private SSUState VerifyRemoteSignature()
{
var baaddr = new BufLen(AAddr);
var bbport = BufUtils.Flip16BL((ushort)Session.MyRouterContext.UDPPort);
#if LOG_MUCH_TRANSPORT
Logging.LogTransport($"SSU {this}: X for signature {Request.X}.");
Logging.LogTransport($"SSU {this}: Y for signature {Y.Key}.");
Logging.LogTransport($"SSU {this}: Alice address for signature {baaddr}. Port {(BufLen)APort}.");
Logging.LogTransport($"SSU {this}: Bob address for signature {Request.Address}. Port {bbport}.");
Logging.LogTransport($"SSU {this}: Relay tag {(BufLen)RelayTag}. Signon time {(BufLen)ASignonTime}.");
#endif
var signdata = new BufLen[] {
Request.X, Y.Key,
baaddr, BufUtils.To16BL(APort),
Request.Address, bbport,
BufUtils.To32BL(RelayTag), BufUtils.To32BL(ASignonTime)
};
var ok = I2PSignature.DoVerify(Session.RemoteRouter.SigningPublicKey, ASign, signdata);
Logging.LogTransport($"SSU SessionCreatedState {Session.DebugId}: " +
$"{Session.RemoteRouter.Certificate.SignatureType} " +
$"signature check: {ok}");
if (!ok)
{
throw new SignatureCheckFailureException("SSU SessionCreatedState recv sig check failure");
}
Logging.LogTransport("SSU SessionCreatedState: Session " + Session.DebugId + " established. Moving to Established state.");
var next = new EstablishedState(Session);
Session.ReportConnectionEstablished();
NetDb.Inst.Statistics.SuccessfulConnect(Session.RemoteRouter.IdentHash);
return(next);
}
private void SendSessionCreated()
{
SendMessage(
SSUHeader.MessageTypes.SessionCreated,
Session.MyRouterContext.IntroKey,
Session.MyRouterContext.IntroKey,
(start, writer) =>
{
writer.Write(Y.Key);
AAddr = Session.RemoteEP.Address.GetAddressBytes();
writer.Write8((byte)AAddr.Length);
writer.Write(AAddr);
APort = BufUtils.Flip16((ushort)Session.RemoteEP.Port);
writer.Write16(APort);
writer.WriteFlip32(RelayTag);
Session.SignOnTimeB = BufUtils.Flip32(SSUHost.SSUTime(DateTime.UtcNow));
writer.Write32(Session.SignOnTimeB);
var sign = I2PSignature.DoSign(Session.MyRouterContext.PrivateSigningKey,
Request.X, Y.Key,
new BufLen(AAddr), BufUtils.To16BL(APort),
Request.Address, BufUtils.Flip16BL((ushort)Session.MyRouterContext.UDPPort),
BufUtils.To32BL(RelayTag), BufUtils.To32BL(Session.SignOnTimeB));
var signstart = new BufLen(writer);
writer.Write(sign);
var padding = BufUtils.Get16BytePadding(writer - signstart);
writer.Write(BufUtils.RandomBytes(padding));
var cipher = new CbcBlockCipher(new AesEngine());
var signcryptbuf = new BufLen(signstart, 0, writer - signstart);
cipher.Init(true, Session.SharedKey.ToParametersWithIV(new BufLen(start, 16, 16)));
cipher.ProcessBytes(signcryptbuf);
return(true);
});
}