-
Notifications
You must be signed in to change notification settings - Fork 528
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace rust-crypto crate with RustCrypto crates #239
Conversation
Note that |
Tested on |
@newpavlov 1f1cd11 seems to be giving me Bus errors on aarch64 (running armv7hf 32bit binary):
Any ideas how to debug/isoloate this further? |
Hm, I think problem manifests itself in this line, not sure why it happens though. Are you sure that UPD: Hm, looking at the code it looks like pointer can not be null... |
I am a gdb novice - so my knowledge stops at :={
and
|
I could not reproduce it with the usage example over at docs. But if you have a better test case to isolate the issue, willing to test! |
Please try to execute |
Try to do the following:
let nonce = [
((nonce[0] as u64) << 8*7) + ((nonce[1] as u64) << 8*6) +
((nonce[2] as u64) << 8*5) + ((nonce[3] as u64) << 8*4) +
((nonce[4] as u64) << 8*3) + ((nonce[5] as u64) << 8*2) +
((nonce[6] as u64) << 8*1) + ((nonce[7] as u64) << 8*0),
((nonce[8] as u64) << 8*7) + ((nonce[9] as u64) << 8*6) +
((nonce[10] as u64) << 8*5) + ((nonce[11] as u64) << 8*4) +
((nonce[12] as u64) << 8*3) + ((nonce[13] as u64) << 8*2) +
((nonce[14] as u64) << 8*1) + ((nonce[15] as u64) << 8*0),
];
[patch.crates.io]
ctr = { path = 'path/to/modified/ctr' }
|
I don't know how to run But this gets interesting - I just added a simple debug to try and recreate a simpler minimal example,
and it doesn't have any bus errors now? Either way - building with the patch now |
Your patch works! I couldn't get the |
Hm, now we need to find if I've maid a mistake and the line introduces UB, or is it Rust miscompialtion. One possible explanation is alignment issues, not sure how to check it though. :/ I will try to ask around. |
|
UB and miscompilation bugs are quite fragile, and can result in big behaviour changes on small code edits.
I can translate tests to a stand-alone app, but I probably will do it tomorrow. BTW have you updated Rust to 1.29.2? I doubt that this miscomiplation bug causes this situation, but it's worth to check. |
Fair enough with the undefined behaviour. |
Try to test the following snippet: extern crate aes_ctr;
use aes_ctr::Aes128Ctr;
use aes_ctr::stream_cipher::{NewFixStreamCipher, StreamCipherCore};
use aes_ctr::stream_cipher::generic_array::GenericArray;
const AUDIO_AESIV: [u8; 16] = [
0x72, 0xe0, 0x67, 0xfb, 0xdd, 0xcb, 0xcf, 0x77,
0xeb, 0xe8, 0xbc, 0x64, 0x3f, 0x63, 0x0d, 0x93,
];
#[inline(never)]
fn new_cipher(key: &[u8]) -> Aes128Ctr {
Aes128Ctr::new(
GenericArray::from_slice(key),
GenericArray::from_slice(&AUDIO_AESIV),
)
}
#[inline(never)]
fn encrypt(cipher: &mut Aes128Ctr) -> [u8; 10] {
let mut data = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9];
cipher.apply_keystream(&mut data);
data
}
fn main() {
let mut cipher = new_cipher(b"0123456789abcdef");
let data = encrypt(&mut cipher);
println!("{:?}", data);
} |
Any news on this? I've updated Cargo.lock after merge, as it was the easiest way to merge. |
Sorry, this PR kind of got lost to the winds. If you wouldn't mind rebasing this, we'll review it and hopefully get it merged. |
No problem! I've rebased PR and additionally fixed one security related mistake. |
assert_eq!(data % block_size, 0); | ||
for chunk in data.chunks_mut(block_size) { | ||
cipher.decode(GenericArray::from_slice_mut(chunk)); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure about this part. Can it be assumed that data
here is always multiple of 16?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it doesn't look like it. I just checked with my stored blob, where the hex blob was 286 characters
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, this is quite strange. If ECB (or CBC) mode was used encrypted message length should be a multiple of block size. Do you have any test vectors for those encrypted blocks or implementations which can be used as a reference?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will have to check later. I don't believe so, I believe we just store the bllob as we receive it, no telling what parameters are used in it's creation.
Thanks, will test this and review tomorrow hopefully. Also, could you squash the recent commits by any chance? |
This seems to work fine. Once the last few commits are squashed will merge. |
Done! Don't forget about checking decryption in |
I authed using zeroconf, then restarted with cached credentials and it worked fine. |
As was discussed in the #128. Currently this PR lacks only AES-CTR in
audio/src/decrypt.rs
andconnect/src/discovery.rs
, which will require some work on RustCrypto side.