diff options
author | Terry Geng <terry@terriex.com> | 2020-06-03 13:54:38 +0300 |
---|---|---|
committer | Terry Geng <terry@terriex.com> | 2020-06-06 15:37:59 +0300 |
commit | e90eb8c4cd7edc0cd3eddafac622edc45efff794 (patch) | |
tree | dd737a6399ef4702de73b82e831307be1ec79836 /src | |
parent | 5f421e64f7644be2598c15c75d5767e931b3c8a3 (diff) |
src: Made CryptState an abstract class, in order to support multiple crypto types in the future. Moved all crypto-related files into src/crypto.
Diffstat (limited to 'src')
25 files changed, 257 insertions, 134 deletions
diff --git a/src/Connection.cpp b/src/Connection.cpp index a01a6b19d..8771f39b7 100644 --- a/src/Connection.cpp +++ b/src/Connection.cpp @@ -29,6 +29,7 @@ Connection::Connection(QObject *p, QSslSocket *qtsSock) : QObject(p) { qtsSocket->setParent(this); iPacketLength = -1; bDisconnectedEmitted = false; + csCrypt = std::make_unique<CryptStateOCB2>(); static bool bDeclared = false; if (! bDeclared) { diff --git a/src/Connection.h b/src/Connection.h index 9928ef8a1..37ba15f0f 100644 --- a/src/Connection.h +++ b/src/Connection.h @@ -12,13 +12,15 @@ # include "win.h" #endif -#include "CryptState.h" +#include "crypto/CryptState.h" +#include "crypto/CryptStateOCB2.h" #include <QtCore/QElapsedTimer> #include <QtCore/QList> #include <QtCore/QMutex> #include <QtCore/QObject> #include <QtNetwork/QSslSocket> +#include <memory> #ifdef Q_OS_WIN # include <ws2tcpip.h> @@ -70,7 +72,7 @@ class Connection : public QObject { /// qmCrypt locks access to csCrypt. QMutex qmCrypt; #endif - CryptState csCrypt; + std::unique_ptr<CryptState> csCrypt; QList<QSslCertificate> peerCertificateChain() const; QSslCipher sessionCipher() const; diff --git a/src/PasswordGenerator.cpp b/src/PasswordGenerator.cpp index 8e4a7e332..995c8d133 100644 --- a/src/PasswordGenerator.cpp +++ b/src/PasswordGenerator.cpp @@ -3,7 +3,7 @@ // that can be found in the LICENSE file at the root of the // Mumble source tree or at <https://www.mumble.info/LICENSE>. -#include "CryptographicRandom.h" +#include "crypto/CryptographicRandom.h" #include "PasswordGenerator.h" #include <QtCore/QVector> diff --git a/src/crypto/CryptState.h b/src/crypto/CryptState.h new file mode 100644 index 000000000..292652e80 --- /dev/null +++ b/src/crypto/CryptState.h @@ -0,0 +1,47 @@ +// Copyright 2005-2020 The Mumble Developers. All rights reserved. +// Use of this source code is governed by a BSD-style license +// that can be found in the LICENSE file at the root of the +// Mumble source tree or at <https://www.mumble.info/LICENSE>. + +#ifndef MUMBLE_CRYPTSTATE_H_ +#define MUMBLE_CRYPTSTATE_H_ + +#include "Timer.h" +#include <string> + +class CryptState { + private: + Q_DISABLE_COPY(CryptState) + public: + unsigned int uiGood = 0; + unsigned int uiLate = 0; + unsigned int uiLost = 0; + unsigned int uiResync = 0; + + unsigned int uiRemoteGood = 0; + unsigned int uiRemoteLate = 0; + unsigned int uiRemoteLost = 0; + unsigned int uiRemoteResync = 0; + + Timer tLastGood; + Timer tLastRequest; + bool bInit = false; + CryptState() {}; + virtual ~CryptState() {}; + + virtual bool isValid() const = 0; + virtual void genKey() = 0; + virtual void setKey(const std::string& rkey, const std::string& eiv, const std::string& div) = 0; + virtual void setRawKey(const std::string& rkey) = 0; + virtual void setEncryptIV(const std::string& iv) = 0; + virtual void setDecryptIV(const std::string& iv) = 0; + virtual std::string getRawKey() = 0; + virtual std::string getEncryptIV() = 0; + virtual std::string getDecryptIV() = 0; + + virtual bool decrypt(const unsigned char *source, unsigned char *dst, unsigned int crypted_length) = 0; + virtual bool encrypt(const unsigned char *source, unsigned char *dst, unsigned int plain_length) = 0; +}; + + +#endif diff --git a/src/CryptState.cpp b/src/crypto/CryptStateOCB2.cpp index 519688fd7..5d85e7f97 100644 --- a/src/CryptState.cpp +++ b/src/crypto/CryptStateOCB2.cpp @@ -23,30 +23,25 @@ # endif #endif -#include "CryptState.h" - +#include "CryptStateOCB2.h" #include "ByteSwap.h" #include <cstring> - #include <openssl/rand.h> -CryptState::CryptState() { +CryptStateOCB2::CryptStateOCB2() : CryptState() { for (int i=0;i<0x100;i++) decrypt_history[i] = 0; - bInit = false; memset(raw_key, 0, AES_KEY_SIZE_BYTES); memset(encrypt_iv, 0, AES_BLOCK_SIZE); memset(decrypt_iv, 0, AES_BLOCK_SIZE); - uiGood=uiLate=uiLost=uiResync=0; - uiRemoteGood=uiRemoteLate=uiRemoteLost=uiRemoteResync=0; } -bool CryptState::isValid() const { +bool CryptStateOCB2::isValid() const { return bInit; } -void CryptState::genKey() { +void CryptStateOCB2::genKey() { RAND_bytes(raw_key, AES_KEY_SIZE_BYTES); RAND_bytes(encrypt_iv, AES_BLOCK_SIZE); RAND_bytes(decrypt_iv, AES_BLOCK_SIZE); @@ -55,20 +50,48 @@ void CryptState::genKey() { bInit = true; } -void CryptState::setKey(const unsigned char *rkey, const unsigned char *eiv, const unsigned char *div) { - memcpy(raw_key, rkey, AES_KEY_SIZE_BYTES); - memcpy(encrypt_iv, eiv, AES_BLOCK_SIZE); - memcpy(decrypt_iv, div, AES_BLOCK_SIZE); - AES_set_encrypt_key(raw_key, AES_KEY_SIZE_BITS, &encrypt_key); - AES_set_decrypt_key(raw_key, AES_KEY_SIZE_BITS, &decrypt_key); - bInit = true; +void CryptStateOCB2::setKey(const std::string& rkey, const std::string& eiv, const std::string& div) { + if(rkey.length() == AES_KEY_SIZE_BYTES && eiv.length() == AES_BLOCK_SIZE && div.length() == AES_BLOCK_SIZE) { + memcpy(raw_key, rkey.data(), AES_KEY_SIZE_BYTES); + memcpy(encrypt_iv, eiv.data(), AES_BLOCK_SIZE); + memcpy(decrypt_iv, div.data(), AES_BLOCK_SIZE); + AES_set_encrypt_key(raw_key, AES_KEY_SIZE_BITS, &encrypt_key); + AES_set_decrypt_key(raw_key, AES_KEY_SIZE_BITS, &decrypt_key); + bInit = true; + } +} + +void CryptStateOCB2::setRawKey(const std::string& rkey) { + if(rkey.length() == AES_KEY_SIZE_BYTES){ + memcpy(raw_key, rkey.data(), AES_KEY_SIZE_BYTES); + } +} + +void CryptStateOCB2::setEncryptIV(const std::string& iv) { + if(iv.length() == AES_BLOCK_SIZE) { + memcpy(encrypt_iv, iv.data(), AES_BLOCK_SIZE); + } +} + +void CryptStateOCB2::setDecryptIV(const std::string& iv) { + if(iv.length() == AES_BLOCK_SIZE) { + memcpy(decrypt_iv, iv.data(), AES_BLOCK_SIZE); + } +} + +std::string CryptStateOCB2::getRawKey() { + return std::string(reinterpret_cast<const char*>(raw_key), AES_KEY_SIZE_BYTES); +} + +std::string CryptStateOCB2::getEncryptIV() { + return std::string(reinterpret_cast<const char*>(encrypt_iv), AES_BLOCK_SIZE); } -void CryptState::setDecryptIV(const unsigned char *iv) { - memcpy(decrypt_iv, iv, AES_BLOCK_SIZE); +std::string CryptStateOCB2::getDecryptIV() { + return std::string(reinterpret_cast<const char*>(decrypt_iv), AES_BLOCK_SIZE); } -bool CryptState::encrypt(const unsigned char *source, unsigned char *dst, unsigned int plain_length) { +bool CryptStateOCB2::encrypt(const unsigned char *source, unsigned char *dst, unsigned int plain_length) { unsigned char tag[AES_BLOCK_SIZE]; // First, increase our IV. @@ -87,7 +110,7 @@ bool CryptState::encrypt(const unsigned char *source, unsigned char *dst, unsign return true; } -bool CryptState::decrypt(const unsigned char *source, unsigned char *dst, unsigned int crypted_length) { +bool CryptStateOCB2::decrypt(const unsigned char *source, unsigned char *dst, unsigned int crypted_length) { if (crypted_length < 4) return false; @@ -227,7 +250,7 @@ static void inline ZERO(keyblock &block) { #define AESencrypt(src,dst,key) AES_encrypt(reinterpret_cast<const unsigned char *>(src),reinterpret_cast<unsigned char *>(dst), key); #define AESdecrypt(src,dst,key) AES_decrypt(reinterpret_cast<const unsigned char *>(src),reinterpret_cast<unsigned char *>(dst), key); -bool CryptState::ocb_encrypt(const unsigned char *plain, unsigned char *encrypted, unsigned int len, const unsigned char *nonce, unsigned char *tag) { +bool CryptStateOCB2::ocb_encrypt(const unsigned char *plain, unsigned char *encrypted, unsigned int len, const unsigned char *nonce, unsigned char *tag) { keyblock checksum, delta, tmp, pad; bool success = true; @@ -276,7 +299,7 @@ bool CryptState::ocb_encrypt(const unsigned char *plain, unsigned char *encrypte return success; } -bool CryptState::ocb_decrypt(const unsigned char *encrypted, unsigned char *plain, unsigned int len, const unsigned char *nonce, unsigned char *tag) { +bool CryptStateOCB2::ocb_decrypt(const unsigned char *encrypted, unsigned char *plain, unsigned int len, const unsigned char *nonce, unsigned char *tag) { keyblock checksum, delta, tmp, pad; bool success = true; diff --git a/src/crypto/CryptStateOCB2.h b/src/crypto/CryptStateOCB2.h new file mode 100644 index 000000000..4009264c2 --- /dev/null +++ b/src/crypto/CryptStateOCB2.h @@ -0,0 +1,49 @@ +// Copyright 2005-2020 The Mumble Developers. All rights reserved. +// Use