Browse Source

verify streaming packet signature

pull/93/head
orignal 10 years ago
parent
commit
9b8460cffa
  1. 10
      Identity.cpp
  2. 1
      Identity.h
  3. 25
      Streaming.cpp
  4. 2
      Streaming.h

10
Identity.cpp

@ -107,7 +107,15 @@ namespace data @@ -107,7 +107,15 @@ namespace data
return m_Verifier->GetPublicKeyLen ();
return 128;
}
size_t IdentityEx::GetSignatureLen ()
{
if (!m_Verifier)
CreateVerifier ();
if (m_Verifier)
return m_Verifier->GetSignatureLen ();
return 40;
}
bool IdentityEx::Verify (const uint8_t * buf, size_t len, const uint8_t * signature)
{
if (!m_Verifier)

1
Identity.h

@ -115,6 +115,7 @@ namespace data @@ -115,6 +115,7 @@ namespace data
const IdentHash& GetIdentHash () const { return m_IdentHash; };
size_t GetFullLen () const { return m_ExtendedLen + DEFAULT_IDENTITY_SIZE; };
size_t GetSigningPublicKeyLen ();
size_t GetSignatureLen ();
bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature);
private:

25
Streaming.cpp

@ -132,9 +132,7 @@ namespace stream @@ -132,9 +132,7 @@ namespace stream
const uint8_t * optionData = packet->GetOptionData ();
if (flags & PACKET_FLAG_SYNCHRONIZE)
{
LogPrint ("Synchronize");
}
if (flags & PACKET_FLAG_DELAY_REQUESTED)
{
@ -143,10 +141,10 @@ namespace stream @@ -143,10 +141,10 @@ namespace stream
if (flags & PACKET_FLAG_FROM_INCLUDED)
{
optionData += m_RemoteIdentity.FromBuffer (optionData, i2p::data::DEFAULT_IDENTITY_SIZE);
LogPrint ("From identity ", m_RemoteIdentity.Hash ().ToBase64 ());
optionData += m_RemoteIdentity.FromBuffer (optionData, packet->GetOptionSize ());
LogPrint ("From identity ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());
if (!m_RemoteLeaseSet)
LogPrint ("Incoming stream from ", m_RemoteIdentity.Hash ().ToBase64 ());
LogPrint ("Incoming stream from ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());
}
if (flags & PACKET_FLAG_MAX_PACKET_SIZE_INCLUDED)
@ -159,7 +157,18 @@ namespace stream @@ -159,7 +157,18 @@ namespace stream
if (flags & PACKET_FLAG_SIGNATURE_INCLUDED)
{
LogPrint ("Signature");
optionData += 40;
uint8_t signature[256];
auto signatureLen = m_RemoteIdentity.GetSignatureLen ();
memcpy (signature, optionData, signatureLen);
memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
if (!m_RemoteIdentity.Verify (packet->GetBuffer (), packet->GetLength (), signature))
{
LogPrint ("Signature verification failed");
Close ();
flags |= PACKET_FLAG_CLOSE;
}
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
}
packet->offset = packet->GetPayload () - packet->buf;
@ -473,9 +482,9 @@ namespace stream @@ -473,9 +482,9 @@ namespace stream
{
if (!m_RemoteLeaseSet)
{
m_RemoteLeaseSet = i2p::data::netdb.FindLeaseSet (m_RemoteIdentity.Hash ());
m_RemoteLeaseSet = i2p::data::netdb.FindLeaseSet (m_RemoteIdentity.GetIdentHash ());
if (!m_RemoteLeaseSet)
LogPrint ("LeaseSet ", m_RemoteIdentity.Hash ().ToBase64 (), " not found");
LogPrint ("LeaseSet ", m_RemoteIdentity.GetIdentHash ().ToBase64 (), " not found");
}
if (m_RemoteLeaseSet)
{

2
Streaming.h

@ -125,7 +125,7 @@ namespace stream @@ -125,7 +125,7 @@ namespace stream
int32_t m_LastReceivedSequenceNumber;
bool m_IsOpen, m_LeaseSetUpdated;
StreamingDestination * m_LocalDestination;
i2p::data::Identity m_RemoteIdentity;
i2p::data::IdentityEx m_RemoteIdentity;
const i2p::data::LeaseSet * m_RemoteLeaseSet;
i2p::data::Lease m_CurrentRemoteLease;
i2p::tunnel::OutboundTunnel * m_CurrentOutboundTunnel;

Loading…
Cancel
Save