package/wireguard-go
1
0
Fork 0
mirror of https://git.zx2c4.com/wireguard-go synced 2025-10-08 10:00:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improved handling of key-material

Browse Source
This commit is contained in:
Mathias Hall-Andersen
2017-09-01 14:21:53 +02:00
parent 239d582cb2
commit 0294a5c0dd
7 changed files with 203 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/receive.go
View File

@@ -251,15 +251,22 @@ func (device *Device) RoutineDecryption() {
var err error
copy(nonce[4:], counter)
elem.counter = binary.LittleEndian.Uint64(counter)
elem.packet, err = elem.keyPair.receive.Open(
elem.buffer[:0],
nonce[:],
content,
nil,
)
if err != nil {
elem.keyPair.receive.mutex.RLock()
if elem.keyPair.receive.aead == nil {
// very unlikely (the key was deleted during queuing)
elem.Drop()
} else {
elem.packet, err = elem.keyPair.receive.aead.Open(
elem.buffer[:0],
nonce[:],
content,
nil,
)
if err != nil {
elem.Drop()
}
}
elem.keyPair.receive.mutex.RUnlock()
elem.mutex.Unlock()
}
}
@@ -507,6 +514,9 @@ func (peer *Peer) RoutineSequentialReceiver() {
kp.mutex.Lock()
if kp.next == elem.keyPair {
peer.TimerHandshakeComplete()
if kp.previous != nil {
device.DeleteKeyPair(kp.previous)
}
kp.previous = kp.current
kp.current = kp.next
kp.next = nil