jfinn
/
ljm_j1
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
瀏覽代碼

e2ee: sync key ring size and packet format 

this uses the full four bits in the wire format. The wire format
looses the (currently not implemented) extensibility with variable
length keys.
dev1
Philipp Hancke 5 年之前
父節點
f1a62f7cb9
當前提交
00c8cfad98
共有 2 個文件被更改,包括 6 次插入5 次删除
分割檢視 顯示文件統計
  1. 1
    1
      doc/e2ee.md
  2. 5
    4
      modules/e2ee/Context.js

+ 1
- 1
doc/e2ee.md 查看文件 

@@ -26,7 +26,7 @@ At a high level the encrypted frame format looks like this:
26 26 
    +^+-------------------------------------------------------+ +
27 27 
    | |                 Authentication Tag                    | |
28 28 
    | +---------------------------------------+-+-+-+-+-+-+-+-+ |
29 
-   | |    CTR... (length=LEN + 1)            |S|LEN  |0| KID | |
29 
+   | |    CTR... (length=LEN + 1)            |S|LEN  |KID    | |
30 30 
    | +---------------------------------------+-+-+-+-+-+-+-+-+^|
31 31 
    |                                                           |
32 32 
    +----+Encrypted Portion            Authenticated Portion+---+

+ 5
- 4
modules/e2ee/Context.js 查看文件 

@@ -5,8 +5,9 @@ import { deriveKeys, importKey, ratchet } from './crypto-utils';
5 5 
 import { isArrayEqual } from './utils';
6 6
7 7 
 // We use a ringbuffer of keys so we can change them and still decode packets that were
8 
-// encrypted with an old key.
9 
-const keyRingSize = 3;
8 
+// encrypted with an old key. We use a size of 16 which corresponds to the four bits
9 
+// in the frame trailer.
10 
+const keyRingSize = 16;
10 11
11 12 
 // We copy the first bytes of the VP8 payload unencrypted.
12 13 
 // For keyframes this is 10 bytes, for non-keyframes (delta) 3. See
 
@@ -129,7 +130,7 @@ export class Context {
129 130 
             // but we put it at the end.
130 131 
             //                                             0 1 2 3 4 5 6 7
131 132 
             // ---------+---------------------------------+-+-+-+-+-+-+-+-+
132 
-            // payload  |    CTR... (length=LEN)          |S|LEN  |0| KID |
133 
+            // payload  |    CTR... (length=LEN)          |S|LEN  |KID    |
133 134 
             // ---------+---------------------------------+-+-+-+-+-+-+-+-+
134 135 
             const counter = new Uint8Array(16);
135 136 
             const counterView = new DataView(counter.buffer);
 
@@ -210,7 +211,7 @@ export class Context {
210 211 
      */
211 212 
     async decodeFunction(encodedFrame, controller) {
212 213 
         const data = new Uint8Array(encodedFrame.data);
213 
-        const keyIndex = data[encodedFrame.data.byteLength - 1] & 0x7;
214 
+        const keyIndex = data[encodedFrame.data.byteLength - 1] & 0xf; // lower four bits.
214 215
215 216 
         if (this._cryptoKeyRing[keyIndex]) {
216 217 
             const counterLength = 1 + ((data[encodedFrame.data.byteLength - 1] >> 4) & 0x7);

Write Preview
Loading…
取消
儲存