2020-05-22 16:18:41 +03:00
|
|
|
/*
|
2024-06-04 19:45:35 +03:00
|
|
|
* Copyright (c) 2013-2024, The PurpleI2P Project
|
2020-05-22 16:18:41 +03:00
|
|
|
*
|
|
|
|
* This file is part of Purple i2pd project and licensed under BSD3
|
|
|
|
*
|
|
|
|
* See full license text in LICENSE file at top of project tree
|
|
|
|
*/
|
|
|
|
|
2015-11-03 17:15:49 +03:00
|
|
|
#include "Crypto.h"
|
2014-08-31 04:21:58 +04:00
|
|
|
#include "I2PEndian.h"
|
2015-11-03 17:15:49 +03:00
|
|
|
#include "Log.h"
|
2019-03-07 19:55:47 +03:00
|
|
|
#include "Timestamp.h"
|
2015-11-03 17:15:49 +03:00
|
|
|
#include "Identity.h"
|
2013-12-21 05:22:55 +04:00
|
|
|
|
|
|
|
namespace i2p
|
|
|
|
{
|
|
|
|
namespace data
|
|
|
|
{
|
2013-12-22 20:29:57 +04:00
|
|
|
Identity& Identity::operator=(const Keys& keys)
|
|
|
|
{
|
|
|
|
// copy public and signing keys together
|
2021-10-18 13:09:56 +03:00
|
|
|
memcpy (publicKey, keys.publicKey, sizeof (publicKey));
|
|
|
|
memcpy (signingKey, keys.signingKey, sizeof (signingKey));
|
2017-08-07 20:46:42 +03:00
|
|
|
memset (certificate, 0, sizeof (certificate));
|
2013-12-22 20:29:57 +04:00
|
|
|
return *this;
|
2014-04-07 21:47:40 +04:00
|
|
|
}
|
|
|
|
|
2014-08-06 19:09:06 +04:00
|
|
|
size_t Identity::FromBuffer (const uint8_t * buf, size_t len)
|
|
|
|
{
|
2016-02-05 16:52:07 +03:00
|
|
|
if ( len < DEFAULT_IDENTITY_SIZE ) {
|
|
|
|
// buffer too small, don't overflow
|
|
|
|
return 0;
|
|
|
|
}
|
2014-08-06 19:09:06 +04:00
|
|
|
memcpy (publicKey, buf, DEFAULT_IDENTITY_SIZE);
|
|
|
|
return DEFAULT_IDENTITY_SIZE;
|
2014-04-07 22:01:24 +04:00
|
|
|
}
|
|
|
|
|
2014-09-20 03:25:40 +04:00
|
|
|
IdentHash Identity::Hash () const
|
|
|
|
{
|
|
|
|
IdentHash hash;
|
2015-11-03 17:15:49 +03:00
|
|
|
SHA256(publicKey, DEFAULT_IDENTITY_SIZE, hash);
|
2014-09-20 03:25:40 +04:00
|
|
|
return hash;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2014-08-22 05:57:24 +04:00
|
|
|
IdentityEx::IdentityEx ():
|
2021-09-10 04:19:52 +03:00
|
|
|
m_ExtendedLen (0)
|
2014-08-22 05:57:24 +04:00
|
|
|
{
|
|
|
|
}
|
2014-08-24 06:06:53 +04:00
|
|
|
|
2020-03-31 02:27:10 +03:00
|
|
|
IdentityEx::IdentityEx(const uint8_t * publicKey, const uint8_t * signingKey, SigningKeyType type, CryptoKeyType cryptoType)
|
2018-01-06 06:48:51 +03:00
|
|
|
{
|
2022-12-13 02:36:29 +03:00
|
|
|
uint8_t randomPaddingBlock[32];
|
|
|
|
RAND_bytes (randomPaddingBlock, 32);
|
2020-11-15 02:28:50 +03:00
|
|
|
if (cryptoType == CRYPTO_KEY_TYPE_ECIES_X25519_AEAD)
|
2020-10-24 05:14:00 +03:00
|
|
|
{
|
2022-12-13 02:36:29 +03:00
|
|
|
memcpy (m_StandardIdentity.publicKey, publicKey ? publicKey : randomPaddingBlock, 32);
|
2022-10-24 22:12:07 +03:00
|
|
|
for (int i = 0; i < 7; i++) // 224 bytes
|
2022-12-13 02:36:29 +03:00
|
|
|
memcpy (m_StandardIdentity.publicKey + 32*(i + 1), randomPaddingBlock, 32);
|
2021-11-27 23:30:35 +03:00
|
|
|
}
|
|
|
|
else
|
2022-10-24 22:12:07 +03:00
|
|
|
{
|
|
|
|
if (publicKey)
|
|
|
|
memcpy (m_StandardIdentity.publicKey, publicKey, 256);
|
|
|
|
else
|
2022-12-13 02:36:29 +03:00
|
|
|
for (int i = 0; i < 8; i++) // 256 bytes
|
|
|
|
memcpy (m_StandardIdentity.publicKey + 32*i, randomPaddingBlock, 32);
|
2023-01-03 21:25:19 +03:00
|
|
|
}
|
2014-11-25 04:19:13 +03:00
|
|
|
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
|
2014-08-24 06:06:53 +04:00
|
|
|
{
|
2014-11-25 04:19:13 +03:00
|
|
|
size_t excessLen = 0;
|
|
|
|
uint8_t * excessBuf = nullptr;
|
|
|
|
switch (type)
|
|
|
|
{
|
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2022-05-20 19:56:05 +03:00
|
|
|
size_t padding = 128 - i2p::crypto::ECDSAP256_KEY_LENGTH; // 64 = 128 - 64
|
2015-11-03 17:15:49 +03:00
|
|
|
RAND_bytes (m_StandardIdentity.signingKey, padding);
|
2014-11-25 04:19:13 +03:00
|
|
|
memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::ECDSAP256_KEY_LENGTH);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2014-11-25 04:19:13 +03:00
|
|
|
size_t padding = 128 - i2p::crypto::ECDSAP384_KEY_LENGTH; // 32 = 128 - 96
|
2015-11-03 17:15:49 +03:00
|
|
|
RAND_bytes (m_StandardIdentity.signingKey, padding);
|
2014-11-25 04:19:13 +03:00
|
|
|
memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::ECDSAP384_KEY_LENGTH);
|
|
|
|
break;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-11-25 04:19:13 +03:00
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
|
|
|
|
{
|
|
|
|
memcpy (m_StandardIdentity.signingKey, signingKey, 128);
|
2014-11-25 05:48:01 +03:00
|
|
|
excessLen = i2p::crypto::ECDSAP521_KEY_LENGTH - 128; // 4 = 132 - 128
|
2014-11-25 04:19:13 +03:00
|
|
|
excessBuf = new uint8_t[excessLen];
|
|
|
|
memcpy (excessBuf, signingKey + 128, excessLen);
|
|
|
|
break;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-12-11 05:31:06 +03:00
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA256_2048:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA384_3072:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA512_4096:
|
2018-09-21 18:16:38 +03:00
|
|
|
LogPrint (eLogError, "Identity: RSA signing key type ", (int)type, " is not supported");
|
|
|
|
break;
|
2015-04-08 23:28:52 +03:00
|
|
|
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
|
2019-02-27 21:18:09 +03:00
|
|
|
case SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
2015-04-08 23:18:16 +03:00
|
|
|
{
|
2017-03-10 19:55:30 +03:00
|
|
|
size_t padding = 128 - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH; // 96 = 128 - 32
|
2022-12-13 02:36:29 +03:00
|
|
|
for (int i = 0; i < 3; i++) // 96 bytes
|
|
|
|
memcpy (m_StandardIdentity.signingKey + 32*i, randomPaddingBlock, 32);
|
2015-04-08 23:28:52 +03:00
|
|
|
memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH);
