|
|
@ -725,6 +725,8 @@ namespace garlic |
|
|
|
|
|
|
|
|
|
|
|
bool ECIESX25519AEADRatchetSession::NewExistingSessionMessage (const uint8_t * payload, size_t len, uint8_t * out, size_t outLen) |
|
|
|
bool ECIESX25519AEADRatchetSession::NewExistingSessionMessage (const uint8_t * payload, size_t len, uint8_t * out, size_t outLen) |
|
|
|
{ |
|
|
|
{ |
|
|
|
|
|
|
|
auto owner = GetOwner (); |
|
|
|
|
|
|
|
if (!owner) return false; |
|
|
|
uint8_t nonce[12]; |
|
|
|
uint8_t nonce[12]; |
|
|
|
auto index = m_SendTagset->GetNextIndex (); |
|
|
|
auto index = m_SendTagset->GetNextIndex (); |
|
|
|
CreateNonce (index, nonce); // tag's index
|
|
|
|
CreateNonce (index, nonce); // tag's index
|
|
|
@ -732,8 +734,7 @@ namespace garlic |
|
|
|
if (!tag) |
|
|
|
if (!tag) |
|
|
|
{ |
|
|
|
{ |
|
|
|
LogPrint (eLogError, "Garlic: Can't create new ECIES-X25519-AEAD-Ratchet tag for send tagset"); |
|
|
|
LogPrint (eLogError, "Garlic: Can't create new ECIES-X25519-AEAD-Ratchet tag for send tagset"); |
|
|
|
if (GetOwner ()) |
|
|
|
owner->RemoveECIESx25519Session (m_RemoteStaticKey); |
|
|
|
GetOwner ()->RemoveECIESx25519Session (m_RemoteStaticKey); |
|
|
|
|
|
|
|
return false; |
|
|
|
return false; |
|
|
|
} |
|
|
|
} |
|
|
|
memcpy (out, &tag, 8); |
|
|
|
memcpy (out, &tag, 8); |
|
|
@ -741,7 +742,7 @@ namespace garlic |
|
|
|
// ciphertext = ENCRYPT(k, n, payload, ad)
|
|
|
|
// ciphertext = ENCRYPT(k, n, payload, ad)
|
|
|
|
uint8_t key[32]; |
|
|
|
uint8_t key[32]; |
|
|
|
m_SendTagset->GetSymmKey (index, key); |
|
|
|
m_SendTagset->GetSymmKey (index, key); |
|
|
|
if (!i2p::crypto::AEADChaCha20Poly1305 (payload, len, out, 8, key, nonce, out + 8, outLen - 8, true)) // encrypt
|
|
|
|
if (!owner->AEADChaCha20Poly1305Encrypt (payload, len, out, 8, key, nonce, out + 8, outLen - 8)) |
|
|
|
{ |
|
|
|
{ |
|
|
|
LogPrint (eLogWarning, "Garlic: Payload section AEAD encryption failed"); |
|
|
|
LogPrint (eLogWarning, "Garlic: Payload section AEAD encryption failed"); |
|
|
|
return false; |
|
|
|
return false; |
|
|
@ -760,20 +761,22 @@ namespace garlic |
|
|
|
uint8_t * payload = buf + 8; |
|
|
|
uint8_t * payload = buf + 8; |
|
|
|
uint8_t key[32]; |
|
|
|
uint8_t key[32]; |
|
|
|
receiveTagset->GetSymmKey (index, key); |
|
|
|
receiveTagset->GetSymmKey (index, key); |
|
|
|
if (!i2p::crypto::AEADChaCha20Poly1305 (payload, len - 16, buf, 8, key, nonce, payload, len - 16, false)) // decrypt
|
|
|
|
auto owner = GetOwner (); |
|
|
|
|
|
|
|
if (!owner) return true; // drop message
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!owner->AEADChaCha20Poly1305Decrypt (payload, len - 16, buf, 8, key, nonce, payload, len - 16)) |
|
|
|
{ |
|
|
|
{ |
|
|
|
LogPrint (eLogWarning, "Garlic: Payload section AEAD decryption failed"); |
|
|
|
LogPrint (eLogWarning, "Garlic: Payload section AEAD decryption failed"); |
|
|
|
return false; |
|
|
|
return false; |
|
|
|
} |
|
|
|
} |
|
|
|
HandlePayload (payload, len - 16, receiveTagset, index); |
|
|
|
HandlePayload (payload, len - 16, receiveTagset, index); |
|
|
|
if (GetOwner ()) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
int moreTags = 0; |
|
|
|
int moreTags = 0; |
|
|
|
if (GetOwner ()->GetNumRatchetInboundTags () > 0) // override in settings?
|
|
|
|
if (owner->GetNumRatchetInboundTags () > 0) // override in settings?
|
|
|
|
{ |
|
|
|
{ |
|
|
|
if (receiveTagset->GetNextIndex () - index < GetOwner ()->GetNumRatchetInboundTags ()/2) |
|
|
|
if (receiveTagset->GetNextIndex () - index < owner->GetNumRatchetInboundTags ()/2) |
|
|
|
moreTags = GetOwner ()->GetNumRatchetInboundTags (); |
|
|
|
moreTags = owner->GetNumRatchetInboundTags (); |
|
|
|
index -= GetOwner ()->GetNumRatchetInboundTags (); // trim behind
|
|
|
|
index -= owner->GetNumRatchetInboundTags (); // trim behind
|
|
|
|
} |
|
|
|
} |
|
|
|
else |
|
|
|
else |
|
|
|
{ |
|
|
|
{ |
|
|
@ -787,7 +790,6 @@ namespace garlic |
|
|
|
GenerateMoreReceiveTags (receiveTagset, moreTags); |
|
|
|
GenerateMoreReceiveTags (receiveTagset, moreTags); |
|
|
|
if (index > 0) |
|
|
|
if (index > 0) |
|
|
|
receiveTagset->SetTrimBehind (index); |
|
|
|
receiveTagset->SetTrimBehind (index); |
|
|
|
} |
|
|
|
|
|
|
|
return true; |
|
|
|
return true; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|