decrypt connID for incoming packet

This commit is contained in:
orignal 2022-02-27 20:15:14 -05:00
parent b7e20b9b86
commit 9f1a125ed9
2 changed files with 50 additions and 9 deletions

View File

@ -8,6 +8,7 @@
#include <string.h>
#include <openssl/rand.h>
#include "RouterContext.h"
#include "Transports.h"
#include "SSU2.h"
@ -15,10 +16,10 @@ namespace i2p
{
namespace transport
{
SSU2Session::SSU2Session (std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter,
SSU2Session::SSU2Session (SSU2Server& server, std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter,
std::shared_ptr<const i2p::data::RouterInfo::Address> addr, bool peerTest):
TransportSession (in_RemoteRouter, SSU2_TERMINATION_TIMEOUT),
m_Address (addr)
m_Server (server), m_Address (addr)
{
m_NoiseState.reset (new i2p::crypto::NoiseSymmetricState);
if (in_RemoteRouter && addr)
@ -41,7 +42,8 @@ namespace transport
m_NoiseState->MixKey (sharedSecret);
Header header;
uint8_t headerX[48], payload[1200]; // TODO: correct payload size
uint64_t headerX[6];
uint8_t payload[1200]; // TODO: correct payload size
size_t payloadSize = 8;
// fill packet
RAND_bytes (header.h.connID, 8);
@ -50,16 +52,17 @@ namespace transport
header.h.flags[0] = 2; // ver
header.h.flags[1] = 2; // netID TODO:
header.h.flags[2] = 0; // flag
RAND_bytes (headerX, 8); // source id
memset (headerX + 8, 0, 8); // token
memcpy (headerX + 16, m_EphemeralKeys->GetPublicKey (), 32); // X
RAND_bytes ((uint8_t *)headerX, 8); // source id
memset (headerX + 1, 0, 8); // token
memcpy (headerX + 2, m_EphemeralKeys->GetPublicKey (), 32); // X
m_Server.AddSession (headerX[0], shared_from_this ());
// encrypt
const uint8_t nonce[12] = {0};
i2p::crypto::AEADChaCha20Poly1305 (payload, payloadSize, m_NoiseState->m_H, 32, m_NoiseState->m_CK + 32, nonce, payload, payloadSize + 16, true);
payloadSize += 16;
CreateHeaderMask (m_Address->i, payload + (payloadSize - 24), m_Address->i, payload + (payloadSize - 12));
EncryptHeader (header);
i2p::crypto::ChaCha20 (headerX, 48, m_Address->i, nonce, headerX);
i2p::crypto::ChaCha20 ((uint8_t *)headerX, 48, m_Address->i, nonce, (uint8_t *)headerX);
}
@ -76,5 +79,22 @@ namespace transport
i2p::crypto::ChaCha20 (data, 8, kh1, nonce1, m_HeaderMask.buf);
i2p::crypto::ChaCha20 (data, 8, kh2, nonce2, m_HeaderMask.buf + 8);
}
void SSU2Server::AddSession (uint64_t connID, std::shared_ptr<SSU2Session> session)
{
m_Sessions.emplace (connID, session);
}
void SSU2Server::ProcessNextPacket (uint8_t * buf, size_t len)
{
uint64_t key = 0, connID;
i2p::crypto::ChaCha20 ((uint8_t *)&key, 8, i2p::context.GetNTCP2IV (), buf + (len - 24), (uint8_t *)&key); // TODO: use SSU2 intro key
memcpy (&connID, buf, 8);
connID ^= key;
auto it = m_Sessions.find (connID);
if (it != m_Sessions.end ())
{
}
}
}
}

View File

@ -10,6 +10,7 @@
#define SSU2_H__
#include <memory>
#include <unordered_map>
#include "Crypto.h"
#include "RouterInfo.h"
#include "TransportSession.h"
@ -24,7 +25,8 @@ namespace transport
{
eSSU2SessionRequest = 0
};
class SSU2Server;
class SSU2Session: public TransportSession, public std::enable_shared_from_this<SSU2Session>
{
union Header
@ -42,7 +44,7 @@ namespace transport
public:
SSU2Session (std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter = nullptr,
SSU2Session (SSU2Server& server, std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter = nullptr,
std::shared_ptr<const i2p::data::RouterInfo::Address> addr = nullptr, bool peerTest = false);
~SSU2Session ();
@ -54,6 +56,7 @@ namespace transport
private:
SSU2Server& m_Server;
std::shared_ptr<i2p::crypto::X25519Keys> m_EphemeralKeys;
std::unique_ptr<i2p::crypto::NoiseSymmetricState> m_NoiseState;
std::shared_ptr<const i2p::data::RouterInfo::Address> m_Address;
@ -64,6 +67,24 @@ namespace transport
uint8_t buf[16];
} m_HeaderMask;
};
class SSU2Server
{
public:
SSU2Server (int port) {};
~SSU2Server () {};
void AddSession (uint64_t connID, std::shared_ptr<SSU2Session> session);
private:
void ProcessNextPacket (uint8_t * buf, size_t len);
private:
std::unordered_map<uint64_t, std::shared_ptr<SSU2Session> > m_Sessions;
};
}
}