OpenTTD Source 20241224-master-gee860a5c8e
|
Base for handlers using a X25519 key exchange to perform authentication. More...
#include <network_crypto_internal.h>
Protected Member Functions | |
X25519AuthenticationHandler (const X25519SecretKey &secret_key) | |
Create the handler, and generate the public keys accordingly. | |
void | SendRequest (struct Packet &p) |
bool | ReceiveRequest (struct Packet &p) |
Read the key exchange data from a Packet that came from the server,. | |
bool | SendResponse (struct Packet &p, std::string_view derived_key_extra_payload) |
Perform the key exchange, and when that is correct fill the Packet with the appropriate data. | |
NetworkAuthenticationServerHandler::ResponseResult | ReceiveResponse (struct Packet &p, std::string_view derived_key_extra_payload) |
Read the key exchange data from a Packet that came from the client, and check whether the client passes the key exchange successfully. | |
std::string | GetPeerPublicKey () const |
Get the public key the peer provided for the key exchange. | |
void | SendEnableEncryption (struct Packet &p) const |
Send the initial nonce for the encrypted connection. | |
bool | ReceiveEnableEncryption (struct Packet &p) |
Receive the initial nonce for the encrypted connection. | |
std::unique_ptr< NetworkEncryptionHandler > | CreateClientToServerEncryptionHandler () const |
std::unique_ptr< NetworkEncryptionHandler > | CreateServerToClientEncryptionHandler () const |
Private Attributes | |
X25519SecretKey | our_secret_key |
The secret key used by us. | |
X25519PublicKey | our_public_key |
The public key used by us. | |
X25519Nonce | key_exchange_nonce |
The nonce to prevent replay attacks of the key exchange. | |
X25519DerivedKeys | derived_keys |
Keys derived from the authentication process. | |
X25519PublicKey | peer_public_key |
The public key used by our peer. | |
X25519Nonce | encryption_nonce |
The nonce to prevent replay attacks the encrypted connection. | |
Base for handlers using a X25519 key exchange to perform authentication.
In general this works as follows: 1) the client and server have or generate a secret and public X25519 key. 2) the X25519 key exchange is performed at both the client and server, with their own secret key and their peer's public key. 3) a pair of derived keys is created by BLAKE2b-hashing the following into 64 bytes, in this particular order:
The server initiates the request by sending its public key and a 24 byte nonce that is randomly generated. Normally the side that sends the encrypted data sends the nonce in their packet, which would be the client on our case. However, there are many implementations of clients due to the admin-protocol where this is used, and we cannot guarantee that they generate a good enough nonce. As such the server sends one instead. The server will create a new set of keys for each session.
The client receives the request, performs the key exchange, generates the derived keys and then encrypts the message. This message must contain some content, so it has to be filled with 8 random bytes. Once the message has been encrypted, the client sends their public key, the encrypted message and the message authentication code (MAC) to the server in a response.
The server receives the response, performs the key exchange, generates the derived keys, decrypts the message and validates the message authentication code, and finally the message. It is up to the sub class to perform the final authentication checks.
Definition at line 104 of file network_crypto_internal.h.
|
protected |
Create the handler, and generate the public keys accordingly.
secret_key | The secret key to use for this handler. Defaults to secure random data. |
Definition at line 184 of file network_crypto.cpp.
|
protected |
Definition at line 268 of file network_crypto.cpp.
|
protected |
Definition at line 273 of file network_crypto.cpp.
|
protected |
Get the public key the peer provided for the key exchange.
Definition at line 244 of file network_crypto.cpp.
References FormatArrayAsHex(), and peer_public_key.
Referenced by X25519KeyExchangeOnlyServerHandler::GetPeerPublicKey(), X25519PAKEServerHandler::GetPeerPublicKey(), and X25519AuthorizedKeyServerHandler::GetPeerPublicKey().
|
protected |
Receive the initial nonce for the encrypted connection.
p | The packet to read the data from. |
true
when enough bytes could be read for the nonce, otherwise false
. Definition at line 263 of file network_crypto.cpp.
