Ratchet: NSR send/recv fixes

2019-11-01 12:56:16 +00:00
parent 0cd8073f39
commit 7c4569816f
3 changed files with 17 additions and 3 deletions
--- a/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java
+++ b/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java
@ -349,6 +349,7 @@ public final class ECIESAEADEngine {
        // part 2 - payload
        byte[] encpayloadkey = new byte[32];
        _hkdf.calculate(k_ba, ZEROLEN, INFO_6, encpayloadkey);
+        rcvr.initializeKey(encpayloadkey, 0);
        byte[] payload = new byte[data.length - (TAGLEN + KEYLEN + MACLEN + MACLEN)];
        try {
            rcvr.decryptWithAd(hash, data, TAGLEN + KEYLEN + MACLEN, payload, 0, payload.length + MACLEN);
@ -659,8 +660,9 @@ public final class ECIESAEADEngine {
        // part 2 - payload
        byte[] encpayloadkey = new byte[32];
        _hkdf.calculate(k_ba, ZEROLEN, INFO_6, encpayloadkey);
+        sender.initializeKey(encpayloadkey, 0);
        try {
-            sender.encryptWithAd(tag, payload, 0, enc, TAGLEN + KEYLEN + MACLEN, payload.length);
+            sender.encryptWithAd(hash, payload, 0, enc, TAGLEN + KEYLEN + MACLEN, payload.length);
        } catch (GeneralSecurityException gse) {
            if (_log.shouldWarn())
                _log.warn("Encrypt fail NSR part 2", gse);
--- a/router/java/src/net/i2p/router/crypto/ratchet/RatchetSKM.java
+++ b/router/java/src/net/i2p/router/crypto/ratchet/RatchetSKM.java
@ -427,12 +427,17 @@ public class RatchetSKM extends SessionKeyManager implements SessionTagListener
            return null;
        }
        HandshakeState state = tagSet.getHandshakeState();
+        synchronized(tagSet) {
+            key = tagSet.consume(tag);
+        }
+        if (key == null) {
+            if (_log.shouldDebug())
+                _log.debug("tag " + tag + " not found in tagset!!! " + tagSet);
+        }
        if (state != null) {
-            key = new SessionKeyAndNonce(state);
            if (_log.shouldDebug())
                _log.debug("IB NSR Tag consumed: " + tag + " from: " + tagSet);
        } else {
-            key = tagSet.consume(tag);
            if (_log.shouldDebug())
                _log.debug("IB ES Tag consumed: " + tag + " from: " + tagSet);
        }
--- a/router/java/src/net/i2p/router/crypto/ratchet/RatchetTagSet.java
+++ b/router/java/src/net/i2p/router/crypto/ratchet/RatchetTagSet.java
@ -223,6 +223,13 @@ class RatchetTagSet implements TagSetHandle {
        int tagnum = _sessionTags.keyAt(idx);
        _sessionTags.removeAt(idx);

+        // NSR
+        if (_state != null) {
+            addTags(tagnum);
+            return new SessionKeyAndNonce(_state);
+        }
+
+        // ES
        // now get the key
        int kidx = _sessionKeys.indexOfKey(tagnum);
        if (kidx >= 0) {