Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-04-28 19:57:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

common ML-KEM names and key lengths
Some checks are pending
Build Debian packages / bookworm (push) Waiting to run
Details
Build Debian packages / bullseye (push) Waiting to run
Details
Build Debian packages / buster (push) Waiting to run
Details
Build on FreeBSD / with UPnP (push) Waiting to run
Details
Build on OSX / With USE_UPNP=no (push) Waiting to run
Details
Build on OSX / With USE_UPNP=yes (push) Waiting to run
Details
Build on Windows / i686 (push) Waiting to run
Details
Build on Windows / clang-x86_64 (push) Waiting to run
Details
Build on Windows / ucrt-x86_64 (push) Waiting to run
Details
Build on Windows / x86_64 (push) Waiting to run
Details
Build on Windows / CMake clang-x86_64 (push) Waiting to run
Details
Build on Windows / CMake i686 (push) Waiting to run
Details
Build on Windows / CMake ucrt-x86_64 (push) Waiting to run
Details
Build on Windows / CMake x86_64 (push) Waiting to run
Details
Build on Windows / XP (push) Waiting to run
Details
Build on Ubuntu / Make with USE_UPNP=no (push) Waiting to run
Details
Build on Ubuntu / Make with USE_UPNP=yes (push) Waiting to run
Details
Build on Ubuntu / CMake with -DWITH_UPNP=OFF (push) Waiting to run
Details
Build on Ubuntu / CMake with -DWITH_UPNP=ON (push) Waiting to run
Details
Build containers / Building container for linux/amd64 (push) Waiting to run
Details
Build containers / Building container for linux/arm64 (push) Waiting to run
Details
Build containers / Building container for linux/arm/v7 (push) Waiting to run
Details
Build containers / Building container for linux/386 (push) Waiting to run
Details
Build containers / Pushing merged manifest (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
orignal 2025-04-13 18:18:44 -04:00
parent f6abbe5908
commit 9ab1a67f0b
5 changed files with 88 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