|
2015-04-08 23:18:16 +03:00
|
|
|
break;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2017-03-21 18:48:34 +03:00
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256:
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2017-03-15 03:03:44 +03:00
|
|
|
// 256
|
|
|
|
size_t padding = 128 - i2p::crypto::GOSTR3410_256_PUBLIC_KEY_LENGTH; // 64 = 128 - 64
|
2017-02-20 02:08:10 +03:00
|
|
|
RAND_bytes (m_StandardIdentity.signingKey, padding);
|
2017-03-15 03:03:44 +03:00
|
|
|
memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::GOSTR3410_256_PUBLIC_KEY_LENGTH);
|
|
|
|
break;
|
|
|
|
}
|
2017-03-31 17:04:39 +03:00
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512:
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2017-03-15 03:03:44 +03:00
|
|
|
// 512
|
|
|
|
// no padding, key length is 128
|
|
|
|
memcpy (m_StandardIdentity.signingKey, signingKey, i2p::crypto::GOSTR3410_512_PUBLIC_KEY_LENGTH);
|
2017-02-20 02:08:10 +03:00
|
|
|
break;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-11-25 04:19:13 +03:00
|
|
|
default:
|
2015-12-18 17:08:12 +03:00
|
|
|
LogPrint (eLogError, "Identity: Signing key type ", (int)type, " is not supported");
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-11-25 05:23:12 +03:00
|
|
|
m_ExtendedLen = 4 + excessLen; // 4 bytes extra + excess length
|
2014-11-25 04:19:13 +03:00
|
|
|
// fill certificate
|
2016-01-10 01:26:17 +03:00
|
|
|
m_StandardIdentity.certificate[0] = CERTIFICATE_TYPE_KEY;
|
2017-08-07 20:46:42 +03:00
|
|
|
htobe16buf (m_StandardIdentity.certificate + 1, m_ExtendedLen);
|
2014-11-25 04:19:13 +03:00
|
|
|
// fill extended buffer
|
2014-12-30 17:37:24 +03:00
|
|
|
htobe16buf (m_ExtendedBuffer, type);
|
2017-11-02 23:13:10 +03:00
|
|
|
htobe16buf (m_ExtendedBuffer + 2, cryptoType);
|
2014-11-25 04:19:13 +03:00
|
|
|
if (excessLen && excessBuf)
|
|
|
|
{
|
2021-09-10 04:19:52 +03:00
|
|
|
if (excessLen > MAX_EXTENDED_BUFFER_SIZE - 4)
|
|
|
|
{
|
|
|
|
LogPrint (eLogError, "Identity: Unexpected excessive signing key len ", excessLen);
|
|
|
|
excessLen = MAX_EXTENDED_BUFFER_SIZE - 4;
|
2021-11-27 23:30:35 +03:00
|
|
|
}
|
2014-11-25 04:19:13 +03:00
|
|
|
memcpy (m_ExtendedBuffer + 4, excessBuf, excessLen);
|
|
|
|
delete[] excessBuf;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-11-25 04:19:13 +03:00
|
|
|
// calculate ident hash
|
2017-08-07 20:46:42 +03:00
|
|
|
RecalculateIdentHash();
|
2014-08-24 06:06:53 +04:00
|
|
|
}
|
|
|
|
else // DSA-SHA1
|
|
|
|
{
|
|
|
|
memcpy (m_StandardIdentity.signingKey, signingKey, sizeof (m_StandardIdentity.signingKey));
|
2016-01-10 01:26:17 +03:00
|
|
|
memset (m_StandardIdentity.certificate, 0, sizeof (m_StandardIdentity.certificate));
|
2014-08-24 18:36:59 +04:00
|
|
|
m_IdentHash = m_StandardIdentity.Hash ();
|
2014-08-24 06:06:53 +04:00
|
|
|
m_ExtendedLen = 0;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-24 06:06:53 +04:00
|
|
|
CreateVerifier ();
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void IdentityEx::RecalculateIdentHash(uint8_t * buf)
|
|
|
|
{
|
|
|
|
bool dofree = buf == nullptr;
|
|
|
|
size_t sz = GetFullLen();
|
|
|
|
if(!buf)
|
|
|
|
buf = new uint8_t[sz];
|
|
|
|
ToBuffer (buf, sz);
|
|
|
|
SHA256(buf, sz, m_IdentHash);
|
|
|
|
if(dofree)
|
|
|
|
delete[] buf;
|
|
|
|
}
|
|
|
|
|
2014-08-22 05:57:24 +04:00
|
|
|
IdentityEx::IdentityEx (const uint8_t * buf, size_t len):
|
2021-09-10 04:19:52 +03:00
|
|
|
m_ExtendedLen (0)
|
2014-08-22 05:57:24 +04:00
|
|
|
{
|
|
|
|
FromBuffer (buf, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
IdentityEx::IdentityEx (const IdentityEx& other):
|
2021-09-10 04:19:52 +03:00
|
|
|
m_ExtendedLen (0)
|
2014-08-22 05:57:24 +04:00
|
|
|
{
|
|
|
|
*this = other;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2015-11-03 17:15:49 +03:00
|
|
|
|
|
|
|
IdentityEx::IdentityEx (const Identity& standard):
|
2021-09-10 04:19:52 +03:00
|
|
|
m_ExtendedLen (0)
|
2015-11-03 17:15:49 +03:00
|
|
|
{
|
|
|
|
*this = standard;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2014-08-22 05:57:24 +04:00
|
|
|
IdentityEx::~IdentityEx ()
|
|
|
|
{
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-22 05:57:24 +04:00
|
|
|
|
|
|
|
IdentityEx& IdentityEx::operator=(const IdentityEx& other)
|
|
|
|
{
|
|
|
|
memcpy (&m_StandardIdentity, &other.m_StandardIdentity, DEFAULT_IDENTITY_SIZE);
|
|
|
|
m_IdentHash = other.m_IdentHash;
|
2017-08-07 20:46:42 +03:00
|
|
|
|
2014-08-22 05:57:24 +04:00
|
|
|
m_ExtendedLen = other.m_ExtendedLen;
|
|
|
|
if (m_ExtendedLen > 0)
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2021-09-10 04:19:52 +03:00
|
|
|
if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE) m_ExtendedLen = MAX_EXTENDED_BUFFER_SIZE;
|
2014-08-22 05:57:24 +04:00
|
|
|
memcpy (m_ExtendedBuffer, other.m_ExtendedBuffer, m_ExtendedLen);
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-11-20 20:21:27 +03:00
|
|
|
m_Verifier = nullptr;
|
2023-03-17 04:32:53 +03:00
|
|
|
CreateVerifier ();
|
2017-08-07 20:46:42 +03:00
|
|
|
|
2014-08-22 05:57:24 +04:00
|
|
|
return *this;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-22 05:57:24 +04:00
|
|
|
|
2014-08-23 07:02:48 +04:00
|
|
|
IdentityEx& IdentityEx::operator=(const Identity& standard)
|
|
|
|
{
|
|
|
|
m_StandardIdentity = standard;
|
|
|
|
m_IdentHash = m_StandardIdentity.Hash ();
|
|
|
|
m_ExtendedLen = 0;
|
2014-08-23 16:41:06 +04:00
|
|
|
|
2014-11-20 20:21:27 +03:00
|
|
|
m_Verifier = nullptr;
|
2023-03-17 04:32:53 +03:00
|
|
|
CreateVerifier ();
|
2017-08-07 20:46:42 +03:00
|
|
|
|
2014-08-23 07:02:48 +04:00
|
|
|
return *this;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2014-08-22 05:57:24 +04:00
