diff --git a/Identity.cpp b/Identity.cpp index 67bdd900..24a7f50c 100644 --- a/Identity.cpp +++ b/Identity.cpp @@ -2,7 +2,6 @@ #include #include #include -#include #include #include "base64.h" #include "CryptoConst.h" @@ -293,14 +292,6 @@ namespace data return keys; } - void CreateRandomDHKeysPair (DHKeysPair * keys) - { - if (!keys) return; - CryptoPP::AutoSeededRandomPool rnd; - CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg); - dh.GenerateKeyPair(rnd, keys->privateKey, keys->publicKey); - } - IdentHash CreateRoutingKey (const IdentHash& ident) { uint8_t buf[41]; // ident + yyyymmdd diff --git a/Identity.h b/Identity.h index 290422ea..b839832d 100644 --- a/Identity.h +++ b/Identity.h @@ -67,13 +67,6 @@ namespace data typedef Tag<32> IdentHash; #pragma pack(1) - - struct DHKeysPair // transient keys for transport sessions - { - uint8_t publicKey[256]; - uint8_t privateKey[256]; - }; - struct Keys { uint8_t privateKey[256]; @@ -81,7 +74,8 @@ namespace data uint8_t publicKey[256]; uint8_t signingKey[128]; }; - +#pragma pack() + Keys CreateRandomKeys (); const uint8_t CERTIFICATE_TYPE_NULL = 0; const uint8_t CERTIFICATE_TYPE_HASHCASH = 1; @@ -183,11 +177,6 @@ namespace data uint8_t m_SigningPrivateKey[128]; // assume private key doesn't exceed 128 bytes i2p::crypto::Signer * m_Signer; }; - -#pragma pack() - - Keys CreateRandomKeys (); - void CreateRandomDHKeysPair (DHKeysPair * keys); // for transport sessions // kademlia struct XORMetric diff --git a/NTCPSession.h b/NTCPSession.h index 363a81cf..51215c38 100644 --- a/NTCPSession.h +++ b/NTCPSession.h @@ -14,6 +14,8 @@ namespace i2p { + class DHKeysPair; + namespace ntcp { @@ -65,6 +67,7 @@ namespace ntcp const size_t NTCP_MAX_MESSAGE_SIZE = 16384; const size_t NTCP_BUFFER_SIZE = 1040; // fits one tunnel message (1028) const int NTCP_TERMINATION_TIMEOUT = 120; // 2 minutes + class NTCPSession { public: @@ -127,7 +130,7 @@ namespace ntcp boost::asio::ip::tcp::socket m_Socket; boost::asio::deadline_timer m_TerminationTimer; bool m_IsEstablished; - i2p::data::DHKeysPair * m_DHKeysPair; // X - for client and Y - for server + DHKeysPair * m_DHKeysPair; // X - for client and Y - for server i2p::crypto::CBCDecryption m_Decryption; i2p::crypto::CBCEncryption m_Encryption; diff --git a/SSU.h b/SSU.h index f69f8c4e..d14fc4c4 100644 --- a/SSU.h +++ b/SSU.h @@ -17,6 +17,8 @@ namespace i2p { + class DHKeysPair; + namespace ssu { #pragma pack(1) @@ -131,7 +133,7 @@ namespace ssu const i2p::data::RouterInfo * m_RemoteRouter; i2p::data::IdentHash m_RemoteIdent; // if m_RemoteRouter is null boost::asio::deadline_timer m_Timer; - i2p::data::DHKeysPair * m_DHKeysPair; // X - for client and Y - for server + DHKeysPair * m_DHKeysPair; // X - for client and Y - for server bool m_PeerTest; SessionState m_State; bool m_IsSessionKey; diff --git a/Transports.cpp b/Transports.cpp index a49923c1..d5e2aefd 100644 --- a/Transports.cpp +++ b/Transports.cpp @@ -1,5 +1,7 @@ +#include #include #include "Log.h" +#include "CryptoConst.h" #include "RouterContext.h" #include "I2NPProtocol.h" #include "NetDb.h" @@ -9,6 +11,11 @@ using namespace