[noise] fixup to transport to work correctly (actually set i_r on handshake messages)

2023-01-12 10:39:53 -05:00 · 2023-01-12 10:39:53 -05:00 · 70bff48a54
parent 45bcd98f08
commit 70bff48a54
4 changed files with 12 additions and 8 deletions
--- a/quicktap/src/noise/data.rs
+++ b/quicktap/src/noise/data.rs
@ -18,8 +18,8 @@ fn unpad_packet(p: &[u8]) -> Vec<u8> {
 /// This function will error if the encryption step is unsuccessful.
 pub fn encapsulate(state: &mut HandshakeState, packet: &Vec<u8>) -> Result<Vec<u8>, NoiseError> {
    let packet = pad_packet(packet);
-    let counter = state.n_send;
-    let packet_data = match qcrypto_aead(&state.t_send, state.n_send, &packet, &[]) {
+    let counter = state.n_send + 1;
+    let packet_data = match qcrypto_aead(&state.t_send, state.n_send + 1, &packet, &[]) {
        Ok(d) => d,
        Err(e) => return Err(NoiseError::ChaCha20Error(e))
    };
@ -32,6 +32,8 @@ pub fn encapsulate(state: &mut HandshakeState, packet: &Vec<u8>) -> Result<Vec<u
    res[8..16].copy_from_slice(&counter.to_le_bytes());
    res[16..16+packet_data.len()].copy_from_slice(&packet_data);

+    state.n_send += 1;
+
    Ok(res)
 }

--- a/quicktap/src/noise/handshake/mod.rs
+++ b/quicktap/src/noise/handshake/mod.rs
@ -114,8 +114,8 @@ impl<'a> HandshakeState<'a> {
            cookies: vec![],
            t_send: [0u8; 32],
            t_recv: [0u8; 32],
-            n_send: 0,
-            n_recv: 0,
+            n_send: 1,
+            n_recv: 1,
            we_are_initiator: false,
            bitfield: ShiftWindow::new()
        }
--- a/quicktap/src/noise/handshake/response.rs
+++ b/quicktap/src/noise/handshake/response.rs
@ -70,6 +70,9 @@ pub fn generate_handshake_response(session: &mut HandshakeState) -> Result<[u8;
        mac2: [0u8; 16]
    };

+    msg.receiver = session.i_i.to_le_bytes();
+    msg.sender = session.i_r.to_le_bytes();
+
    session.ck = qcrypto_hkdf::<1>(&session.ck, eph_keypair.1.as_bytes())[0];

    msg.ephemeral = eph_keypair.1.to_bytes();
@ -120,9 +123,6 @@ pub fn parse_handshake_response(session: &mut HandshakeState, packet: [u8; 92])

    h = qcrypto_hash_twice(&h, &t);

-    println!("here");
-    println!("{:?} {:?} {:?}", k, 0, h);
-
    let empty = match qcrypto_aead_decrypt(&k, 0, &msg.empty, &h) {
        Ok(s) => s,
        Err(e) => return Err(NoiseError::ChaCha20Error(e))
--- a/quicktap/src/noise/rfc6479/mod.rs
+++ b/quicktap/src/noise/rfc6479/mod.rs
@ -22,7 +22,9 @@ impl ShiftWindow {
    }

    /// Check if a given sequence value is okay given the current state of the shift window
-    pub const fn check_replay_window(&self, seq: u64) -> bool {
+    pub fn check_replay_window(&self, seq: u64) -> bool {
+        println!("sequence {} {}", seq, self.replaywin_lastseq);
+
        // first == 0 or wrapped
        if seq == 0 {
            return false;