|
|
|
size_t IdentityEx::FromBuffer (const uint8_t * buf, size_t len)
|
|
|
|
{
|
2014-12-05 03:28:20 +03:00
|
|
|
if (len < DEFAULT_IDENTITY_SIZE)
|
|
|
|
{
|
2021-11-27 22:53:53 +03:00
|
|
|
LogPrint (eLogError, "Identity: Buffer length ", len, " is too small");
|
2014-12-05 03:28:20 +03:00
|
|
|
return 0;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-22 05:57:24 +04:00
|
|
|
memcpy (&m_StandardIdentity, buf, DEFAULT_IDENTITY_SIZE);
|
2014-08-23 16:41:06 +04:00
|
|
|
|
2016-01-10 01:26:17 +03:00
|
|
|
m_ExtendedLen = bufbe16toh (m_StandardIdentity.certificate + 1);
|
|
|
|
if (m_ExtendedLen)
|
2014-08-22 05:57:24 +04:00
|
|
|
{
|
2014-12-05 03:28:20 +03:00
|
|
|
if (m_ExtendedLen + DEFAULT_IDENTITY_SIZE <= len)
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2021-09-10 04:19:52 +03:00
|
|
|
if (m_ExtendedLen > MAX_EXTENDED_BUFFER_SIZE) m_ExtendedLen = MAX_EXTENDED_BUFFER_SIZE;
|
2014-12-05 03:28:20 +03:00
|
|
|
memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-12-05 03:28:20 +03:00
|
|
|
else
|
|
|
|
{
|
2015-12-18 17:08:12 +03:00
|
|
|
LogPrint (eLogError, "Identity: Certificate length ", m_ExtendedLen, " exceeds buffer length ", len - DEFAULT_IDENTITY_SIZE);
|
2016-02-02 19:55:38 +03:00
|
|
|
m_ExtendedLen = 0;
|
2014-12-05 03:28:20 +03:00
|
|
|
return 0;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
}
|
2014-08-22 05:57:24 +04:00
|
|
|
else
|
|
|
|
m_ExtendedLen = 0;
|
2015-11-03 17:15:49 +03:00
|
|
|
SHA256(buf, GetFullLen (), m_IdentHash);
|
2017-08-07 20:46:42 +03:00
|
|
|
|
2014-11-20 20:21:27 +03:00
|
|
|
m_Verifier = nullptr;
|
2023-03-17 04:32:53 +03:00
|
|
|
CreateVerifier ();
|
2017-08-07 20:46:42 +03:00
|
|
|
|
2014-08-22 05:57:24 +04:00
|
|
|
return GetFullLen ();
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-22 05:57:24 +04:00
|
|
|
|
2014-08-23 07:02:48 +04:00
|
|
|
size_t IdentityEx::ToBuffer (uint8_t * buf, size_t len) const
|
2016-02-05 16:44:09 +03:00
|
|
|
{
|
2016-02-05 20:32:50 +03:00
|
|
|
const size_t fullLen = GetFullLen();
|
2016-02-09 04:29:34 +03:00
|
|
|
if (fullLen > len) return 0; // buffer is too small and may overflow somewhere else
|
2014-08-23 07:02:48 +04:00
|
|
|
memcpy (buf, &m_StandardIdentity, DEFAULT_IDENTITY_SIZE);
|
2021-09-10 04:19:52 +03:00
|
|
|
if (m_ExtendedLen > 0)
|
2014-08-23 07:02:48 +04:00
|
|
|
memcpy (buf + DEFAULT_IDENTITY_SIZE, m_ExtendedBuffer, m_ExtendedLen);
|
2016-02-05 16:44:09 +03:00
|
|
|
return fullLen;
|
2014-08-23 07:02:48 +04:00
|
|
|
}
|
2014-09-20 03:25:40 +04:00
|
|
|
|
|
|
|
size_t IdentityEx::FromBase64(const std::string& s)
|
|
|
|
{
|
2016-02-05 16:52:07 +03:00
|
|
|
const size_t slen = s.length();
|
2016-03-07 11:08:08 +03:00
|
|
|
std::vector<uint8_t> buf(slen); // binary data can't exceed base64
|
|
|
|
const size_t len = Base64ToByteStream (s.c_str(), slen, buf.data(), slen);
|
|
|
|
return FromBuffer (buf.data(), len);
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2014-12-01 22:50:10 +03:00
|
|
|
std::string IdentityEx::ToBase64 () const
|
|
|
|
{
|
2016-02-05 16:52:07 +03:00
|
|
|
const size_t bufLen = GetFullLen();
|
|
|
|
const size_t strLen = Base64EncodingBufferSize(bufLen);
|
2016-03-07 11:08:08 +03:00
|
|
|
std::vector<uint8_t> buf(bufLen);
|
|
|
|
std::vector<char> str(strLen);
|
|
|
|
size_t l = ToBuffer (buf.data(), bufLen);
|
|
|
|
size_t l1 = i2p::data::ByteStreamToBase64 (buf.data(), l, str.data(), strLen);
|
|
|
|
return std::string (str.data(), l1);
|
2014-12-01 22:50:10 +03:00
|
|
|
}
|
2017-08-07 20:46:42 +03:00
|
|
|
|
2014-08-23 07:02:48 +04:00
|
|
|
size_t IdentityEx::GetSigningPublicKeyLen () const
|
2014-08-22 05:57:24 +04:00
|
|
|
{
|
2017-08-07 20:46:42 +03:00
|
|
|
if (m_Verifier)
|
2014-08-22 05:57:24 +04:00
|
|
|
return m_Verifier->GetPublicKeyLen ();
|
|
|
|
return 128;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-23 03:47:29 +04:00
|
|
|
|
2019-03-05 20:41:01 +03:00
|
|
|
const uint8_t * IdentityEx::GetSigningPublicKeyBuffer () const
|
|
|
|
{
|
|
|
|
auto keyLen = GetSigningPublicKeyLen ();
|
|
|
|
if (keyLen > 128) return nullptr; // P521
|
|
|
|
return m_StandardIdentity.signingKey + 128 - keyLen;
|
|
|
|
}
|
|
|
|
|
2014-12-11 05:31:06 +03:00
|
|
|
size_t IdentityEx::GetSigningPrivateKeyLen () const
|
|
|
|
{
|
2017-08-07 20:46:42 +03:00
|
|
|
if (m_Verifier)
|
2014-12-11 05:31:06 +03:00
|
|
|
return m_Verifier->GetPrivateKeyLen ();
|
|
|
|
return GetSignatureLen ()/2;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2014-08-23 07:02:48 +04:00
|
|
|
size_t IdentityEx::GetSignatureLen () const
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2014-08-23 03:47:29 +04:00
|
|
|
if (m_Verifier)
|
|
|
|
return m_Verifier->GetSignatureLen ();
|
2016-01-10 01:26:17 +03:00
|
|
|
return i2p::crypto::DSA_SIGNATURE_LENGTH;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
bool IdentityEx::Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const
|
2014-08-22 05:57:24 +04:00
|
|
|
{
|
|
|
|
if (m_Verifier)
|
|
|
|
return m_Verifier->Verify (buf, len, signature);
|
|
|
|
return false;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-24 06:06:53 +04:00
|
|
|
|
|
|
|
SigningKeyType IdentityEx::GetSigningKeyType () const
|
|
|
|
{
|
2017-08-07 20:46:42 +03:00
|
|
|
if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 2)
|
2014-12-30 01:04:02 +03:00
|
|
|
return bufbe16toh (m_ExtendedBuffer); // signing key
|
2014-08-24 06:06:53 +04:00
|
|
|
return SIGNING_KEY_TYPE_DSA_SHA1;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-11-25 04:19:13 +03:00
|
|
|
|
2017-11-28 19:33:51 +03:00
|
|
|
bool IdentityEx::IsRSA () const
|
|
|
|
{
|
|
|
|
auto sigType = GetSigningKeyType ();
|
|
|
|
return sigType <= SIGNING_KEY_TYPE_RSA_SHA512_4096 && sigType >= SIGNING_KEY_TYPE_RSA_SHA256_2048;
|
|
|
|
}
|
|
|
|
|
2014-11-25 04:19:13 +03:00
|
|
|
CryptoKeyType IdentityEx::GetCryptoKeyType () const
|
|
|
|
{
|
2017-08-07 20:46:42 +03:00
|
|
|
if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 4)
|
2014-12-30 01:04:02 +03:00
|
|
|
return bufbe16toh (m_ExtendedBuffer + 2); // crypto key
|
2014-11-25 04:19:13 +03:00
|
|
|
return CRYPTO_KEY_TYPE_ELGAMAL;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2019-01-09 20:47:47 +03:00
|
|
|
i2p::crypto::Verifier * IdentityEx::CreateVerifier (SigningKeyType keyType)
|
2014-08-22 05:57:24 +04:00
|
|
|
{
|
2014-08-24 06:06:53 +04:00
|
|
|
switch (keyType)
|
|
|
|
{
|
|
|
|
case SIGNING_KEY_TYPE_DSA_SHA1:
|
2019-01-02 01:00:37 +03:00
|
|
|
return new i2p::crypto::DSAVerifier ();
|
2014-08-24 06:06:53 +04:00
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
|
2019-01-02 01:00:37 +03:00
|
|
|
return new i2p::crypto::ECDSAP256Verifier ();
|
2014-11-25 04:19:13 +03:00
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
|
2019-01-02 01:00:37 +03:00
|
|
|
return new i2p::crypto::ECDSAP384Verifier ();
|
2014-11-25 04:19:13 +03:00
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
|
2019-01-02 01:00:37 +03:00
|
|
|
return new i2p::crypto::ECDSAP521Verifier ();
|
|
|
|
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
|
|
|
|
return new i2p::crypto::EDDSA25519Verifier ();
|
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256:
|
|
|
|
return new i2p::crypto::GOSTR3410_256_Verifier (i2p::crypto::eGOSTR3410CryptoProA);
|
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512:
|
|
|
|
return new i2p::crypto::GOSTR3410_512_Verifier (i2p::crypto::eGOSTR3410TC26A512);
|
2019-03-25 01:42:52 +03:00
|
|
|
case SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
|
|
|
return new i2p::crypto::RedDSA25519Verifier ();
|
2014-12-11 05:31:06 +03:00
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA256_2048:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA384_3072:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA512_4096:
|
2018-09-21 18:16:38 +03:00
|
|
|
LogPrint (eLogError, "Identity: RSA signing key type ", (int)keyType, " is not supported");
|
|
|
|
break;
|
2014-08-22 05:57:24 +04:00
|
|
|
default:
|
2015-12-18 17:08:12 +03:00
|
|
|
LogPrint (eLogError, "Identity: Signing key type ", (int)keyType, " is not supported");
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2019-01-02 01:00:37 +03:00
|
|
|
return nullptr;
|
|
|
|
}
|
2020-03-01 13:25:50 +03:00
|
|
|
|
2023-03-17 04:32:53 +03:00
|
|
|
void IdentityEx::CreateVerifier ()
|
2019-01-02 01:00:37 +03:00
|
|
|
{
|
2023-03-17 04:32:53 +03:00
|
|
|
if (!m_Verifier)
|
2023-03-31 14:29:04 +03:00
|
|
|
{
|
2023-03-17 04:32:53 +03:00
|
|
|
auto verifier = CreateVerifier (GetSigningKeyType ());
|
|
|
|
if (verifier)
|
2019-01-02 01:00:37 +03:00
|
|
|
{
|
2023-03-17 04:32:53 +03:00
|
|
|
auto keyLen = verifier->GetPublicKeyLen ();
|
|
|
|
if (keyLen <= 128)
|
|
|
|
verifier->SetPublicKey (m_StandardIdentity.signingKey + 128 - keyLen);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
// for P521
|
|
|
|
uint8_t * signingKey = new uint8_t[keyLen];
|
|
|
|
memcpy (signingKey, m_StandardIdentity.signingKey, 128);
|
|
|
|
size_t excessLen = keyLen - 128;
|
|
|
|
memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
|
|
|
|
verifier->SetPublicKey (signingKey);
|
|
|
|
delete[] signingKey;
|
|
|
|
}
|
2020-03-01 13:25:50 +03:00
|
|
|
}
|
2023-03-17 04:32:53 +03:00
|
|
|
m_Verifier.reset (verifier);
|
2023-03-31 14:29:04 +03:00
|
|
|
}
|
2014-11-26 18:28:06 +03:00
|
|
|
}
|
|
|
|
|
2019-01-09 20:47:47 +03:00
|
|
|
std::shared_ptr<i2p::crypto::CryptoKeyEncryptor> IdentityEx::CreateEncryptor (CryptoKeyType keyType, const uint8_t * key)
|
2017-11-07 23:05:22 +03:00
|
|
|
{
|
2019-01-09 20:47:47 +03:00
|
|
|
switch (keyType)
|
2017-11-07 23:05:22 +03:00
|
|
|
{
|
|
|
|
case CRYPTO_KEY_TYPE_ELGAMAL:
|
|
|
|
return std::make_shared<i2p::crypto::ElGamalEncryptor>(key);
|
|
|
|
break;
|
2020-11-15 02:28:50 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_X25519_AEAD:
|
2019-12-19 23:59:15 +03:00
|
|
|
return std::make_shared<i2p::crypto::ECIESX25519AEADRatchetEncryptor>(key);
|
|
|
|
break;
|
2017-11-07 23:05:22 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC:
|
2017-11-13 19:50:17 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC_TEST:
|
2017-11-07 23:05:22 +03:00
|
|
|
return std::make_shared<i2p::crypto::ECIESP256Encryptor>(key);
|
|
|
|
break;
|
2017-11-09 23:01:07 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_GOSTR3410_CRYPTO_PRO_A_SHA256_AES256CBC:
|
|
|
|
return std::make_shared<i2p::crypto::ECIESGOSTR3410Encryptor>(key);
|
|
|
|
break;
|
2017-11-07 23:05:22 +03:00
|
|
|
default:
|
2019-01-09 20:47:47 +03:00
|
|
|
LogPrint (eLogError, "Identity: Unknown crypto key type ", (int)keyType);
|
2017-11-07 23:05:22 +03:00
|
|
|
};
|
|
|
|
return nullptr;
|
2020-03-01 13:25:50 +03:00
|
|
|
}
|
2019-01-09 20:47:47 +03:00
|
|
|
|
|
|
|
std::shared_ptr<i2p::crypto::CryptoKeyEncryptor> IdentityEx::CreateEncryptor (const uint8_t * key) const
|
|
|
|
{
|
|
|
|
if (!key) key = GetEncryptionPublicKey (); // use publicKey
|
|
|
|
return CreateEncryptor (GetCryptoKeyType (), key);
|
2017-11-07 23:05:22 +03:00
|
|
|
}
|
|
|
|
|
2024-07-26 03:36:46 +03:00
|
|
|
size_t GetIdentityBufferLen (const uint8_t * buf, size_t len)
|
|
|
|
{
|
|
|
|
if (len < DEFAULT_IDENTITY_SIZE) return 0;
|
|
|
|
size_t l = DEFAULT_IDENTITY_SIZE + bufbe16toh (buf + DEFAULT_IDENTITY_SIZE - 2);
|
|
|
|
if (l > len) return 0;
|
|
|
|
return l;
|
|
|
|
}
|
|
|
|
|
2014-03-20 00:44:03 +04:00
|
|
|
PrivateKeys& PrivateKeys::operator=(const Keys& keys)
|
|
|
|
{
|
2015-11-03 17:15:49 +03:00
|
|
|
m_Public = std::make_shared<IdentityEx>(Identity (keys));
|
2017-08-07 20:46:42 +03:00
|
|
|
memcpy (m_PrivateKey, keys.privateKey, 256); // 256
|
2015-11-03 17:15:49 +03:00
|
|
|
memcpy (m_SigningPrivateKey, keys.signingPrivateKey, m_Public->GetSigningPrivateKeyLen ());
|
2019-02-08 20:19:51 +03:00
|
|
|
m_OfflineSignature.resize (0);
|
|
|
|
m_TransientSignatureLen = 0;
|
|
|
|
m_TransientSigningPrivateKeyLen = 0;
|
2014-11-25 04:19:13 +03:00
|
|
|
m_Signer = nullptr;
|
2014-08-24 06:54:08 +04:00
|
|
|
CreateSigner ();
|
2014-03-20 00:44:03 +04:00
|
|
|
return *this;
|
|
|
|
}
|
|
|
|
|
2014-08-24 06:54:08 +04:00
|
|
|
PrivateKeys& PrivateKeys::operator=(const PrivateKeys& other)
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2015-11-03 17:15:49 +03:00
|
|
|
m_Public = std::make_shared<IdentityEx>(*other.m_Public);
|
2017-08-07 20:46:42 +03:00
|
|
|
memcpy (m_PrivateKey, other.m_PrivateKey, 256); // 256
|
2019-02-08 20:19:51 +03:00
|
|
|
m_OfflineSignature = other.m_OfflineSignature;
|
|
|
|
m_TransientSignatureLen = other.m_TransientSignatureLen;
|
|
|
|
m_TransientSigningPrivateKeyLen = other.m_TransientSigningPrivateKeyLen;
|
2019-02-15 23:03:58 +03:00
|
|
|
memcpy (m_SigningPrivateKey, other.m_SigningPrivateKey, m_TransientSigningPrivateKeyLen > 0 ? m_TransientSigningPrivateKeyLen : m_Public->GetSigningPrivateKeyLen ());
|
2014-11-25 04:19:13 +03:00
|
|
|
m_Signer = nullptr;
|
2014-08-24 06:54:08 +04:00
|
|
|
CreateSigner ();
|
|
|
|
return *this;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2020-03-01 13:25:50 +03:00
|
|
|
size_t PrivateKeys::GetFullLen () const
|
|
|
|
{
|
2020-10-30 01:41:21 +03:00
|
|
|
size_t ret = m_Public->GetFullLen () + GetPrivateKeyLen () + m_Public->GetSigningPrivateKeyLen ();
|
2019-02-08 20:19:51 +03:00
|
|
|
if (IsOfflineSignature ())
|
|
|
|
ret += m_OfflineSignature.size () + m_TransientSigningPrivateKeyLen;
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2014-08-24 00:06:56 +04:00
|
|
|
size_t PrivateKeys::FromBuffer (const uint8_t * buf, size_t len)
|
|
|
|
{
|
2017-03-25 23:53:20 +03:00
|
|
|
m_Public = std::make_shared<IdentityEx>();
|
|
|
|
size_t ret = m_Public->FromBuffer (buf, len);
|
2020-10-30 01:41:21 +03:00
|
|
|
auto cryptoKeyLen = GetPrivateKeyLen ();
|
|
|
|
if (!ret || ret + cryptoKeyLen > len) return 0; // overflow
|
2021-11-27 23:30:35 +03:00
|
|
|
memcpy (m_PrivateKey, buf + ret, cryptoKeyLen);
|
2020-10-30 01:41:21 +03:00
|
|
|
ret += cryptoKeyLen;
|
2015-11-03 17:15:49 +03:00
|
|
|
size_t signingPrivateKeySize = m_Public->GetSigningPrivateKeyLen ();
|
2019-02-08 00:04:31 +03:00
|
|
|
if(signingPrivateKeySize + ret > len || signingPrivateKeySize > 128) return 0; // overflow
|
2017-08-07 20:46:42 +03:00
|
|
|
memcpy (m_SigningPrivateKey, buf + ret, signingPrivateKeySize);
|
2014-08-24 00:06:56 +04:00
|
|
|
ret += signingPrivateKeySize;
|
2014-11-25 04:19:13 +03:00
|
|
|
m_Signer = nullptr;
|
2019-02-08 00:04:31 +03:00
|
|
|
// check if signing private key is all zeros
|
|
|
|
bool allzeros = true;
|
|
|
|
for (size_t i = 0; i < signingPrivateKeySize; i++)
|
2020-03-01 13:25:50 +03:00
|
|
|
if (m_SigningPrivateKey[i])
|
2019-02-08 00:04:31 +03:00
|
|
|
{
|
|
|
|
allzeros = false;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (allzeros)
|
|
|
|
{
|
|
|
|
// offline information
|
|
|
|
const uint8_t * offlineInfo = buf + ret;
|
2024-07-09 20:44:30 +03:00
|
|
|
uint32_t expires = bufbe32toh (buf + ret); ret += 4; // expires timestamp
|
|
|
|
if (expires < i2p::util::GetSecondsSinceEpoch ())
|
|
|
|
{
|
|
|
|
LogPrint (eLogError, "Identity: Offline signature expired");
|
|
|
|
return 0;
|
|
|
|
}
|
2019-02-08 00:04:31 +03:00
|
|
|
SigningKeyType keyType = bufbe16toh (buf + ret); ret += 2; // key type
|
|
|
|
std::unique_ptr<i2p::crypto::Verifier> transientVerifier (IdentityEx::CreateVerifier (keyType));
|
|
|
|
if (!transientVerifier) return 0;
|
|
|
|
auto keyLen = transientVerifier->GetPublicKeyLen ();
|
|
|
|
if (keyLen + ret > len) return 0;
|
|
|
|
transientVerifier->SetPublicKey (buf + ret); ret += keyLen;
|
|
|
|
if (m_Public->GetSignatureLen () + ret > len) return 0;
|
2020-03-01 13:25:50 +03:00
|
|
|
if (!m_Public->Verify (offlineInfo, keyLen + 6, buf + ret))
|
2019-02-08 00:04:31 +03:00
|
|
|
{
|
2021-11-27 22:53:53 +03:00
|
|
|
LogPrint (eLogError, "Identity: Offline signature verification failed");
|
2019-02-08 00:04:31 +03:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
ret += m_Public->GetSignatureLen ();
|
2019-02-08 20:19:51 +03:00
|
|
|
m_TransientSignatureLen = transientVerifier->GetSignatureLen ();
|
2019-02-08 00:04:31 +03:00
|
|
|
// copy offline signature
|
|
|
|
size_t offlineInfoLen = buf + ret - offlineInfo;
|
|
|
|
m_OfflineSignature.resize (offlineInfoLen);
|
|
|
|
memcpy (m_OfflineSignature.data (), offlineInfo, offlineInfoLen);
|
2020-03-01 13:25:50 +03:00
|
|
|
// override signing private key
|
2019-02-08 20:19:51 +03:00
|
|
|
m_TransientSigningPrivateKeyLen = transientVerifier->GetPrivateKeyLen ();
|
|
|
|
if (m_TransientSigningPrivateKeyLen + ret > len || m_TransientSigningPrivateKeyLen > 128) return 0;
|
|
|
|
memcpy (m_SigningPrivateKey, buf + ret, m_TransientSigningPrivateKeyLen);
|
|
|
|
ret += m_TransientSigningPrivateKeyLen;
|
2019-02-08 00:04:31 +03:00
|
|
|
CreateSigner (keyType);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
CreateSigner (m_Public->GetSigningKeyType ());
|
2014-08-24 00:06:56 +04:00
|
|
|
return ret;
|
|
|
|
}
|
2017-08-07 20:46:42 +03:00
|
|
|
|
2014-08-24 00:06:56 +04:00
