Database lookups from ECIES destinations

2025-01-11 17:37:53 +00:00 · 2020-09-19 21:15:42 -04:00 · 2020-09-19 21:15:42 -04:00 · 09fdb068d2
commit 09fdb068d2
parent 024c29b180
5 changed files with 34 additions and 9 deletions
--- a/libi2pd/Destination.cpp
+++ b/libi2pd/Destination.cpp
@ -744,14 +744,19 @@ namespace client
 			request->excluded.insert (nextFloodfill->GetIdentHash ());
 			request->requestTimeoutTimer.cancel ();

+			bool isECIES = SupportsEncryptionType (i2p::data::CRYPTO_KEY_TYPE_ECIES_X25519_AEAD_RATCHET) &&
+				nextFloodfill->GetVersion () >= MAKE_VERSION_NUMBER(0, 9, 46); // >= 0.9.46;
 			uint8_t replyKey[32], replyTag[32];
 			RAND_bytes (replyKey, 32); // random session key
-			RAND_bytes (replyTag, 32); // random session tag
-			AddSessionKey (replyKey, replyTag);
+			RAND_bytes (replyTag, isECIES ? 8 : 32); // random session tag
+			if (isECIES)	
+				AddECIESx25519Key (replyKey, replyTag);
+			else	
+				AddSessionKey (replyKey, replyTag);

 			auto msg = WrapMessage (nextFloodfill,
 				CreateLeaseSetDatabaseLookupMsg (dest, request->excluded,
-					request->replyTunnel, replyKey, replyTag));
+					request->replyTunnel, replyKey, replyTag, isECIES));
 			request->outboundTunnel->SendTunnelDataMsg (
 				{
 					i2p::tunnel::TunnelMessageBlock
--- a/libi2pd/Garlic.cpp
+++ b/libi2pd/Garlic.cpp
@ -460,6 +460,14 @@ namespace garlic
 		}
 	}

+	void GarlicDestination::AddECIESx25519Key (const uint8_t * key, const uint8_t * tag)
+	{
+		uint64_t t;
+		memcpy (&t, tag, 8);
+		auto tagset = std::make_shared<DatabaseLookupTagSet>(this, key);
+		m_ECIESx25519Tags.emplace (t, ECIESX25519AEADRatchetIndexTagset{0, tagset});
+	}	
+		
 	bool GarlicDestination::SubmitSessionKey (const uint8_t * key, const uint8_t * tag)
 	{
 		AddSessionKey (key, tag);
--- a/libi2pd/Garlic.h
+++ b/libi2pd/Garlic.h
@ -241,6 +241,7 @@ namespace garlic
 				std::shared_ptr<I2NPMessage> msg, bool attachLeaseSet = false);

 			void AddSessionKey (const uint8_t * key, const uint8_t * tag); // one tag
+			void AddECIESx25519Key (const uint8_t * key, const uint8_t * tag); // one tag
 			virtual bool SubmitSessionKey (const uint8_t * key, const uint8_t * tag); // from different thread
 			void DeliveryStatusSent (GarlicRoutingSessionPtr session, uint32_t msgID);
 			void AddECIESx25519SessionNextTag (RatchetTagSetPtr tagset);
--- a/libi2pd/I2NPProtocol.cpp
+++ b/libi2pd/I2NPProtocol.cpp
@ -171,7 +171,8 @@ namespace i2p

 	std::shared_ptr<I2NPMessage> CreateLeaseSetDatabaseLookupMsg (const i2p::data::IdentHash& dest,
 		const std::set<i2p::data::IdentHash>& excludedFloodfills,
-		std::shared_ptr<const i2p::tunnel::InboundTunnel> replyTunnel, const uint8_t * replyKey, const uint8_t * replyTag)
+		std::shared_ptr<const i2p::tunnel::InboundTunnel> replyTunnel, const uint8_t * replyKey, 
+	    const uint8_t * replyTag, bool replyECIES)
 	{
 		int cnt = excludedFloodfills.size ();
 		auto m = cnt > 7 ? NewI2NPMessage () : NewI2NPShortMessage ();
@ -180,7 +181,8 @@ namespace i2p
 		buf += 32;
 		memcpy (buf, replyTunnel->GetNextIdentHash (), 32); // reply tunnel GW
 		buf += 32;
-		*buf = DATABASE_LOOKUP_DELIVERY_FLAG | DATABASE_LOOKUP_ENCRYPTION_FLAG | DATABASE_LOOKUP_TYPE_LEASESET_LOOKUP; // flags
+		*buf = DATABASE_LOOKUP_DELIVERY_FLAG | DATABASE_LOOKUP_TYPE_LEASESET_LOOKUP; // flags
+		*buf |= (replyECIES ? DATABASE_LOOKUP_ECIES_FLAG : DATABASE_LOOKUP_ENCRYPTION_FLAG);
 		buf ++;
 		htobe32buf (buf, replyTunnel->GetNextTunnelID ()); // reply tunnel ID
 		buf += 4;
@ -204,8 +206,16 @@ namespace i2p
 		// encryption
 		memcpy (buf, replyKey, 32);
 		buf[32] = 1; // 1 tag
-		memcpy (buf + 33, replyTag, 32);
-		buf += 65;
+		if (replyECIES)
+		{
+			memcpy (buf + 33, replyTag, 8); // 8 bytes tag
+			buf += 41;
+		}	
+		else	
+		{		
+			memcpy (buf + 33, replyTag, 32); // 32 bytes tag
+			buf += 65;
+		}	

 		m->len += (buf - m->GetPayload ());
 		m->FillI2NPMessageHeader (eI2NPDatabaseLookup);
--- a/libi2pd/I2NPProtocol.h
+++ b/libi2pd/I2NPProtocol.h
@ -251,8 +251,9 @@ namespace tunnel
 	std::shared_ptr<I2NPMessage> CreateRouterInfoDatabaseLookupMsg (const uint8_t * key, const uint8_t * from,
 		uint32_t replyTunnelID, bool exploratory = false, std::set<i2p::data::IdentHash> * excludedPeers = nullptr);
 	std::shared_ptr<I2NPMessage> CreateLeaseSetDatabaseLookupMsg (const i2p::data::IdentHash& dest,
-		const std::set<i2p::data::IdentHash>& excludedFloodfills,
-		std::shared_ptr<const i2p::tunnel::InboundTunnel> replyTunnel, const uint8_t * replyKey, const uint8_t * replyTag);
+		const std::set<i2p::data::IdentHash>& excludedFloodfills, 
+	    std::shared_ptr<const i2p::tunnel::InboundTunnel> replyTunnel, 
+	    const uint8_t * replyKey, const uint8_t * replyTag, bool replyECIES = false);
 	std::shared_ptr<I2NPMessage> CreateDatabaseSearchReply (const i2p::data::IdentHash& ident, std::vector<i2p::data::IdentHash> routers);

 	std::shared_ptr<I2NPMessage> CreateDatabaseStoreMsg (std::shared_ptr<const i2p::data::RouterInfo> router = nullptr, uint32_t replyToken = 0);