lokinet/llarp/encrypted_frame.cpp

#include <llarp/crypto.hpp>
#include <llarp/encrypted_frame.hpp>
#include "logger.hpp"
#include "mem.hpp"

namespace llarp
{
  Encrypted::Encrypted()
  {
    UpdateBuffer();
  }

  Encrypted::Encrypted(const Encrypted& other)
    : Encrypted(other.data(), other.size())
  {
  }

  Encrypted::Encrypted(const byte_t* buf, size_t sz) : _data(sz)
  {
    if(buf)
      memcpy(data(), buf, sz);
    else
      llarp::Zero(data(), sz);
    UpdateBuffer();
  }

  Encrypted::~Encrypted()
  {
  }

  Encrypted::Encrypted(size_t sz) : Encrypted(nullptr, sz)
  {
  }

  bool
  EncryptedFrame::EncryptInPlace(const byte_t* ourSecretKey,
                                 const byte_t* otherPubkey,
                                 llarp_crypto* crypto)
  {
    // format of frame is
    // <32 bytes keyed hash of following data>
    // <32 bytes nonce>
    // <32 bytes pubkey>
    // <N bytes encrypted payload>
    //
    byte_t* hash   = data();
    byte_t* nonce  = hash + SHORTHASHSIZE;
    byte_t* pubkey = nonce + TUNNONCESIZE;
    byte_t* body   = pubkey + PUBKEYSIZE;

    SharedSecret shared;

    auto DH      = crypto->dh_client;
    auto Encrypt = crypto->xchacha20;
    auto MDS     = crypto->hmac;

    llarp_buffer_t buf;
    buf.base = body;
    buf.cur  = buf.base;
    buf.sz   = size() - EncryptedFrame::OverheadSize;

    // set our pubkey
    memcpy(pubkey, llarp::seckey_topublic(ourSecretKey), PUBKEYSIZE);
    // randomize nonce
    crypto->randbytes(nonce, TUNNONCESIZE);

    // derive shared key
    if(!DH(shared, otherPubkey, ourSecretKey, nonce))
    {
      llarp::LogError("DH failed");
      return false;
    }

    // encrypt body
    if(!Encrypt(buf, shared, nonce))
    {
      llarp::LogError("encrypt failed");
      return false;
    }

    // generate message auth
    buf.base = nonce;
    buf.cur  = buf.base;
    buf.sz   = size() - SHORTHASHSIZE;

    if(!MDS(hash, buf, shared))
    {
      llarp::LogError("Failed to generate messgae auth");
      return false;
    }
    return true;
  }

  bool
  EncryptedFrame::DecryptInPlace(const byte_t* ourSecretKey,
                                 llarp_crypto* crypto)
  {
    if(size() <= size_t(EncryptedFrame::OverheadSize))
    {
      llarp::LogWarn("encrypted frame too small, ", size(),
                     " <= ", size_t(EncryptedFrame::OverheadSize));
      return false;
    }
    // format of frame is
    // <32 bytes keyed hash of following data>
    // <32 bytes nonce>
    // <32 bytes pubkey>
    // <N bytes encrypted payload>
    //
    byte_t* hash        = data();
    byte_t* nonce       = hash + SHORTHASHSIZE;
    byte_t* otherPubkey = nonce + TUNNONCESIZE;
    byte_t* body        = otherPubkey + PUBKEYSIZE;

    // use dh_server becuase we are not the creator of this message
    auto DH      = crypto->dh_server;
    auto Decrypt = crypto->xchacha20;
    auto MDS     = crypto->hmac;

    llarp_buffer_t buf;
    buf.base = nonce;
    buf.cur  = buf.base;
    buf.sz   = size() - SHORTHASHSIZE;

    SharedSecret shared;
    ShortHash digest;

    if(!DH(shared, otherPubkey, ourSecretKey, nonce))
    {
      llarp::LogError("DH failed");
      return false;
    }

    if(!MDS(digest, buf, shared))
    {
      llarp::LogError("Digest failed");
      return false;
    }

    if(memcmp(digest, hash, digest.size()))
    {
      llarp::LogError("message authentication failed");
      return false;
    }

    buf.base = body;
    buf.cur  = body;
    buf.sz   = size() - EncryptedFrame::OverheadSize;

    if(!Decrypt(buf, shared, nonce))
    {
      llarp::LogError("decrypt failed");
      return false;
    }
    return true;
  }
}  // namespace llarp
encrypt in place 2018-06-11 15:44:49 +02:00			`#include <llarp/crypto.hpp>`
more onion routing stuff 2018-06-10 16:05:48 +02:00			`#include <llarp/encrypted_frame.hpp>`
encrypted frames 2018-06-11 15:25:10 +02:00			`#include "logger.hpp"`
initial path building stuff (broken) 2018-06-19 00:03:50 +02:00			`#include "mem.hpp"`
more onion routing stuff 2018-06-10 16:05:48 +02:00
			`namespace llarp`
			`{`
ALMOST got path building working 2018-06-22 02:25:30 +02:00			`Encrypted::Encrypted()`
			`{`
			`UpdateBuffer();`
			`}`

more hidden service code 2018-08-09 21:02:17 +02:00			`Encrypted::Encrypted(const Encrypted& other)`
more changes 2018-10-19 13:34:27 +02:00			`: Encrypted(other.data(), other.size())`
more hidden service code 2018-08-09 21:02:17 +02:00			`{`
			`}`

more changes 2018-10-19 13:34:27 +02:00			`Encrypted::Encrypted(const byte_t* buf, size_t sz) : _data(sz)`
more onion routing stuff 2018-06-10 16:05:48 +02:00			`{`
more changes 2018-10-19 13:34:27 +02:00			`if(buf)`
			`memcpy(data(), buf, sz);`
			`else`
			`llarp::Zero(data(), sz);`
			`UpdateBuffer();`
it does stuff :+DDDDD 2018-06-21 14:55:02 +02:00			`}`
more refactor get rid of C api 2018-08-30 20:48:43 +02:00
it does stuff :+DDDDD 2018-06-21 14:55:02 +02:00			`Encrypted::~Encrypted()`
			`{`
more onion routing stuff 2018-06-10 16:05:48 +02:00			`}`

encrypted frames 2018-06-11 15:25:10 +02:00			`Encrypted::Encrypted(size_t sz) : Encrypted(nullptr, sz)`
more onion routing stuff 2018-06-10 16:05:48 +02:00			`{`
			`}`

encrypt in place 2018-06-11 15:44:49 +02:00			`bool`
use NTRU for introset end to end encryption 2018-08-14 01:22:31 +02:00			`EncryptedFrame::EncryptInPlace(const byte_t* ourSecretKey,`
			`const byte_t* otherPubkey,`
encrypt in place 2018-06-11 15:44:49 +02:00			`llarp_crypto* crypto)`
			`{`
			`// format of frame is`
			`// <32 bytes keyed hash of following data>`
			`// <32 bytes nonce>`
			`// <32 bytes pubkey>`
			`// <N bytes encrypted payload>`
			`//`
more path building stuff 2018-06-19 19:11:24 +02:00			`byte_t* hash = data();`
refactor to use AlignedBuffer for public key, shared secret, nonce, secret key etc 2018-06-12 13:57:14 +02:00			`byte_t* nonce = hash + SHORTHASHSIZE;`
			`byte_t* pubkey = nonce + TUNNONCESIZE;`
			`byte_t* body = pubkey + PUBKEYSIZE;`
encrypt in place 2018-06-11 15:44:49 +02:00
refactor to use AlignedBuffer for public key, shared secret, nonce, secret key etc 2018-06-12 13:57:14 +02:00			`SharedSecret shared;`
encrypt in place 2018-06-11 15:44:49 +02:00
			`auto DH = crypto->dh_client;`
			`auto Encrypt = crypto->xchacha20;`
			`auto MDS = crypto->hmac;`

			`llarp_buffer_t buf;`
			`buf.base = body;`
			`buf.cur = buf.base;`
more path building stuff 2018-06-19 19:11:24 +02:00			`buf.sz = size() - EncryptedFrame::OverheadSize;`
encrypt in place 2018-06-11 15:44:49 +02:00
			`// set our pubkey`
refactor to use AlignedBuffer for public key, shared secret, nonce, secret key etc 2018-06-12 13:57:14 +02:00			`memcpy(pubkey, llarp::seckey_topublic(ourSecretKey), PUBKEYSIZE);`
encrypt in place 2018-06-11 15:44:49 +02:00			`// randomize nonce`
refactor to use AlignedBuffer for public key, shared secret, nonce, secret key etc 2018-06-12 13:57:14 +02:00			`crypto->randbytes(nonce, TUNNONCESIZE);`
encrypt in place 2018-06-11 15:44:49 +02:00
			`// derive shared key`
more 2018-06-20 14:34:48 +02:00			`if(!DH(shared, otherPubkey, ourSecretKey, nonce))`
encrypt in place 2018-06-11 15:44:49 +02:00			`{`
* refactor log functions * add more stuff for hidden service dht 2018-07-05 17:44:06 +02:00			`llarp::LogError("DH failed");`
encrypt in place 2018-06-11 15:44:49 +02:00			`return false;`
			`}`
more 2018-06-20 14:34:48 +02:00
encrypt in place 2018-06-11 15:44:49 +02:00			`// encrypt body`
			`if(!Encrypt(buf, shared, nonce))`
			`{`
* refactor log functions * add more stuff for hidden service dht 2018-07-05 17:44:06 +02:00			`llarp::LogError("encrypt failed");`
encrypt in place 2018-06-11 15:44:49 +02:00			`return false;`
			`}`

			`// generate message auth`
			`buf.base = nonce;`
			`buf.cur = buf.base;`
more path building stuff 2018-06-19 19:11:24 +02:00			`buf.sz = size() - SHORTHASHSIZE;`
encrypt in place 2018-06-11 15:44:49 +02:00
			`if(!MDS(hash, buf, shared))`
			`{`
* refactor log functions * add more stuff for hidden service dht 2018-07-05 17:44:06 +02:00			`llarp::LogError("Failed to generate messgae auth");`
encrypt in place 2018-06-11 15:44:49 +02:00			`return false;`
			`}`
			`return true;`
			`}`

more onion routing stuff 2018-06-10 16:05:48 +02:00			`bool`
use NTRU for introset end to end encryption 2018-08-14 01:22:31 +02:00			`EncryptedFrame::DecryptInPlace(const byte_t* ourSecretKey,`
			`llarp_crypto* crypto)`
more onion routing stuff 2018-06-10 16:05:48 +02:00			`{`
more path building stuff 2018-06-19 19:11:24 +02:00			`if(size() <= size_t(EncryptedFrame::OverheadSize))`
encrypted frames 2018-06-11 15:25:10 +02:00			`{`
more also run make format 2018-07-17 06:37:50 +02:00			`llarp::LogWarn("encrypted frame too small, ", size(),`
			`" <= ", size_t(EncryptedFrame::OverheadSize));`
encrypted frames 2018-06-11 15:25:10 +02:00			`return false;`
			`}`
			`// format of frame is`
			`// <32 bytes keyed hash of following data>`
			`// <32 bytes nonce>`
			`// <32 bytes pubkey>`
			`// <N bytes encrypted payload>`
			`//`
more path building stuff 2018-06-19 19:11:24 +02:00			`byte_t* hash = data();`
refactor to use AlignedBuffer for public key, shared secret, nonce, secret key etc 2018-06-12 13:57:14 +02:00			`byte_t* nonce = hash + SHORTHASHSIZE;`
			`byte_t* otherPubkey = nonce + TUNNONCESIZE;`
			`byte_t* body = otherPubkey + PUBKEYSIZE;`
encrypted frames 2018-06-11 15:25:10 +02:00
			`// use dh_server becuase we are not the creator of this message`
			`auto DH = crypto->dh_server;`
			`auto Decrypt = crypto->xchacha20;`
encrypt in place 2018-06-11 15:44:49 +02:00			`auto MDS = crypto->hmac;`
encrypted frames 2018-06-11 15:25:10 +02:00
			`llarp_buffer_t buf;`
encrypt in place 2018-06-11 15:44:49 +02:00			`buf.base = nonce;`
encrypted frames 2018-06-11 15:25:10 +02:00			`buf.cur = buf.base;`
more path building stuff 2018-06-19 19:11:24 +02:00			`buf.sz = size() - SHORTHASHSIZE;`
encrypted frames 2018-06-11 15:25:10 +02:00
refactor to use AlignedBuffer for public key, shared secret, nonce, secret key etc 2018-06-12 13:57:14 +02:00			`SharedSecret shared;`
			`ShortHash digest;`
encrypted frames 2018-06-11 15:25:10 +02:00
more 2018-06-20 14:34:48 +02:00			`if(!DH(shared, otherPubkey, ourSecretKey, nonce))`
encrypted frames 2018-06-11 15:25:10 +02:00			`{`
* refactor log functions * add more stuff for hidden service dht 2018-07-05 17:44:06 +02:00			`llarp::LogError("DH failed");`
encrypted frames 2018-06-11 15:25:10 +02:00			`return false;`
			`}`

encrypt in place 2018-06-11 15:44:49 +02:00			`if(!MDS(digest, buf, shared))`
encrypted frames 2018-06-11 15:25:10 +02:00			`{`
* refactor log functions * add more stuff for hidden service dht 2018-07-05 17:44:06 +02:00			`llarp::LogError("Digest failed");`
encrypted frames 2018-06-11 15:25:10 +02:00			`return false;`
			`}`

refactor to use AlignedBuffer for public key, shared secret, nonce, secret key etc 2018-06-12 13:57:14 +02:00			`if(memcmp(digest, hash, digest.size()))`
encrypted frames 2018-06-11 15:25:10 +02:00			`{`
* refactor log functions * add more stuff for hidden service dht 2018-07-05 17:44:06 +02:00			`llarp::LogError("message authentication failed");`
encrypted frames 2018-06-11 15:25:10 +02:00			`return false;`
			`}`

encrypt in place 2018-06-11 15:44:49 +02:00			`buf.base = body;`
			`buf.cur = body;`
more path building stuff 2018-06-19 19:11:24 +02:00			`buf.sz = size() - EncryptedFrame::OverheadSize;`
encrypt in place 2018-06-11 15:44:49 +02:00
encrypted frames 2018-06-11 15:25:10 +02:00			`if(!Decrypt(buf, shared, nonce))`
			`{`
* refactor log functions * add more stuff for hidden service dht 2018-07-05 17:44:06 +02:00			`llarp::LogError("decrypt failed");`
encrypted frames 2018-06-11 15:25:10 +02:00			`return false;`
			`}`
			`return true;`
more onion routing stuff 2018-06-10 16:05:48 +02:00			`}`
initial path building stuff (broken) 2018-06-19 00:03:50 +02:00			`} // namespace llarp`