PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

use common context for ElGamal encrypt/decrypt

pull/827/head
orignal 8 years ago
parent
4bb607f180
commit
c0c157ecef
7 changed files with 27 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      Crypto.cpp
  2. 4
      Crypto.h
  3. 11
      Garlic.cpp
  4. 4
      Garlic.h
  5. 5
      I2NPProtocol.cpp
  6. 4
      Tunnel.cpp
  7. 4
      TunnelConfig.h

8
Crypto.cpp
Unescape View File

@ -272,9 +272,8 @@ namespace crypto
} }
// ElGamal // ElGamal
void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, bool zeroPadding) void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding)
{ {
BN_CTX * ctx = BN_CTX_new ();
BN_CTX_start (ctx); BN_CTX_start (ctx);
// everything, but a, because a might come from table // everything, but a, because a might come from table
BIGNUM * k = BN_CTX_get (ctx); BIGNUM * k = BN_CTX_get (ctx);
@ -324,13 +323,11 @@ namespace crypto
} }
BN_free (a); BN_free (a);
BN_CTX_end (ctx); BN_CTX_end (ctx);
BN_CTX_free (ctx);
} }
bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted,
uint8_t * data, bool zeroPadding) uint8_t * data, BN_CTX * ctx, bool zeroPadding)
{ {
BN_CTX * ctx = BN_CTX_new ();
BN_CTX_start (ctx); BN_CTX_start (ctx);
BIGNUM * x = BN_CTX_get (ctx), * a = BN_CTX_get (ctx), * b = BN_CTX_get (ctx); BIGNUM * x = BN_CTX_get (ctx), * a = BN_CTX_get (ctx), * b = BN_CTX_get (ctx);
BN_bin2bn (key, 256, x); BN_bin2bn (key, 256, x);
@ -343,7 +340,6 @@ namespace crypto
uint8_t m[255]; uint8_t m[255];
bn2buf (b, m, 255); bn2buf (b, m, 255);
BN_CTX_end (ctx); BN_CTX_end (ctx);
BN_CTX_free (ctx);
uint8_t hash[32]; uint8_t hash[32];
SHA256 (m + 33, 222, hash); SHA256 (m + 33, 222, hash);
if (memcmp (m + 1, hash, 32)) if (memcmp (m + 1, hash, 32))

4
Crypto.h
Unescape View File

@ -48,8 +48,8 @@ namespace crypto
}; };
// ElGamal // ElGamal
void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, bool zeroPadding = false); void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding = false);
bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, bool zeroPadding = false); bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, BN_CTX * ctx, bool zeroPadding = false);
void GenerateElGamalKeyPair (uint8_t * priv, uint8_t * pub); void GenerateElGamalKeyPair (uint8_t * priv, uint8_t * pub);
// HMAC // HMAC

11
Garlic.cpp
Unescape View File

@ -187,7 +187,8 @@ namespace garlic
RAND_bytes (elGamal.preIV, 32); // Pre-IV RAND_bytes (elGamal.preIV, 32); // Pre-IV
uint8_t iv[32]; // IV is first 16 bytes uint8_t iv[32]; // IV is first 16 bytes
SHA256(elGamal.preIV, 32, iv); SHA256(elGamal.preIV, 32, iv);
i2p::crypto::ElGamalEncrypt (m_Destination->GetEncryptionPublicKey (), (uint8_t *)&elGamal, buf, true); i2p::crypto::ElGamalEncrypt (m_Destination->GetEncryptionPublicKey (),
(uint8_t *)&elGamal, buf, m_Owner->GetBNContext (), true);
m_Encryption.SetIV (iv); m_Encryption.SetIV (iv);
buf += 514; buf += 514;
len += 514; len += 514;
@ -389,8 +390,14 @@ namespace garlic
return size; return size;
} }
GarlicDestination::GarlicDestination (): m_NumTags (32) // 32 tags by default
{
m_Ctx = BN_CTX_new ();
}
GarlicDestination::~GarlicDestination () GarlicDestination::~GarlicDestination ()
{ {
BN_CTX_free (m_Ctx);
} }
void GarlicDestination::CleanUp () void GarlicDestination::CleanUp ()
@ -446,7 +453,7 @@ namespace garlic
{ {
// tag not found. Use ElGamal // tag not found. Use ElGamal
ElGamalBlock elGamal; ElGamalBlock elGamal;
if (length >= 514 && i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, true)) if (length >= 514 && i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, m_Ctx, true))
{ {
auto decryption = std::make_shared<i2p::crypto::CBCDecryption>(); auto decryption = std::make_shared<i2p::crypto::CBCDecryption>();
decryption->SetKey (elGamal.sessionKey); decryption->SetKey (elGamal.sessionKey);

