Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-02-02 02:54:01 +01:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

derive ECIESX25519AEADRatchetSession from GarlicRoutingSession

Browse source
This commit is contained in:
orignal 2020-01-16 14:59:19 -05:00
parent d7d964bf57
commit dc9da69509
4 changed files with 33 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
libi2pd/ECIESX25519AEADRatchetSession.cpp
View file

@ -12,7 +12,8 @@ namespace i2p
namespace garlic
{
ECIESX25519AEADRatchetSession::ECIESX25519AEADRatchetSession ()
ECIESX25519AEADRatchetSession::ECIESX25519AEADRatchetSession (GarlicDestination * owner):
GarlicRoutingSession (owner, true)
{
// TODO : use precalculated hashes
static const char protocolName[41] = "Noise_IKelg2+hs2_25519_ChaChaPoly_SHA256"; // 40 bytes
@ -34,12 +35,12 @@ namespace garlic
SHA256_Final (m_H, &ctx);
}
bool ECIESX25519AEADRatchetSession::NewIncomingSession (const i2p::data::LocalDestination& dest,
const uint8_t * buf, size_t len, CloveHandler handleClove)
bool ECIESX25519AEADRatchetSession::NewIncomingSession (const uint8_t * buf, size_t len, CloveHandler handleClove)
{
if (!GetOwner ()) return false;
// we are Bob
// KDF1
MixHash (dest.GetEncryptionPublicKey (), 32); // h = SHA256(h || bpk)
MixHash (GetOwner ()->GetEncryptionPublicKey (), 32); // h = SHA256(h || bpk)
uint8_t aepk[32]; // Alice's ephemeral key
if (!i2p::crypto::GetElligator ()->Decode (buf, aepk))
@ -51,7 +52,7 @@ namespace garlic
MixHash (aepk, 32); // h = SHA256(h || aepk)
uint8_t sharedSecret[32], keyData[64];
dest.Decrypt (aepk, sharedSecret, nullptr); // x25519(bsk, aepk)
GetOwner ()->Decrypt (aepk, sharedSecret, nullptr); // x25519(bsk, aepk)
i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", keyData); // keydata = HKDF(chainKey, sharedSecret, "", 64)
memcpy (m_CK, keyData, 32); // chainKey = keydata[0:31]
@ -73,7 +74,7 @@ namespace garlic
if (isStatic)
{
// static key, fs is apk
dest.Decrypt (fs, sharedSecret, nullptr); // x25519(bsk, apk)
GetOwner ()->Decrypt (fs, sharedSecret, nullptr); // x25519(bsk, apk)
i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", keyData); // keydata = HKDF(chainKey, sharedSecret, "", 64)
memcpy (m_CK, keyData, 32); // chainKey = keydata[0:31]
}
@ -126,6 +127,12 @@ namespace garlic
offset += size;
}
}
std::shared_ptr<I2NPMessage> ECIESX25519AEADRatchetSession::WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg)
{
// TODO:
return nullptr;
}
}
}

10
libi2pd/ECIESX25519AEADRatchetSession.h
View file

@ -4,6 +4,7 @@
#include <inttypes.h>
#include <functional>
#include "Identity.h"
#include "Garlic.h"
namespace i2p
{
@ -20,17 +21,18 @@ namespace garlic
eECIESx25519BlkPadding = 254
};
class ECIESX25519AEADRatchetSession
class ECIESX25519AEADRatchetSession: public GarlicRoutingSession
{
public:
typedef std::function<void (const uint8_t * buf, size_t len)> CloveHandler;
ECIESX25519AEADRatchetSession ();
ECIESX25519AEADRatchetSession (GarlicDestination * owner);
~ECIESX25519AEADRatchetSession ();
bool NewIncomingSession (const i2p::data::LocalDestination& dest, const uint8_t * buf, size_t len,
CloveHandler handleClove);
std::shared_ptr<I2NPMessage> WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg);
bool NewIncomingSession (const uint8_t * buf, size_t len, CloveHandler handleClove);
private:

21
libi2pd/Garlic.cpp
View file

@ -18,10 +18,8 @@ namespace i2p
{
namespace garlic
{
GarlicRoutingSession::GarlicRoutingSession (GarlicDestination * owner,
std::shared_ptr<const i2p::data::RoutingDestination> destination, bool attachLeaseSet):
m_Owner (owner), m_Destination (destination),
m_LeaseSetUpdateStatus (attachLeaseSet ? eLeaseSetUpdated : eLeaseSetDoNotSend),
GarlicRoutingSession::GarlicRoutingSession (GarlicDestination * owner, bool attachLeaseSet):
m_Owner (owner), m_LeaseSetUpdateStatus (attachLeaseSet ? eLeaseSetUpdated : eLeaseSetDoNotSend),
m_LeaseSetUpdateMsgID (0)
{
}
@ -62,7 +60,8 @@ namespace garlic
ElGamalAESSession::ElGamalAESSession (GarlicDestination * owner,
std::shared_ptr<const i2p::data::RoutingDestination> destination, int numTags, bool attachLeaseSet):
GarlicRoutingSession (owner, destination, attachLeaseSet), m_NumTags (numTags)
GarlicRoutingSession (owner, attachLeaseSet),
m_Destination (destination), m_NumTags (numTags)
{
// create new session tags and session key
RAND_bytes (m_SessionKey, 32);
@ -107,7 +106,7 @@ namespace garlic
if (!tagFound) // new session
{
LogPrint (eLogInfo, "Garlic: No tags available, will use ElGamal");
if (!GetDestination ())
if (!m_Destination)
{
LogPrint (eLogError, "Garlic: Can't use ElGamal for unknown destination");
return nullptr;
@ -119,7 +118,7 @@ namespace garlic
uint8_t iv[32]; // IV is first 16 bytes
SHA256(elGamal.preIV, 32, iv);
BN_CTX * ctx = BN_CTX_new ();
GetDestination ()->Encrypt ((uint8_t *)&elGamal, buf, ctx);
m_Destination->Encrypt ((uint8_t *)&elGamal, buf, ctx);
BN_CTX_free (ctx);
m_Encryption.SetIV (iv);
buf += 514;
@ -229,7 +228,7 @@ namespace garlic
}
if (msg) // clove message ifself if presented
{
size += CreateGarlicClove (payload + size, msg, IsDestination ());
size += CreateGarlicClove (payload + size, msg, m_Destination ? m_Destination->IsDestination () : false);
(*numCloves)++;
}
memset (payload + size, 0, 3); // certificate of message
@ -251,7 +250,7 @@ namespace garlic
{
buf[size] = eGarlicDeliveryTypeDestination << 5;// delivery instructions flag destination
size++;
memcpy (buf + size, GetDestination ()->GetIdentHash (), 32);
memcpy (buf + size, m_Destination->GetIdentHash (), 32);
size += 32;
}
else
@ -842,8 +841,8 @@ namespace garlic
void GarlicDestination::HandleECIESx25519 (const uint8_t * buf, size_t len)
{
ECIESX25519AEADRatchetSession session;
session.NewIncomingSession (*this, buf, len, std::bind (&GarlicDestination::HandleECIESx25519GarlicClove,
ECIESX25519AEADRatchetSession session (this);
session.NewIncomingSession (buf, len, std::bind (&GarlicDestination::HandleECIESx25519GarlicClove,
this, std::placeholders::_1, std::placeholders::_2));
}

10
libi2pd/Garlic.h
View file

@ -99,7 +99,7 @@ namespace garlic
public:
GarlicRoutingSession (GarlicDestination * owner, std::shared_ptr<const i2p::data::RoutingDestination> destination, bool attachLeaseSet);
GarlicRoutingSession (GarlicDestination * owner, bool attachLeaseSet);
GarlicRoutingSession ();
virtual ~GarlicRoutingSession ();
virtual std::shared_ptr<I2NPMessage> WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg) = 0;
@ -125,15 +125,11 @@ namespace garlic
void SetLeaseSetUpdateStatus (LeaseSetUpdateStatus status) { m_LeaseSetUpdateStatus = status; }
uint32_t GetLeaseSetUpdateMsgID () const { return m_LeaseSetUpdateMsgID; }
void SetLeaseSetUpdateMsgID (uint32_t msgID) { m_LeaseSetUpdateMsgID = msgID; }
void SetLeaseSetSubmissionTime (uint64_t ts) { m_LeaseSetSubmissionTime = ts; }
bool IsDestination () const { return m_Destination ? m_Destination->IsDestination () : false; }
const std::shared_ptr<const i2p::data::RoutingDestination>& GetDestination () const { return m_Destination; }
void SetLeaseSetSubmissionTime (uint64_t ts) { m_LeaseSetSubmissionTime = ts; }
private:
GarlicDestination * m_Owner;
std::shared_ptr<const i2p::data::RoutingDestination> m_Destination;
LeaseSetUpdateStatus m_LeaseSetUpdateStatus;
uint32_t m_LeaseSetUpdateMsgID;
@ -184,6 +180,8 @@ namespace garlic
UnconfirmedTags * GenerateSessionTags ();
private:
std::shared_ptr<const i2p::data::RoutingDestination> m_Destination;
i2p::crypto::AESKey m_SessionKey;
std::list<SessionTag> m_SessionTags;