mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-03-18 23:36:39 +01:00
verify blinding key for encrypted LS2
This commit is contained in:
parent
24c5ed1cff
commit
557244bc3f
5 changed files with 42 additions and 14 deletions
|
@ -1,8 +1,7 @@
|
||||||
#include <time.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include "Crypto.h"
|
#include "Crypto.h"
|
||||||
#include "I2PEndian.h"
|
#include "I2PEndian.h"
|
||||||
#include "Log.h"
|
#include "Log.h"
|
||||||
|
#include "Timestamp.h"
|
||||||
#include "Identity.h"
|
#include "Identity.h"
|
||||||
|
|
||||||
namespace i2p
|
namespace i2p
|
||||||
|
@ -774,15 +773,7 @@ namespace data
|
||||||
{
|
{
|
||||||
uint8_t buf[41]; // ident + yyyymmdd
|
uint8_t buf[41]; // ident + yyyymmdd
|
||||||
memcpy (buf, (const uint8_t *)ident, 32);
|
memcpy (buf, (const uint8_t *)ident, 32);
|
||||||
time_t t = time (nullptr);
|
i2p::util::GetCurrentDate ((char *)(buf + 32));
|
||||||
struct tm tm;
|
|
||||||
#ifdef _WIN32
|
|
||||||
gmtime_s(&tm, &t);
|
|
||||||
sprintf_s((char *)(buf + 32), 9, "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday);
|
|
||||||
#else
|
|
||||||
gmtime_r(&t, &tm);
|
|
||||||
sprintf((char *)(buf + 32), "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday);
|
|
||||||
#endif
|
|
||||||
IdentHash key;
|
IdentHash key;
|
||||||
SHA256(buf, 40, key);
|
SHA256(buf, 40, key);
|
||||||
return key;
|
return key;
|
||||||
|
|
|
@ -466,6 +466,19 @@ namespace data
|
||||||
if (verified && identity && lenOuterCiphertext >= 32)
|
if (verified && identity && lenOuterCiphertext >= 32)
|
||||||
{
|
{
|
||||||
SetIsValid (false); // we must verify it again in Layer 2
|
SetIsValid (false); // we must verify it again in Layer 2
|
||||||
|
if (blindedKeyType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519)
|
||||||
|
{
|
||||||
|
// verify blinding
|
||||||
|
char date[9];
|
||||||
|
i2p::util::GetCurrentDate (date);
|
||||||
|
uint8_t blinded[32];
|
||||||
|
BlindPublicKey (identity, date, blindedKeyType, blinded);
|
||||||
|
if (memcmp (blindedPublicKey, blinded, 32))
|
||||||
|
{
|
||||||
|
LogPrint (eLogError, "LeaseSet2: blinded public key doesn't match");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
// credentials
|
// credentials
|
||||||
uint8_t credential[32], subcredential[36];
|
uint8_t credential[32], subcredential[36];
|
||||||
// A = destination's signing public key
|
// A = destination's signing public key
|
||||||
|
@ -543,8 +556,16 @@ namespace data
|
||||||
i2p::crypto::GetEd25519 ()->BlindPublicKey (identity->GetSigningPublicKeyBuffer (), seed, blindedKey);
|
i2p::crypto::GetEd25519 ()->BlindPublicKey (identity->GetSigningPublicKeyBuffer (), seed, blindedKey);
|
||||||
}
|
}
|
||||||
|
|
||||||
void LeaseSet2::CalculateStoreHash (std::shared_ptr<const IdentityEx> identity, const char * date, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash)
|
void LeaseSet2::CalculateStoreHash (std::shared_ptr<const IdentityEx> identity, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash)
|
||||||
{
|
{
|
||||||
|
if (blindedKeyType != i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 &&
|
||||||
|
blindedKeyType != SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519)
|
||||||
|
{
|
||||||
|
LogPrint (eLogError, "LeaseSet2: blinded key type ", (int)blindedKeyType, " is not supported");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
char date[9];
|
||||||
|
i2p::util::GetCurrentDate (date);
|
||||||
uint8_t blinded[32];
|
uint8_t blinded[32];
|
||||||
BlindPublicKey (identity, date, blindedKeyType, blinded);
|
BlindPublicKey (identity, date, blindedKeyType, blinded);
|
||||||
auto stA1 = htobe16 (blindedKeyType);
|
auto stA1 = htobe16 (blindedKeyType);
|
||||||
|
|
|
@ -139,7 +139,7 @@ namespace data
|
||||||
std::shared_ptr<const i2p::crypto::Verifier> GetTransientVerifier () const { return m_TransientVerifier; };
|
std::shared_ptr<const i2p::crypto::Verifier> GetTransientVerifier () const { return m_TransientVerifier; };
|
||||||
void Update (const uint8_t * buf, size_t len, bool verifySignature);
|
void Update (const uint8_t * buf, size_t len, bool verifySignature);
|
||||||
|
|
||||||
static void CalculateStoreHash (std::shared_ptr<const IdentityEx> identity, const char * date, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash);
|
static void CalculateStoreHash (std::shared_ptr<const IdentityEx> identity, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash);
|
||||||
|
|
||||||
// implements RoutingDestination
|
// implements RoutingDestination
|
||||||
void Encrypt (const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx) const;
|
void Encrypt (const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx) const;
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
#include <time.h>
|
||||||
|
#include <stdio.h>
|
||||||
#include <inttypes.h>
|
#include <inttypes.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <chrono>
|
#include <chrono>
|
||||||
|
@ -37,7 +39,6 @@ namespace util
|
||||||
std::chrono::system_clock::now().time_since_epoch()).count ();
|
std::chrono::system_clock::now().time_since_epoch()).count ();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int64_t g_TimeOffset = 0; // in seconds
|
static int64_t g_TimeOffset = 0; // in seconds
|
||||||
|
|
||||||
static void SyncTimeWithNTP (const std::string& address)
|
static void SyncTimeWithNTP (const std::string& address)
|
||||||
|
@ -178,6 +179,19 @@ namespace util
|
||||||
{
|
{
|
||||||
return GetLocalSecondsSinceEpoch () + g_TimeOffset;
|
return GetLocalSecondsSinceEpoch () + g_TimeOffset;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void GetCurrentDate (char * date)
|
||||||
|
{
|
||||||
|
time_t t = time (nullptr);
|
||||||
|
struct tm tm;
|
||||||
|
#ifdef _WIN32
|
||||||
|
gmtime_s(&tm, &t);
|
||||||
|
sprintf_s(date, 9, "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday);
|
||||||
|
#else
|
||||||
|
gmtime_r(&t, &tm);
|
||||||
|
sprintf(date, "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -15,6 +15,8 @@ namespace util
|
||||||
uint32_t GetHoursSinceEpoch ();
|
uint32_t GetHoursSinceEpoch ();
|
||||||
uint64_t GetSecondsSinceEpoch ();
|
uint64_t GetSecondsSinceEpoch ();
|
||||||
|
|
||||||
|
void GetCurrentDate (char * date); // returns date as YYYYMMDD string, 9 bytes
|
||||||
|
|
||||||
class NTPTimeSync
|
class NTPTimeSync
|
||||||
{
|
{
|
||||||
public:
|
public:
|
||||||
|
|
Loading…
Add table
Reference in a new issue