diff options
| author |   Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-07-30 15:28:11 +0200 |
|---|---|---|
| committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2019-07-30 15:28:11 +0200 |
| commit | 1cfd5aea1aba4b01905414351df13e8f5d4dfb1c (patch) | |
| tree | 1ddc2d7a08a486676e9cf045f31a1fe0d5714bc5 /src/handshake/device.rs | |
| parent | Begin work on MAC field processing (diff) | |
| download | wireguard-rs-1cfd5aea1aba4b01905414351df13e8f5d4dfb1c.tar.xz wireguard-rs-1cfd5aea1aba4b01905414351df13e8f5d4dfb1c.zip | |
Move to nested handshake message structure
Having the nested structure:
Handshake Message:
Noise part (zerocopy message)
MAC footer part (zerocopy message)
Greatly simplifies processing the MAC fields,
since the MAC footer covers the noise part, which can
be accessed as bytes using AsBytes.
Diffstat (limited to 'src/handshake/device.rs')
| -rw-r--r-- | src/handshake/device.rs | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/src/handshake/device.rs b/src/handshake/device.rs index 04e00f9..b28613a 100644 --- a/src/handshake/device.rs +++ b/src/handshake/device.rs @@ -7,7 +7,8 @@ use rand::rngs::OsRng; use x25519_dalek::PublicKey; use x25519_dalek::StaticSecret; -use super::messages; +use super::messages::{CookieReply, Initiation, Response}; +use super::messages::{TYPE_COOKIEREPLY, TYPE_INITIATION, TYPE_RESPONSE}; use super::noise; use super::peer::Peer; use super::types::*; @@ -170,20 +171,40 @@ where /// * `msg` - Byte slice containing the message (untrusted input) pub fn process(&self, msg: &[u8]) -> Result<Output<T>, HandshakeError> { match msg.get(0) { - Some(&messages::TYPE_INITIATION) => { + Some(&TYPE_INITIATION) => { + let msg = Initiation::parse(msg)?; + + // check mac footer and ratelimiter + // consume the initiation - let (peer, st) = noise::consume_initiation(self, msg)?; + let (peer, st) = noise::consume_initiation(self, &msg.noise)?; // allocate new index for response let sender = self.allocate(peer); - // create response (release id on error) - noise::create_response(peer, sender, st).map_err(|e| { + // create response (release id on error), TODO: take slice + let mut resp = Response::default(); + noise::create_response(peer, sender, st, &mut resp.noise).map_err(|e| { self.release(sender); e }) } - Some(&messages::TYPE_RESPONSE) => noise::consume_response(self, msg), + Some(&TYPE_RESPONSE) => { + let msg = Response::parse(msg)?; + + // check mac footer and ratelimiter + + noise::consume_response(self, &msg.noise) + } + Some(&TYPE_COOKIEREPLY) => { + let msg = CookieReply::parse(msg)?; + + // validate cookie reply + + // update cookie generator for peer + + unimplemented!() + } _ => Err(HandshakeError::InvalidMessageFormat), } } @@ -235,9 +256,9 @@ where #[cfg(test)] mod tests { + use super::super::messages::*; use super::*; use hex; - use messages::*; #[test] fn handshake() { |