PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

Merge pull request #1249 from PurpleI2P/openssl 

2.21.0
pull/1268/head
orignal 6 years ago committed by GitHub
parent
5ecd04dd4f 8adf76dcc9
commit
5e31e533e2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
28 changed files with 730 additions and 627 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      ChangeLog
  2. 2
      Win32/installer.iss
  3. 3
      android/AndroidManifest.xml
  4. 6
      android/build.gradle
  5. 24
      android/jni/Android.mk
  6. 42
      android/src/org/purplei2p/i2pd/ForegroundService.java
  7. 24
      android_binary_only/jni/Android.mk
  8. 6
      appveyor.yml
  9. 3
      contrib/rpm/i2pd.spec
  10. 10
      daemon/HTTPServer.cpp
  11. 6
      debian/changelog
  12. 67
      libi2pd/Crypto.cpp
  13. 51
      libi2pd/Crypto.h
  14. 57
      libi2pd/Identity.cpp
  15. 126
      libi2pd/NTCP2.cpp
  16. 23
      libi2pd/NTCP2.h
  17. 11
      libi2pd/NetDb.cpp
  18. 2
      libi2pd/Reseed.cpp
  19. 20
      libi2pd/RouterContext.cpp
  20. 5
      libi2pd/RouterContext.h
  21. 8
      libi2pd/RouterInfo.cpp
  22. 71
      libi2pd/Signature.cpp
  23. 127
      libi2pd/Signature.h
  24. 4
      libi2pd/version.h
  25. 4
      qt/i2pd_qt/TunnelConfig.cpp
  26. 2
      qt/i2pd_qt/android/AndroidManifest.xml
  27. 637
      qt/i2pd_qt/i2pd_qt.pro
  28. 2
      qt/i2pd_qt/mainwindow.h

14
ChangeLog
Unescape View File

@ -1,6 +1,20 @@
# for this file format description, # for this file format description,
# see https://github.com/olivierlacan/keep-a-changelog # see https://github.com/olivierlacan/keep-a-changelog
## [2.21.0] - 2018-10-04
### Added
- EdDSA, x25519 and SipHash from openssl 1.1.1
- NTCP2 ipv6 incoming connections
- Show total number of destination's outgoing tags in the web console
### Changed
- Android build with openssl 1.1.1/boost 1.64
- Bandwidth classes 'P' and 'X' don't add 'O' anymore
### Fixed
- Update own RouterInfo if no SSU
- Recognize 'P' and 'X' routers as high bandwidth without 'O'
- NTCP address doesn't disappear if NTCP2 enabled
- Android with api 26+
## [2.20.0] - 2018-08-23 ## [2.20.0] - 2018-08-23
### Added ### Added
- Full implementation of NTCP2 - Full implementation of NTCP2

2
Win32/installer.iss
Unescape View File

@ -1,5 +1,5 @@
#define I2Pd_AppName "i2pd" #define I2Pd_AppName "i2pd"
#define I2Pd_ver "2.20.0" #define I2Pd_ver "2.21.0"
#define I2Pd_Publisher "PurpleI2P" #define I2Pd_Publisher "PurpleI2P"
[Setup] [Setup]

3
android/AndroidManifest.xml
Unescape View File

@ -3,7 +3,7 @@
package="org.purplei2p.i2pd" package="org.purplei2p.i2pd"
android:installLocation="auto" android:installLocation="auto"
android:versionCode="1" android:versionCode="1"
android:versionName="2.20.0"> android:versionName="2.21.0">
<uses-sdk <uses-sdk
android:minSdkVersion="14" android:minSdkVersion="14"
@ -14,6 +14,7 @@
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" /> <uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" /> <!-- normal perm --> <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" /> <!-- normal perm -->
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" /> <!-- required in API 26+ -->
<application <application
android:allowBackup="true" android:allowBackup="true"
android:icon="@drawable/icon" android:icon="@drawable/icon"

6
android/build.gradle
Unescape View File

@ -17,6 +17,10 @@ repositories {
} }
} }
dependencies {
compile 'com.android.support:support-compat:28.0.0'
}
android { android {
compileSdkVersion 28 compileSdkVersion 28
buildToolsVersion "28.0.1" buildToolsVersion "28.0.1"
@ -25,7 +29,7 @@ android {
targetSdkVersion 28 targetSdkVersion 28
minSdkVersion 14 minSdkVersion 14
versionCode 1 versionCode 1
versionName "2.20.0" versionName "2.21.0"
ndk { ndk {
abiFilters 'armeabi-v7a' abiFilters 'armeabi-v7a'
abiFilters 'x86' abiFilters 'x86'

24
android/jni/Android.mk
Unescape View File

@ -25,43 +25,43 @@ include $(BUILD_SHARED_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_system LOCAL_MODULE := boost_system
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_system.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_system.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_date_time LOCAL_MODULE := boost_date_time
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_filesystem LOCAL_MODULE := boost_filesystem
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_program_options LOCAL_MODULE := boost_program_options
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := crypto LOCAL_MODULE := crypto
LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libcrypto.a LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1/$(TARGET_ARCH_ABI)/lib/libcrypto.a
LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := ssl LOCAL_MODULE := ssl
LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libssl.a LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1/$(TARGET_ARCH_ABI)/lib/libssl.a
LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1/include
LOCAL_STATIC_LIBRARIES := crypto LOCAL_STATIC_LIBRARIES := crypto
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)

42
android/src/org/purplei2p/i2pd/ForegroundService.java
Unescape View File

@ -1,12 +1,17 @@
package org.purplei2p.i2pd; package org.purplei2p.i2pd;
import android.app.Notification; import android.app.Notification;
import android.app.NotificationChannel;
import android.app.NotificationManager; import android.app.NotificationManager;
import android.app.PendingIntent; import android.app.PendingIntent;
import android.app.Service; import android.app.Service;
import android.content.Context;
import android.content.Intent; import android.content.Intent;
import android.os.Binder; import android.os.Binder;
import android.os.Build;
import android.os.IBinder; import android.os.IBinder;
import android.support.annotation.RequiresApi;
import android.support.v4.app.NotificationCompat;
import android.util.Log; import android.util.Log;
import android.widget.Toast; import android.widget.Toast;
@ -104,22 +109,41 @@ public class ForegroundService extends Service {
PendingIntent contentIntent = PendingIntent.getActivity(this, 0, PendingIntent contentIntent = PendingIntent.getActivity(this, 0,
new Intent(this, I2PDActivity.class), 0); new Intent(this, I2PDActivity.class), 0);
// If earlier version channel ID is not used
// https://developer.android.com/reference/android/support/v4/app/NotificationCompat.Builder.html#NotificationCompat.Builder(android.content.Context)
String channelId = (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) ? createNotificationChannel() : "";
// Set the info for the views that show in the notification panel. // Set the info for the views that show in the notification panel.
Notification notification = new Notification.Builder(this) Notification notification = new NotificationCompat.Builder(this, channelId)
.setSmallIcon(R.drawable.itoopie_notification_icon) // the status icon .setOngoing(true)
.setTicker(text) // the status text .setSmallIcon(R.drawable.itoopie_notification_icon) // the status icon
.setWhen(System.currentTimeMillis()) // the time stamp .setPriority(Notification.PRIORITY_DEFAULT)
.setContentTitle(getText(R.string.app_name)) // the label of the entry .setCategory(Notification.CATEGORY_SERVICE)
.setContentText(text) // the contents of the entry .setTicker(text) // the status text
.setContentIntent(contentIntent) // The intent to send when the entry is clicked .setWhen(System.currentTimeMillis()) // the time stamp
.setContentTitle(getText(R.string.app_name)) // the label of the entry
.setContentText(text) // the contents of the entry
.setContentIntent(contentIntent) // The intent to send when the entry is clicked
.build(); .build();
// Send the notification. // Send the notification.
//mNM.notify(NOTIFICATION, notification); //mNM.notify(NOTIFICATION, notification);
startForeground(NOTIFICATION, notification); startForeground(NOTIFICATION, notification);
shown=true; shown = true;
}
@RequiresApi(Build.VERSION_CODES.O)
private synchronized String createNotificationChannel() {
String channelId = getString(R.string.app_name);
CharSequence channelName = "I2Pd service";
NotificationChannel chan = new NotificationChannel(channelId, channelName, NotificationManager.IMPORTANCE_LOW);
//chan.setLightColor(Color.PURPLE);
chan.setLockscreenVisibility(Notification.VISIBILITY_PRIVATE);
NotificationManager service = (NotificationManager)getSystemService(Context.NOTIFICATION_SERVICE);
service.createNotificationChannel(chan);
return channelId;
} }
private static final DaemonSingleton daemon = DaemonSingleton.getInstance(); private static final DaemonSingleton daemon = DaemonSingleton.getInstance();
} }

24
android_binary_only/jni/Android.mk
Unescape View File

@ -26,43 +26,43 @@ include $(BUILD_EXECUTABLE)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_system LOCAL_MODULE := boost_system
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_system.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_system.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_date_time LOCAL_MODULE := boost_date_time
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_filesystem LOCAL_MODULE := boost_filesystem
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := boost_program_options LOCAL_MODULE := boost_program_options
LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_62_0/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_64_0/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a
LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_62_0/include LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_64_0/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := crypto LOCAL_MODULE := crypto
LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libcrypto.a LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1/$(TARGET_ARCH_ABI)/lib/libcrypto.a
LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1/include
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)
LOCAL_PATH := $(call my-dir) LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := ssl LOCAL_MODULE := ssl
LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libssl.a LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1/$(TARGET_ARCH_ABI)/lib/libssl.a
LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1/include
LOCAL_STATIC_LIBRARIES := crypto LOCAL_STATIC_LIBRARIES := crypto
include $(PREBUILT_STATIC_LIBRARY) include $(PREBUILT_STATIC_LIBRARY)

6
appveyor.yml
Unescape View File

@ -1,4 +1,4 @@
version: 2.20.{build} version: 2.21.{build}
pull_requests: pull_requests:
do_not_increment_build_number: true do_not_increment_build_number: true
branches: branches:
@ -18,9 +18,9 @@ environment:
install: install:
- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Rns gcc-fortran gcc" - c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Rns gcc-fortran gcc"
- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu " - c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu --force"
- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu" - c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu --force"
- if "%MSYSTEM%" == "MINGW64" ( - if "%MSYSTEM%" == "MINGW64" (
c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-x86_64-boost mingw-w64-x86_64-miniupnpc" c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-x86_64-boost mingw-w64-x86_64-miniupnpc"

3
contrib/rpm/i2pd.spec
Unescape View File

@ -96,6 +96,9 @@ getent passwd i2pd >/dev/null || \
%changelog %changelog
* Thu Oct 4 2018 orignal <i2porignal@yandex.ru> - 2.21.0
- update to 2.21.0
* Thu Aug 23 2018 orignal <i2porignal@yandex.ru> - 2.20.0 * Thu Aug 23 2018 orignal <i2porignal@yandex.ru> - 2.20.0
- update to 2.20.0 - update to 2.20.0

10
daemon/HTTPServer.cpp
Unescape View File

@ -381,10 +381,12 @@ namespace http {
s << "<br>\r\n"; s << "<br>\r\n";
s << "<b>Tags</b><br>Incoming: <i>" << dest->GetNumIncomingTags () << "</i><br>"; s << "<b>Tags</b><br>Incoming: <i>" << dest->GetNumIncomingTags () << "</i><br>";
if (!dest->GetSessions ().empty ()) { if (!dest->GetSessions ().empty ()) {
s << "<div class='slide'><label for='slide-tags'>Outgoing:</label>\r\n<input type='checkbox' id='slide-tags'/>\r\n<p class='content'>\r\n"; std::stringstream tmp_s; uint32_t out_tags = 0;
for (const auto& it: dest->GetSessions ()) for (const auto& it: dest->GetSessions ()) {
s << i2p::client::context.GetAddressBook ().ToAddress(it.first) << " " << it.second->GetNumOutgoingTags () << "<br>\r\n"; tmp_s << i2p::client::context.GetAddressBook ().ToAddress(it.first) << " " << it.second->GetNumOutgoingTags () << "<br>\r\n";
s << "</p>\r\n</div>\r\n"; out_tags = out_tags + it.second->GetNumOutgoingTags ();
}
s << "<div class='slide'><label for='slide-tags'>Outgoing: <i>" << out_tags << "</i></label>\r\n<input type='checkbox' id='slide-tags'/>\r\n<p class='content'>\r\n" << tmp_s.str () << "</p>\r\n</div>\r\n";
} else } else
s << "Outgoing: <i>0</i><br>\r\n"; s << "Outgoing: <i>0</i><br>\r\n";
s << "<br>\r\n"; s << "<br>\r\n";

6
debian/changelog vendored
Unescape View File

@ -1,3 +1,9 @@
i2pd (2.21.0-1) unstable; urgency=medium
* updated to version 2.21.0/0.9.37
-- orignal <orignal@i2pmail.org> Thu, 4 Oct 2018 16:00:00 +0000
i2pd (2.20.0-1) unstable; urgency=medium i2pd (2.20.0-1) unstable; urgency=medium
* updated to version 2.20.0/0.9.36 * updated to version 2.20.0/0.9.36

67
libi2pd/Crypto.cpp
Unescape View File

@ -12,9 +12,8 @@
#if LEGACY_OPENSSL #if LEGACY_OPENSSL
#include "ChaCha20.h" #include "ChaCha20.h"
#include "Poly1305.h" #include "Poly1305.h"
#else
#include <openssl/evp.h>
#endif #endif
#include "Ed25519.h"
#include "I2PEndian.h" #include "I2PEndian.h"
#include "Log.h" #include "Log.h"
@ -278,6 +277,70 @@ namespace crypto
BN_free (pk); BN_free (pk);
} }
// x25519
X25519Keys::X25519Keys ()
{
#if OPENSSL_X25519
m_Ctx = EVP_PKEY_CTX_new_id (NID_X25519, NULL);
#else
m_Ctx = BN_CTX_new ();
#endif
}
X25519Keys::X25519Keys (const uint8_t * priv, const uint8_t * pub)
{
#if OPENSSL_X25519
m_Pkey = EVP_PKEY_new_raw_private_key (EVP_PKEY_X25519, NULL, priv, 32);
m_Ctx = EVP_PKEY_CTX_new (m_Pkey, NULL);
memcpy (m_PublicKey, pub, 32); // TODO: verify against m_Pkey
#else
memcpy (m_PrivateKey, priv, 32);
memcpy (m_PublicKey, pub, 32);
m_Ctx = BN_CTX_new ();
#endif
}
X25519Keys::~X25519Keys ()
{
#if OPENSSL_X25519
EVP_PKEY_CTX_free (m_Ctx);
if (m_Pkey)
EVP_PKEY_free (m_Pkey);
#else
BN_CTX_free (m_Ctx);
#endif
}
void X25519Keys::GenerateKeys ()
{
#if OPENSSL_X25519
m_Pkey = nullptr;
EVP_PKEY_keygen_init (m_Ctx);
EVP_PKEY_keygen (m_Ctx, &m_Pkey);
EVP_PKEY_CTX_free (m_Ctx);
m_Ctx = EVP_PKEY_CTX_new (m_Pkey, NULL); // TODO: do we really need to re-create m_Ctx?
size_t len = 32;
EVP_PKEY_get_raw_public_key (m_Pkey, m_PublicKey, &len);
#else
RAND_bytes (m_PrivateKey, 32);
GetEd25519 ()->ScalarMulB (m_PrivateKey, m_PublicKey, m_Ctx);
#endif
}
void X25519Keys::Agree (const uint8_t * pub, uint8_t * shared)
{
#if OPENSSL_X25519
EVP_PKEY_derive_init (m_Ctx);
auto pkey = EVP_PKEY_new_raw_public_key (EVP_PKEY_X25519, NULL, pub, 32);
EVP_PKEY_derive_set_peer (m_Ctx, pkey);
size_t len = 32;
EVP_PKEY_derive (m_Ctx, shared, &len);
EVP_PKEY_free (pkey);
#else
GetEd25519 ()->ScalarMul (pub, m_PrivateKey, shared, m_Ctx);
#endif
}
// ElGamal // ElGamal
void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding) void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding)
{ {

51
libi2pd/Crypto.h
Unescape View File

@ -13,11 +13,24 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#include <openssl/engine.h> #include <openssl/engine.h>
#include <openssl/opensslv.h>
#include "Base.h" #include "Base.h"
#include "Tag.h" #include "Tag.h"
#include "CPU.h" #include "CPU.h"
// recognize openssl version and features
#if ((OPENSSL_VERSION_NUMBER < 0x010100000) || defined(LIBRESSL_VERSION_NUMBER)) // 1.0.2 and below or LibreSSL
# define LEGACY_OPENSSL 1
#else
# define LEGACY_OPENSSL 0
# if (OPENSSL_VERSION_NUMBER >= 0x010101000) // 1.1.1
# define OPENSSL_EDDSA 1
# define OPENSSL_X25519 1
# define OPENSSL_SIPHASH 1
# endif
#endif
namespace i2p namespace i2p
{ {
namespace crypto namespace crypto
@ -48,6 +61,31 @@ namespace crypto
uint8_t m_PublicKey[256]; uint8_t m_PublicKey[256];
}; };
// x25519
class X25519Keys
{
public:
X25519Keys ();
X25519Keys (const uint8_t * priv, const uint8_t * pub); // for RouterContext
~X25519Keys ();
void GenerateKeys ();
const uint8_t * GetPublicKey () const { return m_PublicKey; };
void Agree (const uint8_t * pub, uint8_t * shared);
private:
uint8_t m_PublicKey[32];
#if OPENSSL_X25519
EVP_PKEY_CTX * m_Ctx;
EVP_PKEY * m_Pkey;
#else
BN_CTX * m_Ctx;
uint8_t m_PrivateKey[32];
#endif
};
// ElGamal // ElGamal
void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding = false); void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding = false);
bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, BN_CTX * ctx, bool zeroPadding = false); bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, BN_CTX * ctx, bool zeroPadding = false);
@ -260,18 +298,7 @@ namespace crypto
} }
} }
// take care about openssl version // take care about openssl below 1.1.0
#include <openssl/opensslv.h>
#if ((OPENSSL_VERSION_NUMBER < 0x010100000) || defined(LIBRESSL_VERSION_NUMBER)) // 1.0.2 and below or LibreSSL
# define LEGACY_OPENSSL 1
#else
# define LEGACY_OPENSSL 0
# if (OPENSSL_VERSION_NUMBER >= 0x010101000) // 1.1.1
# define OPENSSL_EDDSA 1
# define OPENSSL_X25519 1
# endif
#endif
#if LEGACY_OPENSSL #if LEGACY_OPENSSL
// define getters and setters introduced in 1.1.0 // define getters and setters introduced in 1.1.0
inline int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) inline int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)

57
libi2pd/Identity.cpp
Unescape View File

@ -72,29 +72,10 @@ namespace data
break; break;
} }
case SIGNING_KEY_TYPE_RSA_SHA256_2048: case SIGNING_KEY_TYPE_RSA_SHA256_2048:
{
memcpy (m_StandardIdentity.signingKey, signingKey, 128);
excessLen = i2p::crypto::RSASHA2562048_KEY_LENGTH - 128; // 128 = 256 - 128
excessBuf = new uint8_t[excessLen];
memcpy (excessBuf, signingKey + 128, excessLen);
break;
}
case SIGNING_KEY_TYPE_RSA_SHA384_3072: case SIGNING_KEY_TYPE_RSA_SHA384_3072:
{
memcpy (m_StandardIdentity.signingKey, signingKey, 128);
excessLen = i2p::crypto::RSASHA3843072_KEY_LENGTH - 128; // 256 = 384 - 128
excessBuf = new uint8_t[excessLen];
memcpy (excessBuf, signingKey + 128, excessLen);
break;
}
case SIGNING_KEY_TYPE_RSA_SHA512_4096: case SIGNING_KEY_TYPE_RSA_SHA512_4096:
{ LogPrint (eLogError, "Identity: RSA signing key type ", (int)type, " is not supported");
memcpy (m_StandardIdentity.signingKey, signingKey, 128); break;
excessLen = i2p::crypto::RSASHA5124096_KEY_LENGTH - 128; // 384 = 512 - 128
excessBuf = new uint8_t[excessLen];
memcpy (excessBuf, signingKey + 128, excessLen);
break;
}
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
{ {
size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32 size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32
@ -368,32 +349,10 @@ namespace data
break; break;
} }
case SIGNING_KEY_TYPE_RSA_SHA256_2048: case SIGNING_KEY_TYPE_RSA_SHA256_2048:
{
uint8_t signingKey[i2p::crypto::RSASHA2562048_KEY_LENGTH];
memcpy (signingKey, m_StandardIdentity.signingKey, 128);
size_t excessLen = i2p::crypto::RSASHA2562048_KEY_LENGTH - 128; // 128 = 256- 128
memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
UpdateVerifier (new i2p::crypto:: RSASHA2562048Verifier (signingKey));
break;
}
case SIGNING_KEY_TYPE_RSA_SHA384_3072: case SIGNING_KEY_TYPE_RSA_SHA384_3072:
{
uint8_t signingKey[i2p::crypto::RSASHA3843072_KEY_LENGTH];
memcpy (signingKey, m_StandardIdentity.signingKey, 128);
size_t excessLen = i2p::crypto::RSASHA3843072_KEY_LENGTH - 128; // 256 = 384- 128
memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
UpdateVerifier (new i2p::crypto:: RSASHA3843072Verifier (signingKey));
break;
}
case SIGNING_KEY_TYPE_RSA_SHA512_4096: case SIGNING_KEY_TYPE_RSA_SHA512_4096:
{ LogPrint (eLogError, "Identity: RSA signing key type ", (int)keyType, " is not supported");
uint8_t signingKey[i2p::crypto::RSASHA5124096_KEY_LENGTH]; break;
memcpy (signingKey, m_StandardIdentity.signingKey, 128);
size_t excessLen = i2p::crypto::RSASHA5124096_KEY_LENGTH - 128; // 384 = 512- 128
memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
UpdateVerifier (new i2p::crypto:: RSASHA5124096Verifier (signingKey));
break;
}
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
{ {
size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32 size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32
@ -564,13 +523,9 @@ namespace data
m_Signer.reset (new i2p::crypto::ECDSAP521Signer (m_SigningPrivateKey)); m_Signer.reset (new i2p::crypto::ECDSAP521Signer (m_SigningPrivateKey));
break; break;
case SIGNING_KEY_TYPE_RSA_SHA256_2048: case SIGNING_KEY_TYPE_RSA_SHA256_2048:
m_Signer.reset (new i2p::crypto::RSASHA2562048Signer (m_SigningPrivateKey));
break;
case SIGNING_KEY_TYPE_RSA_SHA384_3072: case SIGNING_KEY_TYPE_RSA_SHA384_3072:
m_Signer.reset (new i2p::crypto::RSASHA3843072Signer (m_SigningPrivateKey));
break;
case SIGNING_KEY_TYPE_RSA_SHA512_4096: case SIGNING_KEY_TYPE_RSA_SHA512_4096:
m_Signer.reset (new i2p::crypto::RSASHA5124096Signer (m_SigningPrivateKey)); LogPrint (eLogError, "Identity: RSA signing key type ", (int)m_Public->GetSigningKeyType (), " is not supported");
break; break;
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
m_Signer.reset (new i2p::crypto::EDDSA25519Signer (m_SigningPrivateKey, m_Public->GetStandardIdentity ().certificate - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH)); m_Signer.reset (new i2p::crypto::EDDSA25519Signer (m_SigningPrivateKey, m_Public->GetStandardIdentity ().certificate - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH));
@ -642,7 +597,7 @@ namespace data
case SIGNING_KEY_TYPE_RSA_SHA256_2048: case SIGNING_KEY_TYPE_RSA_SHA256_2048:
case SIGNING_KEY_TYPE_RSA_SHA384_3072: case SIGNING_KEY_TYPE_RSA_SHA384_3072:
case SIGNING_KEY_TYPE_RSA_SHA512_4096: case SIGNING_KEY_TYPE_RSA_SHA512_4096:
LogPrint (eLogWarning, "Identity: RSA signature type is not supported. Create EdDSA"); LogPrint (eLogWarning, "Identity: RSA signature type is not supported. Creating EdDSA");
// no break here // no break here
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
i2p::crypto::CreateEDDSA25519RandomKeys (keys.m_SigningPrivateKey, signingPublicKey); i2p::crypto::CreateEDDSA25519RandomKeys (keys.m_SigningPrivateKey, signingPublicKey);

