use new aes implementation for NTCP

10 years ago · 6bf5d98c4d
parent 81b57141d4
commit 6bf5d98c4d
3 changed files with 24 additions and 19 deletions
--- a/NTCPSession.cpp
+++ b/NTCPSession.cpp
@ -183,10 +183,12 @@ namespace ntcp

 		uint8_t aesKey[32];
 		CreateAESKey (m_Phase1.pubKey, aesKey);
-		m_Encryption.SetKeyWithIV (aesKey, 32, y + 240);
-		m_Decryption.SetKeyWithIV (aesKey, 32, m_Phase1.HXxorHI + 16);
+		m_Encryption.SetKey (aesKey);
+		m_Encryption.SetIV (y + 240);
+		m_Decryption.SetKey (aesKey);
+		m_Decryption.SetIV (m_Phase1.HXxorHI + 16);
 		
-		m_Encryption.ProcessData((uint8_t *)&m_Phase2.encrypted, (uint8_t *)&m_Phase2.encrypted, sizeof(m_Phase2.encrypted));
+		m_Encryption.Encrypt ((uint8_t *)&m_Phase2.encrypted, sizeof(m_Phase2.encrypted), (uint8_t *)&m_Phase2.encrypted);
 		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Phase2, sizeof (m_Phase2)), boost::asio::transfer_all (),
        	boost::bind(&NTCPSession::HandlePhase2Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsB));

@ -222,10 +224,12 @@ namespace ntcp
 		
 			uint8_t aesKey[32];
 			CreateAESKey (m_Phase2.pubKey, aesKey);
-			m_Decryption.SetKeyWithIV (aesKey, 32, m_Phase2.pubKey + 240);
-			m_Encryption.SetKeyWithIV (aesKey, 32, m_Phase1.HXxorHI + 16);
+			m_Decryption.SetKey (aesKey);
+			m_Decryption.SetIV (m_Phase2.pubKey + 240);
+			m_Encryption.SetKey (aesKey);
+			m_Encryption.SetIV (m_Phase1.HXxorHI + 16);
 			
-			m_Decryption.ProcessData((uint8_t *)&m_Phase2.encrypted, (uint8_t *)&m_Phase2.encrypted, sizeof(m_Phase2.encrypted));
+			m_Decryption.Decrypt((uint8_t *)&m_Phase2.encrypted, sizeof(m_Phase2.encrypted), (uint8_t *)&m_Phase2.encrypted);
 			// verify
 			uint8_t xy[512], hxy[32];
 			memcpy (xy, m_DHKeysPair->publicKey, 256);
@ -256,7 +260,7 @@ namespace ntcp
 		s.tsB = m_Phase2.encrypted.timestamp;
 		i2p::context.Sign ((uint8_t *)&s, sizeof (s), m_Phase3.signature);

-		m_Encryption.ProcessData((uint8_t *)&m_Phase3, (uint8_t *)&m_Phase3, sizeof(m_Phase3));
+		m_Encryption.Encrypt((uint8_t *)&m_Phase3, sizeof(m_Phase3), (uint8_t *)&m_Phase3);
 		        
 		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Phase3, sizeof (m_Phase3)), boost::asio::transfer_all (),
        	boost::bind(&NTCPSession::HandlePhase3Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsA));				
@ -288,7 +292,7 @@ namespace ntcp
 		else
 		{	
 			LogPrint ("Phase 3 received: ", bytes_transferred);
-			m_Decryption.ProcessData((uint8_t *)&m_Phase3, (uint8_t *)&m_Phase3, sizeof(m_Phase3));
+			m_Decryption.Decrypt ((uint8_t *)&m_Phase3, sizeof(m_Phase3), (uint8_t *)&m_Phase3);
 			m_RemoteRouterInfo.SetRouterIdentity (m_Phase3.ident);

 			SignedData s;
@ -321,7 +325,7 @@ namespace ntcp
 		s.tsA = m_Phase3.timestamp;
 		s.tsB = tsB;
 		i2p::context.Sign ((uint8_t *)&s, sizeof (s), m_Phase4.signature);
-		m_Encryption.ProcessData((uint8_t *)&m_Phase4, (uint8_t *)&m_Phase4, sizeof(m_Phase4));
+		m_Encryption.Encrypt ((uint8_t *)&m_Phase4, sizeof(m_Phase4), (uint8_t *)&m_Phase4);

