PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

generate DH keys pair per NTCP session

pull/59/head
orignal 11 years ago
parent
15299aa42d
commit
7bdf52a774
6 changed files with 37 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      Identity.cpp
  2. 7
      Identity.h
  3. 14
      NTCPSession.cpp
  4. 4
      NTCPSession.h
  5. 7
      Transports.cpp
  6. 2
      Transports.h

8
Identity.cpp
Unescape View File

@ -53,6 +53,14 @@ namespace data
return keys; return keys;
} }
void CreateRandomDHKeysPair (DHKeysPair * keys)
{
if (!keys) return;
CryptoPP::AutoSeededRandomPool rnd;
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
dh.GenerateKeyPair(rnd, keys->privateKey, keys->publicKey);
}
RoutingKey CreateRoutingKey (const IdentHash& ident) RoutingKey CreateRoutingKey (const IdentHash& ident)
{ {
uint8_t buf[41]; // ident + yyyymmdd uint8_t buf[41]; // ident + yyyymmdd

7
Identity.h
Unescape View File

@ -11,6 +11,12 @@ namespace data
{ {
#pragma pack(1) #pragma pack(1)
struct DHKeysPair // transient keys for transport sessions
{
uint8_t publicKey[256];
uint8_t privateKey[256];
};
struct Keys struct Keys
{ {
uint8_t privateKey[256]; uint8_t privateKey[256];
@ -71,6 +77,7 @@ namespace data
IdentHash CalculateIdentHash (const Identity& identity); IdentHash CalculateIdentHash (const Identity& identity);
Keys CreateRandomKeys (); Keys CreateRandomKeys ();
void CreateRandomDHKeysPair (DHKeysPair * keys); // for transport sessions
// kademlia // kademlia
struct RoutingKey struct RoutingKey

14
NTCPSession.cpp
Unescape View File

@ -24,13 +24,19 @@ namespace ntcp
m_Socket (service), m_TerminationTimer (service), m_IsEstablished (false), m_Socket (service), m_TerminationTimer (service), m_IsEstablished (false),
m_RemoteRouterInfo (in_RemoteRouterInfo), m_ReceiveBufferOffset (0), m_NextMessage (nullptr) m_RemoteRouterInfo (in_RemoteRouterInfo), m_ReceiveBufferOffset (0), m_NextMessage (nullptr)
{ {
m_DHKeysPair = i2p::transports.GetNextDHKeysPair ();
} }
NTCPSession::~NTCPSession ()
{
delete m_DHKeysPair;
}
void NTCPSession::CreateAESKey (uint8_t * pubKey, uint8_t * aesKey) void NTCPSession::CreateAESKey (uint8_t * pubKey, uint8_t * aesKey)
{ {
CryptoPP::DH dh (elgp, elgg); CryptoPP::DH dh (elgp, elgg);
CryptoPP::SecByteBlock secretKey(dh.AgreedValueLength()); CryptoPP::SecByteBlock secretKey(dh.AgreedValueLength());
if (!dh.Agree (secretKey, i2p::context.GetPrivateKey (), pubKey)) if (!dh.Agree (secretKey, m_DHKeysPair->privateKey, pubKey))
{ {
LogPrint ("Couldn't create shared key"); LogPrint ("Couldn't create shared key");
Terminate (); Terminate ();
@ -78,7 +84,7 @@ namespace ntcp
void NTCPSession::ClientLogin () void NTCPSession::ClientLogin ()
{ {
// send Phase1 // send Phase1
const uint8_t * x = i2p::context.GetRouterIdentity ().publicKey; const uint8_t * x = m_DHKeysPair->publicKey;
memcpy (m_Phase1.pubKey, x, 256); memcpy (m_Phase1.pubKey, x, 256);
CryptoPP::SHA256().CalculateDigest(m_Phase1.HXxorHI, x, 256); CryptoPP::SHA256().CalculateDigest(m_Phase1.HXxorHI, x, 256);
const uint8_t * ident = m_RemoteRouterInfo.GetIdentHash (); const uint8_t * ident = m_RemoteRouterInfo.GetIdentHash ();
@ -143,7 +149,7 @@ namespace ntcp
void NTCPSession::SendPhase2 () void NTCPSession::SendPhase2 ()
{ {
const uint8_t * y = i2p::context.GetRouterIdentity ().publicKey; const uint8_t * y = m_DHKeysPair->publicKey;
memcpy (m_Phase2.pubKey, y, 256); memcpy (m_Phase2.pubKey, y, 256);
uint8_t xy[512]; uint8_t xy[512];
memcpy (xy, m_Phase1.pubKey, 256); memcpy (xy, m_Phase1.pubKey, 256);
@ -200,7 +206,7 @@ namespace ntcp
m_Decryption.ProcessData((uint8_t *)&m_Phase2.encrypted, (uint8_t *)&m_Phase2.encrypted, sizeof(m_Phase2.encrypted)); m_Decryption.ProcessData((uint8_t *)&m_Phase2.encrypted, (uint8_t *)&m_Phase2.encrypted, sizeof(m_Phase2.encrypted));
// verify // verify
uint8_t xy[512], hxy[32]; uint8_t xy[512], hxy[32];
memcpy (xy, i2p::context.GetRouterIdentity ().publicKey, 256); memcpy (xy, m_DHKeysPair->publicKey, 256);
memcpy (xy + 256, m_Phase2.pubKey, 256); memcpy (xy + 256, m_Phase2.pubKey, 256);
CryptoPP::SHA256().CalculateDigest(hxy, xy, 512); CryptoPP::SHA256().CalculateDigest(hxy, xy, 512);
if (memcmp (hxy, m_Phase2.encrypted.hxy, 32)) if (memcmp (hxy, m_Phase2.encrypted.hxy, 32))

4
NTCPSession.h
Unescape View File

@ -7,6 +7,7 @@
#include <cryptopp/modes.h> #include <cryptopp/modes.h>
#include <cryptopp/aes.h> #include <cryptopp/aes.h>
#include <cryptopp/adler32.h> #include <cryptopp/adler32.h>
#include "Identity.h"
#include "RouterInfo.h" #include "RouterInfo.h"
#include "I2NPProtocol.h" #include "I2NPProtocol.h"
@ -66,7 +67,7 @@ namespace ntcp
public: public:
NTCPSession (boost::asio::io_service& service, i2p::data::RouterInfo& in_RemoteRouterInfo); NTCPSession (boost::asio::io_service& service, i2p::data::RouterInfo& in_RemoteRouterInfo);
virtual ~NTCPSession () {}; virtual ~NTCPSession ();
boost::asio::ip::tcp::socket& GetSocket () { return m_Socket; }; boost::asio::ip::tcp::socket& GetSocket () { return m_Socket; };
bool IsEstablished () const { return m_IsEstablished; }; bool IsEstablished () const { return m_IsEstablished; };
@ -120,6 +121,7 @@ namespace ntcp
boost::asio::ip::tcp::socket m_Socket; boost::asio::ip::tcp::socket m_Socket;
boost::asio::deadline_timer m_TerminationTimer; boost::asio::deadline_timer m_TerminationTimer;
bool m_IsEstablished; bool m_IsEstablished;
i2p::data::DHKeysPair * m_DHKeysPair; // X - for client and Y - for server
CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption; CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption;
CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption; CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption;

7
Transports.cpp
Unescape View File

@ -221,4 +221,11 @@ namespace i2p
} }
} }
i2p::data::DHKeysPair * Transports::GetNextDHKeysPair ()
{
// TODO: use supplier with separate thread
i2p::data::DHKeysPair * pair = new i2p::data::DHKeysPair ();
i2p::data::CreateRandomDHKeysPair (pair);
return pair;
}
} }

2
Transports.h
Unescape View File

@ -10,6 +10,7 @@
#include "SSU.h" #include "SSU.h"
#include "RouterInfo.h" #include "RouterInfo.h"
#include "I2NPProtocol.h" #include "I2NPProtocol.h"
#include "Identity.h"
namespace i2p namespace i2p
{ {
@ -24,6 +25,7 @@ namespace i2p
void Stop (); void Stop ();
boost::asio::io_service& GetService () { return m_Service; }; boost::asio::io_service& GetService () { return m_Service; };
i2p::data::DHKeysPair * GetNextDHKeysPair ();
void AddNTCPSession (i2p::ntcp::NTCPSession * session); void AddNTCPSession (i2p::ntcp::NTCPSession * session);
void RemoveNTCPSession (i2p::ntcp::NTCPSession * session); void RemoveNTCPSession (i2p::ntcp::NTCPSession * session);

Write Preview
Loading…
Cancel
Save