PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

common code for signing and verifing exchanged data

pull/106/head
orignal 10 years ago
parent
b89daaa58b
commit
659edf2590
3 changed files with 55 additions and 34 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 48
      NTCPSession.cpp
  2. 9
      NTCPSession.h
  3. 32
      TransportSession.h

48
NTCPSession.cpp
Unescape View File

@ -282,12 +282,11 @@ namespace transport @@ -282,12 +282,11 @@ namespace transport
m_Establisher->phase3.timestamp = tsA;
SignedData s;
memcpy (s.x, m_Establisher->phase1.pubKey, 256);
memcpy (s.y, m_Establisher->phase2.pubKey, 256);
memcpy (s.ident, m_RemoteIdentity.GetIdentHash (), 32);
s.tsA = tsA;
s.tsB = m_Establisher->phase2.encrypted.timestamp;
i2p::context.Sign ((uint8_t *)&s, sizeof (s), m_Establisher->phase3.signature);
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (tsA); // tsA
s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
s.Sign (i2p::context.GetPrivateKeys (), m_Establisher->phase3.signature);
m_Encryption.Encrypt((uint8_t *)&m_Establisher->phase3, sizeof(NTCPPhase3), (uint8_t *)&m_Establisher->phase3);
@ -327,13 +326,12 @@ namespace transport @@ -327,13 +326,12 @@ namespace transport
m_RemoteIdentity = m_Establisher->phase3.ident;
SignedData s;
memcpy (s.x, m_Establisher->phase1.pubKey, 256);
memcpy (s.y, m_Establisher->phase2.pubKey, 256);
memcpy (s.ident, i2p::context.GetRouterInfo ().GetIdentHash (), 32);
s.tsA = m_Establisher->phase3.timestamp;
s.tsB = tsB;
if (!m_RemoteIdentity.Verify ((uint8_t *)&s, sizeof(s), m_Establisher->phase3.signature))
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (i2p::context.GetRouterInfo ().GetIdentHash (), 32); // ident
s.Insert (m_Establisher->phase3.timestamp); // tsA
s.Insert (tsB); // tsB
if (!s.Verify (m_RemoteIdentity, m_Establisher->phase3.signature))
{
LogPrint ("signature verification failed");
Terminate ();
@ -347,12 +345,12 @@ namespace transport @@ -347,12 +345,12 @@ namespace transport
void NTCPSession::SendPhase4 (uint32_t tsB)
{
SignedData s;
memcpy (s.x, m_Establisher->phase1.pubKey, 256);
memcpy (s.y, m_Establisher->phase2.pubKey, 256);
memcpy (s.ident, m_RemoteIdentity.GetIdentHash (), 32);
s.tsA = m_Establisher->phase3.timestamp;
s.tsB = tsB;
i2p::context.Sign ((uint8_t *)&s, sizeof (s), m_Establisher->phase4.signature);
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
s.Insert (m_Establisher->phase3.timestamp); // tsA
s.Insert (tsB); // tsB
s.Sign (i2p::context.GetPrivateKeys (), m_Establisher->phase4.signature);
m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4);
boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (),
@ -396,13 +394,13 @@ namespace transport @@ -396,13 +394,13 @@ namespace transport
// verify signature
SignedData s;
memcpy (s.x, m_Establisher->phase1.pubKey, 256);
memcpy (s.y, m_Establisher->phase2.pubKey, 256);
memcpy (s.ident, i2p::context.GetRouterInfo ().GetIdentHash (), 32);
s.tsA = tsA;
s.tsB = m_Establisher->phase2.encrypted.timestamp;
s.Insert (m_Establisher->phase1.pubKey, 256); // x
s.Insert (m_Establisher->phase2.pubKey, 256); // y
s.Insert (i2p::context.GetRouterInfo ().GetIdentHash (), 32); // ident
s.Insert (tsA); // tsA
s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
if (!m_RemoteIdentity.Verify ((uint8_t *)&s, sizeof(s), m_Establisher->phase4.signature))
if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4.signature))
{
LogPrint ("signature verification failed");
Terminate ();

9
NTCPSession.h
Unescape View File

@ -51,15 +51,6 @@ namespace transport @@ -51,15 +51,6 @@ namespace transport
uint8_t signature[40];
uint8_t padding[8];
};
struct SignedData // used for signature in Phase3 and Phase4
{
uint8_t x[256];
uint8_t y[256];
uint8_t ident[32];
uint32_t tsA;
uint32_t tsB;
};
#pragma pack()

32
TransportSession.h
Unescape View File

@ -2,6 +2,7 @@ @@ -2,6 +2,7 @@
#define TRANSPORT_SESSION_H__
#include <inttypes.h>
#include <iostream>
#include "Identity.h"
#include "RouterInfo.h"
@ -15,6 +16,37 @@ namespace transport @@ -15,6 +16,37 @@ namespace transport
uint8_t privateKey[256];
};
class SignedData
{
public:
SignedData () {};
void Insert (const uint8_t * buf, size_t len)
{
m_Stream.write ((char *)buf, len);
}
template<typename T>
void Insert (T t)
{
m_Stream.write ((char *)&t, sizeof (T));
}
bool Verify (const i2p::data::IdentityEx& ident, const uint8_t * signature) const
{
return ident.Verify ((const uint8_t *)m_Stream.str ().c_str (), m_Stream.str ().size (), signature);
}
void Sign (const i2p::data::PrivateKeys& keys, uint8_t * signature) const
{
keys.Sign ((const uint8_t *)m_Stream.str ().c_str (), m_Stream.str ().size (), signature);
}
private:
std::stringstream m_Stream;
};
class TransportSession
{
public:

Write Preview
Loading…
Cancel
Save