fix some copy/paste derping

also deserialize to unsigned string where possible/useful so to not have unnecessary reinterpret_casts all over the place.
2023-12-14 06:53:00 +01:00 · 2023-11-16 12:10:53 -05:00 · 2023-11-16 12:10:53 -05:00 · feaf0b9193
parent 2e5c856cf3
commit feaf0b9193
1 changed files with 18 additions and 33 deletions
--- a/llarp/link/link_manager.cpp
+++ b/llarp/link/link_manager.cpp
@ -1120,12 +1120,7 @@ namespace llarp
    try
    {
-      std::string frame_payload;
+      auto payload_list = oxenc::bt_deserialize<std::deque<ustring>>(m.body());
      std::string frame, hash, hop_payload, commkey, rx_id, tx_id, upstream;
      ustring other_pubkey, outer_nonce, inner_nonce;
      uint64_t lifetime;
      auto payload_list = oxenc::bt_deserialize<std::deque<std::string>>(m.body());
      if (payload_list.size() != path::MAX_LEN)
      {
        log::info(link_cat, "Path build message with wrong number of frames");
@ -1134,18 +1129,18 @@ namespace llarp
      }
      oxenc::bt_dict_consumer frame_info{payload_list.front()};
-      hash = frame_info.require<std::string>("HASH");
+      auto hash = frame_info.require<ustring>("HASH");
-      frame = frame_info.require<std::string>("FRAME");
+      auto frame = frame_info.require<ustring>("FRAME");
      oxenc::bt_dict_consumer hop_dict{frame};
-      hop_payload = frame_info.require<std::string>("ENCRYPTED");
+      auto hop_payload = hop_dict.require<ustring>("ENCRYPTED");
-      outer_nonce = frame_info.require<ustring>("NONCE");
+      auto outer_nonce = hop_dict.require<ustring>("NONCE");
-      other_pubkey = frame_info.require<ustring>("PUBKEY");
+      auto other_pubkey = hop_dict.require<ustring>("PUBKEY");
      SharedSecret shared;
      // derive shared secret using ephemeral pubkey and our secret key (and nonce)
      if (!crypto::dh_server(
-              shared.data(), other_pubkey.data(), _router.pubkey(), inner_nonce.data()))
+              shared.data(), other_pubkey.data(), _router.pubkey(), outer_nonce.data()))
      {
        log::info(link_cat, "DH server initialization failed during path build");
        m.respond(serialize_response({{messages::STATUS_KEY, PathBuildMessage::BAD_CRYPTO}}), true);
@ -1154,15 +1149,13 @@ namespace llarp
      // hash data and check against given hash
      ShortHash digest;
-      if (!crypto::hmac(
+      if (!crypto::hmac(digest.data(), frame.data(), frame.size(), shared))
              digest.data(), reinterpret_cast<unsigned char*>(frame.data()), frame.size(), shared))
      {
        log::error(link_cat, "HMAC failed on path build request");
        m.respond(serialize_response({{messages::STATUS_KEY, PathBuildMessage::BAD_CRYPTO}}), true);
        return;
      }
-      if (!std::equal(
+      if (!std::equal(digest.begin(), digest.end(), hash.data()))
              digest.begin(), digest.end(), reinterpret_cast<const unsigned char*>(hash.data())))
      {
        log::info(link_cat, "HMAC mismatch on path build request");
        m.respond(serialize_response({{messages::STATUS_KEY, PathBuildMessage::BAD_CRYPTO}}), true);
@ -1171,10 +1164,7 @@ namespace llarp
      // decrypt frame with our hop info
      if (!crypto::xchacha20(
-              reinterpret_cast<unsigned char*>(hop_payload.data()),
+              hop_payload.data(), hop_payload.size(), shared.data(), outer_nonce.data()))
              hop_payload.size(),
              shared.data(),
              outer_nonce.data()))
      {
        log::info(link_cat, "Decrypt failed on path build request");
        m.respond(serialize_response({{messages::STATUS_KEY, PathBuildMessage::BAD_CRYPTO}}), true);
@ -1182,12 +1172,12 @@ namespace llarp
      }
      oxenc::bt_dict_consumer hop_info{hop_payload};
-      commkey = hop_info.require<std::string>("COMMKEY");
+      auto commkey = hop_info.require<std::string>("COMMKEY");
-      lifetime = hop_info.require<uint64_t>("LIFETIME");
+      auto lifetime = hop_info.require<uint64_t>("LIFETIME");
-      inner_nonce = hop_info.require<ustring>("NONCE");
+      auto inner_nonce = hop_info.require<ustring>("NONCE");
-      rx_id = hop_info.require<std::string>("RX");
+      auto rx_id = hop_info.require<std::string>("RX");
-      tx_id = hop_info.require<std::string>("TX");
+      auto tx_id = hop_info.require<std::string>("TX");
-      upstream = hop_info.require<std::string>("UPSTREAM");
+      auto upstream = hop_info.require<std::string>("UPSTREAM");
      // populate transit hop object with hop info
      // TODO: IP / path build limiting clients
@ -1259,16 +1249,11 @@ namespace llarp
      // onion round to compute the return value, so we don't care about it.
      for (auto& element : payload_list)
      {
-        crypto::onion(
+        crypto::onion(element.data(), element.size(), hop->pathKey, onion_nonce, onion_nonce);
            reinterpret_cast<unsigned char*>(element.data()),
            element.size(),
            hop->pathKey,
            onion_nonce,
            onion_nonce);
      }
      // randomize final frame.  could probably paste our frame on the end and onion it with the
      // rest, but it gains nothing over random.
-      randombytes(reinterpret_cast<uint8_t*>(end_frame.data()), end_frame.size());
+      randombytes(end_frame.data(), end_frame.size());
      payload_list.push_back(std::move(end_frame));
      send_control_message(