#51 send serialized data to properly MAC
This commit is contained in:
Mikayla Fischler
@@ -55,7 +55,7 @@ end
|
||||
---@nodiscard
|
||||
---@param message string initial value concatenated with ciphertext
|
||||
local function compute_hmac(message)
|
||||
local start = util.time_ms()
|
||||
-- local start = util.time_ms()
|
||||
|
||||
c_eng.hmac.init()
|
||||
c_eng.hmac.update(stream.fromString(message))
|
||||
@@ -63,7 +63,7 @@ local function compute_hmac(message)
|
||||
|
||||
local hash = c_eng.hmac.asHex()
|
||||
|
||||
log.debug("compute_hmac(): hmac-md5 = " .. util.strval(hash) .. " (took " .. (util.time_ms() - start) .. "ms)")
|
||||
-- log.debug("compute_hmac(): hmac-md5 = " .. util.strval(hash) .. " (took " .. (util.time_ms() - start) .. "ms)")
|
||||
|
||||
return hash
|
||||
end
|
||||
@@ -166,20 +166,22 @@ function network.nic(modem)
|
||||
-- send a packet, with message authentication if configured
|
||||
---@param dest_channel integer destination channel
|
||||
---@param local_channel integer local channel
|
||||
---@param packet scada_packet packet raw_sendable
|
||||
---@param packet scada_packet packet
|
||||
function public.transmit(dest_channel, local_channel, packet)
|
||||
if self.connected then
|
||||
local tx_packet = packet ---@type authd_packet|scada_packet
|
||||
|
||||
if c_eng.hmac ~= nil then
|
||||
local start = util.time_ms()
|
||||
local message = textutils.serialize(packet.raw_verifiable(), { allow_repetitions = true, compact = true })
|
||||
local computed_hmac = compute_hmac(message)
|
||||
-- local start = util.time_ms()
|
||||
tx_packet = comms.authd_packet()
|
||||
|
||||
packet.set_mac(computed_hmac)
|
||||
---@cast tx_packet authd_packet
|
||||
tx_packet.make(packet, compute_hmac)
|
||||
|
||||
log.debug("crypto.modem.transmit: data processing took " .. (util.time_ms() - start) .. "ms")
|
||||
-- log.debug("crypto.modem.transmit: data processing took " .. (util.time_ms() - start) .. "ms")
|
||||
end
|
||||
|
||||
modem.transmit(dest_channel, local_channel, packet.raw_sendable())
|
||||
modem.transmit(dest_channel, local_channel, tx_packet.raw_sendable())
|
||||
end
|
||||
end
|
||||
|
||||
@@ -197,25 +199,30 @@ function network.nic(modem)
|
||||
if self.connected then
|
||||
local s_packet = comms.scada_packet()
|
||||
|
||||
-- parse packet as generic SCADA packet
|
||||
s_packet.receive(side, sender, reply_to, message, distance)
|
||||
if c_eng.hmac ~= nil then
|
||||
-- parse packet as an authenticated SCADA packet
|
||||
local a_packet = comms.authd_packet()
|
||||
a_packet.receive(side, sender, reply_to, message, distance)
|
||||
|
||||
if s_packet.is_valid() then
|
||||
if c_eng.hmac ~= nil then
|
||||
local start = util.time_ms()
|
||||
local packet_hmac = s_packet.mac()
|
||||
local computed_hmac = compute_hmac(textutils.serialize(s_packet.raw_verifiable(), { allow_repetitions = true, compact = true }))
|
||||
if a_packet.is_valid() then
|
||||
-- local start = util.time_ms()
|
||||
local packet_hmac = a_packet.mac()
|
||||
local msg = a_packet.data()
|
||||
local computed_hmac = compute_hmac(msg)
|
||||
|
||||
if packet_hmac == computed_hmac then
|
||||
log.debug("crypto.modem.receive: HMAC verified in " .. (util.time_ms() - start) .. "ms")
|
||||
packet = s_packet
|
||||
-- log.debug("crypto.modem.receive: HMAC verified in " .. (util.time_ms() - start) .. "ms")
|
||||
s_packet.receive(side, sender, reply_to, textutils.unserialize(msg), distance)
|
||||
else
|
||||
log.debug("crypto.modem.receive: HMAC failed verification in " .. (util.time_ms() - start) .. "ms")
|
||||
-- log.debug("crypto.modem.receive: HMAC failed verification in " .. (util.time_ms() - start) .. "ms")
|
||||
end
|
||||
else
|
||||
packet = s_packet
|
||||
end
|
||||
else
|
||||
-- parse packet as a generic SCADA packet
|
||||
s_packet.receive(side, sender, reply_to, message, distance)
|
||||
end
|
||||
|
||||
if s_packet.is_valid() then packet = s_packet end
|
||||
end
|
||||
|
||||
return packet
|
||||
|
||||
Reference in New Issue
Block a user