126
libi2pd/NTCP2.cpp
Unescape View File

@ -17,7 +17,6 @@
#include "Log.h" #include "Log.h"
#include "I2PEndian.h" #include "I2PEndian.h"
#include "Crypto.h" #include "Crypto.h"
#include "Ed25519.h"
#include "Siphash.h" #include "Siphash.h"
#include "RouterContext.h" #include "RouterContext.h"
#include "Transports.h" #include "Transports.h"
@ -31,19 +30,14 @@ namespace transport
NTCP2Establisher::NTCP2Establisher (): NTCP2Establisher::NTCP2Establisher ():
m_SessionRequestBuffer (nullptr), m_SessionCreatedBuffer (nullptr), m_SessionConfirmedBuffer (nullptr) m_SessionRequestBuffer (nullptr), m_SessionCreatedBuffer (nullptr), m_SessionConfirmedBuffer (nullptr)
{ {
m_Ctx = BN_CTX_new ();
CreateEphemeralKey (); CreateEphemeralKey ();
} }
NTCP2Establisher::~NTCP2Establisher () NTCP2Establisher::~NTCP2Establisher ()
{ {
BN_CTX_free (m_Ctx);
delete[] m_SessionRequestBuffer; delete[] m_SessionRequestBuffer;
delete[] m_SessionCreatedBuffer; delete[] m_SessionCreatedBuffer;
delete[] m_SessionConfirmedBuffer; delete[] m_SessionConfirmedBuffer;
#if OPENSSL_X25519
EVP_PKEY_free (m_EphemeralPkey);
#endif
} }
void NTCP2Establisher::MixKey (const uint8_t * inputKeyMaterial, uint8_t * derived) void NTCP2Establisher::MixKey (const uint8_t * inputKeyMaterial, uint8_t * derived)
@ -59,7 +53,7 @@ namespace transport
HMAC(EVP_sha256(), tempKey, 32, m_CK, 33, derived, &len); HMAC(EVP_sha256(), tempKey, 32, m_CK, 33, derived, &len);
} }
void NTCP2Establisher::KeyDerivationFunction1 (const uint8_t * pub, const uint8_t * priv, const uint8_t * rs, const uint8_t * epub) void NTCP2Establisher::KeyDerivationFunction1 (const uint8_t * pub, i2p::crypto::X25519Keys& priv, const uint8_t * rs, const uint8_t * epub)
{ {
static const uint8_t protocolNameHash[] = static const uint8_t protocolNameHash[] =
{ {
@ -83,20 +77,20 @@ namespace transport
SHA256_Update (&ctx, m_H, 32); SHA256_Update (&ctx, m_H, 32);
SHA256_Update (&ctx, epub, 32); SHA256_Update (&ctx, epub, 32);
SHA256_Final (m_H, &ctx); SHA256_Final (m_H, &ctx);
// x25519 between rs and priv // x25519 between pub and priv
uint8_t inputKeyMaterial[32]; uint8_t inputKeyMaterial[32];
i2p::crypto::GetEd25519 ()->ScalarMul (pub, priv, inputKeyMaterial, m_Ctx); // rs*priv priv.Agree (pub, inputKeyMaterial);
MixKey (inputKeyMaterial, m_K); MixKey (inputKeyMaterial, m_K);
} }
void NTCP2Establisher::KDF1Alice () void NTCP2Establisher::KDF1Alice ()
{ {
KeyDerivationFunction1 (m_RemoteStaticKey, GetPriv (), m_RemoteStaticKey, GetPub ()); KeyDerivationFunction1 (m_RemoteStaticKey, m_EphemeralKeys, m_RemoteStaticKey, GetPub ());
} }
void NTCP2Establisher::KDF1Bob () void NTCP2Establisher::KDF1Bob ()
{ {
KeyDerivationFunction1 (GetRemotePub (), i2p::context.GetNTCP2StaticPrivateKey (), i2p::context.GetNTCP2StaticPublicKey (), GetRemotePub ()); KeyDerivationFunction1 (GetRemotePub (), i2p::context.GetStaticKeys (), i2p::context.GetNTCP2StaticPublicKey (), GetRemotePub ());
} }
void NTCP2Establisher::KeyDerivationFunction2 (const uint8_t * sessionRequest, size_t sessionRequestLen, const uint8_t * epub) void NTCP2Establisher::KeyDerivationFunction2 (const uint8_t * sessionRequest, size_t sessionRequestLen, const uint8_t * epub)
@ -120,20 +114,10 @@ namespace transport
SHA256_Update (&ctx, epub, 32); SHA256_Update (&ctx, epub, 32);
SHA256_Final (m_H, &ctx); SHA256_Final (m_H, &ctx);
// x25519 between remote pub and priv // x25519 between remote pub and ephemaral priv
uint8_t inputKeyMaterial[32]; uint8_t inputKeyMaterial[32];
#if OPENSSL_X25519 m_EphemeralKeys.Agree (GetRemotePub (), inputKeyMaterial);
auto pctx = EVP_PKEY_CTX_new (m_EphemeralPkey, NULL);
EVP_PKEY_derive_init (pctx);
auto pkey = EVP_PKEY_new_raw_public_key (EVP_PKEY_X25519, NULL, GetRemotePub (), 32);
EVP_PKEY_derive_set_peer (pctx, pkey);
size_t len = 32;
EVP_PKEY_derive (pctx, inputKeyMaterial, &len);
EVP_PKEY_free (pkey);
EVP_PKEY_CTX_free (pctx);
#else
i2p::crypto::GetEd25519 ()->ScalarMul (GetRemotePub (), GetPriv (), inputKeyMaterial, m_Ctx);
#endif
MixKey (inputKeyMaterial, m_K); MixKey (inputKeyMaterial, m_K);
} }
@ -150,34 +134,20 @@ namespace transport
void NTCP2Establisher::KDF3Alice () void NTCP2Establisher::KDF3Alice ()
{ {
uint8_t inputKeyMaterial[32]; uint8_t inputKeyMaterial[32];
i2p::crypto::GetEd25519 ()->ScalarMul (GetRemotePub (), i2p::context.GetNTCP2StaticPrivateKey (), inputKeyMaterial, m_Ctx); i2p::context.GetStaticKeys ().Agree (GetRemotePub (), inputKeyMaterial);
MixKey (inputKeyMaterial, m_K); MixKey (inputKeyMaterial, m_K);
} }
void NTCP2Establisher::KDF3Bob () void NTCP2Establisher::KDF3Bob ()
{ {
uint8_t inputKeyMaterial[32]; uint8_t inputKeyMaterial[32];
i2p::crypto::GetEd25519 ()->ScalarMul (m_RemoteStaticKey, m_EphemeralPrivateKey, inputKeyMaterial, m_Ctx); m_EphemeralKeys.Agree (m_RemoteStaticKey, inputKeyMaterial);
MixKey (inputKeyMaterial, m_K); MixKey (inputKeyMaterial, m_K);
} }
void NTCP2Establisher::CreateEphemeralKey () void NTCP2Establisher::CreateEphemeralKey ()
{ {
#if OPENSSL_X25519 m_EphemeralKeys.GenerateKeys ();
m_EphemeralPkey = nullptr;
EVP_PKEY_CTX * pctx = EVP_PKEY_CTX_new_id (NID_X25519, NULL);
EVP_PKEY_keygen_init (pctx);
EVP_PKEY_keygen (pctx, &m_EphemeralPkey);
EVP_PKEY_CTX_free (pctx);
// TODO: remove, after switch to m_EphemeralPkey
size_t len = 32;
EVP_PKEY_get_raw_public_key (m_EphemeralPkey, m_EphemeralPublicKey, &len);
len = 32;
EVP_PKEY_get_raw_private_key (m_EphemeralPkey, m_EphemeralPrivateKey, &len);
#else
RAND_bytes (m_EphemeralPrivateKey, 32);
i2p::crypto::GetEd25519 ()->ScalarMulB (m_EphemeralPrivateKey, m_EphemeralPublicKey, m_Ctx);
#endif
} }
void NTCP2Establisher::CreateSessionRequestMessage () void NTCP2Establisher::CreateSessionRequestMessage ()
@ -420,6 +390,10 @@ namespace transport
TransportSession (in_RemoteRouter, NTCP2_ESTABLISH_TIMEOUT), TransportSession (in_RemoteRouter, NTCP2_ESTABLISH_TIMEOUT),
m_Server (server), m_Socket (m_Server.GetService ()), m_Server (server), m_Socket (m_Server.GetService ()),
m_IsEstablished (false), m_IsTerminated (false), m_IsEstablished (false), m_IsTerminated (false),
m_SendSipKey (nullptr), m_ReceiveSipKey (nullptr),
#if OPENSSL_SIPHASH
m_SendMDCtx(nullptr), m_ReceiveMDCtx (nullptr),
#endif
m_NextReceivedLen (0), m_NextReceivedBuffer (nullptr), m_NextSendBuffer (nullptr), m_NextReceivedLen (0), m_NextReceivedBuffer (nullptr), m_NextSendBuffer (nullptr),
m_ReceiveSequenceNumber (0), m_SendSequenceNumber (0), m_IsSending (false) m_ReceiveSequenceNumber (0), m_SendSequenceNumber (0), m_IsSending (false)
{ {
@ -442,6 +416,12 @@ namespace transport
{ {
delete[] m_NextReceivedBuffer; delete[] m_NextReceivedBuffer;
delete[] m_NextSendBuffer; delete[] m_NextSendBuffer;
#if OPENSSL_SIPHASH
if (m_SendSipKey) EVP_PKEY_free (m_SendSipKey);
if (m_ReceiveSipKey) EVP_PKEY_free (m_ReceiveSipKey);
if (m_SendMDCtx) EVP_MD_CTX_destroy (m_SendMDCtx);
if (m_ReceiveMDCtx) EVP_MD_CTX_destroy (m_ReceiveMDCtx);
#endif
} }
void NTCP2Session::Terminate () void NTCP2Session::Terminate ()
@ -651,8 +631,7 @@ namespace transport
// Alice data phase keys // Alice data phase keys
m_SendKey = m_Kab; m_SendKey = m_Kab;
m_ReceiveKey = m_Kba; m_ReceiveKey = m_Kba;
m_SendSipKey = m_Sipkeysab; SetSipKeys (m_Sipkeysab, m_Sipkeysba);
m_ReceiveSipKey = m_Sipkeysba;
memcpy (m_ReceiveIV.buf, m_Sipkeysba + 16, 8); memcpy (m_ReceiveIV.buf, m_Sipkeysba + 16, 8);
memcpy (m_SendIV.buf, m_Sipkeysab + 16, 8); memcpy (m_SendIV.buf, m_Sipkeysab + 16, 8);
Established (); Established ();
@ -704,8 +683,7 @@ namespace transport
// Bob data phase keys // Bob data phase keys
m_SendKey = m_Kba; m_SendKey = m_Kba;
m_ReceiveKey = m_Kab; m_ReceiveKey = m_Kab;
m_SendSipKey = m_Sipkeysba; SetSipKeys (m_Sipkeysba, m_Sipkeysab);
m_ReceiveSipKey = m_Sipkeysab;
memcpy (m_ReceiveIV.buf, m_Sipkeysab + 16, 8); memcpy (m_ReceiveIV.buf, m_Sipkeysab + 16, 8);
memcpy (m_SendIV.buf, m_Sipkeysba + 16, 8); memcpy (m_SendIV.buf, m_Sipkeysba + 16, 8);
// payload // payload
@ -731,6 +709,12 @@ namespace transport
SendTerminationAndTerminate (eNTCP2RouterInfoSignatureVerificationFail); SendTerminationAndTerminate (eNTCP2RouterInfoSignatureVerificationFail);
return; return;
} }
if (i2p::util::GetMillisecondsSinceEpoch () > ri.GetTimestamp () + i2p::data::NETDB_MIN_EXPIRATION_TIMEOUT*1000LL) // 90 minutes
{
LogPrint (eLogError, "NTCP2: RouterInfo is too old in SessionConfirmed");
SendTerminationAndTerminate (eNTCP2Message3Error);
return;
}
auto addr = ri.GetNTCP2Address (false); // any NTCP2 address auto addr = ri.GetNTCP2Address (false); // any NTCP2 address
if (!addr) if (!addr)
{ {
@ -763,6 +747,26 @@ namespace transport
} }
} }
void NTCP2Session::SetSipKeys (const uint8_t * sendSipKey, const uint8_t * receiveSipKey)
{
#if OPENSSL_SIPHASH
m_SendSipKey = EVP_PKEY_new_raw_private_key (EVP_PKEY_SIPHASH, nullptr, sendSipKey, 16);
m_SendMDCtx = EVP_MD_CTX_create ();
EVP_PKEY_CTX *ctx = nullptr;
EVP_DigestSignInit (m_SendMDCtx, &ctx, nullptr, nullptr, m_SendSipKey);
EVP_PKEY_CTX_ctrl (ctx, -1, EVP_PKEY_OP_SIGNCTX, EVP_PKEY_CTRL_SET_DIGEST_SIZE, 8, nullptr);
m_ReceiveSipKey = EVP_PKEY_new_raw_private_key (EVP_PKEY_SIPHASH, nullptr, receiveSipKey, 16);
m_ReceiveMDCtx = EVP_MD_CTX_create ();
ctx = nullptr;
EVP_DigestSignInit (m_ReceiveMDCtx, &ctx, NULL, NULL, m_ReceiveSipKey);
EVP_PKEY_CTX_ctrl (ctx, -1, EVP_PKEY_OP_SIGNCTX, EVP_PKEY_CTRL_SET_DIGEST_SIZE, 8, nullptr);
#else
m_SendSipKey = sendSipKey;
m_ReceiveSipKey = receiveSipKey;
#endif
}
void NTCP2Session::ClientLogin () void NTCP2Session::ClientLogin ()
{ {
SendSessionRequest (); SendSessionRequest ();
@ -793,7 +797,14 @@ namespace transport
} }
else else
{ {
#if OPENSSL_SIPHASH
EVP_DigestSignInit (m_ReceiveMDCtx, nullptr, nullptr, nullptr, nullptr);
EVP_DigestSignUpdate (m_ReceiveMDCtx, m_ReceiveIV.buf, 8);
size_t l = 8;
EVP_DigestSignFinal (m_ReceiveMDCtx, m_ReceiveIV.buf, &l);
#else
i2p::crypto::Siphash<8> (m_ReceiveIV.buf, m_ReceiveIV.buf, 8, m_ReceiveSipKey); i2p::crypto::Siphash<8> (m_ReceiveIV.buf, m_ReceiveIV.buf, 8, m_ReceiveSipKey);
#endif
// m_NextReceivedLen comes from the network in BigEndian // m_NextReceivedLen comes from the network in BigEndian
m_NextReceivedLen = be16toh (m_NextReceivedLen) ^ le16toh (m_ReceiveIV.key); m_NextReceivedLen = be16toh (m_NextReceivedLen) ^ le16toh (m_ReceiveIV.key);
LogPrint (eLogDebug, "NTCP2: received length ", m_NextReceivedLen); LogPrint (eLogDebug, "NTCP2: received length ", m_NextReceivedLen);
@ -801,7 +812,16 @@ namespace transport
{ {
if (m_NextReceivedBuffer) delete[] m_NextReceivedBuffer; if (m_NextReceivedBuffer) delete[] m_NextReceivedBuffer;
m_NextReceivedBuffer = new uint8_t[m_NextReceivedLen]; m_NextReceivedBuffer = new uint8_t[m_NextReceivedLen];
Receive (); boost::system::error_code ec;
size_t moreBytes = m_Socket.available(ec);
if (!ec && moreBytes >= m_NextReceivedLen)
{
// read and process messsage immediately if avaliable
moreBytes = boost::asio::read (m_Socket, boost::asio::buffer(m_NextReceivedBuffer, m_NextReceivedLen), boost::asio::transfer_all (), ec);
HandleReceived (ec, moreBytes);
}
else
Receive ();
} }
else else
{ {
@ -914,7 +934,14 @@ namespace transport
CreateNonce (m_SendSequenceNumber, nonce); m_SendSequenceNumber++; CreateNonce (m_SendSequenceNumber, nonce); m_SendSequenceNumber++;
m_NextSendBuffer = new uint8_t[len + 16 + 2]; m_NextSendBuffer = new uint8_t[len + 16 + 2];
i2p::crypto::AEADChaCha20Poly1305 (payload, len, nullptr, 0, m_SendKey, nonce, m_NextSendBuffer + 2, len + 16, true); i2p::crypto::AEADChaCha20Poly1305 (payload, len, nullptr, 0, m_SendKey, nonce, m_NextSendBuffer + 2, len + 16, true);
#if OPENSSL_SIPHASH
EVP_DigestSignInit (m_SendMDCtx, nullptr, nullptr, nullptr, nullptr);
EVP_DigestSignUpdate (m_SendMDCtx, m_SendIV.buf, 8);
size_t l = 8;
EVP_DigestSignFinal (m_SendMDCtx, m_SendIV.buf, &l);
#else
i2p::crypto::Siphash<8> (m_SendIV.buf, m_SendIV.buf, 8, m_SendSipKey); i2p::crypto::Siphash<8> (m_SendIV.buf, m_SendIV.buf, 8, m_SendSipKey);
#endif
// length must be in BigEndian // length must be in BigEndian
htobe16buf (m_NextSendBuffer, (len + 16) ^ le16toh (m_SendIV.key)); htobe16buf (m_NextSendBuffer, (len + 16) ^ le16toh (m_SendIV.key));
LogPrint (eLogDebug, "NTCP2: sent length ", len + 16); LogPrint (eLogDebug, "NTCP2: sent length ", len + 16);
@ -1028,7 +1055,12 @@ namespace transport
for (auto it: msgs) for (auto it: msgs)
m_SendQueue.push_back (it); m_SendQueue.push_back (it);
if (!m_IsSending) if (!m_IsSending)
SendQueue (); SendQueue ();
else if (m_SendQueue.size () > NTCP2_MAX_OUTGOING_QUEUE_SIZE)
{
LogPrint (eLogWarning, "NTCP2: outgoing messages queue size exceeds ", NTCP2_MAX_OUTGOING_QUEUE_SIZE);
Terminate ();
}
} }
void NTCP2Session::SendLocalRouterInfo () void NTCP2Session::SendLocalRouterInfo ()

23
libi2pd/NTCP2.h
Unescape View File

@ -20,6 +20,7 @@
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <boost/asio.hpp> #include <boost/asio.hpp>
#include "Crypto.h"
#include "util.h" #include "util.h"
#include "RouterInfo.h" #include "RouterInfo.h"
#include "TransportSession.h" #include "TransportSession.h"
@ -38,6 +39,7 @@ namespace transport
const int NTCP2_TERMINATION_CHECK_TIMEOUT = 30; // 30 seconds const int NTCP2_TERMINATION_CHECK_TIMEOUT = 30; // 30 seconds
const int NTCP2_CLOCK_SKEW = 60; // in seconds const int NTCP2_CLOCK_SKEW = 60; // in seconds
const int NTCP2_MAX_OUTGOING_QUEUE_SIZE = 500; // how many messages we can queue up
enum NTCP2BlockType enum NTCP2BlockType
{ {
@ -78,8 +80,7 @@ namespace transport
NTCP2Establisher (); NTCP2Establisher ();
~NTCP2Establisher (); ~NTCP2Establisher ();
const uint8_t * GetPub () const { return m_EphemeralPublicKey; }; const uint8_t * GetPub () const { return m_EphemeralKeys.GetPublicKey (); };
const uint8_t * GetPriv () const { return m_EphemeralPrivateKey; };
const uint8_t * GetRemotePub () const { return m_RemoteEphemeralPublicKey; }; // Y for Alice and X for Bob const uint8_t * GetRemotePub () const { return m_RemoteEphemeralPublicKey; }; // Y for Alice and X for Bob
uint8_t * GetRemotePub () { return m_RemoteEphemeralPublicKey; }; // to set uint8_t * GetRemotePub () { return m_RemoteEphemeralPublicKey; }; // to set
@ -95,7 +96,7 @@ namespace transport
void KDF3Bob (); void KDF3Bob ();
void MixKey (const uint8_t * inputKeyMaterial, uint8_t * derived); void MixKey (const uint8_t * inputKeyMaterial, uint8_t * derived);
void KeyDerivationFunction1 (const uint8_t * pub, const uint8_t * priv, const uint8_t * rs, const uint8_t * epub); // for SessionRequest, (pub, priv) for DH void KeyDerivationFunction1 (const uint8_t * pub, i2p::crypto::X25519Keys& priv, const uint8_t * rs, const uint8_t * epub); // for SessionRequest, (pub, priv) for DH
void KeyDerivationFunction2 (const uint8_t * sessionRequest, size_t sessionRequestLen, const uint8_t * epub); // for SessionCreate void KeyDerivationFunction2 (const uint8_t * sessionRequest, size_t sessionRequestLen, const uint8_t * epub); // for SessionCreate
void CreateEphemeralKey (); void CreateEphemeralKey ();
@ -109,11 +110,8 @@ namespace transport
bool ProcessSessionConfirmedMessagePart1 (const uint8_t * nonce); bool ProcessSessionConfirmedMessagePart1 (const uint8_t * nonce);
bool ProcessSessionConfirmedMessagePart2 (const uint8_t * nonce, uint8_t * m3p2Buf); bool ProcessSessionConfirmedMessagePart2 (const uint8_t * nonce, uint8_t * m3p2Buf);
BN_CTX * m_Ctx; i2p::crypto::X25519Keys m_EphemeralKeys;
uint8_t m_EphemeralPrivateKey[32], m_EphemeralPublicKey[32], m_RemoteEphemeralPublicKey[32]; // x25519 uint8_t m_RemoteEphemeralPublicKey[32]; // x25519
#if OPENSSL_X25519
EVP_PKEY * m_EphemeralPkey;
#endif
uint8_t m_RemoteStaticKey[32], m_IV[16], m_H[32] /*h*/, m_CK[33] /*ck*/, m_K[32] /*k*/; uint8_t m_RemoteStaticKey[32], m_IV[16], m_H[32] /*h*/, m_CK[33] /*ck*/, m_K[32] /*k*/;
i2p::data::IdentHash m_RemoteIdentHash; i2p::data::IdentHash m_RemoteIdentHash;
uint16_t m3p2Len; uint16_t m3p2Len;
@ -151,6 +149,7 @@ namespace transport
void CreateNonce (uint64_t seqn, uint8_t * nonce); void CreateNonce (uint64_t seqn, uint8_t * nonce);
void KeyDerivationFunctionDataPhase (); void KeyDerivationFunctionDataPhase ();
void SetSipKeys (const uint8_t * sendSipKey, const uint8_t * receiveSipKey);
// establish // establish
void SendSessionRequest (); void SendSessionRequest ();
@ -190,7 +189,13 @@ namespace transport
std::unique_ptr<NTCP2Establisher> m_Establisher; std::unique_ptr<NTCP2Establisher> m_Establisher;
// data phase // data phase
uint8_t m_Kab[33], m_Kba[32], m_Sipkeysab[33], m_Sipkeysba[32]; uint8_t m_Kab[33], m_Kba[32], m_Sipkeysab[33], m_Sipkeysba[32];
const uint8_t * m_SendKey, * m_ReceiveKey, * m_SendSipKey, * m_ReceiveSipKey; const uint8_t * m_SendKey, * m_ReceiveKey;
#if OPENSSL_SIPHASH
EVP_PKEY * m_SendSipKey, * m_ReceiveSipKey;
EVP_MD_CTX * m_SendMDCtx, * m_ReceiveMDCtx;
#else
const uint8_t * m_SendSipKey, * m_ReceiveSipKey;
#endif
uint16_t m_NextReceivedLen; uint16_t m_NextReceivedLen;
uint8_t * m_NextReceivedBuffer, * m_NextSendBuffer; uint8_t * m_NextReceivedBuffer, * m_NextSendBuffer;
union union

11
libi2pd/NetDb.cpp
Unescape View File

@ -130,18 +130,17 @@ namespace data
lastDestinationCleanup = ts; lastDestinationCleanup = ts;
} }
if (ts - lastPublish >= NETDB_PUBLISH_INTERVAL && !m_HiddenMode) // publish if (ts - lastPublish >= NETDB_PUBLISH_INTERVAL) // update timestamp and publish
{ {
Publish (); i2p::context.UpdateTimestamp (ts);
if (!m_HiddenMode) Publish ();
lastPublish = ts; lastPublish = ts;
} }
if (ts - lastExploratory >= 30) // exploratory every 30 seconds if (ts - lastExploratory >= 30) // exploratory every 30 seconds
{ {
auto numRouters = m_RouterInfos.size (); auto numRouters = m_RouterInfos.size ();
if (numRouters == 0) if (!numRouters)
{ throw std::runtime_error("No known routers, reseed seems to be totally failed");
throw std::runtime_error("No known routers, reseed seems to be totally failed");
}
else // we have peers now else // we have peers now
m_FloodfillBootstrap = nullptr; m_FloodfillBootstrap = nullptr;
if (numRouters < 2500 || ts - lastExploratory >= 90) if (numRouters < 2500 || ts - lastExploratory >= 90)

2
libi2pd/Reseed.cpp
Unescape View File

@ -219,7 +219,7 @@ namespace data
BN_CTX * bnctx = BN_CTX_new (); BN_CTX * bnctx = BN_CTX_new ();
BIGNUM * s = BN_new (), * n = BN_new (); BIGNUM * s = BN_new (), * n = BN_new ();
BN_bin2bn (signature, signatureLength, s); BN_bin2bn (signature, signatureLength, s);
BN_bin2bn (it->second, i2p::crypto::RSASHA5124096_KEY_LENGTH, n); BN_bin2bn (it->second, 512, n); // RSA 4096 assumed
BN_mod_exp (s, s, i2p::crypto::GetRSAE (), n, bnctx); // s = s^e mod n BN_mod_exp (s, s, i2p::crypto::GetRSAE (), n, bnctx); // s = s^e mod n
uint8_t * enSigBuf = new uint8_t[signatureLength]; uint8_t * enSigBuf = new uint8_t[signatureLength];
i2p::crypto::bn2buf (s, enSigBuf, signatureLength); i2p::crypto::bn2buf (s, enSigBuf, signatureLength);

20
libi2pd/RouterContext.cpp
Unescape View File

@ -497,6 +497,12 @@ namespace i2p
} }
} }
void RouterContext::UpdateTimestamp (uint64_t ts)
{
if (ts > m_LastUpdateTime + ROUTER_INFO_UPDATE_INTERVAL)
UpdateRouterInfo ();
}
bool RouterContext::Load () bool RouterContext::Load ()
{ {
std::ifstream fk (i2p::fs::DataDirPath (ROUTER_KEYS), std::ifstream::in | std::ifstream::binary); std::ifstream fk (i2p::fs::DataDirPath (ROUTER_KEYS), std::ifstream::in | std::ifstream::binary);
@ -620,4 +626,18 @@ namespace i2p
{ {
return m_Decryptor ? m_Decryptor->Decrypt (encrypted, data, ctx, false) : false; return m_Decryptor ? m_Decryptor->Decrypt (encrypted, data, ctx, false) : false;
} }
i2p::crypto::X25519Keys& RouterContext::GetStaticKeys ()
{
if (!m_StaticKeys)
{
if (!m_NTCP2Keys) NewNTCP2Keys ();
auto x = new i2p::crypto::X25519Keys (m_NTCP2Keys->staticPrivateKey, m_NTCP2Keys->staticPublicKey);
if (!m_StaticKeys)
m_StaticKeys.reset (x);
else
delete x;
}
return *m_StaticKeys;
}
} }

5
libi2pd/RouterContext.h
Unescape View File

@ -62,6 +62,7 @@ namespace i2p
const uint8_t * GetNTCP2StaticPublicKey () const { return m_NTCP2Keys ? m_NTCP2Keys->staticPublicKey : nullptr; }; const uint8_t * GetNTCP2StaticPublicKey () const { return m_NTCP2Keys ? m_NTCP2Keys->staticPublicKey : nullptr; };
const uint8_t * GetNTCP2StaticPrivateKey () const { return m_NTCP2Keys ? m_NTCP2Keys->staticPrivateKey : nullptr; }; const uint8_t * GetNTCP2StaticPrivateKey () const { return m_NTCP2Keys ? m_NTCP2Keys->staticPrivateKey : nullptr; };
const uint8_t * GetNTCP2IV () const { return m_NTCP2Keys ? m_NTCP2Keys->iv : nullptr; }; const uint8_t * GetNTCP2IV () const { return m_NTCP2Keys ? m_NTCP2Keys->iv : nullptr; };
i2p::crypto::X25519Keys& GetStaticKeys ();
uint32_t GetUptime () const; uint32_t GetUptime () const;
uint32_t GetStartupTime () const { return m_StartupTime; }; uint32_t GetStartupTime () const { return m_StartupTime; };
@ -102,6 +103,7 @@ namespace i2p
void UpdateNTCPV6Address (const boost::asio::ip::address& host); // called from NTCP session void UpdateNTCPV6Address (const boost::asio::ip::address& host); // called from NTCP session
void UpdateNTCP2V6Address (const boost::asio::ip::address& host); // called from NTCP2 session void UpdateNTCP2V6Address (const boost::asio::ip::address& host); // called from NTCP2 session
void UpdateStats (); void UpdateStats ();
void UpdateTimestamp (uint64_t ts); // in seconds, called from NetDb before publishing
void CleanupDestination (); // garlic destination void CleanupDestination (); // garlic destination
// implements LocalDestination // implements LocalDestination
@ -133,7 +135,7 @@ namespace i2p
i2p::data::RouterInfo m_RouterInfo; i2p::data::RouterInfo m_RouterInfo;
i2p::data::PrivateKeys m_Keys; i2p::data::PrivateKeys m_Keys;
std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> m_Decryptor; std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> m_Decryptor;
uint64_t m_LastUpdateTime; uint64_t m_LastUpdateTime; // in seconds
bool m_AcceptsTunnels, m_IsFloodfill; bool m_AcceptsTunnels, m_IsFloodfill;
uint64_t m_StartupTime; // in seconds since epoch uint64_t m_StartupTime; // in seconds since epoch
uint64_t m_BandwidthLimit; // allowed bandwidth uint64_t m_BandwidthLimit; // allowed bandwidth
@ -143,6 +145,7 @@ namespace i2p
int m_NetID; int m_NetID;
std::mutex m_GarlicMutex; std::mutex m_GarlicMutex;
std::unique_ptr<NTCP2PrivateKeys> m_NTCP2Keys; std::unique_ptr<NTCP2PrivateKeys> m_NTCP2Keys;
std::unique_ptr<i2p::crypto::X25519Keys> m_StaticKeys;
}; };
extern RouterContext context; extern RouterContext context;

8
libi2pd/RouterInfo.cpp
Unescape View File

@ -375,7 +375,7 @@ namespace data
break; break;
case CAPS_FLAG_EXTRA_BANDWIDTH1: case CAPS_FLAG_EXTRA_BANDWIDTH1:
case CAPS_FLAG_EXTRA_BANDWIDTH2: case CAPS_FLAG_EXTRA_BANDWIDTH2:
m_Caps |= Caps::eExtraBandwidth; m_Caps |= Caps::eExtraBandwidth | Caps::eHighBandwidth;
break; break;
case CAPS_FLAG_HIDDEN: case CAPS_FLAG_HIDDEN:
m_Caps |= Caps::eHidden; m_Caps |= Caps::eHidden;
@ -406,16 +406,14 @@ namespace data
if (m_Caps & eExtraBandwidth) caps += (m_Caps & eHighBandwidth) ? if (m_Caps & eExtraBandwidth) caps += (m_Caps & eHighBandwidth) ?
CAPS_FLAG_EXTRA_BANDWIDTH2 : // 'X' CAPS_FLAG_EXTRA_BANDWIDTH2 : // 'X'
CAPS_FLAG_EXTRA_BANDWIDTH1; // 'P' CAPS_FLAG_EXTRA_BANDWIDTH1; // 'P'
caps += CAPS_FLAG_HIGH_BANDWIDTH3; // 'O' else
caps += CAPS_FLAG_HIGH_BANDWIDTH3; // 'O'
caps += CAPS_FLAG_FLOODFILL; // floodfill caps += CAPS_FLAG_FLOODFILL; // floodfill
} }
else else
{ {
if (m_Caps & eExtraBandwidth) if (m_Caps & eExtraBandwidth)
{
caps += (m_Caps & eHighBandwidth) ? CAPS_FLAG_EXTRA_BANDWIDTH2 /* 'X' */ : CAPS_FLAG_EXTRA_BANDWIDTH1; /*'P' */ caps += (m_Caps & eHighBandwidth) ? CAPS_FLAG_EXTRA_BANDWIDTH2 /* 'X' */ : CAPS_FLAG_EXTRA_BANDWIDTH1; /*'P' */
caps += CAPS_FLAG_HIGH_BANDWIDTH3; // 'O'
}
else else
caps += (m_Caps & eHighBandwidth) ? CAPS_FLAG_HIGH_BANDWIDTH3 /* 'O' */: CAPS_FLAG_LOW_BANDWIDTH2 /* 'L' */; // bandwidth caps += (m_Caps & eHighBandwidth) ? CAPS_FLAG_HIGH_BANDWIDTH3 /* 'O' */: CAPS_FLAG_LOW_BANDWIDTH2 /* 'L' */; // bandwidth
} }

71
libi2pd/Signature.cpp
Unescape View File

@ -52,29 +52,7 @@ namespace crypto
} }
#endif #endif
#if OPENSSL_EDDSA EDDSA25519SignerCompat::EDDSA25519SignerCompat (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey)
EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey)
{
m_Pkey = EVP_PKEY_new_raw_private_key (EVP_PKEY_ED25519, NULL, signingPrivateKey, 32);
// TODO: check public key
m_MDCtx = EVP_MD_CTX_create ();
EVP_DigestSignInit (m_MDCtx, NULL, NULL, NULL, m_Pkey);
}
EDDSA25519Signer::~EDDSA25519Signer ()
{
EVP_MD_CTX_destroy (m_MDCtx);
EVP_PKEY_free (m_Pkey);
}
void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const
{
size_t l = 64;
EVP_DigestSign (m_MDCtx, signature, &l, buf, len);
}
#else
EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey)
{ {
// expand key // expand key
Ed25519::ExpandPrivateKey (signingPrivateKey, m_ExpandedPrivateKey); Ed25519::ExpandPrivateKey (signingPrivateKey, m_ExpandedPrivateKey);
@ -94,14 +72,57 @@ namespace crypto
BN_CTX_free (ctx); BN_CTX_free (ctx);
} }
EDDSA25519Signer::~EDDSA25519Signer () EDDSA25519SignerCompat::~EDDSA25519SignerCompat ()
{ {
} }
void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const void EDDSA25519SignerCompat::Sign (const uint8_t * buf, int len, uint8_t * signature) const
{ {
GetEd25519 ()->Sign (m_ExpandedPrivateKey, m_PublicKeyEncoded, buf, len, signature); GetEd25519 ()->Sign (m_ExpandedPrivateKey, m_PublicKeyEncoded, buf, len, signature);
} }
#if OPENSSL_EDDSA
EDDSA25519Signer::EDDSA25519Signer (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey):
m_Fallback (nullptr)
{
m_Pkey = EVP_PKEY_new_raw_private_key (EVP_PKEY_ED25519, NULL, signingPrivateKey, 32);
uint8_t publicKey[EDDSA25519_PUBLIC_KEY_LENGTH];
size_t len = EDDSA25519_PUBLIC_KEY_LENGTH;
EVP_PKEY_get_raw_public_key (m_Pkey, publicKey, &len);
if (memcmp (publicKey, signingPublicKey, EDDSA25519_PUBLIC_KEY_LENGTH))
{
LogPrint (eLogWarning, "EdDSA public key mismatch. Fallback");
EVP_PKEY_free (m_Pkey);
m_Fallback = new EDDSA25519SignerCompat (signingPrivateKey, signingPublicKey);
}
else
{
m_MDCtx = EVP_MD_CTX_create ();
EVP_DigestSignInit (m_MDCtx, NULL, NULL, NULL, m_Pkey);
}
}
EDDSA25519Signer::~EDDSA25519Signer ()
{
if (m_Fallback) delete m_Fallback;
else
{
EVP_MD_CTX_destroy (m_MDCtx);
EVP_PKEY_free (m_Pkey);
}
}
void EDDSA25519Signer::Sign (const uint8_t * buf, int len, uint8_t * signature) const
{
if (m_Fallback) return m_Fallback->Sign (buf, len, signature);
else
{
size_t l = 64;
uint8_t sig[64]; // temporary buffer for signature. openssl issue #7232
EVP_DigestSign (m_MDCtx, sig, &l, buf, len);
memcpy (signature, sig, 64);
}
}
#endif #endif
} }
} }

127
libi2pd/Signature.h
Unescape View File

@ -6,7 +6,6 @@
#include <openssl/dsa.h> #include <openssl/dsa.h>
#include <openssl/ec.h> #include <openssl/ec.h>
#include <openssl/ecdsa.h> #include <openssl/ecdsa.h>
#include <openssl/rsa.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include "Crypto.h" #include "Crypto.h"
#include "Ed25519.h" #include "Ed25519.h"
@ -149,6 +148,7 @@ namespace crypto
enum { hashLen = 64 }; enum { hashLen = 64 };
}; };
// EcDSA
template<typename Hash, int curve, size_t keyLen> template<typename Hash, int curve, size_t keyLen>
class ECDSAVerifier: public Verifier class ECDSAVerifier: public Verifier
{ {
@ -269,97 +269,6 @@ namespace crypto
CreateECDSARandomKeys (NID_secp521r1, ECDSAP521_KEY_LENGTH, signingPrivateKey, signingPublicKey); CreateECDSARandomKeys (NID_secp521r1, ECDSAP521_KEY_LENGTH, signingPrivateKey, signingPublicKey);
} }
// RSA
template<typename Hash, int type, size_t keyLen>
class RSAVerifier: public Verifier
{
public:
RSAVerifier (const uint8_t * signingKey)
{
m_PublicKey = RSA_new ();
RSA_set0_key (m_PublicKey, BN_bin2bn (signingKey, keyLen, NULL) /* n */ , BN_dup (GetRSAE ()) /* d */, NULL);
}
~RSAVerifier ()
{
RSA_free (m_PublicKey);
}
bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const
{
uint8_t digest[Hash::hashLen];
Hash::CalculateHash (buf, len, digest);
return RSA_verify (type, digest, Hash::hashLen, signature, GetSignatureLen (), m_PublicKey);
}
size_t GetPublicKeyLen () const { return keyLen; }
size_t GetSignatureLen () const { return keyLen; }
size_t GetPrivateKeyLen () const { return GetSignatureLen ()*2; };
private:
RSA * m_PublicKey;
};
template<typename Hash, int type, size_t keyLen>
class RSASigner: public Signer
{
public:
RSASigner (const uint8_t * signingPrivateKey)
{
m_PrivateKey = RSA_new ();
RSA_set0_key (m_PrivateKey, BN_bin2bn (signingPrivateKey, keyLen, NULL), /* n */
BN_dup (GetRSAE ()) /* e */, BN_bin2bn (signingPrivateKey + keyLen, keyLen, NULL) /* d */);
}
~RSASigner ()
{
RSA_free (m_PrivateKey);
}
void Sign (const uint8_t * buf, int len, uint8_t * signature) const
{
uint8_t digest[Hash::hashLen];
Hash::CalculateHash (buf, len, digest);
unsigned int signatureLen = keyLen;
RSA_sign (type, digest, Hash::hashLen, signature, &signatureLen, m_PrivateKey);
}
private:
RSA * m_PrivateKey;
};
inline void CreateRSARandomKeys (size_t publicKeyLen, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
{
RSA * rsa = RSA_new ();
BIGNUM * e = BN_dup (GetRSAE ()); // make it non-const
RSA_generate_key_ex (rsa, publicKeyLen*8, e, NULL);
const BIGNUM * n, * d, * e1;
RSA_get0_key (rsa, &n, &e1, &d);
bn2buf (n, signingPrivateKey, publicKeyLen);
bn2buf (d, signingPrivateKey + publicKeyLen, publicKeyLen);
bn2buf (n, signingPublicKey, publicKeyLen);
BN_free (e); // this e is not assigned to rsa->e
RSA_free (rsa);
}
// RSA_SHA256_2048
const size_t RSASHA2562048_KEY_LENGTH = 256;
typedef RSAVerifier<SHA256Hash, NID_sha256, RSASHA2562048_KEY_LENGTH> RSASHA2562048Verifier;
typedef RSASigner<SHA256Hash, NID_sha256, RSASHA2562048_KEY_LENGTH> RSASHA2562048Signer;
// RSA_SHA384_3072
const size_t RSASHA3843072_KEY_LENGTH = 384;
typedef RSAVerifier<SHA384Hash, NID_sha384, RSASHA3843072_KEY_LENGTH> RSASHA3843072Verifier;
typedef RSASigner<SHA384Hash, NID_sha384, RSASHA3843072_KEY_LENGTH> RSASHA3843072Signer;
// RSA_SHA512_4096
const size_t RSASHA5124096_KEY_LENGTH = 512;
typedef RSAVerifier<SHA512Hash, NID_sha512, RSASHA5124096_KEY_LENGTH> RSASHA5124096Verifier;
typedef RSASigner<SHA512Hash, NID_sha512, RSASHA5124096_KEY_LENGTH> RSASHA5124096Signer;
// EdDSA // EdDSA
class EDDSA25519Verifier: public Verifier class EDDSA25519Verifier: public Verifier
@ -385,6 +294,24 @@ namespace crypto
#endif #endif
}; };
class EDDSA25519SignerCompat: public Signer
{
public:
EDDSA25519SignerCompat (const uint8_t * signingPrivateKey, const uint8_t * signingPublicKey = nullptr);
// we pass signingPublicKey to check if it matches private key
~EDDSA25519SignerCompat ();
void Sign (const uint8_t * buf, int len, uint8_t * signature) const;
const uint8_t * GetPublicKey () const { return m_PublicKeyEncoded; }; // for keys creation
private:
uint8_t m_ExpandedPrivateKey[64];
uint8_t m_PublicKeyEncoded[EDDSA25519_PUBLIC_KEY_LENGTH];
};
#if OPENSSL_EDDSA
class EDDSA25519Signer: public Signer class EDDSA25519Signer: public Signer
{ {
public: public:
@ -394,20 +321,18 @@ namespace crypto
~EDDSA25519Signer (); ~EDDSA25519Signer ();
void Sign (const uint8_t * buf, int len, uint8_t * signature) const; void Sign (const uint8_t * buf, int len, uint8_t * signature) const;
#if !OPENSSL_EDDSA
const uint8_t * GetPublicKey () const { return m_PublicKeyEncoded; }; // for keys creation
#endif
private: private:
#if OPENSSL_EDDSA
EVP_PKEY * m_Pkey; EVP_PKEY * m_Pkey;
EVP_MD_CTX * m_MDCtx; EVP_MD_CTX * m_MDCtx;
#else EDDSA25519SignerCompat * m_Fallback;
uint8_t m_ExpandedPrivateKey[64];
uint8_t m_PublicKeyEncoded[EDDSA25519_PUBLIC_KEY_LENGTH];
#endif
}; };
#else
typedef EDDSA25519SignerCompat EDDSA25519Signer;
#endif
inline void CreateEDDSA25519RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey) inline void CreateEDDSA25519RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
{ {
#if OPENSSL_EDDSA #if OPENSSL_EDDSA

4
libi2pd/version.h
Unescape View File

@ -7,7 +7,7 @@
#define MAKE_VERSION(a,b,c) STRINGIZE(a) "." STRINGIZE(b) "." STRINGIZE(c) #define MAKE_VERSION(a,b,c) STRINGIZE(a) "." STRINGIZE(b) "." STRINGIZE(c)
#define I2PD_VERSION_MAJOR 2 #define I2PD_VERSION_MAJOR 2
#define I2PD_VERSION_MINOR 20 #define I2PD_VERSION_MINOR 21
#define I2PD_VERSION_MICRO 0 #define I2PD_VERSION_MICRO 0
#define I2PD_VERSION_PATCH 0 #define I2PD_VERSION_PATCH 0
#define I2PD_VERSION MAKE_VERSION(I2PD_VERSION_MAJOR, I2PD_VERSION_MINOR, I2PD_VERSION_MICRO) #define I2PD_VERSION MAKE_VERSION(I2PD_VERSION_MAJOR, I2PD_VERSION_MINOR, I2PD_VERSION_MICRO)
@ -21,7 +21,7 @@
#define I2P_VERSION_MAJOR 0 #define I2P_VERSION_MAJOR 0
#define I2P_VERSION_MINOR 9 #define I2P_VERSION_MINOR 9
#define I2P_VERSION_MICRO 36 #define I2P_VERSION_MICRO 37
#define I2P_VERSION_PATCH 0 #define I2P_VERSION_PATCH 0
#define I2P_VERSION MAKE_VERSION(I2P_VERSION_MAJOR, I2P_VERSION_MINOR, I2P_VERSION_MICRO) #define I2P_VERSION MAKE_VERSION(I2P_VERSION_MAJOR, I2P_VERSION_MINOR, I2P_VERSION_MICRO)

4
qt/i2pd_qt/TunnelConfig.cpp
Unescape View File

@ -31,16 +31,15 @@ void ClientTunnelConfig::saveToStringStream(std::stringstream& out) {
out << "address=" << address << "\n" out << "address=" << address << "\n"
<< "port=" << port << "\n" << "port=" << port << "\n"
<< "destination=" << dest << "\n" << "destination=" << dest << "\n"
<< "keys=" << keys << "\n"
<< "destinationport=" << destinationPort << "\n" << "destinationport=" << destinationPort << "\n"
<< "signaturetype=" << sigType << "\n"; << "signaturetype=" << sigType << "\n";
if(!keys.empty()) out << "keys=" << keys << "\n";
} }
void ServerTunnelConfig::saveToStringStream(std::stringstream& out) { void ServerTunnelConfig::saveToStringStream(std::stringstream& out) {
out << "host=" << host << "\n" out << "host=" << host << "\n"
<< "port=" << port << "\n" << "port=" << port << "\n"
<< "keys=" << keys << "\n"
<< "signaturetype=" << sigType << "\n" << "signaturetype=" << sigType << "\n"
<< "inport=" << inPort << "\n" << "inport=" << inPort << "\n"
<< "accesslist=" << accessList << "\n" << "accesslist=" << accessList << "\n"
@ -49,5 +48,6 @@ void ServerTunnelConfig::saveToStringStream(std::stringstream& out) {
<< "address=" << address << "\n" << "address=" << address << "\n"
<< "hostoverride=" << hostOverride << "\n" << "hostoverride=" << hostOverride << "\n"
<< "webircpassword=" << webircpass << "\n"; << "webircpassword=" << webircpass << "\n";
if(!keys.empty()) out << "keys=" << keys << "\n";
} }

2
qt/i2pd_qt/android/AndroidManifest.xml
Unescape View File

@ -1,5 +1,5 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<manifest package="org.purplei2p.i2pd" xmlns:android="http://schemas.android.com/apk/res/android" android:versionName="2.20.0" android:versionCode="1" android:installLocation="auto"> <manifest package="org.purplei2p.i2pd" xmlns:android="http://schemas.android.com/apk/res/android" android:versionName="2.21.0" android:versionCode="1" android:installLocation="auto">
<uses-sdk android:minSdkVersion="11" android:targetSdkVersion="23"/> <uses-sdk android:minSdkVersion="11" android:targetSdkVersion="23"/>
<supports-screens android:largeScreens="true" android:normalScreens="true" android:anyDensity="true" android:smallScreens="true"/> <supports-screens android:largeScreens="true" android:normalScreens="true" android:anyDensity="true" android:smallScreens="true"/>
<!-- <application android:hardwareAccelerated="true" --> <!-- <application android:hardwareAccelerated="true" -->

