PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

create random keys for different signature type

pull/93/head
orignal 10 years ago
parent
a6c308f2f5
commit
009af2eeae
3 changed files with 73 additions and 42 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 98
      Identity.cpp
  2. 15
      Identity.h
  3. 2
      Streaming.cpp

98
Identity.cpp
Unescape View File

@ -29,7 +29,6 @@ namespace data
size_t Identity::FromBuffer (const uint8_t * buf, size_t len) size_t Identity::FromBuffer (const uint8_t * buf, size_t len)
{ {
memcpy (publicKey, buf, DEFAULT_IDENTITY_SIZE); memcpy (publicKey, buf, DEFAULT_IDENTITY_SIZE);
// TODO: process certificate
return DEFAULT_IDENTITY_SIZE; return DEFAULT_IDENTITY_SIZE;
} }
@ -37,7 +36,31 @@ namespace data
m_Verifier (nullptr), m_ExtendedLen (0), m_ExtendedBuffer (nullptr) m_Verifier (nullptr), m_ExtendedLen (0), m_ExtendedBuffer (nullptr)
{ {
} }
IdentityEx::IdentityEx(const uint8_t * publicKey, const uint8_t * signingKey, SigningKeyType type)
{
memcpy (m_StandardIdentity.publicKey, publicKey, sizeof (m_StandardIdentity.publicKey));
if (type == SIGNING_KEY_TYPE_ECDSA_SHA256_P256)
{
memcpy (m_StandardIdentity.signingKey + 64, signingKey, 64);
m_StandardIdentity.certificate.type = CERTIFICATE_TYPE_KEY;
m_ExtendedLen = 4; // 4 bytes extra
m_StandardIdentity.certificate.length = htobe16 (4);
m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
*(uint16_t *)m_ExtendedBuffer = htobe16 (SIGNING_KEY_TYPE_ECDSA_SHA256_P256);
*(uint16_t *)(m_ExtendedBuffer + 2) = htobe16 (CRYPTO_KEY_TYPE_ELGAMAL);
}
else // DSA-SHA1
{
memcpy (m_StandardIdentity.signingKey, signingKey, sizeof (m_StandardIdentity.signingKey));
memset (&m_StandardIdentity.certificate, 0, sizeof (m_StandardIdentity.certificate));
m_ExtendedLen = 0;
m_ExtendedBuffer = nullptr;
}
m_IdentHash = m_StandardIdentity.Hash ();
CreateVerifier ();
}
IdentityEx::IdentityEx (const uint8_t * buf, size_t len): IdentityEx::IdentityEx (const uint8_t * buf, size_t len):
m_Verifier (nullptr), m_ExtendedLen (0), m_ExtendedBuffer (nullptr) m_Verifier (nullptr), m_ExtendedLen (0), m_ExtendedBuffer (nullptr)
{ {
@ -143,38 +166,28 @@ namespace data
return m_Verifier->Verify (buf, len, signature); return m_Verifier->Verify (buf, len, signature);
return false; return false;
} }
SigningKeyType IdentityEx::GetSigningKeyType () const
{
if (m_StandardIdentity.certificate.type == CERTIFICATE_TYPE_KEY && m_ExtendedBuffer)
return be16toh (*(const uint16_t *)m_ExtendedBuffer); // signing key
return SIGNING_KEY_TYPE_DSA_SHA1;
}
void IdentityEx::CreateVerifier () void IdentityEx::CreateVerifier ()
{ {
switch (m_StandardIdentity.certificate.type) auto keyType = GetSigningKeyType ();
{ switch (keyType)
case CERTIFICATE_TYPE_NULL: {
case SIGNING_KEY_TYPE_DSA_SHA1:
m_Verifier = new i2p::crypto::DSAVerifier (m_StandardIdentity.signingKey); m_Verifier = new i2p::crypto::DSAVerifier (m_StandardIdentity.signingKey);
break; break;
case CERTIFICATE_TYPE_KEY: case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
{ m_Verifier = new i2p::crypto::ECDSAP256Verifier (m_StandardIdentity.signingKey + 64);
if (m_ExtendedBuffer) break;
{
uint16_t keyType = be16toh (*(uint16_t *)m_ExtendedBuffer); // sigining key
switch (keyType)
{
case PUBLIC_KEY_TYPE_DSA_SHA1:
m_Verifier = new i2p::crypto::DSAVerifier (m_StandardIdentity.signingKey);
break;
case PUBLIC_KEY_TYPE_ECDSA_SHA256_P256:
m_Verifier = new i2p::crypto::ECDSAP256Verifier (m_StandardIdentity.signingKey + 64);
break;
default:
LogPrint ("Signing key type ", keyType, " is not supported");
}
}
else
LogPrint ("Missing certificate payload");
break;
}
default: default:
LogPrint ("Certificate type ", m_StandardIdentity.certificate.type, " is not supported"); LogPrint ("Signing key type ", (int)keyType, " is not supported");
} }
} }
IdentHash Identity::Hash() const IdentHash Identity::Hash() const
@ -213,24 +226,35 @@ namespace data
ret += signingPrivateKeySize; ret += signingPrivateKeySize;
return ret; return ret;
} }
PrivateKeys PrivateKeys::CreateRandomKeys (SigningKeyType type)
{
if (type == SIGNING_KEY_TYPE_ECDSA_SHA256_P256)
{
PrivateKeys keys;
CryptoPP::AutoSeededRandomPool rnd;
// encryption
uint8_t publicKey[256];
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
dh.GenerateKeyPair(rnd, keys.m_PrivateKey, publicKey);
// signature
uint8_t signingPublicKey[64];
i2p::crypto::CreateECDSAP256RandomKeys (rnd, keys.m_SigningPrivateKey, signingPublicKey);
keys.m_Public = IdentityEx (publicKey, signingPublicKey, SIGNING_KEY_TYPE_ECDSA_SHA256_P256);
return keys;
}
return PrivateKeys (i2p::data::CreateRandomKeys ()); // DSA-SHA1
}
Keys CreateRandomKeys () Keys CreateRandomKeys ()
{ {
Keys keys; Keys keys;
CryptoPP::AutoSeededRandomPool rnd; CryptoPP::AutoSeededRandomPool rnd;
// encryption // encryption
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg); CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
dh.GenerateKeyPair(rnd, keys.privateKey, keys.publicKey); dh.GenerateKeyPair(rnd, keys.privateKey, keys.publicKey);
// signing // signing
CryptoPP::DSA::PrivateKey privateKey; i2p::crypto::CreateDSARandomKeys (rnd, keys.signingPrivateKey, keys.signingKey);
CryptoPP::DSA::PublicKey publicKey;
privateKey.Initialize (rnd, i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag);
privateKey.MakePublicKey (publicKey);
privateKey.GetPrivateExponent ().Encode (keys.signingPrivateKey, 20);
publicKey.GetPublicElement ().Encode (keys.signingKey, 128);
return keys; return keys;
} }

