From 21693fc1e507997def521e621bda525f6c93a8f3 Mon Sep 17 00:00:00 2001
From: orignal <romakoshelkin@yandex.ru>
Date: Wed, 29 Jan 2014 16:49:53 -0500
Subject: [PATCH] handle and send SessionRequest message

---
 SSU.cpp | 131 +++++++++++++++++++++++++++++++++++++++++++++++++++-----
 SSU.h   |  22 +++++++---
 2 files changed, 137 insertions(+), 16 deletions(-)

diff --git a/SSU.cpp b/SSU.cpp
index 5cb7cfe5..8d4be872 100644
--- a/SSU.cpp
+++ b/SSU.cpp
@@ -1,6 +1,10 @@
 #include <string.h>
 #include <boost/bind.hpp>
+#include <cryptopp/dh.h>
+#include <cryptopp/secblock.h>
+#include "CryptoConst.h"
 #include "Log.h"
+#include "Timestamp.h"
 #include "RouterContext.h"
 #include "hmac.h"
 #include "SSU.h"
@@ -12,24 +16,110 @@ namespace ssu
 
 	SSUSession::SSUSession (SSUServer * server, const boost::asio::ip::udp::endpoint& remoteEndpoint,
 		i2p::data::RouterInfo * router): m_Server (server), m_RemoteEndpoint (remoteEndpoint), 
-		m_State (eSessionStateUnknown)
+		m_RemoteRouter (router), m_State (eSessionStateUnknown)
 	{
 	}
 
-	void SSUSession::ProcessNextMessage (uint8_t * buf, size_t len)
+	void SSUSession::CreateAESKey (uint8_t * pubKey, uint8_t * aesKey) // TODO: move it to base class for NTCP and SSU
+	{
+		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
+		CryptoPP::SecByteBlock secretKey(dh.AgreedValueLength());
+		if (!dh.Agree (secretKey, i2p::context.GetPrivateKey (), pubKey))
+		{    
+		    LogPrint ("Couldn't create shared key");
+			return;
+		};
+
+		if (secretKey[0] & 0x80)
+		{
+			aesKey[0] = 0;
+			memcpy (aesKey + 1, secretKey, 31);
+		}	
+		else	
+			memcpy (aesKey, secretKey, 32);
+	}		
+
+	void SSUSession::ProcessNextMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint)
 	{
 		switch (m_State)
 		{
 			case eSessionStateUnknown:
-				// we assume session request
-				ProcessSessionRequest (buf, len);
+				// session request
+				ProcessSessionRequest (buf, len, senderEndpoint);
+			break;
+			case eSessionStateRequestSent:
+				// session created
+				ProcessSessionCreated (buf, len);
 			break;
 			default:
 				LogPrint ("SSU state not implemented yet");
 		}
 	}
 
-	void SSUSession::ProcessSessionRequest (uint8_t * buf, size_t len)
+	void SSUSession::ProcessSessionRequest (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint)
+	{
+		LogPrint ("Process session request");
+		if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_REQUEST, buf, len))
+		{
+			m_State = eSessionStateRequestReceived;
+			LogPrint ("Session request received");	
+			SendSessionCreated (senderEndpoint);
+		}
+	}
+
+	void SSUSession::ProcessSessionCreated (uint8_t * buf, size_t len)
+	{
+		LogPrint ("Process session created");
+		if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_CREATED, buf, len))
+		{
+			m_State = eSessionStateCreatedReceived;
+			LogPrint ("Session request received");	
+			// TODO:
+		}
+	}	
+
+	void SSUSession::SendSessionRequest ()
+	{
+		auto address = m_RemoteRouter ? m_RemoteRouter->GetSSUAddress () : nullptr;
+		if (!address)
+		{
+			LogPrint ("Missing remote SSU address");
+			return;
+		}
+	
+		uint8_t buf[304 + 18]; // 304 bytes for ipv4 (320 for ipv6)
+		uint8_t * payload = buf + sizeof (SSUHeader);
+		memcpy (payload, i2p::context.GetRouterIdentity ().publicKey, 256);
+		payload[256] = 4; // we assume ipv4
+		*(uint32_t *)(payload + 257) =  address->host.to_v4 ().to_ulong (); // network bytes order already
+		
+		uint8_t iv[16];
+		CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator ();
+		rnd.GenerateBlock (iv, 16); // random iv
+		FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_REQUEST, buf, 304, address->key, iv, address->key);
+		
+		m_State = eSessionStateRequestSent;		
+		m_Server->Send (buf, 304, m_RemoteEndpoint);
+	}
+
+	void SSUSession::SendSessionCreated (const boost::asio::ip::udp::endpoint& senderEndpoint)
+	{
+		auto address = m_RemoteRouter ? m_RemoteRouter->GetSSUAddress () : nullptr;
+		if (!address)
+		{
+			LogPrint ("Missing remote SSU address");
+			return;
+		}
+
+		uint8_t buf[368 + 18];
+		uint8_t * payload = buf + sizeof (SSUHeader);
+		memcpy (payload, i2p::context.GetRouterIdentity ().publicKey, 256);
+
+		m_State = eSessionStateRequestSent;		
+		m_Server->Send (buf, 368, m_RemoteEndpoint);
+	}
+
+	bool SSUSession::ProcessIntroKeyEncryptedMessage (uint8_t expectedPayloadType, uint8_t * buf, size_t len)
 	{
 		auto address = i2p::context.GetRouterInfo ().GetSSUAddress ();
 		if (address)
@@ -37,19 +127,25 @@ namespace ssu
 			// use intro key for verification and decryption
 			if (Validate (buf, len, address->key))
 			{
-				m_State = eSessionStateRequestReceived;
-				LogPrint ("Session request received");
 				Decrypt (buf, len, address->key);
-				// TODO:
+				SSUHeader * header = (SSUHeader *)buf;
+				if ((header->flag >> 4) == expectedPayloadType)
+				{
+					CreateAESKey (buf + sizeof (SSUHeader), m_SessionKey);	
+					return true;				
+				}
+				else
+					LogPrint ("Unexpected payload type ", (int)(header->flag >> 4));	
 			}
 			else
 				LogPrint ("MAC verifcation failed");	
 		}
 		else
 			LogPrint ("SSU is not supported");
-	}
+		return false;
+	}	
 