 		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Phase4, sizeof (m_Phase4)), boost::asio::transfer_all (),
        	boost::bind(&NTCPSession::HandlePhase4Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
@ -355,7 +359,7 @@ namespace ntcp
 		else
 		{	
 			LogPrint ("Phase 4 received: ", bytes_transferred);
-			m_Decryption.ProcessData((uint8_t *)&m_Phase4, (uint8_t *)&m_Phase4, sizeof(m_Phase4));
+			m_Decryption.Decrypt((uint8_t *)&m_Phase4, sizeof(m_Phase4), (uint8_t *)&m_Phase4);

 			// verify signature
 			SignedData s;
@ -426,7 +430,7 @@ namespace ntcp
 			m_NextMessage = i2p::NewI2NPMessage ();
 			m_NextMessageOffset = 0;
 			
-			m_Decryption.ProcessData (m_NextMessage->buf, encrypted, 16);
+			m_Decryption.Decrypt (encrypted, 16, m_NextMessage->buf);
 			uint16_t dataSize = be16toh (*(uint16_t *)m_NextMessage->buf);
 			if (dataSize)
 			{
@ -446,7 +450,7 @@ namespace ntcp
 		}	
 		else // message continues
 		{	
-			m_Decryption.ProcessData (m_NextMessage->buf + m_NextMessageOffset, encrypted, 16);
+			m_Decryption.Decrypt (encrypted, 16, m_NextMessage->buf + m_NextMessageOffset);
 			m_NextMessageOffset += 16;
 		}		
 		
@ -490,7 +494,7 @@ namespace ntcp
 		m_Adler.CalculateDigest (sendBuffer + len + 2 + padding, sendBuffer, len + 2+ padding);

 		int l = len + padding + 6;
-		m_Encryption.ProcessData(sendBuffer, sendBuffer, l);	
+		m_Encryption.Encrypt(sendBuffer, l, sendBuffer);	

 		boost::asio::async_write (m_Socket, boost::asio::buffer (sendBuffer, l), boost::asio::transfer_all (),                      
        	boost::bind(&NTCPSession::HandleSent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, msg));	
--- a/NTCPSession.h
+++ b/NTCPSession.h
@ -7,6 +7,7 @@
 #include <cryptopp/modes.h>
 #include <cryptopp/aes.h>
 #include <cryptopp/adler32.h>
+#include "aes.h"
 #include "Identity.h"
 #include "RouterInfo.h"
 #include "I2NPProtocol.h"
@ -123,8 +124,8 @@ namespace ntcp
 			bool m_IsEstablished;
 			i2p::data::DHKeysPair * m_DHKeysPair; // X - for client and Y - for server
 			
-			CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption;
-			CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption;
+			i2p::crypto::CBCDecryption m_Decryption;
+			i2p::crypto::CBCEncryption m_Encryption;
 			CryptoPP::Adler32 m_Adler;
 			
 			i2p::data::RouterInfo& m_RemoteRouterInfo;
--- a/aes.h
+++ b/aes.h
@ -21,8 +21,8 @@ namespace crypto
 	
 			CBCEncryption () { memset (m_LastBlock.buf, 0, 16); };

-			void SetKey (uint8_t * key) { m_ECBEncryption.SetKey (key, 32); }; // 32 bytes
-			void SetIV (uint8_t * iv) { memcpy (m_LastBlock.buf, iv, 16); }; // 16 bytes
+			void SetKey (const uint8_t * key) { m_ECBEncryption.SetKey (key, 32); }; // 32 bytes
+			void SetIV (const uint8_t * iv) { memcpy (m_LastBlock.buf, iv, 16); }; // 16 bytes

 			void Encrypt (int numBlocks, const ChipherBlock * in, ChipherBlock * out);
 			bool Encrypt (const uint8_t * in, std::size_t len, uint8_t * out);
@ -39,8 +39,8 @@ namespace crypto
 	
 			CBCDecryption () { memset (m_IV.buf, 0, 16); };

-			void SetKey (uint8_t * key) { m_ECBDecryption.SetKey (key, 32); }; // 32 bytes
-			void SetIV (uint8_t * iv) { memcpy (m_IV.buf, iv, 16); }; // 16 bytes
+			void SetKey (const uint8_t * key) { m_ECBDecryption.SetKey (key, 32); }; // 32 bytes
+			void SetIV (const uint8_t * iv) { memcpy (m_IV.buf, iv, 16); }; // 16 bytes

 			void Decrypt (int numBlocks, const ChipherBlock * in, ChipherBlock * out);
 			bool Decrypt (const uint8_t * in, std::size_t len, uint8_t * out);