Archives
/
lokinet
mirror of https://github.com/oxen-io/lokinet
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ubuntu/noble
ubuntu/mantic
quic-wip
dev
dev-next
opensuse/tumbleweed
ubuntu/lunar
ubuntu/kinetic
ubuntu/jammy
ubuntu/focal
ubuntu/bionic
debian/buster
debian/bullseye
debian/bookworm
debian/sid
fedora/36
fedora/37
stable
makepkg
fedora/35
ubuntu/impish
fedora/34
centos/8
ubuntu/hirsute
ubuntu/groovy
v0.9.11
v0.9.10
v0.9.9
v0.9.8
v0.9.7
v0.9.6
v0.9.5
v0.9.4
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.5
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.8.1-rc3
v0.8.1-rc2
v0.8.1-rc1
v0.7.1
v0.7.0
v0.7.0-rc3
v0.7.0-rc2
v0.7.0-rc1
v0.6.4
v0.6.2
v0.6.1
v0.6.0
v0.6.0-rc2
v0.6.0-rc1
v0.5.2
v0.5.0
v0.4.2½
v0.4.2
v0.4.1
v0.4.0-release
0.4.0-release
v0.4.0
v0.4.0-rc3
v0.4.0-rc2
v0.3.1
0.3.0-neuro1
v0.2.3-rc1
v0.2.2
v0.2.1
v0.1.0
v0.0.3
0.2.3-neuro0
0.6.1
rm
v0.0.1
v0.0.2
v0.3.0
v0.4.3
v0.5.1
v0.6.3
v0.7
v0.8.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4e7c6ee90a'
${ noResults }
lokinet/llarp/service/protocol.cpp

394 lines
11 KiB
C++
Raw Normal View History Unescape Escape

* more hidden service code * begin lokinet api
6 years ago
#include <llarp/routing/handler.hpp>
more hidden service stuff
6 years ago
#include <llarp/service/protocol.hpp>
more hidden service stuff
6 years ago
#include "buffer.hpp"
it works.
6 years ago
#include "mem.hpp"
more hidden service stuff
6 years ago
namespace llarp
{
namespace service
{
more hidden service stuff
6 years ago
ProtocolMessage::ProtocolMessage()
more hidden service stuff
6 years ago
{
more hidden service code
6 years ago
tag.Zero();
more hidden service stuff
6 years ago
}
more hidden service code
6 years ago
ProtocolMessage::ProtocolMessage(const ConvoTag& t) : tag(t)
more hidden service stuff
6 years ago
{
}
more hidden service code
6 years ago
ProtocolMessage::~ProtocolMessage()
more hidden service stuff
6 years ago
{
}
void
ProtocolMessage::PutBuffer(llarp_buffer_t buf)
{
payload.resize(buf.sz);
memcpy(payload.data(), buf.base, buf.sz);
}
more hidden service stuff
6 years ago
more hidden service code
6 years ago
void
ProtocolMessage::ProcessAsync(void* user)
{
ProtocolMessage* self = static_cast< ProtocolMessage* >(user);
make hidden services work again (probably)
6 years ago
if(!self->handler->HandleDataMessage(self->srcPath, self))
llarp::LogWarn("failed to handle data message from ", self->srcPath);
more hidden service code
6 years ago
delete self;
}
bool
ProtocolMessage::DecodeKey(llarp_buffer_t k, llarp_buffer_t* buf)
{
bool read = false;
if(!BEncodeMaybeReadDictInt("a", proto, read, k, buf))
return false;
if(llarp_buffer_eq(k, "d"))
{
llarp_buffer_t strbuf;
if(!bencode_read_string(buf, &strbuf))
return false;
PutBuffer(strbuf);
return true;
}
if(!BEncodeMaybeReadDictEntry("i", introReply, read, k, buf))
return false;
if(!BEncodeMaybeReadDictEntry("s", sender, read, k, buf))
return false;
if(!BEncodeMaybeReadDictEntry("t", tag, read, k, buf))
return false;
if(!BEncodeMaybeReadDictInt("v", version, read, k, buf))
return false;
return read;
}
bool
ProtocolMessage::BEncode(llarp_buffer_t* buf) const
{
if(!bencode_start_dict(buf))
return false;
if(!BEncodeWriteDictInt("a", proto, buf))
return false;
if(!bencode_write_bytestring(buf, "d", 1))
return false;
if(!bencode_write_bytestring(buf, payload.data(), payload.size()))
return false;
if(!BEncodeWriteDictEntry("i", introReply, buf))
return false;
if(!BEncodeWriteDictEntry("s", sender, buf))
return false;
if(!tag.IsZero())
{
if(!BEncodeWriteDictEntry("t", tag, buf))
return false;
}
more checks less logging
6 years ago
if(!BEncodeWriteDictInt("v", version, buf))
more hidden service code
6 years ago
return false;
return bencode_end(buf);
}
more hidden service stuff
6 years ago
ProtocolFrame::~ProtocolFrame()
{
}
bool
ProtocolFrame::BEncode(llarp_buffer_t* buf) const
{
if(!bencode_start_dict(buf))
return false;
use NTRU for introset end to end encryption
6 years ago
it works.
6 years ago
if(!BEncodeWriteDictMsgType(buf, "A", "H"))
return false;
use NTRU for introset end to end encryption
6 years ago
if(!C.IsZero())
more hidden service stuff
6 years ago
{
use NTRU for introset end to end encryption
6 years ago
if(!BEncodeWriteDictEntry("C", C, buf))
more hidden service stuff
6 years ago
return false;
}
use NTRU for introset end to end encryption
6 years ago
if(!BEncodeWriteDictEntry("D", D, buf))
more hidden service stuff
6 years ago
return false;
use NTRU for introset end to end encryption
6 years ago
if(!BEncodeWriteDictEntry("N", N, buf))
more hidden service stuff
6 years ago
return false;
use NTRU for introset end to end encryption
6 years ago
if(!T.IsZero())
more hidden service code
6 years ago
{
if(!BEncodeWriteDictEntry("T", T, buf))
return false;
}
add sequence numbers to routing messages
6 years ago
if(!BEncodeWriteDictInt("V", version, buf))
more hidden service stuff
6 years ago
return false;
if(!BEncodeWriteDictEntry("Z", Z, buf))
return false;
return bencode_end(buf);
}
bool
ProtocolFrame::DecodeKey(llarp_buffer_t key, llarp_buffer_t* val)
{
bool read = false;
it works.
6 years ago
if(llarp_buffer_eq(key, "A"))
{
llarp_buffer_t strbuf;
if(!bencode_read_string(val, &strbuf))
return false;
if(strbuf.sz != 1)
return false;
return *strbuf.cur == 'H';
}
more hidden service stuff
6 years ago
if(!BEncodeMaybeReadDictEntry("D", D, read, key, val))
return false;
use NTRU for introset end to end encryption
6 years ago
if(!BEncodeMaybeReadDictEntry("C", C, read, key, val))
more hidden service stuff
6 years ago
return false;
if(!BEncodeMaybeReadDictEntry("N", N, read, key, val))
return false;
if(!BEncodeMaybeReadDictInt("S", S, read, key, val))
return false;
more hidden service code
6 years ago
if(!BEncodeMaybeReadDictEntry("T", T, read, key, val))
return false;
more hidden service stuff
6 years ago
if(!BEncodeMaybeReadVersion("V", version, LLARP_PROTO_VERSION, read, key,
val))
return false;
if(!BEncodeMaybeReadDictEntry("Z", Z, read, key, val))
return false;
return read;
}
more hidden service code
6 years ago
bool
use NTRU for introset end to end encryption
6 years ago
ProtocolFrame::DecryptPayloadInto(llarp_crypto* crypto,
const byte_t* sharedkey,
ProtocolMessage& msg) const
more hidden service code
6 years ago
{
decrypt frames correctly and set return address
6 years ago
Encrypted tmp = D;
auto buf = tmp.Buffer();
crypto->xchacha20(*buf, sharedkey, N);
return msg.BDecode(buf);
more hidden service code
6 years ago
}
more hidden service stuff
6 years ago
bool
ProtocolFrame::EncryptAndSign(llarp_crypto* crypto,
use NTRU for introset end to end encryption
6 years ago
const ProtocolMessage& msg,
const byte_t* sessionKey,
const Identity& localIdent)
more hidden service stuff
6 years ago
{
byte_t tmp[MAX_PROTOCOL_MESSAGE_SIZE];
auto buf = llarp::StackBuffer< decltype(tmp) >(tmp);
make testnet no longer crash
6 years ago
// encode message
if(!msg.BEncode(&buf))
more logging
6 years ago
{
llarp::LogError("message too big to encode");
make testnet no longer crash
6 years ago
return false;
more logging
6 years ago
}
make testnet no longer crash
6 years ago
// rewind
buf.sz = buf.cur - buf.base;
buf.cur = buf.base;
// encrypt
crypto->xchacha20(buf, sessionKey, N);
// put encrypted buffer
D = buf;
// zero out signature
Z.Zero();
try reinitializing buffer instead of doing resize
6 years ago
// reset buffer
buf = llarp::StackBuffer< decltype(tmp) >(tmp);
make testnet no longer crash
6 years ago
// encode frame
more hidden service stuff
6 years ago
if(!BEncode(&buf))
more logging
6 years ago
{
llarp::LogError("frame too big to encode");
more hidden service stuff
6 years ago
return false;
more logging
6 years ago
}
more hidden service stuff
6 years ago
// rewind
buf.sz = buf.cur - buf.base;
buf.cur = buf.base;
// sign
more logging
6 years ago
if(!localIdent.Sign(crypto, Z, buf))
{
llarp::LogError("failed to sign? wtf?!");
return false;
}
return true;
more hidden service stuff
6 years ago
}
