diff --git a/libi2pd/Identity.cpp b/libi2pd/Identity.cpp index cdcd2bf9..a6b83fca 100644 --- a/libi2pd/Identity.cpp +++ b/libi2pd/Identity.cpp @@ -1,8 +1,7 @@ -#include -#include #include "Crypto.h" #include "I2PEndian.h" #include "Log.h" +#include "Timestamp.h" #include "Identity.h" namespace i2p @@ -774,15 +773,7 @@ namespace data { uint8_t buf[41]; // ident + yyyymmdd memcpy (buf, (const uint8_t *)ident, 32); - time_t t = time (nullptr); - struct tm tm; -#ifdef _WIN32 - gmtime_s(&tm, &t); - sprintf_s((char *)(buf + 32), 9, "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday); -#else - gmtime_r(&t, &tm); - sprintf((char *)(buf + 32), "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday); -#endif + i2p::util::GetCurrentDate ((char *)(buf + 32)); IdentHash key; SHA256(buf, 40, key); return key; diff --git a/libi2pd/LeaseSet.cpp b/libi2pd/LeaseSet.cpp index 0cf69102..51b885f7 100644 --- a/libi2pd/LeaseSet.cpp +++ b/libi2pd/LeaseSet.cpp @@ -466,6 +466,19 @@ namespace data if (verified && identity && lenOuterCiphertext >= 32) { SetIsValid (false); // we must verify it again in Layer 2 + if (blindedKeyType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519) + { + // verify blinding + char date[9]; + i2p::util::GetCurrentDate (date); + uint8_t blinded[32]; + BlindPublicKey (identity, date, blindedKeyType, blinded); + if (memcmp (blindedPublicKey, blinded, 32)) + { + LogPrint (eLogError, "LeaseSet2: blinded public key doesn't match"); + return; + } + } // credentials uint8_t credential[32], subcredential[36]; // A = destination's signing public key @@ -543,8 +556,16 @@ namespace data i2p::crypto::GetEd25519 ()->BlindPublicKey (identity->GetSigningPublicKeyBuffer (), seed, blindedKey); } - void LeaseSet2::CalculateStoreHash (std::shared_ptr identity, const char * date, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash) + void LeaseSet2::CalculateStoreHash (std::shared_ptr identity, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash) { + if (blindedKeyType != i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 && + blindedKeyType != SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519) + { + LogPrint (eLogError, "LeaseSet2: blinded key type ", (int)blindedKeyType, " is not supported"); + return; + } + char date[9]; + i2p::util::GetCurrentDate (date); uint8_t blinded[32]; BlindPublicKey (identity, date, blindedKeyType, blinded); auto stA1 = htobe16 (blindedKeyType); diff --git a/libi2pd/LeaseSet.h b/libi2pd/LeaseSet.h index 4d1ee121..cee5d9d0 100644 --- a/libi2pd/LeaseSet.h +++ b/libi2pd/LeaseSet.h @@ -139,7 +139,7 @@ namespace data std::shared_ptr GetTransientVerifier () const { return m_TransientVerifier; }; void Update (const uint8_t * buf, size_t len, bool verifySignature); - static void CalculateStoreHash (std::shared_ptr identity, const char * date, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash); + static void CalculateStoreHash (std::shared_ptr identity, SigningKeyType blindedKeyType, i2p::data::IdentHash& hash); // implements RoutingDestination void Encrypt (const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx) const; diff --git a/libi2pd/Timestamp.cpp b/libi2pd/Timestamp.cpp index 492e4559..51b6dd4e 100644 --- a/libi2pd/Timestamp.cpp +++ b/libi2pd/Timestamp.cpp @@ -1,3 +1,5 @@ +#include +#include #include #include #include @@ -37,7 +39,6 @@ namespace util std::chrono::system_clock::now().time_since_epoch()).count (); } - static int64_t g_TimeOffset = 0; // in seconds static void SyncTimeWithNTP (const std::string& address) @@ -178,6 +179,19 @@ namespace util { return GetLocalSecondsSinceEpoch () + g_TimeOffset; } + + void GetCurrentDate (char * date) + { + time_t t = time (nullptr); + struct tm tm; +#ifdef _WIN32 + gmtime_s(&tm, &t); + sprintf_s(date, 9, "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday); +#else + gmtime_r(&t, &tm); + sprintf(date, "%04i%02i%02i", tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday); +#endif + } } } diff --git a/libi2pd/Timestamp.h b/libi2pd/Timestamp.h index e859f7f6..4bbcf2de 100644 --- a/libi2pd/Timestamp.h +++ b/libi2pd/Timestamp.h @@ -15,6 +15,8 @@ namespace util uint32_t GetHoursSinceEpoch (); uint64_t GetSecondsSinceEpoch (); + void GetCurrentDate (char * date); // returns date as YYYYMMDD string, 9 bytes + class NTPTimeSync { public: