mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-01-23 05:47:17 +01:00
session key decryption
This commit is contained in:
orignal
parent
0a53555ac7
commit
d3812786fa
41
SSU.cpp
41
SSU.cpp
|
|
@ -29,7 +29,7 @@ namespace ssu
|
||||||
delete m_DHKeysPair;
|
delete m_DHKeysPair;
|
||||||
}
|
}
|
||||||
|
|
||||||
void SSUSession::CreateAESandMacKey (const uint8_t * pubKey, uint8_t * aesKey, uint8_t * macKey)
|
void SSUSession::CreateAESandMacKey (const uint8_t * pubKey)
|
||||||
{
|
{
|
||||||
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
|
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
|
||||||
uint8_t sharedKey[256];
|
uint8_t sharedKey[256];
|
||||||
|
|
@ -41,14 +41,14 @@ namespace ssu
|
||||||
|
|
||||||
if (sharedKey[0] & 0x80)
|
if (sharedKey[0] & 0x80)
|
||||||
{
|
{
|
||||||
aesKey[0] = 0;
|
m_SessionKey[0] = 0;
|
||||||
memcpy (aesKey + 1, sharedKey, 31);
|
memcpy (m_SessionKey + 1, sharedKey, 31);
|
||||||
memcpy (macKey, sharedKey + 31, 32);
|
memcpy (m_MacKey, sharedKey + 31, 32);
|
||||||
}
|
}
|
||||||
else if (sharedKey[0])
|
else if (sharedKey[0])
|
||||||
{
|
{
|
||||||
memcpy (aesKey, sharedKey, 32);
|
memcpy (m_SessionKey, sharedKey, 32);
|
||||||
memcpy (macKey, sharedKey + 32, 32);
|
memcpy (m_MacKey, sharedKey + 32, 32);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
@ -64,10 +64,11 @@ namespace ssu
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy (aesKey, nonZero, 32);
|
memcpy (m_SessionKey, nonZero, 32);
|
||||||
CryptoPP::SHA256().CalculateDigest(macKey, nonZero, 64 - (nonZero - sharedKey));
|
CryptoPP::SHA256().CalculateDigest(m_MacKey, nonZero, 64 - (nonZero - sharedKey));
|
||||||
}
|
}
|
||||||
m_IsSessionKey = true;
|
m_IsSessionKey = true;
|
||||||
|
m_SessionKeyDecryption.SetKey (m_SessionKey);
|
||||||
}
|
}
|
||||||
|
|
||||||
void SSUSession::ProcessNextMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint)
|
void SSUSession::ProcessNextMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint)
|
||||||
|
|
@ -83,7 +84,7 @@ namespace ssu
|
||||||
{
|
{
|
||||||
ScheduleTermination ();
|
ScheduleTermination ();
|
||||||
if (m_IsSessionKey && Validate (buf, len, m_MacKey)) // try session key first
|
if (m_IsSessionKey && Validate (buf, len, m_MacKey)) // try session key first
|
||||||
Decrypt (buf, len, m_SessionKey);
|
DecryptSessionKey (buf, len);
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
// try intro key depending on side
|
// try intro key depending on side
|
||||||
|
|
@ -164,7 +165,7 @@ namespace ssu
|
||||||
m_State = eSessionStateRequestReceived;
|
m_State = eSessionStateRequestReceived;
|
||||||
LogPrint ("Session request received");
|
LogPrint ("Session request received");
|
||||||
m_RemoteEndpoint = senderEndpoint;
|
m_RemoteEndpoint = senderEndpoint;
|
||||||
CreateAESandMacKey (buf + sizeof (SSUHeader), m_SessionKey, m_MacKey);
|
CreateAESandMacKey (buf + sizeof (SSUHeader));
|
||||||
SendSessionCreated (buf + sizeof (SSUHeader));
|
SendSessionCreated (buf + sizeof (SSUHeader));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -182,7 +183,7 @@ namespace ssu
|
||||||
uint8_t signedData[532]; // x,y, our IP, our port, remote IP, remote port, relayTag, signed on time
|
uint8_t signedData[532]; // x,y, our IP, our port, remote IP, remote port, relayTag, signed on time
|
||||||
uint8_t * payload = buf + sizeof (SSUHeader);
|
uint8_t * payload = buf + sizeof (SSUHeader);
|
||||||
uint8_t * y = payload;
|
uint8_t * y = payload;
|
||||||
CreateAESandMacKey (y, m_SessionKey, m_MacKey);
|
CreateAESandMacKey (y);
|
||||||
memcpy (signedData, m_DHKeysPair->publicKey, 256); // x
|
memcpy (signedData, m_DHKeysPair->publicKey, 256); // x
|
||||||
memcpy (signedData + 256, y, 256); // y
|
memcpy (signedData + 256, y, 256); // y
|
||||||
payload += 256;
|
payload += 256;
|
||||||
|
|
@ -523,6 +524,24 @@ namespace ssu
|
||||||
