store intermediate symmetric keys

2025-01-22 21:37:17 +01:00 · 2020-04-16 21:30:18 -04:00 · 2020-04-16 21:30:18 -04:00 · f9175db28e
parent f4798d05e7
commit f9175db28e
2 changed files with 25 additions and 17 deletions
--- a/libi2pd/ECIESX25519AEADRatchetSession.cpp
+++ b/libi2pd/ECIESX25519AEADRatchetSession.cpp
@ -44,26 +44,35 @@ namespace garlic

 	void RatchetTagSet::GetSymmKey (int index, uint8_t * key)
 	{
-		if (m_NextSymmKeyIndex > 0 && index >= m_NextSymmKeyIndex)
+		if (index >= m_NextSymmKeyIndex)
 		{	
 			auto num = index + 1 - m_NextSymmKeyIndex;
+			if (!m_NextSymmKeyIndex)
+			{
+				i2p::crypto::HKDF (m_SymmKeyCK, nullptr, 0, "SymmetricRatchet", m_CurrentSymmKeyCK); // keydata_0 = HKDF(symmKey_ck, SYMMKEY_CONSTANT, "SymmetricRatchet", 64)
+				m_NextSymmKeyIndex = 1;
+				num--;
+			}	
 			for (int i = 0; i < num; i++)
+			{	
 				i2p::crypto::HKDF (m_CurrentSymmKeyCK, nullptr, 0, "SymmetricRatchet", m_CurrentSymmKeyCK);
+				if (i < num - 1)
+					m_ItermediateSymmKeys.emplace (m_NextSymmKeyIndex + i, m_CurrentSymmKeyCK + 32);
+			}	
 			m_NextSymmKeyIndex += num;
 			memcpy (key, m_CurrentSymmKeyCK + 32, 32);
 		}
 		else
-			CalculateSymmKeyCK (index, key);			
-	}	
-
-	void RatchetTagSet::CalculateSymmKeyCK (int index, uint8_t * key)
 		{
-		// TODO: store intermediate keys	
-		uint8_t currentSymmKeyCK[64];
-		i2p::crypto::HKDF (m_SymmKeyCK, nullptr, 0, "SymmetricRatchet", currentSymmKeyCK); // keydata_0 = HKDF(symmKey_ck, SYMMKEY_CONSTANT, "SymmetricRatchet", 64)
-		for (int i = 0; i < index; i++)
-			i2p::crypto::HKDF (currentSymmKeyCK, nullptr, 0, "SymmetricRatchet", currentSymmKeyCK); // keydata_n = HKDF(symmKey_chainKey_(n-1), SYMMKEY_CONSTANT, "SymmetricRatchet", 64)
-		memcpy (key, currentSymmKeyCK + 32, 32);
+			auto it = m_ItermediateSymmKeys.find (index);
+			if (it != m_ItermediateSymmKeys.end ())
+			{	
+				memcpy (key, it->second, 32);
+				m_ItermediateSymmKeys.erase (it);
+			}	
+			else
+				LogPrint (eLogError, "Garlic: Missing symmetric key for index ", index);
+		}	
 	}	
 	
    ECIESX25519AEADRatchetSession::ECIESX25519AEADRatchetSession (GarlicDestination * owner):
--- a/libi2pd/ECIESX25519AEADRatchetSession.h
+++ b/libi2pd/ECIESX25519AEADRatchetSession.h
@ -7,9 +7,11 @@
 #include <memory>
 #include <vector>
 #include <list>
+#include <unordered_map>
 #include "Identity.h"
 #include "Crypto.h"
 #include "Garlic.h"
+#include "Tag.h"

 namespace i2p
 {
@ -25,10 +27,6 @@ namespace garlic
 			int GetNextIndex () const { return m_NextIndex; }; 
 			void GetSymmKey (int index, uint8_t * key);
 				
-        private:
-
-			void CalculateSymmKeyCK (int index, uint8_t * key);
-				
 		private:
 			
           union
@ -43,6 +41,7 @@ namespace garlic
           } m_KeyData;  
           uint8_t m_SessTagConstant[32], m_SymmKeyCK[32], m_CurrentSymmKeyCK[64];   
 		   int m_NextIndex, m_NextSymmKeyIndex;
+		   std::unordered_map<int, i2p::data::Tag<32> > m_ItermediateSymmKeys;
    };       

    enum ECIESx25519BlockType