summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--receiver.cpp26
1 files changed, 14 insertions, 12 deletions
diff --git a/receiver.cpp b/receiver.cpp
index 2fa2d8a..aaf9673 100644
--- a/receiver.cpp
+++ b/receiver.cpp
@@ -80,7 +80,7 @@ static time_t now() {
80} 80}
81 81
82// Constants 82// Constants
83enum { SESSION_ID_LENGTH = 8, AES_KEY_LENGTH = 16, GCM_IV_LENGTH = 16, GCM_TAG_LENGTH = 16, MIN_PACKET_SIZE = 40 }; 83enum { SESSION_ID_LENGTH = 8, AES_KEY_LENGTH = 16, GCM_IV_LENGTH_LEGACY = 16, GCM_IV_LENGTH = 12, GCM_TAG_LENGTH = 16, MIN_PACKET_SIZE = 40 };
84enum { DIRNAME_LENGTH = 10, FILENAME_LENGTH = 73, SIDOFFS = 20, KEYOFFS = 37 }; 84enum { DIRNAME_LENGTH = 10, FILENAME_LENGTH = 73, SIDOFFS = 20, KEYOFFS = 37 };
85 85
86class Session { 86class Session {
@@ -132,19 +132,21 @@ public:
132 return open((_dirname + "/" + _filename).c_str(), O_WRONLY | O_APPEND | O_CREAT, 0755); 132 return open((_dirname + "/" + _filename).c_str(), O_WRONLY | O_APPEND | O_CREAT, 0755);
133 } 133 }
134 134
135 void write_log(const uint8_t *packet, size_t len) { 135 void write_log(const uint8_t *packet, size_t len, int version = 2) {
136 const size_t iv_len = ( version == 1 ? GCM_IV_LENGTH_LEGACY : GCM_IV_LENGTH);
137
136 // First check if the packet holds enough space for session id, iv and at least one gcm block 138 // First check if the packet holds enough space for session id, iv and at least one gcm block
137 if (len < GCM_IV_LENGTH + GCM_TAG_LENGTH) { 139 if (len < iv_len + GCM_TAG_LENGTH) {
138 std::cerr << "Error: Short packet, size " << len << std::endl; 140 std::cerr << "Error: Short packet, size " << len << std::endl;
139 return; 141 return;
140 } 142 }
141 143
142 const uint8_t *iv = packet; 144 const uint8_t *iv = packet;
143 const uint8_t *tag = packet + GCM_IV_LENGTH; 145 const uint8_t *tag = packet + iv_len;
144 const uint8_t *payload = packet + GCM_IV_LENGTH + GCM_TAG_LENGTH; 146 const uint8_t *payload = packet + iv_len + GCM_TAG_LENGTH;
145 len -= GCM_IV_LENGTH + GCM_TAG_LENGTH; 147 len -= iv_len + GCM_TAG_LENGTH;
146 148
147 std::string ivs(packet, packet +GCM_IV_LENGTH); 149 std::string ivs(packet, packet + iv_len);
148 if (_used_ivs.find(ivs) != _used_ivs.end()) { 150 if (_used_ivs.find(ivs) != _used_ivs.end()) {
149 std::cerr << "Error: Session " << std::hex << _session_id << " reused IV. Dropping packet" << std::endl; 151 std::cerr << "Error: Session " << std::hex << _session_id << " reused IV. Dropping packet" << std::endl;
150 return; 152 return;
@@ -163,7 +165,7 @@ public:
163 uint8_t *output = static_cast<uint8_t*>(alloca(len)); 165 uint8_t *output = static_cast<uint8_t*>(alloca(len));
164 166
165 // This should fail on invalid input sizes 167 // This should fail on invalid input sizes
166 switch (mbedtls_gcm_auth_decrypt(&_ctx, len, iv, GCM_IV_LENGTH, (uint8_t*)&_session_id, SESSION_ID_LENGTH, tag, GCM_TAG_LENGTH, payload, output)) 168 switch (mbedtls_gcm_auth_decrypt(&_ctx, len, iv, iv_len, (uint8_t*)&_session_id, SESSION_ID_LENGTH, tag, GCM_TAG_LENGTH, payload, output))
167 { 169 {
168 case 0: 170 case 0:
169 write(_fd, output, len); 171 write(_fd, output, len);
@@ -325,13 +327,13 @@ int main() {
325 if (session == g_sessions.end()) 327 if (session == g_sessions.end())
326 g_sessions[session_id] = std::make_unique<Session>(session_id, rsa_plain_text); 328 g_sessions[session_id] = std::make_unique<Session>(session_id, rsa_plain_text);
327 break; 329 break;
328 case 1: { 330 case 1:
331 case 2:
329 if (session != g_sessions.end()) 332 if (session != g_sessions.end())
330 session->second->write_log(packet + 1 + SESSION_ID_LENGTH, len - 1 - SESSION_ID_LENGTH); 333 session->second->write_log(packet + 1 + SESSION_ID_LENGTH, len - 1 - SESSION_ID_LENGTH, static_cast<int>(packet[0]));
331 else 334 else
332 std::cerr << "Error: Can't log to unknown session " << std::hex << session_id << std::endl; 335 std::cerr << "Error: Can't log to unknown session " << std::hex << session_id << std::dec << std::endl;
333 break; 336 break;
334 }
335 default: 337 default:
336 break; 338 break;
337 } 339 }