diff --git a/Cargo.lock b/Cargo.lock index 804e41f..524f40d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1367,7 +1367,6 @@ dependencies = [ "hex", "libc", "rand_core", - "subtle", "wgctrl-sys", ] diff --git a/server/src/main.rs b/server/src/main.rs index febd965..0eed0e0 100644 --- a/server/src/main.rs +++ b/server/src/main.rs @@ -615,7 +615,7 @@ fn get_session( .ok_or(ServerError::Unauthorized)?; let pubkey = pubkey.to_str().map_err(|_| ServerError::Unauthorized)?; let pubkey = Key::from_base64(pubkey).map_err(|_| ServerError::Unauthorized)?; - if pubkey.ct_eq(&context.public_key).into() { + if pubkey.as_bytes().ct_eq(&context.public_key.as_bytes()).into() { let peer = DatabasePeer::get_from_ip(&context.db.lock(), addr).map_err(|e| match e { rusqlite::Error::QueryReturnedNoRows => ServerError::Unauthorized, e => ServerError::Database(e), diff --git a/wgctrl-rs/Cargo.toml b/wgctrl-rs/Cargo.toml index 57a7316..ebc495f 100644 --- a/wgctrl-rs/Cargo.toml +++ b/wgctrl-rs/Cargo.toml @@ -19,5 +19,4 @@ wgctrl-sys = { path = "../wgctrl-sys" } [target.'cfg(not(target_os = "linux"))'.dependencies] rand_core = "0.6" -subtle = "2" curve25519-dalek = "4.0.0-pre.1" diff --git a/wgctrl-rs/src/backends/kernel.rs b/wgctrl-rs/src/backends/kernel.rs index 9258bb4..a2f6ed2 100644 --- a/wgctrl-rs/src/backends/kernel.rs +++ b/wgctrl-rs/src/backends/kernel.rs @@ -468,9 +468,8 @@ impl Key { Self(wgctrl_sys::wg_key::default()) } - /// Checks if this key is all-zero. - pub fn is_zero(&self) -> bool { - unsafe { wgctrl_sys::wg_key_is_zero(&self.0 as *const u8 as *mut u8) } + pub fn as_bytes(&self) -> &[u8] { + &self.0 } /// Converts the key to a standardized base64 representation, as used by the `wg` utility and `wg-quick`. diff --git a/wgctrl-rs/src/backends/userspace.rs b/wgctrl-rs/src/backends/userspace.rs index fa4d254..e921e01 100644 --- a/wgctrl-rs/src/backends/userspace.rs +++ b/wgctrl-rs/src/backends/userspace.rs @@ -1,6 +1,3 @@ -use curve25519_dalek::scalar::Scalar; -use subtle::ConstantTimeEq; - use crate::{Backend, Device, DeviceUpdate, InterfaceName, PeerConfig, PeerInfo, PeerStats}; #[cfg(target_os = "linux")] @@ -395,12 +392,6 @@ pub fn apply(builder: &DeviceUpdate, iface: &InterfaceName) -> io::Result<()> { #[derive(PartialEq, Eq, Clone)] pub struct Key([u8; 32]); -impl ConstantTimeEq for Key { - fn ct_eq(&self, other: &Self) -> subtle::Choice { - self.0.ct_eq(&other.0).into() - } -} - #[cfg(not(target_os = "linux"))] impl Key { /// Generates and returns a new private key. @@ -428,6 +419,8 @@ impl Key { /// Generates a public key for this private key. pub fn generate_public(&self) -> Self { + use curve25519_dalek::scalar::Scalar; + use curve25519_dalek::constants::ED25519_BASEPOINT_TABLE; // https://github.com/dalek-cryptography/x25519-dalek/blob/1c39ff92e0dfc0b24aa02d694f26f3b9539322a5/src/x25519.rs#L150 @@ -441,9 +434,8 @@ impl Key { Self([0u8; 32]) } - /// Checks if this key is all-zero. - pub fn is_zero(&self) -> bool { - self.ct_eq(&Self::zero()).into() + pub fn as_bytes(&self) -> &[u8] { + &self.0 } /// Converts the key to a standardized base64 representation, as used by the `wg` utility and `wg-quick`. @@ -496,22 +488,22 @@ mod test { #[test] fn test_rng_sanity_private() { let first = Key::generate_private(); - assert!(!first.is_zero()); + assert!(first.as_bytes() != &[0u8; 32]); for _ in 0..100_000 { let key = Key::generate_private(); assert!(first != key); - assert!(!key.is_zero()); + assert!(key.as_bytes() != &[0u8; 32]); } } #[test] fn test_rng_sanity_preshared() { let first = Key::generate_preshared(); - assert!(!first.is_zero()); + assert!(first.as_bytes() != &[0u8; 32]); for _ in 0..100_000 { let key = Key::generate_preshared(); assert!(first != key); - assert!(!key.is_zero()); + assert!(key.as_bytes() != &[0u8; 32]); } } } \ No newline at end of file diff --git a/wgctrl-rs/src/key.rs b/wgctrl-rs/src/key.rs index 99a606d..d8c707d 100644 --- a/wgctrl-rs/src/key.rs +++ b/wgctrl-rs/src/key.rs @@ -73,11 +73,8 @@ mod tests { fn test_key_zero() { use crate::key::Key; - let key = Key::zero(); - assert!(key.is_zero()); - let key = Key::generate_preshared(); - assert!(!key.is_zero()); + assert_ne!(key.as_bytes(), &[0u8; 32]); } #[test]