Browse Source

aligned AES and MAC keys

pull/108/head
orignal 10 years ago
parent
commit
4334007688
  1. 16
      SSUSession.cpp
  2. 4
      SSUSession.h
  3. 3
      aes.h
  4. 21
      hmac.h

16
SSUSession.cpp

@ -2,7 +2,6 @@
#include <cryptopp/dh.h> #include <cryptopp/dh.h>
#include <cryptopp/sha.h> #include <cryptopp/sha.h>
#include "CryptoConst.h" #include "CryptoConst.h"
#include "hmac.h"
#include "Log.h" #include "Log.h"
#include "Timestamp.h" #include "Timestamp.h"
#include "RouterContext.h" #include "RouterContext.h"
@ -40,16 +39,17 @@ namespace transport
return; return;
}; };
uint8_t * sessionKey = m_SessionKey, * macKey = m_MacKey;
if (sharedKey[0] & 0x80) if (sharedKey[0] & 0x80)
{ {
m_SessionKey[0] = 0; sessionKey[0] = 0;
memcpy (m_SessionKey + 1, sharedKey, 31); memcpy (sessionKey + 1, sharedKey, 31);
memcpy (m_MacKey, sharedKey + 31, 32); memcpy (macKey, sharedKey + 31, 32);
} }
else if (sharedKey[0]) else if (sharedKey[0])
{ {
memcpy (m_SessionKey, sharedKey, 32); memcpy (sessionKey, sharedKey, 32);
memcpy (m_MacKey, sharedKey + 32, 32); memcpy (macKey, sharedKey + 32, 32);
} }
else else
{ {
@ -65,8 +65,8 @@ namespace transport
} }
} }
memcpy (m_SessionKey, nonZero, 32); memcpy (sessionKey, nonZero, 32);
CryptoPP::SHA256().CalculateDigest(m_MacKey, nonZero, 64 - (nonZero - sharedKey)); CryptoPP::SHA256().CalculateDigest(macKey, nonZero, 64 - (nonZero - sharedKey));
} }
m_IsSessionKey = true; m_IsSessionKey = true;
m_SessionKeyEncryption.SetKey (m_SessionKey); m_SessionKeyEncryption.SetKey (m_SessionKey);

4
SSUSession.h

@ -6,6 +6,7 @@
#include <list> #include <list>
#include <boost/asio.hpp> #include <boost/asio.hpp>
#include "aes.h" #include "aes.h"
#include "hmac.h"
#include "I2NPProtocol.h" #include "I2NPProtocol.h"
#include "TransportSession.h" #include "TransportSession.h"
#include "SSUData.h" #include "SSUData.h"
@ -128,7 +129,8 @@ namespace transport
std::set<uint32_t> m_PeerTestNonces; std::set<uint32_t> m_PeerTestNonces;
i2p::crypto::CBCEncryption m_SessionKeyEncryption; i2p::crypto::CBCEncryption m_SessionKeyEncryption;
i2p::crypto::CBCDecryption m_SessionKeyDecryption; i2p::crypto::CBCDecryption m_SessionKeyDecryption;
uint8_t m_SessionKey[32], m_MacKey[32]; i2p::crypto::AESKey m_SessionKey;
i2p::crypto::MACKey m_MacKey;
std::list<i2p::I2NPMessage *> m_DelayedMessages; std::list<i2p::I2NPMessage *> m_DelayedMessages;
SSUData m_Data; SSUData m_Data;
size_t m_NumSentBytes, m_NumReceivedBytes; size_t m_NumSentBytes, m_NumReceivedBytes;

3
aes.h

@ -4,6 +4,7 @@
#include <inttypes.h> #include <inttypes.h>
#include <cryptopp/modes.h> #include <cryptopp/modes.h>
#include <cryptopp/aes.h> #include <cryptopp/aes.h>
#include "Identity.h"
namespace i2p namespace i2p
{ {
@ -21,6 +22,8 @@ namespace crypto
} }
}; };
typedef i2p::data::Tag<32> AESKey;
#ifdef AESNI #ifdef AESNI
class ECBCryptoAESNI class ECBCryptoAESNI
{ {

21
hmac.h

@ -5,6 +5,7 @@
#include <string.h> #include <string.h>
#define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1 #define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
#include <cryptopp/md5.h> #include <cryptopp/md5.h>
#include "Identity.h"
namespace i2p namespace i2p
{ {
@ -13,17 +14,19 @@ namespace crypto
const uint64_t IPAD = 0x3636363636363636; const uint64_t IPAD = 0x3636363636363636;
const uint64_t OPAD = 0x5C5C5C5C5C5C5C5C; const uint64_t OPAD = 0x5C5C5C5C5C5C5C5C;
inline void HMACMD5Digest (uint8_t * msg, size_t len, const uint8_t * key, uint8_t * digest) typedef i2p::data::Tag<32> MACKey;
inline void HMACMD5Digest (uint8_t * msg, size_t len, const MACKey& key, uint8_t * digest)
// key is 32 bytes // key is 32 bytes
// digest is 16 bytes // digest is 16 bytes
// block size is 64 bytes // block size is 64 bytes
{ {
uint64_t buf[256]; uint64_t buf[256];
// ikeypad // ikeypad
buf[0] = ((uint64_t *)key)[0] ^ IPAD; buf[0] = key.GetLL ()[0] ^ IPAD;
buf[1] = ((uint64_t *)key)[1] ^ IPAD; buf[1] = key.GetLL ()[1] ^ IPAD;
buf[2] = ((uint64_t *)key)[2] ^ IPAD; buf[2] = key.GetLL ()[2] ^ IPAD;
buf[3] = ((uint64_t *)key)[3] ^ IPAD; buf[3] = key.GetLL ()[3] ^ IPAD;
buf[4] = IPAD; buf[4] = IPAD;
buf[5] = IPAD; buf[5] = IPAD;
buf[6] = IPAD; buf[6] = IPAD;
@ -35,10 +38,10 @@ namespace crypto
CryptoPP::Weak1::MD5().CalculateDigest (hash, (uint8_t *)buf, len + 64); CryptoPP::Weak1::MD5().CalculateDigest (hash, (uint8_t *)buf, len + 64);
// okeypad // okeypad
buf[0] = ((uint64_t *)key)[0] ^ OPAD; buf[0] = key.GetLL ()[0] ^ OPAD;
buf[1] = ((uint64_t *)key)[1] ^ OPAD; buf[1] = key.GetLL ()[1] ^ OPAD;
buf[2] = ((uint64_t *)key)[2] ^ OPAD; buf[2] = key.GetLL ()[2] ^ OPAD;
buf[3] = ((uint64_t *)key)[3] ^ OPAD; buf[3] = key.GetLL ()[3] ^ OPAD;
buf[4] = OPAD; buf[4] = OPAD;
buf[5] = OPAD; buf[5] = OPAD;
buf[6] = OPAD; buf[6] = OPAD;

Loading…
Cancel
Save