PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

replace tunnel encryption to AES-NI

pull/72/head
orignal 11 years ago
parent
2cdd3c3c26
commit
cc302847a8
3 changed files with 29 additions and 36 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 43
      Tunnel.cpp
  2. 11
      Tunnel.h
  3. 5
      TunnelConfig.h

43
Tunnel.cpp
Unescape View File

@ -57,10 +57,8 @@ namespace tunnel
while (hop) while (hop)
{ {
for (size_t i = ind; i < numRecords; i++) for (size_t i = ind; i < numRecords; i++)
{ hop->decryption.Decrypt((uint8_t *)&records[i],
m_CBCDecryption.SetKeyWithIV (hop->replyKey, 32, hop->replyIV); sizeof (I2NPBuildRequestRecordElGamalEncrypted), (uint8_t *)&records[i]);
m_CBCDecryption.ProcessData((uint8_t *)&records[i], (uint8_t *)&records[i], sizeof (I2NPBuildRequestRecordElGamalEncrypted));
}
hop = hop->prev; hop = hop->prev;
ind--; ind--;
} }
@ -83,8 +81,7 @@ namespace tunnel
for (int i = 0; i < num; i++) for (int i = 0; i < num; i++)
{ {
uint8_t * record = msg + 1 + i*sizeof (I2NPBuildResponseRecord); uint8_t * record = msg + 1 + i*sizeof (I2NPBuildResponseRecord);
m_CBCDecryption.SetKeyWithIV(hop->replyKey, 32, hop->replyIV); hop->decryption.Decrypt(record, sizeof (I2NPBuildResponseRecord), record);
m_CBCDecryption.ProcessData(record, record, sizeof (I2NPBuildResponseRecord));
} }
hop = hop->prev; hop = hop->prev;
num--; num--;
@ -99,20 +96,18 @@ namespace tunnel
// if any of participants declined the tunnel is not established // if any of participants declined the tunnel is not established
m_IsEstablished = false; m_IsEstablished = false;
} }
return m_IsEstablished; if (m_IsEstablished)
}
void Tunnel::LayerDecrypt (const uint8_t * in, size_t len, const uint8_t * layerKey,
const uint8_t * iv, uint8_t * out)
{ {
m_CBCDecryption.SetKeyWithIV (layerKey, 32, iv); // change reply keys to layer keys
m_CBCDecryption.ProcessData(out, in, len); TunnelHopConfig * hop = m_Config->GetFirstHop ();
} while (hop)
void Tunnel::IVDecrypt (const uint8_t * in, const uint8_t * ivKey, uint8_t * out)
{ {
m_ECBDecryption.SetKey (ivKey, 32); hop->decryption.SetKey (hop->layerKey);
m_ECBDecryption.ProcessData(out, in, 16); hop->ivDecryption.SetKey (hop->ivKey);
hop = hop->next;
}
}
return m_IsEstablished;
} }
void Tunnel::EncryptTunnelMsg (I2NPMessage * tunnelMsg) void Tunnel::EncryptTunnelMsg (I2NPMessage * tunnelMsg)
@ -121,10 +116,14 @@ namespace tunnel
TunnelHopConfig * hop = m_Config->GetLastHop (); TunnelHopConfig * hop = m_Config->GetLastHop ();
while (hop) while (hop)
{ {
// iv + data // iv
IVDecrypt (payload, hop->ivKey, payload); hop->ivDecryption.Decrypt ((i2p::crypto::ChipherBlock *)payload, (i2p::crypto::ChipherBlock *)payload);
LayerDecrypt (payload + 16, TUNNEL_DATA_ENCRYPTED_SIZE, hop->layerKey, payload, payload+16); // data
IVDecrypt (payload, hop->ivKey, payload); hop->decryption.SetIV (payload);
hop->decryption.Decrypt (payload + 16, TUNNEL_DATA_ENCRYPTED_SIZE, payload+16);
// double iv ecncryption
hop->ivDecryption.Decrypt ((i2p::crypto::ChipherBlock *)payload, (i2p::crypto::ChipherBlock *)payload);
hop = hop->prev; hop = hop->prev;
} }
} }

11
Tunnel.h
Unescape View File

@ -8,8 +8,6 @@
#include <string> #include <string>
#include <thread> #include <thread>
#include <mutex> #include <mutex>
#include <cryptopp/modes.h>
#include <cryptopp/aes.h>
#include "Queue.h" #include "Queue.h"
#include "TunnelConfig.h" #include "TunnelConfig.h"
#include "TunnelPool.h" #include "TunnelPool.h"
@ -51,20 +49,11 @@ namespace tunnel
uint32_t GetNextTunnelID () const { return m_Config->GetFirstHop ()->tunnelID; }; uint32_t GetNextTunnelID () const { return m_Config->GetFirstHop ()->tunnelID; };
const i2p::data::IdentHash& GetNextIdentHash () const { return m_Config->GetFirstHop ()->router->GetIdentHash (); }; const i2p::data::IdentHash& GetNextIdentHash () const { return m_Config->GetFirstHop ()->router->GetIdentHash (); };
private:
void LayerDecrypt (const uint8_t * in, size_t len, const uint8_t * layerKey,
const uint8_t * iv, uint8_t * out);
void IVDecrypt (const uint8_t * in, const uint8_t * ivKey, uint8_t * out);
private: private:
TunnelConfig * m_Config; TunnelConfig * m_Config;
TunnelPool * m_Pool; // pool, tunnel belongs to, or null TunnelPool * m_Pool; // pool, tunnel belongs to, or null
bool m_IsEstablished, m_IsFailed; bool m_IsEstablished, m_IsFailed;
CryptoPP::ECB_Mode<CryptoPP::AES>::Decryption m_ECBDecryption;
CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_CBCDecryption;
}; };
class OutboundTunnel: public Tunnel class OutboundTunnel: public Tunnel

5
TunnelConfig.h
Unescape View File

@ -4,6 +4,7 @@
#include <inttypes.h> #include <inttypes.h>
#include <sstream> #include <sstream>
#include <vector> #include <vector>
#include "aes.h"
#include "RouterInfo.h" #include "RouterInfo.h"
#include "RouterContext.h" #include "RouterContext.h"
@ -22,6 +23,8 @@ namespace tunnel
bool isGateway, isEndpoint; bool isGateway, isEndpoint;
TunnelHopConfig * next, * prev; TunnelHopConfig * next, * prev;
i2p::crypto::CBCDecryption decryption;
i2p::crypto::ECBDecryption ivDecryption;
TunnelHopConfig (const i2p::data::RouterInfo * r) TunnelHopConfig (const i2p::data::RouterInfo * r)
{ {
@ -38,6 +41,8 @@ namespace tunnel
next = 0; next = 0;
prev = 0; prev = 0;
decryption.SetKey (replyKey);
decryption.SetIV (replyIV);
} }
void SetNextRouter (const i2p::data::RouterInfo * r) void SetNextRouter (const i2p::data::RouterInfo * r)

Write Preview
Loading…
Cancel
Save