ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-31 00:23:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Also must mask off counter bits in IV in cryptField.

Browse Source
This commit is contained in:
Adam Ierymenko 2017-03-10 17:44:25 -08:00
parent 0c00b83702
commit aad6f79efa
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
node/Packet.cpp
View File

@ -2025,9 +2025,11 @@ bool Packet::dearmor(const void *key)
void Packet::cryptField(const void *key,unsigned int start,unsigned int len) void Packet::cryptField(const void *key,unsigned int start,unsigned int len)
{ {
unsigned char discard[32]; const uint8_t *const data = reinterpret_cast<const uint8_t *>(data());
Salsa20 s20(key,256,field(ZT_PACKET_IDX_IV,8)); uint8_t iv[8];
s20.crypt12(ZERO_KEY,discard,sizeof(discard)); // discard the first 32 bytes of key stream (the ones use for MAC in armor()) as a precaution for(int i=0;i<8;++i) iv[i] = data[i];
iv[7] &= 0xf8; // mask off least significant 3 bits of packet ID / IV since this is unset when this function gets called
Salsa20 s20(key,256,data);
unsigned char *const ptr = field(start,len); unsigned char *const ptr = field(start,len);
s20.crypt12(ptr,ptr,len); s20.crypt12(ptr,ptr,len);
} }