make testnet no longer crash
6 years ago
struct AsyncFrameDecrypt
more hidden service code
6 years ago
{
llarp_crypto* crypto;
llarp_logic* logic;
ProtocolMessage* msg;
use NTRU for introset end to end encryption
6 years ago
const Identity& m_LocalIdentity;
more hidden service code
6 years ago
IDataHandler* handler;
use correct intro in tag tracking
6 years ago
const ProtocolFrame frame;
more hidden service code
6 years ago
make testnet no longer crash
6 years ago
AsyncFrameDecrypt(llarp_logic* l, llarp_crypto* c,
const Identity& localIdent, IDataHandler* h,
use correct intro in tag tracking
6 years ago
ProtocolMessage* m, const ProtocolFrame& f)
more hidden service code
6 years ago
: crypto(c)
, logic(l)
, msg(m)
use NTRU for introset end to end encryption
6 years ago
, m_LocalIdentity(localIdent)
more hidden service code
6 years ago
, handler(h)
use NTRU for introset end to end encryption
6 years ago
, frame(f)
more hidden service code
6 years ago
{
}
static void
Work(void* user)
{
make testnet no longer crash
6 years ago
AsyncFrameDecrypt* self = static_cast< AsyncFrameDecrypt* >(user);
auto crypto = self->crypto;
use NTRU for introset end to end encryption
6 years ago
SharedSecret K;
SharedSecret sharedKey;
// copy
use correct intro in tag tracking
6 years ago
ProtocolFrame frame(self->frame);
if(!crypto->pqe_decrypt(self->frame.C, K,
use NTRU for introset end to end encryption
6 years ago
pq_keypair_to_secret(self->m_LocalIdentity.pq)))
more hidden service code
6 years ago
{
use correct intro in tag tracking
6 years ago
llarp::LogError("pqke failed C=", self->frame.C);
more hidden service code
6 years ago
delete self->msg;
delete self;
return;
}
make testnet no longer crash
6 years ago
// decrypt
auto buf = frame.D.Buffer();
use correct intro in tag tracking
6 years ago
crypto->xchacha20(*buf, K, self->frame.N);
more hidden service code
6 years ago
if(!self->msg->BDecode(buf))
{
llarp::LogError("failed to decode inner protocol message");
it works.
6 years ago
llarp::DumpBuffer(*buf);
more hidden service code
6 years ago
delete self->msg;
delete self;
return;
}
use NTRU for introset end to end encryption
6 years ago
// verify signature of outer message after we parsed the inner message
use correct intro in tag tracking
6 years ago
if(!self->frame.Verify(crypto, self->msg->sender))
use NTRU for introset end to end encryption
6 years ago
{
use correct intro in tag tracking
6 years ago
llarp::LogError("intro frame has invalid signature Z=", self->frame.Z,
" from ", self->msg->sender.Addr());
self->frame.Dump< MAX_PROTOCOL_MESSAGE_SIZE >();
more checks less logging
6 years ago
self->msg->Dump< MAX_PROTOCOL_MESSAGE_SIZE >();
use NTRU for introset end to end encryption
6 years ago
delete self->msg;
delete self;
return;
}
byte_t tmp[64];
// K
memcpy(tmp, K, 32);
// PKE (A, B, N)
use correct intro in tag tracking
6 years ago
if(!self->m_LocalIdentity.KeyExchange(crypto->dh_server, tmp + 32,
self->msg->sender, self->frame.N))
use NTRU for introset end to end encryption
6 years ago
{
llarp::LogError("x25519 key exchange failed");
use correct intro in tag tracking
6 years ago
self->frame.Dump< MAX_PROTOCOL_MESSAGE_SIZE >();
use NTRU for introset end to end encryption
6 years ago
delete self->msg;
delete self;
return;
}
// S = HS( K + PKE( A, B, N))
crypto->shorthash(sharedKey, StackBuffer< decltype(tmp) >(tmp));
more hidden service code
6 years ago
self->handler->PutIntroFor(self->msg->tag, self->msg->introReply);
self->handler->PutSenderFor(self->msg->tag, self->msg->sender);
use NTRU for introset end to end encryption
6 years ago
self->handler->PutCachedSessionKeyFor(self->msg->tag, sharedKey);
more hidden service code
6 years ago
self->msg->handler = self->handler;
llarp_logic_queue_job(self->logic,
{self->msg, &ProtocolMessage::ProcessAsync});
delete self;
}
};
make testnet no longer crash
6 years ago
ProtocolFrame&
ProtocolFrame::operator=(const ProtocolFrame& other)
{
more ip endpoint fixes spam dht with lookups less