-	void SSUSession::Encrypt (uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey)
+	void SSUSession::FillHeaderAndEncrypt (uint8_t payloadType, uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey)
 	{	
 		if (len < sizeof (SSUHeader))
 		{
@@ -58,6 +154,8 @@ namespace ssu
 		}
 		SSUHeader * header = (SSUHeader *)buf;
 		memcpy (header->iv, iv, 16);
+		header->flag = payloadType << 4; // MSB is 0
+		header->time = htobe32 (i2p::util::GetSecondsSinceEpoch ());
 		uint8_t * encrypted = &header->flag;
 		uint16_t encryptedLen = len - (encrypted - buf);
 		m_Encryption.SetKeyWithIV (aesKey, 32, iv);
@@ -100,6 +198,16 @@ namespace ssu
 		return !memcmp (header->mac, digest, 16);
 	}
 
+	void SSUSession::Connect ()
+	{
+		SendSessionRequest ();
+	}
+
+	void SSUSession::SendI2NPMessage (I2NPMessage * msg)
+	{
+		// TODO:
+	}	
+
 	SSUServer::SSUServer (boost::asio::io_service& service, int port):
 		m_Socket (service, boost::asio::ip::udp::v4 (), port)
 	{
@@ -147,7 +255,7 @@ namespace ssu
 				m_Sessions[m_SenderEndpoint] = session;
 				LogPrint ("New SSU session from ", m_SenderEndpoint.address ().to_string (), ":", m_SenderEndpoint.port (), " created");
 			}
-			session->ProcessNextMessage (m_ReceiveBuffer, bytes_transferred);
+			session->ProcessNextMessage (m_ReceiveBuffer, bytes_transferred, m_SenderEndpoint);
 			Receive ();
 		}
 		else
@@ -173,6 +281,7 @@ namespace ssu
 					m_Sessions[remoteEndpoint] = session;
 					LogPrint ("New SSU session to [", router->GetIdentHashAbbreviation (), "] ",
 						remoteEndpoint.address ().to_string (), ":", remoteEndpoint.port (), " created");
+					session->Connect ();
 				}
 			}
 			else
diff --git a/SSU.h b/SSU.h
index 0b4843bf..d8ae7090 100644
--- a/SSU.h
+++ b/SSU.h
@@ -8,6 +8,7 @@
 #include <cryptopp/aes.h>
 #include "I2PEndian.h"
 #include "RouterInfo.h"
+#include "I2NPProtocol.h"
 
 namespace i2p
 {
@@ -25,7 +26,7 @@ namespace ssu
 
 	const int SSU_MTU = 1484;
 
-	// payload types (4 bits)
+	// payload types (3 bits)
 	const uint8_t PAYLOAD_TYPE_SESSION_REQUEST = 0;
 	const uint8_t PAYLOAD_TYPE_SESSION_CREATED = 1;
 	const uint8_t PAYLOAD_TYPE_SESSION_CONFIRMED = 2;
@@ -54,13 +55,22 @@ namespace ssu
 
 			SSUSession (SSUServer * server, const boost::asio::ip::udp::endpoint& remoteEndpoint,
 				i2p::data::RouterInfo * router = nullptr);
-			void ProcessNextMessage (uint8_t * buf, size_t len);		
+			void ProcessNextMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint);		
+
+			void Connect ();
+			void SendI2NPMessage (I2NPMessage * msg);
 
 		private:
 
-			void ProcessSessionRequest (uint8_t * buf, size_t len);
+			void CreateAESKey (uint8_t * pubKey, uint8_t * aesKey); // TODO: shouldn't be here
+
+			void ProcessSessionRequest (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint);
+			void SendSessionRequest ();
+			void ProcessSessionCreated (uint8_t * buf, size_t len);
+			void SendSessionCreated (const boost::asio::ip::udp::endpoint& senderEndpoint);
 
-			void Encrypt (uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey);
+			bool ProcessIntroKeyEncryptedMessage (uint8_t expectedPayloadType, uint8_t * buf, size_t len);
+			void FillHeaderAndEncrypt (uint8_t payloadType, uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey);
 			void Decrypt (uint8_t * buf, size_t len, uint8_t * aesKey);			
 			bool Validate (uint8_t * buf, size_t len, uint8_t * macKey);			
 
@@ -68,9 +78,11 @@ namespace ssu
 			
 			SSUServer * m_Server;
 			boost::asio::ip::udp::endpoint m_RemoteEndpoint;
+			i2p::data::RouterInfo * m_RemoteRouter;
 			SessionState m_State;	
 			CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption;	
-			CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption;			
+			CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption;	
+			uint8_t m_SessionKey[32];
 	};
 
 	class SSUServer