Add replay attack protection #211
Conversation
|
CI failure on WASM will be fixed by #210. |
Codecov Report
@@ Coverage Diff @@
## master #211 +/- ##
==========================================
- Coverage 77.17% 76.86% -0.31%
==========================================
Files 73 75 +2
Lines 3965 4055 +90
==========================================
+ Hits 3060 3117 +57
- Misses 615 633 +18
- Partials 290 305 +15
Continue to review full report at Codecov.
|
conn.go
Outdated
|
|
||
| mtu := config.MTU | ||
| if mtu <= 0 { | ||
| mtu = defaultMTU | ||
| } | ||
|
|
||
| replayProtectionWindow := config.ReplayProtectionWindow | ||
| if replayProtectionWindow <= 0 { | ||
| replayProtectionWindow = 64 |
There was a problem hiding this comment.
Mind making the 64 a const? Just so people can easily find.
conn.go
Outdated
| if isClient { | ||
| loggerName = "dtls client" | ||
| } | ||
| logger := loggerFactory.NewLogger(loggerName) |
There was a problem hiding this comment.
I don't have a problem letting people pass this in, but probably shouldn't make this change now! People collect logs off of dtls right now, so would break them.
There was a problem hiding this comment.
I'll just revert log related changes. I added this to check trace on CI as it is very hard to see the trace log, but it is not needed in usual applications.
conn.go
Outdated
| replaydetector.New(c.replayProtectionWindow, maxSequenceNumber), | ||
| ) | ||
| } | ||
| accept, ok := c.state.replayDetector[int(h.epoch)].Check(h.sequenceNumber) |
There was a problem hiding this comment.
mind renaming accept so it makes it more clear it is accepting it for the replayDetector? All the calls to accept below might confuse people who aren't familiar.
| input []uint64 | ||
| expected []uint64 | ||
| }{ | ||
| "Continuous": {16, 0x0000FFFFFFFFFFFF, |
There was a problem hiding this comment.
Is it worth adding a test for the window being moved forward by a large jump (and then old stuff should be ignored)?
If the received record falls within the window and is new, or if the
packet is to the right of the window, then the receiver proceeds to
MAC verification. If the MAC validation fails, the receiver MUST
discard the received record as invalid. The receive window is
updated only if the MAC verification succeeds.
| return func() {}, false | ||
| } | ||
| if seq > d.latestSeq { | ||
| // Update the head of the window. |
There was a problem hiding this comment.
Window shift must be done after validation.
| shift := seq - d.latestSeq | ||
| for i := len(d.mask) - 1; i > 0; i-- { | ||
| d.mask[i] <<= shift | ||
| d.mask[i] |= d.mask[i-1] >> (64 - shift) |
There was a problem hiding this comment.
This loose some bits if window size is larger than 128 and window shift is larger than 64.
at-wat
force-pushed
the
add-replay-protection
branch
from
7432d82 to
7046799
Compare
|
Addressed review feedbacks and rebased. |
Implements RFC 6347 Section 4.1.2.6. Set config.ReplayProtectionWindow to change the size of the protection window. Default is 64.
at-wat
force-pushed
the
add-replay-protection
branch
from
7046799 to
0852438
Compare
|
rebased |
Implements RFC 6347 Section 4.1.2.6.
Set
config.ReplayProtectionWindowto change the size of the protection window.Default is 64.
Reference issue
Fixes #146