of this source code is governed by a BSD-style license +// that can be found in the LICENSE file at the root of the +// Mumble source tree or at <https://www.mumble.info/LICENSE>. + +#ifndef MUMBLE_CRYPTSTATEOCB2_H +#define MUMBLE_CRYPTSTATEOCB2_H + +#include "CryptState.h" + +#include <openssl/aes.h> + +#define AES_KEY_SIZE_BITS 128 +#define AES_KEY_SIZE_BYTES (AES_KEY_SIZE_BITS/8) + + +class CryptStateOCB2 : public CryptState { +public: + CryptStateOCB2(); + ~CryptStateOCB2() {}; + + virtual bool isValid() const Q_DECL_OVERRIDE; + virtual void genKey() Q_DECL_OVERRIDE; + virtual void setKey(const std::string& rkey, const std::string& eiv, const std::string& div) Q_DECL_OVERRIDE; + virtual void setRawKey(const std::string& rkey) Q_DECL_OVERRIDE; + virtual void setEncryptIV(const std::string& iv) Q_DECL_OVERRIDE; + virtual void setDecryptIV(const std::string& iv) Q_DECL_OVERRIDE; + virtual std::string getRawKey() Q_DECL_OVERRIDE; + virtual std::string getEncryptIV() Q_DECL_OVERRIDE; + virtual std::string getDecryptIV() Q_DECL_OVERRIDE; + + virtual bool decrypt(const unsigned char *source, unsigned char *dst, unsigned int crypted_length) Q_DECL_OVERRIDE; + virtual bool encrypt(const unsigned char *source, unsigned char *dst, unsigned int plain_length) Q_DECL_OVERRIDE; + + bool ocb_encrypt(const unsigned char *plain, unsigned char *encrypted, unsigned int len, const unsigned char *nonce, unsigned char *tag); + bool ocb_decrypt(const unsigned char *encrypted, unsigned char *plain, unsigned int len, const unsigned char *nonce, unsigned char *tag); + +private: + unsigned char raw_key[AES_KEY_SIZE_BYTES]; + unsigned char encrypt_iv[AES_BLOCK_SIZE]; + unsigned char decrypt_iv[AES_BLOCK_SIZE]; + unsigned char decrypt_history[0x100]; + + AES_KEY encrypt_key; + AES_KEY decrypt_key; +}; + + +#endif //MUMBLE_CRYPTSTATEOCB2_H diff --git a/src/CryptographicHash.cpp b/src/crypto/CryptographicHash.cpp index 650e7ca53..650e7ca53 100644 --- a/src/CryptographicHash.cpp +++ b/src/crypto/CryptographicHash.cpp diff --git a/src/CryptographicHash.h b/src/crypto/CryptographicHash.h index d5af2871c..d5af2871c 100644 --- a/src/CryptographicHash.h +++ b/src/crypto/CryptographicHash.h diff --git a/src/CryptographicRandom.cpp b/src/crypto/CryptographicRandom.cpp index 4881e4147..4881e4147 100644 --- a/src/CryptographicRandom.cpp +++ b/src/crypto/CryptographicRandom.cpp diff --git a/src/CryptographicRandom.h b/src/crypto/CryptographicRandom.h index e46e22dcf..e46e22dcf 100644 --- a/src/CryptographicRandom.h +++ b/src/crypto/CryptographicRandom.h diff --git a/src/mumble.pri b/src/mumble.pri index ddcfe810b..4dd03aad9 100644 --- a/src/mumble.pri +++ b/src/mumble.pri @@ -9,7 +9,7 @@ include(../qmake/rcc.pri) include(../qmake/pkgconfig.pri) VERSION = 1.4.0 -DIST = mumble.pri Message.h PacketDataStream.h CryptState.h Timer.h Version.h OSInfo.h SSL.h +DIST = mumble.pri Message.h PacketDataStream.h crypto/CryptState.h crypto/CryptStateOCB2.h Timer.h Version.h OSInfo.h SSL.h CONFIG += qt thread debug_and_release warn_on DEFINES *= MUMBLE_VERSION_STRING=$$VERSION INCLUDEPATH += $$PWD . ../mumble_proto @@ -19,7 +19,8 @@ HEADERS *= \ ACL.h \ Channel.h \ ChannelListener.h \ - CryptState.h \ + crypto/CryptState.h \ + crypto/CryptStateOCB2.h \ Connection.h \ Group.h \ HTMLFilter.h \ @@ -34,8 +35,8 @@ HEADERS *= \ licenses.h \ License.h \ LogEmitter.h \ - CryptographicHash.h \ - CryptographicRandom.h \ + crypto/CryptographicHash.h \ + crypto/CryptographicRandom.h \ PasswordGenerator.h \ ByteSwap.h \ HostAddress.cpp \ @@ -60,15 +61,15 @@ SOURCES *= \ HTMLFilter.cpp \ User.cpp \ Timer.cpp \ - CryptState.cpp \ + crypto/CryptStateOCB2.cpp \ OSInfo.cpp \ SSL.cpp \ Version.cpp \ SSLCipherInfo.cpp \ License.cpp \ LogEmitter.cpp \ - CryptographicHash.cpp \ - CryptographicRandom.cpp \ + crypto/CryptographicHash.cpp \ + crypto/CryptographicRandom.cpp \ PasswordGenerator.cpp \ HostAddress.cpp \ Ban.cpp \ diff --git a/src/mumble/MainWindow.cpp b/src/mumble/MainWindow.cpp index ba7a56768..41c6669e4 100644 --- a/src/mumble/MainWindow.cpp +++ b/src/mumble/MainWindow.cpp @@ -1353,7 +1353,6 @@ void MainWindow::on_qaServerInformation_triggered() { if (! c) return; - CryptState &cs = c->csCrypt; QSslCipher qsc = g.sh->qscCipher; QString qsVersion=tr("<h2>Version</h2><p>Protocol %1</p>").arg(MumbleVersion::toString(g.sh->uiVersion)); @@ -1438,8 +1437,8 @@ void MainWindow::on_qaServerInformation_triggered() { "<tr><th>%7</th><td>%11</td><td>%15</td></tr>" "</table>") .arg(tr("UDP Statistics")).arg(tr("To Server")).arg(tr("From Server")).arg(tr("Good")).arg(tr("Late")).arg(tr("Lost")).arg(tr("Resync")) - .arg(cs.uiRemoteGood).arg(cs.uiRemoteLate).arg(cs.uiRemoteLost).arg(cs.uiRemoteResync) - .arg(cs.uiGood).arg(cs.uiLate).arg(cs.uiLost).arg(cs.uiResync); + .arg(c->csCrypt->uiRemoteGood).arg(c->csCrypt->uiRemoteLate).arg(c->csCrypt->uiRemoteLost).arg(c->csCrypt->uiRemoteResync) + .arg(c->csCrypt->uiGood).arg(c->csCrypt->uiLate).arg(c->csCrypt->uiLost).arg(c->csCrypt->uiResync); } qsAudio=tr("<h2>Audio bandwidth</h2><p>Maximum %1 kbit/s<br />Current %2 kbit/s<br />Codec: %3</p>").arg(g.iMaxBandwidth / 1000.0,0,'f',1).arg(g.iAudioBandwidth / 1000.0,0,'f',1).arg(currentCodec()); diff --git a/src/mumble/Messages.cpp b/src/mumble/Messages.cpp index 4d6a11bff..37eae7a07 100644 --- a/src/mumble/Messages.cpp +++ b/src/mumble/Messages.cpp @@ -31,7 +31,7 @@ #include "UserModel.h" #include "VersionCheck.h" #include "ViewCert.h" -#include "CryptState.h" +#include "crypto/CryptState.h" #include "Utils.h" #include "ChannelListener.h" #include "TalkingUI.h" @@ -947,17 +947,16 @@ void MainWindow::msgCryptSetup(const MumbleProto::CryptSetup &msg) { const std::string &key = msg.key(); const std::string &client_nonce = msg.client_nonce(); const std::string &server_nonce = msg.server_nonce(); - if (key.size() == AES_KEY_SIZE_BYTES && client_nonce.size() == AES_BLOCK_SIZE && server_nonce.size() == AES_BLOCK_SIZE) - c->csCrypt.setKey(reinterpret_cast<const unsigned char *>(key.data()), reinterpret_cast<const unsigned char *>(client_nonce.data()), reinterpret_cast<const unsigned char *>(server_nonce.data())); + c->csCrypt->setKey(key, client_nonce, server_nonce); } else if (msg.has_server_nonce()) { const std::string &server_nonce = msg.server_nonce(); if (server_nonce.size() == AES_BLOCK_SIZE) { - c->csCrypt.uiResync++; - memcpy(c->csCrypt.decrypt_iv, server_nonce.data(), AES_BLOCK_SIZE); + c->csCrypt->uiResync++; + c->csCrypt->setDecryptIV(server_nonce); } } else { MumbleProto::CryptSetup mpcs; - mpcs.set_client_nonce(std::string(reinterpret_cast<const char *>(c->csCrypt.encrypt_iv), AES_BLOCK_SIZE)); + mpcs.set_client_nonce(c->csCrypt->getEncryptIV()); g.sh->sendMessage(mpcs); } } diff --git a/src/mumble/ServerHandler.cpp b/src/mumble/ServerHandler.cpp index a5bd943de..f9e774057 100644 --- a/src/mumble/ServerHandler.cpp +++ b/src/mumble/ServerHandler.cpp @@ -195,16 +195,16 @@ void ServerHandler::udpReady() { if (! connection) continue; - if (! connection->csCrypt.isValid()) + if (! connection->csCrypt->isValid()) continue; if (buflen < 5) continue; - if (! connection->csCrypt.decrypt(reinterpret_cast<const unsigned char *>(encrypted), reinterpret_cast<unsigned char *>(buffer), buflen)) { - if (connection->csCrypt.tLastGood.elapsed() > 5000000ULL) { - if (connection->csCrypt.tLastRequest.elapsed() > 5000000ULL) { - connection->csCrypt.tLastRequest.restart(); + if (! connection->csCrypt->decrypt(reinterpret_cast<const unsigned char *>(encrypted), reinterpret_cast<unsigned char *>(buffer), buflen)) { + if (connection->csCrypt->tLastGood.elapsed() > 5000000ULL) { + if (connection->csCrypt->tLastRequest.elapsed() > 5000000ULL) { + connection->csCrypt->tLastRequest.restart(); MumbleProto::CryptSetup mpcs; sendMessage(mpcs); } @@ -261,7 +261,7 @@ void ServerHandler::sendMessage(const char *data, int len, bool force) { return; ConnectionPtr connection(cConnection); - if (!connection || !connection->csCrypt.isValid()) + if (!connection || !connection->csCrypt->isValid()) return; if (!force && (NetworkConfig::TcpModeEnabled() || !bUdp)) { @@ -275,7 +275,7 @@ void ServerHandler::sendMessage(const char *data, int len, bool force) { QApplication::postEvent(this, new ServerHandlerMessageEvent(qba, MessageHandler::UDPTunnel, true)); } else { - if (!connection->csCrypt.encrypt(reinterpret_cast<const unsigned char *>(data), crypto, len)) { + if (!connection->csCrypt->encrypt(reinterpret_cast<const unsigned char *>(data), crypto, len)) { return; } qusUdp->writeDatagram(reinterpret_cast<const char *>(crypto), len + 4, qhaRemote, usResolvedPort); @@ -511,8 +511,6 @@ void ServerHandler::sendPingInternal() { return; } - CryptState &cs = connection->csCrypt; - quint64 t = tTimestamp.elapsed(); if (qusUdp) { @@ -526,10 +524,10 @@ void ServerHandler::sendPingInternal() { MumbleProto::Ping mpp; mpp.set_timestamp(t); - mpp.set_good(cs.uiGood); - mpp.set_late(cs.uiLate); - mpp.set_lost(cs.uiLost); - mpp.set_resync(cs.uiResync); + mpp.set_good(connection->csCrypt->uiGood); + mpp.set_late(connection->csCrypt->uiLate); + mpp.set_lost(connection->csCrypt->uiLost); + mpp.set_resync(connection->csCrypt->uiResync); if (boost::accumulators::count(accUDP)) { @@ -580,26 +578,25 @@ void ServerHandler::message(unsigned int msgType, const QByteArray &qbaMsg) { // connection is still OK. iInFlightTCPPings = 0; - CryptState &cs = connection->csCrypt; - cs.uiRemoteGood = msg.good(); - cs.uiRemoteLate = msg.late(); - cs.uiRemoteLost = msg.lost(); - cs.uiRemoteResync = msg.resync(); + connection->csCrypt->uiRemoteGood = msg.good(); + connection->csCrypt->uiRemoteLate = msg.late(); + connection->csCrypt->uiRemoteLost = msg.lost(); + connection->csCrypt->uiRemoteResync = msg.resync(); accTCP(static_cast<double>(tTimestamp.elapsed() - msg.timestamp()) / 1000.0); - if (((cs.uiRemoteGood == 0) || (cs.uiGood == 0)) && bUdp && (tTimestamp.elapsed() > 20000000ULL)) { + if (((connection->csCrypt->uiRemoteGood == 0) || (connection->csCrypt->uiGood == 0)) && bUdp && (tTimestamp.elapsed() > 20000000ULL)) { bUdp = false; if (! NetworkConfig::TcpModeEnabled()) { - if ((cs.uiRemoteGood == 0) && (cs.uiGood == 0)) + if ((connection->csCrypt->uiRemoteGood == 0) && (connection->csCrypt->uiGood == 0)) g.mw->msgBox(tr("UDP packets cannot be sent to or received from the server. Switching to TCP mode.")); - else if (cs.uiRemoteGood == 0) + else if (connection->csCrypt->uiRemoteGood == 0) g.mw->msgBox(tr("UDP packets cannot be sent to the server. Switching to TCP mode.")); else g.mw->msgBox(tr("UDP packets cannot be received from the server. Switching to TCP mode.")); database->setUdp(qbaDigest, false); } - } else if (!bUdp && (cs.uiRemoteGood > 3) && (cs.uiGood > 3)) { + } else if (!bUdp && (connection->csCrypt->uiRemoteGood > 3) && (connection->csCrypt->uiGood > 3)) { bUdp = true; if (! NetworkConfig::TcpModeEnabled()) { g.mw->msgBox(tr("UDP packets can be sent to and received from the server. Switching back to UDP mode.")); diff --git a/src/murmur/Messages.cpp b/src/murmur/Messages.cpp index 66472320d..43a29fb7c 100644 --- a/src/murmur/Messages.cpp +++ b/src/murmur/Messages.cpp @@ -13,7 +13,7 @@ #include "Server.h" #include "ServerUser.h" #include "Version.h" -#include "CryptState.h" +#include "crypto/CryptState.h" #include "Meta.h" #include "ChannelListener.h" @@ -292,12 +292,12 @@ void Server::msgAuthenticate(ServerUser *uSource, MumbleProto::Authenticate &msg { QMutexLocker l(&uSource->qmCrypt); - uSource->csCrypt.genKey(); + uSource->csCrypt->genKey(); MumbleProto::CryptSetup mpcrypt; - mpcrypt.set_key(std::string(reinterpret_cast<const char *>(uSource->csCrypt.raw_key), AES_KEY_SIZE_BYTES)); - mpcrypt.set_server_nonce(std::string(reinterpret_cast<const char *>(uSource->csCrypt.encrypt_iv), AES_BLOCK_SIZE)); - mpcrypt.set_client_nonce(std::string(reinterpret_cast<const char *>(uSource->csCrypt.decrypt_iv), AES_BLOCK_SIZE)); + mpcrypt.set_key(uSource->csCrypt->getRawKey()); + mpcrypt.set_server_nonce(uSource->csCrypt->getEncryptIV()); + mpcrypt.set_client_nonce(uSource->csCrypt->getDecryptIV()); sendMessage(uSource, mpcrypt); } @@ -1748,12 +1748,10 @@ void Server::msgPing(ServerUser *uSource, MumbleProto::Ping &msg) { QMutexLocker l(&uSource->qmCrypt); - CryptState &cs=uSource->csCrypt; - - cs.uiRemoteGood = msg.good(); - cs.uiRemoteLate = msg.late(); - cs.uiRemoteLost = msg.lost(); - cs.uiRemoteResync = msg.resync(); + uSource->csCrypt->uiRemoteGood = msg.good(); + uSource->csCrypt->uiRemoteLate = msg.late(); + uSource->csCrypt->uiRemoteLost = msg.lost(); + uSource->csCrypt->uiRemoteResync = msg.resync(); uSource->dUDPPingAvg = msg.udp_ping_avg(); uSource->dUDPPingVar = msg.udp_ping_var(); @@ -1766,10 +1764,10 @@ void Server::msgPing(ServerUser *uSource, MumbleProto::Ping &msg) { msg.Clear(); msg.set_timestamp(ts); - msg.set_good(cs.uiGood); - msg.set_late(cs.uiLate); - msg.set_lost(cs.uiLost); - msg.set_resync(cs.uiResync); + msg.set_good(uSource->csCrypt->uiGood); + msg.set_late(uSource->csCrypt->uiLate); + msg.set_lost(uSource->csCrypt->uiLost); + msg.set_resync(uSource->csCrypt->uiResync); sendMessage(uSource, msg); } @@ -1781,14 +1779,12 @@ void Server::msgCryptSetup(ServerUser *uSource, MumbleProto::CryptSetup &msg) { if (! msg.has_client_nonce()) { log(uSource, "Requested crypt-nonce resync"); - msg.set_server_nonce(std::string(reinterpret_cast<const char *>(uSource->csCrypt.encrypt_iv), AES_BLOCK_SIZE)); + msg.set_server_nonce(uSource->csCrypt->getEncryptIV()); sendMessage(uSource, msg); } else { const std::string &str = msg.client_nonce(); - if (str.size() == AES_BLOCK_SIZE) { - uSource->csCrypt.uiResync++; - memcpy(uSource->csCrypt.decrypt_iv, str.data(), AES_BLOCK_SIZE); - } + uSource->csCrypt->uiResync++; + uSource->csCrypt->setDecryptIV(str); } } @@ -2006,19 +2002,18 @@ void Server::msgUserStats(ServerUser*uSource, MumbleProto::UserStats &msg) { MumbleProto::UserStats_Stats *mpusss; QMutexLocker l(&pDstServerUser->qmCrypt); - const CryptState &cs = pDstServerUser->csCrypt; mpusss = msg.mutable_from_client(); - mpusss->set_good(cs.uiGood); - mpusss->set_late(cs.uiLate); - mpusss->set_lost(cs.uiLost); - mpusss->set_resync(cs.uiResync); + mpusss->set_good(pDstServerUser->csCrypt->uiGood); + mpusss->set_late(pDstServerUser->csCrypt->uiLate); + mpusss->set_lost(pDstServerUser->csCrypt->uiLost); + mpusss->set_resync(pDstServerUser->csCrypt->uiResync); mpusss = msg.mutable_from_server(); - mpusss->set_good(cs.uiRemoteGood); - mpusss->set_late(cs.uiRemoteLate); - mpusss->set_lost(cs.uiRemoteLost); - mpusss->set_resync(cs.uiRemoteResync); + mpusss->set_good(pDstServerUser->csCrypt->uiRemoteGood); + mpusss->set_late(pDstServerUser->csCrypt->uiRemoteLate); + mpusss->set_lost(pDstServerUser->csCrypt->uiRemoteLost); + mpusss->set_resync(pDstServerUser->csCrypt->uiRemoteResync); } msg.set_udp_packets(pDstServerUser->uiUDPPackets); diff --git a/src/murmur/Server.cpp b/src/murmur/Server.cpp index 6b6bf8948..6f3c2f57f 100644 --- a/src/murmur/Server.cpp +++ b/src/murmur/Server.cpp @@ -920,12 +920,12 @@ void Server::run() { bool Server::checkDecrypt(ServerUser *u, const char *encrypt, char *plain, unsigned int len) { QMutexLocker l(&u->qmCrypt); - if (u->csCrypt.isValid() && u->csCrypt.decrypt(reinterpret_cast<const unsigned char *>(encrypt), reinterpret_cast<unsigned char *>(plain), len)) + if (u->csCrypt->isValid() && u->csCrypt->decrypt(reinterpret_cast<const unsigned char *>(encrypt), reinterpret_cast<unsigned char *>(plain), len)) return true; - if (u->csCrypt.tLastGood.elapsed() > 5000000ULL) { - if (u->csCrypt.tLastRequest.elapsed() > 5000000ULL) { - u->csCrypt.tLastRequest.restart(); + if (u->csCrypt->tLastGood.elapsed() > 5000000ULL) { + if (u->csCrypt->tLastRequest.elapsed() > 5000000ULL) { + u->csCrypt->tLastRequest.restart(); emit reqSync(u->uiSession); } } @@ -948,11 +948,11 @@ void Server::sendMessage(ServerUser *u, const char *data, int len, QByteArray &c { QMutexLocker wl(&u->qmCrypt); - if (!u->csCrypt.isValid()) { + if (!u->csCrypt->isValid()) { return; } - if (!u->csCrypt.encrypt(reinterpret_cast<const unsigned char *>(data), reinterpret_cast<unsigned char *>(buffer), len)) { + if (!u->csCrypt->encrypt(reinterpret_cast<const unsigned char *>(data), reinterpret_cast<unsigned char *>(buffer), len)) { return; } } diff --git a/src/tests/Benchmark.cpp b/src/tests/Benchmark.cpp index 7a5413db8..95495a5af 100644 --- a/src/tests/Benchmark.cpp +++ b/src/tests/Benchmark.cpp @@ -24,7 +24,7 @@ #include "PacketDataStream.h" #include "Timer.h" #include "Message.h" -#include "CryptState.h" +#include "crypto/CryptState.h" #include "Mumble.pb.h" class Client : public QThread { @@ -34,7 +34,7 @@ class Client : public QThread { bool sender; struct sockaddr_in srv; unsigned int uiSession; - CryptState crypt; + CryptStateOCB2 crypt; int rcvd; int socket; int seq; @@ -220,16 +220,16 @@ void Client::readyRead() { const std::string &client_nonce = msg.client_nonce(); const std::string &server_nonce = msg.server_nonce(); if (key.size() == AES_BLOCK_SIZE && client_nonce.size() == AES_BLOCK_SIZE && server_nonce.size() == AES_BLOCK_SIZE) - crypt.setKey(reinterpret_cast<const unsigned char *>(key.data()), reinterpret_cast<const unsigned char *>(client_nonce.data()), reinterpret_cast<const unsigned char *>(server_nonce.data())); + crypt.setKey(key, client_nonce, server_nonce); } else if (msg.has_server_nonce()) { const std::string &server_nonce = msg.server_nonce(); if (server_nonce.size() == AES_BLOCK_SIZE) { crypt.uiResync++; - memcpy(crypt.decrypt_iv, server_nonce.data(), AES_BLOCK_SIZE); + crypt.setDecryptIV(server_nonce); } } else { MumbleProto::CryptSetup mpcs; - mpcs.set_client_nonce(std::string(reinterpret_cast<const char *>(crypt.encrypt_iv), AES_BLOCK_SIZE)); + mpcs.set_client_nonce(crypt.getEncryptIV()); sendMessage(mpcs, MessageHandler::CryptSetup); } break; diff --git a/src/tests/Benchmark.pro b/src/tests/Benchmark.pro index 5d1cf4fed..30a3376ee 100644 --- a/src/tests/Benchmark.pro +++ b/src/tests/Benchmark.pro @@ -6,8 +6,8 @@ CONFIG -= app_bundle QT *= network xml LANGUAGE = C++ TARGET = Benchmark -SOURCES *= Benchmark.cpp Timer.cpp CryptState.cpp -HEADERS *= Timer.h CryptState.h +SOURCES *= Benchmark.cpp Timer.cpp crypto/CryptStateOCB2.cpp +HEADERS *= Timer.h crypto/CryptState.h crypto/CryptStateOCB2.h VPATH *= .. INCLUDEPATH *= .. ../murmur ../mumble !win32 { diff --git a/src/tests/TestCrypt/TestCrypt.cpp b/src/tests/TestCrypt/TestCrypt.cpp index 1b621967f..1021f8aec 100644 --- a/src/tests/TestCrypt/TestCrypt.cpp +++ b/src/tests/TestCrypt/TestCrypt.cpp @@ -6,9 +6,10 @@ #include <QtCore> #include <QtTest> +#include <string> #include "SSL.h" #include "Timer.h" -#include "CryptState.h" +#include "crypto/CryptStateOCB2.h" #include "Utils.h" class TestCrypt : public QObject { @@ -33,13 +34,14 @@ void TestCrypt::cleanupTestCase() { } void TestCrypt::reverserecovery() { - CryptState enc, dec; + CryptStateOCB2 enc, dec; enc.genKey(); // For our testcase, we're going to FORCE iv - memset(enc.encrypt_iv, 0x55, AES_BLOCK_SIZE); - - dec.setKey(enc.raw_key, enc.decrypt_iv, enc.encrypt_iv); + char encrypt_iv[AES_BLOCK_SIZE]; + memset(encrypt_iv, 0x55, AES_BLOCK_SIZE); + enc.setEncryptIV(std::string(reinterpret_cast<const char*>(encrypt_iv), AES_BLOCK_SIZE)); + dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV()); unsigned char secret[10] = "abcdefghi"; unsigned char crypted[512][14]; @@ -89,13 +91,14 @@ void TestCrypt::reverserecovery() { } void TestCrypt::ivrecovery() { - CryptState enc, dec; + CryptStateOCB2 enc, dec; enc.genKey(); // For our testcase, we're going to FORCE iv - memset(enc.encrypt_iv, 0x55, AES_BLOCK_SIZE); - - dec.setKey(enc.raw_key, enc.decrypt_iv, enc.encrypt_iv); + char encrypt_iv[AES_BLOCK_SIZE]; + memset(encrypt_iv, 0x55, AES_BLOCK_SIZE); + enc.setEncryptIV(std::string(reinterpret_cast<const char*>(encrypt_iv), AES_BLOCK_SIZE)); + dec.setKey(enc.getRawKey(), enc.getDecryptIV(), enc.getEncryptIV()); unsigned char secret[10] = "abcdefghi"; unsigned char crypted[14]; @@ -126,7 +129,7 @@ void TestCrypt::ivrecovery() { QCOMPARE(dec.uiLost, 14U); } - QVERIFY(memcmp(enc.encrypt_iv, dec.decrypt_iv, AES_BLOCK_SIZE)==0); + QVERIFY(enc.getEncryptIV() == dec.getDecryptIV()); // Wrap too far for (int i=0;i<257;i++) @@ -135,7 +138,7 @@ void TestCrypt::ivrecovery() { QVERIFY(! dec.decrypt(crypted, decr, 14)); // Sync it - dec.setDecryptIV(enc.encrypt_iv); + dec.setDecryptIV(enc.getEncryptIV()); enc.encrypt(secret, crypted, 10); QVERIFY(dec.decrypt(crypted, decr, 14)); @@ -145,8 +148,9 @@ void TestCrypt::testvectors() { // Test vectors are from draft-krovetz-ocb-00.txt const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; - CryptState cs; - cs.setKey(rawkey, rawkey, rawkey); + CryptStateOCB2 cs; + std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); + cs.setKey(rawkey_str, rawkey_str, rawkey_str); unsigned char tag[16]; QVERIFY(cs.ocb_encrypt(NULL, NULL, 0, rawkey, tag)); @@ -176,8 +180,10 @@ void TestCrypt::authcrypt() { for (int len=0;len<128;len++) { const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - CryptState cs; - cs.setKey(rawkey, nonce, nonce); + std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE); + CryptStateOCB2 cs; + cs.setKey(rawkey_str, nonce_str, nonce_str); STACKVAR(unsigned char, src, len); for (int i=0;i<len;i++) @@ -203,8 +209,10 @@ void TestCrypt::authcrypt() { void TestCrypt::xexstarAttack() { const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - CryptState cs; - cs.setKey(rawkey, nonce, nonce); + std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE); + CryptStateOCB2 cs; + cs.setKey(rawkey_str, nonce_str, nonce_str); STACKVAR(unsigned char, src, 2 * AES_BLOCK_SIZE); // Set first block to `len(secondBlock)` @@ -240,8 +248,10 @@ void TestCrypt::xexstarAttack() { void TestCrypt::tamper() { const unsigned char