Browse Source

add new session to the list after reply received

pull/1474/head
orignal 5 years ago
parent
commit
7c212bef63
  1. 8
      libi2pd/ECIESX25519AEADRatchetSession.cpp
  2. 5
      libi2pd/Garlic.cpp

8
libi2pd/ECIESX25519AEADRatchetSession.cpp

@ -182,13 +182,11 @@ namespace garlic
LogPrint (eLogError, "Garlic: Can't encode elligator"); LogPrint (eLogError, "Garlic: Can't encode elligator");
return false; return false;
} }
uint8_t aepk[32];
i2p::crypto::GetElligator ()->Decode (out + offset, aepk); // decode back for h
offset += 32; offset += 32;
// KDF1 // KDF1
MixHash (m_RemoteStaticKey, 32); // h = SHA256(h || bpk) MixHash (m_RemoteStaticKey, 32); // h = SHA256(h || bpk)
MixHash (aepk, 32); // h = SHA256(h || aepk) MixHash (m_EphemeralKeys.GetPublicKey (), 32); // h = SHA256(h || aepk)
uint8_t sharedSecret[32]; uint8_t sharedSecret[32];
m_EphemeralKeys.Agree (m_RemoteStaticKey, sharedSecret); // x25519(aesk, bpk) m_EphemeralKeys.Agree (m_RemoteStaticKey, sharedSecret); // x25519(aesk, bpk)
i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", m_CK); // [chainKey, key] = HKDF(chainKey, sharedSecret, "", 64) i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", m_CK); // [chainKey, key] = HKDF(chainKey, sharedSecret, "", 64)
@ -232,12 +230,10 @@ namespace garlic
LogPrint (eLogError, "Garlic: Can't encode elligator"); LogPrint (eLogError, "Garlic: Can't encode elligator");
return false; return false;
} }
uint8_t bepk[32];
i2p::crypto::GetElligator ()->Decode (out + offset, bepk); // decode back for h
offset += 32; offset += 32;
// KDF for Reply Key Section // KDF for Reply Key Section
MixHash ((const uint8_t *)&tag, 8); // h = SHA256(h || tag) MixHash ((const uint8_t *)&tag, 8); // h = SHA256(h || tag)
MixHash (bepk, 32); // h = SHA256(h || bepk) MixHash (m_EphemeralKeys.GetPublicKey (), 32); // h = SHA256(h || bepk)
uint8_t sharedSecret[32]; uint8_t sharedSecret[32];
m_EphemeralKeys.Agree (m_RemoteStaticKey, sharedSecret); // sharedSecret = x25519(besk, aepk) m_EphemeralKeys.Agree (m_RemoteStaticKey, sharedSecret); // sharedSecret = x25519(besk, aepk)
i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", m_CK); // [chainKey, key] = HKDF(chainKey, sharedSecret, "", 64) i2p::crypto::HKDF (m_CK, sharedSecret, 32, "", m_CK); // [chainKey, key] = HKDF(chainKey, sharedSecret, "", 64)

5
libi2pd/Garlic.cpp

@ -668,7 +668,6 @@ namespace garlic
{ {
session = std::make_shared<ECIESX25519AEADRatchetSession> (this); session = std::make_shared<ECIESX25519AEADRatchetSession> (this);
session->SetRemoteStaticKey (staticKey); session->SetRemoteStaticKey (staticKey);
m_ECIESx25519Sessions.emplace (staticKey, session);
} }
return session; return session;
} }
@ -870,7 +869,9 @@ namespace garlic
{ {
// TODO // TODO
auto session = it->second; auto session = it->second;
if (!session->NewOutgoingSessionReply (buf, len, handleClove)) if (session->NewOutgoingSessionReply (buf, len, handleClove))
m_ECIESx25519Sessions.emplace (session->GetRemoteStaticKey (), session);
else
{ {
LogPrint (eLogError, "Garlic: can't decrypt ECIES-X25519-AEAD-Ratchet new session reply"); LogPrint (eLogError, "Garlic: can't decrypt ECIES-X25519-AEAD-Ratchet new session reply");
m_ECIESx25519Tags.erase (tag); m_ECIESx25519Tags.erase (tag);

Loading…
Cancel
Save