References encryption_nonce, and Packet::Recv_bytes().
Referenced by X25519KeyExchangeOnlyClientHandler::ReceiveEnableEncryption(), X25519PAKEClientHandler::ReceiveEnableEncryption(), and X25519AuthorizedKeyClientHandler::ReceiveEnableEncryption().
|
protected |
Read the key exchange data from a Packet
that came from the server,.
p | The packet that has been received. |
Definition at line 201 of file network_crypto.cpp.
References Debug, key_exchange_nonce, peer_public_key, Packet::Recv_bytes(), Packet::RemainingBytesToTransfer(), X25519_KEY_SIZE, and X25519_NONCE_SIZE.
Referenced by X25519KeyExchangeOnlyClientHandler::ReceiveRequest(), X25519PAKEClientHandler::ReceiveRequest(), and X25519AuthorizedKeyClientHandler::ReceiveRequest().
|
protected |
Read the key exchange data from a Packet
that came from the client, and check whether the client passes the key exchange successfully.
p | The packet that has been received. |
derived_key_extra_payload | The extra payload to pass to the key exchange. |
Definition at line 285 of file network_crypto.cpp.
References NetworkAuthenticationServerHandler::AUTHENTICATED, Debug, derived_keys, X25519DerivedKeys::Exchange(), NetworkAuthenticationServerHandler::NOT_AUTHENTICATED, peer_public_key, Packet::Recv_bytes(), Packet::RemainingBytesToTransfer(), SERVER, X25519_KEY_EXCHANGE_MESSAGE_SIZE, X25519_KEY_SIZE, and X25519_MAC_SIZE.
Referenced by X25519KeyExchangeOnlyServerHandler::ReceiveResponse(), X25519PAKEServerHandler::ReceiveResponse(), and X25519AuthorizedKeyServerHandler::ReceiveResponse().
|
protected |
Send the initial nonce for the encrypted connection.
p | The packet to send the data in. |
Definition at line 253 of file network_crypto.cpp.
References encryption_nonce, and Packet::Send_bytes().
Referenced by X25519KeyExchangeOnlyServerHandler::SendEnableEncryption(), X25519PAKEServerHandler::SendEnableEncryption(), and X25519AuthorizedKeyServerHandler::SendEnableEncryption().
|
protected |
Definition at line 190 of file network_crypto.cpp.
|
protected |
Perform the key exchange, and when that is correct fill the Packet
with the appropriate data.
p | The packet that has to be sent. |
derived_key_extra_payload | The extra payload to pass to the key exchange. |
Definition at line 219 of file network_crypto.cpp.
References CLIENT, Debug, derived_keys, X25519DerivedKeys::Exchange(), our_public_key, RandomBytesWithFallback(), and Packet::Send_bytes().
Referenced by X25519KeyExchangeOnlyClientHandler::SendResponse(), X25519PAKEClientHandler::SendResponse(), and X25519AuthorizedKeyClientHandler::SendResponse().
|
private |
Keys derived from the authentication process.
Definition at line 109 of file network_crypto_internal.h.
Referenced by ReceiveResponse(), and SendResponse().
|
private |
The nonce to prevent replay attacks the encrypted connection.
Definition at line 112 of file network_crypto_internal.h.
Referenced by ReceiveEnableEncryption(), and SendEnableEncryption().
|
private |
The nonce to prevent replay attacks of the key exchange.
Definition at line 108 of file network_crypto_internal.h.
Referenced by ReceiveRequest().
|
private |
The public key used by us.
Definition at line 107 of file network_crypto_internal.h.
Referenced by SendResponse().
|
private |
The secret key used by us.
Definition at line 106 of file network_crypto_internal.h.
|
private |
The public key used by our peer.
Definition at line 110 of file network_crypto_internal.h.
Referenced by GetPeerPublicKey(), ReceiveRequest(), X25519AuthorizedKeyServerHandler::ReceiveResponse(), and ReceiveResponse().