dswd
/
vpncloud
mirror of https://github.com/dswd/vpncloud.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Do not sign first byte of init

This commit is contained in:
Dennis Schwerdel 2021-05-10 21:59:26 +02:00
parent 95a1c1876a
commit f871a1e901
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/crypto/init.rs
View File

@ -244,7 +244,7 @@ impl InitMsg {
let mut signature: SmallVec<[u8; 32]> = smallvec![0; signature_len]; let mut signature: SmallVec<[u8; 32]> = smallvec![0; signature_len];
r.read_exact(&mut signature).map_err(|_| Error::Parse("Init message too short"))?; r.read_exact(&mut signature).map_err(|_| Error::Parse("Init message too short"))?;
let signed_data = &r.into_inner()[0..pos]; let signed_data = &r.into_inner()[1..pos];
let public_key = signature::UnparsedPublicKey::new(&ED25519, &public_key_data); let public_key = signature::UnparsedPublicKey::new(&ED25519, &public_key_data);
if public_key.verify(&signed_data, &signature).is_err() { if public_key.verify(&signed_data, &signature).is_err() {
return Err(Error::Crypto("invalid signature")); return Err(Error::Crypto("invalid signature"));
@ -376,7 +376,7 @@ impl InitMsg {
w.write_u8(Self::PART_END)?; w.write_u8(Self::PART_END)?;
let pos = w.position() as usize; let pos = w.position() as usize;
let signature = key.sign(&w.get_ref()[0..pos]); let signature = key.sign(&w.get_ref()[1..pos]);
w.write_u8(signature.as_ref().len() as u8)?; w.write_u8(signature.as_ref().len() as u8)?;
w.write_all(signature.as_ref())?; w.write_all(signature.as_ref())?;