public SessionRequestState(SSUSession sess) : base(sess) { var keys = I2PPrivateKey.GetNewKeyPair(); PrivateKey = keys.PrivateKey; X = keys.PublicKey; }
private void Load(string filename) { using (var fs = new FileStream(filename, FileMode.Open, FileAccess.Read)) { using (var ms = new MemoryStream()) { byte[] buf = new byte[8192]; int len; while ((len = fs.Read(buf, 0, buf.Length)) != 0) { ms.Write(buf, 0, len); } var reader = new BufRefLen(ms.ToArray()); Certificate = new I2PCertificate(reader); PrivateSigningKey = new I2PSigningPrivateKey(reader, Certificate); PublicSigningKey = new I2PSigningPublicKey(reader, Certificate); PrivateKey = new I2PPrivateKey(reader, Certificate); PublicKey = new I2PPublicKey(reader, Certificate); MyRouterIdentity = new I2PRouterIdentity(reader); Published = new I2PDate(reader); IntroKey = reader.ReadBufLen(32); } } }
public static byte[] Encrypt(BufLen data, I2PPublicKey key, bool zeropad) { var result = new byte[zeropad ? EncryptedPaddedLength : EncryptedShortLength]; Encrypt(new BufRefLen(result), data, key, zeropad); return(result); }
public static void Encrypt(BufRef dest, BufLen data, I2PPublicKey key, bool zeropad) { if (data == null || data.Length > ClearTextLength) { throw new InvalidParameterException($"ElGamal data must be {ClearTextLength} bytes or less!"); } var k = new BigInteger(I2PConstants.ElGamalFullExponentBits, Rnd); var a = I2PConstants.ElGamalG.ModPow(k, I2PConstants.ElGamalP); var b1 = key.ToBigInteger().ModPow(k, I2PConstants.ElGamalP); var start = new BufLen(new byte[EGBlockLength]); var writer = new BufRefLen(start, 1); start[0] = 0xFF; writer.Write(I2PHashSHA256.GetHash(data)); writer.Write(data); var egblock = new BufLen(start, 0, writer - start); var egint = egblock.ToBigInteger(); var b = b1.Multiply(egint).Mod(I2PConstants.ElGamalP); var targetlen = zeropad ? EncryptedPaddedLength / 2 : EncryptedShortLength / 2; WriteToDest(dest, a, targetlen); WriteToDest(dest, b, targetlen); }
public ElGamalTest() { Private = new I2PPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); Public = new I2PPublicKey(Private); Me = new I2PRouterIdentity(Public, new I2PSigningPublicKey(new BigInteger("12"), I2PKeyType.DefaultSigningKeyCert)); }
public SessionCreatedState(SSUSession sess) : base(sess) { var keys = I2PPrivateKey.GetNewKeyPair(); PrivateKey = keys.PrivateKey; Y = keys.PublicKey; }
public SessionRequestState(SSUSession sess, bool remoteisfirewalled) : base(sess) { RemoteIsFirewalled = remoteisfirewalled; var keys = I2PPrivateKey.GetNewKeyPair(); PrivateKey = keys.PrivateKey; X = keys.PublicKey; }
public SessionCreatedState(SSUSession sess) : base(sess) { var keys = I2PPrivateKey.GetNewKeyPair(); PrivateKey = keys.PrivateKey; Y = keys.PublicKey; Session.MACKey = Session.MyRouterContext.IntroKey; Session.SharedKey = Session.MyRouterContext.IntroKey; }
public ElGamalCrypto(I2PPublicKey key) { var k = new BigInteger(I2PConstants.ElGamalP.BitLength, new SecureRandom()); if (k.CompareTo(BigInteger.Zero) == 0) { k = BigInteger.One; } a = I2PConstants.ElGamalG.ModPow(k, I2PConstants.ElGamalP); b1 = key.ToBigInteger().ModPow(k, I2PConstants.ElGamalP); }
public GarlicTest() { Private = new I2PPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); Public = new I2PPublicKey(Private); Me = new I2PRouterIdentity(Public, new I2PSigningPublicKey(new BigInteger("12"), I2PKeyType.DefaultSigningKeyCert)); DestinationPrivate = new I2PPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); DestinationPublic = new I2PPublicKey(DestinationPrivate); Destination = new I2PRouterIdentity(DestinationPublic, new I2PSigningPublicKey(new BigInteger("277626"), I2PKeyType.DefaultSigningKeyCert)); PrivateSigning = new I2PSigningPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); PublicSigning = new I2PSigningPublicKey(PrivateSigning); }
public I2NPMessagesTest() { Private = new I2PPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); Public = new I2PPublicKey(Private); PrivateSigning = new I2PSigningPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); PublicSigning = new I2PSigningPublicKey(PrivateSigning); var CertificateEd25519 = new I2PCertificate(I2PSigningKey.SigningKeyTypes.EdDSA_SHA512_Ed25519); PrivateSigningEd25519 = new I2PSigningPrivateKey(CertificateEd25519); PublicSigningEd25519 = new I2PSigningPublicKey(PrivateSigningEd25519); Me = new I2PRouterIdentity(Public, new I2PSigningPublicKey(new BigInteger("12"), I2PKeyType.DefaultSigningKeyCert)); }
public GarlicTest() { Logging.LogToConsole = true; Logging.LogLevel = Logging.LogLevels.DebugData; Private = new I2PPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); Public = new I2PPublicKey(Private); Me = new I2PRouterIdentity(Public, new I2PSigningPublicKey(new BigInteger("12"), I2PKeyType.DefaultSigningKeyCert)); DestinationPrivate = new I2PPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); DestinationPublic = new I2PPublicKey(DestinationPrivate); Destination = new I2PRouterIdentity(DestinationPublic, new I2PSigningPublicKey(new BigInteger("277626"), I2PKeyType.DefaultSigningKeyCert)); PrivateSigning = new I2PSigningPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); PublicSigning = new I2PSigningPublicKey(PrivateSigning); }
private void SendLeaseSetUpdateGarlic( I2PIdentHash ffdest, I2PPublicKey pubkey, I2PLeaseSet ls, uint token) { // If greater than zero, a DeliveryStatusMessage // is requested with the Message ID set to the value of the Reply Token. // A floodfill router is also expected to flood the data to the closest floodfill peers // if the token is greater than zero. // https://geti2p.net/spec/i2np#databasestore var outtunnel = TunnelProvider.Inst.GetEstablishedOutboundTunnel(false); var replytunnel = ls.Leases.Random(); if (outtunnel is null || replytunnel is null) { Logging.LogDebug($"SendLeaseSetUpdateGarlic: " + $"outtunnel: {outtunnel}, replytunnel: {replytunnel?.TunnelGw?.Id32Short}"); return; } var ds = new DatabaseStoreMessage(ls); var delivstatus = new DeliveryStatusMessage(token); // As explained on the network database page, local LeaseSets are sent to floodfill // routers in a Database Store Message wrapped in a Garlic Message so it is not // visible to the tunnel's outbound gateway. var garlic = new Garlic( new GarlicClove( new GarlicCloveDeliveryLocal(ds)), new GarlicClove( new GarlicCloveDeliveryTunnel(delivstatus, replytunnel.TunnelGw, replytunnel.TunnelId)) ); var egmsg = Garlic.EGEncryptGarlic(garlic, pubkey, new I2PSessionKey(), null); outtunnel.Send( new TunnelMessageRouter( egmsg, ffdest)); }
private void NewIdentity(I2PCertificate cert) { Published = new I2PDate(DateTime.UtcNow.AddMinutes(-1)); Certificate = cert != null ? cert : new I2PCertificate(I2PSigningKey.SigningKeyTypes.EdDSA_SHA512_Ed25519); //Certificate = new I2PCertificate( I2PSigningKey.SigningKeyTypes.EdDSA_SHA512_Ed25519 ); //Certificate = new I2PCertificate( I2PSigningKey.SigningKeyTypes.ECDSA_SHA256_P256 ); //Certificate = new I2PCertificate( I2PSigningKey.SigningKeyTypes.ECDSA_SHA384_P384 ); //Certificate = new I2PCertificate( I2PSigningKey.SigningKeyTypes.DSA_SHA1 ); PrivateSigningKey = new I2PSigningPrivateKey(Certificate); PublicSigningKey = new I2PSigningPublicKey(PrivateSigningKey); var keys = I2PPrivateKey.GetNewKeyPair(); PrivateKey = keys.PrivateKey; PublicKey = keys.PublicKey; MyRouterIdentity = new I2PRouterIdentity(PublicKey, PublicSigningKey); IntroKey.Randomize(); }
public void TestEGCompatibilityDecode() { var priv = new I2PPrivateKey( new BufRefLen(FreenetBase64.Decode(PRIVATE_KEY)), new I2PCertificate()); var pub = new I2PPublicKey( new BufRefLen(FreenetBase64.Decode(PUBLIC_KEY)), new I2PCertificate()); for (int i = 0; i < ENCRYPTED.Length; ++i) { var decr = ElGamalCrypto.Decrypt( new BufLen(FreenetBase64.Decode(ENCRYPTED[i])), priv, true); var clear = new BufLen(Encoding.UTF8.GetBytes(UNENCRYPTED[i])); Assert.IsTrue(decr == clear); } }
public static GarlicMessage EGEncryptGarlic( Garlic msg, I2PPublicKey pubkey, I2PSessionKey sessionkey, List <I2PSessionTag> newtags) { var cipher = new CbcBlockCipher(new AesEngine()); var payload = msg.ToByteArray(); var dest = new BufLen(new byte[65536]); // Reserve header + 4 bytes for GarlicMessageLength var writer = new BufRefLen(dest, I2NPMaxHeaderSize + 4); // ElGamal block var egbuf = new BufLen(new byte[222]); var sessionkeybuf = new BufLen(egbuf, 0, 32); var preivbuf = new BufLen(egbuf, 32, 32); var egpadding = new BufLen(egbuf, 64, 158); egpadding.Randomize(); preivbuf.Randomize(); sessionkeybuf.Poke(sessionkey.Key, 0); var iv = new BufLen(I2PHashSHA256.GetHash(preivbuf), 0, 16); ElGamalCrypto.Encrypt(writer, egbuf, pubkey, true); // AES block var aesstart = new BufLen(writer); var aesblock = new GarlicAESBlock(writer, newtags, null, new BufRefLen(payload)); cipher.Init(true, sessionkey.Key.ToParametersWithIV(iv)); cipher.ProcessBytes(aesblock.DataBuf); var length = writer - dest; dest.PokeFlip32((uint)(length - 4), I2NPMaxHeaderSize); return(new GarlicMessage(new BufRefLen(dest, I2NPMaxHeaderSize, length))); }
public EGBuildRequestRecord(BuildRequestRecord src, I2PIdentHash topeer, I2PPublicKey key) : this(new BufLen(new byte[Length]), src, topeer, key) { }
public EGBuildRequestRecord(BufLen dest, BuildRequestRecord src, I2PIdentHash topeer, I2PPublicKey key) { Data = dest; var writer = new BufRefLen(Data); writer.Write(topeer.Hash16); var datastart = new BufLen(writer); var crypto = new ElGamalCrypto(key); crypto.Encrypt(writer, src.Data, false); }
public override SSUState HandleMessage(SSUHeader header, BufRefLen reader) { var tstime = SSUHost.SSUDateTime(header.TimeStamp); if (header.MessageType != SSUHeader.MessageTypes.SessionCreated) { #if LOG_ALL_TRANSPORT Logging.LogTransport("SSU SessionRequestState: Received unexpected message " + tstime.ToString() + " : " + header.Flag.ToString()); #endif return(this); } SCMessage = new SessionCreated(reader, Session.RemoteRouter.Certificate); Session.RelayTag = SCMessage.RelayTag; Y = new I2PPublicKey((BufRefLen)SCMessage.Y, Session.RemoteRouter.Certificate); BufUtils.DHI2PToSessionAndMAC(out Session.SharedKey, out Session.MACKey, Y.ToBigInteger().ModPow(PrivateKey.ToBigInteger(), I2PConstants.ElGamalP)); var ipaddr = new IPAddress(SCMessage.Address.ToByteArray()); ushort port = SCMessage.Port.PeekFlip16(0); Session.SignOnTimeB = SCMessage.SignOnTime.Peek32(0); var btime = SSUHost.SSUDateTime(BufUtils.Flip32(Session.SignOnTimeB)); #if LOG_ALL_TRANSPORT Logging.LogTransport("SSU SessionRequestState " + Session.DebugId + " : Received SessionCreated. " + tstime.ToString() + " : " + btime.ToString()); #endif Session.Host.ReportedAddress(ipaddr); if (!I2PSignature.SupportedSignatureType(Session.RemoteRouter.Certificate.SignatureType)) { throw new SignatureCheckFailureException("SSU SessionRequestState " + Session.DebugId + " : " + "Received non supported signature type: " + Session.RemoteRouter.Certificate.SignatureType.ToString()); } var cipher = new CbcBlockCipher(new AesEngine()); cipher.Init(false, Session.SharedKey.ToParametersWithIV(header.IV)); cipher.ProcessBytes(SCMessage.SignatureEncrBuf); var baddr = new BufLen(Session.RemoteEP.Address.GetAddressBytes()); var sign = new I2PSignature((BufRefLen)SCMessage.Signature, Session.RemoteRouter.Certificate); var sok = I2PSignature.DoVerify( Session.RemoteRouter.SigningPublicKey, sign, X.Key, Y.Key, SCMessage.Address, SCMessage.Port, baddr, BufUtils.Flip16BL((ushort)Session.RemoteEP.Port), SCMessage.RelayTag, SCMessage.SignOnTime); #if LOG_ALL_TRANSPORT Logging.LogTransport("SSU SessionRequestState: Signature check: " + sok.ToString() + ". " + Session.RemoteRouter.Certificate.SignatureType.ToString()); #endif if (!sok) { throw new SignatureCheckFailureException("SSU SessionRequestState " + Session.DebugId + ": Received SessionCreated signature check failed." + Session.RemoteRouter.Certificate.ToString()); } var relaytag = SCMessage.RelayTag.PeekFlip32(0); if (relaytag != 0) { Session.Host.IntroductionRelayOffered( new IntroducerInfo( Session.RemoteEP.Address, (ushort)Session.RemoteEP.Port, Session.IntroKey, relaytag)); } Logging.LogTransport("SSU SessionRequestState: Session " + Session.DebugId + " created. Moving to SessionConfirmedState."); Session.ReportConnectionEstablished(); return(new SessionConfirmedState(Session, this)); }
public ElGamalTest() { Private = new I2PPrivateKey(I2PKeyType.DefaultAsymetricKeyCert); Public = new I2PPublicKey(Private); }