mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-01-22 21:37:17 +01:00
compressable crypto key and padding for routers and destination
This commit is contained in:
parent
01ea1854bc
commit
3d4d3ce80d
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2013-2020, The PurpleI2P Project
|
* Copyright (c) 2013-2022, The PurpleI2P Project
|
||||||
*
|
*
|
||||||
* This file is part of Purple i2pd project and licensed under BSD3
|
* This file is part of Purple i2pd project and licensed under BSD3
|
||||||
*
|
*
|
||||||
|
@ -49,13 +49,22 @@ namespace data
|
||||||
|
|
||||||
IdentityEx::IdentityEx(const uint8_t * publicKey, const uint8_t * signingKey, SigningKeyType type, CryptoKeyType cryptoType)
|
IdentityEx::IdentityEx(const uint8_t * publicKey, const uint8_t * signingKey, SigningKeyType type, CryptoKeyType cryptoType)
|
||||||
{
|
{
|
||||||
|
uint8_t randomPaddingBlock[32];
|
||||||
|
RAND_bytes (randomPaddingBlock, 32);
|
||||||
if (cryptoType == CRYPTO_KEY_TYPE_ECIES_X25519_AEAD)
|
if (cryptoType == CRYPTO_KEY_TYPE_ECIES_X25519_AEAD)
|
||||||
{
|
{
|
||||||
memcpy (m_StandardIdentity.publicKey, publicKey, 32);
|
memcpy (m_StandardIdentity.publicKey, publicKey ? publicKey : randomPaddingBlock, 32);
|
||||||
RAND_bytes (m_StandardIdentity.publicKey + 32, 224);
|
for (int i = 0; i < 7; i++) // 224 bytes
|
||||||
|
memcpy (m_StandardIdentity.publicKey + 32*i, randomPaddingBlock, 32);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
memcpy (m_StandardIdentity.publicKey, publicKey, 256);
|
{
|
||||||
|
if (publicKey)
|
||||||
|
memcpy (m_StandardIdentity.publicKey, publicKey, 256);
|
||||||
|
else
|
||||||
|
for (int i = 0; i < 8; i++) // 256 bytes
|
||||||
|
memcpy (m_StandardIdentity.publicKey + 32*i, randomPaddingBlock, 32);
|
||||||
|
}
|
||||||
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
|
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
|
||||||
{
|
{
|
||||||
size_t excessLen = 0;
|
size_t excessLen = 0;
|
||||||
|
@ -93,7 +102,8 @@ namespace data
|
||||||
case SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
case SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
||||||
{
|
{
|
||||||
size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32
|
size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32
|
||||||
RAND_bytes (m_StandardIdentity.signingKey, padding);
|
for (int i = 0; i < 3; i++) // 96 bytes
|
||||||
|
memcpy (m_StandardIdentity.signingKey + 32*i, randomPaddingBlock, 32);
|
||||||
memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH);
|
memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -695,7 +705,7 @@ namespace data
|
||||||
return nullptr;
|
return nullptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
PrivateKeys PrivateKeys::CreateRandomKeys (SigningKeyType type, CryptoKeyType cryptoType)
|
PrivateKeys PrivateKeys::CreateRandomKeys (SigningKeyType type, CryptoKeyType cryptoType, bool isDestination)
|
||||||
{
|
{
|
||||||
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
|
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
|
||||||
{
|
{
|
||||||
|
@ -705,9 +715,12 @@ namespace data
|
||||||
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey, signingPublicKey);
|
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey, signingPublicKey);
|
||||||
// encryption
|
// encryption
|
||||||
uint8_t publicKey[256];
|
uint8_t publicKey[256];
|
||||||
GenerateCryptoKeyPair (cryptoType, keys.m_PrivateKey, publicKey);
|
if (isDestination)
|
||||||
|
RAND_bytes (keys.m_PrivateKey, 256);
|
||||||
|
else
|
||||||
|
GenerateCryptoKeyPair (cryptoType, keys.m_PrivateKey, publicKey);
|
||||||
// identity
|
// identity
|
||||||
keys.m_Public = std::make_shared<IdentityEx> (publicKey, signingPublicKey, type, cryptoType);
|
keys.m_Public = std::make_shared<IdentityEx> (isDestination ? nullptr : publicKey, signingPublicKey, type, cryptoType);
|
||||||
|
|
||||||
keys.CreateSigner ();
|
keys.CreateSigner ();
|
||||||
return keys;
|
return keys;
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2013-2021, The PurpleI2P Project
|
* Copyright (c) 2013-2022, The PurpleI2P Project
|
||||||
*
|
*
|
||||||
* This file is part of Purple i2pd project and licensed under BSD3
|
* This file is part of Purple i2pd project and licensed under BSD3
|
||||||
*
|
*
|
||||||
|
@ -171,7 +171,7 @@ namespace data
|
||||||
std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> CreateDecryptor (const uint8_t * key) const;
|
std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> CreateDecryptor (const uint8_t * key) const;
|
||||||
|
|
||||||
static std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> CreateDecryptor (CryptoKeyType cryptoType, const uint8_t * key);
|
static std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> CreateDecryptor (CryptoKeyType cryptoType, const uint8_t * key);
|
||||||
static PrivateKeys CreateRandomKeys (SigningKeyType type = SIGNING_KEY_TYPE_DSA_SHA1, CryptoKeyType cryptoType = CRYPTO_KEY_TYPE_ELGAMAL);
|