i2p::data; namespace i2p { + DHKeysPairSupplier::DHKeysPairSupplier (int size): + m_QueueSize (size), m_IsRunning (false), m_Thread (nullptr) + { + } + DHKeysPairSupplier::~DHKeysPairSupplier () { Stop (); @@ -48,17 +55,18 @@ namespace i2p { if (num > 0) { + CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg); for (int i = 0; i < num; i++) { - i2p::data::DHKeysPair * pair = new i2p::data::DHKeysPair (); - i2p::data::CreateRandomDHKeysPair (pair); + DHKeysPair * pair = new DHKeysPair (); + dh.GenerateKeyPair(m_Rnd, pair->privateKey, pair->publicKey); std::unique_lock l(m_AcquiredMutex); m_Queue.push (pair); } } } - i2p::data::DHKeysPair * DHKeysPairSupplier::Acquire () + DHKeysPair * DHKeysPairSupplier::Acquire () { if (!m_Queue.empty ()) { @@ -70,13 +78,14 @@ namespace i2p } else // queue is empty, create new { - i2p::data::DHKeysPair * pair = new i2p::data::DHKeysPair (); - i2p::data::CreateRandomDHKeysPair (pair); + DHKeysPair * pair = new DHKeysPair (); + CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg); + dh.GenerateKeyPair(m_Rnd, pair->privateKey, pair->publicKey); return pair; } } - void DHKeysPairSupplier::Return (i2p::data::DHKeysPair * pair) + void DHKeysPairSupplier::Return (DHKeysPair * pair) { std::unique_lock l(m_AcquiredMutex); m_Queue.push (pair); @@ -318,14 +327,13 @@ namespace i2p m_SSUServer->GetSession (router, true); // peer test } } - - - i2p::data::DHKeysPair * Transports::GetNextDHKeysPair () + + DHKeysPair * Transports::GetNextDHKeysPair () { return m_DHKeysPairSupplier.Acquire (); } - void Transports::ReuseDHKeysPair (i2p::data::DHKeysPair * pair) + void Transports::ReuseDHKeysPair (DHKeysPair * pair) { m_DHKeysPairSupplier.Return (pair); } diff --git a/Transports.h b/Transports.h index 88f43b26..f740a8f7 100644 --- a/Transports.h +++ b/Transports.h @@ -8,6 +8,7 @@ #include #include #include +#include #include #include "NTCPSession.h" #include "SSU.h" @@ -17,16 +18,22 @@ namespace i2p { + struct DHKeysPair // transient keys for transport sessions + { + uint8_t publicKey[256]; + uint8_t privateKey[256]; + }; + class DHKeysPairSupplier { public: - DHKeysPairSupplier (int size): m_QueueSize (size), m_IsRunning (false), m_Thread (nullptr) {}; + DHKeysPairSupplier (int size); ~DHKeysPairSupplier (); void Start (); void Stop (); - i2p::data::DHKeysPair * Acquire (); - void Return (i2p::data::DHKeysPair * pair); + DHKeysPair * Acquire (); + void Return (DHKeysPair * pair); private: @@ -36,12 +43,13 @@ namespace i2p private: const int m_QueueSize; - std::queue m_Queue; + std::queue m_Queue; bool m_IsRunning; std::thread * m_Thread; std::condition_variable m_Acquired; std::mutex m_AcquiredMutex; + CryptoPP::AutoSeededRandomPool m_Rnd; }; class Transports @@ -55,8 +63,8 @@ namespace i2p void Stop (); boost::asio::io_service& GetService () { return m_Service; }; - i2p::data::DHKeysPair * GetNextDHKeysPair (); - void ReuseDHKeysPair (i2p::data::DHKeysPair * pair); + DHKeysPair * GetNextDHKeysPair (); + void ReuseDHKeysPair (DHKeysPair * pair); void AddNTCPSession (i2p::ntcp::NTCPSession * session); void RemoveNTCPSession (i2p::ntcp::NTCPSession * session);