PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

check and send netid for NTCP2 and SSU

pull/1405/head
orignal 5 years ago
parent
ad9c11cd92
commit
c8cbf425ac
2 changed files with 13 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      libi2pd/NTCP2.cpp
  2. 10
      libi2pd/SSUSession.cpp

6
libi2pd/NTCP2.cpp
Unescape View File

@ -161,6 +161,7 @@ namespace transport
// fill options // fill options
uint8_t options[32]; // actual options size is 16 bytes uint8_t options[32]; // actual options size is 16 bytes
memset (options, 0, 16); memset (options, 0, 16);
options[0] = i2p::context.GetNetID (); // network ID
options[1] = 2; // ver options[1] = 2; // ver
htobe16buf (options + 2, paddingLength); // padLen htobe16buf (options + 2, paddingLength); // padLen
// m3p2Len // m3p2Len
@ -248,6 +249,11 @@ namespace transport
if (i2p::crypto::AEADChaCha20Poly1305 (m_SessionRequestBuffer + 32, 16, m_H, 32, m_K, nonce, options, 16, false)) // decrypt if (i2p::crypto::AEADChaCha20Poly1305 (m_SessionRequestBuffer + 32, 16, m_H, 32, m_K, nonce, options, 16, false)) // decrypt
{ {
// options // options
if (options[0] && options[0] != i2p::context.GetNetID ())
{
LogPrint (eLogWarning, "NTCP2: SessionRequest networkID ", (int)options[0], " mismatch. Expected ", i2p::context.GetNetID ());
return false;
}
if (options[1] == 2) // ver is always 2 if (options[1] == 2) // ver is always 2
{ {
paddingLen = bufbe16toh (options + 2); paddingLen = bufbe16toh (options + 2);

10
libi2pd/SSUSession.cpp
Unescape View File

@ -1,4 +1,5 @@
#include <boost/bind.hpp> #include <boost/bind.hpp>
#include "version.h"
#include "Crypto.h" #include "Crypto.h"
#include "Log.h" #include "Log.h"
#include "Timestamp.h" #include "Timestamp.h"
@ -729,7 +730,8 @@ namespace transport
encryption.Encrypt (encrypted, encryptedLen, encrypted); encryption.Encrypt (encrypted, encryptedLen, encrypted);
// assume actual buffer size is 18 (16 + 2) bytes more // assume actual buffer size is 18 (16 + 2) bytes more
memcpy (buf + len, iv, 16); memcpy (buf + len, iv, 16);
htobe16buf (buf + len + 16, encryptedLen); uint16_t netid = i2p::context.GetNetID ();
htobe16buf (buf + len + 16, (netid == I2PD_NET_ID) ? encryptedLen : encryptedLen ^ ((netid - 2) << 8));
i2p::crypto::HMACMD5Digest (encrypted, encryptedLen + 18, macKey, header->mac); i2p::crypto::HMACMD5Digest (encrypted, encryptedLen + 18, macKey, header->mac);
} }
@ -750,7 +752,8 @@ namespace transport
m_SessionKeyEncryption.Encrypt (encrypted, encryptedLen, encrypted); m_SessionKeyEncryption.Encrypt (encrypted, encryptedLen, encrypted);
// assume actual buffer size is 18 (16 + 2) bytes more // assume actual buffer size is 18 (16 + 2) bytes more
memcpy (buf + len, header->iv, 16); memcpy (buf + len, header->iv, 16);
htobe16buf (buf + len + 16, encryptedLen); uint16_t netid = i2p::context.GetNetID ();
htobe16buf (buf + len + 16, (netid == I2PD_NET_ID) ? encryptedLen : encryptedLen ^ ((netid - 2) << 8));
i2p::crypto::HMACMD5Digest (encrypted, encryptedLen + 18, m_MacKey, header->mac); i2p::crypto::HMACMD5Digest (encrypted, encryptedLen + 18, m_MacKey, header->mac);
} }
@ -799,7 +802,8 @@ namespace transport
uint16_t encryptedLen = len - (encrypted - buf); uint16_t encryptedLen = len - (encrypted - buf);
// assume actual buffer size is 18 (16 + 2) bytes more // assume actual buffer size is 18 (16 + 2) bytes more
memcpy (buf + len, header->iv, 16); memcpy (buf + len, header->iv, 16);
htobe16buf (buf + len + 16, encryptedLen); uint16_t netid = i2p::context.GetNetID ();
htobe16buf (buf + len + 16, (netid == I2PD_NET_ID) ? encryptedLen : encryptedLen ^ ((netid - 2) << 8));
uint8_t digest[16]; uint8_t digest[16];
i2p::crypto::HMACMD5Digest (encrypted, encryptedLen + 18, macKey, digest); i2p::crypto::HMACMD5Digest (encrypted, encryptedLen + 18, macKey, digest);
return !memcmp (header->mac, digest, 16); return !memcmp (header->mac, digest, 16);

Write Preview
Loading…
Cancel
Save