diff options
author | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2017-07-10 12:09:19 +0200 |
---|---|---|
committer | Mathias Hall-Andersen <mathias@hall-andersen.dk> | 2017-07-10 12:09:19 +0200 |
commit | 44c98968838e1724d1ee77f086c4498f2a3f7643 (patch) | |
tree | a3820a9366025b634158c68e9711a2d241d87afa /src/noise_protocol.go | |
parent | 4ad62aaa6aa269f08c0fdc9c139e6d5417e21746 (diff) | |
download | wireguard-go-44c98968838e1724d1ee77f086c4498f2a3f7643.tar.gz wireguard-go-44c98968838e1724d1ee77f086c4498f2a3f7643.zip |
Added replay protection
Diffstat (limited to 'src/noise_protocol.go')
-rw-r--r-- | src/noise_protocol.go | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/noise_protocol.go b/src/noise_protocol.go index a90fe4c..bfa3797 100644 --- a/src/noise_protocol.go +++ b/src/noise_protocol.go @@ -415,6 +415,9 @@ func (device *Device) ConsumeMessageResponse(msg *MessageResponse) *Peer { return lookup.peer } +/* Derives a new key-pair from the current handshake state + * + */ func (peer *Peer) NewKeyPair() *KeyPair { handshake := &peer.handshake handshake.mutex.Lock() @@ -445,10 +448,11 @@ func (peer *Peer) NewKeyPair() *KeyPair { // create AEAD instances keyPair := new(KeyPair) + keyPair.created = time.Now() keyPair.send, _ = chacha20poly1305.New(sendKey[:]) keyPair.receive, _ = chacha20poly1305.New(recvKey[:]) keyPair.sendNonce = 0 - keyPair.created = time.Now() + keyPair.replayFilter.Init() keyPair.isInitiator = isInitiator keyPair.localIndex = peer.handshake.localIndex keyPair.remoteIndex = peer.handshake.remoteIndex @@ -462,8 +466,6 @@ func (peer *Peer) NewKeyPair() *KeyPair { }) handshake.localIndex = 0 - // TODO: start timer for keypair (clearing) - // rotate key pairs kp := &peer.keyPairs |