|
|
@ -19,9 +19,9 @@ |
|
|
|
|
|
|
|
#include "n2n.h" |
|
|
|
|
|
|
|
|
|
|
|
#define HASH_FIND_COMMUNITY(head, name, out) HASH_FIND_STR(head, name, out) |
|
|
|
|
|
|
|
/* ********************************************************************** */ |
|
|
|
|
|
|
|
uint32_t packet_header_decrypt (uint8_t packet[], uint16_t packet_len, |
|
|
|
char *community_name, he_context_t *ctx, |
|
|
@ -35,7 +35,6 @@ uint32_t packet_header_decrypt (uint8_t packet[], uint16_t packet_len, |
|
|
|
// to full 128 bit IV
|
|
|
|
memcpy(iv, packet, 12); |
|
|
|
|
|
|
|
|
|
|
|
// try community name as possible key and check for magic bytes
|
|
|
|
uint32_t magic = 0x6E326E00; // ="n2n_"
|
|
|
|
uint32_t test_magic; |
|
|
@ -43,9 +42,8 @@ uint32_t packet_header_decrypt (uint8_t packet[], uint16_t packet_len, |
|
|
|
// so, as a first step, decrypt 4 bytes only starting at byte 12
|
|
|
|
speck_he((uint8_t*)&test_magic, &packet[12], 4, iv, (speck_context_t*)ctx); |
|
|
|
test_magic = be32toh(test_magic); |
|
|
|
if( (((test_magic >> 8) << 8) == magic) // check the thre uppermost bytes
|
|
|
|
&& (((uint8_t)test_magic) <= packet_len) // lowest 8 bit of test_magic are header_len
|
|
|
|
) { |
|
|
|
if((((test_magic >> 8) << 8) == magic) /* check the thre uppermost bytes */ |
|
|
|
&& (((uint8_t)test_magic) <= packet_len)) { /* lowest 8 bit of test_magic are header_len */ |
|
|
|
// decrypt the complete header
|
|
|
|
speck_he(&packet[12], &packet[12], (uint8_t)(test_magic) - 12, iv, (speck_context_t*)ctx); |
|
|
|
|
|
|
@ -58,13 +56,15 @@ uint32_t packet_header_decrypt (uint8_t packet[], uint16_t packet_len, |
|
|
|
memcpy(&packet[0], &packet[16], 4); |
|
|
|
memcpy(&packet[4], community_name, N2N_COMMUNITY_SIZE); |
|
|
|
|
|
|
|
return (1); // successful
|
|
|
|
// successful
|
|
|
|
return 1; |
|
|
|
} else { |
|
|
|
return (0); // unsuccessful
|
|
|
|
|
|
|
|
// unsuccessful
|
|
|
|
return 0; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
/* ********************************************************************** */ |
|
|
|
|
|
|
|
int32_t packet_header_encrypt (uint8_t packet[], uint8_t header_len, he_context_t *ctx, |
|
|
|
he_context_t *ctx_iv, uint64_t stamp, uint16_t checksum) { |
|
|
@ -73,11 +73,11 @@ int32_t packet_header_encrypt (uint8_t packet[], uint8_t header_len, he_context_ |
|
|
|
uint16_t *iv16 = (uint16_t*)&iv; |
|
|
|
uint32_t *iv32 = (uint32_t*)&iv; |
|
|
|
uint64_t *iv64 = (uint64_t*)&iv; |
|
|
|
const uint32_t magic = 0x6E326E21; // = ASCII "n2n!"
|
|
|
|
const uint32_t magic = 0x6E326E21; /* == ASCII "n2n!" */ |
|
|
|
|
|
|
|
if(header_len < 20) { |
|
|
|
traceEvent(TRACE_DEBUG, "packet_header_encrypt dropped a packet too short to be valid."); |
|
|
|
return (-1); |
|
|
|
return -1; |
|
|
|
} |
|
|
|
|
|
|
|
memcpy(&packet[16], &packet[00], 4); |
|
|
@ -86,6 +86,7 @@ int32_t packet_header_encrypt (uint8_t packet[], uint8_t header_len, he_context_ |
|
|
|
iv16[4] = n2n_rand(); |
|
|
|
iv16[5] = htobe16(checksum); |
|
|
|
iv32[3] = htobe32(magic); |
|
|
|
|
|
|
|
// blend checksum into 96-bit IV
|
|
|
|
speck_he_iv_encrypt(iv, (speck_context_t*)ctx_iv); |
|
|
|
|
|
|
@ -93,10 +94,10 @@ int32_t packet_header_encrypt (uint8_t packet[], uint8_t header_len, he_context_ |
|
|
|
packet[15] = header_len; |
|
|
|
|
|
|
|
speck_he(&packet[12], &packet[12], header_len - 12, iv, (speck_context_t*)ctx); |
|
|
|
return (0); |
|
|
|
|
|
|
|
return 0; |
|
|
|
} |
|
|
|
|
|
|
|
/* ********************************************************************** */ |
|
|
|
|
|
|
|
void packet_header_setup_key (const char *community_name, he_context_t **ctx, |
|
|
|
he_context_t **ctx_iv) { |
|
|
|