handle EcDSA signatures

This commit is contained in:
orignal 2014-11-24 15:26:57 -05:00
parent 95524c8db3
commit e0635548e9
2 changed files with 22 additions and 14 deletions

View File

@ -307,7 +307,11 @@ namespace transport
else
{
LogPrint ("Phase 3 sent: ", bytes_transferred);
boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (),
// wait for phase4
m_Establisher->phase4Len = m_RemoteIdentity.GetSignatureLen ();
size_t paddingSize = m_Establisher->phase4Len & 0x0F; // %16
if (paddingSize > 0) m_Establisher->phase4Len += (16 - paddingSize);
boost::asio::async_read (m_Socket, boost::asio::buffer(m_Establisher->phase4, m_Establisher->phase4Len), boost::asio::transfer_all (),
boost::bind(&NTCPSession::HandlePhase4Received, this,
boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsA));
}
@ -352,10 +356,20 @@ namespace transport
s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
s.Insert (m_Establisher->phase3.timestamp); // tsA
s.Insert (tsB); // tsB
s.Sign (i2p::context.GetPrivateKeys (), m_Establisher->phase4.signature);
m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4);
auto keys = i2p::context.GetPrivateKeys ();
m_Establisher->phase4Len = keys.GetPublic ().GetSignatureLen ();
if (m_Establisher->phase4Len > 64)
{
LogPrint (eLogError, "Signature length ", m_Establisher->phase4Len, " exceeds 64");
Terminate ();
}
s.Sign (keys, m_Establisher->phase4);
size_t paddingSize = m_Establisher->phase4Len & 0x0F; // %16
if (paddingSize > 0) m_Establisher->phase4Len += (16 - paddingSize);
boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (),
m_Encryption.Encrypt (m_Establisher->phase4, m_Establisher->phase4Len, m_Establisher->phase4);
boost::asio::async_write (m_Socket, boost::asio::buffer (m_Establisher->phase4, m_Establisher->phase4Len), boost::asio::transfer_all (),
boost::bind(&NTCPSession::HandlePhase4Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
}
@ -392,7 +406,7 @@ namespace transport
else
{
LogPrint ("Phase 4 received: ", bytes_transferred);
m_Decryption.Decrypt((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4);
m_Decryption.Decrypt(m_Establisher->phase4, m_Establisher->phase4Len, m_Establisher->phase4);
// verify signature
SignedData s;
@ -402,7 +416,7 @@ namespace transport
s.Insert (tsA); // tsA
s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4.signature))
if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4))
{
LogPrint ("signature verification failed");
Terminate ();

View File

@ -44,13 +44,6 @@ namespace transport
uint8_t padding[15];
uint8_t signature[40];
};
struct NTCPPhase4
{
uint8_t signature[40];
uint8_t padding[8];
};
#pragma pack()
@ -129,7 +122,8 @@ namespace transport
NTCPPhase1 phase1;
NTCPPhase2 phase2;
NTCPPhase3 phase3;
NTCPPhase4 phase4;
i2p::crypto::AESAlignedBuffer<64> phase4; // 64 bytes max signature len
size_t phase4Len;
} * m_Establisher;
uint8_t m_ReceiveBuffer[NTCP_BUFFER_SIZE + 16], m_TimeSyncBuffer[16];