|
|
@ -1,6 +1,10 @@ |
|
|
|
#include <string.h> |
|
|
|
#include <string.h> |
|
|
|
#include <boost/bind.hpp> |
|
|
|
#include <boost/bind.hpp> |
|
|
|
|
|
|
|
#include <cryptopp/dh.h> |
|
|
|
|
|
|
|
#include <cryptopp/secblock.h> |
|
|
|
|
|
|
|
#include "CryptoConst.h" |
|
|
|
#include "Log.h" |
|
|
|
#include "Log.h" |
|
|
|
|
|
|
|
#include "Timestamp.h" |
|
|
|
#include "RouterContext.h" |
|
|
|
#include "RouterContext.h" |
|
|
|
#include "hmac.h" |
|
|
|
#include "hmac.h" |
|
|
|
#include "SSU.h" |
|
|
|
#include "SSU.h" |
|
|
@ -12,24 +16,110 @@ namespace ssu |
|
|
|
|
|
|
|
|
|
|
|
SSUSession::SSUSession (SSUServer * server, const boost::asio::ip::udp::endpoint& remoteEndpoint, |
|
|
|
SSUSession::SSUSession (SSUServer * server, const boost::asio::ip::udp::endpoint& remoteEndpoint, |
|
|
|
i2p::data::RouterInfo * router): m_Server (server), m_RemoteEndpoint (remoteEndpoint), |
|
|
|
i2p::data::RouterInfo * router): m_Server (server), m_RemoteEndpoint (remoteEndpoint), |
|
|
|
m_State (eSessionStateUnknown) |
|
|
|
m_RemoteRouter (router), m_State (eSessionStateUnknown) |
|
|
|
{ |
|
|
|
{ |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::ProcessNextMessage (uint8_t * buf, size_t len) |
|
|
|
void SSUSession::CreateAESKey (uint8_t * pubKey, uint8_t * aesKey) // TODO: move it to base class for NTCP and SSU
|
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg); |
|
|
|
|
|
|
|
CryptoPP::SecByteBlock secretKey(dh.AgreedValueLength()); |
|
|
|
|
|
|
|
if (!dh.Agree (secretKey, i2p::context.GetPrivateKey (), pubKey)) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
LogPrint ("Couldn't create shared key"); |
|
|
|
|
|
|
|
return; |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (secretKey[0] & 0x80) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
aesKey[0] = 0; |
|
|
|
|
|
|
|
memcpy (aesKey + 1, secretKey, 31); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
memcpy (aesKey, secretKey, 32); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::ProcessNextMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint) |
|
|
|
{ |
|
|
|
{ |
|
|
|
switch (m_State) |
|
|
|
switch (m_State) |
|
|
|
{ |
|
|
|
{ |
|
|
|
case eSessionStateUnknown: |
|
|
|
case eSessionStateUnknown: |
|
|
|
// we assume session request
|
|
|
|
// session request
|
|
|
|
ProcessSessionRequest (buf, len); |
|
|
|
ProcessSessionRequest (buf, len, senderEndpoint); |
|
|
|
|
|
|
|
break; |
|
|
|
|
|
|
|
case eSessionStateRequestSent: |
|
|
|
|
|
|
|
// session created
|
|
|
|
|
|
|
|
ProcessSessionCreated (buf, len); |
|
|
|
break; |
|
|
|
break; |
|
|
|
default: |
|
|
|
default: |
|
|
|
LogPrint ("SSU state not implemented yet"); |
|
|
|
LogPrint ("SSU state not implemented yet"); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::ProcessSessionRequest (uint8_t * buf, size_t len) |
|
|
|
void SSUSession::ProcessSessionRequest (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
LogPrint ("Process session request"); |
|
|
|
|
|
|
|
if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_REQUEST, buf, len)) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
m_State = eSessionStateRequestReceived; |
|
|
|
|
|
|
|
LogPrint ("Session request received"); |
|
|
|
|
|
|
|
SendSessionCreated (senderEndpoint); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::ProcessSessionCreated (uint8_t * buf, size_t len) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
LogPrint ("Process session created"); |
