Browse Source

eliminated cast to ecnryptted build record

pull/134/head
orignal 10 years ago
parent
commit
3c5e9ddd4e
  1. 33
      I2NPProtocol.cpp
  2. 15
      I2NPProtocol.h
  3. 14
      Tunnel.cpp

33
I2NPProtocol.cpp

@ -310,24 +310,23 @@ namespace i2p
} }
void EncryptBuildRequestRecord (const i2p::data::RouterInfo& router, void EncryptBuildRequestRecord (const i2p::data::RouterInfo& router,
const I2NPBuildRequestRecordClearText& clearText, const I2NPBuildRequestRecordClearText& clearText, uint8_t * record)
I2NPBuildRequestRecordElGamalEncrypted& record)
{ {
router.GetElGamalEncryption ()->Encrypt ((uint8_t *)&clearText, sizeof(clearText), record.encrypted); router.GetElGamalEncryption ()->Encrypt ((uint8_t *)&clearText, sizeof(clearText), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET);
memcpy (record.toPeer, (const uint8_t *)router.GetIdentHash (), 16); memcpy (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)router.GetIdentHash (), 16);
} }
bool HandleBuildRequestRecords (int num, I2NPBuildRequestRecordElGamalEncrypted * records, I2NPBuildRequestRecordClearText& clearText) bool HandleBuildRequestRecords (int num, uint8_t * records, I2NPBuildRequestRecordClearText& clearText)
{ {
for (int i = 0; i < num; i++) for (int i = 0; i < num; i++)
{ {
if (!memcmp (records[i].toPeer, (const uint8_t *)i2p::context.GetRouterInfo ().GetIdentHash (), 16)) uint8_t * record = records + i*TUNNEL_BUILD_RECORD_SIZE;
if (!memcmp (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)i2p::context.GetRouterInfo ().GetIdentHash (), 16))
{ {
LogPrint ("Record ",i," is ours"); LogPrint ("Record ",i," is ours");
i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), records[i].encrypted, (uint8_t *)&clearText); i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, (uint8_t *)&clearText);
// replace record to reply // replace record to reply
uint8_t * reply = (uint8_t *)(records + i);
if (i2p::context.AcceptsTunnels ()) if (i2p::context.AcceptsTunnels ())
{ {
i2p::tunnel::TransitTunnel * transitTunnel = i2p::tunnel::TransitTunnel * transitTunnel =
@ -337,21 +336,22 @@ namespace i2p
clearText.layerKey, clearText.ivKey, clearText.layerKey, clearText.ivKey,
clearText.flag & 0x80, clearText.flag & 0x40); clearText.flag & 0x80, clearText.flag & 0x40);
i2p::tunnel::tunnels.AddTransitTunnel (transitTunnel); i2p::tunnel::tunnels.AddTransitTunnel (transitTunnel);
reply[BUILD_RESPONSE_RECORD_RET_OFFSET] = 0; record[BUILD_RESPONSE_RECORD_RET_OFFSET] = 0;
} }
else else
reply[BUILD_RESPONSE_RECORD_RET_OFFSET] = 30; // always reject with bandwidth reason (30) record[BUILD_RESPONSE_RECORD_RET_OFFSET] = 30; // always reject with bandwidth reason (30)
//TODO: fill filler //TODO: fill filler
CryptoPP::SHA256().CalculateDigest(reply + BUILD_RESPONSE_RECORD_HASH_OFFSET, CryptoPP::SHA256().CalculateDigest(record + BUILD_RESPONSE_RECORD_HASH_OFFSET,
reply + BUILD_RESPONSE_RECORD_PADDING_OFFSET, BUILD_RESPONSE_RECORD_PADDING_SIZE + 1); // + 1 byte of ret record + BUILD_RESPONSE_RECORD_PADDING_OFFSET, BUILD_RESPONSE_RECORD_PADDING_SIZE + 1); // + 1 byte of ret
// encrypt reply // encrypt reply
i2p::crypto::CBCEncryption encryption; i2p::crypto::CBCEncryption encryption;
for (int j = 0; j < num; j++) for (int j = 0; j < num; j++)
{ {
encryption.SetKey (clearText.replyKey); encryption.SetKey (clearText.replyKey);
encryption.SetIV (clearText.replyIV); encryption.SetIV (clearText.replyIV);
encryption.Encrypt((uint8_t *)(records + j), sizeof (records[j]), (uint8_t *)(records + j)); uint8_t * reply = records + j*TUNNEL_BUILD_RECORD_SIZE;
encryption.Encrypt(reply, TUNNEL_BUILD_RECORD_SIZE, reply);
} }
return true; return true;
} }
@ -383,9 +383,8 @@ namespace i2p
} }
else else
{ {
I2NPBuildRequestRecordElGamalEncrypted * records = (I2NPBuildRequestRecordElGamalEncrypted *)(buf+1);
I2NPBuildRequestRecordClearText clearText; I2NPBuildRequestRecordClearText clearText;
if (HandleBuildRequestRecords (num, records, clearText)) if (HandleBuildRequestRecords (num, buf + 1, clearText))
{ {
if (clearText.flag & 0x40) // we are endpoint of outboud tunnel if (clearText.flag & 0x40) // we are endpoint of outboud tunnel
{ {
@ -405,7 +404,7 @@ namespace i2p
void HandleTunnelBuildMsg (uint8_t * buf, size_t len) void HandleTunnelBuildMsg (uint8_t * buf, size_t len)
{ {
I2NPBuildRequestRecordClearText clearText; I2NPBuildRequestRecordClearText clearText;
if (HandleBuildRequestRecords (NUM_TUNNEL_BUILD_RECORDS, (I2NPBuildRequestRecordElGamalEncrypted *)buf, clearText)) if (HandleBuildRequestRecords (NUM_TUNNEL_BUILD_RECORDS, buf, clearText))
{ {
if (clearText.flag & 0x40) // we are endpoint of outbound tunnel if (clearText.flag & 0x40) // we are endpoint of outbound tunnel
{ {

15
I2NPProtocol.h

@ -44,6 +44,10 @@ namespace i2p
// TunnelBuild // TunnelBuild
const size_t TUNNEL_BUILD_RECORD_SIZE = 528; const size_t TUNNEL_BUILD_RECORD_SIZE = 528;
// BuildRequestRecordEncrypted
const size_t BUILD_REQUEST_RECORD_TO_PEER_OFFSET = 0;
const size_t BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET = BUILD_REQUEST_RECORD_TO_PEER_OFFSET + 16;
// BuildResponseRecord // BuildResponseRecord
const size_t BUILD_RESPONSE_RECORD_HASH_OFFSET = 0; const size_t BUILD_RESPONSE_RECORD_HASH_OFFSET = 0;
const size_t BUILD_RESPONSE_RECORD_PADDING_OFFSET = 32; const size_t BUILD_RESPONSE_RECORD_PADDING_OFFSET = 32;
@ -68,12 +72,6 @@ namespace i2p
uint8_t filler[29]; uint8_t filler[29];
}; };
struct I2NPBuildRequestRecordElGamalEncrypted
{
uint8_t toPeer[16];
uint8_t encrypted[512];
};
#pragma pack () #pragma pack ()
enum I2NPMessageType enum I2NPMessageType
@ -215,10 +213,9 @@ namespace tunnel
const uint8_t * replyKey, const uint8_t * replyIV, uint32_t nextMessageID, const uint8_t * replyKey, const uint8_t * replyIV, uint32_t nextMessageID,
bool isGateway, bool isEndpoint); bool isGateway, bool isEndpoint);
void EncryptBuildRequestRecord (const i2p::data::RouterInfo& router, void EncryptBuildRequestRecord (const i2p::data::RouterInfo& router,
const I2NPBuildRequestRecordClearText& clearText, const I2NPBuildRequestRecordClearText& clearText, uint8_t * record);
I2NPBuildRequestRecordElGamalEncrypted& record);
bool HandleBuildRequestRecords (int num, I2NPBuildRequestRecordElGamalEncrypted * records, I2NPBuildRequestRecordClearText& clearText); bool HandleBuildRequestRecords (int num, uint8_t * records, I2NPBuildRequestRecordClearText& clearText);
void HandleVariableTunnelBuildMsg (uint32_t replyMsgID, uint8_t * buf, size_t len); void HandleVariableTunnelBuildMsg (uint32_t replyMsgID, uint8_t * buf, size_t len);
void HandleVariableTunnelBuildReplyMsg (uint32_t replyMsgID, uint8_t * buf, size_t len); void HandleVariableTunnelBuildReplyMsg (uint32_t replyMsgID, uint8_t * buf, size_t len);
void HandleTunnelBuildMsg (uint8_t * buf, size_t len); void HandleTunnelBuildMsg (uint8_t * buf, size_t len);

