Correctly test for equality the DirSync::Req
Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>
This commit is contained in:
parent
a6fda8180d
commit
4df73b658a
|
@ -4,7 +4,7 @@ use crate::enc::Random;
|
||||||
use ::zeroize::Zeroize;
|
use ::zeroize::Zeroize;
|
||||||
|
|
||||||
/// User identifier. 16 bytes for easy uuid conversion
|
/// User identifier. 16 bytes for easy uuid conversion
|
||||||
#[derive(Debug, Copy, Clone)]
|
#[derive(Debug, Copy, Clone, PartialEq)]
|
||||||
pub struct UserID(pub [u8; 16]);
|
pub struct UserID(pub [u8; 16]);
|
||||||
|
|
||||||
impl From<[u8; 16]> for UserID {
|
impl From<[u8; 16]> for UserID {
|
||||||
|
@ -34,7 +34,7 @@ impl UserID {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/// Authentication Token, basically just 32 random bytes
|
/// Authentication Token, basically just 32 random bytes
|
||||||
#[derive(Clone, Zeroize)]
|
#[derive(Clone, Zeroize, PartialEq)]
|
||||||
#[zeroize(drop)]
|
#[zeroize(drop)]
|
||||||
pub struct Token(pub [u8; 32]);
|
pub struct Token(pub [u8; 32]);
|
||||||
|
|
||||||
|
|
|
@ -24,8 +24,8 @@ use ::arrayref::array_mut_ref;
|
||||||
|
|
||||||
// TODO: merge with crate::enc::sym::Nonce
|
// TODO: merge with crate::enc::sym::Nonce
|
||||||
/// random nonce
|
/// random nonce
|
||||||
#[derive(Debug, Clone, Copy)]
|
#[derive(Debug, Clone, Copy, PartialEq)]
|
||||||
pub struct Nonce([u8; 16]);
|
pub struct Nonce(pub(crate) [u8; 16]);
|
||||||
|
|
||||||
impl Nonce {
|
impl Nonce {
|
||||||
/// Create a new random Nonce
|
/// Create a new random Nonce
|
||||||
|
@ -51,7 +51,7 @@ impl From<&[u8; 16]> for Nonce {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Parsed handshake
|
/// Parsed handshake
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub enum DirSync {
|
pub enum DirSync {
|
||||||
/// Directory synchronized handshake: client request
|
/// Directory synchronized handshake: client request
|
||||||
Req(Req),
|
Req(Req),
|
||||||
|
@ -83,7 +83,7 @@ impl DirSync {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Client request of a directory synchronized handshake
|
/// Client request of a directory synchronized handshake
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub struct Req {
|
pub struct Req {
|
||||||
/// Id of the server key used for the key exchange
|
/// Id of the server key used for the key exchange
|
||||||
pub key_id: KeyID,
|
pub key_id: KeyID,
|
||||||
|
@ -107,6 +107,7 @@ impl Req {
|
||||||
/// NOTE: starts from the beginning of the fenrir packet
|
/// NOTE: starts from the beginning of the fenrir packet
|
||||||
pub fn encrypted_offset(&self) -> usize {
|
pub fn encrypted_offset(&self) -> usize {
|
||||||
ProtocolVersion::len()
|
ProtocolVersion::len()
|
||||||
|
+ crate::handshake::HandshakeID::len()
|
||||||
+ KeyID::len()
|
+ KeyID::len()
|
||||||
+ KeyExchangeKind::len()
|
+ KeyExchangeKind::len()
|
||||||
+ HkdfKind::len()
|
+ HkdfKind::len()
|
||||||
|
@ -195,7 +196,7 @@ impl super::HandshakeParsing for Req {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Quick way to avoid mixing cipher and clear text
|
/// Quick way to avoid mixing cipher and clear text
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub enum ReqInner {
|
pub enum ReqInner {
|
||||||
/// Data is still encrytped, we only keep the length
|
/// Data is still encrytped, we only keep the length
|
||||||
CipherText(usize),
|
CipherText(usize),
|
||||||
|