static PrivateKeys CreateRandomKeys (SigningKeyType type = SIGNING_KEY_TYPE_DSA_SHA1, CryptoKeyType cryptoType = CRYPTO_KEY_TYPE_ELGAMAL, bool isDestination = false);
|
||||||
static void GenerateSigningKeyPair (SigningKeyType type, uint8_t * priv, uint8_t * pub);
|
static void GenerateSigningKeyPair (SigningKeyType type, uint8_t * priv, uint8_t * pub);
|
||||||
static void GenerateCryptoKeyPair (CryptoKeyType type, uint8_t * priv, uint8_t * pub); // priv and pub are 256 bytes long
|
static void GenerateCryptoKeyPair (CryptoKeyType type, uint8_t * priv, uint8_t * pub); // priv and pub are 256 bytes long
|
||||||
static i2p::crypto::Signer * CreateSigner (SigningKeyType keyType, const uint8_t * priv);
|
static i2p::crypto::Signer * CreateSigner (SigningKeyType keyType, const uint8_t * priv);
|
||||||
|
|
|
@ -547,7 +547,7 @@ namespace client
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType);
|
m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType, true);
|
||||||
SendReplyOK (m_Keys.GetPublic ()->ToBase64 ().c_str ());
|
SendReplyOK (m_Keys.GetPublic ()->ToBase64 ().c_str ());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -261,7 +261,7 @@ namespace client
|
||||||
static const std::string transient("transient");
|
static const std::string transient("transient");
|
||||||
if (!filename.compare (0, transient.length (), transient)) // starts with transient
|
if (!filename.compare (0, transient.length (), transient)) // starts with transient
|
||||||
{
|
{
|
||||||
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
|
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
|
||||||
LogPrint (eLogInfo, "Clients: New transient keys address ", m_AddressBook.ToAddress(keys.GetPublic ()->GetIdentHash ()), " created");
|
LogPrint (eLogInfo, "Clients: New transient keys address ", m_AddressBook.ToAddress(keys.GetPublic ()->GetIdentHash ()), " created");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -288,7 +288,7 @@ namespace client
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
LogPrint (eLogError, "Clients: Can't open file ", fullPath, " Creating new one with signature type ", sigType, " crypto type ", cryptoType);
|
LogPrint (eLogError, "Clients: Can't open file ", fullPath, " Creating new one with signature type ", sigType, " crypto type ", cryptoType);
|
||||||
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
|
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
|
||||||
std::ofstream f (fullPath, std::ofstream::binary | std::ofstream::out);
|
std::ofstream f (fullPath, std::ofstream::binary | std::ofstream::out);
|
||||||
size_t len = keys.GetFullLen ();
|
size_t len = keys.GetFullLen ();
|
||||||
uint8_t * buf = new uint8_t[len];
|
uint8_t * buf = new uint8_t[len];
|
||||||
|
@ -328,7 +328,7 @@ namespace client
|
||||||
i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType,
|
i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType,
|
||||||
const std::map<std::string, std::string> * params)
|
const std::map<std::string, std::string> * params)
|
||||||
{
|
{
|
||||||
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
|
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
|
||||||
auto localDestination = std::make_shared<RunnableClientDestination> (keys, isPublic, params);
|
auto localDestination = std::make_shared<RunnableClientDestination> (keys, isPublic, params);
|
||||||
AddLocalDestination (localDestination);
|
AddLocalDestination (localDestination);
|
||||||
return localDestination;
|
return localDestination;
|
||||||
|
@ -339,7 +339,7 @@ namespace client
|
||||||
i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType,
|
i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType,
|
||||||
const std::map<std::string, std::string> * params)
|
const std::map<std::string, std::string> * params)
|
||||||
{
|
{
|
||||||
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
|
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
|
||||||
auto localDestination = std::make_shared<ClientDestination> (service, keys, isPublic, params);
|
auto localDestination = std::make_shared<ClientDestination> (service, keys, isPublic, params);
|
||||||
AddLocalDestination (localDestination);
|
AddLocalDestination (localDestination);
|
||||||
return localDestination;
|
return localDestination;
|
||||||
|
|
|
@ -709,7 +709,7 @@ namespace client
|
||||||
LogPrint (eLogWarning, "SAM: ", SAM_PARAM_CRYPTO_TYPE, "error: ", ex.what ());
|
LogPrint (eLogWarning, "SAM: ", SAM_PARAM_CRYPTO_TYPE, "error: ", ex.what ());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
auto keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType);
|
auto keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType, true);
|
||||||
#ifdef _MSC_VER
|
#ifdef _MSC_VER
|
||||||
size_t l = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY,
|
size_t l = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY,
|
||||||
keys.GetPublic ()->ToBase64 ().c_str (), keys.ToBase64 ().c_str ());
|
keys.GetPublic ()->ToBase64 ().c_str (), keys.ToBase64 ().c_str ());
|
||||||
|
|
Loading…
Reference in a new issue