|
|
|
|
|
|
|
if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_CREATED, buf, len)) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
m_State = eSessionStateCreatedReceived; |
|
|
|
|
|
|
|
LogPrint ("Session request received"); |
|
|
|
|
|
|
|
// TODO:
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::SendSessionRequest () |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
auto address = m_RemoteRouter ? m_RemoteRouter->GetSSUAddress () : nullptr; |
|
|
|
|
|
|
|
if (!address) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
LogPrint ("Missing remote SSU address"); |
|
|
|
|
|
|
|
return; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
uint8_t buf[304 + 18]; // 304 bytes for ipv4 (320 for ipv6)
|
|
|
|
|
|
|
|
uint8_t * payload = buf + sizeof (SSUHeader); |
|
|
|
|
|
|
|
memcpy (payload, i2p::context.GetRouterIdentity ().publicKey, 256); |
|
|
|
|
|
|
|
payload[256] = 4; // we assume ipv4
|
|
|
|
|
|
|
|
*(uint32_t *)(payload + 257) = address->host.to_v4 ().to_ulong (); // network bytes order already
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
uint8_t iv[16]; |
|
|
|
|
|
|
|
CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator (); |
|
|
|
|
|
|
|
rnd.GenerateBlock (iv, 16); // random iv
|
|
|
|
|
|
|
|
FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_REQUEST, buf, 304, address->key, iv, address->key); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
m_State = eSessionStateRequestSent; |
|
|
|
|
|
|
|
m_Server->Send (buf, 304, m_RemoteEndpoint); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::SendSessionCreated (const boost::asio::ip::udp::endpoint& senderEndpoint) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
auto address = m_RemoteRouter ? m_RemoteRouter->GetSSUAddress () : nullptr; |
|
|
|
|
|
|
|
if (!address) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
LogPrint ("Missing remote SSU address"); |
|
|
|
|
|
|
|
return; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
uint8_t buf[368 + 18]; |
|
|
|
|
|
|
|
uint8_t * payload = buf + sizeof (SSUHeader); |
|
|
|
|
|
|
|
memcpy (payload, i2p::context.GetRouterIdentity ().publicKey, 256); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
m_State = eSessionStateRequestSent; |
|
|
|
|
|
|
|
m_Server->Send (buf, 368, m_RemoteEndpoint); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
bool SSUSession::ProcessIntroKeyEncryptedMessage (uint8_t expectedPayloadType, uint8_t * buf, size_t len) |
|
|
|
{ |
|
|
|
{ |
|
|
|
auto address = i2p::context.GetRouterInfo ().GetSSUAddress (); |
|
|
|
auto address = i2p::context.GetRouterInfo ().GetSSUAddress (); |
|
|
|
if (address) |
|
|
|
if (address) |
|
|
@ -37,19 +127,25 @@ namespace ssu |
|
|
|
// use intro key for verification and decryption
|
|
|
|
// use intro key for verification and decryption
|
|
|
|
if (Validate (buf, len, address->key)) |
|
|
|
if (Validate (buf, len, address->key)) |
|
|
|
{ |
|
|
|
{ |
|
|
|
m_State = eSessionStateRequestReceived; |
|
|
|
|
|
|
|
LogPrint ("Session request received"); |
|
|
|
|
|
|
|
Decrypt (buf, len, address->key); |
|
|
|
Decrypt (buf, len, address->key); |
|
|
|
// TODO:
|
|
|
|
SSUHeader * header = (SSUHeader *)buf; |
|
|
|
|
|
|
|
if ((header->flag >> 4) == expectedPayloadType) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
CreateAESKey (buf + sizeof (SSUHeader), m_SessionKey); |
|
|
|
|
|
|
|
return true; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
