Browse Source

verify streaming packet signature

pull/93/head
orignal 10 years ago
parent
commit
9b8460cffa
  1. 10
      Identity.cpp
  2. 1
      Identity.h
  3. 25
      Streaming.cpp
  4. 2
      Streaming.h

10
Identity.cpp

@ -107,7 +107,15 @@ namespace data
return m_Verifier->GetPublicKeyLen (); return m_Verifier->GetPublicKeyLen ();
return 128; return 128;
} }
size_t IdentityEx::GetSignatureLen ()
{
if (!m_Verifier)
CreateVerifier ();
if (m_Verifier)
return m_Verifier->GetSignatureLen ();
return 40;
}
bool IdentityEx::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) bool IdentityEx::Verify (const uint8_t * buf, size_t len, const uint8_t * signature)
{ {
if (!m_Verifier) if (!m_Verifier)

1
Identity.h

@ -115,6 +115,7 @@ namespace data
const IdentHash& GetIdentHash () const { return m_IdentHash; }; const IdentHash& GetIdentHash () const { return m_IdentHash; };
size_t GetFullLen () const { return m_ExtendedLen + DEFAULT_IDENTITY_SIZE; }; size_t GetFullLen () const { return m_ExtendedLen + DEFAULT_IDENTITY_SIZE; };
size_t GetSigningPublicKeyLen (); size_t GetSigningPublicKeyLen ();
size_t GetSignatureLen ();
bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature); bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature);
private: private:

25
Streaming.cpp

@ -132,9 +132,7 @@ namespace stream
const uint8_t * optionData = packet->GetOptionData (); const uint8_t * optionData = packet->GetOptionData ();
if (flags & PACKET_FLAG_SYNCHRONIZE) if (flags & PACKET_FLAG_SYNCHRONIZE)
{
LogPrint ("Synchronize"); LogPrint ("Synchronize");
}
if (flags & PACKET_FLAG_DELAY_REQUESTED) if (flags & PACKET_FLAG_DELAY_REQUESTED)
{ {
@ -143,10 +141,10 @@ namespace stream
if (flags & PACKET_FLAG_FROM_INCLUDED) if (flags & PACKET_FLAG_FROM_INCLUDED)
{ {
optionData += m_RemoteIdentity.FromBuffer (optionData, i2p::data::DEFAULT_IDENTITY_SIZE); optionData += m_RemoteIdentity.FromBuffer (optionData, packet->GetOptionSize ());
LogPrint ("From identity ", m_RemoteIdentity.Hash ().ToBase64 ()); LogPrint ("From identity ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());
if (!m_RemoteLeaseSet) if (!m_RemoteLeaseSet)
LogPrint ("Incoming stream from ", m_RemoteIdentity.Hash ().ToBase64 ()); LogPrint ("Incoming stream from ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());
} }
if (flags & PACKET_FLAG_MAX_PACKET_SIZE_INCLUDED) if (flags & PACKET_FLAG_MAX_PACKET_SIZE_INCLUDED)
@ -159,7 +157,18 @@ namespace stream
if (flags & PACKET_FLAG_SIGNATURE_INCLUDED) if (flags & PACKET_FLAG_SIGNATURE_INCLUDED)
{ {
LogPrint ("Signature"); LogPrint ("Signature");
optionData += 40; uint8_t signature[256];
auto signatureLen = m_RemoteIdentity.GetSignatureLen ();
memcpy (signature, optionData, signatureLen);
memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
if (!m_RemoteIdentity.Verify (packet->GetBuffer (), packet->GetLength (), signature))
{
LogPrint ("Signature verification failed");
Close ();
flags |= PACKET_FLAG_CLOSE;
}
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
} }
packet->offset = packet->GetPayload () - packet->buf; packet->offset = packet->GetPayload () - packet->buf;
@ -473,9 +482,9 @@ namespace stream
{ {
if (!m_RemoteLeaseSet) if (!m_RemoteLeaseSet)
{ {
m_RemoteLeaseSet = i2p::data::netdb.FindLeaseSet (m_RemoteIdentity.Hash ()); m_RemoteLeaseSet = i2p::data::netdb.FindLeaseSet (m_RemoteIdentity.GetIdentHash ());
if (!m_RemoteLeaseSet) if (!m_RemoteLeaseSet)
LogPrint ("LeaseSet ", m_RemoteIdentity.Hash ().ToBase64 (), " not found"); LogPrint ("LeaseSet ", m_RemoteIdentity.GetIdentHash ().ToBase64 (), " not found");
} }
if (m_RemoteLeaseSet) if (m_RemoteLeaseSet)
{ {

2
Streaming.h

@ -125,7 +125,7 @@ namespace stream
int32_t m_LastReceivedSequenceNumber; int32_t m_LastReceivedSequenceNumber;
bool m_IsOpen, m_LeaseSetUpdated; bool m_IsOpen, m_LeaseSetUpdated;
StreamingDestination * m_LocalDestination; StreamingDestination * m_LocalDestination;
i2p::data::Identity m_RemoteIdentity; i2p::data::IdentityEx m_RemoteIdentity;
const i2p::data::LeaseSet * m_RemoteLeaseSet; const i2p::data::LeaseSet * m_RemoteLeaseSet;
i2p::data::Lease m_CurrentRemoteLease; i2p::data::Lease m_CurrentRemoteLease;
i2p::tunnel::OutboundTunnel * m_CurrentOutboundTunnel; i2p::tunnel::OutboundTunnel * m_CurrentOutboundTunnel;

Loading…
Cancel
Save