mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-24 23:26:41 +00:00
Specify start of extended encryption.
This commit is contained in:
parent
a44fd40889
commit
6faee38395
@ -1005,9 +1005,13 @@ static inline int LZ4_decompress_safe(const char* source, char* dest, int compre
|
||||
|
||||
const unsigned char Packet::ZERO_KEY[32] = { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
|
||||
|
||||
void Packet::armor(const void *key,bool encryptPayload,const AES aesKeys[2])
|
||||
void Packet::armor(const void *key,bool encryptPayload,bool extendedArmor,const AES aesKeys[2],const Identity &identity)
|
||||
{
|
||||
uint8_t *const data = reinterpret_cast<uint8_t *>(unsafeData());
|
||||
|
||||
if (extendedArmor) {
|
||||
}
|
||||
|
||||
if ((aesKeys) && (encryptPayload)) {
|
||||
setCipher(ZT_PROTO_CIPHER_SUITE__AES_GMAC_SIV);
|
||||
|
||||
@ -1066,7 +1070,7 @@ void Packet::armor(const void *key,bool encryptPayload,const AES aesKeys[2])
|
||||
}
|
||||
}
|
||||
|
||||
bool Packet::dearmor(const void *key,const AES aesKeys[2])
|
||||
bool Packet::dearmor(const void *key,const AES aesKeys[2],const Identity &identity)
|
||||
{
|
||||
uint8_t *const data = reinterpret_cast<uint8_t *>(unsafeData());
|
||||
const unsigned int payloadLen = size() - ZT_PACKET_IDX_VERB;
|
||||
|
@ -29,6 +29,7 @@
|
||||
#include "AES.hpp"
|
||||
#include "Utils.hpp"
|
||||
#include "Buffer.hpp"
|
||||
#include "Identity.hpp"
|
||||
|
||||
/**
|
||||
* Protocol version -- incremented only for major changes
|
||||
@ -180,6 +181,11 @@
|
||||
#define ZT_PACKET_IDX_VERB 27
|
||||
#define ZT_PACKET_IDX_PAYLOAD 28
|
||||
|
||||
/**
|
||||
* Index where extended armor encryption starts (right after flags, before MAC)
|
||||
*/
|
||||
#define ZT_PACKET_IDX_EXTENDED_ARMOR_START ZT_PACKET_IDX_MAC
|
||||
|
||||
/**
|
||||
* Packet buffer size (can be changed)
|
||||
*/
|
||||
@ -1283,7 +1289,7 @@ public:
|
||||
* @param encryptPayload If true, encrypt packet payload, else just MAC
|
||||
* @param aesKeys If non-NULL these are the two keys for AES-GMAC-SIV
|
||||
*/
|
||||
void armor(const void *key,bool encryptPayload,const AES aesKeys[2]);
|
||||
void armor(const void *key,bool encryptPayload,bool extendedArmor,const AES aesKeys[2],const Identity &identity);
|
||||
|
||||
/**
|
||||
* Verify and (if encrypted) decrypt packet
|
||||
@ -1296,7 +1302,7 @@ public:
|
||||
* @param aesKeys If non-NULL these are the two keys for AES-GMAC-SIV
|
||||
* @return False if packet is invalid or failed MAC authenticity check
|
||||
*/
|
||||
bool dearmor(const void *key,const AES aesKeys[2]);
|
||||
bool dearmor(const void *key,const AES aesKeys[2],const Identity &identity);
|
||||
|
||||
/**
|
||||
* Encrypt/decrypt a separately armored portion of a packet
|
||||
|
Loading…
Reference in New Issue
Block a user