Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-03-10 11:28:27 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

derive ECIESX25519AEADRatchetSession from GarlicRoutingSession

Browse source
This commit is contained in:
orignal 2020-01-16 14:59:19 -05:00
parent d7d964bf57
commit dc9da69509
4 changed files with 33 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
libi2pd/ECIESX25519AEADRatchetSession.cpp
View file

@ -12,7 +12,8 @@ namespace i2p
namespace garlic namespace garlic
{ {
ECIESX25519AEADRatchetSession::ECIESX25519AEADRatchetSession () ECIESX25519AEADRatchetSession::ECIESX25519AEADRatchetSession (GarlicDestination * owner):
GarlicRoutingSession (owner, true)
{ {
// TODO : use precalculated hashes // TODO : use precalculated hashes
static const char protocolName[41] = "Noise_IKelg2+hs2_25519_ChaChaPoly_SHA256"; // 40 bytes static const char protocolName[41] = "Noise_IKelg2+hs2_25519_ChaChaPoly_SHA256"; // 40 bytes
@ -34,12 +35,12 @@ namespace garlic
SHA256_Final (m_H, &ctx); SHA256_Final (m_H, &ctx);
} }
bool ECIESX25519AEADRatchetSession::NewIncomingSession (const i2p::data::LocalDestination& dest, bool ECIESX25519AEADRatchetSession::NewIncomingSession (const uint8_t * buf, size_t len, CloveHandler handleClove)
const uint8_t * buf, size_t len, CloveHandler handleClove)
{ {
if (!GetOwner ()) return false;
// we are Bob // we are Bob
// KDF1 // KDF1
MixHash (dest.GetEncryptionPublicKey (), 32); // h = SHA256(h || bpk) MixHash (GetOwner ()->GetEncryptionPublicKey (), 32); // h = SHA256(h || bpk)
uint8_t aepk[32]; // Alice's ephemeral key uint8_t aepk[32]; // Alice's ephemeral key
if (!i2p::crypto::GetElligator ()->Decode (buf, aepk)) if (!i2p::crypto::GetElligator ()->Decode (buf, aepk))
@ -51,7 +52,7 @@ namespace garlic
MixHash (aepk, 32); // h = SHA256(h || aepk) MixHash (aepk, 32); // h = SHA256(h || aepk)
uint8_t sharedSecret[32], keyData[64]; uint8_t sharedSecret[32], keyData[64];
dest.Decrypt (aepk, sharedSecret, nullptr); // x25519(bsk, aepk) GetOwner ()->Decrypt (aepk, sharedSecret, nullptr); // x25519(bsk, aepk)
i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", keyData); // keydata = HKDF(chainKey, sharedSecret, "", 64) i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", keyData); // keydata = HKDF(chainKey, sharedSecret, "", 64)
memcpy (m_CK, keyData, 32); // chainKey = keydata[0:31] memcpy (m_CK, keyData, 32); // chainKey = keydata[0:31]
@ -73,7 +74,7 @@ namespace garlic
if (isStatic) if (isStatic)
{ {
// static key, fs is apk // static key, fs is apk
dest.Decrypt (fs, sharedSecret, nullptr); // x25519(bsk, apk) GetOwner ()->Decrypt (fs, sharedSecret, nullptr); // x25519(bsk, apk)
i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", keyData); // keydata = HKDF(chainKey, sharedSecret, "", 64) i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", keyData); // keydata = HKDF(chainKey, sharedSecret, "", 64)
memcpy (m_CK, keyData, 32); // chainKey = keydata[0:31] memcpy (m_CK, keyData, 32); // chainKey = keydata[0:31]
} }
@ -126,6 +127,12 @@ namespace garlic
offset += size; offset += size;
} }
} }
std::shared_ptr<I2NPMessage> ECIESX25519AEADRatchetSession::WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg)
{
// TODO:
return nullptr;
}
} }
} }

