Browse Source

handle EcDSA signatures

pull/113/head
orignal 10 years ago
parent
commit
e0635548e9
  1. 26
      NTCPSession.cpp
  2. 10
      NTCPSession.h

26
NTCPSession.cpp

@ -307,7 +307,11 @@ namespace transport
else else
{ {
LogPrint ("Phase 3 sent: ", bytes_transferred); LogPrint ("Phase 3 sent: ", bytes_transferred);
boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (), // wait for phase4
m_Establisher->phase4Len = m_RemoteIdentity.GetSignatureLen ();
size_t paddingSize = m_Establisher->phase4Len & 0x0F; // %16
if (paddingSize > 0) m_Establisher->phase4Len += (16 - paddingSize);
boost::asio::async_read (m_Socket, boost::asio::buffer(m_Establisher->phase4, m_Establisher->phase4Len), boost::asio::transfer_all (),
boost::bind(&NTCPSession::HandlePhase4Received, this, boost::bind(&NTCPSession::HandlePhase4Received, this,
boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsA)); boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsA));
} }
@ -352,10 +356,20 @@ namespace transport
s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
s.Insert (m_Establisher->phase3.timestamp); // tsA s.Insert (m_Establisher->phase3.timestamp); // tsA
s.Insert (tsB); // tsB s.Insert (tsB); // tsB
s.Sign (i2p::context.GetPrivateKeys (), m_Establisher->phase4.signature); auto keys = i2p::context.GetPrivateKeys ();
m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4); m_Establisher->phase4Len = keys.GetPublic ().GetSignatureLen ();
if (m_Establisher->phase4Len > 64)
{
LogPrint (eLogError, "Signature length ", m_Establisher->phase4Len, " exceeds 64");
Terminate ();
}
s.Sign (keys, m_Establisher->phase4);
size_t paddingSize = m_Establisher->phase4Len & 0x0F; // %16
if (paddingSize > 0) m_Establisher->phase4Len += (16 - paddingSize);
m_Encryption.Encrypt (m_Establisher->phase4, m_Establisher->phase4Len, m_Establisher->phase4);
boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (), boost::asio::async_write (m_Socket, boost::asio::buffer (m_Establisher->phase4, m_Establisher->phase4Len), boost::asio::transfer_all (),
boost::bind(&NTCPSession::HandlePhase4Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); boost::bind(&NTCPSession::HandlePhase4Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
} }
@ -392,7 +406,7 @@ namespace transport
else else
{ {
LogPrint ("Phase 4 received: ", bytes_transferred); LogPrint ("Phase 4 received: ", bytes_transferred);
m_Decryption.Decrypt((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4); m_Decryption.Decrypt(m_Establisher->phase4, m_Establisher->phase4Len, m_Establisher->phase4);
// verify signature // verify signature
SignedData s; SignedData s;
@ -402,7 +416,7 @@ namespace transport
s.Insert (tsA); // tsA s.Insert (tsA); // tsA
s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4.signature)) if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4))
{ {
LogPrint ("signature verification failed"); LogPrint ("signature verification failed");
Terminate (); Terminate ();

10
NTCPSession.h

@ -45,13 +45,6 @@ namespace transport
uint8_t signature[40]; uint8_t signature[40];
}; };
struct NTCPPhase4
{
uint8_t signature[40];
uint8_t padding[8];
};
#pragma pack() #pragma pack()
const size_t NTCP_MAX_MESSAGE_SIZE = 16384; const size_t NTCP_MAX_MESSAGE_SIZE = 16384;
@ -129,7 +122,8 @@ namespace transport
NTCPPhase1 phase1; NTCPPhase1 phase1;
NTCPPhase2 phase2; NTCPPhase2 phase2;
NTCPPhase3 phase3; NTCPPhase3 phase3;
NTCPPhase4 phase4; i2p::crypto::AESAlignedBuffer<64> phase4; // 64 bytes max signature len
size_t phase4Len;
} * m_Establisher; } * m_Establisher;
uint8_t m_ReceiveBuffer[NTCP_BUFFER_SIZE + 16], m_TimeSyncBuffer[16]; uint8_t m_ReceiveBuffer[NTCP_BUFFER_SIZE + 16], m_TimeSyncBuffer[16];

Loading…
Cancel
Save