637
qt/i2pd_qt/i2pd_qt.pro
Unescape View File

@ -1,318 +1,319 @@
QT += core gui QT += core gui
greaterThan(QT_MAJOR_VERSION, 4): QT += widgets greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
TARGET = i2pd_qt TARGET = i2pd_qt
TEMPLATE = app TEMPLATE = app
QMAKE_CXXFLAGS *= -std=c++11 -ggdb QMAKE_CXXFLAGS *= -std=c++11 -ggdb
DEFINES += USE_UPNP DEFINES += USE_UPNP
# change to your own path, where you will store all needed libraries with 'git clone' commands below. # change to your own path, where you will store all needed libraries with 'git clone' commands below.
MAIN_PATH = /path/to/libraries MAIN_PATH = /path/to/libraries
# git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git # git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git
# git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git # git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git
# git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git # git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
# git clone https://github.com/PurpleI2P/android-ifaddrs.git # git clone https://github.com/PurpleI2P/android-ifaddrs.git
BOOST_PATH = $$MAIN_PATH/Boost-for-Android-Prebuilt BOOST_PATH = $$MAIN_PATH/Boost-for-Android-Prebuilt
OPENSSL_PATH = $$MAIN_PATH/OpenSSL-for-Android-Prebuilt OPENSSL_PATH = $$MAIN_PATH/OpenSSL-for-Android-Prebuilt
MINIUPNP_PATH = $$MAIN_PATH/MiniUPnP-for-Android-Prebuilt MINIUPNP_PATH = $$MAIN_PATH/MiniUPnP-for-Android-Prebuilt
IFADDRS_PATH = $$MAIN_PATH/android-ifaddrs IFADDRS_PATH = $$MAIN_PATH/android-ifaddrs
# Steps in Android SDK manager: # Steps in Android SDK manager:
# 1) Check Extras/Google Support Library https://developer.android.com/topic/libraries/support-library/setup.html # 1) Check Extras/Google Support Library https://developer.android.com/topic/libraries/support-library/setup.html
# 2) Check API 11 # 2) Check API 11
# Finally, click Install. # Finally, click Install.
SOURCES += DaemonQT.cpp mainwindow.cpp \ SOURCES += DaemonQT.cpp mainwindow.cpp \
../../libi2pd/api.cpp \ ../../libi2pd/api.cpp \
../../libi2pd/Base.cpp \ ../../libi2pd/Base.cpp \
../../libi2pd/BloomFilter.cpp \ ../../libi2pd/BloomFilter.cpp \
../../libi2pd/Config.cpp \ ../../libi2pd/Config.cpp \
../../libi2pd/CPU.cpp \ ../../libi2pd/CPU.cpp \
../../libi2pd/Crypto.cpp \ ../../libi2pd/Crypto.cpp \
../../libi2pd/CryptoKey.cpp \ ../../libi2pd/CryptoKey.cpp \
../../libi2pd/Datagram.cpp \ ../../libi2pd/Datagram.cpp \
../../libi2pd/Destination.cpp \ ../../libi2pd/Destination.cpp \
../../libi2pd/Event.cpp \ ../../libi2pd/Event.cpp \
../../libi2pd/Family.cpp \ ../../libi2pd/Family.cpp \
../../libi2pd/FS.cpp \ ../../libi2pd/FS.cpp \
../../libi2pd/Garlic.cpp \ ../../libi2pd/Garlic.cpp \
../../libi2pd/Gost.cpp \ ../../libi2pd/Gost.cpp \
../../libi2pd/Gzip.cpp \ ../../libi2pd/Gzip.cpp \
../../libi2pd/HTTP.cpp \ ../../libi2pd/HTTP.cpp \
../../libi2pd/I2NPProtocol.cpp \ ../../libi2pd/I2NPProtocol.cpp \
../../libi2pd/I2PEndian.cpp \ ../../libi2pd/I2PEndian.cpp \
../../libi2pd/Identity.cpp \ ../../libi2pd/Identity.cpp \
../../libi2pd/LeaseSet.cpp \ ../../libi2pd/LeaseSet.cpp \
../../libi2pd/Log.cpp \ ../../libi2pd/Log.cpp \
../../libi2pd/NetDb.cpp \ ../../libi2pd/NetDb.cpp \
../../libi2pd/NetDbRequests.cpp \ ../../libi2pd/NetDbRequests.cpp \
../../libi2pd/NTCPSession.cpp \ ../../libi2pd/NTCPSession.cpp \
../../libi2pd/Profiling.cpp \ ../../libi2pd/Profiling.cpp \
../../libi2pd/Reseed.cpp \ ../../libi2pd/Reseed.cpp \
../../libi2pd/RouterContext.cpp \ ../../libi2pd/RouterContext.cpp \
../../libi2pd/RouterInfo.cpp \ ../../libi2pd/RouterInfo.cpp \
../../libi2pd/Signature.cpp \ ../../libi2pd/Signature.cpp \
../../libi2pd/SSU.cpp \ ../../libi2pd/SSU.cpp \
../../libi2pd/SSUData.cpp \ ../../libi2pd/SSUData.cpp \
../../libi2pd/SSUSession.cpp \ ../../libi2pd/SSUSession.cpp \
../../libi2pd/Streaming.cpp \ ../../libi2pd/Streaming.cpp \
../../libi2pd/Timestamp.cpp \ ../../libi2pd/Timestamp.cpp \
../../libi2pd/TransitTunnel.cpp \ ../../libi2pd/TransitTunnel.cpp \
../../libi2pd/Transports.cpp \ ../../libi2pd/Transports.cpp \
../../libi2pd/Tunnel.cpp \ ../../libi2pd/Tunnel.cpp \
../../libi2pd/TunnelEndpoint.cpp \ ../../libi2pd/TunnelEndpoint.cpp \
../../libi2pd/TunnelGateway.cpp \ ../../libi2pd/TunnelGateway.cpp \
../../libi2pd/TunnelPool.cpp \ ../../libi2pd/TunnelPool.cpp \
../../libi2pd/util.cpp \ ../../libi2pd/util.cpp \
../../libi2pd/Ed25519.cpp \ ../../libi2pd/Ed25519.cpp \
../../libi2pd/Chacha20.cpp \ ../../libi2pd/Chacha20.cpp \
../../libi2pd/Poly1305.cpp \ ../../libi2pd/Poly1305.cpp \
../../libi2pd_client/AddressBook.cpp \ ../../libi2pd_client/AddressBook.cpp \
../../libi2pd_client/BOB.cpp \ ../../libi2pd_client/BOB.cpp \
../../libi2pd_client/ClientContext.cpp \ ../../libi2pd_client/ClientContext.cpp \
../../libi2pd_client/HTTPProxy.cpp \ ../../libi2pd_client/HTTPProxy.cpp \
../../libi2pd_client/I2CP.cpp \ ../../libi2pd_client/I2CP.cpp \
../../libi2pd_client/I2PService.cpp \ ../../libi2pd_client/I2PService.cpp \
../../libi2pd_client/I2PTunnel.cpp \ ../../libi2pd_client/I2PTunnel.cpp \
../../libi2pd_client/MatchedDestination.cpp \ ../../libi2pd_client/MatchedDestination.cpp \
../../libi2pd_client/SAM.cpp \ ../../libi2pd_client/SAM.cpp \
../../libi2pd_client/SOCKS.cpp \ ../../libi2pd_client/SOCKS.cpp \
../../libi2pd_client/Websocket.cpp \ ../../libi2pd_client/Websocket.cpp \
../../libi2pd_client/WebSocks.cpp \ ../../libi2pd_client/WebSocks.cpp \
ClientTunnelPane.cpp \ ClientTunnelPane.cpp \
MainWindowItems.cpp \ MainWindowItems.cpp \
ServerTunnelPane.cpp \ ServerTunnelPane.cpp \
SignatureTypeComboboxFactory.cpp \ SignatureTypeComboboxFactory.cpp \
TunnelConfig.cpp \ TunnelConfig.cpp \
TunnelPane.cpp \ TunnelPane.cpp \
../../daemon/Daemon.cpp \ ../../daemon/Daemon.cpp \
../../daemon/HTTPServer.cpp \ ../../daemon/HTTPServer.cpp \
../../daemon/i2pd.cpp \ ../../daemon/i2pd.cpp \
../../daemon/I2PControl.cpp \ ../../daemon/I2PControl.cpp \
../../daemon/UnixDaemon.cpp \ ../../daemon/UnixDaemon.cpp \
../../daemon/UPnP.cpp \ ../../daemon/UPnP.cpp \
textbrowsertweaked1.cpp \ textbrowsertweaked1.cpp \
pagewithbackbutton.cpp \ pagewithbackbutton.cpp \
widgetlock.cpp \ widgetlock.cpp \
widgetlockregistry.cpp \ widgetlockregistry.cpp \
logviewermanager.cpp logviewermanager.cpp \
../../libi2pd/NTCP2.cpp
#qt creator does not handle this well
#SOURCES += $$files(../../libi2pd/*.cpp) #qt creator does not handle this well
#SOURCES += $$files(../../libi2pd_client/*.cpp) #SOURCES += $$files(../../libi2pd/*.cpp)
#SOURCES += $$files(../../daemon/*.cpp) #SOURCES += $$files(../../libi2pd_client/*.cpp)
#SOURCES += $$files(./*.cpp) #SOURCES += $$files(../../daemon/*.cpp)
#SOURCES += $$files(./*.cpp)
SOURCES -= ../../daemon/UnixDaemon.cpp
SOURCES -= ../../daemon/UnixDaemon.cpp
HEADERS += DaemonQT.h mainwindow.h \
../../libi2pd/api.h \ HEADERS += DaemonQT.h mainwindow.h \
../../libi2pd/Base.h \ ../../libi2pd/api.h \
../../libi2pd/BloomFilter.h \ ../../libi2pd/Base.h \
../../libi2pd/Config.h \ ../../libi2pd/BloomFilter.h \
../../libi2pd/Crypto.h \ ../../libi2pd/Config.h \
../../libi2pd/CryptoKey.h \ ../../libi2pd/Crypto.h \
../../libi2pd/Datagram.h \ ../../libi2pd/CryptoKey.h \
../../libi2pd/Destination.h \ ../../libi2pd/Datagram.h \
../../libi2pd/Event.h \ ../../libi2pd/Destination.h \
../../libi2pd/Family.h \ ../../libi2pd/Event.h \
../../libi2pd/FS.h \ ../../libi2pd/Family.h \
../../libi2pd/Garlic.h \ ../../libi2pd/FS.h \
../../libi2pd/Gost.h \ ../../libi2pd/Garlic.h \
../../libi2pd/Gzip.h \ ../../libi2pd/Gost.h \
../../libi2pd/HTTP.h \ ../../libi2pd/Gzip.h \
../../libi2pd/I2NPProtocol.h \ ../../libi2pd/HTTP.h \
../../libi2pd/I2PEndian.h \ ../../libi2pd/I2NPProtocol.h \
../../libi2pd/Identity.h \ ../../libi2pd/I2PEndian.h \
../../libi2pd/LeaseSet.h \ ../../libi2pd/Identity.h \
../../libi2pd/LittleBigEndian.h \ ../../libi2pd/LeaseSet.h \
../../libi2pd/Log.h \ ../../libi2pd/LittleBigEndian.h \
../../libi2pd/NetDb.hpp \ ../../libi2pd/Log.h \
../../libi2pd/NetDbRequests.h \ ../../libi2pd/NetDb.hpp \
../../libi2pd/NTCPSession.h \ ../../libi2pd/NetDbRequests.h \
../../libi2pd/Profiling.h \ ../../libi2pd/NTCPSession.h \
../../libi2pd/Queue.h \ ../../libi2pd/Profiling.h \
../../libi2pd/Reseed.h \ ../../libi2pd/Queue.h \
../../libi2pd/RouterContext.h \ ../../libi2pd/Reseed.h \
../../libi2pd/RouterInfo.h \ ../../libi2pd/RouterContext.h \
../../libi2pd/Signature.h \ ../../libi2pd/RouterInfo.h \
../../libi2pd/SSU.h \ ../../libi2pd/Signature.h \
../../libi2pd/SSUData.h \ ../../libi2pd/SSU.h \
../../libi2pd/SSUSession.h \ ../../libi2pd/SSUData.h \
../../libi2pd/Streaming.h \ ../../libi2pd/SSUSession.h \
../../libi2pd/Tag.h \ ../../libi2pd/Streaming.h \
../../libi2pd/Timestamp.h \ ../../libi2pd/Tag.h \
../../libi2pd/TransitTunnel.h \ ../../libi2pd/Timestamp.h \
../../libi2pd/Transports.h \ ../../libi2pd/TransitTunnel.h \
../../libi2pd/TransportSession.h \ ../../libi2pd/Transports.h \
../../libi2pd/Tunnel.h \ ../../libi2pd/TransportSession.h \
../../libi2pd/TunnelBase.h \ ../../libi2pd/Tunnel.h \
../../libi2pd/TunnelConfig.h \ ../../libi2pd/TunnelBase.h \
../../libi2pd/TunnelEndpoint.h \ ../../libi2pd/TunnelConfig.h \
../../libi2pd/TunnelGateway.h \ ../../libi2pd/TunnelEndpoint.h \
../../libi2pd/TunnelPool.h \ ../../libi2pd/TunnelGateway.h \
../../libi2pd/util.h \ ../../libi2pd/TunnelPool.h \
../../libi2pd/version.h \ ../../libi2pd/util.h \
../../libi2pd_client/AddressBook.h \ ../../libi2pd/version.h \
../../libi2pd_client/BOB.h \ ../../libi2pd_client/AddressBook.h \
../../libi2pd_client/ClientContext.h \ ../../libi2pd_client/BOB.h \
../../libi2pd_client/HTTPProxy.h \ ../../libi2pd_client/ClientContext.h \
../../libi2pd_client/I2CP.h \ ../../libi2pd_client/HTTPProxy.h \
../../libi2pd_client/I2PService.h \ ../../libi2pd_client/I2CP.h \
../../libi2pd_client/I2PTunnel.h \ ../../libi2pd_client/I2PService.h \
../../libi2pd_client/MatchedDestination.h \ ../../libi2pd_client/I2PTunnel.h \
../../libi2pd_client/SAM.h \ ../../libi2pd_client/MatchedDestination.h \
../../libi2pd_client/SOCKS.h \ ../../libi2pd_client/SAM.h \
../../libi2pd_client/Websocket.h \ ../../libi2pd_client/SOCKS.h \
../../libi2pd_client/WebSocks.h \ ../../libi2pd_client/Websocket.h \
ClientTunnelPane.h \ ../../libi2pd_client/WebSocks.h \
MainWindowItems.h \ ClientTunnelPane.h \
ServerTunnelPane.h \ MainWindowItems.h \
SignatureTypeComboboxFactory.h \ ServerTunnelPane.h \
TunnelConfig.h \ SignatureTypeComboboxFactory.h \
TunnelPane.h \ TunnelConfig.h \
TunnelsPageUpdateListener.h \ TunnelPane.h \
../../daemon/Daemon.h \ TunnelsPageUpdateListener.h \
../../daemon/HTTPServer.h \ ../../daemon/Daemon.h \
../../daemon/I2PControl.h \ ../../daemon/HTTPServer.h \
../../daemon/UPnP.h \ ../../daemon/I2PControl.h \
textbrowsertweaked1.h \ ../../daemon/UPnP.h \
pagewithbackbutton.h \ textbrowsertweaked1.h \
widgetlock.h \ pagewithbackbutton.h \
widgetlockregistry.h \ widgetlock.h \
i2pd.rc \ widgetlockregistry.h \
i2pd.rc \ i2pd.rc \
logviewermanager.h i2pd.rc \
logviewermanager.h
INCLUDEPATH += ../../libi2pd
INCLUDEPATH += ../../libi2pd_client INCLUDEPATH += ../../libi2pd
INCLUDEPATH += ../../daemon INCLUDEPATH += ../../libi2pd_client
INCLUDEPATH += . INCLUDEPATH += ../../daemon
INCLUDEPATH += .
FORMS += mainwindow.ui \
tunnelform.ui \ FORMS += mainwindow.ui \
statusbuttons.ui \ tunnelform.ui \
routercommandswidget.ui \ statusbuttons.ui \
generalsettingswidget.ui routercommandswidget.ui \
generalsettingswidget.ui
LIBS += -lz
LIBS += -lz
macx {
message("using mac os x target") macx {
BREWROOT=/usr/local message("using mac os x target")
BOOSTROOT=$$BREWROOT/opt/boost BREWROOT=/usr/local
SSLROOT=$$BREWROOT/opt/libressl BOOSTROOT=$$BREWROOT/opt/boost
UPNPROOT=$$BREWROOT/opt/miniupnpc SSLROOT=$$BREWROOT/opt/libressl
INCLUDEPATH += $$BOOSTROOT/include UPNPROOT=$$BREWROOT/opt/miniupnpc
INCLUDEPATH += $$SSLROOT/include INCLUDEPATH += $$BOOSTROOT/include
INCLUDEPATH += $$UPNPROOT/include INCLUDEPATH += $$SSLROOT/include
LIBS += $$SSLROOT/lib/libcrypto.a INCLUDEPATH += $$UPNPROOT/include
LIBS += $$SSLROOT/lib/libssl.a LIBS += $$SSLROOT/lib/libcrypto.a
LIBS += $$BOOSTROOT/lib/libboost_system.a LIBS += $$SSLROOT/lib/libssl.a
LIBS += $$BOOSTROOT/lib/libboost_date_time.a LIBS += $$BOOSTROOT/lib/libboost_system.a
LIBS += $$BOOSTROOT/lib/libboost_filesystem.a LIBS += $$BOOSTROOT/lib/libboost_date_time.a
LIBS += $$BOOSTROOT/lib/libboost_program_options.a LIBS += $$BOOSTROOT/lib/libboost_filesystem.a
LIBS += $$UPNPROOT/lib/libminiupnpc.a LIBS += $$BOOSTROOT/lib/libboost_program_options.a
} LIBS += $$UPNPROOT/lib/libminiupnpc.a
}
android {
message("Using Android settings") android {
DEFINES += ANDROID=1 message("Using Android settings")
DEFINES += __ANDROID__ DEFINES += ANDROID=1
DEFINES += __ANDROID__
CONFIG += mobility
CONFIG += mobility
MOBILITY =
MOBILITY =
INCLUDEPATH += $$BOOST_PATH/boost_1_53_0/include \
$$OPENSSL_PATH/openssl-1.0.2/include \ INCLUDEPATH += $$BOOST_PATH/boost_1_53_0/include \
$$MINIUPNP_PATH/miniupnp-2.0/include \ $$OPENSSL_PATH/openssl-1.0.2/include \
$$IFADDRS_PATH $$MINIUPNP_PATH/miniupnp-2.0/include \
DISTFILES += android/AndroidManifest.xml $$IFADDRS_PATH
DISTFILES += android/AndroidManifest.xml
ANDROID_PACKAGE_SOURCE_DIR = $$PWD/android
ANDROID_PACKAGE_SOURCE_DIR = $$PWD/android
SOURCES += $$IFADDRS_PATH/ifaddrs.c
HEADERS += $$IFADDRS_PATH/ifaddrs.h SOURCES += $$IFADDRS_PATH/ifaddrs.c
HEADERS += $$IFADDRS_PATH/ifaddrs.h
equals(ANDROID_TARGET_ARCH, armeabi-v7a){
DEFINES += ANDROID_ARM7A equals(ANDROID_TARGET_ARCH, armeabi-v7a){
# http://stackoverflow.com/a/30235934/529442 DEFINES += ANDROID_ARM7A
LIBS += -L$$BOOST_PATH/boost_1_53_0/armeabi-v7a/lib \ # http://stackoverflow.com/a/30235934/529442
-lboost_system-gcc-mt-1_53 -lboost_date_time-gcc-mt-1_53 \ LIBS += -L$$BOOST_PATH/boost_1_53_0/armeabi-v7a/lib \
-lboost_filesystem-gcc-mt-1_53 -lboost_program_options-gcc-mt-1_53 \ -lboost_system-gcc-mt-1_53 -lboost_date_time-gcc-mt-1_53 \
-L$$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/ -lcrypto -lssl \ -lboost_filesystem-gcc-mt-1_53 -lboost_program_options-gcc-mt-1_53 \
-L$$MINIUPNP_PATH/miniupnp-2.0/armeabi-v7a/lib/ -lminiupnpc -L$$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/ -lcrypto -lssl \
-L$$MINIUPNP_PATH/miniupnp-2.0/armeabi-v7a/lib/ -lminiupnpc
PRE_TARGETDEPS += $$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libcrypto.a \
$$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libssl.a PRE_TARGETDEPS += $$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libcrypto.a \
DEPENDPATH += $$OPENSSL_PATH/openssl-1.0.2/include $$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libssl.a
DEPENDPATH += $$OPENSSL_PATH/openssl-1.0.2/include
ANDROID_EXTRA_LIBS += $$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libcrypto_1_0_0.so \
$$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libssl_1_0_0.so \ ANDROID_EXTRA_LIBS += $$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libcrypto_1_0_0.so \
$$MINIUPNP_PATH/miniupnp-2.0/armeabi-v7a/lib/libminiupnpc.so $$OPENSSL_PATH/openssl-1.0.2/armeabi-v7a/lib/libssl_1_0_0.so \
} $$MINIUPNP_PATH/miniupnp-2.0/armeabi-v7a/lib/libminiupnpc.so
}
equals(ANDROID_TARGET_ARCH, x86){
# http://stackoverflow.com/a/30235934/529442 equals(ANDROID_TARGET_ARCH, x86){
LIBS += -L$$BOOST_PATH/boost_1_53_0/x86/lib \ # http://stackoverflow.com/a/30235934/529442
-lboost_system-gcc-mt-1_53 -lboost_date_time-gcc-mt-1_53 \ LIBS += -L$$BOOST_PATH/boost_1_53_0/x86/lib \
-lboost_filesystem-gcc-mt-1_53 -lboost_program_options-gcc-mt-1_53 \ -lboost_system-gcc-mt-1_53 -lboost_date_time-gcc-mt-1_53 \
-L$$OPENSSL_PATH/openssl-1.0.2/x86/lib/ -lcrypto -lssl \ -lboost_filesystem-gcc-mt-1_53 -lboost_program_options-gcc-mt-1_53 \
-L$$MINIUPNP_PATH/miniupnp-2.0/x86/lib/ -lminiupnpc -L$$OPENSSL_PATH/openssl-1.0.2/x86/lib/ -lcrypto -lssl \
-L$$MINIUPNP_PATH/miniupnp-2.0/x86/lib/ -lminiupnpc
PRE_TARGETDEPS += $$OPENSSL_PATH/openssl-1.0.2/x86/lib/libcrypto.a \
$$OPENSSL_PATH/openssl-1.0.2/x86/lib/libssl.a PRE_TARGETDEPS += $$OPENSSL_PATH/openssl-1.0.2/x86/lib/libcrypto.a \
$$OPENSSL_PATH/openssl-1.0.2/x86/lib/libssl.a
DEPENDPATH += $$OPENSSL_PATH/openssl-1.0.2/include
DEPENDPATH += $$OPENSSL_PATH/openssl-1.0.2/include
ANDROID_EXTRA_LIBS += $$OPENSSL_PATH/openssl-1.0.2/x86/lib/libcrypto_1_0_0.so \
$$OPENSSL_PATH/openssl-1.0.2/x86/lib/libssl_1_0_0.so \ ANDROID_EXTRA_LIBS += $$OPENSSL_PATH/openssl-1.0.2/x86/lib/libcrypto_1_0_0.so \
$$MINIUPNP_PATH/miniupnp-2.0/x86/lib/libminiupnpc.so $$OPENSSL_PATH/openssl-1.0.2/x86/lib/libssl_1_0_0.so \
} $$MINIUPNP_PATH/miniupnp-2.0/x86/lib/libminiupnpc.so
} }
}
linux:!android {
message("Using Linux settings") linux:!android {
LIBS += -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread -lminiupnpc message("Using Linux settings")
} LIBS += -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread -lminiupnpc
}
windows {
message("Using Windows settings") windows {
RC_FILE = i2pd.rc message("Using Windows settings")
DEFINES += BOOST_USE_WINDOWS_H WINDOWS _WINDOWS WIN32_LEAN_AND_MEAN MINIUPNP_STATICLIB RC_FILE = i2pd.rc
DEFINES -= UNICODE _UNICODE DEFINES += BOOST_USE_WINDOWS_H WINDOWS _WINDOWS WIN32_LEAN_AND_MEAN MINIUPNP_STATICLIB
BOOST_SUFFIX = -mt DEFINES -= UNICODE _UNICODE
QMAKE_CXXFLAGS_RELEASE = -Os BOOST_SUFFIX = -mt
QMAKE_LFLAGS = -Wl,-Bstatic -static-libgcc -static-libstdc++ -mwindows QMAKE_CXXFLAGS_RELEASE = -Os
QMAKE_LFLAGS = -Wl,-Bstatic -static-libgcc -static-libstdc++ -mwindows
#linker's -s means "strip"
QMAKE_LFLAGS_RELEASE += -s #linker's -s means "strip"
QMAKE_LFLAGS_RELEASE += -s
LIBS = -lminiupnpc \
-lboost_system$$BOOST_SUFFIX \ LIBS = -lminiupnpc \
-lboost_date_time$$BOOST_SUFFIX \ -lboost_system$$BOOST_SUFFIX \
-lboost_filesystem$$BOOST_SUFFIX \ -lboost_date_time$$BOOST_SUFFIX \
-lboost_program_options$$BOOST_SUFFIX \ -lboost_filesystem$$BOOST_SUFFIX \
-lssl \ -lboost_program_options$$BOOST_SUFFIX \
-lcrypto \ -lssl \
-lz \ -lcrypto \
-lwsock32 \ -lz \
-lws2_32 \ -lwsock32 \
-lgdi32 \ -lws2_32 \
-liphlpapi \ -lgdi32 \
-lstdc++ \ -liphlpapi \
-lpthread -lstdc++ \
} -lpthread
}
!android:!symbian:!maemo5:!simulator {
message("Build with a system tray icon") !android:!symbian:!maemo5:!simulator {
# see also http://doc.qt.io/qt-4.8/qt-desktop-systray-systray-pro.html for example on wince* message("Build with a system tray icon")
#sources.files = $$SOURCES $$HEADERS $$RESOURCES $$FORMS i2pd_qt.pro resources images # see also http://doc.qt.io/qt-4.8/qt-desktop-systray-systray-pro.html for example on wince*
RESOURCES = i2pd.qrc #sources.files = $$SOURCES $$HEADERS $$RESOURCES $$FORMS i2pd_qt.pro resources images
QT += xml RESOURCES = i2pd.qrc
#INSTALLS += sources QT += xml
} #INSTALLS += sources
}

