more cleanup

2026-01-16 17:35:04 +01:00 · 2024-08-10 17:42:49 +02:00 · 2024-08-10 17:42:49 +02:00 · 553f261396
commit 553f261396
parent 08d28a152f
2 changed files with 77 additions and 62 deletions
--- a/ssh-transport/src/keys.rs
+++ b/ssh-transport/src/keys.rs
@ -1,7 +1,4 @@
-use chacha20poly1305::{
-    aead::{Aead, AeadCore},
-    ChaCha20Poly1305, KeyInit,
-};
+use chacha20poly1305::{ChaCha20Poly1305, KeyInit};
 use sha2::Digest;

 use crate::Result;
@ -12,15 +9,26 @@ pub(crate) struct Session {
    encryption_key_server_to_client: SshChaCha20Poly1305,
 }

+pub(crate) trait Decryptor: Send + Sync + 'static {
+    fn decrypt_len(&mut self, bytes: &mut [u8; 4], packet_number: u64);
+    fn decrypt_packet(&mut self, bytes: &mut [u8], packet_number: u64);
+    fn rekey(&mut self, h: [u8; 32], k: [u8; 32]) -> Result<(), ()>;
+}
+
+pub(crate) struct Plaintext;
+impl Decryptor for Plaintext {
+    fn decrypt_len(&mut self, _: &mut [u8; 4], _: u64) {}
+    fn decrypt_packet(&mut self, _: &mut [u8], _: u64) {}
+    fn rekey(&mut self, _: [u8; 32], _: [u8; 32]) -> Result<(), ()> {
+        Err(())
+    }
+}
+
 impl Session {
    pub(crate) fn new(h: [u8; 32], k: [u8; 32]) -> Self {
        Self::from_keys(h, h, k)
    }

-    pub(crate) fn rekey(&mut self, h: [u8; 32], k: [u8; 32]) {
-        *self = Self::from_keys(self.session_id, h, k);
-    }
-
    /// <https://datatracker.ietf.org/doc/html/rfc4253#section-7.2>
    fn from_keys(session_id: [u8; 32], h: [u8; 32], k: [u8; 32]) -> Self {
        let encryption_key_client_to_server =
@ -38,11 +46,22 @@ impl Session {
            // integrity_key_server_to_client: derive("F").into(),
        }
    }
+}

-    pub(crate) fn decrypt_len(&mut self, bytes: &mut [u8], packet_number: u64) {
+impl Decryptor for Session {
+    fn decrypt_len(&mut self, bytes: &mut [u8; 4], packet_number: u64) {
        self.encryption_key_client_to_server
            .decrypt_len(bytes, packet_number);
    }
+
+    fn decrypt_packet(&mut self, bytes: &mut [u8], packet_number: u64) {
+        self.encryption_key_client_to_server.decrypt_packet(bytes, packet_number);
+    }
+
+    fn rekey(&mut self, h: [u8; 32], k: [u8; 32]) -> Result<(), ()> {
+        *self = Self::from_keys(self.session_id, h, k);
+        Ok(())
+    }
 }

 /// Derive a key from the shared secret K and exchange hash H.
@ -68,7 +87,6 @@ fn derive_key<const KEY_LEN: usize>(
        }
        hash.update(&output[..(i * sha2len)]);

-
        output[(i * sha2len)..][..sha2len].copy_from_slice(&hash.finalize())
    }

@ -112,4 +130,8 @@ impl SshChaCha20Poly1305 {
            SshChaCha20::new(&self.header_key.into(), &packet_number.to_be_bytes().into());
        cipher.apply_keystream(bytes);
    }
+
+    fn decrypt_packet(&mut self, bytes: &mut [u8], packet_number: u64) {
+        todo!()
+    }
 }