From f9cd2f6808996fb48df6ff1edd8c4303adce36b0 Mon Sep 17 00:00:00 2001
From: orignal <romakoshelkin@yandex.ru>
Date: Sun, 8 Jun 2014 14:43:18 -0400
Subject: [PATCH] don't use crypto++ AES directly

---
 SSU.cpp | 22 ++++++++++++----------
 SSU.h   |  4 ----
 2 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/SSU.cpp b/SSU.cpp
index cce2ac3b..e855dd47 100644
--- a/SSU.cpp
+++ b/SSU.cpp
@@ -204,8 +204,8 @@ namespace ssu
 		payload += 4; // relayTag
 		payload += 4; // signed on time
 		// decrypt DSA signature
-		m_Decryption.SetKeyWithIV (m_SessionKey, 32, ((SSUHeader *)buf)->iv);
-		m_Decryption.ProcessData (payload, payload, 48);
+		m_SessionKeyDecryption.SetIV (((SSUHeader *)buf)->iv);
+		m_SessionKeyDecryption.Decrypt (payload, 48, payload);
 		// verify
 		CryptoPP::DSA::PublicKey pubKey;
 		pubKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, CryptoPP::Integer (m_RemoteRouter->GetRouterIdentity ().signingKey, 128));
@@ -329,8 +329,8 @@ namespace ssu
 		uint8_t iv[16];
 		rnd.GenerateBlock (iv, 16); // random iv
 		// encrypt signature and 8 bytes padding with newly created session key	
-		m_Encryption.SetKeyWithIV (m_SessionKey, 32, iv);
-		m_Encryption.ProcessData (payload, payload, 48);
+		m_SessionKeyEncryption.SetIV (iv);
+		m_SessionKeyEncryption.Encrypt (payload, 48, payload);
 
 		// encrypt message with intro key
 		FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_CREATED, buf, 368, introKey, iv, introKey);
@@ -501,9 +501,10 @@ namespace ssu
 		header->time = htobe32 (i2p::util::GetSecondsSinceEpoch ());
 		uint8_t * encrypted = &header->flag;
 		uint16_t encryptedLen = len - (encrypted - buf);
-		m_Encryption.SetKeyWithIV (aesKey, 32, iv);
-		encryptedLen = (encryptedLen>>4)<<4; // make sure 16 bytes boundary 
-		m_Encryption.ProcessData (encrypted, encrypted, encryptedLen);
+		i2p::crypto::CBCEncryption encryption;
+		encryption.SetKey (aesKey);
+		encryption.SetIV (iv);
+		encryption.Encrypt (encrypted, encryptedLen, encrypted);
 		// assume actual buffer size is 18 (16 + 2) bytes more
 		memcpy (buf + len, iv, 16);
 		*(uint16_t *)(buf + len + 16) = htobe16 (encryptedLen);
@@ -541,9 +542,10 @@ namespace ssu
 		SSUHeader * header = (SSUHeader *)buf;
 		uint8_t * encrypted = &header->flag;
 		uint16_t encryptedLen = len - (encrypted - buf);	
-		m_Decryption.SetKeyWithIV (aesKey, 32, header->iv);
-		encryptedLen = (encryptedLen>>4)<<4; // make sure 16 bytes boundary 
-		m_Decryption.ProcessData (encrypted, encrypted, encryptedLen);
+		i2p::crypto::CBCDecryption decryption;
+		decryption.SetKey (aesKey);
+		decryption.SetIV (header->iv);
+		decryption.Decrypt (encrypted, encryptedLen, encrypted);
 	}
 
 	void SSUSession::DecryptSessionKey (uint8_t * buf, size_t len)
diff --git a/SSU.h b/SSU.h
index 59cf29c5..c3563722 100644
--- a/SSU.h
+++ b/SSU.h
@@ -7,8 +7,6 @@
 #include <set>
 #include <thread>
 #include <boost/asio.hpp>
-#include <cryptopp/modes.h>
-#include <cryptopp/aes.h>
 #include "aes.h"
 #include "I2PEndian.h"
 #include "Identity.h"
@@ -135,8 +133,6 @@ namespace ssu
 			bool m_IsSessionKey;
 			uint32_t m_RelayTag;	
 			std::set<uint32_t> m_PeerTestNonces;
-			CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption;	 // TODO: remove
-			CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption;	 // TODO: remove
 			i2p::crypto::CBCEncryption m_SessionKeyEncryption;
 			i2p::crypto::CBCDecryption m_SessionKeyDecryption;
 			uint8_t m_SessionKey[32], m_MacKey[32];