2014-12-31 17:14:53 +03:00
# include <string.h>
2019-02-27 23:52:47 +03:00
# include <openssl/sha.h>
# include <openssl/hmac.h>
2019-03-22 23:04:47 +03:00
# include <zlib.h> // for crc32
2014-01-15 05:57:33 +04:00
# include "I2PEndian.h"
2015-11-03 17:15:49 +03:00
# include "Crypto.h"
2019-03-05 23:51:24 +03:00
# include "Ed25519.h"
2013-11-25 03:10:27 +04:00
# include "Log.h"
2014-01-15 05:57:33 +04:00
# include "Timestamp.h"
2017-04-22 03:04:16 +03:00
# include "NetDb.hpp"
2016-05-25 21:17:34 +03:00
# include "Tunnel.h"
2013-11-25 03:10:27 +04:00
# include "LeaseSet.h"
namespace i2p
{
namespace data
{
2018-01-06 06:48:51 +03:00
2019-01-09 20:47:47 +03:00
LeaseSet : : LeaseSet ( bool storeLeases ) :
2019-01-14 21:49:27 +03:00
m_IsValid ( false ) , m_StoreLeases ( storeLeases ) , m_ExpirationTime ( 0 ) , m_EncryptionKey ( nullptr ) ,
m_Buffer ( nullptr ) , m_BufferLen ( 0 )
2018-12-21 23:00:03 +03:00
{
}
2016-02-08 03:45:06 +03:00
LeaseSet : : LeaseSet ( const uint8_t * buf , size_t len , bool storeLeases ) :
2019-01-14 21:49:27 +03:00
m_IsValid ( true ) , m_StoreLeases ( storeLeases ) , m_ExpirationTime ( 0 ) , m_EncryptionKey ( nullptr )
2013-11-25 03:10:27 +04:00
{
2015-04-08 16:39:02 +03:00
m_Buffer = new uint8_t [ len ] ;
2014-07-29 21:44:54 +04:00
memcpy ( m_Buffer , buf , len ) ;
m_BufferLen = len ;
ReadFromBuffer ( ) ;
}
2018-01-25 18:32:08 +03:00
void LeaseSet : : Update ( const uint8_t * buf , size_t len , bool verifySignature )
2018-01-06 06:48:51 +03:00
{
2015-04-08 16:39:02 +03:00
if ( len > m_BufferLen )
{
auto oldBuffer = m_Buffer ;
m_Buffer = new uint8_t [ len ] ;
delete [ ] oldBuffer ;
2018-01-06 06:48:51 +03:00
}
2014-07-29 21:44:54 +04:00
memcpy ( m_Buffer , buf , len ) ;
m_BufferLen = len ;
2018-01-25 18:32:08 +03:00
ReadFromBuffer ( false , verifySignature ) ;
2014-07-22 04:14:11 +04:00
}
2016-02-08 03:45:06 +03:00
void LeaseSet : : PopulateLeases ( )
{
m_StoreLeases = true ;
ReadFromBuffer ( false ) ;
2018-01-06 06:48:51 +03:00
}
2018-01-25 18:09:34 +03:00
void LeaseSet : : ReadFromBuffer ( bool readIdentity , bool verifySignature )
2018-01-06 06:48:51 +03:00
{
2015-11-03 17:15:49 +03:00
if ( readIdentity | | ! m_Identity )
m_Identity = std : : make_shared < IdentityEx > ( m_Buffer , m_BufferLen ) ;
size_t size = m_Identity - > GetFullLen ( ) ;
2016-02-02 19:55:38 +03:00
if ( size > m_BufferLen )
{
LogPrint ( eLogError , " LeaseSet: identity length " , size , " exceeds buffer size " , m_BufferLen ) ;
m_IsValid = false ;
return ;
}
2019-01-14 21:49:27 +03:00
if ( m_StoreLeases )
{
if ( ! m_EncryptionKey ) m_EncryptionKey = new uint8_t [ 256 ] ;
memcpy ( m_EncryptionKey , m_Buffer + size , 256 ) ;
}
2014-08-22 05:57:24 +04:00
size + = 256 ; // encryption key
2015-11-03 17:15:49 +03:00
size + = m_Identity - > GetSigningPublicKeyLen ( ) ; // unused signing key
2014-08-22 05:57:24 +04:00
uint8_t num = m_Buffer [ size ] ;
size + + ; // num
2015-12-18 17:08:23 +03:00
LogPrint ( eLogDebug , " LeaseSet: read num= " , ( int ) num ) ;
2016-02-02 19:55:38 +03:00
if ( ! num | | num > MAX_NUM_LEASES )
2018-01-06 06:48:51 +03:00
{
2016-02-02 19:55:38 +03:00
LogPrint ( eLogError , " LeaseSet: incorrect number of leases " , ( int ) num ) ;
m_IsValid = false ;
return ;
2018-01-06 06:48:51 +03:00
}
2013-11-25 03:10:27 +04:00
2019-01-09 20:47:47 +03:00
UpdateLeasesBegin ( ) ;
2016-02-09 23:27:23 +03:00
2014-01-26 18:07:31 +04:00
// process leases
2016-02-08 03:45:06 +03:00
m_ExpirationTime = 0 ;
2016-02-10 06:42:01 +03:00
auto ts = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
2014-08-22 05:57:24 +04:00
const uint8_t * leases = m_Buffer + size ;
for ( int i = 0 ; i < num ; i + + )
2013-11-25 03:10:27 +04:00
{
2014-12-31 17:14:53 +03:00
Lease lease ;
2015-03-23 19:55:42 +03:00
lease . tunnelGateway = leases ;
leases + = 32 ; // gateway
lease . tunnelID = bufbe32toh ( leases ) ;
leases + = 4 ; // tunnel ID
2018-01-06 06:48:51 +03:00
lease . endDate = bufbe64toh ( leases ) ;
2015-03-23 19:55:42 +03:00
leases + = 8 ; // end date
2019-01-02 23:40:48 +03:00
UpdateLease ( lease , ts ) ;
2018-01-06 06:48:51 +03:00
}
2016-02-15 02:30:07 +03:00
if ( ! m_ExpirationTime )
2016-02-10 06:42:01 +03:00
{
LogPrint ( eLogWarning , " LeaseSet: all leases are expired. Dropped " ) ;
m_IsValid = false ;
return ;
2018-01-06 06:48:51 +03:00
}
2016-02-15 02:30:07 +03:00
m_ExpirationTime + = LEASE_ENDDATE_THRESHOLD ;
2019-01-09 20:47:47 +03:00
UpdateLeasesEnd ( ) ;
// verify
if ( verifySignature & & ! m_Identity - > Verify ( m_Buffer , leases - m_Buffer , leases ) )
{
LogPrint ( eLogWarning , " LeaseSet: verification failed " ) ;
m_IsValid = false ;
}
}
void LeaseSet : : UpdateLeasesBegin ( )
{
// reset existing leases
if ( m_StoreLeases )
for ( auto & it : m_Leases )
it - > isUpdated = false ;
else
m_Leases . clear ( ) ;
}
void LeaseSet : : UpdateLeasesEnd ( )
{
2018-01-06 06:48:51 +03:00
// delete old leases
2016-02-09 23:27:23 +03:00
if ( m_StoreLeases )
2018-01-06 06:48:51 +03:00
{
2016-02-09 23:27:23 +03:00
for ( auto it = m_Leases . begin ( ) ; it ! = m_Leases . end ( ) ; )
2018-01-06 06:48:51 +03:00
{
2016-02-09 23:27:23 +03:00
if ( ! ( * it ) - > isUpdated )
{
( * it ) - > endDate = 0 ; // somebody might still hold it
m_Leases . erase ( it + + ) ;
2018-01-06 06:48:51 +03:00
}
2016-02-09 23:27:23 +03:00
else
2016-08-05 21:23:54 +03:00
+ + it ;
2016-02-09 23:27:23 +03:00
}
}
2018-01-06 06:48:51 +03:00
}
2016-02-17 06:57:38 +03:00
2019-01-02 23:40:48 +03:00
void LeaseSet : : UpdateLease ( const Lease & lease , uint64_t ts )
{
if ( ts < lease . endDate + LEASE_ENDDATE_THRESHOLD )
{
if ( lease . endDate > m_ExpirationTime )
m_ExpirationTime = lease . endDate ;
if ( m_StoreLeases )
{
auto ret = m_Leases . insert ( std : : make_shared < Lease > ( lease ) ) ;
if ( ! ret . second ) ( * ret . first ) - > endDate = lease . endDate ; // update existing
( * ret . first ) - > isUpdated = true ;
// check if lease's gateway is in our netDb
if ( ! netdb . FindRouter ( lease . tunnelGateway ) )
{
// if not found request it
LogPrint ( eLogInfo , " LeaseSet: Lease's tunnel gateway not found, requesting " ) ;
netdb . RequestDestination ( lease . tunnelGateway ) ;
}
}
}
else
LogPrint ( eLogWarning , " LeaseSet: Lease is expired already " ) ;
}
2018-01-26 22:33:06 +03:00
uint64_t LeaseSet : : ExtractTimestamp ( const uint8_t * buf , size_t len ) const
2016-02-17 06:57:38 +03:00
{
if ( ! m_Identity ) return 0 ;
size_t size = m_Identity - > GetFullLen ( ) ;
if ( size > len ) return 0 ;
size + = 256 ; // encryption key
size + = m_Identity - > GetSigningPublicKeyLen ( ) ; // unused signing key
if ( size > len ) return 0 ;
2018-01-26 22:33:06 +03:00
uint8_t num = buf [ size ] ;
2016-02-17 06:57:38 +03:00
size + + ; // num
2016-05-25 21:17:34 +03:00
if ( size + num * LEASE_SIZE > len ) return 0 ;
2016-02-17 06:57:38 +03:00
uint64_t timestamp = 0 ;
for ( int i = 0 ; i < num ; i + + )
{
size + = 36 ; // gateway (32) + tunnelId(4)
2018-01-06 06:48:51 +03:00
auto endDate = bufbe64toh ( buf + size ) ;
2016-02-17 06:57:38 +03:00
size + = 8 ; // end date
if ( ! timestamp | | endDate < timestamp )
timestamp = endDate ;
2018-01-06 06:48:51 +03:00
}
2016-02-17 06:57:38 +03:00
return timestamp ;
2018-01-06 06:48:51 +03:00
}
2016-02-17 06:57:38 +03:00
bool LeaseSet : : IsNewer ( const uint8_t * buf , size_t len ) const
{
2018-01-26 22:33:06 +03:00
return ExtractTimestamp ( buf , len ) > ExtractTimestamp ( m_Buffer , m_BufferLen ) ;
2018-01-06 06:48:51 +03:00
}
2016-07-22 16:56:17 +03:00
2016-09-03 18:46:47 +03:00
bool LeaseSet : : ExpiresSoon ( const uint64_t dlt , const uint64_t fudge ) const
2016-07-22 16:56:17 +03:00
{
auto now = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
2016-09-03 18:46:47 +03:00
if ( fudge ) now + = rand ( ) % fudge ;
2016-07-22 16:56:17 +03:00
if ( now > = m_ExpirationTime ) return true ;
return m_ExpirationTime - now < = dlt ;
}
2016-08-27 20:17:34 +03:00
const std : : vector < std : : shared_ptr < const Lease > > LeaseSet : : GetNonExpiredLeases ( bool withThreshold ) const
{
return GetNonExpiredLeasesExcluding ( [ ] ( const Lease & l ) - > bool { return false ; } , withThreshold ) ;
}
2018-01-06 06:48:51 +03:00
2016-08-27 20:17:34 +03:00
const std : : vector < std : : shared_ptr < const Lease > > LeaseSet : : GetNonExpiredLeasesExcluding ( LeaseInspectFunc exclude , bool withThreshold ) const
2014-01-15 05:57:33 +04:00
{
auto ts = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
2016-02-11 06:51:08 +03:00
std : : vector < std : : shared_ptr < const Lease > > leases ;
2016-08-05 21:23:54 +03:00
for ( const auto & it : m_Leases )
2015-03-26 17:30:29 +03:00
{
2016-02-09 18:46:27 +03:00
auto endDate = it - > endDate ;
2016-02-15 02:30:07 +03:00
if ( withThreshold )
endDate + = LEASE_ENDDATE_THRESHOLD ;
else
endDate - = LEASE_ENDDATE_THRESHOLD ;
2016-08-27 20:17:34 +03:00
if ( ts < endDate & & ! exclude ( * it ) )
2014-03-23 17:25:16 +04:00
leases . push_back ( it ) ;
2018-01-06 06:48:51 +03:00
}
return leases ;
}
2014-01-15 05:57:33 +04:00
bool LeaseSet : : HasExpiredLeases ( ) const
2018-01-06 07:01:44 +03:00
{
2014-01-15 05:57:33 +04:00
auto ts = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
2016-08-05 21:23:54 +03:00
for ( const auto & it : m_Leases )
2016-02-09 18:46:27 +03:00
if ( ts > = it - > endDate ) return true ;
2014-01-15 05:57:33 +04:00
return false ;
2018-01-06 07:01:44 +03:00
}
2014-01-15 05:57:33 +04:00
2016-02-08 03:45:06 +03:00
bool LeaseSet : : IsExpired ( ) const
2014-01-15 05:57:33 +04:00
{
2016-07-01 00:21:18 +03:00
if ( m_StoreLeases & & IsEmpty ( ) ) return true ;
2014-01-15 05:57:33 +04:00
auto ts = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
2016-02-08 03:45:06 +03:00
return ts > m_ExpirationTime ;
2016-05-25 21:17:34 +03:00
}
2017-11-08 04:30:05 +03:00
void LeaseSet : : Encrypt ( const uint8_t * data , uint8_t * encrypted , BN_CTX * ctx ) const
2017-11-07 23:05:22 +03:00
{
2019-01-14 21:49:27 +03:00
if ( ! m_EncryptionKey ) return ;
2017-11-07 23:05:22 +03:00
auto encryptor = m_Identity - > CreateEncryptor ( m_EncryptionKey ) ;
if ( encryptor )
2018-03-09 22:56:06 +03:00
encryptor - > Encrypt ( data , encrypted , ctx , true ) ;
2017-11-07 23:05:22 +03:00
}
2018-12-21 23:00:03 +03:00
void LeaseSet : : SetBuffer ( const uint8_t * buf , size_t len )
{
if ( m_Buffer ) delete [ ] m_Buffer ;
m_Buffer = new uint8_t [ len ] ;
m_BufferLen = len ;
memcpy ( m_Buffer , buf , len ) ;
}
2019-03-22 22:32:13 +03:00
BlindedPublicKey : : BlindedPublicKey ( std : : shared_ptr < const IdentityEx > identity , SigningKeyType blindedKeyType ) :
m_BlindedSigType ( blindedKeyType )
{
if ( ! identity ) return ;
auto len = identity - > GetSigningPublicKeyLen ( ) ;
m_PublicKey . resize ( len ) ;
memcpy ( m_PublicKey . data ( ) , identity - > GetSigningPublicKeyBuffer ( ) , len ) ;
m_SigType = identity - > GetSigningKeyType ( ) ;
}
2019-03-22 23:04:47 +03:00
BlindedPublicKey : : BlindedPublicKey ( const std : : string & b33 )
{
2019-04-08 22:22:42 +03:00
uint8_t addr [ 40 ] ; // TODO: define length from b33
2019-03-22 23:04:47 +03:00
size_t l = i2p : : data : : Base32ToByteStream ( b33 . c_str ( ) , b33 . length ( ) , addr , 40 ) ;
uint32_t checksum = crc32 ( 0 , addr + 3 , l - 3 ) ;
// checksum is Little Endian
addr [ 0 ] ^ = checksum ; addr [ 1 ] ^ = ( checksum > > 8 ) ; addr [ 2 ] ^ = ( checksum > > 16 ) ;
uint8_t flag = addr [ 0 ] ;
size_t offset = 1 ;
if ( flag & 0x01 ) // two bytes signatures
{
m_SigType = bufbe16toh ( addr + offset ) ; offset + = 2 ;
m_BlindedSigType = bufbe16toh ( addr + offset ) ; offset + = 2 ;
}
else // one byte sig
{
m_SigType = addr [ offset ] ; offset + + ;
m_BlindedSigType = addr [ offset ] ; offset + + ;
}
std : : unique_ptr < i2p : : crypto : : Verifier > blindedVerifier ( i2p : : data : : IdentityEx : : CreateVerifier ( m_SigType ) ) ;
if ( blindedVerifier )
{
auto len = blindedVerifier - > GetPublicKeyLen ( ) ;
if ( offset + len < = l )
{
m_PublicKey . resize ( len ) ;
memcpy ( m_PublicKey . data ( ) , addr + offset , len ) ;
}
else
LogPrint ( eLogError , " LeaseSet2: public key in b33 address is too short for signature type " , ( int ) m_SigType ) ;
}
else
LogPrint ( eLogError , " LeaseSet2: unknown signature type " , ( int ) m_SigType , " in b33 " ) ;
}
2019-03-28 23:06:53 +03:00
std : : string BlindedPublicKey : : ToB33 ( ) const
{
if ( m_PublicKey . size ( ) > 32 ) return " " ; // assume 25519
uint8_t addr [ 35 ] ; char str [ 60 ] ; // TODO: define actual length
addr [ 0 ] = 0 ; // flags
addr [ 1 ] = m_SigType ; // sig type
addr [ 2 ] = m_BlindedSigType ; // blinded sig type
memcpy ( addr + 3 , m_PublicKey . data ( ) , m_PublicKey . size ( ) ) ;
uint32_t checksum = crc32 ( 0 , addr + 3 , m_PublicKey . size ( ) ) ;
// checksum is Little Endian
addr [ 0 ] ^ = checksum ; addr [ 1 ] ^ = ( checksum > > 8 ) ; addr [ 2 ] ^ = ( checksum > > 16 ) ;
auto l = ByteStreamToBase32 ( addr , m_PublicKey . size ( ) + 3 , str , 60 ) ;
return std : : string ( str , str + l ) ;
}
2019-04-02 23:32:18 +03:00
void BlindedPublicKey : : GetCredential ( uint8_t * credential ) const
{
// A = destination's signing public key
// stA = signature type of A, 2 bytes big endian
uint16_t stA = htobe16 ( GetSigType ( ) ) ;
// stA1 = signature type of blinded A, 2 bytes big endian
uint16_t stA1 = htobe16 ( GetBlindedSigType ( ) ) ;
// credential = H("credential", A || stA || stA1)
H ( " credential " , { { GetPublicKey ( ) , GetPublicKeyLen ( ) } , { ( const uint8_t * ) & stA , 2 } , { ( const uint8_t * ) & stA1 , 2 } } , credential ) ;
}
void BlindedPublicKey : : GetSubcredential ( const uint8_t * blinded , size_t len , uint8_t * subcredential ) const
{
uint8_t credential [ 32 ] ;
GetCredential ( credential ) ;
// subcredential = H("subcredential", credential || blindedPublicKey)
H ( " subcredential " , { { credential , 32 } , { blinded , len } } , subcredential ) ;
}
2019-04-05 23:03:58 +03:00
void BlindedPublicKey : : GenerateAlpha ( const char * date , uint8_t * seed ) const
2019-04-02 23:32:18 +03:00
{
2019-04-05 23:03:58 +03:00
uint16_t stA = htobe16 ( GetSigType ( ) ) , stA1 = htobe16 ( GetBlindedSigType ( ) ) ;
uint8_t salt [ 32 ] ;
2019-04-02 23:32:18 +03:00
//seed = HKDF(H("I2PGenerateAlpha", keydata), datestring || secret, "i2pblinding1", 64)
H ( " I2PGenerateAlpha " , { { GetPublicKey ( ) , GetPublicKeyLen ( ) } , { ( const uint8_t * ) & stA , 2 } , { ( const uint8_t * ) & stA1 , 2 } } , salt ) ;
i2p : : crypto : : HKDF ( salt , ( const uint8_t * ) date , 8 , " i2pblinding1 " , seed ) ;
2019-04-05 23:03:58 +03:00
}
void BlindedPublicKey : : GetBlindedKey ( const char * date , uint8_t * blindedKey ) const
{
uint8_t seed [ 64 ] ;
GenerateAlpha ( date , seed ) ;
2019-04-02 23:32:18 +03:00
i2p : : crypto : : GetEd25519 ( ) - > BlindPublicKey ( GetPublicKey ( ) , seed , blindedKey ) ;
}
2019-04-05 23:03:58 +03:00
void BlindedPublicKey : : BlindPrivateKey ( const uint8_t * priv , const char * date , uint8_t * blindedPriv , uint8_t * blindedPub ) const
{
uint8_t seed [ 64 ] ;
GenerateAlpha ( date , seed ) ;
i2p : : crypto : : GetEd25519 ( ) - > BlindPrivateKey ( priv , seed , blindedPriv , blindedPub ) ;
}
2019-04-02 23:32:18 +03:00
void BlindedPublicKey : : H ( const std : : string & p , const std : : vector < std : : pair < const uint8_t * , size_t > > & bufs , uint8_t * hash ) const
{
SHA256_CTX ctx ;
SHA256_Init ( & ctx ) ;
SHA256_Update ( & ctx , p . c_str ( ) , p . length ( ) ) ;
for ( const auto & it : bufs )
SHA256_Update ( & ctx , it . first , it . second ) ;
SHA256_Final ( hash , & ctx ) ;
}
i2p : : data : : IdentHash BlindedPublicKey : : GetStoreHash ( ) const
{
i2p : : data : : IdentHash hash ;
if ( m_BlindedSigType = = i2p : : data : : SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 | |
m_BlindedSigType = = SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519 )
{
char date [ 9 ] ;
i2p : : util : : GetCurrentDate ( date ) ;
uint8_t blinded [ 32 ] ;
GetBlindedKey ( date , blinded ) ;
auto stA1 = htobe16 ( m_BlindedSigType ) ;
SHA256_CTX ctx ;
SHA256_Init ( & ctx ) ;
SHA256_Update ( & ctx , ( const uint8_t * ) & stA1 , 2 ) ;
SHA256_Update ( & ctx , blinded , 32 ) ;
SHA256_Final ( ( uint8_t * ) hash , & ctx ) ;
}
else
LogPrint ( eLogError , " LeaseSet2: blinded key type " , ( int ) m_BlindedSigType , " is not supported " ) ;
return hash ;
}
2019-01-09 20:47:47 +03:00
LeaseSet2 : : LeaseSet2 ( uint8_t storeType , const uint8_t * buf , size_t len , bool storeLeases ) :
2019-02-27 23:52:47 +03:00
LeaseSet ( storeLeases ) , m_StoreType ( storeType )
2018-12-26 23:27:32 +03:00
{
2018-12-21 23:00:03 +03:00
SetBuffer ( buf , len ) ;
2019-01-08 19:26:50 +03:00
if ( storeType = = NETDB_STORE_TYPE_ENCRYPTED_LEASESET2 )
2019-02-27 23:52:47 +03:00
ReadFromBufferEncrypted ( buf , len , nullptr ) ;
2019-01-08 19:26:50 +03:00
else
ReadFromBuffer ( buf , len ) ;
2018-12-21 23:00:03 +03:00
}
2019-03-22 22:32:13 +03:00
LeaseSet2 : : LeaseSet2 ( const uint8_t * buf , size_t len , std : : shared_ptr < const BlindedPublicKey > key ) :
2019-02-27 23:52:47 +03:00
LeaseSet ( true ) , m_StoreType ( NETDB_STORE_TYPE_ENCRYPTED_LEASESET2 )
{
2019-03-22 22:32:13 +03:00
ReadFromBufferEncrypted ( buf , len , key ) ;
2019-02-27 23:52:47 +03:00
}
2019-01-17 03:00:17 +03:00
void LeaseSet2 : : Update ( const uint8_t * buf , size_t len , bool verifySignature )
{
SetBuffer ( buf , len ) ;
2019-02-02 01:41:12 +03:00
if ( GetStoreType ( ) ! = NETDB_STORE_TYPE_ENCRYPTED_LEASESET2 )
2019-02-01 20:55:13 +03:00
ReadFromBuffer ( buf , len , false , verifySignature ) ;
// TODO: implement encrypted
2019-01-17 03:00:17 +03:00
}
2019-02-01 20:55:13 +03:00
void LeaseSet2 : : ReadFromBuffer ( const uint8_t * buf , size_t len , bool readIdentity , bool verifySignature )
2018-12-21 23:00:03 +03:00
{
2019-01-02 22:19:10 +03:00
// standard LS2 header
2019-02-01 20:55:13 +03:00
std : : shared_ptr < const IdentityEx > identity ;
if ( readIdentity )
{
identity = std : : make_shared < IdentityEx > ( buf , len ) ;
SetIdentity ( identity ) ;
}
else
identity = GetIdentity ( ) ;
2018-12-21 23:00:03 +03:00
size_t offset = identity - > GetFullLen ( ) ;
2019-01-08 19:26:50 +03:00
if ( offset + 8 > = len ) return ;
2019-02-27 00:20:24 +03:00
m_PublishedTimestamp = bufbe32toh ( buf + offset ) ; offset + = 4 ; // published timestamp (seconds)
2018-12-21 23:00:03 +03:00
uint16_t expires = bufbe16toh ( buf + offset ) ; offset + = 2 ; // expires (seconds)
2019-02-27 00:20:24 +03:00
SetExpirationTime ( ( m_PublishedTimestamp + expires ) * 1000LL ) ; // in milliseconds
2018-12-31 22:23:48 +03:00
uint16_t flags = bufbe16toh ( buf + offset ) ; offset + = 2 ; // flags
2019-02-12 22:56:39 +03:00
if ( flags & LEASESET2_FLAG_OFFLINE_KEYS )
2019-01-02 01:00:37 +03:00
{
2019-01-16 02:56:26 +03:00
// transient key
2019-02-06 21:36:03 +03:00
m_TransientVerifier = ProcessOfflineSignature ( identity , buf , len , offset ) ;
if ( ! m_TransientVerifier )
{
LogPrint ( eLogError , " LeaseSet2: offline signature failed " ) ;
2019-01-16 02:56:26 +03:00
return ;
2019-02-06 21:36:03 +03:00
}
2019-01-02 01:00:37 +03:00
}
2019-01-02 22:19:10 +03:00
// type specific part
size_t s = 0 ;
switch ( m_StoreType )
{
case NETDB_STORE_TYPE_STANDARD_LEASESET2 :
s = ReadStandardLS2TypeSpecificPart ( buf + offset , len - offset ) ;
break ;
case NETDB_STORE_TYPE_META_LEASESET2 :
s = ReadMetaLS2TypeSpecificPart ( buf + offset , len - offset ) ;
break ;
default :
LogPrint ( eLogWarning , " LeaseSet2: Unexpected store type " , ( int ) m_StoreType ) ;
}
if ( ! s ) return ;
offset + = s ;
2019-02-06 21:36:03 +03:00
if ( verifySignature | | m_TransientVerifier )
2019-02-01 20:55:13 +03:00
{
// verify signature
2019-02-06 21:36:03 +03:00
bool verified = m_TransientVerifier ? VerifySignature ( m_TransientVerifier , buf , len , offset ) :
2019-02-01 20:55:13 +03:00
VerifySignature ( identity , buf , len , offset ) ;
SetIsValid ( verified ) ;
}
2019-01-08 19:26:50 +03:00
}
template < typename Verifier >
bool LeaseSet2 : : VerifySignature ( Verifier & verifier , const uint8_t * buf , size_t len , size_t signatureOffset )
{
if ( signatureOffset + verifier - > GetSignatureLen ( ) > len ) return false ;
2019-01-10 18:57:57 +03:00
// we assume buf inside DatabaseStore message, so buf[-1] is valid memory
// change it for signature verification, and restore back
uint8_t c = buf [ - 1 ] ;
const_cast < uint8_t * > ( buf ) [ - 1 ] = m_StoreType ;
bool verified = verifier - > Verify ( buf - 1 , signatureOffset + 1 , buf + signatureOffset ) ;
const_cast < uint8_t * > ( buf ) [ - 1 ] = c ;
2019-01-02 22:19:10 +03:00
if ( ! verified )
LogPrint ( eLogWarning , " LeaseSet2: verification failed " ) ;
2019-01-08 19:26:50 +03:00
return verified ;
2019-01-02 22:19:10 +03:00
}
size_t LeaseSet2 : : ReadStandardLS2TypeSpecificPart ( const uint8_t * buf , size_t len )
{
size_t offset = 0 ;
2018-12-26 23:27:32 +03:00
// properties
uint16_t propertiesLen = bufbe16toh ( buf + offset ) ; offset + = 2 ;
offset + = propertiesLen ; // skip for now. TODO: implement properties
2019-01-02 22:19:10 +03:00
if ( offset + 1 > = len ) return 0 ;
2018-12-26 23:27:32 +03:00
// key sections
2019-01-30 22:10:40 +03:00
uint16_t currentKeyType = 0 ;
2019-01-02 01:00:37 +03:00
int numKeySections = buf [ offset ] ; offset + + ;
for ( int i = 0 ; i < numKeySections ; i + + )
2018-12-26 23:27:32 +03:00
{
2019-01-09 20:47:47 +03:00
uint16_t keyType = bufbe16toh ( buf + offset ) ; offset + = 2 ; // encryption key type
2019-01-02 22:19:10 +03:00
if ( offset + 2 > = len ) return 0 ;
2018-12-26 23:27:32 +03:00
uint16_t encryptionKeyLen = bufbe16toh ( buf + offset ) ; offset + = 2 ;
2019-01-09 20:47:47 +03:00
if ( offset + encryptionKeyLen > = len ) return 0 ;
2019-01-30 22:10:40 +03:00
if ( IsStoreLeases ( ) ) // create encryptor with leases only
2019-01-09 20:47:47 +03:00
{
2019-01-30 22:10:40 +03:00
// we pick first valid key, higher key type has higher priority 4-1-0
// if two keys with of the same type, pick first
2019-01-09 20:47:47 +03:00
auto encryptor = i2p : : data : : IdentityEx : : CreateEncryptor ( keyType , buf + offset ) ;
2019-01-30 22:10:40 +03:00
if ( encryptor & & ( ! m_Encryptor | | keyType > currentKeyType ) )
{
m_Encryptor = encryptor ; // TODO: atomic
currentKeyType = keyType ;
}
2019-01-09 20:47:47 +03:00
}
2018-12-26 23:27:32 +03:00
offset + = encryptionKeyLen ;
}
// leases
2019-01-02 22:19:10 +03:00
if ( offset + 1 > = len ) return 0 ;
2018-12-26 23:27:32 +03:00
int numLeases = buf [ offset ] ; offset + + ;
2019-01-02 23:40:48 +03:00
auto ts = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
2019-01-09 20:47:47 +03:00
if ( IsStoreLeases ( ) )
2019-01-02 22:19:10 +03:00
{
2019-01-09 20:47:47 +03:00
UpdateLeasesBegin ( ) ;
for ( int i = 0 ; i < numLeases ; i + + )
{
2019-01-10 19:52:34 +03:00
if ( offset + LEASE2_SIZE > len ) return 0 ;
2019-01-09 20:47:47 +03:00
Lease lease ;
lease . tunnelGateway = buf + offset ; offset + = 32 ; // gateway
lease . tunnelID = bufbe32toh ( buf + offset ) ; offset + = 4 ; // tunnel ID
lease . endDate = bufbe32toh ( buf + offset ) * 1000LL ; offset + = 4 ; // end date
UpdateLease ( lease , ts ) ;
}
UpdateLeasesEnd ( ) ;
2019-01-02 22:19:10 +03:00
}
2019-01-09 20:47:47 +03:00
else
2019-01-10 19:52:34 +03:00
offset + = numLeases * LEASE2_SIZE ; // 40 bytes per lease
2019-01-02 22:19:10 +03:00
return offset ;
}
size_t LeaseSet2 : : ReadMetaLS2TypeSpecificPart ( const uint8_t * buf , size_t len )
{
size_t offset = 0 ;
// properties
uint16_t propertiesLen = bufbe16toh ( buf + offset ) ; offset + = 2 ;
offset + = propertiesLen ; // skip for now. TODO: implement properties
// entries
if ( offset + 1 > = len ) return 0 ;
int numEntries = buf [ offset ] ; offset + + ;
for ( int i = 0 ; i < numEntries ; i + + )
{
if ( offset + 40 > = len ) return 0 ;
offset + = 32 ; // hash
offset + = 3 ; // flags
offset + = 1 ; // cost
offset + = 4 ; // expires
}
// revocations
if ( offset + 1 > = len ) return 0 ;
int numRevocations = buf [ offset ] ; offset + + ;
for ( int i = 0 ; i < numRevocations ; i + + )
{
if ( offset + 32 > len ) return 0 ;
offset + = 32 ; // hash
}
return offset ;
2018-12-21 23:00:03 +03:00
}
2019-01-08 19:26:50 +03:00
2019-03-22 22:32:13 +03:00
void LeaseSet2 : : ReadFromBufferEncrypted ( const uint8_t * buf , size_t len , std : : shared_ptr < const BlindedPublicKey > key )
2019-01-08 19:26:50 +03:00
{
size_t offset = 0 ;
// blinded key
2019-01-14 21:49:27 +03:00
if ( len < 2 ) return ;
2019-03-05 20:41:01 +03:00
const uint8_t * stA1 = buf + offset ; // stA1 = blinded signature type, 2 bytes big endian
uint16_t blindedKeyType = bufbe16toh ( stA1 ) ; offset + = 2 ;
2019-01-08 19:26:50 +03:00
std : : unique_ptr < i2p : : crypto : : Verifier > blindedVerifier ( i2p : : data : : IdentityEx : : CreateVerifier ( blindedKeyType ) ) ;
if ( ! blindedVerifier ) return ;
auto blindedKeyLen = blindedVerifier - > GetPublicKeyLen ( ) ;
if ( offset + blindedKeyLen > = len ) return ;
2019-02-27 23:52:47 +03:00
const uint8_t * blindedPublicKey = buf + offset ;
blindedVerifier - > SetPublicKey ( blindedPublicKey ) ; offset + = blindedKeyLen ;
2019-01-08 19:26:50 +03:00
// expiration
if ( offset + 8 > = len ) return ;
2019-02-27 23:52:47 +03:00
const uint8_t * publishedTimestamp = buf + offset ;
m_PublishedTimestamp = bufbe32toh ( publishedTimestamp ) ; offset + = 4 ; // published timestamp (seconds)
2019-01-08 19:26:50 +03:00
uint16_t expires = bufbe16toh ( buf + offset ) ; offset + = 2 ; // expires (seconds)
2019-02-27 00:20:24 +03:00
SetExpirationTime ( ( m_PublishedTimestamp + expires ) * 1000LL ) ; // in milliseconds
2019-01-08 19:26:50 +03:00
uint16_t flags = bufbe16toh ( buf + offset ) ; offset + = 2 ; // flags
2019-02-12 22:56:39 +03:00
if ( flags & LEASESET2_FLAG_OFFLINE_KEYS )
2019-01-08 19:26:50 +03:00
{
2019-01-16 02:56:26 +03:00
// transient key
2019-02-06 21:36:03 +03:00
m_TransientVerifier = ProcessOfflineSignature ( blindedVerifier , buf , len , offset ) ;
if ( ! m_TransientVerifier )
2019-01-16 02:56:26 +03:00
{
2019-02-06 21:36:03 +03:00
LogPrint ( eLogError , " LeaseSet2: offline signature failed " ) ;
2019-01-16 02:56:26 +03:00
return ;
2019-02-06 21:36:03 +03:00
}
2019-01-08 19:26:50 +03:00
}
// outer ciphertext
if ( offset + 2 > len ) return ;
2019-02-27 23:52:47 +03:00
uint16_t lenOuterCiphertext = bufbe16toh ( buf + offset ) ; offset + = 2 ;
const uint8_t * outerCiphertext = buf + offset ;
offset + = lenOuterCiphertext ;
2019-01-08 19:26:50 +03:00
// verify signature
2019-02-06 21:36:03 +03:00
bool verified = m_TransientVerifier ? VerifySignature ( m_TransientVerifier , buf , len , offset ) :
2019-01-08 19:26:50 +03:00
VerifySignature ( blindedVerifier , buf , len , offset ) ;
2019-02-27 23:52:47 +03:00
SetIsValid ( verified ) ;
// handle ciphertext
2019-03-22 22:32:13 +03:00
if ( verified & & key & & lenOuterCiphertext > = 32 )
2019-02-27 23:52:47 +03:00
{
2019-03-04 23:47:35 +03:00
SetIsValid ( false ) ; // we must verify it again in Layer 2
2019-03-07 19:55:47 +03:00
if ( blindedKeyType = = i2p : : data : : SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 )
{
// verify blinding
char date [ 9 ] ;
i2p : : util : : GetCurrentDate ( date ) ;
uint8_t blinded [ 32 ] ;
2019-04-02 23:32:18 +03:00
key - > GetBlindedKey ( date , blinded ) ;
2019-03-07 19:55:47 +03:00
if ( memcmp ( blindedPublicKey , blinded , 32 ) )
{
LogPrint ( eLogError , " LeaseSet2: blinded public key doesn't match " ) ;
return ;
}
}
2019-03-05 20:41:01 +03:00
// outer key
2019-02-27 23:52:47 +03:00
// outerInput = subcredential || publishedTimestamp
2019-04-02 23:32:18 +03:00
uint8_t subcredential [ 36 ] ;
key - > GetSubcredential ( blindedPublicKey , blindedKeyLen , subcredential ) ;
2019-02-27 23:52:47 +03:00
memcpy ( subcredential + 32 , publishedTimestamp , 4 ) ;
2019-02-28 21:31:51 +03:00
// outerSalt = outerCiphertext[0:32]
2019-02-27 23:52:47 +03:00
// keys = HKDF(outerSalt, outerInput, "ELS2_L1K", 44)
2019-03-05 20:41:01 +03:00
uint8_t keys [ 64 ] ; // 44 bytes actual data
2019-03-15 19:25:20 +03:00
i2p : : crypto : : HKDF ( outerCiphertext , subcredential , 36 , " ELS2_L1K " , keys ) ;
2019-02-28 21:31:51 +03:00
// decrypt Layer 1
// outerKey = keys[0:31]
// outerIV = keys[32:43]
2019-03-04 23:47:35 +03:00
size_t lenOuterPlaintext = lenOuterCiphertext - 32 ;
std : : vector < uint8_t > outerPlainText ( lenOuterPlaintext ) ;
i2p : : crypto : : ChaCha20 ( outerCiphertext + 32 , lenOuterPlaintext , keys , keys + 32 , outerPlainText . data ( ) ) ;
// inner key
2019-04-02 23:32:18 +03:00
// innerInput = authCookie || subcredential || publishedTimestamp, TODO: non-empty authCookie
2019-03-04 23:47:35 +03:00
// innerSalt = innerCiphertext[0:32]
// keys = HKDF(innerSalt, innerInput, "ELS2_L2K", 44)
// skip 1 byte flags
2019-03-15 19:25:20 +03:00
i2p : : crypto : : HKDF ( outerPlainText . data ( ) + 1 , subcredential , 36 , " ELS2_L2K " , keys ) ; // no authCookie
2019-03-04 23:47:35 +03:00
// decrypt Layer 2
// innerKey = keys[0:31]
// innerIV = keys[32:43]
size_t lenInnerPlaintext = lenOuterPlaintext - 32 - 1 ;
std : : vector < uint8_t > innerPlainText ( lenInnerPlaintext ) ;
i2p : : crypto : : ChaCha20 ( outerPlainText . data ( ) + 32 + 1 , lenInnerPlaintext , keys , keys + 32 , innerPlainText . data ( ) ) ;
if ( innerPlainText [ 0 ] = = NETDB_STORE_TYPE_STANDARD_LEASESET2 | | innerPlainText [ 0 ] = = NETDB_STORE_TYPE_META_LEASESET2 )
{
// override store type and buffer
m_StoreType = innerPlainText [ 0 ] ;
SetBuffer ( innerPlainText . data ( ) + 1 , lenInnerPlaintext - 1 ) ;
// parse and verify Layer 2
ReadFromBuffer ( innerPlainText . data ( ) + 1 , lenInnerPlaintext - 1 ) ;
}
else
2019-04-08 22:22:42 +03:00
LogPrint ( eLogError , " LeaseSet2: unexpected LeaseSet type " , ( int ) innerPlainText [ 0 ] , " inside encrypted LeaseSet " ) ;
2019-02-27 23:52:47 +03:00
}
}
2019-01-09 20:47:47 +03:00
void LeaseSet2 : : Encrypt ( const uint8_t * data , uint8_t * encrypted , BN_CTX * ctx ) const
{
auto encryptor = m_Encryptor ; // TODO: atomic
if ( encryptor )
encryptor - > Encrypt ( data , encrypted , ctx , true ) ;
}
2017-11-07 23:05:22 +03:00
2019-01-14 21:49:27 +03:00
uint64_t LeaseSet2 : : ExtractTimestamp ( const uint8_t * buf , size_t len ) const
{
if ( len < 8 ) return 0 ;
if ( m_StoreType = = NETDB_STORE_TYPE_ENCRYPTED_LEASESET2 )
{
// encrypted LS2
size_t offset = 0 ;
uint16_t blindedKeyType = bufbe16toh ( buf + offset ) ; offset + = 2 ;
std : : unique_ptr < i2p : : crypto : : Verifier > blindedVerifier ( i2p : : data : : IdentityEx : : CreateVerifier ( blindedKeyType ) ) ;
if ( ! blindedVerifier ) return 0 ;
auto blindedKeyLen = blindedVerifier - > GetPublicKeyLen ( ) ;
if ( offset + blindedKeyLen + 6 > = len ) return 0 ;
offset + = blindedKeyLen ;
uint32_t timestamp = bufbe32toh ( buf + offset ) ; offset + = 4 ;
uint16_t expires = bufbe16toh ( buf + offset ) ; offset + = 2 ;
return ( timestamp + expires ) * 1000LL ;
}
else
{
auto identity = GetIdentity ( ) ;
if ( ! identity ) return 0 ;
size_t offset = identity - > GetFullLen ( ) ;
if ( offset + 6 > = len ) return 0 ;
uint32_t timestamp = bufbe32toh ( buf + offset ) ; offset + = 4 ;
uint16_t expires = bufbe16toh ( buf + offset ) ; offset + = 2 ;
return ( timestamp + expires ) * 1000LL ;
}
}
2016-05-25 21:17:34 +03:00
LocalLeaseSet : : LocalLeaseSet ( std : : shared_ptr < const IdentityEx > identity , const uint8_t * encryptionPublicKey , std : : vector < std : : shared_ptr < i2p : : tunnel : : InboundTunnel > > tunnels ) :
2016-05-25 22:10:28 +03:00
m_ExpirationTime ( 0 ) , m_Identity ( identity )
2016-05-25 21:17:34 +03:00
{
int num = tunnels . size ( ) ;
if ( num > MAX_NUM_LEASES ) num = MAX_NUM_LEASES ;
// identity
2016-05-26 00:41:24 +03:00
auto signingKeyLen = m_Identity - > GetSigningPublicKeyLen ( ) ;
2018-01-06 06:48:51 +03:00
m_BufferLen = m_Identity - > GetFullLen ( ) + 256 + signingKeyLen + 1 + num * LEASE_SIZE + m_Identity - > GetSignatureLen ( ) ;
m_Buffer = new uint8_t [ m_BufferLen ] ;
2016-05-25 21:17:34 +03:00
auto offset = m_Identity - > ToBuffer ( m_Buffer , m_BufferLen ) ;
memcpy ( m_Buffer + offset , encryptionPublicKey , 256 ) ;
offset + = 256 ;
memset ( m_Buffer + offset , 0 , signingKeyLen ) ;
offset + = signingKeyLen ;
// num leases
2018-01-06 06:48:51 +03:00
m_Buffer [ offset ] = num ;
2016-05-25 21:17:34 +03:00
offset + + ;
// leases
2016-05-29 23:35:57 +03:00
m_Leases = m_Buffer + offset ;
2016-05-25 21:17:34 +03:00
auto currentTime = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
for ( int i = 0 ; i < num ; i + + )
{
memcpy ( m_Buffer + offset , tunnels [ i ] - > GetNextIdentHash ( ) , 32 ) ;
offset + = 32 ; // gateway id
htobe32buf ( m_Buffer + offset , tunnels [ i ] - > GetNextTunnelID ( ) ) ;
offset + = 4 ; // tunnel id
uint64_t ts = tunnels [ i ] - > GetCreationTime ( ) + i2p : : tunnel : : TUNNEL_EXPIRATION_TIMEOUT - i2p : : tunnel : : TUNNEL_EXPIRATION_THRESHOLD ; // 1 minute before expiration
ts * = 1000 ; // in milliseconds
2016-05-25 22:10:28 +03:00
if ( ts > m_ExpirationTime ) m_ExpirationTime = ts ;
2016-05-25 21:17:34 +03:00
// make sure leaseset is newer than previous, but adding some time to expiration date
ts + = ( currentTime - tunnels [ i ] - > GetCreationTime ( ) * 1000LL ) * 2 / i2p : : tunnel : : TUNNEL_EXPIRATION_TIMEOUT ; // up to 2 secs
htobe64buf ( m_Buffer + offset , ts ) ;
offset + = 8 ; // end date
}
// we don't sign it yet. must be signed later on
2016-05-25 22:10:28 +03:00
}
2016-05-25 21:17:34 +03:00
2016-05-30 19:56:42 +03:00
LocalLeaseSet : : LocalLeaseSet ( std : : shared_ptr < const IdentityEx > identity , const uint8_t * buf , size_t len ) :
m_ExpirationTime ( 0 ) , m_Identity ( identity )
{
2019-01-09 22:51:47 +03:00
if ( buf )
{
m_BufferLen = len ;
m_Buffer = new uint8_t [ m_BufferLen ] ;
memcpy ( m_Buffer , buf , len ) ;
}
else
{
m_Buffer = nullptr ;
m_BufferLen = 0 ;
}
2016-05-30 19:56:42 +03:00
}
2016-05-25 22:10:28 +03:00
bool LocalLeaseSet : : IsExpired ( ) const
2016-05-25 21:17:34 +03:00
{
2016-05-25 22:10:28 +03:00
auto ts = i2p : : util : : GetMillisecondsSinceEpoch ( ) ;
return ts > m_ExpirationTime ;
2018-01-06 06:48:51 +03:00
}
2018-01-24 18:16:51 +03:00
bool LeaseSetBufferValidate ( const uint8_t * ptr , size_t sz , uint64_t & expires )
{
IdentityEx ident ( ptr , sz ) ;
size_t size = ident . GetFullLen ( ) ;
if ( size > sz )
{
LogPrint ( eLogError , " LeaseSet: identity length " , size , " exceeds buffer size " , sz ) ;
return false ;
}
// encryption key
size + = 256 ;
// signing key (unused)
size + = ident . GetSigningPublicKeyLen ( ) ;
uint8_t numLeases = ptr [ size ] ;
+ + size ;
if ( ! numLeases | | numLeases > MAX_NUM_LEASES )
{
LogPrint ( eLogError , " LeaseSet: incorrect number of leases " , ( int ) numLeases ) ;
return false ;
}
const uint8_t * leases = ptr + size ;
expires = 0 ;
/** find lease with the max expiration timestamp */
for ( int i = 0 ; i < numLeases ; i + + )
{
leases + = 36 ; // gateway + tunnel ID
uint64_t endDate = bufbe64toh ( leases ) ;
leases + = 8 ; // end date
if ( endDate > expires )
expires = endDate ;
}
return ident . Verify ( ptr , leases - ptr , leases ) ;
}
2019-01-09 22:51:47 +03:00
2019-02-12 22:56:39 +03:00
LocalLeaseSet2 : : LocalLeaseSet2 ( uint8_t storeType , const i2p : : data : : PrivateKeys & keys ,
2019-01-09 22:51:47 +03:00
uint16_t keyType , uint16_t keyLen , const uint8_t * encryptionPublicKey ,
std : : vector < std : : shared_ptr < i2p : : tunnel : : InboundTunnel > > tunnels ) :
2019-02-12 22:56:39 +03:00
LocalLeaseSet ( keys . GetPublic ( ) , nullptr , 0 )
2019-01-09 22:51:47 +03:00
{
2019-02-12 22:56:39 +03:00
auto identity = keys . GetPublic ( ) ;
2019-01-10 19:52:34 +03:00
// assume standard LS2
int num = tunnels . size ( ) ;
if ( num > MAX_NUM_LEASES ) num = MAX_NUM_LEASES ;
m_BufferLen = identity - > GetFullLen ( ) + 4 /*published*/ + 2 /*expires*/ + 2 /*flag*/ + 2 /*properties len*/ +
2019-02-14 20:11:25 +03:00
1 /*num keys*/ + 2 /*key type*/ + 2 /*key len*/ + keyLen /*key*/ + 1 /*num leases*/ + num * LEASE2_SIZE + keys . GetSignatureLen ( ) ;
2019-02-12 22:56:39 +03:00
uint16_t flags = 0 ;
if ( keys . IsOfflineSignature ( ) )
{
flags | = LEASESET2_FLAG_OFFLINE_KEYS ;
m_BufferLen + = keys . GetOfflineSignature ( ) . size ( ) ;
}
2019-01-10 19:52:34 +03:00
m_Buffer = new uint8_t [ m_BufferLen + 1 ] ;
m_Buffer [ 0 ] = storeType ;
// LS2 header
auto offset = identity - > ToBuffer ( m_Buffer + 1 , m_BufferLen ) + 1 ;
auto timestamp = i2p : : util : : GetSecondsSinceEpoch ( ) ;
htobe32buf ( m_Buffer + offset , timestamp ) ; offset + = 4 ; // published timestamp (seconds)
uint8_t * expiresBuf = m_Buffer + offset ; offset + = 2 ; // expires, fill later
2019-02-15 05:22:49 +03:00
htobe16buf ( m_Buffer + offset , flags ) ; offset + = 2 ; // flags
2019-02-12 22:56:39 +03:00
if ( keys . IsOfflineSignature ( ) )
{
// offline signature
const auto & offlineSignature = keys . GetOfflineSignature ( ) ;
memcpy ( m_Buffer + offset , offlineSignature . data ( ) , offlineSignature . size ( ) ) ;
offset + = offlineSignature . size ( ) ;
}