m_Decryption.ProcessData (encrypted, encrypted, encryptedLen);
|
m_Decryption.ProcessData (encrypted, encrypted, encryptedLen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void SSUSession::DecryptSessionKey (uint8_t * buf, size_t len)
|
||||||
|
{
|
||||||
|
if (len < sizeof (SSUHeader))
|
||||||
|
{
|
||||||
|
LogPrint ("Unexpected SSU packet length ", len);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
SSUHeader * header = (SSUHeader *)buf;
|
||||||
|
uint8_t * encrypted = &header->flag;
|
||||||
|
uint16_t encryptedLen = len - (encrypted - buf);
|
||||||
|
encryptedLen = (encryptedLen>>4)<<4; // make sure 16 bytes boundary
|
||||||
|
if (encryptedLen > 0)
|
||||||
|
{
|
||||||
|
m_SessionKeyDecryption.SetIV (header->iv);
|
||||||
|
m_SessionKeyDecryption.Decrypt (encrypted, encryptedLen, encrypted);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
bool SSUSession::Validate (uint8_t * buf, size_t len, const uint8_t * macKey)
|
bool SSUSession::Validate (uint8_t * buf, size_t len, const uint8_t * macKey)
|
||||||
{
|
{
|
||||||
if (len < sizeof (SSUHeader))
|
if (len < sizeof (SSUHeader))
|
||||||
|
|
|
||||||
9
SSU.h
9
SSU.h
|
|
@ -9,6 +9,7 @@
|
||||||
#include <boost/asio.hpp>
|
#include <boost/asio.hpp>
|
||||||
#include <cryptopp/modes.h>
|
#include <cryptopp/modes.h>
|
||||||
#include <cryptopp/aes.h>
|
#include <cryptopp/aes.h>
|
||||||
|
#include "aes.h"
|
||||||
#include "I2PEndian.h"
|
#include "I2PEndian.h"
|
||||||
#include "Identity.h"
|
#include "Identity.h"
|
||||||
#include "RouterInfo.h"
|
#include "RouterInfo.h"
|
||||||
|
|
@ -85,7 +86,7 @@ namespace ssu
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
|
||||||
void CreateAESandMacKey (const uint8_t * pubKey, uint8_t * aesKey, uint8_t * macKey);
|
void CreateAESandMacKey (const uint8_t * pubKey);
|
||||||
|
|
||||||
void ProcessMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint); // call for established session
|
void ProcessMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint); // call for established session
|
||||||
void ProcessSessionRequest (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint);
|
void ProcessSessionRequest (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint);
|
||||||
|
|
@ -113,6 +114,7 @@ namespace ssu
|
||||||
|
|
||||||
void FillHeaderAndEncrypt (uint8_t payloadType, uint8_t * buf, size_t len, const uint8_t * aesKey, const uint8_t * iv, const uint8_t * macKey);
|
void FillHeaderAndEncrypt (uint8_t payloadType, uint8_t * buf, size_t len, const uint8_t * aesKey, const uint8_t * iv, const uint8_t * macKey);
|
||||||
void Decrypt (uint8_t * buf, size_t len, const uint8_t * aesKey);
|
void Decrypt (uint8_t * buf, size_t len, const uint8_t * aesKey);
|
||||||
|
void DecryptSessionKey (uint8_t * buf, size_t len);
|
||||||
bool Validate (uint8_t * buf, size_t len, const uint8_t * macKey);
|
bool Validate (uint8_t * buf, size_t len, const uint8_t * macKey);
|
||||||
const uint8_t * GetIntroKey () const;
|
const uint8_t * GetIntroKey () const;
|
||||||
|
|
||||||
|
|
@ -132,8 +134,9 @@ namespace ssu
|
||||||
bool m_IsSessionKey;
|
bool m_IsSessionKey;
|
||||||
uint32_t m_RelayTag;
|
uint32_t m_RelayTag;
|
||||||
std::set<uint32_t> m_PeerTestNonces;
|
std::set<uint32_t> m_PeerTestNonces;
|
||||||
CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption;
|
CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption; // TODO: remove
|
||||||
CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption;
|
CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption; // TODO: remove
|
||||||
|
i2p::crypto::CBCDecryption m_SessionKeyDecryption;
|
||||||
uint8_t m_SessionKey[32], m_MacKey[32];
|
uint8_t m_SessionKey[32], m_MacKey[32];
|
||||||
std::list<i2p::I2NPMessage *> m_DelayedMessages;
|
std::list<i2p::I2NPMessage *> m_DelayedMessages;
|
||||||
SSUData m_Data;
|
SSUData m_Data;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue