2020-01-15 15:13:43 -05:00
|
|
|
#ifndef ECIES_X25519_AEAD_RATCHET_SESSION_H__
|
|
|
|
#define ECIES_X25519_AEAD_RATCHET_SESSION_H__
|
|
|
|
|
2020-01-16 19:33:00 -05:00
|
|
|
#include <string.h>
|
2020-01-15 15:13:43 -05:00
|
|
|
#include <inttypes.h>
|
|
|
|
#include <functional>
|
2020-01-21 14:40:23 -05:00
|
|
|
#include <memory>
|
2020-01-17 11:21:41 -05:00
|
|
|
#include <vector>
|
2020-01-15 15:13:43 -05:00
|
|
|
#include "Identity.h"
|
2020-01-16 16:34:13 -05:00
|
|
|
#include "Crypto.h"
|
2020-01-16 14:59:19 -05:00
|
|
|
#include "Garlic.h"
|
2020-01-15 15:13:43 -05:00
|
|
|
|
|
|
|
namespace i2p
|
|
|
|
{
|
|
|
|
namespace garlic
|
|
|
|
{
|
2020-01-20 15:17:38 -05:00
|
|
|
class RatchetTagSet
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
|
|
|
|
void DHInitialize (const uint8_t * rootKey, const uint8_t * k);
|
|
|
|
void NextSessionTagRatchet ();
|
2020-01-21 14:40:23 -05:00
|
|
|
uint64_t GetNextSessionTag ();
|
2020-02-05 15:48:51 -05:00
|
|
|
int GetNextIndex () const { return m_NextIndex; };
|
2020-02-08 21:51:02 -05:00
|
|
|
const uint8_t * GetSymmKey (int index);
|
2020-01-20 15:17:38 -05:00
|
|
|
|
|
|
|
private:
|
2020-02-08 21:51:02 -05:00
|
|
|
|
|
|
|
void CalculateSymmKeyCK (int index);
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
2020-01-21 14:40:23 -05:00
|
|
|
union
|
|
|
|
{
|
|
|
|
uint64_t ll[8];
|
|
|
|
uint8_t buf[64];
|
|
|
|
|
|
|
|
const uint8_t * GetSessTagCK () const { return buf; }; // sessTag_chainKey = keydata[0:31]
|
|
|
|
const uint8_t * GetSessTagConstant () const { return buf + 32; }; // SESSTAG_CONSTANT = keydata[32:63]
|
|
|
|
uint64_t GetTag () const { return ll[4]; }; // tag = keydata[32:39]
|
|
|
|
|
|
|
|
} m_KeyData;
|
2020-02-08 21:51:02 -05:00
|
|
|
uint8_t m_SessTagConstant[32], m_SymmKeyCK[32], m_CurrentSymmKeyCK[64];
|
|
|
|
int m_NextIndex, m_NextSymmKeyIndex;
|
2020-01-20 15:17:38 -05:00
|
|
|
};
|
|
|
|
|
2020-01-15 15:13:43 -05:00
|
|
|
enum ECIESx25519BlockType
|
|
|
|
{
|
|
|
|
eECIESx25519BlkDateTime = 0,
|
|
|
|
eECIESx25519BlkSessionID = 1,
|
|
|
|
eECIESx25519BlkTermination = 4,
|
|
|
|
eECIESx25519BlkOptions = 5,
|
|
|
|
eECIESx25519BlkNextSessionKey = 7,
|
|
|
|
eECIESx25519BlkGalicClove = 11,
|
|
|
|
eECIESx25519BlkPadding = 254
|
|
|
|
};
|
|
|
|
|
2020-02-20 15:44:09 -05:00
|
|
|
|
|
|
|
const int ECIESX25519_RESTART_TIMEOUT = 120; // number of second of inactivity we should restart after
|
|
|
|
const int ECIESX25519_EXPIRATION_TIMEOUT = 600; // in seconds
|
|
|
|
|
2020-01-21 14:40:23 -05:00
|
|
|
class ECIESX25519AEADRatchetSession: public GarlicRoutingSession, public std::enable_shared_from_this<ECIESX25519AEADRatchetSession>
|
2020-01-15 15:13:43 -05:00
|
|
|
{
|
2020-01-17 11:21:41 -05:00
|
|
|
enum SessionState
|
|
|
|
{
|
|
|
|
eSessionStateNew =0,
|
2020-01-29 15:54:11 -05:00
|
|
|
eSessionStateNewSessionReceived,
|
2020-02-03 16:21:07 -05:00
|
|
|
eSessionStateNewSessionSent,
|
|
|
|
eSessionStateEstablished
|
2020-01-17 11:21:41 -05:00
|
|
|
};
|
|
|
|
|
2020-01-15 15:13:43 -05:00
|
|
|
public:
|
|
|
|
|
2020-01-16 14:59:19 -05:00
|
|
|
ECIESX25519AEADRatchetSession (GarlicDestination * owner);
|
2020-01-15 15:13:43 -05:00
|
|
|
~ECIESX25519AEADRatchetSession ();
|
|
|
|
|
2020-02-03 16:21:07 -05:00
|
|
|
bool HandleNextMessage (const uint8_t * buf, size_t len, int index = 0);
|
2020-01-16 14:59:19 -05:00
|
|
|
std::shared_ptr<I2NPMessage> WrapSingleMessage (std::shared_ptr<const I2NPMessage> msg);
|
|
|
|
|
2020-01-16 19:33:00 -05:00
|
|
|
const uint8_t * GetRemoteStaticKey () const { return m_RemoteStaticKey; }
|
|
|
|
void SetRemoteStaticKey (const uint8_t * key) { memcpy (m_RemoteStaticKey, key, 32); }
|
2020-01-15 15:13:43 -05:00
|
|
|
|
2020-01-30 11:48:32 -05:00
|
|
|
void SetDestination (const i2p::data::IdentHash& dest) // TODO:
|
|
|
|
{
|
|
|
|
if (!m_Destination) m_Destination.reset (new i2p::data::IdentHash (dest));
|
|
|
|
}
|
2020-02-09 17:19:42 -05:00
|
|
|
|
2020-02-20 15:44:09 -05:00
|
|
|
bool IsExpired (uint64_t ts) const { return ts > m_LastActivityTimestamp + ECIESX25519_EXPIRATION_TIMEOUT; }
|
|
|
|
bool CanBeRestarted (uint64_t ts) const { return ts > m_LastActivityTimestamp + ECIESX25519_RESTART_TIMEOUT; }
|
|
|
|
|
2020-01-15 15:13:43 -05:00
|
|
|
private:
|
|
|
|
|
2020-01-22 21:42:30 -05:00
|
|
|
void ResetKeys ();
|
2020-01-15 15:13:43 -05:00
|
|
|
void MixHash (const uint8_t * buf, size_t len);
|
2020-02-05 15:48:51 -05:00
|
|
|
void CreateNonce (uint64_t seqn, uint8_t * nonce);
|
2020-01-21 12:19:20 -05:00
|
|
|
bool GenerateEphemeralKeysAndEncode (uint8_t * buf); // buf is 32 bytes
|
2020-01-21 14:40:23 -05:00
|
|
|
uint64_t CreateNewSessionTag () const;
|
2020-01-15 15:13:43 -05:00
|
|
|
|
2020-02-03 16:21:07 -05:00
|
|
|
bool HandleNewIncomingSession (const uint8_t * buf, size_t len);
|
|
|
|
bool HandleNewOutgoingSessionReply (const uint8_t * buf, size_t len);
|
|
|
|
bool HandleExistingSessionMessage (const uint8_t * buf, size_t len, int index);
|
|
|
|
void HandlePayload (const uint8_t * buf, size_t len);
|
2020-01-15 15:13:43 -05:00
|
|
|
|
2020-01-16 16:34:13 -05:00
|
|
|
bool NewOutgoingSessionMessage (const uint8_t * payload, size_t len, uint8_t * out, size_t outLen);
|
2020-01-17 14:11:15 -05:00
|
|
|
bool NewSessionReplyMessage (const uint8_t * payload, size_t len, uint8_t * out, size_t outLen);
|
2020-02-05 15:48:51 -05:00
|
|
|
bool NewExistingSessionMessage (const uint8_t * payload, size_t len, uint8_t * out, size_t outLen);
|
|
|
|
|
2020-01-17 11:21:41 -05:00
|
|
|
std::vector<uint8_t> CreatePayload (std::shared_ptr<const I2NPMessage> msg);
|
2020-01-30 11:48:32 -05:00
|
|
|
size_t CreateGarlicClove (std::shared_ptr<const I2NPMessage> msg, uint8_t * buf, size_t len, bool isDestination = false);
|
2020-01-16 16:34:13 -05:00
|
|
|
|
2020-02-09 17:19:42 -05:00
|
|
|
void GenerateMoreReceiveTags (int numTags);
|
|
|
|
|
2020-01-15 15:13:43 -05:00
|
|
|
private:
|
|
|
|
|
2020-01-16 19:33:00 -05:00
|
|
|
uint8_t m_H[32], m_CK[64] /* [chainkey, key] */, m_RemoteStaticKey[32];
|
2020-01-29 21:57:10 -05:00
|
|
|
uint8_t m_Aepk[32]; // Alice's ephemeral keys TODO: for incoming only
|
2020-01-16 16:34:13 -05:00
|
|
|
i2p::crypto::X25519Keys m_EphemeralKeys;
|
2020-01-17 11:21:41 -05:00
|
|
|
SessionState m_State = eSessionStateNew;
|
2020-02-20 15:44:09 -05:00
|
|
|
uint64_t m_LastActivityTimestamp = 0; // incoming
|
2020-02-03 16:21:07 -05:00
|
|
|
RatchetTagSet m_SendTagset, m_ReceiveTagset;
|
2020-02-09 17:19:42 -05:00
|
|
|
int m_NumReceiveTags = 0;
|
2020-01-30 11:48:32 -05:00
|
|
|
std::unique_ptr<i2p::data::IdentHash> m_Destination;// TODO: might not need it
|
2020-01-15 15:13:43 -05:00
|
|
|
};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|