2019-01-10 19:52:34 +03:00
htobe16buf ( m_Buffer + offset , 0 ) ; offset + = 2 ; // properties len
// keys
m_Buffer [ offset ] = 1 ; offset + + ; // 1 key
htobe16buf ( m_Buffer + offset , keyType ) ; offset + = 2 ; // key type
htobe16buf ( m_Buffer + offset , keyLen ) ; offset + = 2 ; // key len
memcpy ( m_Buffer + offset , encryptionPublicKey , keyLen ) ; offset + = keyLen ; // key
// leases
uint32_t expirationTime = 0 ; // in seconds
m_Buffer [ offset ] = num ; offset + + ; // num leases
for ( int i = 0 ; i < num ; i + + )
{
memcpy ( m_Buffer + offset , tunnels [ i ] - > GetNextIdentHash ( ) , 32 ) ;
offset + = 32 ; // gateway id
htobe32buf ( m_Buffer + offset , tunnels [ i ] - > GetNextTunnelID ( ) ) ;
offset + = 4 ; // tunnel id
auto ts = tunnels [ i ] - > GetCreationTime ( ) + i2p : : tunnel : : TUNNEL_EXPIRATION_TIMEOUT - i2p : : tunnel : : TUNNEL_EXPIRATION_THRESHOLD ; // in seconds, 1 minute before expiration
if ( ts > expirationTime ) expirationTime = ts ;
htobe32buf ( m_Buffer + offset , ts ) ;
offset + = 4 ; // end date
}
// update expiration
SetExpirationTime ( expirationTime * 1000LL ) ;
auto expires = expirationTime - timestamp ;
htobe16buf ( expiresBuf , expires > 0 ? expires : 0 ) ;
2019-02-12 22:56:39 +03:00
// sign
keys . Sign ( m_Buffer , offset , m_Buffer + offset ) ; // LS + leading store type
2019-01-09 22:51:47 +03:00
}
2019-01-29 19:30:31 +03:00
LocalLeaseSet2 : : LocalLeaseSet2 ( uint8_t storeType , std : : shared_ptr < const IdentityEx > identity , const uint8_t * buf , size_t len ) :
LocalLeaseSet ( identity , nullptr , 0 )
{
m_BufferLen = len ;
m_Buffer = new uint8_t [ m_BufferLen + 1 ] ;
memcpy ( m_Buffer + 1 , buf , len ) ;
m_Buffer [ 0 ] = storeType ;
}
2019-04-05 23:03:58 +03:00
2019-04-09 16:21:38 +03:00
LocalLeaseSet2 : : LocalLeaseSet2 ( std : : shared_ptr < const LocalLeaseSet2 > ls , const i2p : : data : : PrivateKeys & keys , i2p : : data : : SigningKeyType blindedKeyType ) :
2019-04-05 23:03:58 +03:00
LocalLeaseSet ( ls - > GetIdentity ( ) , nullptr , 0 )
{
2019-04-08 20:27:21 +03:00
size_t lenInnerPlaintext = ls - > GetBufferLen ( ) + 1 , lenOuterPlaintext = lenInnerPlaintext + 32 + 1 ,
lenOuterCiphertext = lenOuterPlaintext + 32 ;
2019-04-09 16:21:38 +03:00
m_BufferLen = 2 /*blinded sig type*/ + 32 /*blinded pub key*/ + 4 /*published*/ + 2 /*expires*/ + 2 /*flags*/ + 2 /*lenOuterCiphertext*/ + lenOuterCiphertext + 64 /*signature*/ ;
2019-04-05 23:03:58 +03:00
m_Buffer = new uint8_t [ m_BufferLen + 1 ] ;
m_Buffer [ 0 ] = NETDB_STORE_TYPE_ENCRYPTED_LEASESET2 ;
BlindedPublicKey blindedKey ( ls - > GetIdentity ( ) ) ;
char date [ 9 ] ;
i2p : : util : : GetCurrentDate ( date ) ;
uint8_t blindedPriv [ 32 ] , blindedPub [ 32 ] ;
blindedKey . BlindPrivateKey ( keys . GetSigningPrivateKey ( ) , date , blindedPriv , blindedPub ) ;
std : : unique_ptr < i2p : : crypto : : Signer > blindedSigner ( i2p : : data : : PrivateKeys : : CreateSigner ( blindedKeyType , blindedPriv ) ) ;
auto offset = 1 ;
htobe16buf ( m_Buffer + offset , blindedKeyType ) ; offset + = 2 ; // Blinded Public Key Sig Type
memcpy ( m_Buffer + offset , blindedPub , 32 ) ; offset + = 32 ; // Blinded Public Key
auto timestamp = i2p : : util : : GetSecondsSinceEpoch ( ) ;
htobe32buf ( m_Buffer + offset , timestamp ) ; offset + = 4 ; // published timestamp (seconds)
auto expirationTime = ls - > GetExpirationTime ( ) ;
SetExpirationTime ( expirationTime ) ;
auto expires = expirationTime / 1000LL - timestamp ;
2019-04-09 16:21:38 +03:00
htobe16buf ( m_Buffer + offset , expires > 0 ? expires : 0 ) ; offset + = 2 ; // expires
2019-04-05 23:03:58 +03:00
uint16_t flags = 0 ;
htobe16buf ( m_Buffer + offset , flags ) ; offset + = 2 ; // flags
2019-04-08 20:27:21 +03:00
htobe16buf ( m_Buffer + offset , lenOuterCiphertext ) ; offset + = 2 ; // lenOuterCiphertext
// outerChipherText
// Layer 1
uint8_t subcredential [ 36 ] ;
blindedKey . GetSubcredential ( blindedPub , 32 , subcredential ) ;
htobe32buf ( subcredential + 32 , timestamp ) ; // outerInput = subcredential || publishedTimestamp
// keys = HKDF(outerSalt, outerInput, "ELS2_L1K", 44)
uint8_t keys1 [ 64 ] ; // 44 bytes actual data
RAND_bytes ( m_Buffer + offset , 32 ) ; // outerSalt = CSRNG(32)
i2p : : crypto : : HKDF ( m_Buffer + offset , subcredential , 36 , " ELS2_L1K " , keys1 ) ;
offset + = 32 ; // outerSalt
uint8_t * outerPlainText = m_Buffer + offset ;
m_Buffer [ offset ] = 0 ; offset + + ; // flag
// Layer 2
// keys = HKDF(outerSalt, outerInput, "ELS2_L2K", 44)
uint8_t keys2 [ 64 ] ; // 44 bytes actual data
RAND_bytes ( m_Buffer + offset , 32 ) ; // innerSalt = CSRNG(32)
i2p : : crypto : : HKDF ( m_Buffer + offset , subcredential , 36 , " ELS2_L2K " , keys2 ) ;
offset + = 32 ; // innerSalt
m_Buffer [ offset ] = ls - > GetStoreType ( ) ;
memcpy ( m_Buffer + offset , ls - > GetBuffer ( ) , ls - > GetBufferLen ( ) ) ;
i2p : : crypto : : ChaCha20 ( m_Buffer + offset , lenInnerPlaintext , keys2 , keys2 + 32 , m_Buffer + offset ) ; // encrypt Layer 2
offset + = lenInnerPlaintext ;
i2p : : crypto : : ChaCha20 ( outerPlainText , lenOuterPlaintext , keys1 , keys1 + 32 , outerPlainText ) ; // encrypt Layer 1
// signature
blindedSigner - > Sign ( m_Buffer , offset , m_Buffer + offset ) ;
2019-04-05 23:03:58 +03:00
}
2018-01-06 06:48:51 +03:00
}
}
