Expanded address space to 128 bits

This commit is contained in:
Mark Qvist 2022-06-30 14:02:57 +02:00
parent 2be1c7633d
commit 5faf13d505
7 changed files with 35 additions and 35 deletions

View File

@ -29,8 +29,7 @@ from RNS.Cryptography.AES import AES_128_CBC
class Fernet():
FERNET_VERSION = 0x80
FERNET_OVERHEAD = 57 # In bytes
OPTIMISED_FERNET_OVERHEAD = 54 # In bytes
FERNET_OVERHEAD = 48 # In bytes
@staticmethod
def generate_key():
@ -73,7 +72,7 @@ class Fernet():
iv = iv,
)
signed_parts = b"\x80"+current_time.to_bytes(length=8, byteorder="big")+iv+ciphertext
signed_parts = iv+ciphertext
return signed_parts + HMAC.new(self._signing_key, signed_parts).digest()
@ -85,8 +84,8 @@ class Fernet():
if not self.verify_hmac(token):
raise ValueError("Fernet token HMAC was invalid")
iv = token[9:25]
ciphertext = token[25:-32]
iv = token[:16]
ciphertext = token[16:-32]
try:
plaintext = PKCS7.unpad(

View File

@ -55,7 +55,6 @@ class Identity:
# Non-configurable constants
FERNET_VERSION = RNS.Cryptography.Fernet.FERNET_VERSION
FERNET_OVERHEAD = RNS.Cryptography.Fernet.FERNET_OVERHEAD
OPTIMISED_FERNET_OVERHEAD = RNS.Cryptography.Fernet.OPTIMISED_FERNET_OVERHEAD
AES128_BLOCKSIZE = 16 # In bytes
HASHLENGTH = 256 # In bits
SIGLENGTH = KEYSIZE # In bits

View File

@ -59,7 +59,7 @@ class Link:
ECPUBSIZE = 32+32
KEYSIZE = 32
MDU = math.floor((RNS.Reticulum.MTU-RNS.Reticulum.IFAC_MIN_SIZE-RNS.Reticulum.HEADER_MINSIZE-RNS.Identity.OPTIMISED_FERNET_OVERHEAD)/RNS.Identity.AES128_BLOCKSIZE)*RNS.Identity.AES128_BLOCKSIZE - 1
MDU = math.floor((RNS.Reticulum.MTU-RNS.Reticulum.IFAC_MIN_SIZE-RNS.Reticulum.HEADER_MINSIZE-RNS.Identity.FERNET_OVERHEAD)/RNS.Identity.AES128_BLOCKSIZE)*RNS.Identity.AES128_BLOCKSIZE - 1
ESTABLISHMENT_TIMEOUT_PER_HOP = RNS.Reticulum.DEFAULT_PER_HOP_TIMEOUT
"""
@ -788,16 +788,7 @@ class Link:
RNS.log("Could not "+str(self)+" instantiate Fernet while performin encryption on link. The contained exception was: "+str(e), RNS.LOG_ERROR)
raise e
# The fernet token VERSION field is stripped here and
# reinserted on the receiving end, since it is always
# set to 0x80.
#
# Since we're also quite content with supporting time-
# stamps until the year 8921556 AD, we'll also strip 2
# bytes from the timestamp field and reinsert those as
# 0x00 when received.
ciphertext = self.fernet.encrypt(plaintext)[3:]
return ciphertext
return self.fernet.encrypt(plaintext)
except Exception as e:
RNS.log("Encryption on link "+str(self)+" failed. The contained exception was: "+str(e), RNS.LOG_ERROR)
@ -809,8 +800,8 @@ class Link:
if not self.fernet:
self.fernet = Fernet(self.derived_key)
plaintext = self.fernet.decrypt(bytes([RNS.Identity.FERNET_VERSION, 0x00, 0x00]) + ciphertext)
return plaintext
return self.fernet.decrypt(ciphertext)
except Exception as e:
RNS.log("Decryption failed on link "+str(self)+". The contained exception was: "+str(e), RNS.LOG_ERROR)

View File

@ -216,16 +216,18 @@ class Packet:
self.destination_type = (self.flags & 0b00001100) >> 2
self.packet_type = (self.flags & 0b00000011)
DST_LEN = RNS.Reticulum.TRUNCATED_HASHLENGTH//8
if self.header_type == Packet.HEADER_2:
self.transport_id = self.raw[2:12]
self.destination_hash = self.raw[12:22]
self.context = ord(self.raw[22:23])
self.data = self.raw[23:]
self.transport_id = self.raw[2:DST_LEN+2]
self.destination_hash = self.raw[DST_LEN+2:2*DST_LEN+2]
self.context = ord(self.raw[2*DST_LEN+2:2*DST_LEN+3])
self.data = self.raw[2*DST_LEN+3:]
else:
self.transport_id = None
self.destination_hash = self.raw[2:12]
self.context = ord(self.raw[12:13])
self.data = self.raw[13:]
self.destination_hash = self.raw[2:DST_LEN+2]
self.context = ord(self.raw[DST_LEN+2:DST_LEN+3])
self.data = self.raw[DST_LEN+3:]
self.packed = False
self.update_hash()

View File

@ -117,7 +117,7 @@ class Reticulum:
DEFAULT_PER_HOP_TIMEOUT = 5
# Length of truncated hashes in bits.
TRUNCATED_HASHLENGTH = 80
TRUNCATED_HASHLENGTH = 128
HEADER_MINSIZE = 2+1+(TRUNCATED_HASHLENGTH//8)*1
HEADER_MAXSIZE = 2+1+(TRUNCATED_HASHLENGTH//8)*2

View File

@ -172,6 +172,15 @@ def prettysize(num, suffix='B'):
return "%.2f%s%s" % (num, last_unit, suffix)
def phyparams():
print("Required Physical Layer MTU : "+str(Reticulum.MTU)+" bytes")
print("Plaintext Packet MDU : "+str(Packet.PLAIN_MDU)+" bytes")
print("Encrypted Packet MDU : "+str(Packet.ENCRYPTED_MDU)+" bytes")
print("Link Curve : "+str(Link.CURVE))
print("Link Packet MDU : "+str(Packet.ENCRYPTED_MDU)+" bytes")
print("Link Public Key Size : "+str(Link.ECPUBSIZE*8)+" bits")
print("Link Private Key Size : "+str(Link.KEYSIZE*8)+" bits")
def panic():
os._exit(255)