pass blinded key instead identity for encrypted LS2

This commit is contained in:
orignal 2019-03-22 15:32:13 -04:00
parent 2be80ba30f
commit 8e4b9da97d
4 changed files with 56 additions and 26 deletions

View file

@ -419,9 +419,9 @@ namespace client
case i2p::data::NETDB_STORE_TYPE_ENCRYPTED_LEASESET2: // 5 case i2p::data::NETDB_STORE_TYPE_ENCRYPTED_LEASESET2: // 5
{ {
auto it2 = m_LeaseSetRequests.find (key); auto it2 = m_LeaseSetRequests.find (key);
if (it2 != m_LeaseSetRequests.end () && it2->second->requestedIdentity) if (it2 != m_LeaseSetRequests.end () && it2->second->requestedBlindedKey)
{ {
auto ls2 = std::make_shared<i2p::data::LeaseSet2> (buf + offset, len - offset, it2->second->requestedIdentity); auto ls2 = std::make_shared<i2p::data::LeaseSet2> (buf + offset, len - offset, it2->second->requestedBlindedKey);
if (ls2->IsValid ()) if (ls2->IsValid ())
{ {
m_RemoteLeaseSets[ls2->GetIdentHash ()] = ls2; // ident is not key m_RemoteLeaseSets[ls2->GetIdentHash ()] = ls2; // ident is not key
@ -644,9 +644,10 @@ namespace client
m_Service.post ([requestComplete](void){requestComplete (nullptr);}); m_Service.post ([requestComplete](void){requestComplete (nullptr);});
return false; return false;
} }
auto blindedKey = std::make_shared<i2p::data::BlindedPublicKey>(dest, i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519); // always assume type 11
i2p::data::IdentHash ident; i2p::data::IdentHash ident;
i2p::data::LeaseSet2::CalculateStoreHash (dest, i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519, ident); // always assume type 11 i2p::data::LeaseSet2::CalculateStoreHash (blindedKey, ident);
m_Service.post (std::bind (&LeaseSetDestination::RequestLeaseSet, shared_from_this (), ident, requestComplete, dest)); m_Service.post (std::bind (&LeaseSetDestination::RequestLeaseSet, shared_from_this (), ident, requestComplete, blindedKey));
return true; return true;
} }
@ -667,19 +668,20 @@ namespace client
void LeaseSetDestination::CancelDestinationRequestWithEncryptedLeaseSet (std::shared_ptr<const i2p::data::IdentityEx> dest, bool notify) void LeaseSetDestination::CancelDestinationRequestWithEncryptedLeaseSet (std::shared_ptr<const i2p::data::IdentityEx> dest, bool notify)
{ {
auto blindedKey = std::make_shared<i2p::data::BlindedPublicKey>(dest, i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519); // always assume type 11
i2p::data::IdentHash ident; i2p::data::IdentHash ident;
i2p::data::LeaseSet2::CalculateStoreHash (dest, i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519, ident); // always assume type 11 i2p::data::LeaseSet2::CalculateStoreHash (blindedKey, ident);
CancelDestinationRequest (ident, notify); CancelDestinationRequest (ident, notify);
} }
void LeaseSetDestination::RequestLeaseSet (const i2p::data::IdentHash& dest, RequestComplete requestComplete, std::shared_ptr<const i2p::data::IdentityEx> requestedIdentity) void LeaseSetDestination::RequestLeaseSet (const i2p::data::IdentHash& dest, RequestComplete requestComplete, std::shared_ptr<const i2p::data::BlindedPublicKey> requestedBlindedKey)
{ {
std::set<i2p::data::IdentHash> excluded; std::set<i2p::data::IdentHash> excluded;
auto floodfill = i2p::data::netdb.GetClosestFloodfill (dest, excluded); auto floodfill = i2p::data::netdb.GetClosestFloodfill (dest, excluded);
if (floodfill) if (floodfill)
{ {
auto request = std::make_shared<LeaseSetRequest> (m_Service); auto request = std::make_shared<LeaseSetRequest> (m_Service);
request->requestedIdentity = requestedIdentity; // for encrypted LeaseSet2 request->requestedBlindedKey = requestedBlindedKey; // for encrypted LeaseSet2
if (requestComplete) if (requestComplete)
request->requestComplete.push_back (requestComplete); request->requestComplete.push_back (requestComplete);
auto ts = i2p::util::GetSecondsSinceEpoch (); auto ts = i2p::util::GetSecondsSinceEpoch ();

View file

@ -82,7 +82,7 @@ namespace client
std::list<RequestComplete> requestComplete; std::list<RequestComplete> requestComplete;
std::shared_ptr<i2p::tunnel::OutboundTunnel> outboundTunnel; std::shared_ptr<i2p::tunnel::OutboundTunnel> outboundTunnel;
std::shared_ptr<i2p::tunnel::InboundTunnel> replyTunnel; std::shared_ptr<i2p::tunnel::InboundTunnel> replyTunnel;
std::shared_ptr<const i2p::data::IdentityEx> requestedIdentity; // for encrypted LeaseSet2 only std::shared_ptr<const i2p::data::BlindedPublicKey> requestedBlindedKey; // for encrypted LeaseSet2 only
void Complete (std::shared_ptr<i2p::data::LeaseSet> ls) void Complete (std::shared_ptr<i2p::data::LeaseSet> ls)
{ {
@ -148,7 +148,7 @@ namespace client
void HandleDatabaseSearchReplyMessage (const uint8_t * buf, size_t len); void HandleDatabaseSearchReplyMessage (const uint8_t * buf, size_t len);
void HandleDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg); void HandleDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg);
void RequestLeaseSet (const i2p::data::IdentHash& dest, RequestComplete requestComplete, std::shared_ptr<const i2p::data::IdentityEx> requestedIdentity = nullptr); void RequestLeaseSet (const i2p::data::IdentHash& dest, RequestComplete requestComplete, std::shared_ptr<const i2p::data::BlindedPublicKey> requestedBlindedKey = nullptr);
bool SendLeaseSetRequest (const i2p::data::IdentHash& dest, std::shared_ptr<const i2p::data::RouterInfo> nextFloodfill, std::shared_ptr<LeaseSetRequest> request); bool SendLeaseSetRequest (const i2p::data::IdentHash& dest, std::shared_ptr<const i2p::data::RouterInfo> nextFloodfill, std::shared_ptr<LeaseSetRequest> request);
void HandleRequestTimoutTimer (const boost::system::error_code& ecode, const i2p::data::IdentHash& dest); void HandleRequestTimoutTimer (const boost::system::error_code& ecode, const i2p::data::IdentHash& dest);
void HandleCleanupTimer (const boost::system::error_code& ecode); void HandleCleanupTimer (const boost::system::error_code& ecode);

View file

@ -253,6 +253,16 @@ namespace data
memcpy (m_Buffer, buf, len); memcpy (m_Buffer, buf, len);
} }
BlindedPublicKey::BlindedPublicKey (std::shared_ptr<const IdentityEx> identity, SigningKeyType blindedKeyType):
m_BlindedSigType (blindedKeyType)
{
if (!identity) return;
auto len = identity->GetSigningPublicKeyLen ();
m_PublicKey.resize (len);
memcpy (m_PublicKey.data (), identity->GetSigningPublicKeyBuffer (), len);
m_SigType = identity->GetSigningKeyType ();
}
LeaseSet2::LeaseSet2 (uint8_t storeType, const uint8_t * buf, size_t len, bool storeLeases): LeaseSet2::LeaseSet2 (uint8_t storeType, const uint8_t * buf, size_t len, bool storeLeases):
LeaseSet (storeLeases), m_StoreType (storeType) LeaseSet (storeLeases), m_StoreType (storeType)
{ {
@ -263,10 +273,10 @@ namespace data
ReadFromBuffer (buf, len); ReadFromBuffer (buf, len);
} }
LeaseSet2::LeaseSet2 (const uint8_t * buf, size_t len, std::shared_ptr<const IdentityEx> identity): LeaseSet2::LeaseSet2 (const uint8_t * buf, size_t len, std::shared_ptr<const BlindedPublicKey> key):
LeaseSet (true), m_StoreType (NETDB_STORE_TYPE_ENCRYPTED_LEASESET2) LeaseSet (true), m_StoreType (NETDB_STORE_TYPE_ENCRYPTED_LEASESET2)
{ {
ReadFromBufferEncrypted (buf, len, identity); ReadFromBufferEncrypted (buf, len, key);
} }
void LeaseSet2::Update (const uint8_t * buf, size_t len, bool verifySignature) void LeaseSet2::Update (const uint8_t * buf, size_t len, bool verifySignature)
@ -423,7 +433,7 @@ namespace data
return offset; return offset;
} }
void LeaseSet2::ReadFromBufferEncrypted (const uint8_t * buf, size_t len, std::shared_ptr<const IdentityEx> identity) void LeaseSet2::ReadFromBufferEncrypted (const uint8_t * buf, size_t len, std::shared_ptr<const BlindedPublicKey> key)
{ {
size_t offset = 0; size_t offset = 0;
// blinded key // blinded key
@ -463,7 +473,7 @@ namespace data
VerifySignature (blindedVerifier, buf, len, offset); VerifySignature (blindedVerifier, buf, len, offset);
SetIsValid (verified); SetIsValid (verified);
// handle ciphertext // handle ciphertext
if (verified && identity && lenOuterCiphertext >= 32) if (verified && key && lenOuterCiphertext >= 32)
{ {
SetIsValid (false); // we must verify it again in Layer 2 SetIsValid (false); // we must verify it again in Layer 2
if (blindedKeyType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519) if (blindedKeyType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519)
@ -472,7 +482,7 @@ namespace data
char date[9]; char date[9];
i2p::util::GetCurrentDate (date); i2p::util::GetCurrentDate (date);
uint8_t blinded[32]; uint8_t blinded[32];
BlindPublicKey (identity, date, blindedKeyType, blinded); BlindPublicKey (key, date, blinded);
if (memcmp (blindedPublicKey, blinded, 32)) if (memcmp (blindedPublicKey, blinded, 32))
{ {
LogPrint (eLogError, "LeaseSet2: blinded public key doesn't match"); LogPrint (eLogError, "LeaseSet2: blinded public key doesn't match");
@ -483,9 +493,9 @@ namespace data
uint8_t credential[32], subcredential[36]; uint8_t credential[32], subcredential[36];
// A = destination's signing public key // A = destination's signing public key
// stA = signature type of A, 2 bytes big endian // stA = signature type of A, 2 bytes big endian
uint16_t stA = htobe16 (identity->GetSigningKeyType ()); uint16_t stA = htobe16 (key->GetSigType ());
// credential = H("credential", A || stA || stA1) // credential = H("credential", A || stA || stA1)
H ("credential", { {identity->GetSigningPublicKeyBuffer (), identity->GetSigningPublicKeyLen ()}, {(const uint8_t *)&stA, 2}, {stA1, 2} }, credential); H ("credential", { {key->GetPublicKey (), key->GetPublicKeyLen ()}, {(const uint8_t *)&stA, 2}, {stA1, 2} }, credential);
// subcredential = H("subcredential", credential || blindedPublicKey) // subcredential = H("subcredential", credential || blindedPublicKey)
H ("subcredential", { {credential, 32}, {blindedPublicKey, blindedKeyLen} }, subcredential); H ("subcredential", { {credential, 32}, {blindedPublicKey, blindedKeyLen} }, subcredential);
// outer key // outer key
@ -535,18 +545,19 @@ namespace data
SHA256_Final (hash, &ctx); SHA256_Final (hash, &ctx);
} }
void LeaseSet2::BlindPublicKey (std::shared_ptr<const IdentityEx> identity, const char * date, SigningKeyType blindedKeyType, uint8_t * blindedKey) void LeaseSet2::BlindPublicKey (std::shared_ptr<const BlindedPublicKey> key, const char * date, uint8_t * blindedKey)
{ {
uint16_t stA = htobe16 (identity->GetSigningKeyType ()), stA1 = htobe16 (blindedKeyType); uint16_t stA = htobe16 (key->GetSigType ()), stA1 = htobe16 (key->GetBlindedSigType ());
uint8_t salt[32], seed[64]; uint8_t salt[32], seed[64];
//seed = HKDF(H("I2PGenerateAlpha", keydata), datestring || secret, "i2pblinding1", 64) //seed = HKDF(H("I2PGenerateAlpha", keydata), datestring || secret, "i2pblinding1", 64)
H ("I2PGenerateAlpha", { {identity->GetSigningPublicKeyBuffer (), identity->GetSigningPublicKeyLen ()}, {(const uint8_t *)&stA, 2}, {(const uint8_t *)&stA1, 2} }, salt); H ("I2PGenerateAlpha", { {key->GetPublicKey (), key->GetPublicKeyLen ()}, {(const uint8_t *)&stA, 2}, {(const uint8_t *)&stA1, 2} }, salt);
i2p::crypto::HKDF (salt, (const uint8_t *)date, 8, "i2pblinding1", seed); i2p::crypto::HKDF (salt, (const uint8_t *)date, 8, "i2pblinding1", seed);
i2p::crypto::GetEd25519 ()->BlindPublicKey (identity->GetSigningPublicKeyBuffer (), seed, blindedKey); i2p::crypto::GetEd25519 ()->BlindPublicKey (key->GetPublicKey (), seed, blindedKey);
} }
void LeaseSet2::CalculateStoreHash (std::shared_ptr<const IdentityEx> identity, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash) void LeaseSet2::CalculateStoreHash (std::shared_ptr<const BlindedPublicKey> key, i2p::data::IdentHash& hash)
{ {
auto blindedKeyType = key->GetBlindedSigType ();
if (blindedKeyType != i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 && if (blindedKeyType != i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 &&
blindedKeyType != SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519) blindedKeyType != SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519)
{ {
@ -556,7 +567,7 @@ namespace data
char date[9]; char date[9];
i2p::util::GetCurrentDate (date); i2p::util::GetCurrentDate (date);
uint8_t blinded[32]; uint8_t blinded[32];
BlindPublicKey (identity, date, blindedKeyType, blinded); BlindPublicKey (key, date, blinded);
auto stA1 = htobe16 (blindedKeyType); auto stA1 = htobe16 (blindedKeyType);
SHA256_CTX ctx; SHA256_CTX ctx;
SHA256_Init (&ctx); SHA256_Init (&ctx);

View file

@ -128,18 +128,35 @@ namespace data
const uint16_t LEASESET2_FLAG_OFFLINE_KEYS = 0x0001; const uint16_t LEASESET2_FLAG_OFFLINE_KEYS = 0x0001;
class BlindedPublicKey // for encrypted LS2
{
public:
BlindedPublicKey (std::shared_ptr<const IdentityEx> identity, SigningKeyType blindedKeyType = i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519);
const uint8_t * GetPublicKey () const { return m_PublicKey.data (); };
size_t GetPublicKeyLen () const { return m_PublicKey.size (); };
SigningKeyType GetSigType () const { return m_SigType; };
SigningKeyType GetBlindedSigType () const { return m_BlindedSigType; };
private:
std::vector<uint8_t> m_PublicKey;
i2p::data::SigningKeyType m_SigType, m_BlindedSigType;
};
class LeaseSet2: public LeaseSet class LeaseSet2: public LeaseSet
{ {
public: public:
LeaseSet2 (uint8_t storeType, const uint8_t * buf, size_t len, bool storeLeases = true); LeaseSet2 (uint8_t storeType, const uint8_t * buf, size_t len, bool storeLeases = true);
LeaseSet2 (const uint8_t * buf, size_t len, std::shared_ptr<const IdentityEx> identity); // store type 5, called from local netdb only LeaseSet2 (const uint8_t * buf, size_t len, std::shared_ptr<const BlindedPublicKey> key); // store type 5, called from local netdb only
uint8_t GetStoreType () const { return m_StoreType; }; uint8_t GetStoreType () const { return m_StoreType; };
uint32_t GetPublishedTimestamp () const { return m_PublishedTimestamp; }; uint32_t GetPublishedTimestamp () const { return m_PublishedTimestamp; };
std::shared_ptr<const i2p::crypto::Verifier> GetTransientVerifier () const { return m_TransientVerifier; }; std::shared_ptr<const i2p::crypto::Verifier> GetTransientVerifier () const { return m_TransientVerifier; };
void Update (const uint8_t * buf, size_t len, bool verifySignature); void Update (const uint8_t * buf, size_t len, bool verifySignature);
static void CalculateStoreHash (std::shared_ptr<const IdentityEx> identity, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash); static void CalculateStoreHash (std::shared_ptr<const BlindedPublicKey> key, i2p::data::IdentHash& hash);
// implements RoutingDestination // implements RoutingDestination
void Encrypt (const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx) const; void Encrypt (const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx) const;
@ -147,7 +164,7 @@ namespace data
private: private:
void ReadFromBuffer (const uint8_t * buf, size_t len, bool readIdentity = true, bool verifySignature = true); void ReadFromBuffer (const uint8_t * buf, size_t len, bool readIdentity = true, bool verifySignature = true);
void ReadFromBufferEncrypted (const uint8_t * buf, size_t len, std::shared_ptr<const IdentityEx> identity); void ReadFromBufferEncrypted (const uint8_t * buf, size_t len, std::shared_ptr<const BlindedPublicKey> key);
size_t ReadStandardLS2TypeSpecificPart (const uint8_t * buf, size_t len); size_t ReadStandardLS2TypeSpecificPart (const uint8_t * buf, size_t len);
size_t ReadMetaLS2TypeSpecificPart (const uint8_t * buf, size_t len); size_t ReadMetaLS2TypeSpecificPart (const uint8_t * buf, size_t len);
@ -158,7 +175,7 @@ namespace data
// for encrypted LS // for encrypted LS
static void H (const std::string& p, const std::vector<std::pair<const uint8_t *, size_t> >& bufs, uint8_t * hash); static void H (const std::string& p, const std::vector<std::pair<const uint8_t *, size_t> >& bufs, uint8_t * hash);
static void BlindPublicKey (std::shared_ptr<const IdentityEx> identity, const char * date, SigningKeyType blindedKeyType, uint8_t * blindedKey); // blinded key 32 bytes, date is 8 chars "YYYYMMDD" static void BlindPublicKey (std::shared_ptr<const BlindedPublicKey> key, const char * date, uint8_t * blindedKey); // blinded key 32 bytes, date is 8 chars "YYYYMMDD"
private: private: