Archives/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2024-11-16 00:12:43 +00:00
Code Issues Projects Releases Wiki Activity

use key of remote router as ident key for SessionCreated

Browse Source
This commit is contained in:
orignal 2014-02-01 18:46:28 -05:00
parent 8963c0b309
commit 499a7a9e32
2 changed files with 22 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
SSU.cpp
View File

@ -59,7 +59,9 @@ namespace ssu
void SSUSession::ProcessSessionRequest (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint) void SSUSession::ProcessSessionRequest (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint)
{ {
LogPrint ("Process session request"); LogPrint ("Process session request");
if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_REQUEST, buf, len)) // use our intro key
if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_REQUEST,
i2p::context.GetRouterInfo (), buf, len))
{ {
m_State = eSessionStateRequestReceived; m_State = eSessionStateRequestReceived;
LogPrint ("Session request received"); LogPrint ("Session request received");
@ -71,11 +73,20 @@ namespace ssu
void SSUSession::ProcessSessionCreated (uint8_t * buf, size_t len) void SSUSession::ProcessSessionCreated (uint8_t * buf, size_t len)
{ {
LogPrint ("Process session created"); LogPrint ("Process session created");
if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_CREATED, buf, len)) if (!m_RemoteRouter)
{
LogPrint ("Unsolicited session created message");
return;
}
// use remote intro key
if (ProcessIntroKeyEncryptedMessage (PAYLOAD_TYPE_SESSION_CREATED, *m_RemoteRouter, buf, len))
{ {
m_State = eSessionStateCreatedReceived; m_State = eSessionStateCreatedReceived;
LogPrint ("Session request received"); LogPrint ("Session created received");
// TODO: boost::asio::ip::address_v4 ourAddress (be32toh (*(uint32_t* )(buf + sizeof (SSUHeader) + 257)));
uint16_t ourPort = be16toh (*(uint16_t *)(buf + sizeof (SSUHeader) + 261));
LogPrint ("Our external address is ", ourAddress.to_string (), ":", ourPort);
} }
} }
@ -92,7 +103,7 @@ namespace ssu
uint8_t * payload = buf + sizeof (SSUHeader); uint8_t * payload = buf + sizeof (SSUHeader);
memcpy (payload, i2p::context.GetRouterIdentity ().publicKey, 256); memcpy (payload, i2p::context.GetRouterIdentity ().publicKey, 256);
payload[256] = 4; // we assume ipv4 payload[256] = 4; // we assume ipv4
*(uint32_t *)(payload + 257) = address->host.to_v4 ().to_ulong (); // network bytes order already *(uint32_t *)(payload + 257) = htobe32 (address->host.to_v4 ().to_ulong ());
uint8_t iv[16]; uint8_t iv[16];
CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator (); CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator ();
@ -121,7 +132,7 @@ namespace ssu
payload += 256; payload += 256;
*payload = 4; // we assume ipv4 *payload = 4; // we assume ipv4
payload++; payload++;
*(uint32_t *)(payload) = m_RemoteEndpoint.address ().to_v4 ().to_ulong (); // network bytes order already *(uint32_t *)(payload) = htobe32 (m_RemoteEndpoint.address ().to_v4 ().to_ulong ());
payload += 4; payload += 4;
*(uint16_t *)(payload) = htobe16 (m_RemoteEndpoint.port ()); *(uint16_t *)(payload) = htobe16 (m_RemoteEndpoint.port ());
payload += 2; payload += 2;
@ -149,9 +160,9 @@ namespace ssu
m_Server->Send (buf, 368, m_RemoteEndpoint); m_Server->Send (buf, 368, m_RemoteEndpoint);
} }
bool SSUSession::ProcessIntroKeyEncryptedMessage (uint8_t expectedPayloadType, uint8_t * buf, size_t len) bool SSUSession::ProcessIntroKeyEncryptedMessage (uint8_t expectedPayloadType, i2p::data::RouterInfo& r, uint8_t * buf, size_t len)
{ {
auto address = i2p::context.GetRouterInfo ().GetSSUAddress (); auto address = r.GetSSUAddress ();
if (address) if (address)
{ {
// use intro key for verification and decryption // use intro key for verification and decryption
@ -171,7 +182,7 @@ namespace ssu
LogPrint ("MAC verifcation failed"); LogPrint ("MAC verifcation failed");
} }
else else
LogPrint ("SSU is not supported"); LogPrint ("SSU is not supported by ", r.GetIdentHashAbbreviation ());
return false; return false;
} }
@ -207,6 +218,7 @@ namespace ssu
uint8_t * encrypted = &header->flag; uint8_t * encrypted = &header->flag;
uint16_t encryptedLen = len - (encrypted - buf); uint16_t encryptedLen = len - (encrypted - buf);
m_Decryption.SetKeyWithIV (aesKey, 32, header->iv); m_Decryption.SetKeyWithIV (aesKey, 32, header->iv);
encryptedLen = (encryptedLen/16)*16; // make sure 16 bytes boundary
m_Decryption.ProcessData (encrypted, encrypted, encryptedLen); m_Decryption.ProcessData (encrypted, encrypted, encryptedLen);
} }

2
SSU.h
View File

@ -70,7 +70,7 @@ namespace ssu
void ProcessSessionCreated (uint8_t * buf, size_t len); void ProcessSessionCreated (uint8_t * buf, size_t len);
void SendSessionCreated (const uint8_t * x); void SendSessionCreated (const uint8_t * x);
bool ProcessIntroKeyEncryptedMessage (uint8_t expectedPayloadType, uint8_t * buf, size_t len); bool ProcessIntroKeyEncryptedMessage (uint8_t expectedPayloadType, i2p::data::RouterInfo& r, uint8_t * buf, size_t len);
void FillHeaderAndEncrypt (uint8_t payloadType, uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey); void FillHeaderAndEncrypt (uint8_t payloadType, uint8_t * buf, size_t len, uint8_t * aesKey, uint8_t * iv, uint8_t * macKey);
void Decrypt (uint8_t * buf, size_t len, uint8_t * aesKey); void Decrypt (uint8_t * buf, size_t len, uint8_t * aesKey);
bool Validate (uint8_t * buf, size_t len, uint8_t * macKey); bool Validate (uint8_t * buf, size_t len, uint8_t * macKey);