Noise XK for SSU2

libi2pd/Crypto.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2021, The PurpleI2P Project
+* Copyright (c) 2013-2022, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -1336,7 +1336,7 @@ namespace crypto
 
 	void InitNoiseXKState (NoiseSymmetricState& state, const uint8_t * pub)
 	{
-		static const uint8_t protocolNameHash[] =
+		static const uint8_t protocolNameHash[32] =
 		{
 			0x72, 0xe8, 0x42, 0xc5, 0x45, 0xe1, 0x80, 0x80, 0xd3, 0x9c, 0x44, 0x93, 0xbb, 0x91, 0xd7, 0xed,
 			0xf2, 0x28, 0x98, 0x17, 0x71, 0x21, 0x8c, 0x1f, 0x62, 0x4e, 0x20, 0x6f, 0x28, 0xd3, 0x2f, 0x71
@@ -1349,6 +1349,21 @@ namespace crypto
 		InitNoiseState (state, protocolNameHash, hh, pub);
 	}
 
+	void InitNoiseXKState1 (NoiseSymmetricState& state, const uint8_t * pub)
+	{
+		static const uint8_t protocolNameHash[32] =
+		{
+			0xb1, 0x37, 0x22, 0x81, 0x74, 0x23, 0xa8, 0xfd, 0xf4, 0x2d, 0xf2, 0xe6, 0x0e, 0xd1, 0xed, 0xf4,
+			0x1b, 0x93, 0x07, 0x1d, 0xb1, 0xec, 0x24, 0xa3, 0x67, 0xf7, 0x84, 0xec, 0x27, 0x0d, 0x81, 0x32
+		}; // SHA256 ("Noise_XKchaobfse+hs1+hs2+hs3_25519_ChaChaPoly_SHA256")
+		static const uint8_t hh[32] =
+		{
+			0xdc, 0x85, 0xe6, 0xaf, 0x7b, 0x02, 0x65, 0x0c, 0xf1, 0xf9, 0x0d, 0x71, 0xfb, 0xc6, 0xd4, 0x53, 
+			0xa7, 0xcf, 0x6d, 0xbf, 0xbd, 0x52, 0x5e, 0xa5, 0xb5, 0x79, 0x1c, 0x47, 0xb3, 0x5e, 0xbc, 0x33
+		}; // SHA256 (protocolNameHash)
+		InitNoiseState (state, protocolNameHash, hh, pub);
+	}
+	
 	void InitNoiseIKState (NoiseSymmetricState& state, const uint8_t * pub)
 	{
 		static const uint8_t protocolNameHash[32] =

libi2pd/Crypto.h

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2021, The PurpleI2P Project
+* Copyright (c) 2013-2022, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -322,6 +322,7 @@ namespace crypto
 
 	void InitNoiseNState (NoiseSymmetricState& state, const uint8_t * pub); // Noise_N (tunnels, router)
 	void InitNoiseXKState (NoiseSymmetricState& state, const uint8_t * pub); // Noise_XK (NTCP2)
+	void InitNoiseXKState1 (NoiseSymmetricState& state, const uint8_t * pub); // Noise_XK (SSU2)
 	void InitNoiseIKState (NoiseSymmetricState& state, const uint8_t * pub); // Noise_IK (ratchets)
 
 // init and terminate

libi2pd/SSU2.cpp

@@ -6,6 +6,7 @@
 * See full license text in LICENSE file at top of project tree
 */
 
+#include "Transports.h"
 #include "SSU2.h"
 
 namespace i2p
@@ -16,6 +17,13 @@ namespace transport
 		std::shared_ptr<const i2p::data::RouterInfo::Address> addr, bool peerTest):
 		TransportSession (in_RemoteRouter, SSU2_TERMINATION_TIMEOUT)
 	{
+		m_NoiseState.reset (new i2p::crypto::NoiseSymmetricState);
+		if (in_RemoteRouter && addr)
+		{
+			// outgoing
+			if (addr->ntcp2) // TODO: should be SSU
+				InitNoiseXKState1 (*m_NoiseState, addr->ntcp2->staticKey);
+		}	
 	}
 	
 	SSU2Session::~SSU2Session ()

libi2pd/SSU2.h

@@ -27,6 +27,11 @@ namespace transport
 			SSU2Session (std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter = nullptr,
 				std::shared_ptr<const i2p::data::RouterInfo::Address> addr = nullptr, bool peerTest = false);
 			~SSU2Session ();
+
+		private:
+
+			std::shared_ptr<i2p::crypto::X25519Keys> m_EphemeralKeys;
+			std::unique_ptr<i2p::crypto::NoiseSymmetricState> m_NoiseState;
 	};
 }
 }