tuxmain/double-ratchet-rs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Corrected security relevant bug

Browse source
This commit is contained in:
Hannes 2021-06-18 14:14:30 +02:00
parent 8c0fe153be
commit c10a68bd43
3 changed files with 11 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Cargo.toml
View file

@ -6,7 +6,7 @@ homepage = "https://github.com/Dione-Software/double-ratchet-2"
repository = "https://github.com/Dione-Software/double-ratchet-2" repository = "https://github.com/Dione-Software/double-ratchet-2"
readme = "README.md" readme = "README.md"
keywords = ["double-ratchet", "crypto", "cryptography", "signal"] keywords = ["double-ratchet", "crypto", "cryptography", "signal"]
version = "0.3.1" version = "0.3.2"
edition = "2018" edition = "2018"
license = "MIT" license = "MIT"

7
src/dh.rs
View file

@ -17,14 +17,15 @@ pub struct DhKeyPair {
impl Drop for DhKeyPair { impl Drop for DhKeyPair {
fn drop(&mut self) { fn drop(&mut self) {
core::mem::drop(&mut self.private_key); self.private_key = SecretKey::random(&mut OsRng);
core::mem::drop(&mut self.public_key); self.public_key = self.private_key.public_key();
} }
} }
impl Zeroize for DhKeyPair { impl Zeroize for DhKeyPair {
fn zeroize(&mut self) { fn zeroize(&mut self) {
core::mem::drop(self); self.private_key = SecretKey::random(&mut OsRng);
self.public_key = self.private_key.public_key();
} }
} }

14
src/ratchet.rs
View file

@ -2,7 +2,7 @@
//! //!
use crate::dh::DhKeyPair; use crate::dh::DhKeyPair;
use p256::PublicKey; use p256::{PublicKey, SecretKey};
use hashbrown::HashMap; use hashbrown::HashMap;
use crate::kdf_root::{kdf_rk, kdf_rk_he}; use crate::kdf_root::{kdf_rk, kdf_rk_he};
use crate::header::Header; use crate::header::Header;
@ -11,6 +11,7 @@ use crate::kdf_chain::kdf_ck;
use crate::aead::{encrypt, decrypt}; use crate::aead::{encrypt, decrypt};
use alloc::string::ToString; use alloc::string::ToString;
use zeroize::Zeroize; use zeroize::Zeroize;
use rand_core::OsRng;
const MAX_SKIP: usize = 100; const MAX_SKIP: usize = 100;
@ -31,12 +32,10 @@ pub struct Ratchet {
impl Drop for Ratchet { impl Drop for Ratchet {
fn drop(&mut self) { fn drop(&mut self) {
core::mem::drop(&mut self.dhs); self.dhs.zeroize();
match self.dhr { if let Some(mut _d) = self.dhr {
Some(d) => { let sk = SecretKey::random(&mut OsRng);
core::mem::drop(d); _d = sk.public_key()
},
None => {}
} }
self.rk.zeroize(); self.rk.zeroize();
self.ckr.zeroize(); self.ckr.zeroize();
@ -181,7 +180,6 @@ pub struct RatchetEncHeader {
impl Zeroize for RatchetEncHeader { impl Zeroize for RatchetEncHeader {
fn zeroize(&mut self) { fn zeroize(&mut self) {
self.dhs.zeroize(); self.dhs.zeroize();
core::mem::drop(self.dhr);
self.rk.zeroize(); self.rk.zeroize();
self.cks.zeroize(); self.cks.zeroize();
self.ckr.zeroize(); self.ckr.zeroize();