LogPrint ("Unexpected payload type ", (int)(header->flag >> 4)); |
|
|
|
} |
|
|
|
} |
|
|
|
else |
|
|
|
else |
|
|
|
LogPrint ("MAC verifcation failed"); |
|
|
|
LogPrint ("MAC verifcation failed"); |
|
|
|
} |
|
|
|
} |
|
|
|
else |
|
|
|
else |
|
|
|
LogPrint ("SSU is not supported"); |
|
|
|
LogPrint ("SSU is not supported"); |
|
|
|
} |
|
|
|
return false; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::Encrypt (uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey) |
|
|
|
void SSUSession::FillHeaderAndEncrypt (uint8_t payloadType, uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey) |
|
|
|
{ |
|
|
|
{ |
|
|
|
if (len < sizeof (SSUHeader)) |
|
|
|
if (len < sizeof (SSUHeader)) |
|
|
|
{ |
|
|
|
{ |
|
|
@ -58,6 +154,8 @@ namespace ssu |
|
|
|
} |
|
|
|
} |
|
|
|
SSUHeader * header = (SSUHeader *)buf; |
|
|
|
SSUHeader * header = (SSUHeader *)buf; |
|
|
|
memcpy (header->iv, iv, 16); |
|
|
|
memcpy (header->iv, iv, 16); |
|
|
|
|
|
|
|
header->flag = payloadType << 4; // MSB is 0
|
|
|
|
|
|
|
|
header->time = htobe32 (i2p::util::GetSecondsSinceEpoch ()); |
|
|
|
uint8_t * encrypted = &header->flag; |
|
|
|
uint8_t * encrypted = &header->flag; |
|
|
|
uint16_t encryptedLen = len - (encrypted - buf); |
|
|
|
uint16_t encryptedLen = len - (encrypted - buf); |
|
|
|
m_Encryption.SetKeyWithIV (aesKey, 32, iv); |
|
|
|
m_Encryption.SetKeyWithIV (aesKey, 32, iv); |
|
|
@ -100,6 +198,16 @@ namespace ssu |
|
|
|
return !memcmp (header->mac, digest, 16); |
|
|
|
return !memcmp (header->mac, digest, 16); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::Connect () |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
SendSessionRequest (); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void SSUSession::SendI2NPMessage (I2NPMessage * msg) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
// TODO:
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
SSUServer::SSUServer (boost::asio::io_service& service, int port): |
|
|
|
SSUServer::SSUServer (boost::asio::io_service& service, int port): |
|
|
|
m_Socket (service, boost::asio::ip::udp::v4 (), port) |
|
|
|
m_Socket (service, boost::asio::ip::udp::v4 (), port) |
|
|
|
{ |
|
|
|
{ |
|
|
@ -147,7 +255,7 @@ namespace ssu |
|
|
|
m_Sessions[m_SenderEndpoint] = session; |
|
|
|
m_Sessions[m_SenderEndpoint] = session; |
|
|
|
LogPrint ("New SSU session from ", m_SenderEndpoint.address ().to_string (), ":", m_SenderEndpoint.port (), " created"); |
|
|
|
LogPrint ("New SSU session from ", m_SenderEndpoint.address ().to_string (), ":", m_SenderEndpoint.port (), " created"); |
|
|
|
} |
|
|
|
} |
|
|
|
session->ProcessNextMessage (m_ReceiveBuffer, bytes_transferred); |
|
|
|
session->ProcessNextMessage (m_ReceiveBuffer, bytes_transferred, m_SenderEndpoint); |
|
|
|
Receive (); |
|
|
|
Receive (); |
|
|
|
} |
|
|
|
} |
|
|
|
else |
|
|
|
else |
|
|
@ -173,6 +281,7 @@ namespace ssu |
|
|
|
m_Sessions[remoteEndpoint] = session; |
|
|
|
m_Sessions[remoteEndpoint] = session; |
|
|
|
LogPrint ("New SSU session to [", router->GetIdentHashAbbreviation (), "] ", |
|
|
|
LogPrint ("New SSU session to [", router->GetIdentHashAbbreviation (), "] ", |
|
|
|
remoteEndpoint.address ().to_string (), ":", remoteEndpoint.port (), " created"); |
|
|
|
remoteEndpoint.address ().to_string (), ":", remoteEndpoint.port (), " created"); |
|
|
|
|
|
|
|
session->Connect (); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
else |
|
|
|
else |
|
|
|