|
|
@ -365,23 +365,34 @@ namespace garlic |
|
|
|
{ |
|
|
|
{ |
|
|
|
uint8_t * buf = msg->GetPayload (); |
|
|
|
uint8_t * buf = msg->GetPayload (); |
|
|
|
uint32_t length = bufbe32toh (buf); |
|
|
|
uint32_t length = bufbe32toh (buf); |
|
|
|
|
|
|
|
if (length > msg->GetLength ()) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
LogPrint (eLogError, "Garlic message length ", length, " exceeds I2NP message length ", msg->GetLength ()); |
|
|
|
|
|
|
|
DeleteI2NPMessage (msg); |
|
|
|
|
|
|
|
return; |
|
|
|
|
|
|
|
} |
|
|
|
buf += 4; // length
|
|
|
|
buf += 4; // length
|
|
|
|
auto it = m_Tags.find (SessionTag(buf)); |
|
|
|
auto it = m_Tags.find (SessionTag(buf)); |
|
|
|
if (it != m_Tags.end ()) |
|
|
|
if (it != m_Tags.end ()) |
|
|
|
{ |
|
|
|
{ |
|
|
|
// tag found. Use AES
|
|
|
|
// tag found. Use AES
|
|
|
|
uint8_t iv[32]; // IV is first 16 bytes
|
|
|
|
if (length >= 32) |
|
|
|
CryptoPP::SHA256().CalculateDigest(iv, buf, 32); |
|
|
|
{ |
|
|
|
it->second->SetIV (iv); |
|
|
|
uint8_t iv[32]; // IV is first 16 bytes
|
|
|
|
it->second->Decrypt (buf + 32, length - 32, buf + 32); |
|
|
|
CryptoPP::SHA256().CalculateDigest(iv, buf, 32); |
|
|
|
HandleAESBlock (buf + 32, length - 32, it->second, msg->from); |
|
|
|
it->second->SetIV (iv); |
|
|
|
m_Tags.erase (it); // tag might be used only once
|
|
|
|
it->second->Decrypt (buf + 32, length - 32, buf + 32); |
|
|
|
|
|
|
|
HandleAESBlock (buf + 32, length - 32, it->second, msg->from); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
LogPrint (eLogError, "Garlic message length ", length, " is less than 32 bytes"); |
|
|
|
|
|
|
|
m_Tags.erase (it); // tag might be used only once
|
|
|
|
} |
|
|
|
} |
|
|
|
else |
|
|
|
else |
|
|
|
{ |
|
|
|
{ |
|
|
|
// tag not found. Use ElGamal
|
|
|
|
// tag not found. Use ElGamal
|
|
|
|
ElGamalBlock elGamal; |
|
|
|
ElGamalBlock elGamal; |
|
|
|
if (i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, true)) |
|
|
|
if (length >= 514 && i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, true)) |
|
|
|
{ |
|
|
|
{ |
|
|
|
auto decryption = std::make_shared<i2p::crypto::CBCDecryption>(); |
|
|
|
auto decryption = std::make_shared<i2p::crypto::CBCDecryption>(); |
|
|
|
decryption->SetKey (elGamal.sessionKey); |
|
|
|
decryption->SetKey (elGamal.sessionKey); |
|
|
@ -392,7 +403,7 @@ namespace garlic |
|
|
|
HandleAESBlock (buf + 514, length - 514, decryption, msg->from); |
|
|
|
HandleAESBlock (buf + 514, length - 514, decryption, msg->from); |
|
|
|
} |
|
|
|
} |
|
|
|
else |
|
|
|
else |
|
|
|
LogPrint ("Failed to decrypt garlic"); |
|
|
|
LogPrint (eLogError, "Failed to decrypt garlic"); |
|
|
|
} |
|
|
|
} |
|
|
|
DeleteI2NPMessage (msg); |
|
|
|
DeleteI2NPMessage (msg); |
|
|
|
|
|
|
|
|
|
|
|