Pick cipher from PUSH_REPLY if present
This commit is contained in:
parent
31e694859f
commit
81eb18619d
|
@ -1000,20 +1000,23 @@ public class SessionProxy {
|
||||||
// Ruby: setup_keys
|
// Ruby: setup_keys
|
||||||
private func setupEncryption() {
|
private func setupEncryption() {
|
||||||
guard let auth = authenticator else {
|
guard let auth = authenticator else {
|
||||||
fatalError("Setting up keys without having authenticated")
|
fatalError("Setting up encryption without having authenticated")
|
||||||
}
|
}
|
||||||
guard let sessionId = sessionId else {
|
guard let sessionId = sessionId else {
|
||||||
fatalError("Setting up keys without a local sessionId")
|
fatalError("Setting up encryption without a local sessionId")
|
||||||
}
|
}
|
||||||
guard let remoteSessionId = remoteSessionId else {
|
guard let remoteSessionId = remoteSessionId else {
|
||||||
fatalError("Setting up keys without a remote sessionId")
|
fatalError("Setting up encryption without a remote sessionId")
|
||||||
}
|
}
|
||||||
guard let serverRandom1 = auth.serverRandom1, let serverRandom2 = auth.serverRandom2 else {
|
guard let serverRandom1 = auth.serverRandom1, let serverRandom2 = auth.serverRandom2 else {
|
||||||
fatalError("Setting up keys without server randoms")
|
fatalError("Setting up encryption without server randoms")
|
||||||
|
}
|
||||||
|
guard let pushReply = pushReply else {
|
||||||
|
fatalError("Setting up encryption without a former PUSH_REPLY")
|
||||||
}
|
}
|
||||||
|
|
||||||
if CoreConfiguration.logsSensitiveData {
|
if CoreConfiguration.logsSensitiveData {
|
||||||
log.debug("Setup keys from the following components:")
|
log.debug("Set up encryption from the following components:")
|
||||||
log.debug("\tpreMaster: \(auth.preMaster.toHex())")
|
log.debug("\tpreMaster: \(auth.preMaster.toHex())")
|
||||||
log.debug("\trandom1: \(auth.random1.toHex())")
|
log.debug("\trandom1: \(auth.random1.toHex())")
|
||||||
log.debug("\trandom2: \(auth.random2.toHex())")
|
log.debug("\trandom2: \(auth.random2.toHex())")
|
||||||
|
@ -1022,13 +1025,18 @@ public class SessionProxy {
|
||||||
log.debug("\tsessionId: \(sessionId.toHex())")
|
log.debug("\tsessionId: \(sessionId.toHex())")
|
||||||
log.debug("\tremoteSessionId: \(remoteSessionId.toHex())")
|
log.debug("\tremoteSessionId: \(remoteSessionId.toHex())")
|
||||||
} else {
|
} else {
|
||||||
log.debug("Setup keys")
|
log.debug("Set up encryption")
|
||||||
|
}
|
||||||
|
|
||||||
|
let pushedCipher = pushReply.cipher
|
||||||
|
if let negCipher = pushedCipher {
|
||||||
|
log.debug("Negotiated cipher: \(negCipher.rawValue)")
|
||||||
}
|
}
|
||||||
|
|
||||||
let bridge: EncryptionBridge
|
let bridge: EncryptionBridge
|
||||||
do {
|
do {
|
||||||
bridge = try EncryptionBridge(
|
bridge = try EncryptionBridge(
|
||||||
configuration.cipher,
|
pushedCipher ?? configuration.cipher,
|
||||||
configuration.digest,
|
configuration.digest,
|
||||||
auth,
|
auth,
|
||||||
sessionId,
|
sessionId,
|
||||||
|
@ -1042,7 +1050,7 @@ public class SessionProxy {
|
||||||
negotiationKey.dataPath = DataPath(
|
negotiationKey.dataPath = DataPath(
|
||||||
encrypter: bridge.encrypter(),
|
encrypter: bridge.encrypter(),
|
||||||
decrypter: bridge.decrypter(),
|
decrypter: bridge.decrypter(),
|
||||||
peerId: pushReply?.peerId ?? PacketPeerIdDisabled,
|
peerId: pushReply.peerId ?? PacketPeerIdDisabled,
|
||||||
compressionFraming: configuration.compressionFraming.native,
|
compressionFraming: configuration.compressionFraming.native,
|
||||||
maxPackets: link?.packetBufferSize ?? 200,
|
maxPackets: link?.packetBufferSize ?? 200,
|
||||||
usesReplayProtection: CoreConfiguration.usesReplayProtection
|
usesReplayProtection: CoreConfiguration.usesReplayProtection
|
||||||
|
|
Loading…
Reference in New Issue