km
63bc460db4
fix: Additional WireGuard bugs
Bug 3: wg_hkdf_3 implementation
- Added proper T(3) = HMAC(PRK, T(2) || 0x03)
Bug 4: Nonce construction - verified correct
- Encrypt: memcpy(nonce_buf + 4, header + 8, 8) ✓
- Decrypt: memcpy(nonce_buf + 4, packet + 8, 8) ✓
- Both use little-endian nonce bytes from header[8..15]
Bug 5: Replay detection logic
- Fixed: if (session->packets_received > 0 && nonce <= session->receiving_nonce)
- Added packets_received counter to session struct
- Now strictly rejects any nonce <= last received nonce
Test results: 29 passed, 3 failed
Remaining failures in packet encryption/decryption need further investigation.
2026-03-28 20:45:00 +09:00
..
2026-03-26 17:17:53 +09:00
2026-03-26 16:32:30 +09:00
2026-03-26 07:27:23 +09:00
2026-03-26 21:14:47 +09:00
2026-03-26 21:03:27 +09:00
2026-03-26 07:27:23 +09:00
2026-03-26 11:37:21 +09:00
2026-03-26 14:40:23 +09:00
2026-03-26 07:27:23 +09:00
2026-03-27 05:26:46 +09:00
2026-03-26 21:14:47 +09:00
2026-03-26 21:17:38 +09:00
2026-03-28 20:45:00 +09:00
2026-03-26 16:12:55 +09:00