diff options
Diffstat (limited to 'src/handshake')
-rw-r--r-- | src/handshake/macs.rs | 35 | ||||
-rw-r--r-- | src/handshake/noise.rs | 2 |
2 files changed, 17 insertions, 20 deletions
diff --git a/src/handshake/macs.rs b/src/handshake/macs.rs index 65fd7fa..f465099 100644 --- a/src/handshake/macs.rs +++ b/src/handshake/macs.rs @@ -1,5 +1,5 @@ use rand::{CryptoRng, RngCore}; -use spin::Mutex; +use spin::RwLock; use std::time::{Duration, Instant}; use blake2::Blake2s; @@ -8,7 +8,6 @@ use subtle::ConstantTimeEq; use x25519_dalek::PublicKey; use std::net::SocketAddr; -use zerocopy::AsBytes; use super::messages::{CookieReply, MacsFooter}; use super::types::HandshakeError; @@ -192,9 +191,9 @@ struct Secret { } pub struct Validator { - mac1_key: [u8; 32], + mac1_key: [u8; 32], // mac1 key, derieved from device public key cookie_key: [u8; 32], // xchacha20poly key for sealing cookie response - secret: Mutex<Secret>, + secret: RwLock<Secret>, } impl Validator { @@ -202,7 +201,7 @@ impl Validator { Validator { mac1_key: HASH!(LABEL_MAC1, pk.as_bytes()).into(), cookie_key: HASH!(LABEL_COOKIE, pk.as_bytes()).into(), - secret: Mutex::new(Secret { + secret: RwLock::new(Secret { value: [0u8; SIZE_SECRET], birth: Instant::now() - Duration::from_secs(2 * SECS_COOKIE_UPDATE), }), @@ -210,7 +209,7 @@ impl Validator { } fn get_tau(&self, src: &[u8]) -> Option<[u8; SIZE_COOKIE]> { - let secret = self.secret.lock(); + let secret = self.secret.read(); if secret.birth.elapsed() < Duration::from_secs(SECS_COOKIE_UPDATE) { Some(MAC!(&secret.value, src)) } else { @@ -218,33 +217,33 @@ impl Validator { } } - fn get_set_tau<T>(&self, rng: &mut T, src: &[u8]) -> [u8; SIZE_COOKIE] - where - T: RngCore + CryptoRng, - { - let mut secret = self.secret.lock(); - + fn get_set_tau<R: RngCore + CryptoRng>(&self, rng: &mut R, src: &[u8]) -> [u8; SIZE_COOKIE] { // check if current value is still valid + let secret = self.secret.read(); + if secret.birth.elapsed() < Duration::from_secs(SECS_COOKIE_UPDATE) { + return MAC!(&secret.value, src); + }; + + // take write lock, check again + let mut secret = self.secret.write(); if secret.birth.elapsed() < Duration::from_secs(SECS_COOKIE_UPDATE) { return MAC!(&secret.value, src); }; - // generate new value + // set new random cookie secret rng.fill_bytes(&mut secret.value); secret.birth = Instant::now(); MAC!(&secret.value, src) } - pub fn create_cookie_reply<T>( + pub fn create_cookie_reply<R: RngCore + CryptoRng>( &self, - rng: &mut T, + rng: &mut R, receiver: u32, // receiver id of incoming message src: &SocketAddr, // source address of incoming message macs: &MacsFooter, // footer of incoming message msg: &mut CookieReply, // resulting cookie reply - ) where - T: RngCore + CryptoRng, - { + ) { let src = addr_to_mac_bytes(src); msg.f_receiver.set(receiver); rng.fill_bytes(&mut msg.f_nonce); diff --git a/src/handshake/noise.rs b/src/handshake/noise.rs index a93d544..d66304c 100644 --- a/src/handshake/noise.rs +++ b/src/handshake/noise.rs @@ -9,7 +9,6 @@ use hmac::Hmac; // AEAD (from libsodium) use sodiumoxide::crypto::aead::chacha20poly1305; -use rand::rngs::OsRng; use rand::{CryptoRng, RngCore}; use generic_array::typenum::*; @@ -323,7 +322,6 @@ pub fn create_response<T: Copy, R: RngCore + CryptoRng>( state: TemporaryState, // state from "consume_initiation" msg: &mut NoiseResponse, // resulting response ) -> Result<KeyPair, HandshakeError> { - // unpack state let (receiver, eph_r_pk, hs, ck) = state; |