From 179cf4adb4c20f4e2eacbc91af880a9279454eb2 Mon Sep 17 00:00:00 2001
From: Dirk Engling <erdgeist@erdgeist.org>
Date: Sat, 5 Dec 2020 06:33:43 +0100
Subject: Prevent IV reuse to protect agains replay attacks

---
 receiver.cpp | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/receiver.cpp b/receiver.cpp
index fdeee05..9e622d9 100644
--- a/receiver.cpp
+++ b/receiver.cpp
@@ -16,6 +16,7 @@
 
 #include <string>
 #include <map>
+#include <set>
 #include <iostream>
 
 const unsigned short PORT = 58132;
@@ -176,6 +177,7 @@ private:
 };
 
 std::map<uint64_t, std::unique_ptr<Session>> g_sessions;
+std::set<std::string> g_used_ivs;
 
 static uint8_t hex2nyble(char c)
 {
@@ -283,12 +285,19 @@ int main() {
             if (session == g_sessions.end())
                 g_sessions[session_id] = std::make_unique<Session>(session_id, rsa_plain_text);
             break;
-        case 1:
+        case 1: {
+            std::string sessid_iv(packet + 1, packet + 1 + SESSION_ID_LENGTH + GCM_IV_LENGTH);
+            if (g_used_ivs.find(sessid_iv) != g_used_ivs.end()) {
+                std::cerr << "Error: Session " << std::hex << session_id << " reused IV. Dropping packet" << std::endl;
+                break;
+            }
+            g_used_ivs.insert(sessid_iv);
             if (session != g_sessions.end())
                 session->second->write_log(packet + 1 + SESSION_ID_LENGTH, len - 1 - SESSION_ID_LENGTH);
             else
                 std::cerr << "Error: Can't log to unknown session " << std::hex << session_id << std::endl;
             break;
+            }
         default:
             break;
         }
-- 
cgit v1.2.3