55
libi2pd/ECIESX25519AEADRatchetSession.cpp
View file

@ -11,6 +11,7 @@
#include "Log.h"
#include "util.h"
#include "Crypto.h"
#include "CryptoKey.h"
#include "Elligator.h"
#include "Tag.h"
#include "I2PEndian.h"
@ -560,18 +561,19 @@ namespace garlic
}
MixKey (sharedSecret);
#if OPENSSL_PQ
if (m_RemoteStaticKeyType == i2p::data::CRYPTO_KEY_TYPE_ECIES_MLKEM512_X25519_AEAD)
if (m_RemoteStaticKeyType >= i2p::data::CRYPTO_KEY_TYPE_ECIES_MLKEM512_X25519_AEAD)
{
uint8_t encapsKey[i2p::crypto::MLKEM512_KEY_LENGTH];
m_PQKeys->GetPublicKey (encapsKey);
auto keyLen = i2p::crypto::GetMLKEMPublicKeyLen (m_RemoteStaticKeyType);
std::vector<uint8_t> encapsKey(keyLen);
m_PQKeys->GetPublicKey (encapsKey.data ());
// encrypt encapsKey
if (!Encrypt (encapsKey, out + offset, i2p::crypto::MLKEM512_KEY_LENGTH))
if (!Encrypt (encapsKey.data (), out + offset, keyLen))
{
LogPrint (eLogWarning, "Garlic: ML-KEM encap_key section AEAD encryption failed ");
return false;
}
MixHash (out + offset, i2p::crypto::MLKEM512_KEY_LENGTH + 16); // h = SHA256(h || ciphertext)
offset += i2p::crypto::MLKEM512_KEY_LENGTH + 16;
MixHash (out + offset, keyLen + 16); // h = SHA256(h || ciphertext)
offset += keyLen + 16;
}
#endif
// encrypt flags/static key section
@ -657,19 +659,20 @@ namespace garlic
#if OPENSSL_PQ
if (m_PQKeys)
{
uint8_t kemCiphertext[i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH];
m_PQKeys->Encaps (kemCiphertext, sharedSecret);
size_t cipherTextLen = i2p::crypto::GetMLKEMCipherTextLen (m_RemoteStaticKeyType);
std::vector<uint8_t> kemCiphertext(cipherTextLen);
m_PQKeys->Encaps (kemCiphertext.data (), sharedSecret);
if (!Encrypt (kemCiphertext, out + offset, i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH))
if (!Encrypt (kemCiphertext.data (), out + offset, cipherTextLen))
{
LogPrint (eLogWarning, "Garlic: NSR ML-KEM ciphertext section AEAD encryption failed");
return false;
}
m_NSREncodedPQKey = std::make_unique<std::array<uint8_t, i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16> >();
memcpy (m_NSREncodedPQKey->data (), out + offset, i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16);
MixHash (out + offset, i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16);
m_NSREncodedPQKey = std::make_unique<std::vector<uint8_t> > (cipherTextLen + 16);
memcpy (m_NSREncodedPQKey->data (), out + offset, cipherTextLen + 16);
MixHash (out + offset, cipherTextLen + 16);
MixKey (sharedSecret);
offset += i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16;
offset += cipherTextLen + 16;
}
#endif
// calculate hash for zero length
@ -723,9 +726,10 @@ namespace garlic
{
if (m_NSREncodedPQKey)
{
memcpy (out + offset, m_NSREncodedPQKey->data (), i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16);
MixHash (out + offset, i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16);
offset += i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16;
size_t cipherTextLen = i2p::crypto::GetMLKEMCipherTextLen (m_RemoteStaticKeyType);
memcpy (out + offset, m_NSREncodedPQKey->data (), cipherTextLen + 16);
MixHash (out + offset, cipherTextLen + 16);
offset += cipherTextLen + 16;
}
else
{
@ -778,20 +782,21 @@ namespace garlic
MixKey (sharedSecret);
#if OPENSSL_PQ
if (m_RemoteStaticKeyType == i2p::data::CRYPTO_KEY_TYPE_ECIES_MLKEM512_X25519_AEAD)
if (m_RemoteStaticKeyType >= i2p::data::CRYPTO_KEY_TYPE_ECIES_MLKEM512_X25519_AEAD)
{
// decrypt kem_ciphertext section
uint8_t kemCiphertext[i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH];
if (!Decrypt (buf, kemCiphertext, i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH))
size_t cipherTextLen = i2p::crypto::GetMLKEMCipherTextLen (m_RemoteStaticKeyType);
std::vector<uint8_t> kemCiphertext(cipherTextLen);
if (!Decrypt (buf, kemCiphertext.data (), cipherTextLen))
{
LogPrint (eLogWarning, "Garlic: Reply ML-KEM ciphertext section AEAD decryption failed");
return false;
}
MixHash (buf, i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16);
buf += i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16;
len -= i2p::crypto::MLKEM512_CIPHER_TEXT_LENGTH + 16;
MixHash (buf, cipherTextLen + 16);
buf += cipherTextLen + 16;
len -= cipherTextLen + 16;
// decaps
m_PQKeys->Decaps (kemCiphertext, sharedSecret);
m_PQKeys->Decaps (kemCiphertext.data (), sharedSecret);
MixKey (sharedSecret);
}
#endif
@ -981,8 +986,8 @@ namespace garlic
return nullptr;
len += 96;
#if OPENSSL_PQ
if (m_RemoteStaticKeyType == i2p::data::CRYPTO_KEY_TYPE_ECIES_MLKEM512_X25519_AEAD)
len += i2p::crypto::MLKEM512_KEY_LENGTH + 16;
if (m_RemoteStaticKeyType >= i2p::data::CRYPTO_KEY_TYPE_ECIES_MLKEM512_X25519_AEAD)
len += i2p::crypto::GetMLKEMPublicKeyLen (m_RemoteStaticKeyType) + 16;
#endif
break;
case eSessionStateNewSessionReceived: