void NTCPSession::HandlePhase2Received (const boost::system::error_code& ecode, std::size_t bytes_transferred) { if (ecode) { LogPrint ("Phase 2 read error: ", ecode.message (), ". Wrong ident assumed"); GetRemoteRouterInfo ().SetUnreachable (true); // this RouterInfo is not valid Terminate (); } else { LogPrint ("Phase 2 received: ", bytes_transferred); uint8_t aesKey[32]; CreateAESKey (m_Phase2.pubKey, aesKey); m_Decryption.SetKeyWithIV (aesKey, 32, m_Phase2.pubKey + 240); m_Encryption.SetKeyWithIV (aesKey, 32, m_Phase1.HXxorHI + 16); m_Decryption.ProcessData((uint8_t *)&m_Phase2.encrypted, (uint8_t *)&m_Phase2.encrypted, sizeof(m_Phase2.encrypted)); // verify uint8_t xy[512], hxy[32]; memcpy (xy, i2p::context.GetRouterIdentity ().publicKey, 256); memcpy (xy + 256, m_Phase2.pubKey, 256); CryptoPP::SHA256().CalculateDigest(hxy, xy, 512); if (memcmp (hxy, m_Phase2.encrypted.hxy, 32)) { LogPrint ("Incorrect hash"); Terminate (); return ; } SendPhase3 (); } }
void NTCPClient::HandleConnect (const boost::system::error_code& ecode) { if (ecode) { LogPrint ("Connect error: ", ecode.message ()); GetRemoteRouterInfo ().SetUnreachable (true); Terminate (); } else { LogPrint ("Connected"); ClientLogin (); } }
void NTCPSession::HandlePhase4Received (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsA) { if (ecode) { LogPrint ("Phase 4 read error: ", ecode.message ()); GetRemoteRouterInfo ().SetUnreachable (true); // this router doesn't like us Terminate (); } else { LogPrint ("Phase 4 received: ", bytes_transferred); m_Decryption.Decrypt((uint8_t *)&m_Phase4, sizeof(m_Phase4), (uint8_t *)&m_Phase4); // verify signature SignedData s; memcpy (s.x, m_Phase1.pubKey, 256); memcpy (s.y, m_Phase2.pubKey, 256); memcpy (s.ident, i2p::context.GetRouterInfo ().GetIdentHash (), 32); s.tsA = tsA; s.tsB = m_Phase2.encrypted.timestamp; CryptoPP::DSA::PublicKey pubKey; pubKey.Initialize (dsap, dsaq, dsag, CryptoPP::Integer (m_RemoteRouterInfo.GetRouterIdentity ().signingKey, 128)); CryptoPP::DSA::Verifier verifier (pubKey); if (!verifier.VerifyMessage ((uint8_t *)&s, sizeof(s), m_Phase4.signature, 40)) { LogPrint ("signature verification failed"); Terminate (); return; } Connected (); m_ReceiveBufferOffset = 0; m_NextMessage = nullptr; Receive (); } }