
||||
bool AEAD_chacha20_poly1305(uint8_t key[32], uint8_t nonce[12],uint8_t *data,uint32_t data_size,uint8_t *aad,uint32_t aad_size,uint8_t tag[16]) ;
|
||||
|
||||
/*!
|
||||
* \brief constant_time_memcmp
|
||||
* Provides a constant time comparison of two memory chunks. The implementation comes from the FreeBSD implementation.
|
||||
* Provides a constant time comparison of two memory chunks. Calls CRYPTO_memcmp.
|
||||
*
|
||||
* \param m1 memory block 1
|
||||
* \param m2 memory block 2
|
||||
* \param size common size of m1 and m2
|
||||
* \return
|
||||
* false if the two chunks are different
|
||||
* true if the two chunks are different
|
||||
*/
|
||||
static bool constant_time_memcmp(const uint8_t *m1,const uint8_t *m2,uint32_t size) ;
|
||||
bool constant_time_memory_compare(const uint8_t *m1,const uint8_t *m2,uint32_t size) ;
|
||||
|
||||
/*!
|
||||
* \brief perform_tests
|
||||
* Tests all methods in this class, using the tests supplied in RFC7539
|
||||
*/
|
||||
|
||||
static void perform_tests() ;
|
||||
void perform_tests() ;
|
||||
}
|
||||
}
|
||||
|
@ -1014,13 +1014,13 @@ void ftServer::deriveEncryptionKey(const RsFileHash& hash, uint8_t *key)
|
||||
SHA256_Final (key, &sha_ctx);
|
||||
}
|
||||
|
||||
static const uint32_t ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE = 12 ;
|
||||
static const uint32_t ENCRYPTED_FT_AUTHENTICATION_TAG_SIZE = 16 ;
|
||||
static const uint32_t ENCRYPTED_FT_HEADER_SIZE = 4 ;
|
||||
static const uint32_t ENCRYPTED_FT_EDATA_SIZE = 4 ;
|
||||
|
||||
bool ftServer::encryptItem(RsTurtleGenericTunnelItem *clear_item,const RsFileHash& hash,RsTurtleGenericDataItem *& encrypted_item)
|
||||
{
|
||||
static const uint32_t ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE = 12 ;
|
||||
static const uint32_t ENCRYPTED_FT_AUTHENTICATION_TAG_SIZE = 16 ;
|
||||
static const uint32_t ENCRYPTED_FT_HEADER_SIZE = 4 ;
|
||||
static const uint32_t ENCRYPTED_FT_EDATA_SIZE = 4 ;
|
||||
|
||||
uint8_t initialization_vector[ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE] ;
|
||||
|
||||
RSRandom::random_bytes(initialization_vector,ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE) ;
|
||||
@ -1088,9 +1088,59 @@ bool ftServer::encryptItem(RsTurtleGenericTunnelItem *clear_item,const RsFileHas
|
||||
|
||||
// Decrypts the given item using aead-chacha20-poly1305
|
||||
|
||||
bool ftServer::decryptItem(RsTurtleGenericTunnelItem *encrypted_item,const RsFileHash& hash,RsTurtleGenericDataItem *& decrypted_item)
|
||||
bool ftServer::decryptItem(RsTurtleGenericDataItem *encrypted_item,const RsFileHash& hash,RsTurtleGenericTunnelItem *& decrypted_item)
|
||||
{
|
||||
decrypted_item = NULL ;
|
||||
uint8_t encryption_key[32] ;
|
||||
deriveEncryptionKey(hash,encryption_key) ;
|
||||
|
||||
uint8_t *edata = (uint8_t*)encrypted_item->data_bytes ;
|
||||
uint32_t offset = 0;
|
||||
|
||||
if(encrypted_item->data_size < ENCRYPTED_FT_HEADER_SIZE + ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE + ENCRYPTED_FT_EDATA_SIZE) return false ;
|
||||
|
||||
if(edata[0] != 0xae) return false ;
|
||||
if(edata[1] != 0xad) return false ;
|
||||