14
Tunnel.cpp

@ -34,7 +34,7 @@ namespace tunnel
int numRecords = numHops <= STANDARD_NUM_RECORDS ? STANDARD_NUM_RECORDS : numHops; int numRecords = numHops <= STANDARD_NUM_RECORDS ? STANDARD_NUM_RECORDS : numHops;
I2NPMessage * msg = NewI2NPMessage (); I2NPMessage * msg = NewI2NPMessage ();
*msg->GetPayload () = numRecords; *msg->GetPayload () = numRecords;
msg->len += numRecords*sizeof (I2NPBuildRequestRecordElGamalEncrypted) + 1; msg->len += numRecords*TUNNEL_BUILD_RECORD_SIZE + 1;
// shuffle records // shuffle records
std::vector<int> recordIndicies; std::vector<int> recordIndicies;
@ -42,8 +42,7 @@ namespace tunnel
std::random_shuffle (recordIndicies.begin(), recordIndicies.end()); std::random_shuffle (recordIndicies.begin(), recordIndicies.end());
// create real records // create real records
//TODO: this is likely to arise alignment issues but I need to see how I fix it uint8_t * records = msg->GetPayload () + 1;
I2NPBuildRequestRecordElGamalEncrypted * records = (I2NPBuildRequestRecordElGamalEncrypted *)(msg->GetPayload () + 1);
TunnelHopConfig * hop = m_Config->GetFirstHop (); TunnelHopConfig * hop = m_Config->GetFirstHop ();
int i = 0; int i = 0;
while (hop) while (hop)
@ -58,7 +57,7 @@ namespace tunnel
hop->replyKey, hop->replyIV, hop->replyKey, hop->replyIV,
hop->next ? rnd.GenerateWord32 () : replyMsgID, // we set replyMsgID for last hop only hop->next ? rnd.GenerateWord32 () : replyMsgID, // we set replyMsgID for last hop only
hop->isGateway, hop->isEndpoint), hop->isGateway, hop->isEndpoint),
records[idx]); records + idx*TUNNEL_BUILD_RECORD_SIZE);
hop->recordIndex = idx; hop->recordIndex = idx;
i++; i++;
hop = hop->next; hop = hop->next;
@ -67,7 +66,7 @@ namespace tunnel
for (int i = numHops; i < numRecords; i++) for (int i = numHops; i < numRecords; i++)
{ {
int idx = recordIndicies[i]; int idx = recordIndicies[i];
rnd.GenerateBlock ((uint8_t *)(records + idx), sizeof (records[idx])); rnd.GenerateBlock (records + idx*TUNNEL_BUILD_RECORD_SIZE, TUNNEL_BUILD_RECORD_SIZE);
} }
// decrypt real records // decrypt real records
@ -81,9 +80,8 @@ namespace tunnel
while (hop1) while (hop1)
{ {
decryption.SetIV (hop->replyIV); decryption.SetIV (hop->replyIV);
decryption.Decrypt((uint8_t *)&records[hop1->recordIndex], uint8_t * record = records + hop1->recordIndex*TUNNEL_BUILD_RECORD_SIZE;
sizeof (I2NPBuildRequestRecordElGamalEncrypted), decryption.Decrypt(record, TUNNEL_BUILD_RECORD_SIZE, record);
(uint8_t *)&records[hop1->recordIndex]);
hop1 = hop1->next; hop1 = hop1->next;
} }
hop = hop->prev; hop = hop->prev;

Loading…
Cancel
Save