mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-01-22 04:04:16 +00:00
aligned AES and MAC keys
This commit is contained in:
parent
7a976dd5f2
commit
4334007688
@ -2,7 +2,6 @@
|
|||||||
#include <cryptopp/dh.h>
|
#include <cryptopp/dh.h>
|
||||||
#include <cryptopp/sha.h>
|
#include <cryptopp/sha.h>
|
||||||
#include "CryptoConst.h"
|
#include "CryptoConst.h"
|
||||||
#include "hmac.h"
|
|
||||||
#include "Log.h"
|
#include "Log.h"
|
||||||
#include "Timestamp.h"
|
#include "Timestamp.h"
|
||||||
#include "RouterContext.h"
|
#include "RouterContext.h"
|
||||||
@ -40,16 +39,17 @@ namespace transport
|
|||||||
return;
|
return;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
uint8_t * sessionKey = m_SessionKey, * macKey = m_MacKey;
|
||||||
if (sharedKey[0] & 0x80)
|
if (sharedKey[0] & 0x80)
|
||||||
{
|
{
|
||||||
m_SessionKey[0] = 0;
|
sessionKey[0] = 0;
|
||||||
memcpy (m_SessionKey + 1, sharedKey, 31);
|
memcpy (sessionKey + 1, sharedKey, 31);
|
||||||
memcpy (m_MacKey, sharedKey + 31, 32);
|
memcpy (macKey, sharedKey + 31, 32);
|
||||||
}
|
}
|
||||||
else if (sharedKey[0])
|
else if (sharedKey[0])
|
||||||
{
|
{
|
||||||
memcpy (m_SessionKey, sharedKey, 32);
|
memcpy (sessionKey, sharedKey, 32);
|
||||||
memcpy (m_MacKey, sharedKey + 32, 32);
|
memcpy (macKey, sharedKey + 32, 32);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -65,8 +65,8 @@ namespace transport
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
memcpy (m_SessionKey, nonZero, 32);
|
memcpy (sessionKey, nonZero, 32);
|
||||||
CryptoPP::SHA256().CalculateDigest(m_MacKey, nonZero, 64 - (nonZero - sharedKey));
|
CryptoPP::SHA256().CalculateDigest(macKey, nonZero, 64 - (nonZero - sharedKey));
|
||||||
}
|
}
|
||||||
m_IsSessionKey = true;
|
m_IsSessionKey = true;
|
||||||
m_SessionKeyEncryption.SetKey (m_SessionKey);
|
m_SessionKeyEncryption.SetKey (m_SessionKey);
|
||||||
|
@ -6,6 +6,7 @@
|
|||||||
#include <list>
|
#include <list>
|
||||||
#include <boost/asio.hpp>
|
#include <boost/asio.hpp>
|
||||||
#include "aes.h"
|
#include "aes.h"
|
||||||
|
#include "hmac.h"
|
||||||
#include "I2NPProtocol.h"
|
#include "I2NPProtocol.h"
|
||||||
#include "TransportSession.h"
|
#include "TransportSession.h"
|
||||||
#include "SSUData.h"
|
#include "SSUData.h"
|
||||||
@ -128,7 +129,8 @@ namespace transport
|
|||||||
std::set<uint32_t> m_PeerTestNonces;
|
std::set<uint32_t> m_PeerTestNonces;
|
||||||
i2p::crypto::CBCEncryption m_SessionKeyEncryption;
|
i2p::crypto::CBCEncryption m_SessionKeyEncryption;
|
||||||
i2p::crypto::CBCDecryption m_SessionKeyDecryption;
|
i2p::crypto::CBCDecryption m_SessionKeyDecryption;
|
||||||
uint8_t m_SessionKey[32], m_MacKey[32];
|
i2p::crypto::AESKey m_SessionKey;
|
||||||
|
i2p::crypto::MACKey m_MacKey;
|
||||||
std::list<i2p::I2NPMessage *> m_DelayedMessages;
|
std::list<i2p::I2NPMessage *> m_DelayedMessages;
|
||||||
SSUData m_Data;
|
SSUData m_Data;
|
||||||
