Networks/Reticulum-Go
2
1
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects 1 Releases 1 Wiki Activity

add: AES-CBC

Browse Source
This commit is contained in:
Sudo-Ivan
2024-12-30 11:25:45 -06:00
parent 31128a6758
commit 73349d4a28
1 changed files with 50 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
pkg/link/link.go
View File

@@ -81,16 +81,16 @@ type Link struct {
func NewLink(dest *destination.Destination, transport *transport.Transport, establishedCallback func(*Link), closedCallback func(*Link)) *Link { func NewLink(dest *destination.Destination, transport *transport.Transport, establishedCallback func(*Link), closedCallback func(*Link)) *Link {
return &Link{ return &Link{
destination: dest, destination: dest,
status: STATUS_PENDING, status: STATUS_PENDING,
transport: transport, transport: transport,
establishedCallback: establishedCallback, establishedCallback: establishedCallback,
closedCallback: closedCallback, closedCallback: closedCallback,
establishedAt: time.Time{}, // Zero time until established establishedAt: time.Time{}, // Zero time until established
lastInbound: time.Time{}, lastInbound: time.Time{},
lastOutbound: time.Time{}, lastOutbound: time.Time{},
lastDataReceived: time.Time{}, lastDataReceived: time.Time{},
lastDataSent: time.Time{}, lastDataSent: time.Time{},
} }
} }
@@ -494,17 +494,27 @@ func (l *Link) encrypt(data []byte) ([]byte, error) {
return nil, err return nil, err
} }
gcm, err := cipher.NewGCM(block) // Generate IV
if err != nil { iv := make([]byte, aes.BlockSize)
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err return nil, err
} }
nonce := make([]byte, gcm.NonceSize()) // Add PKCS7 padding
if _, err := io.ReadFull(rand.Reader, nonce); err != nil { padding := aes.BlockSize - len(data)%aes.BlockSize
return nil, err padtext := make([]byte, len(data)+padding)
copy(padtext, data)
for i := len(data); i < len(padtext); i++ {
padtext[i] = byte(padding)
} }
return gcm.Seal(nonce, nonce, data, nil), nil // Encrypt
mode := cipher.NewCBCEncrypter(block, iv)
ciphertext := make([]byte, len(padtext))
mode.CryptBlocks(ciphertext, padtext)
// Prepend IV to ciphertext
return append(iv, ciphertext...), nil
} }
func (l *Link) decrypt(data []byte) ([]byte, error) { func (l *Link) decrypt(data []byte) ([]byte, error) {
@@ -517,18 +527,34 @@ func (l *Link) decrypt(data []byte) ([]byte, error) {
return nil, err return nil, err
} }
gcm, err := cipher.NewGCM(block) if len(data) < aes.BlockSize {
if err != nil {
return nil, err
}
nonceSize := gcm.NonceSize()
if len(data) < nonceSize {
return nil, errors.New("ciphertext too short") return nil, errors.New("ciphertext too short")
} }
nonce, ciphertext := data[:nonceSize], data[nonceSize:] iv := data[:aes.BlockSize]
return gcm.Open(nil, nonce, ciphertext, nil) ciphertext := data[aes.BlockSize:]
if len(ciphertext)%aes.BlockSize != 0 {
return nil, errors.New("ciphertext is not a multiple of block size")
}
mode := cipher.NewCBCDecrypter(block, iv)
plaintext := make([]byte, len(ciphertext))
mode.CryptBlocks(plaintext, ciphertext)
// Remove PKCS7 padding
padding := int(plaintext[len(plaintext)-1])
if padding > aes.BlockSize || padding == 0 {
return nil, errors.New("invalid padding")
}
for i := len(plaintext) - padding; i < len(plaintext); i++ {
if plaintext[i] != byte(padding) {
return nil, errors.New("invalid padding")
}
}
return plaintext[:len(plaintext)-padding], nil
} }
func (l *Link) UpdatePhyStats(rssi float64, snr float64, q float64) { func (l *Link) UpdatePhyStats(rssi float64, snr float64, q float64) {