diff options
author | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2020-05-22 18:01:15 +0200 |
---|---|---|
committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2020-05-22 18:01:15 +0200 |
commit | 16ede0f37da6050d3037cd85eb1055f239cef7b8 (patch) | |
tree | ec6172fdd1c2c3d97bedcbcc93bce5cd34049b9b /src/wireguard/handshake | |
parent | Elimited Daemonize dependency (diff) | |
download | wireguard-rs-16ede0f37da6050d3037cd85eb1055f239cef7b8.tar.xz wireguard-rs-16ede0f37da6050d3037cd85eb1055f239cef7b8.zip |
Enable wireguard-rs to build on stable.
WireGuard Rust targets the latest nightly compiler,
primarily for security and speed reasons.
The recommended way to build WireGuard Rust is still with latest nightly.
Diffstat (limited to 'src/wireguard/handshake')
-rw-r--r-- | src/wireguard/handshake/noise.rs | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/src/wireguard/handshake/noise.rs b/src/wireguard/handshake/noise.rs index beb99c2..4141cb9 100644 --- a/src/wireguard/handshake/noise.rs +++ b/src/wireguard/handshake/noise.rs @@ -1,7 +1,7 @@ use std::time::Instant; // DH -use x25519_dalek::{PublicKey, StaticSecret, SharedSecret}; +use x25519_dalek::{PublicKey, SharedSecret, StaticSecret}; // HASH & MAC use blake2::Blake2s; @@ -215,7 +215,7 @@ mod tests { } // Computes an X25519 shared secret. -// +// // This function wraps dalek to add a zero-check. // This is not recommended by the Noise specification, // but implemented in the kernel with which we strive for absolute equivalent behavior. @@ -290,7 +290,6 @@ pub(super) fn create_initiation<R: RngCore + CryptoRng, O>( // (C, k) := Kdf2(C, DH(S_priv, S_pub)) - let (ck, key) = KDF2!(&ck, &peer.ss); // msg.timestamp := Aead(k, 0, Timestamp(), H) @@ -360,7 +359,7 @@ pub(super) fn consume_initiation<'a, O>( let peer = device.lookup_pk(&PublicKey::from(pk))?; // check for zero shared-secret (see "shared_secret" note). - + if peer.ss.ct_eq(&[0u8; 32]).into() { return Err(HandshakeError::InvalidSharedSecret); } |