summaryrefslogtreecommitdiff
path: root/node/Packet.cpp
diff options
context:
space:
mode:
authorAdam Ierymenko <adam.ierymenko@gmail.com>2017-03-10 17:34:41 -0800
committerAdam Ierymenko <adam.ierymenko@gmail.com>2017-03-10 17:34:41 -0800
commit0c00b8370207c51fbc9c9901cfa0daccc9707295 (patch)
tree63f0a27add95295a7e682fb82831ea4a311cd399 /node/Packet.cpp
parent7320e26730dde2463ba3f44596483945522b9c1b (diff)
downloadinfinitytier-0c00b8370207c51fbc9c9901cfa0daccc9707295.tar.gz
infinitytier-0c00b8370207c51fbc9c9901cfa0daccc9707295.zip
cryptField() used to obscure extended fields in HELLO cannot use mangleKey()
Diffstat (limited to 'node/Packet.cpp')
-rw-r--r--node/Packet.cpp11
1 files changed, 3 insertions, 8 deletions
diff --git a/node/Packet.cpp b/node/Packet.cpp
index 82a5d7ea..80ea2de7 100644
--- a/node/Packet.cpp
+++ b/node/Packet.cpp
@@ -2025,14 +2025,9 @@ bool Packet::dearmor(const void *key)
void Packet::cryptField(const void *key,unsigned int start,unsigned int len)
{
- unsigned char mangledKey[32];
- unsigned char macKey[32];
- _salsa20MangleKey((const unsigned char *)key,mangledKey);
- mangledKey[0] ^= 0x7f;
- mangledKey[1] ^= ((start >> 8) & 0xff);
- mangledKey[2] ^= (start & 0xff); // slightly alter key for this use case as an added guard against key stream reuse
- Salsa20 s20(mangledKey,256,field(ZT_PACKET_IDX_IV,8));
- s20.crypt12(ZERO_KEY,macKey,sizeof(macKey)); // discard the first 32 bytes of key stream (the ones use for MAC in armor()) as a precaution
+ unsigned char discard[32];
+ Salsa20 s20(key,256,field(ZT_PACKET_IDX_IV,8));
+ s20.crypt12(ZERO_KEY,discard,sizeof(discard)); // discard the first 32 bytes of key stream (the ones use for MAC in armor()) as a precaution
unsigned char *const ptr = field(start,len);
s20.crypt12(ptr,ptr,len);
}
generated by cgit v1.2.3 (git 2.39.1) at 2026-01-27 10:16:43 +0000