2
qt/i2pd_qt/mainwindow.h
Unescape View File

@ -726,8 +726,8 @@ private:
// mandatory params // mandatory params
std::string host = section.second.get<std::string> (I2P_SERVER_TUNNEL_HOST); std::string host = section.second.get<std::string> (I2P_SERVER_TUNNEL_HOST);
int port = section.second.get<int> (I2P_SERVER_TUNNEL_PORT); int port = section.second.get<int> (I2P_SERVER_TUNNEL_PORT);
std::string keys = section.second.get<std::string> (I2P_SERVER_TUNNEL_KEYS);
// optional params // optional params
std::string keys = section.second.get<std::string> (I2P_SERVER_TUNNEL_KEYS, "");
int inPort = section.second.get (I2P_SERVER_TUNNEL_INPORT, 0); int inPort = section.second.get (I2P_SERVER_TUNNEL_INPORT, 0);
std::string accessList = section.second.get (I2P_SERVER_TUNNEL_ACCESS_LIST, ""); std::string accessList = section.second.get (I2P_SERVER_TUNNEL_ACCESS_LIST, "");
std::string hostOverride = section.second.get (I2P_SERVER_TUNNEL_HOST_OVERRIDE, ""); std::string hostOverride = section.second.get (I2P_SERVER_TUNNEL_HOST_OVERRIDE, "");

Write Preview
Loading…
Cancel
Save