diff --git a/SSUSession.cpp b/SSUSession.cpp index 1cb3c162..91b4e947 100644 --- a/SSUSession.cpp +++ b/SSUSession.cpp @@ -2,7 +2,6 @@ #include #include #include "CryptoConst.h" -#include "hmac.h" #include "Log.h" #include "Timestamp.h" #include "RouterContext.h" @@ -40,16 +39,17 @@ namespace transport return; }; + uint8_t * sessionKey = m_SessionKey, * macKey = m_MacKey; if (sharedKey[0] & 0x80) { - m_SessionKey[0] = 0; - memcpy (m_SessionKey + 1, sharedKey, 31); - memcpy (m_MacKey, sharedKey + 31, 32); + sessionKey[0] = 0; + memcpy (sessionKey + 1, sharedKey, 31); + memcpy (macKey, sharedKey + 31, 32); } else if (sharedKey[0]) { - memcpy (m_SessionKey, sharedKey, 32); - memcpy (m_MacKey, sharedKey + 32, 32); + memcpy (sessionKey, sharedKey, 32); + memcpy (macKey, sharedKey + 32, 32); } else { @@ -65,8 +65,8 @@ namespace transport } } - memcpy (m_SessionKey, nonZero, 32); - CryptoPP::SHA256().CalculateDigest(m_MacKey, nonZero, 64 - (nonZero - sharedKey)); + memcpy (sessionKey, nonZero, 32); + CryptoPP::SHA256().CalculateDigest(macKey, nonZero, 64 - (nonZero - sharedKey)); } m_IsSessionKey = true; m_SessionKeyEncryption.SetKey (m_SessionKey); diff --git a/SSUSession.h b/SSUSession.h index b6b4c97d..fc1600d8 100644 --- a/SSUSession.h +++ b/SSUSession.h @@ -6,6 +6,7 @@ #include #include #include "aes.h" +#include "hmac.h" #include "I2NPProtocol.h" #include "TransportSession.h" #include "SSUData.h" @@ -128,7 +129,8 @@ namespace transport std::set m_PeerTestNonces; i2p::crypto::CBCEncryption m_SessionKeyEncryption; i2p::crypto::CBCDecryption m_SessionKeyDecryption; - uint8_t m_SessionKey[32], m_MacKey[32]; + i2p::crypto::AESKey m_SessionKey; + i2p::crypto::MACKey m_MacKey; std::list m_DelayedMessages; SSUData m_Data; size_t m_NumSentBytes, m_NumReceivedBytes; diff --git a/aes.h b/aes.h index d1f3c254..b28fa8dc 100644 --- a/aes.h +++ b/aes.h @@ -4,6 +4,7 @@ #include #include #include +#include "Identity.h" namespace i2p { @@ -21,6 +22,8 @@ namespace crypto } }; + typedef i2p::data::Tag<32> AESKey; + #ifdef AESNI class ECBCryptoAESNI { diff --git a/hmac.h b/hmac.h index 9038cf49..0b76ceee 100644 --- a/hmac.h +++ b/hmac.h @@ -5,6 +5,7 @@ #include #define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1 #include +#include "Identity.h" namespace i2p { @@ -13,17 +14,19 @@ namespace crypto const uint64_t IPAD = 0x3636363636363636; const uint64_t OPAD = 0x5C5C5C5C5C5C5C5C; - inline void HMACMD5Digest (uint8_t * msg, size_t len, const uint8_t * key, uint8_t * digest) + typedef i2p::data::Tag<32> MACKey; + + inline void HMACMD5Digest (uint8_t * msg, size_t len, const MACKey& key, uint8_t * digest) // key is 32 bytes // digest is 16 bytes // block size is 64 bytes { uint64_t buf[256]; // ikeypad - buf[0] = ((uint64_t *)key)[0] ^ IPAD; - buf[1] = ((uint64_t *)key)[1] ^ IPAD; - buf[2] = ((uint64_t *)key)[2] ^ IPAD; - buf[3] = ((uint64_t *)key)[3] ^ IPAD; + buf[0] = key.GetLL ()[0] ^ IPAD; + buf[1] = key.GetLL ()[1] ^ IPAD; + buf[2] = key.GetLL ()[2] ^ IPAD; + buf[3] = key.GetLL ()[3] ^ IPAD; buf[4] = IPAD; buf[5] = IPAD; buf[6] = IPAD; @@ -35,10 +38,10 @@ namespace crypto CryptoPP::Weak1::MD5().CalculateDigest (hash, (uint8_t *)buf, len + 64); // okeypad - buf[0] = ((uint64_t *)key)[0] ^ OPAD; - buf[1] = ((uint64_t *)key)[1] ^ OPAD; - buf[2] = ((uint64_t *)key)[2] ^ OPAD; - buf[3] = ((uint64_t *)key)[3] ^ OPAD; + buf[0] = key.GetLL ()[0] ^ OPAD; + buf[1] = key.GetLL ()[1] ^ OPAD; + buf[2] = key.GetLL ()[2] ^ OPAD; + buf[3] = key.GetLL ()[3] ^ OPAD; buf[4] = OPAD; buf[5] = OPAD; buf[6] = OPAD;