|
|
|
size_t PrivateKeys::ToBuffer (uint8_t * buf, size_t len) const
|
|
|
|
{
|
2015-11-03 17:15:49 +03:00
|
|
|
size_t ret = m_Public->ToBuffer (buf, len);
|
2020-10-30 01:41:21 +03:00
|
|
|
auto cryptoKeyLen = GetPrivateKeyLen ();
|
|
|
|
memcpy (buf + ret, m_PrivateKey, cryptoKeyLen);
|
|
|
|
ret += cryptoKeyLen;
|
2016-07-25 16:57:35 +03:00
|
|
|
size_t signingPrivateKeySize = m_Public->GetSigningPrivateKeyLen ();
|
|
|
|
if(ret + signingPrivateKeySize > len) return 0; // overflow
|
2019-02-08 20:19:51 +03:00
|
|
|
if (IsOfflineSignature ())
|
|
|
|
memset (buf + ret, 0, signingPrivateKeySize);
|
|
|
|
else
|
|
|
|
memcpy (buf + ret, m_SigningPrivateKey, signingPrivateKeySize);
|
2014-08-24 00:06:56 +04:00
|
|
|
ret += signingPrivateKeySize;
|
2019-02-08 20:19:51 +03:00
|
|
|
if (IsOfflineSignature ())
|
|
|
|
{
|
|
|
|
// offline signature
|
|
|
|
auto offlineSignatureLen = m_OfflineSignature.size ();
|
|
|
|
if (ret + offlineSignatureLen > len) return 0;
|
|
|
|
memcpy (buf + ret, m_OfflineSignature.data (), offlineSignatureLen);
|
|
|
|
ret += offlineSignatureLen;
|
|
|
|
// transient private key
|
|
|
|
if (ret + m_TransientSigningPrivateKeyLen > len) return 0;
|
|
|
|
memcpy (buf + ret, m_SigningPrivateKey, m_TransientSigningPrivateKeyLen);
|
|
|
|
ret += m_TransientSigningPrivateKeyLen;
|
|
|
|
}
|
2014-08-24 00:06:56 +04:00
|
|
|
return ret;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-24 06:06:53 +04:00
|
|
|
|
2014-12-01 22:50:10 +03:00
|
|
|
size_t PrivateKeys::FromBase64(const std::string& s)
|
|
|
|
{
|
|
|
|
uint8_t * buf = new uint8_t[s.length ()];
|
|
|
|
size_t l = i2p::data::Base64ToByteStream (s.c_str (), s.length (), buf, s.length ());
|
|
|
|
size_t ret = FromBuffer (buf, l);
|
|
|
|
delete[] buf;
|
|
|
|
return ret;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2014-12-01 22:50:10 +03:00
|
|
|
std::string PrivateKeys::ToBase64 () const
|
|
|
|
{
|
|
|
|
uint8_t * buf = new uint8_t[GetFullLen ()];
|
|
|
|
char * str = new char[GetFullLen ()*2];
|
|
|
|
size_t l = ToBuffer (buf, GetFullLen ());
|
|
|
|
size_t l1 = i2p::data::ByteStreamToBase64 (buf, l, str, GetFullLen ()*2);
|
|
|
|
str[l1] = 0;
|
|
|
|
delete[] buf;
|
2014-12-04 05:00:25 +03:00
|
|
|
std::string ret(str);
|
2014-12-01 22:50:10 +03:00
|
|
|
delete[] str;
|
2014-12-04 05:00:25 +03:00
|
|
|
return ret;
|
2014-12-01 22:50:10 +03:00
|
|
|
}
|
|
|
|
|
2014-08-24 06:54:08 +04:00
|
|
|
void PrivateKeys::Sign (const uint8_t * buf, int len, uint8_t * signature) const
|
|
|
|
{
|
2016-07-25 16:57:35 +03:00
|
|
|
if (!m_Signer)
|
2018-01-06 07:01:44 +03:00
|
|
|
CreateSigner();
|
2016-10-10 15:59:45 +03:00
|
|
|
m_Signer->Sign (buf, len, signature);
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-24 06:54:08 +04:00
|
|
|
|
2016-07-25 16:57:35 +03:00
|
|
|
void PrivateKeys::CreateSigner () const
|
2019-02-08 00:04:31 +03:00
|
|
|
{
|
|
|
|
if (IsOfflineSignature ())
|
|
|
|
CreateSigner (bufbe16toh (m_OfflineSignature.data () + 4)); // key type
|
|
|
|
else
|
|
|
|
CreateSigner (m_Public->GetSigningKeyType ());
|
|
|
|
}
|
2020-03-01 13:25:50 +03:00
|
|
|
|
2019-02-08 00:04:31 +03:00
|
|
|
void PrivateKeys::CreateSigner (SigningKeyType keyType) const
|
2014-08-24 06:54:08 +04:00
|
|
|
{
|
2020-03-01 13:25:50 +03:00
|
|
|
if (m_Signer) return;
|
2019-04-05 23:03:58 +03:00
|
|
|
if (keyType == SIGNING_KEY_TYPE_DSA_SHA1)
|
|
|
|
m_Signer.reset (new i2p::crypto::DSASigner (m_SigningPrivateKey, m_Public->GetStandardIdentity ().signingKey));
|
|
|
|
else if (keyType == SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519 && !IsOfflineSignature ())
|
2023-07-10 04:45:30 +03:00
|
|
|
m_Signer.reset (new i2p::crypto::EDDSA25519Signer (m_SigningPrivateKey, m_Public->GetStandardIdentity ().signingKey + (sizeof(Identity::signingKey) - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH))); // TODO: remove public key check
|
2019-04-05 23:03:58 +03:00
|
|
|
else
|
|
|
|
{
|
|
|
|
// public key is not required
|
|
|
|
auto signer = CreateSigner (keyType, m_SigningPrivateKey);
|
|
|
|
if (signer) m_Signer.reset (signer);
|
2020-03-01 13:25:50 +03:00
|
|
|
}
|
2019-04-05 23:03:58 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
i2p::crypto::Signer * PrivateKeys::CreateSigner (SigningKeyType keyType, const uint8_t * priv)
|
|
|
|
{
|
2019-02-08 00:04:31 +03:00
|
|
|
switch (keyType)
|
2017-08-07 20:46:42 +03:00
|
|
|
{
|
2014-11-25 04:19:13 +03:00
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
|
2019-04-05 23:03:58 +03:00
|
|
|
return new i2p::crypto::ECDSAP256Signer (priv);
|
2014-11-25 04:19:13 +03:00
|
|
|
break;
|
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
|
2019-04-05 23:03:58 +03:00
|
|
|
return new i2p::crypto::ECDSAP384Signer (priv);
|
2017-08-07 20:46:42 +03:00
|
|
|
break;
|
2014-11-25 04:19:13 +03:00
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
|
2019-04-05 23:03:58 +03:00
|
|
|
return new i2p::crypto::ECDSAP521Signer (priv);
|
2017-08-07 20:46:42 +03:00
|
|
|
break;
|
2014-12-11 05:31:06 +03:00
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA256_2048:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA384_3072:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA512_4096:
|
2019-04-05 23:03:58 +03:00
|
|
|
LogPrint (eLogError, "Identity: RSA signing key type ", (int)keyType, " is not supported");
|
2017-08-07 20:46:42 +03:00
|
|
|
break;
|
2015-04-09 17:03:21 +03:00
|
|
|
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
|
2019-04-05 23:03:58 +03:00
|
|
|
return new i2p::crypto::EDDSA25519Signer (priv, nullptr);
|
2015-04-09 17:03:21 +03:00
|
|
|
break;
|
2017-03-21 18:48:34 +03:00
