handle EcDSA signatures

2024-11-10 08:00:38 +03:00 · 2014-11-24 15:26:57 -05:00 · 2014-11-24 15:26:57 -05:00 · e0635548e9
commit e0635548e9
parent 95524c8db3
2 changed files with 22 additions and 14 deletions
--- a/NTCPSession.cpp
+++ b/NTCPSession.cpp
@ -307,7 +307,11 @@ namespace transport
 		else
 		{	
 			LogPrint ("Phase 3 sent: ", bytes_transferred);
-			boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (),                  
+			// wait for phase4 
 			m_Establisher->phase4Len = m_RemoteIdentity.GetSignatureLen ();
 			size_t paddingSize = m_Establisher->phase4Len & 0x0F; // %16
 			if (paddingSize > 0) m_Establisher->phase4Len += (16 - paddingSize);	
 			boost::asio::async_read (m_Socket, boost::asio::buffer(m_Establisher->phase4, m_Establisher->phase4Len), boost::asio::transfer_all (),                  
 				boost::bind(&NTCPSession::HandlePhase4Received, this, 
 					boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsA));
 		}	
@ -352,10 +356,20 @@ namespace transport
 		s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
 		s.Insert (m_Establisher->phase3.timestamp); // tsA
 		s.Insert (tsB); // tsB
-		s.Sign (i2p::context.GetPrivateKeys (), m_Establisher->phase4.signature);
+		auto keys = i2p::context.GetPrivateKeys ();
-		m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4);
+ 		m_Establisher->phase4Len = keys.GetPublic ().GetSignatureLen ();
 		if (m_Establisher->phase4Len > 64)
 		{
 			LogPrint (eLogError, "Signature length ", m_Establisher->phase4Len, " exceeds 64");
 			Terminate ();
 		}
 		s.Sign (keys, m_Establisher->phase4);
 		size_t paddingSize = m_Establisher->phase4Len & 0x0F; // %16
 		if (paddingSize > 0) m_Establisher->phase4Len += (16 - paddingSize);		
-		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (),
+		m_Encryption.Encrypt (m_Establisher->phase4, m_Establisher->phase4Len, m_Establisher->phase4);
 		boost::asio::async_write (m_Socket, boost::asio::buffer (m_Establisher->phase4, m_Establisher->phase4Len), boost::asio::transfer_all (),
        	boost::bind(&NTCPSession::HandlePhase4Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
 	}	
@ -392,7 +406,7 @@ namespace transport
 		else
 		{	
 			LogPrint ("Phase 4 received: ", bytes_transferred);
-			m_Decryption.Decrypt((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4);
+			m_Decryption.Decrypt(m_Establisher->phase4, m_Establisher->phase4Len, m_Establisher->phase4);
 			// verify signature
 			SignedData s;
@ -402,7 +416,7 @@ namespace transport
 			s.Insert (tsA); // tsA
 			s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
-			if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4.signature))
+			if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4))
 			{	
 				LogPrint ("signature verification failed");
 				Terminate ();
--- a/NTCPSession.h
+++ b/NTCPSession.h
@ -44,13 +44,6 @@ namespace transport
 		uint8_t padding[15];
 		uint8_t signature[40];
 	};
 	struct NTCPPhase4
 	{
 		uint8_t signature[40];
 		uint8_t padding[8];
 	};
 #pragma pack()	
@ -129,7 +122,8 @@ namespace transport
 				NTCPPhase1 phase1;
 				NTCPPhase2 phase2;
 				NTCPPhase3 phase3;
-				NTCPPhase4 phase4;
+				i2p::crypto::AESAlignedBuffer<64> phase4; // 64 bytes max signature len	
 				size_t phase4Len;
 			} * m_Establisher;	
 			uint8_t m_ReceiveBuffer[NTCP_BUFFER_SIZE + 16], m_TimeSyncBuffer[16];