mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2024-11-16 00:12:43 +00:00
don't use crypto++ AES directly
This commit is contained in:
parent
a6cc2e647b
commit
f9cd2f6808
22
SSU.cpp
22
SSU.cpp
@ -204,8 +204,8 @@ namespace ssu
|
||||
payload += 4; // relayTag
|
||||
payload += 4; // signed on time
|
||||
// decrypt DSA signature
|
||||
m_Decryption.SetKeyWithIV (m_SessionKey, 32, ((SSUHeader *)buf)->iv);
|
||||
m_Decryption.ProcessData (payload, payload, 48);
|
||||
m_SessionKeyDecryption.SetIV (((SSUHeader *)buf)->iv);
|
||||
m_SessionKeyDecryption.Decrypt (payload, 48, payload);
|
||||
// verify
|
||||
CryptoPP::DSA::PublicKey pubKey;
|
||||
pubKey.Initialize (i2p::crypto::dsap, i2p::crypto::dsaq, i2p::crypto::dsag, CryptoPP::Integer (m_RemoteRouter->GetRouterIdentity ().signingKey, 128));
|
||||
@ -329,8 +329,8 @@ namespace ssu
|
||||
uint8_t iv[16];
|
||||
rnd.GenerateBlock (iv, 16); // random iv
|
||||
// encrypt signature and 8 bytes padding with newly created session key
|
||||
m_Encryption.SetKeyWithIV (m_SessionKey, 32, iv);
|
||||
m_Encryption.ProcessData (payload, payload, 48);
|
||||
m_SessionKeyEncryption.SetIV (iv);
|
||||
m_SessionKeyEncryption.Encrypt (payload, 48, payload);
|
||||
|
||||
// encrypt message with intro key
|
||||
FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_CREATED, buf, 368, introKey, iv, introKey);
|
||||
@ -501,9 +501,10 @@ namespace ssu
|
||||
header->time = htobe32 (i2p::util::GetSecondsSinceEpoch ());
|
||||
uint8_t * encrypted = &header->flag;
|
||||
uint16_t encryptedLen = len - (encrypted - buf);
|
||||
m_Encryption.SetKeyWithIV (aesKey, 32, iv);
|
||||
encryptedLen = (encryptedLen>>4)<<4; // make sure 16 bytes boundary
|
||||
m_Encryption.ProcessData (encrypted, encrypted, encryptedLen);
|
||||
i2p::crypto::CBCEncryption encryption;
|
||||
encryption.SetKey (aesKey);
|
||||
encryption.SetIV (iv);
|
||||
encryption.Encrypt (encrypted, encryptedLen, encrypted);
|
||||
// assume actual buffer size is 18 (16 + 2) bytes more
|
||||
memcpy (buf + len, iv, 16);
|
||||
*(uint16_t *)(buf + len + 16) = htobe16 (encryptedLen);
|
||||
@ -541,9 +542,10 @@ namespace ssu
|
||||
SSUHeader * header = (SSUHeader *)buf;
|
||||
uint8_t * encrypted = &header->flag;
|
||||
uint16_t encryptedLen = len - (encrypted - buf);
|
||||
m_Decryption.SetKeyWithIV (aesKey, 32, header->iv);
|
||||
encryptedLen = (encryptedLen>>4)<<4; // make sure 16 bytes boundary
|
||||
m_Decryption.ProcessData (encrypted, encrypted, encryptedLen);
|
||||
i2p::crypto::CBCDecryption decryption;
|
||||
decryption.SetKey (aesKey);
|
||||
decryption.SetIV (header->iv);
|
||||
decryption.Decrypt (encrypted, encryptedLen, encrypted);
|
||||
}
|
||||
|
||||
void SSUSession::DecryptSessionKey (uint8_t * buf, size_t len)
|
||||
|
4
SSU.h
4
SSU.h
@ -7,8 +7,6 @@
|
||||
#include <set>
|
||||
#include <thread>
|
||||
#include <boost/asio.hpp>
|
||||
#include <cryptopp/modes.h>
|
||||
#include <cryptopp/aes.h>
|
||||
#include "aes.h"
|
||||
#include "I2PEndian.h"
|
||||
#include "Identity.h"
|
||||
@ -135,8 +133,6 @@ namespace ssu
|
||||
bool m_IsSessionKey;
|
||||
uint32_t m_RelayTag;
|
||||
std::set<uint32_t> m_PeerTestNonces;
|
||||
CryptoPP::CBC_Mode<CryptoPP::AES>::Encryption m_Encryption; // TODO: remove
|
||||
CryptoPP::CBC_Mode<CryptoPP::AES>::Decryption m_Decryption; // TODO: remove
|
||||
i2p::crypto::CBCEncryption m_SessionKeyEncryption;
|
||||
i2p::crypto::CBCDecryption m_SessionKeyDecryption;
|
||||
uint8_t m_SessionKey[32], m_MacKey[32];
|
||||
|
Loading…
Reference in New Issue
Block a user