RunesAuth
/
libFenrir
3
1
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects 1 Releases Wiki Activity

Connect decrypt to the handshake req 

Signed-off-by: Luca Fulchir <luca.fulchir@runesauth.com>
This commit is contained in:
Luca Fulchir 2023-02-17 23:30:19 +01:00
parent 1d5316c738
commit bb348f392e
Signed by: luca.fulchir
GPG Key ID: 8F6440603D13A78E
2 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/enc/sym.rs
View File

@ -98,7 +98,7 @@ impl Cipher {
} }
} }
} }
pub fn tag_len(&self) -> usize { fn tag_len(&self) -> usize {
match self { match self {
Cipher::XChaCha20Poly1305(_) => { Cipher::XChaCha20Poly1305(_) => {
// TODO: how the hell do I take this from ::chacha20poly1305? // TODO: how the hell do I take this from ::chacha20poly1305?
@ -106,23 +106,22 @@ impl Cipher {
} }
} }
} }
fn decrypt( fn decrypt(&self, aad: AAD, data: &mut [u8]) -> Result<(), ()> {
&self,
nonce: Nonce,
aad: AAD,
data: &mut [u8],
) -> Result<(), ()> {
match self { match self {
Cipher::XChaCha20Poly1305(cipher) => { Cipher::XChaCha20Poly1305(cipher) => {
use ::chacha20poly1305::{ use ::chacha20poly1305::{
aead::generic_array::GenericArray, AeadInPlace, aead::generic_array::GenericArray, AeadInPlace,
}; };
let (data_notag, tag_bytes) = data.split_at_mut( // FIXME: check min data length
data.len() + 1 - ::ring::aead::CHACHA20_POLY1305.tag_len(), let (nonce_bytes, data_and_tag) = data.split_at_mut(13);
let (data_notag, tag_bytes) = data_and_tag.split_at_mut(
data_and_tag.len() + 1
- ::ring::aead::CHACHA20_POLY1305.tag_len(),
); );
let nonce = GenericArray::from_slice(nonce_bytes);
let tag = GenericArray::from_slice(tag_bytes); let tag = GenericArray::from_slice(tag_bytes);
let maybe = cipher.cipher.decrypt_in_place_detached( let maybe = cipher.cipher.decrypt_in_place_detached(
nonce.as_bytes().into(), nonce.into(),
aad.0, aad.0,
data_notag, data_notag,
tag, tag,
@ -150,6 +149,11 @@ impl CipherRecv {
pub fn nonce_len(&self) -> usize { pub fn nonce_len(&self) -> usize {
self.0.nonce_len() self.0.nonce_len()
} }
/// Decrypt a paket. Nonce and Tag are taken from the packet,
/// while you need to provide AAD (Additional Authenticated Data)
pub fn decrypt(&self, aad: AAD, data: &mut [u8]) -> Result<(), ()> {
self.0.decrypt(aad, data)
}
} }
/// Send only cipher /// Send only cipher

9
src/lib.rs
View File

@ -61,7 +61,7 @@ impl FenrirInner {
use connection::handshake::{dirsync::DirSync, HandshakeData}; use connection::handshake::{dirsync::DirSync, HandshakeData};
match handshake.data { match handshake.data {
HandshakeData::DirSync(ds) => match ds { HandshakeData::DirSync(ds) => match ds {
DirSync::Req(req) => { DirSync::Req(mut req) => {
let ephemeral_key = { let ephemeral_key = {
// Keep this block short to avoid contention // Keep this block short to avoid contention
// on self.keys // on self.keys
@ -111,8 +111,11 @@ impl FenrirInner {
Err(e) => return Err(handshake::Error::Key(e).into()), Err(e) => return Err(handshake::Error::Key(e).into()),
}; };
let hkdf = HkdfSha3::new(b"fenrir", shared_key); let hkdf = HkdfSha3::new(b"fenrir", shared_key);
let secret_in = hkdf.get_secret(b"to_server"); let secret_recv = hkdf.get_secret(b"to_server");
let cipher_in = CipherRecv::new(req.cipher, secret_in); let cipher_recv = CipherRecv::new(req.cipher, secret_recv);
use crate::enc::sym::AAD;
let aad = AAD(&mut []); // no aad for now
let _ = cipher_recv.decrypt(aad, &mut req.enc);
todo!(); todo!();
} }