added cloak and removed deadline
This commit is contained in:
херетик
@@ -7,10 +7,10 @@ package packet
|
||||
import (
|
||||
"crypto/cipher"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"git-indra.lan/indra-labs/indra"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/ciph"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/cloak"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/prv"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/pub"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/nonce"
|
||||
@@ -33,9 +33,6 @@ type Packet struct {
|
||||
Length uint32
|
||||
// Parity is the ratio of redundancy. In each 256 segment
|
||||
Parity byte
|
||||
// Deadline is a time after which the message should be received and
|
||||
// dispatched.
|
||||
Deadline time.Time
|
||||
// Data is the message.
|
||||
Data []byte
|
||||
}
|
||||
@@ -48,7 +45,7 @@ func (p *Packet) GetOverhead() int {
|
||||
|
||||
// Overhead is the base overhead on a packet, use GetOverhead to add any extra
|
||||
// as found in a Packet.
|
||||
const Overhead = 4 + nonce.IVLen + pub.KeyLen
|
||||
const Overhead = 4 + nonce.IVLen + pub.KeyLen + cloak.Len
|
||||
|
||||
// Packets is a slice of pointers to packets.
|
||||
type Packets []*Packet
|
||||
@@ -65,23 +62,13 @@ func (p Packets) Swap(i, j int) { p[i], p[j] = p[j], p[i] }
|
||||
// Seen should be populated to send a signal to the other side of keys that have
|
||||
// been seen at time of constructing this packet that can now be discarded as
|
||||
// they will not be used to generate a cipher again.
|
||||
//
|
||||
// This library is for creating segmented, FEC redundancy protected network
|
||||
// packets, and the To sender key should be the publicly advertised public key
|
||||
// of a relay.
|
||||
//
|
||||
// Deadline is a special field that gives a timeout period after which an
|
||||
// incomplete message can be considered expired and flushed from the cache. It
|
||||
// is 32 bits in size as precision to the second is sufficient, and low latency
|
||||
// messages will potentially beat the deadline at one second.
|
||||
type EP struct {
|
||||
To *pub.Key
|
||||
From *prv.Key
|
||||
Parity int
|
||||
Seq int
|
||||
Length int
|
||||
Deadline time.Time
|
||||
Data []byte
|
||||
To *pub.Key
|
||||
From *prv.Key
|
||||
Parity int
|
||||
Seq int
|
||||
Length int
|
||||
Data []byte
|
||||
}
|
||||
|
||||
// GetOverhead returns the amount of the message that will not be part of the
|
||||
@@ -103,19 +90,17 @@ func Encode(ep EP) (pkt []byte, e error) {
|
||||
slice.EncodeUint16(Seq, ep.Seq)
|
||||
Length := slice.NewUint32()
|
||||
slice.EncodeUint32(Length, ep.Length)
|
||||
Deadline := slice.NewUint64()
|
||||
slice.EncodeUint64(Deadline, uint64(ep.Deadline.Unix()))
|
||||
pkt = make([]byte, slice.SumLen(Seq, Length, Deadline,
|
||||
ep.Data)+1+Overhead)
|
||||
pkt = make([]byte, slice.SumLen(Seq, Length, ep.Data)+1+Overhead)
|
||||
// Append pubkey used for encryption key derivation.
|
||||
k := pub.Derive(ep.From).ToBytes()
|
||||
cloaked := cloak.GetCloak(ep.To)
|
||||
// Copy nonce, address and key over top of the header.
|
||||
c := new(slice.Cursor)
|
||||
copy(pkt[c.Inc(4):c.Inc(nonce.IVLen)], nonc[:])
|
||||
copy(pkt[*c:c.Inc(cloak.Len)], cloaked[:])
|
||||
copy(pkt[*c:c.Inc(pub.KeyLen)], k[:])
|
||||
copy(pkt[*c:c.Inc(slice.Uint16Len)], Seq)
|
||||
copy(pkt[*c:c.Inc(slice.Uint32Len)], Length)
|
||||
copy(pkt[*c:c.Inc(slice.Uint64Len)], Deadline)
|
||||
pkt[*c] = byte(ep.Parity)
|
||||
copy(pkt[c.Inc(1):], ep.Data)
|
||||
// Encrypt the encrypted part of the data.
|
||||
@@ -134,7 +119,7 @@ func Encode(ep EP) (pkt []byte, e error) {
|
||||
// found, it is combined with the public key to generate the cipher and the
|
||||
// entire packet should then be decrypted, and the Decode function will then
|
||||
// decode a OnionSkin.
|
||||
func GetKeys(d []byte) (from *pub.Key, e error) {
|
||||
func GetKeys(d []byte) (from *pub.Key, to cloak.PubKey, e error) {
|
||||
pktLen := len(d)
|
||||
if pktLen < Overhead {
|
||||
// If this isn't checked the slice operations later can hit
|
||||
@@ -149,7 +134,8 @@ func GetKeys(d []byte) (from *pub.Key, e error) {
|
||||
var chek []byte
|
||||
c := new(slice.Cursor)
|
||||
chek = d[:c.Inc(4)]
|
||||
copy(k[:], d[c.Inc(nonce.IVLen):c.Inc(pub.KeyLen)])
|
||||
copy(to[:], d[c.Inc(nonce.IVLen):c.Inc(cloak.Len)])
|
||||
copy(k[:], d[*c:c.Inc(pub.KeyLen)])
|
||||
checkHash := sha256.Single(d[4:])
|
||||
if string(chek) != string(checkHash[:4]) {
|
||||
e = fmt.Errorf("check failed: got '%v', expected '%v'",
|
||||
@@ -186,17 +172,14 @@ func Decode(d []byte, from *pub.Key, to *prv.Key) (f *Packet, e error) {
|
||||
}
|
||||
// This decrypts the rest of the packet, which is encrypted for
|
||||
// security.
|
||||
data := d[c.Inc(pub.KeyLen):]
|
||||
data := d[c.Inc(pub.KeyLen+cloak.Len):]
|
||||
ciph.Encipher(blk, nonc, data)
|
||||
seq := slice.NewUint16()
|
||||
length := slice.NewUint32()
|
||||
deadline := slice.NewUint32()
|
||||
seq, data = slice.Cut(data, slice.Uint16Len)
|
||||
f.Seq = uint16(slice.DecodeUint16(seq))
|
||||
length, data = slice.Cut(data, slice.Uint32Len)
|
||||
f.Length = uint32(slice.DecodeUint32(length))
|
||||
deadline, data = slice.Cut(data, slice.Uint64Len)
|
||||
f.Deadline = time.Unix(int64(slice.DecodeUint64(deadline)), 0)
|
||||
f.Parity, data = data[0], data[1:]
|
||||
f.Data = data
|
||||
return
|
||||
|
||||
@@ -4,8 +4,8 @@ import (
|
||||
"crypto/rand"
|
||||
"errors"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/cloak"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/prv"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/pub"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/sha256"
|
||||
@@ -30,19 +30,20 @@ func TestEncode_Decode(t *testing.T) {
|
||||
addr := rP
|
||||
var pkt []byte
|
||||
params := EP{
|
||||
To: addr,
|
||||
From: sp,
|
||||
Data: payload,
|
||||
Seq: 234,
|
||||
Parity: 64,
|
||||
Deadline: time.Now().Add(time.Minute),
|
||||
Length: msgSize,
|
||||
To: addr,
|
||||
From: sp,
|
||||
Data: payload,
|
||||
Seq: 234,
|
||||
Parity: 64,
|
||||
Length: msgSize,
|
||||
}
|
||||
if pkt, e = Encode(params); check(e) {
|
||||
t.Error(e)
|
||||
}
|
||||
var from *pub.Key
|
||||
if from, e = GetKeys(pkt); check(e) {
|
||||
var to cloak.PubKey
|
||||
_ = to
|
||||
if from, to, e = GetKeys(pkt); check(e) {
|
||||
t.Error(e)
|
||||
}
|
||||
if !sP.ToBytes().Equals(from.ToBytes()) {
|
||||
|
||||
@@ -5,6 +5,7 @@ import (
|
||||
"math/rand"
|
||||
"testing"
|
||||
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/cloak"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/prv"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/key/pub"
|
||||
"git-indra.lan/indra-labs/indra/pkg/crypto/sha256"
|
||||
@@ -42,7 +43,9 @@ func TestSplitJoin(t *testing.T) {
|
||||
for i := range splitted {
|
||||
var pkt *Packet
|
||||
var from *pub.Key
|
||||
if from, e = GetKeys(splitted[i]); check(e) {
|
||||
var to cloak.PubKey
|
||||
_ = to
|
||||
if from, to, e = GetKeys(splitted[i]); check(e) {
|
||||
log.I.Ln(i)
|
||||
continue
|
||||
}
|
||||
@@ -209,7 +212,9 @@ func TestSplitJoinFEC(t *testing.T) {
|
||||
for s := range splitted {
|
||||
var pkt *Packet
|
||||
var from *pub.Key
|
||||
if from, e = GetKeys(
|
||||
var to cloak.PubKey
|
||||
_ = to
|
||||
if from, to, e = GetKeys(
|
||||
splitted[s]); e != nil {
|
||||
// we are puncturing, they some will
|
||||
// fail to decode
|
||||
|
||||
Reference in New Issue
Block a user