6 years ago
C = other.C;
D = other.D;
N = other.N;
Z = other.Z;
T = other.T;
update spec and fix copy constructor
6 years ago
S = other.S;
more ip endpoint fixes spam dht with lookups less
6 years ago
version = other.version;
make testnet no longer crash
6 years ago
return *this;
}
more hidden service code
6 years ago
bool
use NTRU for introset end to end encryption
6 years ago
ProtocolFrame::AsyncDecryptAndVerify(llarp_logic* logic, llarp_crypto* c,
make hidden services work again (probably)
6 years ago
const PathID_t& srcPath,
more hidden service code
6 years ago
llarp_threadpool* worker,
use NTRU for introset end to end encryption
6 years ago
const Identity& localIdent,
more hidden service code
6 years ago
IDataHandler* handler) const
{
make testnet no longer crash
6 years ago
if(T.IsZero())
more hidden service code
6 years ago
{
ProtocolMessage* msg = new ProtocolMessage();
make hidden services work again (probably)
6 years ago
msg->srcPath = srcPath;
more hidden service code
6 years ago
// we need to dh
make testnet no longer crash
6 years ago
auto dh =
use correct intro in tag tracking
6 years ago
new AsyncFrameDecrypt(logic, c, localIdent, handler, msg, *this);
make testnet no longer crash
6 years ago
llarp_threadpool_queue_job(worker, {dh, &AsyncFrameDecrypt::Work});
more hidden service code
6 years ago
return true;
}
use NTRU for introset end to end encryption
6 years ago
const byte_t* shared = nullptr;
more hidden service code
6 years ago
if(!handler->GetCachedSessionKeyFor(T, shared))
{
llarp::LogError("No cached session for T=", T);
return false;
}
ServiceInfo si;
if(!handler->GetSenderFor(T, si))
{
llarp::LogError("No sender for T=", T);
return false;
}
use NTRU for introset end to end encryption
6 years ago
if(!Verify(c, si))
more hidden service code
6 years ago
{
more checks less logging
6 years ago
llarp::LogError("Signature failure from ", si.Addr());
more hidden service code
6 years ago
return false;
}
ProtocolMessage* msg = new ProtocolMessage();
use NTRU for introset end to end encryption
6 years ago
if(!DecryptPayloadInto(c, shared, *msg))
more hidden service code
6 years ago
{
llarp::LogError("failed to decrypt message");
delete msg;
return false;
}
make hidden services work again (probably)
6 years ago
msg->srcPath = srcPath;
more hidden service code
6 years ago
msg->handler = handler;
llarp_logic_queue_job(logic, {msg, &ProtocolMessage::ProcessAsync});
return true;
}
more checks less logging
6 years ago
bool
ProtocolFrame::operator==(const ProtocolFrame& other) const
{
return C == other.C && D == other.D && N == other.N && Z == other.Z
&& T == other.T && S == other.S && version == other.version;
}
more hidden service stuff
6 years ago
bool
hidden services sorta work
6 years ago
ProtocolFrame::Verify(llarp_crypto* crypto, const ServiceInfo& from) const
more hidden service stuff
6 years ago
{
update spec and fix copy constructor
6 years ago
ProtocolFrame copy(*this);
more hidden service stuff
6 years ago
// save signature
// zero out signature for verify
more hidden service code
6 years ago
copy.Z.Zero();
more hidden service stuff
6 years ago
// serialize
byte_t tmp[MAX_PROTOCOL_MESSAGE_SIZE];
auto buf = llarp::StackBuffer< decltype(tmp) >(tmp);
more checks less logging
6 years ago
if(!copy.BEncode(&buf))
more hidden service stuff
6 years ago
{
more checks less logging
6 years ago
llarp::LogError("bencode fail");
return false;
more hidden service stuff
6 years ago
}
more checks less logging
6 years ago
// rewind buffer
buf.sz = buf.cur - buf.base;
buf.cur = buf.base;
// verify
return from.Verify(crypto, buf, Z);
more hidden service stuff
6 years ago
}
* more hidden service code * begin lokinet api
6 years ago
bool
ProtocolFrame::HandleMessage(llarp::routing::IMessageHandler* h,
llarp_router* r) const
{
return h->HandleHiddenServiceFrame(this);
}
more hidden service stuff
6 years ago
} // namespace service
more ip endpoint fixes spam dht with lookups less
6 years ago
} // namespace llarp