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256:
|
2019-04-05 23:03:58 +03:00
|
|
|
return new i2p::crypto::GOSTR3410_256_Signer (i2p::crypto::eGOSTR3410CryptoProA, priv);
|
2017-08-07 20:46:42 +03:00
|
|
|
break;
|
2017-03-21 18:48:34 +03:00
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512:
|
2019-04-05 23:03:58 +03:00
|
|
|
return new i2p::crypto::GOSTR3410_512_Signer (i2p::crypto::eGOSTR3410TC26A512, priv);
|
2017-08-07 20:46:42 +03:00
|
|
|
break;
|
2019-03-25 01:42:52 +03:00
|
|
|
case SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
2020-03-01 13:25:50 +03:00
|
|
|
return new i2p::crypto::RedDSA25519Signer (priv);
|
|
|
|
break;
|
2014-11-25 04:19:13 +03:00
|
|
|
default:
|
2019-04-05 23:03:58 +03:00
|
|
|
LogPrint (eLogError, "Identity: Signing key type ", (int)keyType, " is not supported");
|
2014-11-25 04:19:13 +03:00
|
|
|
}
|
2019-04-05 23:03:58 +03:00
|
|
|
return nullptr;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2019-02-08 00:04:31 +03:00
|
|
|
size_t PrivateKeys::GetSignatureLen () const
|
|
|
|
{
|
2019-02-08 20:19:51 +03:00
|
|
|
return IsOfflineSignature () ? m_TransientSignatureLen : m_Public->GetSignatureLen ();
|
2019-02-08 00:04:31 +03:00
|
|
|
}
|
|
|
|
|
2020-10-30 01:41:21 +03:00
|
|
|
size_t PrivateKeys::GetPrivateKeyLen () const
|
|
|
|
{
|
|
|
|
// private key length always 256, but type 4
|
2021-11-27 23:30:35 +03:00
|
|
|
return (m_Public->GetCryptoKeyType () == CRYPTO_KEY_TYPE_ECIES_X25519_AEAD) ? 32 : 256;
|
|
|
|
}
|
|
|
|
|
2017-08-07 20:46:42 +03:00
|
|
|
uint8_t * PrivateKeys::GetPadding()
|
|
|
|
{
|
|
|
|
if(m_Public->GetSigningKeyType () == SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519)
|
|
|
|
return m_Public->GetEncryptionPublicKeyBuffer() + 256;
|
|
|
|
else
|
|
|
|
return nullptr; // TODO: implement me
|
|
|
|
}
|
|
|
|
|
2017-11-07 23:05:22 +03:00
|
|
|
std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> PrivateKeys::CreateDecryptor (const uint8_t * key) const
|
|
|
|
{
|
2018-01-06 06:48:51 +03:00
|
|
|
if (!key) key = m_PrivateKey; // use privateKey
|
2017-11-08 21:49:48 +03:00
|
|
|
return CreateDecryptor (m_Public->GetCryptoKeyType (), key);
|
|
|
|
}
|
|
|
|
|
|
|
|
std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> PrivateKeys::CreateDecryptor (CryptoKeyType cryptoType, const uint8_t * key)
|
2018-01-06 06:48:51 +03:00
|
|
|
{
|
2017-11-08 21:49:48 +03:00
|
|
|
if (!key) return nullptr;
|
|
|
|
switch (cryptoType)
|
2017-11-07 23:05:22 +03:00
|
|
|
{
|
|
|
|
case CRYPTO_KEY_TYPE_ELGAMAL:
|
|
|
|
return std::make_shared<i2p::crypto::ElGamalDecryptor>(key);
|
|
|
|
break;
|
2020-11-15 02:28:50 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_X25519_AEAD:
|
|
|
|
return std::make_shared<i2p::crypto::ECIESX25519AEADRatchetDecryptor>(key);
|
2021-11-27 23:30:35 +03:00
|
|
|
break;
|
2017-11-07 23:05:22 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC:
|
2017-11-13 19:50:17 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC_TEST:
|
2017-11-07 23:05:22 +03:00
|
|
|
return std::make_shared<i2p::crypto::ECIESP256Decryptor>(key);
|
|
|
|
break;
|
2017-11-09 23:01:07 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_GOSTR3410_CRYPTO_PRO_A_SHA256_AES256CBC:
|
|
|
|
return std::make_shared<i2p::crypto::ECIESGOSTR3410Decryptor>(key);
|
|
|
|
break;
|
2017-11-07 23:05:22 +03:00
|
|
|
default:
|
2017-11-08 21:49:48 +03:00
|
|
|
LogPrint (eLogError, "Identity: Unknown crypto key type ", (int)cryptoType);
|
2017-11-07 23:05:22 +03:00
|
|
|
};
|
2018-01-06 06:48:51 +03:00
|
|
|
return nullptr;
|
2017-11-07 23:05:22 +03:00
|
|
|
}
|
|
|
|
|
2022-10-24 22:12:07 +03:00
|
|
|
PrivateKeys PrivateKeys::CreateRandomKeys (SigningKeyType type, CryptoKeyType cryptoType, bool isDestination)
|
2014-08-24 06:06:53 +04:00
|
|
|
{
|
2014-11-25 04:19:13 +03:00
|
|
|
if (type != SIGNING_KEY_TYPE_DSA_SHA1)
|
2014-08-24 06:06:53 +04:00
|
|
|
{
|
|
|
|
PrivateKeys keys;
|
2014-11-25 04:19:13 +03:00
|
|
|
// signature
|
2017-08-07 20:46:42 +03:00
|
|
|
uint8_t signingPublicKey[512]; // signing public key is 512 bytes max
|
2019-02-08 20:19:51 +03:00
|
|
|
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey, signingPublicKey);
|
2014-08-24 06:06:53 +04:00
|
|
|
// encryption
|
|
|
|
uint8_t publicKey[256];
|
2022-10-24 22:12:07 +03:00
|
|
|
if (isDestination)
|
|
|
|
RAND_bytes (keys.m_PrivateKey, 256);
|
2023-01-03 21:25:19 +03:00
|
|
|
else
|
2022-10-24 22:12:07 +03:00
|
|
|
GenerateCryptoKeyPair (cryptoType, keys.m_PrivateKey, publicKey);
|
2014-11-25 04:19:13 +03:00
|
|
|
// identity
|
2022-10-24 22:12:07 +03:00
|
|
|
keys.m_Public = std::make_shared<IdentityEx> (isDestination ? nullptr : publicKey, signingPublicKey, type, cryptoType);
|
2014-11-25 05:23:12 +03:00
|
|
|
|
|
|
|
keys.CreateSigner ();
|
2014-08-24 06:06:53 +04:00
|
|
|
return keys;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-08-24 06:06:53 +04:00
|
|
|
return PrivateKeys (i2p::data::CreateRandomKeys ()); // DSA-SHA1
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2019-02-08 20:19:51 +03:00
|
|
|
void PrivateKeys::GenerateSigningKeyPair (SigningKeyType type, uint8_t * priv, uint8_t * pub)
|
|
|
|
{
|
|
|
|
switch (type)
|
|
|
|
{
|
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
|
|
|
|
i2p::crypto::CreateECDSAP256RandomKeys (priv, pub);
|
|
|
|
break;
|
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
|
|
|
|
i2p::crypto::CreateECDSAP384RandomKeys (priv, pub);
|
|
|
|
break;
|
|
|
|
case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
|
|
|
|
i2p::crypto::CreateECDSAP521RandomKeys (priv, pub);
|
|
|
|
break;
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA256_2048:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA384_3072:
|
|
|
|
case SIGNING_KEY_TYPE_RSA_SHA512_4096:
|
|
|
|
LogPrint (eLogWarning, "Identity: RSA signature type is not supported. Creating EdDSA");
|
2020-02-29 17:21:50 +03:00
|
|
|
#if (__cplusplus >= 201703L) // C++ 17 or higher
|
2020-03-01 13:25:50 +03:00
|
|
|
[[fallthrough]];
|
|
|
|
#endif
|
2020-02-29 17:21:50 +03:00
|
|
|
// no break here
|
2019-02-08 20:19:51 +03:00
|
|
|
case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
|
|
|
|
i2p::crypto::CreateEDDSA25519RandomKeys (priv, pub);
|
|
|
|
break;
|
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256:
|
|
|
|
i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410CryptoProA, priv, pub);
|
|
|
|
break;
|
|
|
|
case SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512:
|
|
|
|
i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410TC26A512, priv, pub);
|
|
|
|
break;
|
2019-03-25 01:42:52 +03:00
|
|
|
case SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
|
|
|
i2p::crypto::CreateRedDSA25519RandomKeys (priv, pub);
|
2020-03-01 13:25:50 +03:00
|
|
|
break;
|
2019-02-08 20:19:51 +03:00
|
|
|
default:
|
|
|
|
LogPrint (eLogWarning, "Identity: Signing key type ", (int)type, " is not supported. Create DSA-SHA1");
|
|
|
|
i2p::crypto::CreateDSARandomKeys (priv, pub); // DSA-SHA1
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-11-02 23:13:10 +03:00
|
|
|
void PrivateKeys::GenerateCryptoKeyPair (CryptoKeyType type, uint8_t * priv, uint8_t * pub)
|
|
|
|
{
|
|
|
|
switch (type)
|
|
|
|
{
|
|
|
|
case CRYPTO_KEY_TYPE_ELGAMAL:
|
|
|
|
i2p::crypto::GenerateElGamalKeyPair(priv, pub);
|
|
|
|
break;
|
2017-11-07 23:05:22 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC:
|
2017-11-13 19:50:17 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC_TEST:
|
2017-11-06 21:40:58 +03:00
|
|
|
i2p::crypto::CreateECIESP256RandomKeys (priv, pub);
|
|
|
|
break;
|
2017-11-09 23:01:07 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_GOSTR3410_CRYPTO_PRO_A_SHA256_AES256CBC:
|
|
|
|
i2p::crypto::CreateECIESGOSTR3410RandomKeys (priv, pub);
|
|
|
|
break;
|
2020-11-15 02:28:50 +03:00
|
|
|
case CRYPTO_KEY_TYPE_ECIES_X25519_AEAD:
|
2019-12-11 21:38:36 +03:00
|
|
|
i2p::crypto::CreateECIESX25519AEADRatchetRandomKeys (priv, pub);
|
|
|
|
break;
|
2017-11-02 23:13:10 +03:00
|
|
|
default:
|
2023-03-31 15:16:32 +03:00
|
|
|
LogPrint (eLogError, "Identity: Crypto key type ", (int)type, " is not supported");
|
2018-01-06 06:48:51 +03:00
|
|
|
}
|
2017-11-02 23:13:10 +03:00
|
|
|
}
|
|
|
|
|
2019-02-08 20:19:51 +03:00
|
|
|
PrivateKeys PrivateKeys::CreateOfflineKeys (SigningKeyType type, uint32_t expires) const
|
|
|
|
{
|
|
|
|
PrivateKeys keys (*this);
|
2020-03-01 13:25:50 +03:00
|
|
|
std::unique_ptr<i2p::crypto::Verifier> verifier (IdentityEx::CreateVerifier (type));
|
2019-02-08 20:19:51 +03:00
|
|
|
if (verifier)
|
|
|
|
{
|
|
|
|
size_t pubKeyLen = verifier->GetPublicKeyLen ();
|
|
|
|
keys.m_TransientSigningPrivateKeyLen = verifier->GetPrivateKeyLen ();
|
|
|
|
keys.m_TransientSignatureLen = verifier->GetSignatureLen ();
|
|
|
|
keys.m_OfflineSignature.resize (pubKeyLen + m_Public->GetSignatureLen () + 6);
|
|
|
|
htobe32buf (keys.m_OfflineSignature.data (), expires); // expires
|
|
|
|
htobe16buf (keys.m_OfflineSignature.data () + 4, type); // type
|
2022-05-20 19:56:05 +03:00
|
|
|
GenerateSigningKeyPair (type, keys.m_SigningPrivateKey, keys.m_OfflineSignature.data () + 6); // public key
|
2020-03-01 13:25:50 +03:00
|
|
|
Sign (keys.m_OfflineSignature.data (), pubKeyLen + 6, keys.m_OfflineSignature.data () + 6 + pubKeyLen); // signature
|
2019-02-08 20:19:51 +03:00
|
|
|
// recreate signer
|
|
|
|
keys.m_Signer = nullptr;
|
2019-02-15 23:03:58 +03:00
|
|
|
keys.CreateSigner (type);
|
2019-02-08 20:19:51 +03:00
|
|
|
}
|
|
|
|
return keys;
|
|
|
|
}
|
|
|
|
|
2013-12-21 05:22:55 +04:00
|
|
|
Keys CreateRandomKeys ()
|
|
|
|
{
|
2017-08-07 20:46:42 +03:00
|
|
|
Keys keys;
|
2013-12-21 05:22:55 +04:00
|
|
|
// encryption
|
2015-11-03 17:15:49 +03:00
|
|
|
i2p::crypto::GenerateElGamalKeyPair(keys.privateKey, keys.publicKey);
|
2013-12-21 05:22:55 +04:00
|
|
|
// signing
|
2017-08-07 20:46:42 +03:00
|
|
|
i2p::crypto::CreateDSARandomKeys (keys.signingPrivateKey, keys.signingKey);
|
2013-12-21 05:22:55 +04:00
|
|
|
return keys;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2014-01-04 06:24:20 +04:00
|
|
|
|
2024-06-04 19:45:35 +03:00
|
|
|
IdentHash CreateRoutingKey (const IdentHash& ident, bool nextDay)
|
2014-01-04 06:24:20 +04:00
|
|
|
{
|
|
|
|
uint8_t buf[41]; // ident + yyyymmdd
|
|
|
|
memcpy (buf, (const uint8_t *)ident, 32);
|
2024-06-04 19:45:35 +03:00
|
|
|
if (nextDay)
|
|
|
|
i2p::util::GetNextDayDate ((char *)(buf + 32));
|
|
|
|
else
|
|
|
|
i2p::util::GetCurrentDate ((char *)(buf + 32));
|
2014-10-14 18:41:40 +04:00
|
|
|
IdentHash key;
|
2015-11-03 17:15:49 +03:00
|
|
|
SHA256(buf, 40, key);
|
2014-01-04 06:24:20 +04:00
|
|
|
return key;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
|
|
|
|
2014-10-14 18:41:40 +04:00
|
|
|
XORMetric operator^(const IdentHash& key1, const IdentHash& key2)
|
2014-01-04 06:24:20 +04:00
|
|
|
{
|
|
|
|
XORMetric m;
|
2023-08-31 19:52:51 +03:00
|
|
|
|
|
|
|
const uint64_t * hash1 = key1.GetLL (), * hash2 = key2.GetLL ();
|
|
|
|
m.metric_ll[0] = hash1[0] ^ hash2[0];
|
|
|
|
m.metric_ll[1] = hash1[1] ^ hash2[1];
|
|
|
|
m.metric_ll[2] = hash1[2] ^ hash2[2];
|
|
|
|
m.metric_ll[3] = hash1[3] ^ hash2[3];
|
2016-12-08 23:23:40 +03:00
|
|
|
|
2014-01-04 06:24:20 +04:00
|
|
|
return m;
|
2017-08-07 20:46:42 +03:00
|
|
|
}
|
2013-12-21 05:22:55 +04:00
|
|
|
}
|
|
|
|
}
|