I2P: End-to-End encrypted and anonymous Internet https://i2pd.website/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

228 lines
5.9 KiB

#include <time.h>
#include <stdio.h>
#include <cryptopp/sha.h>
#include <cryptopp/osrng.h>
#include <cryptopp/dh.h>
#include <cryptopp/dsa.h>
#include "CryptoConst.h"
#include "Identity.h"
#include "base64.h"
namespace i2p
{
namespace data
{
Identity& Identity::operator=(const Keys& keys)
{
// copy public and signing keys together
memcpy (publicKey, keys.publicKey, sizeof (publicKey) + sizeof (signingKey));
memset (&certificate, 0, sizeof (certificate));
return *this;
}
bool Identity::FromBase64 (const std::string& s)
{
size_t count = Base64ToByteStream (s.c_str(), s.length(), publicKey, DEFAULT_IDENTITY_SIZE);
return count == DEFAULT_IDENTITY_SIZE;
}
size_t Identity::FromBuffer (const uint8_t * buf, size_t len)
{
memcpy (publicKey, buf, DEFAULT_IDENTITY_SIZE);
// TODO: process certificate
return DEFAULT_IDENTITY_SIZE;
}
IdentityEx::IdentityEx ():
m_Verifier (nullptr), m_ExtendedLen (0), m_ExtendedBuffer (nullptr)
{
}
IdentityEx::IdentityEx (const uint8_t * buf, size_t len):
m_Verifier (nullptr), m_ExtendedLen (0), m_ExtendedBuffer (nullptr)
{
FromBuffer (buf, len);
}
IdentityEx::IdentityEx (const IdentityEx& other):
m_Verifier (nullptr), m_ExtendedBuffer (nullptr)
{
*this = other;
}
IdentityEx::~IdentityEx ()
{
delete m_Verifier;
delete[] m_ExtendedBuffer;
}
IdentityEx& IdentityEx::operator=(const IdentityEx& other)
{
memcpy (&m_StandardIdentity, &other.m_StandardIdentity, DEFAULT_IDENTITY_SIZE);
m_IdentHash = other.m_IdentHash;
delete m_Verifier;
m_Verifier = nullptr;
delete[] m_ExtendedBuffer;
m_ExtendedLen = other.m_ExtendedLen;
if (m_ExtendedLen > 0)
{
m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
memcpy (m_ExtendedBuffer, other.m_ExtendedBuffer, m_ExtendedLen);
}
else
m_ExtendedBuffer = nullptr;
return *this;
}
size_t IdentityEx::FromBuffer (const uint8_t * buf, size_t len)
{
delete m_Verifier;
m_Verifier = nullptr;
delete[] m_ExtendedBuffer;
memcpy (&m_StandardIdentity, buf, DEFAULT_IDENTITY_SIZE);
if (m_StandardIdentity.certificate.length)
{
m_ExtendedLen = be16toh (m_StandardIdentity.certificate.length);
m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
}
else
{
m_ExtendedLen = 0;
m_ExtendedBuffer = nullptr;
}
CryptoPP::SHA256().CalculateDigest(m_IdentHash, buf, GetFullLen ());
return GetFullLen ();
}
size_t IdentityEx::GetSigningPublicKeyLen ()
{
if (!m_Verifier)
CreateVerifier ();
if (m_Verifier)
return m_Verifier->GetPublicKeyLen ();
return 128;
}
bool IdentityEx::Verify (const uint8_t * buf, size_t len, const uint8_t * signature)
{
if (!m_Verifier)
CreateVerifier ();
if (m_Verifier)
return m_Verifier->Verify (buf, len, signature);
return false;
}
void IdentityEx::CreateVerifier ()
{
switch (m_StandardIdentity.certificate.type)
{
case CERTIFICATE_TYPE_NULL:
m_Verifier = new i2p::crypto::DSAVerifier (m_StandardIdentity.signingKey);
break;
case CERTIFICATE_TYPE_KEY:
{
if (m_ExtendedBuffer)
{
uint16_t keyType = be16toh (*(uint16_t *)m_ExtendedBuffer); // sigining key
switch (keyType)
{
case PUBLIC_KEY_TYPE_DSA_SHA1:
m_Verifier = new i2p::crypto::DSAVerifier (m_StandardIdentity.signingKey);
break;
case PUBLIC_KEY_TYPE_ECDSA_SHA256_P256:
m_Verifier = new i2p::crypto::ECDSAP256Verifier (m_StandardIdentity.signingKey + 64);
break;
default:
LogPrint ("Signing key type ", keyType, " is not supported");
}
}
else
LogPrint ("Missing certificate payload");
break;
}
default:
LogPrint ("Certificate type ", m_StandardIdentity.certificate.type, " is not supported");
}
}
IdentHash Identity::Hash() const
{
IdentHash hash;
CryptoPP::SHA256().CalculateDigest(hash, publicKey, DEFAULT_IDENTITY_SIZE);
return hash;
}
PrivateKeys& PrivateKeys::operator=(const Keys& keys)
{
pub = keys;
memcpy (privateKey, keys.privateKey, 276); // 256 + 20
return *this;
}
Keys CreateRandomKeys ()
{
Keys keys;
CryptoPP::AutoSeededRandomPool rnd;
// encryption
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
dh.GenerateKeyPair(rnd, keys.privateKey, keys.publicKey);
// signing
CryptoPP::DSA::PrivateKey privateKey;
CryptoPP::DSA::PublicKey publicKey;
privateKey.Initialize (rnd, i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag);
privateKey.MakePublicKey (publicKey);
privateKey.GetPrivateExponent ().Encode (keys.signingPrivateKey, 20);
publicKey.GetPublicElement ().Encode (keys.signingKey, 128);
return keys;
}
void CreateRandomDHKeysPair (DHKeysPair * keys)
{
if (!keys) return;
CryptoPP::AutoSeededRandomPool rnd;
CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
dh.GenerateKeyPair(rnd, keys->privateKey, keys->publicKey);
}
RoutingKey CreateRoutingKey (const IdentHash& ident)
{
uint8_t buf[41]; // ident + yyyymmdd
memcpy (buf, (const uint8_t *)ident, 32);
time_t t = time (nullptr);
struct tm tm;
// WARNING!!! check if it is correct
#ifdef _WIN32
gmtime_s(&tm, &t);
// <EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>-<EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> sprintf'<EFBFBD><EFBFBD>. <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?
// http://msdn.microsoft.com/en-us/library/ce3zzk1k.aspx
sprintf_s((char *)(buf + 32), 9, "%4i%2i%2i", tm.tm_year, tm.tm_mon, tm.tm_mday);
#else
gmtime_r(&t, &tm);
// <EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>-<EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> sprintf'<EFBFBD><EFBFBD>. <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?
sprintf((char *)(buf + 32), "%4i%2i%2i", tm.tm_year, tm.tm_mon, tm.tm_mday);
#endif
RoutingKey key;
CryptoPP::SHA256().CalculateDigest(key.hash, buf, 40);
return key;
}
XORMetric operator^(const RoutingKey& key1, const RoutingKey& key2)
{
XORMetric m;
m.metric_ll[0] = key1.hash_ll[0] ^ key2.hash_ll[0];
m.metric_ll[1] = key1.hash_ll[1] ^ key2.hash_ll[1];
m.metric_ll[2] = key1.hash_ll[2] ^ key2.hash_ll[2];
m.metric_ll[3] = key1.hash_ll[3] ^ key2.hash_ll[3];
return m;
}
}
}