@ -211,16 +212,17 @@ impl ReqInner {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/// parse the cleartext
|
/// parse the cleartext
|
||||||
|
// FIXME: return Result<>
|
||||||
pub fn deserialize_as_cleartext(&mut self, raw: &[u8]) {
|
pub fn deserialize_as_cleartext(&mut self, raw: &[u8]) {
|
||||||
let clear = match self {
|
let clear = match self {
|
||||||
ReqInner::CipherText(len) => {
|
ReqInner::CipherText(len) => {
|
||||||
assert!(
|
assert!(
|
||||||
*len == raw.len(),
|
*len > raw.len(),
|
||||||
"DirSync::ReqInner::CipherText length mismatch"
|
"DirSync::ReqInner::CipherText length mismatch"
|
||||||
);
|
);
|
||||||
match ReqData::deserialize(raw) {
|
match ReqData::deserialize(raw) {
|
||||||
Ok(clear) => clear,
|
Ok(clear) => clear,
|
||||||
Err(_) => return,
|
Err(_e) => return,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
_ => return,
|
_ => return,
|
||||||
|
@ -230,7 +232,7 @@ impl ReqInner {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Informations needed for authentication
|
/// Informations needed for authentication
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub struct AuthInfo {
|
pub struct AuthInfo {
|
||||||
/// User of the domain
|
/// User of the domain
|
||||||
pub user: auth::UserID,
|
pub user: auth::UserID,
|
||||||
|
@ -308,7 +310,7 @@ impl AuthInfo {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Decrypted request data
|
/// Decrypted request data
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub struct ReqData {
|
pub struct ReqData {
|
||||||
/// Random nonce, the client can use this to track multiple key exchanges
|
/// Random nonce, the client can use this to track multiple key exchanges
|
||||||
pub nonce: Nonce,
|
pub nonce: Nonce,
|
||||||
|
@ -373,7 +375,7 @@ impl ReqData {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Quick way to avoid mixing cipher and clear text
|
/// Quick way to avoid mixing cipher and clear text
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub enum RespInner {
|
pub enum RespInner {
|
||||||
/// Server data, still in ciphertext
|
/// Server data, still in ciphertext
|
||||||
CipherText(usize),
|
CipherText(usize),
|
||||||
|
@ -412,7 +414,7 @@ impl RespInner {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Server response in a directory synchronized handshake
|
/// Server response in a directory synchronized handshake
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub struct Resp {
|
pub struct Resp {
|
||||||
/// Tells the client with which key the exchange was done
|
/// Tells the client with which key the exchange was done
|
||||||
pub client_key_id: KeyID,
|
pub client_key_id: KeyID,
|
||||||
|
@ -476,7 +478,7 @@ impl Resp {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Decrypted response data
|
/// Decrypted response data
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub struct RespData {
|
pub struct RespData {
|
||||||
/// Client nonce, copied from the request
|
/// Client nonce, copied from the request
|
||||||
pub client_nonce: Nonce,
|
pub client_nonce: Nonce,
|
||||||
|
|
|
@ -13,7 +13,6 @@ use crate::{
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
use ::num_traits::FromPrimitive;
|
use ::num_traits::FromPrimitive;
|
||||||
use ::std::{collections::VecDeque, rc::Rc};
|
|
||||||
|
|
||||||
/// Handshake errors
|
/// Handshake errors
|
||||||
#[derive(::thiserror::Error, Debug, Copy, Clone)]
|
#[derive(::thiserror::Error, Debug, Copy, Clone)]
|
||||||
|
@ -65,6 +64,12 @@ pub enum HandshakeID {
