PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

Ensure zero-inialization, add TODO update gitignore.

pull/228/head
EinMByte 10 years ago
parent
c939dec26a
commit
62ac53563c
8 changed files with 35 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .gitignore
  2. 2
      I2NPProtocol.cpp
  3. 2
      I2NPProtocol.h
  4. 26
      SSUSession.cpp
  5. 2
      SSUSession.h
  6. 9
      TODO
  7. 2
      TunnelConfig.h
  8. 6
      aes.h

1
.gitignore vendored
Unescape View File

@ -5,6 +5,7 @@ router.keys
i2p i2p
libi2pd.so libi2pd.so
netDb netDb
tunnels.cfg
# Autotools # Autotools
autom4te.cache autom4te.cache

2
I2NPProtocol.cpp
Unescape View File

@ -353,7 +353,7 @@ namespace i2p
} }
else else
{ {
uint8_t clearText[BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE]; uint8_t clearText[BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE] = {};
if (HandleBuildRequestRecords (num, buf + 1, clearText)) if (HandleBuildRequestRecords (num, buf + 1, clearText))
{ {
if (clearText[BUILD_REQUEST_RECORD_FLAG_OFFSET] & 0x40) // we are endpoint of outboud tunnel if (clearText[BUILD_REQUEST_RECORD_FLAG_OFFSET] & 0x40) // we are endpoint of outboud tunnel

2
I2NPProtocol.h
Unescape View File

@ -193,7 +193,7 @@ namespace tunnel
struct I2NPMessageBuffer: public I2NPMessage struct I2NPMessageBuffer: public I2NPMessage
{ {
I2NPMessageBuffer () { buf = m_Buffer; maxLen = sz; }; I2NPMessageBuffer () { buf = m_Buffer; maxLen = sz; };
uint8_t m_Buffer[sz + 16]; uint8_t m_Buffer[sz + 16] = {};
}; };
I2NPMessage * NewI2NPMessage (); I2NPMessage * NewI2NPMessage ();

26
SSUSession.cpp
Unescape View File

@ -275,7 +275,7 @@ namespace transport
return; return;
} }
uint8_t buf[320 + 18]; // 304 bytes for ipv4, 320 for ipv6 uint8_t buf[320 + 18] = {}; // 304 bytes for ipv4, 320 for ipv6, all set to 0
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
memcpy (payload, m_DHKeysPair->publicKey, 256); // x memcpy (payload, m_DHKeysPair->publicKey, 256); // x
bool isV4 = m_RemoteEndpoint.address ().is_v4 (); bool isV4 = m_RemoteEndpoint.address ().is_v4 ();
@ -306,7 +306,7 @@ namespace transport
return; return;
} }
uint8_t buf[96 + 18]; uint8_t buf[96 + 18] = {};
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
htobe32buf (payload, iTag); htobe32buf (payload, iTag);
payload += 4; payload += 4;
@ -344,7 +344,7 @@ namespace transport
SignedData s; // x,y, remote IP, remote port, our IP, our port, relayTag, signed on time SignedData s; // x,y, remote IP, remote port, our IP, our port, relayTag, signed on time
s.Insert (x, 256); // x s.Insert (x, 256); // x
uint8_t buf[384 + 18]; uint8_t buf[384 + 18] = {};
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
memcpy (payload, m_DHKeysPair->publicKey, 256); memcpy (payload, m_DHKeysPair->publicKey, 256);
s.Insert (payload, 256); // y s.Insert (payload, 256); // y
@ -408,7 +408,7 @@ namespace transport
void SSUSession::SendSessionConfirmed (const uint8_t * y, const uint8_t * ourAddress, size_t ourAddressLen) void SSUSession::SendSessionConfirmed (const uint8_t * y, const uint8_t * ourAddress, size_t ourAddressLen)
{ {
uint8_t buf[512 + 18]; uint8_t buf[512 + 18] = {};
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
*payload = 1; // 1 fragment *payload = 1; // 1 fragment
payload++; // info payload++; // info
@ -475,7 +475,7 @@ namespace transport
void SSUSession::SendRelayResponse (uint32_t nonce, const boost::asio::ip::udp::endpoint& from, void SSUSession::SendRelayResponse (uint32_t nonce, const boost::asio::ip::udp::endpoint& from,
const uint8_t * introKey, const boost::asio::ip::udp::endpoint& to) const uint8_t * introKey, const boost::asio::ip::udp::endpoint& to)
{ {
uint8_t buf[80 + 18]; // 64 Alice's ipv4 and 80 Alice's ipv6 uint8_t buf[80 + 18] = {}; // 64 Alice's ipv4 and 80 Alice's ipv6
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
// Charlie's address always v4 // Charlie's address always v4
if (!to.address ().is_v4 ()) if (!to.address ().is_v4 ())
@ -536,7 +536,7 @@ namespace transport
LogPrint (eLogError, "Alice's IP must be v4"); LogPrint (eLogError, "Alice's IP must be v4");
return; return;
} }
uint8_t buf[48 + 18]; uint8_t buf[48 + 18] = {};
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
*payload = 4; *payload = 4;
payload++; // size payload++; // size
@ -616,9 +616,7 @@ namespace transport
htobe32buf (&(header->time), i2p::util::GetSecondsSinceEpoch ()); htobe32buf (&(header->time), i2p::util::GetSecondsSinceEpoch ());
uint8_t * encrypted = &header->flag; uint8_t * encrypted = &header->flag;
uint16_t encryptedLen = len - (encrypted - buf); uint16_t encryptedLen = len - (encrypted - buf);
i2p::crypto::CBCEncryption encryption; i2p::crypto::CBCEncryption encryption(aesKey, iv);
encryption.SetKey (aesKey);
encryption.SetIV (iv);
encryption.Encrypt (encrypted, encryptedLen, encrypted); encryption.Encrypt (encrypted, encryptedLen, encrypted);
// assume actual buffer size is 18 (16 + 2) bytes more // assume actual buffer size is 18 (16 + 2) bytes more
memcpy (buf + len, iv, 16); memcpy (buf + len, iv, 16);
@ -960,8 +958,7 @@ namespace transport
// toAddress is true for Alice<->Chalie communications only // toAddress is true for Alice<->Chalie communications only
// sendAddress is false if message comes from Alice // sendAddress is false if message comes from Alice
{ {
uint8_t buf[80 + 18]; uint8_t buf[80 + 18] = {};
uint8_t iv[16];
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
htobe32buf (payload, nonce); htobe32buf (payload, nonce);
payload += 4; // nonce payload += 4; // nonce
@ -995,6 +992,7 @@ namespace transport
// send // send
CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator (); CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator ();
uint8_t iv[16];
rnd.GenerateBlock (iv, 16); // random iv rnd.GenerateBlock (iv, 16); // random iv
if (toAddress) if (toAddress)
{ {
@ -1032,7 +1030,7 @@ namespace transport
{ {
if (m_State == eSessionStateEstablished) if (m_State == eSessionStateEstablished)
{ {
uint8_t buf[48 + 18]; uint8_t buf[48 + 18] = {};
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
*payload = 0; // flags *payload = 0; // flags
payload++; payload++;
@ -1049,7 +1047,7 @@ namespace transport
{ {
if (m_IsSessionKey) if (m_IsSessionKey)
{ {
uint8_t buf[48 + 18]; uint8_t buf[48 + 18] = {};
// encrypt message with session key // encrypt message with session key
FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_DESTROYED, buf, 48); FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_DESTROYED, buf, 48);
try try
@ -1066,7 +1064,7 @@ namespace transport
void SSUSession::Send (uint8_t type, const uint8_t * payload, size_t len) void SSUSession::Send (uint8_t type, const uint8_t * payload, size_t len)
{ {
uint8_t buf[SSU_MTU_V4 + 18]; uint8_t buf[SSU_MTU_V4 + 18] = {};
size_t msgSize = len + sizeof (SSUHeader); size_t msgSize = len + sizeof (SSUHeader);
size_t paddingSize = msgSize & 0x0F; // %16 size_t paddingSize = msgSize & 0x0F; // %16
if (paddingSize > 0) msgSize += (16 - paddingSize); if (paddingSize > 0) msgSize += (16 - paddingSize);

2
SSUSession.h
Unescape View File

@ -15,6 +15,8 @@ namespace i2p
namespace transport namespace transport
{ {
#pragma pack(1) #pragma pack(1)
// Warning: do not change the order of these variables
// (or fix the unsafe casts in SSU.h)
struct SSUHeader struct SSUHeader
{ {
uint8_t mac[16]; uint8_t mac[16];

9
TODO
Unescape View File

@ -0,0 +1,9 @@
Short-term refactoring:
- SSUSession:637, SSUSession:635 get rid of casting to SSUHeader
Long-term refactoring:
- Rely on a library for TLS and SSL.
Additions:
- Write tests.
- Add documentation.

2
TunnelConfig.h
Unescape View File

@ -86,7 +86,7 @@ namespace tunnel
void CreateBuildRequestRecord (uint8_t * record, uint32_t replyMsgID) const void CreateBuildRequestRecord (uint8_t * record, uint32_t replyMsgID) const
{ {
uint8_t clearText[BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE]; uint8_t clearText[BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE] = {};
htobe32buf (clearText + BUILD_REQUEST_RECORD_RECEIVE_TUNNEL_OFFSET, tunnelID); htobe32buf (clearText + BUILD_REQUEST_RECORD_RECEIVE_TUNNEL_OFFSET, tunnelID);
memcpy (clearText + BUILD_REQUEST_RECORD_OUR_IDENT_OFFSET, router->GetIdentHash (), 32); memcpy (clearText + BUILD_REQUEST_RECORD_OUR_IDENT_OFFSET, router->GetIdentHash (), 32);
htobe32buf (clearText + BUILD_REQUEST_RECORD_NEXT_TUNNEL_OFFSET, nextTunnelID); htobe32buf (clearText + BUILD_REQUEST_RECORD_NEXT_TUNNEL_OFFSET, nextTunnelID);

6
aes.h
Unescape View File

@ -141,6 +141,12 @@ namespace crypto
public: public:
CBCEncryption () { memset (m_LastBlock.buf, 0, 16); }; CBCEncryption () { memset (m_LastBlock.buf, 0, 16); };
CBCEncryption(const AESKey& key, const uint8_t* iv)
: CBCEncryption()
{
SetKey(key);
SetIV(iv);
};
void SetKey (const AESKey& key) { m_ECBEncryption.SetKey (key); }; // 32 bytes void SetKey (const AESKey& key) { m_ECBEncryption.SetKey (key); }; // 32 bytes
void SetIV (const uint8_t * iv) { memcpy (m_LastBlock.buf, iv, 16); }; // 16 bytes void SetIV (const uint8_t * iv) { memcpy (m_LastBlock.buf, iv, 16); }; // 16 bytes

Write Preview
Loading…
Cancel
Save