mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-07-04 17:23:54 +02:00
don't verify signature of Datagram1 if comes from ECIESx25519 session
Some checks are pending
Build Debian packages / bookworm (push) Waiting to run
Build Debian packages / bullseye (push) Waiting to run
Build Debian packages / buster (push) Waiting to run
Build on FreeBSD / with UPnP (push) Waiting to run
Build on OSX / With USE_UPNP=no (push) Waiting to run
Build on OSX / With USE_UPNP=yes (push) Waiting to run
Build on Windows / clang-x86_64 (push) Waiting to run
Build on Windows / i686 (push) Waiting to run
Build on Windows / ucrt-x86_64 (push) Waiting to run
Build on Windows / x86_64 (push) Waiting to run
Build on Windows / CMake clang-x86_64 (push) Waiting to run
Build on Windows / CMake i686 (push) Waiting to run
Build on Windows / CMake ucrt-x86_64 (push) Waiting to run
Build on Windows / CMake x86_64 (push) Waiting to run
Build on Windows / XP (push) Waiting to run
Build on Ubuntu / Make with USE_UPNP=no (push) Waiting to run
Build on Ubuntu / Make with USE_UPNP=yes (push) Waiting to run
Build on Ubuntu / CMake with -DWITH_UPNP=OFF (push) Waiting to run
Build on Ubuntu / CMake with -DWITH_UPNP=ON (push) Waiting to run
Build containers / Building container for linux/amd64 (push) Waiting to run
Build containers / Building container for linux/arm64 (push) Waiting to run
Build containers / Building container for linux/arm/v7 (push) Waiting to run
Build containers / Building container for linux/386 (push) Waiting to run
Build containers / Pushing merged manifest (push) Blocked by required conditions
Some checks are pending
Build Debian packages / bookworm (push) Waiting to run
Build Debian packages / bullseye (push) Waiting to run
Build Debian packages / buster (push) Waiting to run
Build on FreeBSD / with UPnP (push) Waiting to run
Build on OSX / With USE_UPNP=no (push) Waiting to run
Build on OSX / With USE_UPNP=yes (push) Waiting to run
Build on Windows / clang-x86_64 (push) Waiting to run
Build on Windows / i686 (push) Waiting to run
Build on Windows / ucrt-x86_64 (push) Waiting to run
Build on Windows / x86_64 (push) Waiting to run
Build on Windows / CMake clang-x86_64 (push) Waiting to run
Build on Windows / CMake i686 (push) Waiting to run
Build on Windows / CMake ucrt-x86_64 (push) Waiting to run
Build on Windows / CMake x86_64 (push) Waiting to run
Build on Windows / XP (push) Waiting to run
Build on Ubuntu / Make with USE_UPNP=no (push) Waiting to run
Build on Ubuntu / Make with USE_UPNP=yes (push) Waiting to run
Build on Ubuntu / CMake with -DWITH_UPNP=OFF (push) Waiting to run
Build on Ubuntu / CMake with -DWITH_UPNP=ON (push) Waiting to run
Build containers / Building container for linux/amd64 (push) Waiting to run
Build containers / Building container for linux/arm64 (push) Waiting to run
Build containers / Building container for linux/arm/v7 (push) Waiting to run
Build containers / Building container for linux/386 (push) Waiting to run
Build containers / Pushing merged manifest (push) Blocked by required conditions
This commit is contained in:
orignal
parent
a5631bd1b5
commit
1a6051e79b
2 changed files with 35 additions and 10 deletions
|
|
@ -95,26 +95,50 @@ namespace datagram
|
|||
session->FlushSendQueue ();
|
||||
}
|
||||
|
||||
void DatagramDestination::HandleDatagram (uint16_t fromPort, uint16_t toPort,uint8_t * const &buf, size_t len)
|
||||
void DatagramDestination::HandleDatagram (uint16_t fromPort, uint16_t toPort,
|
||||
const uint8_t * buf, size_t len, i2p::garlic::ECIESX25519AEADRatchetSession * from)
|
||||
{
|
||||
i2p::data::IdentityEx identity;
|
||||
size_t identityLen = identity.FromBuffer (buf, len);
|
||||
if (!identityLen) return;
|
||||
const uint8_t * signature = buf + identityLen;
|
||||
size_t headerLen = identityLen + identity.GetSignatureLen ();
|
||||
|
||||
std::shared_ptr<i2p::data::LeaseSet> ls;
|
||||
bool verified = false;
|
||||
if (identity.GetSigningKeyType () == i2p::data::SIGNING_KEY_TYPE_DSA_SHA1)
|
||||
if (from)
|
||||
{
|
||||
uint8_t hash[32];
|
||||
SHA256(buf + headerLen, len - headerLen, hash);
|
||||
verified = identity.Verify (hash, 32, signature);
|
||||
}
|
||||
else
|
||||
verified = identity.Verify (buf + headerLen, len - headerLen, signature);
|
||||
ls = m_Owner->FindLeaseSet (identity.GetIdentHash ());
|
||||
if (ls)
|
||||
{
|
||||
uint8_t staticKey[32];
|
||||
ls->Encrypt (nullptr, staticKey);
|
||||
if (!memcmp (from->GetRemoteStaticKey (), staticKey, 32))
|
||||
verified = true;
|
||||
else
|
||||
{
|
||||
LogPrint (eLogError, "Datagram: Remote LeaseSet static key mismatch for datagram from ",
|
||||
identity.GetIdentHash ().ToBase32 ());
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!verified)
|
||||
{
|
||||
if (identity.GetSigningKeyType () == i2p::data::SIGNING_KEY_TYPE_DSA_SHA1)
|
||||
{
|
||||
uint8_t hash[32];
|
||||
SHA256(buf + headerLen, len - headerLen, hash);
|
||||
verified = identity.Verify (hash, 32, signature);
|
||||
}
|
||||
else
|
||||
verified = identity.Verify (buf + headerLen, len - headerLen, signature);
|
||||
}
|
||||
|
||||
if (verified)
|
||||
{
|
||||
auto session = ObtainSession (identity.GetIdentHash());
|
||||
if (ls) session->SetRemoteLeaseSet (ls);
|
||||
session->Ack();
|
||||
auto r = FindReceiver(toPort);
|
||||
if(r)
|
||||
|
|
@ -270,7 +294,7 @@ namespace datagram
|
|||
HandleDatagram3 (fromPort, toPort, uncompressed, uncompressedLen, from);
|
||||
break;
|
||||
case i2p::client::PROTOCOL_TYPE_DATAGRAM:
|
||||
HandleDatagram (fromPort, toPort, uncompressed, uncompressedLen);
|
||||
HandleDatagram (fromPort, toPort, uncompressed, uncompressedLen, from);
|
||||
break;
|
||||
case i2p::client::PROTOCOL_TYPE_DATAGRAM2:
|
||||
// TODO:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue