Skip to content

Commit

Permalink
Various progress I had forgotten to commit.
Browse files Browse the repository at this point in the history
  • Loading branch information
@FelixMcFelix
FelixMcFelix committed Nov 9, 2024
1 parent 1a9ae21 commit 58332d6
Show file tree
Hide file tree
Showing 5 changed files with 20 additions and 49 deletions.
2 changes: 0 additions & 2 deletions src/config.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -212,8 +212,6 @@ impl Default for Config {
Self {
#[cfg(feature = "driver")]
crypto_mode: CryptoMode::Aes256Gcm,
// crypto_mode: CryptoMode::XChaCha20Poly1305,
// crypto_mode: CryptoMode::Normal,
#[cfg(all(feature = "driver", feature = "receive"))]
decode_mode: DecodeMode::Decrypt,
#[cfg(all(feature = "driver", feature = "receive"))]
Expand Down
13 changes: 5 additions & 8 deletions src/driver/connection/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,8 +105,8 @@ impl Connection {

let chosen_crypto = CryptoMode::negotiate(&ready.modes, Some(config.crypto_mode))?;

println!(
"wanted {:?}. chose {:?} from modes {:?}",
info!(
"Crypto scheme negotiation -- wanted {:?}. Chose {:?} from modes {:?}.",
config.crypto_mode, chosen_crypto, ready.modes
);

Expand All @@ -118,7 +118,7 @@ impl Connection {
} else {
let socket = Socket::from(udp.into_std()?);

// Some operating systems does not allow setting the recv buffer to 0.
// Some operating systems do not allow setting the recv buffer to 0.
#[cfg(any(target_os = "linux", target_os = "windows"))]
socket.set_recv_buffer_size(0)?;

Expand Down Expand Up @@ -162,10 +162,7 @@ impl Connection {
let address_str = std::str::from_utf8(&view.get_address_raw()[..nul_byte_index])
.map_err(|_| Error::IllegalIp)?;

let address = IpAddr::from_str(address_str).map_err(|e| {
println!("{e:?}");
Error::IllegalIp
})?;
let address = IpAddr::from_str(address_str).map_err(|_| Error::IllegalIp)?;

client
.send_json(&GatewayEvent::from(SelectProtocol {
Expand All @@ -183,7 +180,7 @@ impl Connection {

info!("Connected to: {}", info.endpoint);

info!("WS heartbeat duration {}ms.", hello.heartbeat_interval,);
info!("WS heartbeat duration {}ms.", hello.heartbeat_interval);

let (ws_msg_tx, ws_msg_rx) = flume::unbounded();
#[cfg(feature = "receive")]
Expand Down
49 changes: 15 additions & 34 deletions src/driver/crypto.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,30 +63,9 @@ impl NuCipher {
) -> Result<(), CryptoError> {
let header_len = packet.packet().len() - packet.payload().len();

println!(
"Think I have payl_len {payload_len}, pkt {} non-hdr {} (hdr {header_len}). splits pre {} post {}",
packet.packet().len(),
packet.payload().len(),
mode.payload_prefix_len2(),
mode.payload_suffix_len(),
);

let (header, body) = packet.packet_mut().split_at_mut(header_len);
let (slice_to_use, body_remaining) = mode.nonce_slice(header, &mut body[..payload_len])?;

println!(
"Question time. nonce_slice {:0x?} (l{}) body {:0x?} (l{})",
slice_to_use,
slice_to_use.len(),
body_remaining,
body_remaining.len(),
);

println!(
"think I'm reading nonce from {:?} (sz4)",
slice_to_use.as_ptr()
);

// body_remaining is now correctly truncated to exclude the nonce by this point.
// the true_payload to encrypt is within the buf[prefix:-suffix].
let (pre_payload, body_remaining) = body_remaining.split_at_mut(mode.payload_prefix_len2());
Expand All @@ -95,31 +74,31 @@ impl NuCipher {

// All these Nonce types are distinct at the type level
// (96b for AES, 192b for XSalsa/XChaCha).
// TODO: E2EE apparently wants the least significant bytes used.
// This scheme uses most significant bytes.
match self {
// Older modes place the tag before the payload and do not authenticate
// cleartext.
NuCipher::XSalsa20Poly1305(secret_box) => {
let mut nonce = SbNonce::default();
nonce[..mode.nonce_size()].copy_from_slice(slice_to_use);

let tag = secret_box.encrypt_in_place_detached(&nonce, b"", body)?;
pre_payload[..TAG_SIZE].copy_from_slice(&tag[..]);
},

// The below variants follow part of the SRTP spec (RFC3711, sec 3.1)
// by requiring that we include the cleartext header portion as
// authenticated data. Discord themselves do not mention this requirement.
NuCipher::Aes256Gcm(aes_gcm) => {
let mut nonce = AesNonce::default();
nonce[..mode.nonce_size()].copy_from_slice(slice_to_use);
// let l = nonce.len();
// nonce[l-mode.nonce_size()..].copy_from_slice(slice_to_use);

// let tag = aes_gcm.encrypt_in_place_detached(&nonce, b"", body)?;
let tag = aes_gcm.encrypt_in_place_detached(&nonce, header, body)?;
post_payload[..TAG_SIZE].copy_from_slice(&tag[..]);
},
NuCipher::XChaCha20Poly1305(cha_cha_poly1305) => {
let mut nonce = XNonce::default();
nonce[..mode.nonce_size()].copy_from_slice(slice_to_use);

// let tag = cha_cha_poly1305.encrypt_in_place_detached(&nonce, b"", body)?;
let tag = cha_cha_poly1305.encrypt_in_place_detached(&nonce, header, body)?;
post_payload[..TAG_SIZE].copy_from_slice(&tag[..]);
},
Expand All @@ -140,7 +119,8 @@ pub enum CryptoMode {
/// An additional random 4B suffix is used as the source of nonce bytes for the packet.
/// This nonce value increments by `1` with each packet.
///
/// Encrypted content begins *after* the RTP header, following the SRTP specification.
/// Encrypted content begins *after* the RTP header and extensions, following the SRTP
/// specification.
///
/// Nonce width of 4B (32b), at an extra 4B per packet (~0.2 kB/s).
Aes256Gcm,
Expand All @@ -150,7 +130,8 @@ pub enum CryptoMode {
/// An additional random 4B suffix is used as the source of nonce bytes for the packet.
/// This nonce value increments by `1` with each packet.
///
/// Encrypted content begins *after* the RTP header, following the SRTP specification.
/// Encrypted content begins *after* the RTP header and extensions, following the SRTP
/// specification.
///
/// Nonce width of 4B (32b), at an extra 4B per packet (~0.2 kB/s).
XChaCha20Poly1305,
Expand Down Expand Up @@ -558,11 +539,11 @@ impl CryptoState {
Self::Lite(ref mut i)
| Self::Aes256Gcm(ref mut i)
| Self::XChaCha20Poly1305(ref mut i) => {
let mut mslice = &mut packet.payload_mut()[startpoint..endpoint];
println!("think I'm writing nonce to {:?} (sz4)", mslice.as_ptr());
mslice.write_u32::<NetworkEndian>(i.0).expect(
"Nonce size is guaranteed to be sufficient to write u32 for lite tagging.",
);
(&mut packet.payload_mut()[startpoint..endpoint])
.write_u32::<NetworkEndian>(i.0)
.expect(
"Nonce size is guaranteed to be sufficient to write u32 for lite tagging.",
);
*i += Wrapping(1);
},
Self::Normal => {},
Expand Down
4 changes: 0 additions & 4 deletions src/driver/tasks/mixer/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -529,8 +529,6 @@ impl Mixer {
out
};

println!("mixed: {mix_len:?}");

if self.muted {
mix_len = MixType::MixedPcm(0);
}
Expand Down Expand Up @@ -690,8 +688,6 @@ impl Mixer {
.as_ref()
.expect("Shouldn't be mixing packets without access to a cipher + UDP dest.");

println!("sent pkt (l{}) {:0x?}", packet.len(), packet);

#[cfg(test)]
if let Some(OutputMode::Rtp(tx)) = &self.config.override_connection {
// Test mode: send unencrypted (compressed) packets to local receiver.
Expand Down
1 change: 0 additions & 1 deletion src/input/adapters/async_adapter.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -254,7 +254,6 @@ impl Read for AsyncAdapterStream {
self.check_dropped()?;
},
a => {
println!("Misc err {a:?}");
return a;
},
}
Expand Down

0 comments on commit 58332d6

Please sign in to comment.