rawkey[AES_BLOCK_SIZE] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f}; const unsigned char nonce[AES_BLOCK_SIZE] = {0xff, 0xee, 0xdd, 0xcc, 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; - CryptState cs; - cs.setKey(rawkey, nonce, nonce); + std::string rawkey_str = std::string(reinterpret_cast<const char*>(rawkey), AES_BLOCK_SIZE); + std::string nonce_str = std::string(reinterpret_cast<const char*>(nonce), AES_BLOCK_SIZE); + CryptStateOCB2 cs; + cs.setKey(rawkey_str, nonce_str, nonce_str); const unsigned char msg[] = "It was a funky funky town!"; int len = sizeof(msg); diff --git a/src/tests/TestCrypt/TestCrypt.pro b/src/tests/TestCrypt/TestCrypt.pro index 83ea84f6e..6535e4b19 100644 --- a/src/tests/TestCrypt/TestCrypt.pro +++ b/src/tests/TestCrypt/TestCrypt.pro @@ -8,7 +8,7 @@ include(../test.pri) QT *= network TARGET = TestCrypt -HEADERS *= SSL.h SSLLocks.h Timer.h CryptState.h -SOURCES *= SSL.cpp SSLLocks.cpp TestCrypt.cpp CryptState.cpp Timer.cpp +HEADERS *= SSL.h SSLLocks.h Timer.h crypto/CryptState.h crypto/CryptStateOCB2.h +SOURCES *= SSL.cpp SSLLocks.cpp TestCrypt.cpp crypto/CryptStateOCB2.cpp Timer.cpp win32:LIBS *= -lws2_32 diff --git a/src/tests/TestCryptographicHash/TestCryptographicHash.cpp b/src/tests/TestCryptographicHash/TestCryptographicHash.cpp index 653a9b72a..90be99485 100644 --- a/src/tests/TestCryptographicHash/TestCryptographicHash.cpp +++ b/src/tests/TestCryptographicHash/TestCryptographicHash.cpp @@ -9,7 +9,7 @@ #include "SSL.h" -#include "CryptographicHash.h" +#include "crypto/CryptographicHash.h" class TestCryptographicHash : public QObject { Q_OBJECT diff --git a/src/tests/TestCryptographicHash/TestCryptographicHash.pro b/src/tests/TestCryptographicHash/TestCryptographicHash.pro index bda9506dc..dc5b256c8 100644 --- a/src/tests/TestCryptographicHash/TestCryptographicHash.pro +++ b/src/tests/TestCryptographicHash/TestCryptographicHash.pro @@ -8,5 +8,5 @@ include(../test.pri) QT += network TARGET = TestCryptographicHash -SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicHash.cpp CryptographicHash.cpp -HEADERS *= SSL.h SSLLocks.h CryptographicHash.h +SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicHash.cpp crypto/CryptographicHash.cpp +HEADERS *= SSL.h SSLLocks.h crypto/CryptographicHash.h diff --git a/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp b/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp index be9d04fa5..ee1a2edd7 100644 --- a/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp +++ b/src/tests/TestCryptographicRandom/TestCryptographicRandom.cpp @@ -8,7 +8,7 @@ #include "SSL.h" -#include "CryptographicRandom.h" +#include "crypto/CryptographicRandom.h" #include <stdint.h> #include <stdlib.h> diff --git a/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro b/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro index 5d04255f0..c6625f3f9 100644 --- a/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro +++ b/src/tests/TestCryptographicRandom/TestCryptographicRandom.pro @@ -8,8 +8,8 @@ include(../test.pri) QT += network TARGET = TestCryptographicRandom -SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicRandom.cpp CryptographicRandom.cpp arc4random_uniform.cpp -HEADERS *= SSL.h SSLLocks.h CryptographicHash.h +SOURCES *= SSL.cpp SSLLocks.cpp TestCryptographicRandom.cpp crypto/CryptographicRandom.cpp arc4random_uniform.cpp +HEADERS *= SSL.h SSLLocks.h crypto/CryptographicHash.h VPATH *= ../../../3rdparty/arc4random-src INCLUDEPATH *= ../../../3rdparty/arc4random-src diff --git a/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro b/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro index 3bb6df3cd..77a30e92c 100644 --- a/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro +++ b/src/tests/TestPasswordGenerator/TestPasswordGenerator.pro @@ -8,8 +8,8 @@ include(../test.pri) QT += network TARGET = TestPasswordGenerator -SOURCES *= SSL.cpp SSLLocks.cpp TestPasswordGenerator.cpp PasswordGenerator.cpp CryptographicRandom.cpp arc4random_uniform.cpp -HEADERS *= SSL.h SSLLocks.h PasswordGenerator.h CryptographicHash.h +SOURCES *= SSL.cpp SSLLocks.cpp TestPasswordGenerator.cpp PasswordGenerator.cpp crypto/CryptographicRandom.cpp arc4random_uniform.cpp +HEADERS *= SSL.h SSLLocks.h PasswordGenerator.h crypto/CryptographicHash.h VPATH *= ../../../3rdparty/arc4random-src INCLUDEPATH *= ../../../3rdparty/arc4random-src |