if(edata[2] != 0x00) return false ;
|
||||
if(edata[3] != 0x01) return false ;
|
||||
|
||||
offset += ENCRYPTED_FT_HEADER_SIZE ;
|
||||
uint32_t aad_offset = offset ;
|
||||
uint32_t aad_size = ENCRYPTED_FT_EDATA_SIZE + ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE ;
|
||||
|
||||
uint8_t *initialization_vector = &edata[offset] ;
|
||||
|
||||
std::cerr << "ftServer::decrypting ft item." << std::endl;
|
||||
std::cerr << " item data : " << RsUtil::BinToHex(edata,std::min(50u,encrypted_item->data_size)) << "(...)" << std::endl;
|
||||
std::cerr << " hash : " << hash << std::endl;
|
||||
std::cerr << " encryption key : " << RsUtil::BinToHex(encryption_key,32) << std::endl;
|
||||
std::cerr << " random nonce : " << RsUtil::BinToHex(initialization_vector,ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE) << std::endl;
|
||||
|
||||
offset += ENCRYPTED_FT_INITIALIZATION_VECTOR_SIZE ;
|
||||
|
||||
uint32_t edata_size = 0 ;
|
||||
edata_size += ((uint32_t)edata[offset+0]) << 0 ;
|
||||
edata_size += ((uint32_t)edata[offset+1]) << 8 ;
|
||||
edata_size += ((uint32_t)edata[offset+2]) << 16 ;
|
||||
edata_size += ((uint32_t)edata[offset+3]) << 24 ;
|
||||
|
||||
offset += ENCRYPTED_FT_EDATA_SIZE ;
|
||||
uint32_t clear_item_offset = offset ;
|
||||
|
||||
uint32_t authentication_tag_offset = offset + edata_size ;
|
||||
std::cerr << " authen. tag : " << RsUtil::BinToHex(&edata[authentication_tag_offset],ENCRYPTED_FT_AUTHENTICATION_TAG_SIZE) << std::endl;
|
||||
|
||||
if(!librs::crypto::AEAD_chacha20_poly1305(encryption_key,initialization_vector,&edata[clear_item_offset],edata_size, &edata[aad_offset],aad_size, &edata[authentication_tag_offset]))
|
||||
return false;
|
||||
|
||||
std::cerr << " authen. result : ok" << std::endl;
|
||||
std::cerr << " decrypted daya : ok" << RsUtil::BinToHex(&edata[clear_item_offset],std::min(50u,edata_size)) << "(...)" << std::endl;
|
||||
|
||||
decrypted_item = deserialiseItem(&edata[clear_item_offset],edata_size) ;
|
||||
|
||||
if(decrypted_item == NULL)
|
||||
return false ;
|
||||
|
||||
return true ;
|
||||
}
|
||||
|
||||
// Dont delete the item. The client (p3turtle) is doing it after calling this.
|
||||
|
@ -225,8 +225,9 @@ public:
|
||||
virtual bool sendSingleChunkCRC(const RsPeerId& peer_id,const RsFileHash& hash,uint32_t chunk_number,const Sha1CheckSum& crc) ;
|
||||
|
||||
static void deriveEncryptionKey(const RsFileHash& hash, uint8_t *key);
|
||||
static bool encryptItem(RsTurtleGenericTunnelItem *clear_item,const RsFileHash& hash,RsTurtleGenericDataItem *& encrypted_item);
|
||||
static bool decryptItem(RsTurtleGenericTunnelItem *encrypted_item,const RsFileHash& hash,RsTurtleGenericDataItem *& decrypted_item);
|
||||
|
||||
bool encryptItem(RsTurtleGenericTunnelItem *clear_item,const RsFileHash& hash,RsTurtleGenericDataItem *& encrypted_item);
|
||||
bool decryptItem(RsTurtleGenericDataItem *encrypted_item, const RsFileHash& hash, RsTurtleGenericTunnelItem *&decrypted_item);
|
||||
|
||||
/*************** Internal Transfer Fns *************************/
|
||||
virtual int tick();
|
||||
|
Loading…
Reference in New Issue
Block a user