From ecb1fd720d313b86f6129528ca9504c311874813 Mon Sep 17 00:00:00 2001 From: orignal Date: Wed, 15 Oct 2014 14:32:19 -0400 Subject: [PATCH] use ECDSA P256 for client I2P tunnels --- Destination.cpp | 16 ++++++++-------- Destination.h | 6 +++--- I2PTunnel.cpp | 3 ++- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/Destination.cpp b/Destination.cpp index 3534598f..03e68042 100644 --- a/Destination.cpp +++ b/Destination.cpp @@ -11,11 +11,11 @@ namespace i2p { namespace stream { - StreamingDestination::StreamingDestination (bool isPublic): + StreamingDestination::StreamingDestination (bool isPublic, i2p::data::SigningKeyType sigType): m_IsRunning (false), m_Thread (nullptr), m_Service (nullptr), m_Work (nullptr), m_CurrentOutboundTunnel (nullptr), m_LeaseSet (nullptr), m_IsPublic (isPublic) { - m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (/*i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256*/); // uncomment for ECDSA + m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType); CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg); dh.GenerateKeyPair(i2p::context.GetRandomNumberGenerator (), m_EncryptionPrivateKey, m_EncryptionPublicKey); m_Pool = i2p::tunnel::tunnels.CreateTunnelPool (*this, 3); // 3-hops tunnel @@ -42,7 +42,7 @@ namespace stream else { LogPrint ("Can't open file ", fullPath, " Creating new one"); - m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (/*i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256*/); + m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); std::ofstream f (fullPath, std::ofstream::binary | std::ofstream::out); size_t len = m_Keys.GetFullLen (); uint8_t * buf = new uint8_t[len]; @@ -359,7 +359,7 @@ namespace stream { if (!m_SharedLocalDestination) { - m_SharedLocalDestination = new StreamingDestination (false); // non-public + m_SharedLocalDestination = new StreamingDestination (false, i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); // non-public, DSA m_Destinations[m_SharedLocalDestination->GetIdentity ().GetIdentHash ()] = m_SharedLocalDestination; m_SharedLocalDestination->Start (); } @@ -409,9 +409,9 @@ namespace stream return localDestination; } - StreamingDestination * StreamingDestinations::CreateNewLocalDestination (bool isPublic) + StreamingDestination * StreamingDestinations::CreateNewLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType) { - auto localDestination = new StreamingDestination (isPublic); + auto localDestination = new StreamingDestination (isPublic, sigType); std::unique_lock l(m_DestinationsMutex); m_Destinations[localDestination->GetIdentHash ()] = localDestination; localDestination->Start (); @@ -499,9 +499,9 @@ namespace stream return destinations.GetSharedLocalDestination (); } - StreamingDestination * CreateNewLocalDestination (bool isPublic) + StreamingDestination * CreateNewLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType) { - return destinations.CreateNewLocalDestination (isPublic); + return destinations.CreateNewLocalDestination (isPublic, sigType); } StreamingDestination * CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic) diff --git a/Destination.h b/Destination.h index 77e7d54c..200c16be 100644 --- a/Destination.h +++ b/Destination.h @@ -18,7 +18,7 @@ namespace stream { public: - StreamingDestination (bool isPublic); + StreamingDestination (bool isPublic, i2p::data::SigningKeyType sigType); StreamingDestination (const std::string& fullPath, bool isPublic); StreamingDestination (const i2p::data::PrivateKeys& keys, bool isPublic); ~StreamingDestination (); @@ -103,7 +103,7 @@ namespace stream Stream * CreateClientStream (const i2p::data::LeaseSet& remote); void DeleteStream (Stream * stream); StreamingDestination * GetSharedLocalDestination () const { return m_SharedLocalDestination; }; - StreamingDestination * CreateNewLocalDestination (bool isPublic); + StreamingDestination * CreateNewLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType); StreamingDestination * CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic); void DeleteLocalDestination (StreamingDestination * destination); StreamingDestination * FindLocalDestination (const i2p::data::IdentHash& destination) const; @@ -130,7 +130,7 @@ namespace stream void StartStreaming (); void StopStreaming (); StreamingDestination * GetSharedLocalDestination (); - StreamingDestination * CreateNewLocalDestination (bool isPublic = true); + StreamingDestination * CreateNewLocalDestination (bool isPublic = true, i2p::data::SigningKeyType sigType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); // transient StreamingDestination * CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic = true); void DeleteLocalDestination (StreamingDestination * destination); StreamingDestination * FindLocalDestination (const i2p::data::IdentHash& destination); diff --git a/I2PTunnel.cpp b/I2PTunnel.cpp index 3a58f04d..ad584d84 100644 --- a/I2PTunnel.cpp +++ b/I2PTunnel.cpp @@ -145,7 +145,8 @@ namespace stream I2PClientTunnel::I2PClientTunnel (boost::asio::io_service& service, const std::string& destination, int port, StreamingDestination * localDestination): - I2PTunnel (service, localDestination ? localDestination : GetSharedLocalDestination ()), + I2PTunnel (service, localDestination ? localDestination : + CreateNewLocalDestination (false, i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256)), m_Acceptor (service, boost::asio::ip::tcp::endpoint (boost::asio::ip::tcp::v4(), port)), m_Timer (service), m_Destination (destination), m_DestinationIdentHash (nullptr), m_RemoteLeaseSet (nullptr)