10
libi2pd/ECIESX25519AEADRatchetSession.h
View file

@ -4,6 +4,7 @@
#include <inttypes.h> #include <inttypes.h>
#include <functional> #include <functional>
#include "Identity.h" #include "Identity.h"
#include "Garlic.h"
namespace i2p namespace i2p
{ {
@ -20,17 +21,18 @@ namespace garlic
eECIESx25519BlkPadding = 254 eECIESx25519BlkPadding = 254
}; };
class ECIESX25519AEADRatchetSession class ECIESX25519AEADRatchetSession: public GarlicRoutingSession
{ {
public: public:
typedef std::function<void (const uint8_t * buf, size_t len)> CloveHandler; typedef std::function<void (const uint8_t * buf, size_t len)> CloveHandler;
ECIESX25519AEADRatchetSession (); ECIESX25519AEADRatchetSession (GarlicDestination * owner);
~ECIESX25519AEADRatchetSession (); ~ECIESX25519AEADRatchetSession ();
bool NewIncomingSession (const i2p::data::LocalDestination& dest, const uint8_t * buf, size_t len, std::shared_ptr<I2NPMessage> WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg);
CloveHandler handleClove);
bool NewIncomingSession (const uint8_t * buf, size_t len, CloveHandler handleClove);
private: private:

21
libi2pd/Garlic.cpp
View file

@ -18,10 +18,8 @@ namespace i2p
{ {
namespace garlic namespace garlic
{ {
GarlicRoutingSession::GarlicRoutingSession (GarlicDestination * owner, GarlicRoutingSession::GarlicRoutingSession (GarlicDestination * owner, bool attachLeaseSet):
std::shared_ptr<const i2p::data::RoutingDestination> destination, bool attachLeaseSet): m_Owner (owner), m_LeaseSetUpdateStatus (attachLeaseSet ? eLeaseSetUpdated : eLeaseSetDoNotSend),
m_Owner (owner), m_Destination (destination),
m_LeaseSetUpdateStatus (attachLeaseSet ? eLeaseSetUpdated : eLeaseSetDoNotSend),
m_LeaseSetUpdateMsgID (0) m_LeaseSetUpdateMsgID (0)
{ {
} }
@ -62,7 +60,8 @@ namespace garlic
ElGamalAESSession::ElGamalAESSession (GarlicDestination * owner, ElGamalAESSession::ElGamalAESSession (GarlicDestination * owner,
std::shared_ptr<const i2p::data::RoutingDestination> destination, int numTags, bool attachLeaseSet): std::shared_ptr<const i2p::data::RoutingDestination> destination, int numTags, bool attachLeaseSet):
GarlicRoutingSession (owner, destination, attachLeaseSet), m_NumTags (numTags) GarlicRoutingSession (owner, attachLeaseSet),
m_Destination (destination), m_NumTags (numTags)
{ {
// create new session tags and session key // create new session tags and session key
RAND_bytes (m_SessionKey, 32); RAND_bytes (m_SessionKey, 32);
@ -107,7 +106,7 @@ namespace garlic
if (!tagFound) // new session if (!tagFound) // new session
{ {
LogPrint (eLogInfo, "Garlic: No tags available, will use ElGamal"); LogPrint (eLogInfo, "Garlic: No tags available, will use ElGamal");
if (!GetDestination ()) if (!m_Destination)
{ {
LogPrint (eLogError, "Garlic: Can't use ElGamal for unknown destination"); LogPrint (eLogError, "Garlic: Can't use ElGamal for unknown destination");
return nullptr; return nullptr;
@ -119,7 +118,7 @@ namespace garlic
uint8_t iv[32]; // IV is first 16 bytes uint8_t iv[32]; // IV is first 16 bytes
SHA256(elGamal.preIV, 32, iv); SHA256(elGamal.preIV, 32, iv);
BN_CTX * ctx = BN_CTX_new (); BN_CTX * ctx = BN_CTX_new ();
GetDestination ()->Encrypt ((uint8_t *)&elGamal, buf, ctx); m_Destination->Encrypt ((uint8_t *)&elGamal, buf, ctx);
BN_CTX_free (ctx); BN_CTX_free (ctx);
m_Encryption.SetIV (iv); m_Encryption.SetIV (iv);
buf += 514; buf += 514;
@ -229,7 +228,7 @@ namespace garlic
} }
if (msg) // clove message ifself if presented if (msg) // clove message ifself if presented
{ {
size += CreateGarlicClove (payload + size, msg, IsDestination ()); size += CreateGarlicClove (payload + size, msg, m_Destination ? m_Destination->IsDestination () : false);
(*numCloves)++; (*numCloves)++;
} }
memset (payload + size, 0, 3); // certificate of message memset (payload + size, 0, 3); // certificate of message
@ -251,7 +250,7 @@ namespace garlic
{ {
buf[size] = eGarlicDeliveryTypeDestination << 5;// delivery instructions flag destination buf[size] = eGarlicDeliveryTypeDestination << 5;// delivery instructions flag destination
size++; size++;
memcpy (buf + size, GetDestination ()->GetIdentHash (), 32); memcpy (buf + size, m_Destination->GetIdentHash (), 32);
size += 32; size += 32;
} }
else else
@ -842,8 +841,8 @@ namespace garlic
void GarlicDestination::HandleECIESx25519 (const uint8_t * buf, size_t len) void GarlicDestination::HandleECIESx25519 (const uint8_t * buf, size_t len)
{ {
ECIESX25519AEADRatchetSession session; ECIESX25519AEADRatchetSession session (this);
session.NewIncomingSession (*this, buf, len, std::bind (&GarlicDestination::HandleECIESx25519GarlicClove, session.NewIncomingSession (buf, len, std::bind (&GarlicDestination::HandleECIESx25519GarlicClove,
this, std::placeholders::_1, std::placeholders::_2)); this, std::placeholders::_1, std::placeholders::_2));
} }

8
libi2pd/Garlic.h
View file

@ -99,7 +99,7 @@ namespace garlic
public: public:
GarlicRoutingSession (GarlicDestination * owner, std::shared_ptr<const i2p::data::RoutingDestination> destination, bool attachLeaseSet); GarlicRoutingSession (GarlicDestination * owner, bool attachLeaseSet);
GarlicRoutingSession (); GarlicRoutingSession ();
virtual ~GarlicRoutingSession (); virtual ~GarlicRoutingSession ();
virtual std::shared_ptr<I2NPMessage> WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg) = 0; virtual std::shared_ptr<I2NPMessage> WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg) = 0;
@ -125,15 +125,11 @@ namespace garlic
void SetLeaseSetUpdateStatus (LeaseSetUpdateStatus status) { m_LeaseSetUpdateStatus = status; } void SetLeaseSetUpdateStatus (LeaseSetUpdateStatus status) { m_LeaseSetUpdateStatus = status; }
uint32_t GetLeaseSetUpdateMsgID () const { return m_LeaseSetUpdateMsgID; } uint32_t GetLeaseSetUpdateMsgID () const { return m_LeaseSetUpdateMsgID; }
void SetLeaseSetUpdateMsgID (uint32_t msgID) { m_LeaseSetUpdateMsgID = msgID; } void SetLeaseSetUpdateMsgID (uint32_t msgID) { m_LeaseSetUpdateMsgID = msgID; }
void SetLeaseSetSubmissionTime (uint64_t ts) { m_LeaseSetSubmissionTime = ts; } void SetLeaseSetSubmissionTime (uint64_t ts) { m_LeaseSetSubmissionTime = ts; }
bool IsDestination () const { return m_Destination ? m_Destination->IsDestination () : false; }
const std::shared_ptr<const i2p::data::RoutingDestination>& GetDestination () const { return m_Destination; }
private: private:
GarlicDestination * m_Owner; GarlicDestination * m_Owner;
std::shared_ptr<const i2p::data::RoutingDestination> m_Destination;
LeaseSetUpdateStatus m_LeaseSetUpdateStatus; LeaseSetUpdateStatus m_LeaseSetUpdateStatus;
uint32_t m_LeaseSetUpdateMsgID; uint32_t m_LeaseSetUpdateMsgID;
@ -185,6 +181,8 @@ namespace garlic
private: private:
std::shared_ptr<const i2p::data::RoutingDestination> m_Destination;
i2p::crypto::AESKey m_SessionKey; i2p::crypto::AESKey m_SessionKey;
std::list<SessionTag> m_SessionTags; std::list<SessionTag> m_SessionTags;
int m_NumTags; int m_NumTags;