Browse Source

use VerifyDigest for verification

pull/118/head
orignal 10 years ago
parent
commit
5221e09b67
  1. 6
      Datagram.cpp
  2. 4
      Garlic.cpp
  3. 5
      NTCPSession.cpp

6
Datagram.cpp

@ -76,11 +76,7 @@ namespace datagram @@ -76,11 +76,7 @@ namespace datagram
bool verified = false;
if (identity.GetSigningKeyType () == i2p::data::SIGNING_KEY_TYPE_DSA_SHA1)
{
uint8_t hash[32];
CryptoPP::SHA256().CalculateDigest (hash, buf + headerLen, len - headerLen);
verified = identity.Verify (hash, 32, signature);
}
verified = CryptoPP::SHA256().VerifyDigest (signature, buf + headerLen, len - headerLen);
else
verified = identity.Verify (buf + headerLen, len - headerLen, signature);

4
Garlic.cpp

@ -418,9 +418,7 @@ namespace garlic @@ -418,9 +418,7 @@ namespace garlic
buf++; // flag
// payload
uint8_t hash[32];
CryptoPP::SHA256().CalculateDigest(hash, buf, payloadSize);
if (memcmp (hash, payloadHash, 32)) // payload hash doesn't match
if (!CryptoPP::SHA256().VerifyDigest (payloadHash, buf, payloadSize)) // payload hash doesn't match
{
LogPrint ("Wrong payload hash");
return;

5
NTCPSession.cpp

@ -255,11 +255,10 @@ namespace transport @@ -255,11 +255,10 @@ namespace transport
m_Decryption.Decrypt((uint8_t *)&m_Establisher->phase2.encrypted, sizeof(m_Establisher->phase2.encrypted), (uint8_t *)&m_Establisher->phase2.encrypted);
// verify
uint8_t xy[512], hxy[32];
uint8_t xy[512];
memcpy (xy, m_DHKeysPair->publicKey, 256);
memcpy (xy + 256, m_Establisher->phase2.pubKey, 256);
CryptoPP::SHA256().CalculateDigest(hxy, xy, 512);
if (memcmp (hxy, m_Establisher->phase2.encrypted.hxy, 32))
if (!CryptoPP::SHA256().VerifyDigest(m_Establisher->phase2.encrypted.hxy, xy, 512))
{
LogPrint (eLogError, "Incorrect hash");
transports.ReuseDHKeysPair (m_DHKeysPair);

Loading…
Cancel
Save