Secure link working

paparazzi · Nov 27, 2017 · 48d81ec · 48d81ec
1 parent ddc9c0b
commit 48d81ec
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 19 deletions.
diff --git a/lib/v1.0/C/secure_pprz_transport.c b/lib/v1.0/C/secure_pprz_transport.c
@@ -149,32 +149,32 @@ static void end_message(struct spprz_transport *trans, struct link_device *dev,
     // copy message to the tx buffer
     memcpy(&trans->tx_buffer[trans->tx_idx], trans->tx_msg.msg, trans->tx_msg.msg_idx);
     trans->tx_idx += trans->tx_msg.msg_idx;
-
     // return without sending anything
     return;
   }
 
   // set nonce
   trans->tx_cnt++;  // increment first
-  memcpy(trans->tx_msg.nonce, &trans->tx_cnt, sizeof(uint32_t));  // simply copy 4 byte counter
+  memcpy(trans->tx_nonce, &trans->tx_cnt, sizeof(uint32_t));  // simply copy 4 byte counter
+  trans->tx_idx = 2; // explicitly set the value
 
   // append counter to the buffer
   memcpy(&trans->tx_buffer[trans->tx_idx], &trans->tx_cnt, sizeof(uint32_t));
   trans->tx_idx += sizeof(uint32_t);
 
-  // we authenticate the counter
-  memcpy(trans->tx_msg.aad, &trans->tx_cnt, sizeof(uint32_t));
-  trans->tx_msg.aad_idx += sizeof(uint32_t);
+  // // we authenticate the counter
+  //memcpy(trans->tx_msg.aad, &trans->tx_cnt, sizeof(uint32_t));
+  //trans->tx_msg.aad_idx += sizeof(uint32_t);
 
   // encrypt
   uint32_t res = Chacha20Poly1305_aead_encrypt(&trans->tx_buffer[trans->tx_idx],  // ciphertext
       trans->tx_msg.mac,  // mac
       trans->tx_msg.msg,  // plaintext
       trans->tx_msg.msg_idx,  // plaintext len
-      trans->tx_msg.aad,  // aad
-      trans->tx_msg.aad_idx,  // aad len
+      NULL,//trans->tx_msg.aad,  // aad
+      0,//trans->tx_msg.aad_idx,  // aad len
       trans->tx_key,  // key
-      trans->tx_msg.nonce);  // nonce
+      trans->tx_nonce);  // nonce
 
   // check result
   if (res != 0) {
@@ -183,7 +183,7 @@ static void end_message(struct spprz_transport *trans, struct link_device *dev,
   }
 
   // increment tx buffer index with the ciphertext
-  trans->tx_cnt += trans->tx_msg.msg_idx;
+  trans->tx_idx += trans->tx_msg.msg_idx;
 
   // append 16 byte tag to the tx buffer
   memcpy(&trans->tx_buffer[trans->tx_idx], trans->tx_msg.mac, PPRZ_MAC_LEN);
@@ -194,7 +194,7 @@ static void end_message(struct spprz_transport *trans, struct link_device *dev,
   trans->ck_b_tx = trans->tx_buffer[PPRZ_MSG_LEN_IDX];
 
   // calculate checksum
-  for (uint8_t i = 1; i < trans->tx_idx; i++) {
+  for (uint8_t i = 2; i < trans->tx_idx; i++) {
     accumulate_checksum(trans, trans->tx_buffer[i]);
   }
 
@@ -218,7 +218,7 @@ extern void spprz_send_plaintext(struct link_device *dev, struct spprz_transport
   trans->ck_b_tx = trans->tx_buffer[PPRZ_MSG_LEN_IDX];
 
   // calculate checksum
-  for (uint8_t i = 1; i < trans->tx_idx; i++) {
+  for (uint8_t i = 2; i < trans->tx_idx; i++) {
     accumulate_checksum(trans, trans->tx_buffer[i]);
   }
 
@@ -359,7 +359,7 @@ inline void spprz_handle_encrypted_message(struct spprz_transport *trans, uint8_
   }
 
   // update nonce
-  memcpy(trans->rx_msg.nonce, &new_cnt, PPRZ_COUNTER_LEN);
+  memcpy(trans->rx_nonce, &new_cnt, PPRZ_COUNTER_LEN);
 
   // authenticate and decrypt
   memset(&(trans->rx_msg), 0, sizeof(trans->rx_msg));  // erase aux variables
@@ -369,10 +369,10 @@ inline void spprz_handle_encrypted_message(struct spprz_transport *trans, uint8_
       &trans->trans_rx.payload[PPRZ_CIPHERTEXT_IDX],  // ciphertext
       clen,  // ciphertext len
       &trans->trans_rx.payload[PPRZ_CIPHERTEXT_IDX + clen],  // mac
-      &trans->trans_rx.payload[PPRZ_COUNTER_IDX],  // aad (counter)
-      PPRZ_COUNTER_LEN,  // aad len
+      NULL,//&trans->trans_rx.payload[PPRZ_COUNTER_IDX],  // aad (counter)
+      0,//PPRZ_COUNTER_LEN,  // aad len
       trans->rx_key,  // key
-      trans->rx_msg.nonce);  // nonce
+      trans->rx_nonce);  // nonce
 
   if (res != 0) {
     *msg_available = false;

diff --git a/lib/v1.0/C/secure_pprz_transport.h b/lib/v1.0/C/secure_pprz_transport.h
@@ -67,13 +67,12 @@ extern "C" {
 
 #define PPRZ_MSG_LEN_IDX 1
 #define PPRZ_COUNTER_IDX 2
-#define PPRZ_CIPHERTEXT_IDX 6
+#define PPRZ_CIPHERTEXT_IDX 4
 
 struct spprz_message {
   uint8_t msg[PPRZ_MAX_PAYLOAD_LEN]; // ciphertext/plaintext
   uint8_t msg_idx; // msg length
   uint8_t mac[PPRZ_MAC_LEN]; // message authentication tag
-  uint8_t nonce[PPRZ_NONCE_LEN]; // nonce (using only 4 bytes)
   uint8_t aad[PPRZ_MAX_AAD_LEN]; // additional authentication data
   uint8_t aad_idx; // aad length
 };
@@ -100,8 +99,10 @@ struct spprz_transport {
   uint8_t tx_idx; // length of outgoing buffer
   uint8_t rx_key[PPRZ_KEY_LEN]; // key to decrypt incoming messages
   uint32_t rx_cnt; // counter (IV) for incoming messages
+  uint8_t rx_nonce[PPRZ_NONCE_LEN]; // nonce
   uint8_t tx_key[PPRZ_KEY_LEN]; // key to encrypt outgoing messages
   uint32_t tx_cnt; // counter (IV) for outgoing messages
+  uint8_t tx_nonce[PPRZ_NONCE_LEN]; // nonce
 
   bool crypto_ok; // when true it is ok to send encrypted messages (i.e. the key exchange happened)
   uint32_t decrypt_err;

diff --git a/message_definitions/v1.0/messages.xml b/message_definitions/v1.0/messages.xml
@@ -1988,10 +1988,13 @@
       <field name="msg_data" type="uint8[]"/>
     </message>
 
-    <message name="SPRRZ_STATUS" id="255">
-      <description>Message for monitoring ket exchange status</description>
+    <message name="SPPRZ_STATUS" id="255">
+      <description>Message for monitoring key exchange status</description>
       <field name="sts_stage" type="uint8" values="INIT|WAIT_MSG1|WAIT_MSG2|WAIT_MSG3|CRYPTO_OK"/>
       <field name="sts_error" type="uint8" values="NONE|MSG1_TIMEOUT|MSG1_ENCRYPT|MSG3_TIMEOUT|MSG3_DECRYPT|MSG3_SIGNVERIFY|MSG2_TIMEOUT|MSG2_DECRYPT|MSG2_SIGNVERIFY|MSG3_ENCRYPT|UNEXPECTED_TYPE|UNEXPECTED_STAGE|UNEXPECTED_MSG"/>
+      <field name="counter_err"      type="uint32"/>
+      <field name="decrypt_err"      type="uint32"/>
+      <field name="encrypt_err"      type="uint32"/>
     </message>
 
   </msg_class>