Browse Source

compressable crypto key and padding for routers and destination

pull/1797/head
orignal 2 years ago
parent
commit
3d4d3ce80d
  1. 29
      libi2pd/Identity.cpp
  2. 4
      libi2pd/Identity.h
  3. 2
      libi2pd_client/BOB.cpp
  4. 8
      libi2pd_client/ClientContext.cpp
  5. 2
      libi2pd_client/SAM.cpp

29
libi2pd/Identity.cpp

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright (c) 2013-2020, The PurpleI2P Project
* Copyright (c) 2013-2022, The PurpleI2P Project
*
* This file is part of Purple i2pd project and licensed under BSD3
*
@ -49,13 +49,22 @@ namespace data @@ -49,13 +49,22 @@ namespace data
IdentityEx::IdentityEx(const uint8_t * publicKey, const uint8_t * signingKey, SigningKeyType type, CryptoKeyType cryptoType)
{
uint8_t randomPaddingBlock[32];
RAND_bytes (randomPaddingBlock, 32);
if (cryptoType == CRYPTO_KEY_TYPE_ECIES_X25519_AEAD)
{
memcpy (m_StandardIdentity.publicKey, publicKey, 32);
RAND_bytes (m_StandardIdentity.publicKey + 32, 224);
memcpy (m_StandardIdentity.publicKey, publicKey ? publicKey : randomPaddingBlock, 32);
for (int i = 0; i < 7; i++) // 224 bytes
memcpy (m_StandardIdentity.publicKey + 32*i, randomPaddingBlock, 32);
}
else
memcpy (m_StandardIdentity.publicKey, publicKey, 256);
{
if (publicKey)
memcpy (m_StandardIdentity.publicKey, publicKey, 256);
else
for (int i = 0; i < 8; i++) // 256 bytes
memcpy (m_StandardIdentity.publicKey + 32*i, randomPaddingBlock, 32);
}
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
{
size_t excessLen = 0;
@ -93,7 +102,8 @@ namespace data @@ -93,7 +102,8 @@ namespace data
case SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
{
size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32
RAND_bytes (m_StandardIdentity.signingKey, padding);
for (int i = 0; i < 3; i++) // 96 bytes
memcpy (m_StandardIdentity.signingKey + 32*i, randomPaddingBlock, 32);
memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH);
break;
}
@ -695,7 +705,7 @@ namespace data @@ -695,7 +705,7 @@ namespace data
return nullptr;
}
PrivateKeys PrivateKeys::CreateRandomKeys (SigningKeyType type, CryptoKeyType cryptoType)
PrivateKeys PrivateKeys::CreateRandomKeys (SigningKeyType type, CryptoKeyType cryptoType, bool isDestination)
{
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
{
@ -705,9 +715,12 @@ namespace data @@ -705,9 +715,12 @@ namespace data
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey, signingPublicKey);
// encryption
uint8_t publicKey[256];
GenerateCryptoKeyPair (cryptoType, keys.m_PrivateKey, publicKey);
if (isDestination)
RAND_bytes (keys.m_PrivateKey, 256);
else
GenerateCryptoKeyPair (cryptoType, keys.m_PrivateKey, publicKey);
// identity
keys.m_Public = std::make_shared<IdentityEx> (publicKey, signingPublicKey, type, cryptoType);
keys.m_Public = std::make_shared<IdentityEx> (isDestination ? nullptr : publicKey, signingPublicKey, type, cryptoType);
keys.CreateSigner ();
return keys;

4
libi2pd/Identity.h

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright (c) 2013-2021, The PurpleI2P Project
* Copyright (c) 2013-2022, The PurpleI2P Project
*
* This file is part of Purple i2pd project and licensed under BSD3
*
@ -171,7 +171,7 @@ namespace data @@ -171,7 +171,7 @@ namespace data
std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> CreateDecryptor (const uint8_t * key) const;
static std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> CreateDecryptor (CryptoKeyType cryptoType, const uint8_t * key);
static PrivateKeys CreateRandomKeys (SigningKeyType type = SIGNING_KEY_TYPE_DSA_SHA1, CryptoKeyType cryptoType = CRYPTO_KEY_TYPE_ELGAMAL);
static PrivateKeys CreateRandomKeys (SigningKeyType type = SIGNING_KEY_TYPE_DSA_SHA1, CryptoKeyType cryptoType = CRYPTO_KEY_TYPE_ELGAMAL, bool isDestination = false);
static void GenerateSigningKeyPair (SigningKeyType type, uint8_t * priv, uint8_t * pub);
static void GenerateCryptoKeyPair (CryptoKeyType type, uint8_t * priv, uint8_t * pub); // priv and pub are 256 bytes long
static i2p::crypto::Signer * CreateSigner (SigningKeyType keyType, const uint8_t * priv);

2
libi2pd_client/BOB.cpp

@ -547,7 +547,7 @@ namespace client @@ -547,7 +547,7 @@ namespace client
}
m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType);
m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType, true);
SendReplyOK (m_Keys.GetPublic ()->ToBase64 ().c_str ());
}

8
libi2pd_client/ClientContext.cpp

@ -261,7 +261,7 @@ namespace client @@ -261,7 +261,7 @@ namespace client
static const std::string transient("transient");
if (!filename.compare (0, transient.length (), transient)) // starts with transient
{
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
LogPrint (eLogInfo, "Clients: New transient keys address ", m_AddressBook.ToAddress(keys.GetPublic ()->GetIdentHash ()), " created");
return true;
}
@ -288,7 +288,7 @@ namespace client @@ -288,7 +288,7 @@ namespace client
else
{
LogPrint (eLogError, "Clients: Can't open file ", fullPath, " Creating new one with signature type ", sigType, " crypto type ", cryptoType);
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
std::ofstream f (fullPath, std::ofstream::binary | std::ofstream::out);
size_t len = keys.GetFullLen ();
uint8_t * buf = new uint8_t[len];
@ -328,7 +328,7 @@ namespace client @@ -328,7 +328,7 @@ namespace client
i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType,
const std::map<std::string, std::string> * params)
{
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
auto localDestination = std::make_shared<RunnableClientDestination> (keys, isPublic, params);
AddLocalDestination (localDestination);
return localDestination;
@ -339,7 +339,7 @@ namespace client @@ -339,7 +339,7 @@ namespace client
i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType,
const std::map<std::string, std::string> * params)
{
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType, true);
auto localDestination = std::make_shared<ClientDestination> (service, keys, isPublic, params);
AddLocalDestination (localDestination);
return localDestination;

2
libi2pd_client/SAM.cpp

@ -709,7 +709,7 @@ namespace client @@ -709,7 +709,7 @@ namespace client
LogPrint (eLogWarning, "SAM: ", SAM_PARAM_CRYPTO_TYPE, "error: ", ex.what ());
}
}
auto keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType);
auto keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType, true);
#ifdef _MSC_VER
size_t l = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY,
keys.GetPublic ()->ToBase64 ().c_str (), keys.ToBase64 ().c_str ());

Loading…
Cancel
Save