From 17da733f97632a9153512d3dc32270e0c78508d2 Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Thu, 2 Oct 2014 11:08:59 -0700 Subject: [PATCH] Gotta support old encrypted flag, move cipher spec to middle 3 bits... due to some shortsighted design early-on. In the future this can die once there are no old peers. --- node/Packet.hpp | 38 ++++++++++++++------------------------ 1 file changed, 14 insertions(+), 24 deletions(-) diff --git a/node/Packet.hpp b/node/Packet.hpp index 1ec151f05..3012fcfc9 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -107,15 +107,6 @@ */ #define ZT_PROTO_CIPHER_SUITE__C25519_AES256_GCM 0x1 -/** - * Header flag indicating that a packet is encrypted with Salsa20 - * - * If this is not set, then the packet's payload is in the clear and the - * MAC is over this (since there is no ciphertext). Otherwise the MAC is - * of the ciphertext after encryption. - */ -#define ZT_PROTO_FLAG_ENCRYPTED 0x80 - /** * Header flag indicating that a packet is fragmented * @@ -320,7 +311,7 @@ namespace ZeroTier { * * Packets smaller than 28 bytes are invalid and silently discarded. * - * The flags/cipher/hops bit field is: CCCFFHHH where C is a 3-bit cipher + * The flags/cipher/hops bit field is: FFCCCHHH where C is a 3-bit cipher * selection allowing up to 8 cipher suites, F is flags (reserved, currently * all zero), and H is hop count. * @@ -1024,7 +1015,13 @@ public: /** * @return Cipher suite selector: 0 - 7 (see #defines) */ - inline unsigned int cipher() const { return (((unsigned int)(*this)[ZT_PACKET_IDX_FLAGS] & 0xe0) >> 5); } + inline unsigned int cipher() const + { + unsigned char b = (*this)[ZT_PACKET_IDX_FLAGS]; + //return (((unsigned int)(*this)[ZT_PACKET_IDX_FLAGS] & 0x38) >> 3); + // Use DEPRECATED 0x80 "encrypted" flag -- this will go away once there are no more <1.0.0 peers on the net + return ((b & 0x80) == 0) ? ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE : ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012; + } /** * Set this packet's cipher suite @@ -1035,18 +1032,13 @@ public: inline void setCipher(unsigned int c) { unsigned char &b = (*this)[ZT_PACKET_IDX_FLAGS]; - b &= 0x1f; - b |= (unsigned char)(c << 5); + b = (b & 0xc7) | (unsigned char)((c << 3) & 0x38); + // Set both the new cipher suite spec field and the old DEPRECATED "encrypted" flag as long as there's <1.0.0 peers online + if (c == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012) + b |= 0x80; + else b &= 0x7f; } - /** - * Set the cipher suite field to zero indicating unencrypted - * - * This normally should not be called directly. It's here for use by - * armoring and dearmoring functions. - */ - inline void clearCipher() { (*this)[ZT_PACKET_IDX_FLAGS] &= 0x1f; } - /** * Get this packet's unique ID (the IV field interpreted as uint64_t) * @@ -1137,10 +1129,8 @@ public: if (!Utils::secureEq(mac,field(ZT_PACKET_IDX_MAC,8),8)) return false; - if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012) { + if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012) s20.decrypt(payload,payload,payloadLen); - clearCipher(); - } return true; } else if (cs == ZT_PROTO_CIPHER_SUITE__C25519_AES256_GCM) {