15
Identity.h
Unescape View File

@ -80,9 +80,6 @@ namespace data
const uint8_t CERTIFICATE_TYPE_MULTIPLE = 4; const uint8_t CERTIFICATE_TYPE_MULTIPLE = 4;
const uint8_t CERTIFICATE_TYPE_KEY = 5; const uint8_t CERTIFICATE_TYPE_KEY = 5;
const uint16_t PUBLIC_KEY_TYPE_DSA_SHA1 = 0;
const uint16_t PUBLIC_KEY_TYPE_ECDSA_SHA256_P256 = 1;
struct Identity struct Identity
{ {
uint8_t publicKey[256]; uint8_t publicKey[256];
@ -102,11 +99,18 @@ namespace data
}; };
const size_t DEFAULT_IDENTITY_SIZE = sizeof (Identity); // 387 bytes const size_t DEFAULT_IDENTITY_SIZE = sizeof (Identity); // 387 bytes
const uint16_t CRYPTO_KEY_TYPE_ELGAMAL = 0;
const uint16_t SIGNING_KEY_TYPE_DSA_SHA1 = 0;
const uint16_t SIGNING_KEY_TYPE_ECDSA_SHA256_P256 = 1;
typedef uint16_t SigningKeyType;
class IdentityEx class IdentityEx
{ {
public: public:
IdentityEx (); IdentityEx ();
IdentityEx (const uint8_t * publicKey, const uint8_t * signingKey,
SigningKeyType type = SIGNING_KEY_TYPE_DSA_SHA1);
IdentityEx (const uint8_t * buf, size_t len); IdentityEx (const uint8_t * buf, size_t len);
IdentityEx (const IdentityEx& other); IdentityEx (const IdentityEx& other);
~IdentityEx (); ~IdentityEx ();
@ -121,6 +125,7 @@ namespace data
size_t GetSigningPublicKeyLen () const; size_t GetSigningPublicKeyLen () const;
size_t GetSignatureLen () const; size_t GetSignatureLen () const;
bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const; bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const;
SigningKeyType GetSigningKeyType () const;
private: private:
@ -150,7 +155,9 @@ namespace data
size_t FromBuffer (const uint8_t * buf, size_t len); size_t FromBuffer (const uint8_t * buf, size_t len);
size_t ToBuffer (uint8_t * buf, size_t len) const; size_t ToBuffer (uint8_t * buf, size_t len) const;
static PrivateKeys CreateRandomKeys (SigningKeyType type = SIGNING_KEY_TYPE_DSA_SHA1);
private: private:
IdentityEx m_Public; IdentityEx m_Public;

2
Streaming.cpp
Unescape View File

@ -505,7 +505,7 @@ namespace stream
StreamingDestination::StreamingDestination (boost::asio::io_service& service): StreamingDestination::StreamingDestination (boost::asio::io_service& service):
m_Service (service), m_LeaseSet (nullptr), m_IsPublic (false) m_Service (service), m_LeaseSet (nullptr), m_IsPublic (false)
{ {
m_Keys = i2p::data::CreateRandomKeys (); m_Keys = i2p::data::PrivateKeys::CreateRandomKeys ();
m_SigningPrivateKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, m_SigningPrivateKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag,
CryptoPP::Integer (m_Keys.GetSigningPrivateKey (), 20)); CryptoPP::Integer (m_Keys.GetSigningPrivateKey (), 20));
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg); CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);

Write Preview
Loading…
Cancel
Save