aligned AES and MAC keys

10 years ago · 4334007688
4 changed files with 26 additions and 18 deletions
--- a/SSUSession.cpp
+++ b/SSUSession.cpp
@ -2,7 +2,6 @@
 #include <cryptopp/dh.h>
 #include <cryptopp/sha.h>
 #include "CryptoConst.h"
 #include "hmac.h"
 #include "Log.h"
 #include "Timestamp.h"
 #include "RouterContext.h"
@ -40,16 +39,17 @@ namespace transport
 			return;
 		};
 		uint8_t * sessionKey = m_SessionKey, * macKey = m_MacKey;
 		if (sharedKey[0] & 0x80)
 		{
-			m_SessionKey[0] = 0;
+			sessionKey[0] = 0;
-			memcpy (m_SessionKey + 1, sharedKey, 31);
+			memcpy (sessionKey + 1, sharedKey, 31);
-			memcpy (m_MacKey, sharedKey + 31, 32);
+			memcpy (macKey, sharedKey + 31, 32);
 		}	
 		else if (sharedKey[0])
 		{
-			memcpy (m_SessionKey, sharedKey, 32);
+			memcpy (sessionKey, sharedKey, 32);
-			memcpy (m_MacKey, sharedKey + 32, 32);
+			memcpy (macKey, sharedKey + 32, 32);
 		}	
 		else
 		{	
@ -65,8 +65,8 @@ namespace transport
 				}	
 			}
-			memcpy (m_SessionKey, nonZero, 32);
+			memcpy (sessionKey, nonZero, 32);
-			CryptoPP::SHA256().CalculateDigest(m_MacKey, nonZero, 64 - (nonZero - sharedKey));
+			CryptoPP::SHA256().CalculateDigest(macKey, nonZero, 64 - (nonZero - sharedKey));
 		}
 		m_IsSessionKey = true;
 		m_SessionKeyEncryption.SetKey (m_SessionKey);
--- a/SSUSession.h
+++ b/SSUSession.h
@ -6,6 +6,7 @@
 #include <list>
 #include <boost/asio.hpp>
 #include "aes.h"
 #include "hmac.h"
 #include "I2NPProtocol.h"
 #include "TransportSession.h"
 #include "SSUData.h"
@ -128,7 +129,8 @@ namespace transport
 			std::set<uint32_t> m_PeerTestNonces;
 			i2p::crypto::CBCEncryption m_SessionKeyEncryption;
 			i2p::crypto::CBCDecryption m_SessionKeyDecryption;
-			uint8_t m_SessionKey[32], m_MacKey[32];
+			i2p::crypto::AESKey m_SessionKey;
 			i2p::crypto::MACKey m_MacKey;
 			std::list<i2p::I2NPMessage *> m_DelayedMessages;
 			SSUData m_Data;
 			size_t m_NumSentBytes, m_NumReceivedBytes;
--- a/aes.h
+++ b/aes.h
@ -4,6 +4,7 @@
 #include <inttypes.h>
 #include <cryptopp/modes.h>
 #include <cryptopp/aes.h>
 #include "Identity.h"
 namespace i2p
 {
@ -21,6 +22,8 @@ namespace crypto
 		}	 
 	};
 	typedef i2p::data::Tag<32> AESKey;
 #ifdef AESNI
 	class ECBCryptoAESNI
 	{	
--- a/hmac.h
+++ b/hmac.h
@ -5,6 +5,7 @@
 #include <string.h>
 #define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
 #include <cryptopp/md5.h>
 #include "Identity.h"
 namespace i2p
 {
@ -13,17 +14,19 @@ namespace crypto
 	const uint64_t IPAD = 0x3636363636363636;
 	const uint64_t OPAD = 0x5C5C5C5C5C5C5C5C; 			
-	inline void HMACMD5Digest (uint8_t * msg, size_t len, const uint8_t * key, uint8_t * digest)
+	typedef i2p::data::Tag<32> MACKey;
 	inline void HMACMD5Digest (uint8_t * msg, size_t len, const MACKey& key, uint8_t * digest)
 	// key is 32 bytes
 	// digest is 16 bytes
 	// block size is 64 bytes	
 	{
 		uint64_t buf[256];
 		// ikeypad
-		buf[0] = ((uint64_t *)key)[0] ^ IPAD; 
+		buf[0] = key.GetLL ()[0] ^ IPAD; 
-		buf[1] = ((uint64_t *)key)[1] ^ IPAD; 
+		buf[1] = key.GetLL ()[1] ^ IPAD; 
-		buf[2] = ((uint64_t *)key)[2] ^ IPAD; 
+		buf[2] = key.GetLL ()[2] ^ IPAD; 
-		buf[3] = ((uint64_t *)key)[3] ^ IPAD; 
+		buf[3] = key.GetLL ()[3] ^ IPAD; 
 		buf[4] = IPAD; 
 		buf[5] = IPAD; 
 		buf[6] = IPAD; 
@ -35,10 +38,10 @@ namespace crypto
 		CryptoPP::Weak1::MD5().CalculateDigest (hash, (uint8_t *)buf, len + 64);
 		// okeypad			
-		buf[0] = ((uint64_t *)key)[0] ^ OPAD; 
+		buf[0] = key.GetLL ()[0] ^ OPAD; 
-		buf[1] = ((uint64_t *)key)[1] ^ OPAD; 
+		buf[1] = key.GetLL ()[1] ^ OPAD; 
-		buf[2] = ((uint64_t *)key)[2] ^ OPAD; 
+		buf[2] = key.GetLL ()[2] ^ OPAD; 
-		buf[3] = ((uint64_t *)key)[3] ^ OPAD; 
+		buf[3] = key.GetLL ()[3] ^ OPAD; 
 		buf[4] = OPAD; 
 		buf[5] = OPAD; 
 		buf[6] = OPAD;