4
Garlic.h
Unescape View File

@ -153,11 +153,12 @@ namespace garlic
{ {
public: public:
GarlicDestination (): m_NumTags (32) {}; // 32 tags by default GarlicDestination ();
~GarlicDestination (); ~GarlicDestination ();
void CleanUp (); void CleanUp ();
void SetNumTags (int numTags) { m_NumTags = numTags; }; void SetNumTags (int numTags) { m_NumTags = numTags; };
BN_CTX * GetBNContext () const { return m_Ctx; };
std::shared_ptr<GarlicRoutingSession> GetRoutingSession (std::shared_ptr<const i2p::data::RoutingDestination> destination, bool attachLeaseSet); std::shared_ptr<GarlicRoutingSession> GetRoutingSession (std::shared_ptr<const i2p::data::RoutingDestination> destination, bool attachLeaseSet);
void CleanupExpiredTags (); void CleanupExpiredTags ();
void RemoveDeliveryStatusSession (uint32_t msgID); void RemoveDeliveryStatusSession (uint32_t msgID);
@ -189,6 +190,7 @@ namespace garlic
private: private:
BN_CTX * m_Ctx;
// outgoing sessions // outgoing sessions
int m_NumTags; int m_NumTags;
std::mutex m_SessionsMutex; std::mutex m_SessionsMutex;

5
I2NPProtocol.cpp
Unescape View File

@ -326,8 +326,9 @@ namespace i2p
if (!memcmp (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)i2p::context.GetRouterInfo ().GetIdentHash (), 16)) if (!memcmp (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)i2p::context.GetRouterInfo ().GetIdentHash (), 16))
{ {
LogPrint (eLogDebug, "I2NP: Build request record ", i, " is ours"); LogPrint (eLogDebug, "I2NP: Build request record ", i, " is ours");
BN_CTX * ctx = BN_CTX_new ();
i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, clearText); i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, clearText, ctx);
BN_CTX_free (ctx);
// replace record to reply // replace record to reply
if (i2p::context.AcceptsTunnels () && if (i2p::context.AcceptsTunnels () &&
i2p::tunnel::tunnels.GetTransitTunnels ().size () <= g_MaxNumTransitTunnels && i2p::tunnel::tunnels.GetTransitTunnels ().size () <= g_MaxNumTransitTunnels &&

4
Tunnel.cpp
Unescape View File

@ -51,6 +51,7 @@ namespace tunnel
uint8_t * records = msg->GetPayload () + 1; uint8_t * records = msg->GetPayload () + 1;
TunnelHopConfig * hop = m_Config->GetFirstHop (); TunnelHopConfig * hop = m_Config->GetFirstHop ();
int i = 0; int i = 0;
BN_CTX * ctx = BN_CTX_new ();
while (hop) while (hop)
{ {
uint32_t msgID; uint32_t msgID;
@ -59,7 +60,7 @@ namespace tunnel
else else
msgID = replyMsgID; msgID = replyMsgID;
int idx = recordIndicies[i]; int idx = recordIndicies[i];
hop->CreateBuildRequestRecord (records + idx*TUNNEL_BUILD_RECORD_SIZE, msgID); hop->CreateBuildRequestRecord (records + idx*TUNNEL_BUILD_RECORD_SIZE, msgID, ctx);
hop->recordIndex = idx; hop->recordIndex = idx;
i++; i++;
#ifdef WITH_EVENTS #ifdef WITH_EVENTS
@ -67,6 +68,7 @@ namespace tunnel
#endif #endif
hop = hop->next; hop = hop->next;
} }
BN_CTX_free (ctx);
#ifdef WITH_EVENTS #ifdef WITH_EVENTS
EmitTunnelEvent("tunnel.build", this, peers); EmitTunnelEvent("tunnel.build", this, peers);
#endif #endif

4
TunnelConfig.h
Unescape View File

@ -83,7 +83,7 @@ namespace tunnel
} }
} }
void CreateBuildRequestRecord (uint8_t * record, uint32_t replyMsgID) const void CreateBuildRequestRecord (uint8_t * record, uint32_t replyMsgID, BN_CTX * ctx) const
{ {
uint8_t clearText[BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE]; uint8_t clearText[BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE];
htobe32buf (clearText + BUILD_REQUEST_RECORD_RECEIVE_TUNNEL_OFFSET, tunnelID); htobe32buf (clearText + BUILD_REQUEST_RECORD_RECEIVE_TUNNEL_OFFSET, tunnelID);
@ -101,7 +101,7 @@ namespace tunnel
htobe32buf (clearText + BUILD_REQUEST_RECORD_REQUEST_TIME_OFFSET, i2p::util::GetHoursSinceEpoch ()); htobe32buf (clearText + BUILD_REQUEST_RECORD_REQUEST_TIME_OFFSET, i2p::util::GetHoursSinceEpoch ());
htobe32buf (clearText + BUILD_REQUEST_RECORD_SEND_MSG_ID_OFFSET, replyMsgID); htobe32buf (clearText + BUILD_REQUEST_RECORD_SEND_MSG_ID_OFFSET, replyMsgID);
RAND_bytes (clearText + BUILD_REQUEST_RECORD_PADDING_OFFSET, BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE - BUILD_REQUEST_RECORD_PADDING_OFFSET); RAND_bytes (clearText + BUILD_REQUEST_RECORD_PADDING_OFFSET, BUILD_REQUEST_RECORD_CLEAR_TEXT_SIZE - BUILD_REQUEST_RECORD_PADDING_OFFSET);
i2p::crypto::ElGamalEncrypt (ident->GetEncryptionPublicKey (), clearText, record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET); i2p::crypto::ElGamalEncrypt (ident->GetEncryptionPublicKey (), clearText, record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, ctx);
memcpy (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)ident->GetIdentHash (), 16); memcpy (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)ident->GetIdentHash (), 16);
} }
}; };

Write Preview
Loading…
Cancel
Save