|
||||||
#[strum(serialize = "stateless")]
|
#[strum(serialize = "stateless")]
|
||||||
Stateless,
|
Stateless,
|
||||||
}
|
}
|
||||||
|
impl HandshakeID {
|
||||||
|
/// The length of the serialized field
|
||||||
|
pub const fn len() -> usize {
|
||||||
|
1
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pub(crate) struct HandshakeServer {
|
pub(crate) struct HandshakeServer {
|
||||||
pub id: KeyID,
|
pub id: KeyID,
|
||||||
|
@ -166,7 +171,7 @@ impl HandshakeClientList {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Parsed handshake
|
/// Parsed handshake
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub enum HandshakeData {
|
pub enum HandshakeData {
|
||||||
/// Directory synchronized handhsake
|
/// Directory synchronized handhsake
|
||||||
DirSync(dirsync::DirSync),
|
DirSync(dirsync::DirSync),
|
||||||
|
@ -220,7 +225,7 @@ impl HandshakeKind {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Parsed handshake
|
/// Parsed handshake
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone, PartialEq)]
|
||||||
pub struct Handshake {
|
pub struct Handshake {
|
||||||
/// Fenrir Protocol version
|
/// Fenrir Protocol version
|
||||||
pub fenrir_version: ProtocolVersion,
|
pub fenrir_version: ProtocolVersion,
|
||||||
|
|
|
@ -55,11 +55,25 @@ fn test_handshake_dirsync_req() {
|
||||||
&mut bytes,
|
&mut bytes,
|
||||||
);
|
);
|
||||||
|
|
||||||
let deserialized = match Handshake::deserialize(&bytes) {
|
let mut deserialized = match Handshake::deserialize(&bytes) {
|
||||||
Ok(deserialized) => deserialized,
|
Ok(deserialized) => deserialized,
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
assert!(false, "{}", e.to_string());
|
assert!(false, "{}", e.to_string());
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
if let HandshakeData::DirSync(dirsync::DirSync::Req(r_a)) =
|
||||||
|
&mut deserialized.data
|
||||||
|
{
|
||||||
|
let enc_start =
|
||||||
|
r_a.encrypted_offset() + cipher_send.kind().nonce_len().0;
|
||||||
|
r_a.data.deserialize_as_cleartext(
|
||||||
|
&bytes[enc_start..(bytes.len() - cipher_send.kind().tag_len().0)],
|
||||||
|
);
|
||||||
|
};
|
||||||
|
|
||||||
|
assert!(
|
||||||
|
deserialized == h_req,
|
||||||
|
"DirSync Req (de)serialization not working",
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,7 +30,7 @@ pub struct IDRecv(pub ID);
|
||||||
pub struct IDSend(pub ID);
|
pub struct IDSend(pub ID);
|
||||||
|
|
||||||
/// Version of the fenrir protocol in use
|
/// Version of the fenrir protocol in use
|
||||||
#[derive(::num_derive::FromPrimitive, Debug, Copy, Clone)]
|
#[derive(::num_derive::FromPrimitive, Debug, Copy, Clone, PartialEq)]
|
||||||
#[repr(u8)]
|
#[repr(u8)]
|
||||||
pub enum ProtocolVersion {
|
pub enum ProtocolVersion {
|
||||||
/// First Fenrir Protocol Version
|
/// First Fenrir Protocol Version
|
||||||
|
|
|
@ -80,7 +80,7 @@ impl ::rand_core::CryptoRng for &Random {}
|
||||||
|
|
||||||
/// Secret, used for keys.
|
/// Secret, used for keys.
|
||||||
/// Grants that on drop() we will zero out memory
|
/// Grants that on drop() we will zero out memory
|
||||||
#[derive(Zeroize, Clone)]
|
#[derive(Zeroize, Clone, PartialEq)]
|
||||||
#[zeroize(drop)]
|
#[zeroize(drop)]
|
||||||
pub struct Secret([u8; 32]);
|
pub struct Secret([u8; 32]);
|
||||||
// Fake debug implementation to avoid leaking secrets
|
// Fake debug implementation to avoid leaking secrets
|
||||||
|
|
Loading…
Reference in New Issue