size_t m_NumSentBytes, m_NumReceivedBytes;
|
size_t m_NumSentBytes, m_NumReceivedBytes;
|
||||||
|
3
aes.h
3
aes.h
@ -4,6 +4,7 @@
|
|||||||
#include <inttypes.h>
|
#include <inttypes.h>
|
||||||
#include <cryptopp/modes.h>
|
#include <cryptopp/modes.h>
|
||||||
#include <cryptopp/aes.h>
|
#include <cryptopp/aes.h>
|
||||||
|
#include "Identity.h"
|
||||||
|
|
||||||
namespace i2p
|
namespace i2p
|
||||||
{
|
{
|
||||||
@ -21,6 +22,8 @@ namespace crypto
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
typedef i2p::data::Tag<32> AESKey;
|
||||||
|
|
||||||
#ifdef AESNI
|
#ifdef AESNI
|
||||||
class ECBCryptoAESNI
|
class ECBCryptoAESNI
|
||||||
{
|
{
|
||||||
|
21
hmac.h
21
hmac.h
@ -5,6 +5,7 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
|
#define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1
|
||||||
#include <cryptopp/md5.h>
|
#include <cryptopp/md5.h>
|
||||||
|
#include "Identity.h"
|
||||||
|
|
||||||
namespace i2p
|
namespace i2p
|
||||||
{
|
{
|
||||||
@ -13,17 +14,19 @@ namespace crypto
|
|||||||
const uint64_t IPAD = 0x3636363636363636;
|
const uint64_t IPAD = 0x3636363636363636;
|
||||||
const uint64_t OPAD = 0x5C5C5C5C5C5C5C5C;
|
const uint64_t OPAD = 0x5C5C5C5C5C5C5C5C;
|
||||||
|
|
||||||
inline void HMACMD5Digest (uint8_t * msg, size_t len, const uint8_t * key, uint8_t * digest)
|
typedef i2p::data::Tag<32> MACKey;
|
||||||
|
|
||||||
|
inline void HMACMD5Digest (uint8_t * msg, size_t len, const MACKey& key, uint8_t * digest)
|
||||||
// key is 32 bytes
|
// key is 32 bytes
|
||||||
// digest is 16 bytes
|
// digest is 16 bytes
|
||||||
// block size is 64 bytes
|
// block size is 64 bytes
|
||||||
{
|
{
|
||||||
uint64_t buf[256];
|
uint64_t buf[256];
|
||||||
// ikeypad
|
// ikeypad
|
||||||
buf[0] = ((uint64_t *)key)[0] ^ IPAD;
|
buf[0] = key.GetLL ()[0] ^ IPAD;
|
||||||
buf[1] = ((uint64_t *)key)[1] ^ IPAD;
|
buf[1] = key.GetLL ()[1] ^ IPAD;
|
||||||
buf[2] = ((uint64_t *)key)[2] ^ IPAD;
|
buf[2] = key.GetLL ()[2] ^ IPAD;
|
||||||
buf[3] = ((uint64_t *)key)[3] ^ IPAD;
|
buf[3] = key.GetLL ()[3] ^ IPAD;
|
||||||
buf[4] = IPAD;
|
buf[4] = IPAD;
|
||||||
buf[5] = IPAD;
|
buf[5] = IPAD;
|
||||||
buf[6] = IPAD;
|
buf[6] = IPAD;
|
||||||
@ -35,10 +38,10 @@ namespace crypto
|
|||||||
CryptoPP::Weak1::MD5().CalculateDigest (hash, (uint8_t *)buf, len + 64);
|
CryptoPP::Weak1::MD5().CalculateDigest (hash, (uint8_t *)buf, len + 64);
|
||||||
|
|
||||||
// okeypad
|
// okeypad
|
||||||
buf[0] = ((uint64_t *)key)[0] ^ OPAD;
|
buf[0] = key.GetLL ()[0] ^ OPAD;
|
||||||
buf[1] = ((uint64_t *)key)[1] ^ OPAD;
|
buf[1] = key.GetLL ()[1] ^ OPAD;
|
||||||
buf[2] = ((uint64_t *)key)[2] ^ OPAD;
|
buf[2] = key.GetLL ()[2] ^ OPAD;
|
||||||
buf[3] = ((uint64_t *)key)[3] ^ OPAD;
|
buf[3] = key.GetLL ()[3] ^ OPAD;
|
||||||
buf[4] = OPAD;
|
buf[4] = OPAD;
|
||||||
buf[5] = OPAD;
|
buf[5] = OPAD;
|
||||||
buf[6] = OPAD;
|
buf[6] = OPAD;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user