X-Git-Url: http://git.xonotic.org/?a=blobdiff_plain;f=crypto.c;h=ef281462187b7bb9be90c2071c51f84d20330bfc;hb=02606e8045ed3c3df8d5e9337329d4915560766f;hp=4b9d3976ab29fbb9851b118f79dffc63405c9f3e;hpb=d6a349bd833ef9bdde7147cc195f050ce12d0889;p=xonotic%2Fdarkplaces.git

diff --git a/crypto.c b/crypto.c
index 4b9d3976..ef281462 100644
--- a/crypto.c
+++ b/crypto.c
@@ -782,7 +782,7 @@ static void Crypto_LoadKeys(void)
 						len2 = FP64_SIZE;
 						if(qd0_blind_id_fingerprint64_public_id(pubkeys[i], pubkeys_priv_fp64[i], &len2)) // keeps final NUL
 						{
-							Con_Printf("Loaded private ID key_%d.d0si for key_%d.d0pk (fingerprint: %s)\n", i, i, pubkeys_priv_fp64[i]);
+							Con_Printf("Loaded private ID key_%d.d0si for key_%d.d0pk (public key fingerprint: %s)\n", i, i, pubkeys_priv_fp64[i]);
 							pubkeys_havepriv[i] = true;
 							strlcat(crypto_idstring_buf, va(" %s@%s", pubkeys_priv_fp64[i], pubkeys_fp64[i]), sizeof(crypto_idstring_buf));
 						}
@@ -1043,7 +1043,7 @@ static void Crypto_KeyGen_Finished(int code, size_t length_received, unsigned ch
 	len2 = FP64_SIZE;
 	if(qd0_blind_id_fingerprint64_public_id(pubkeys[keygen_i], pubkeys_priv_fp64[keygen_i], &len2)) // keeps final NUL
 	{
-		Con_Printf("Received private ID key_%d.d0pk (fingerprint: %s)\n", keygen_i, pubkeys_priv_fp64[keygen_i]);
+		Con_Printf("Received private ID key_%d.d0pk (public key fingerprint: %s)\n", keygen_i, pubkeys_priv_fp64[keygen_i]);
 		pubkeys_havepriv[keygen_i] = true;
 		strlcat(crypto_idstring_buf, va(" %s@%s", pubkeys_priv_fp64[keygen_i], pubkeys_fp64[keygen_i]), sizeof(crypto_idstring_buf));
 		crypto_idstring = crypto_idstring_buf;
@@ -1185,7 +1185,7 @@ static void Crypto_Keys_f(void)
 		{
 			Con_Printf("%2d: public key key_%d.d0pk (fingerprint: %s)\n", i, i, pubkeys_fp64[i]);
 			if(pubkeys_havepriv[i])
-				Con_Printf("    private ID key_%d.d0si (fingerprint: %s)\n", i, pubkeys_priv_fp64[i]);
+				Con_Printf("    private ID key_%d.d0si (public key fingerprint: %s)\n", i, pubkeys_priv_fp64[i]);
 		}
 	}
 }
@@ -1309,9 +1309,14 @@ static void seacpy(unsigned char *key, const unsigned char *iv, unsigned char *d
 	}
 }
 
+// NOTE: we MUST avoid the following begins of the packet:
+//   1. 0xFF, 0xFF, 0xFF, 0xFF
+//   2. 0x80, 0x00, length/256, length%256
+// this luckily does NOT affect AES mode, where the first byte always is in the range from 0x00 to 0x0F
 const void *Crypto_EncryptPacket(crypto_t *crypto, const void *data_src, size_t len_src, void *data_dst, size_t *len_dst, size_t len)
 {
 	unsigned char h[32];
+	int i;
 	if(crypto->authenticated)
 	{
 		if(crypto->use_aes)
@@ -1346,6 +1351,15 @@ const void *Crypto_EncryptPacket(crypto_t *crypto, const void *data_src, size_t
 			*len_dst = len_src + 16;
 			memcpy(data_dst, h, 16);
 			memcpy(((unsigned char *) data_dst) + 16, (unsigned char *) data_src, len_src);
+
+			// handle the "avoid" conditions:
+			i = BuffBigLong((unsigned char *) data_dst);
+			if(
+				(i == (int)0xFFFFFFFF) // avoid QW control packet
+				||
+				(i == (int)0x80000000 + (int)*len_dst) // avoid NQ control packet
+			)
+				*(unsigned char *)data_dst ^= 0x80; // this will ALWAYS fix it
 		}
 		return data_dst;
 	}
@@ -1359,6 +1373,17 @@ const void *Crypto_EncryptPacket(crypto_t *crypto, const void *data_src, size_t
 const void *Crypto_DecryptPacket(crypto_t *crypto, const void *data_src, size_t len_src, void *data_dst, size_t *len_dst, size_t len)
 {
 	unsigned char h[32];
+	int i;
+
+	// silently handle non-crypto packets
+	i = BuffBigLong((unsigned char *) data_src);
+	if(
+		(i == (int)0xFFFFFFFF) // avoid QW control packet
+		||
+		(i == (int)0x80000000 + (int)len_src) // avoid NQ control packet
+	)
+		return NULL;
+
 	if(crypto->authenticated)
 	{
 		if(crypto->use_aes)
@@ -1413,11 +1438,31 @@ const void *Crypto_DecryptPacket(crypto_t *crypto, const void *data_src, size_t
 				Com_HexDumpToConsole((const unsigned char *) data_src, len_src);
 				return NULL;
 			}
+
 			if(memcmp((const unsigned char *) data_src, h, 16)) // ignore first byte, used for length
 			{
-				Con_Printf("HMAC mismatch\n");
-				Com_HexDumpToConsole((const unsigned char *) data_src, len_src);
-				return NULL;
+				// undo the "avoid conditions"
+				if(
+						(i == (int)0x7FFFFFFF) // avoided QW control packet
+						||
+						(i == (int)0x00000000 + (int)len_src) // avoided NQ control packet
+				  )
+				{
+					// do the avoidance on the hash too
+					h[0] ^= 0x80;
+					if(memcmp((const unsigned char *) data_src, h, 16)) // ignore first byte, used for length
+					{
+						Con_Printf("HMAC mismatch\n");
+						Com_HexDumpToConsole((const unsigned char *) data_src, len_src);
+						return NULL;
+					}
+				}
+				else
+				{
+					Con_Printf("HMAC mismatch\n");
+					Com_HexDumpToConsole((const unsigned char *) data_src, len_src);
+					return NULL;
+				}
 			}
 			return ((const unsigned char *) data_src) + 16; // no need to copy, so data_dst is not used
 		}