X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=src%2Fcypherpunks.ru%2Fnncp%2Fpkt.go;h=fa46282c3b9354d5ea8382ec57d46096cd3a53e9;hb=938477682cd6212a88a67c31f46e46c205c7d989;hp=b35f83e3ee969f6fdaad031ae3972b83b8cf04bb;hpb=185b441a8368a9617a5a58b6af75bca3e9195301;p=nncp.git diff --git a/src/cypherpunks.ru/nncp/pkt.go b/src/cypherpunks.ru/nncp/pkt.go index b35f83e..fa46282 100644 --- a/src/cypherpunks.ru/nncp/pkt.go +++ b/src/cypherpunks.ru/nncp/pkt.go @@ -53,7 +53,7 @@ const ( var ( MagicNNCPPv1 [8]byte = [8]byte{'N', 'N', 'C', 'P', 'P', 0, 0, 1} - MagicNNCPEv1 [8]byte = [8]byte{'N', 'N', 'C', 'P', 'E', 0, 0, 1} + MagicNNCPEv2 [8]byte = [8]byte{'N', 'N', 'C', 'P', 'E', 0, 0, 2} BadMagic error = errors.New("Unknown magic number") BadPktType error = errors.New("Unknown packet type") @@ -71,17 +71,18 @@ type Pkt struct { type PktTbs struct { Magic [8]byte Nice uint8 - Recipient *NodeId Sender *NodeId + Recipient *NodeId ExchPub *[32]byte } type PktEnc struct { - Magic [8]byte - Nice uint8 - Sender *NodeId - ExchPub *[32]byte - Sign *[ed25519.SignatureSize]byte + Magic [8]byte + Nice uint8 + Sender *NodeId + Recipient *NodeId + ExchPub *[32]byte + Sign *[ed25519.SignatureSize]byte } func init() { @@ -102,11 +103,12 @@ func init() { panic(err) } pktEnc := PktEnc{ - Magic: MagicNNCPEv1, - Nice: 123, - Sender: dummyId, - ExchPub: new([32]byte), - Sign: new([ed25519.SignatureSize]byte), + Magic: MagicNNCPEv2, + Nice: 123, + Sender: dummyId, + Recipient: dummyId, + ExchPub: new([32]byte), + Sign: new([ed25519.SignatureSize]byte), } n, err = xdr.Marshal(&buf, pktEnc) if err != nil { @@ -157,10 +159,10 @@ func PktEncWrite(our *NodeOur, their *Node, pkt *Pkt, nice uint8, size, padSize return err } tbs := PktTbs{ - Magic: MagicNNCPEv1, + Magic: MagicNNCPEv2, Nice: nice, - Recipient: their.Id, Sender: our.Id, + Recipient: their.Id, ExchPub: pubEph, } var tbsBuf bytes.Buffer @@ -170,18 +172,19 @@ func PktEncWrite(our *NodeOur, their *Node, pkt *Pkt, nice uint8, size, padSize signature := new([ed25519.SignatureSize]byte) copy(signature[:], ed25519.Sign(our.SignPrv, tbsBuf.Bytes())) pktEnc := PktEnc{ - Magic: MagicNNCPEv1, - Nice: nice, - Sender: our.Id, - ExchPub: pubEph, - Sign: signature, + Magic: MagicNNCPEv2, + Nice: nice, + Sender: our.Id, + Recipient: their.Id, + ExchPub: pubEph, + Sign: signature, } if _, err = xdr.Marshal(out, &pktEnc); err != nil { return err } sharedKey := new([32]byte) curve25519.ScalarMult(sharedKey, prvEph, their.ExchPub) - kdf := hkdf.New(blake256, sharedKey[:], nil, MagicNNCPEv1[:]) + kdf := hkdf.New(blake256, sharedKey[:], nil, MagicNNCPEv2[:]) keyEnc := make([]byte, 32) if _, err = io.ReadFull(kdf, keyEnc); err != nil { @@ -257,10 +260,10 @@ func PktEncWrite(our *NodeOur, their *Node, pkt *Pkt, nice uint8, size, padSize func TbsVerify(our *NodeOur, their *Node, pktEnc *PktEnc) (bool, error) { tbs := PktTbs{ - Magic: MagicNNCPEv1, + Magic: MagicNNCPEv2, Nice: pktEnc.Nice, - Recipient: our.Id, Sender: their.Id, + Recipient: our.Id, ExchPub: pktEnc.ExchPub, } var tbsBuf bytes.Buffer @@ -276,13 +279,16 @@ func PktEncRead(our *NodeOur, nodes map[NodeId]*Node, data io.Reader, out io.Wri if err != nil { return nil, 0, err } - if pktEnc.Magic != MagicNNCPEv1 { + if pktEnc.Magic != MagicNNCPEv2 { return nil, 0, BadMagic } their, known := nodes[*pktEnc.Sender] if !known { return nil, 0, errors.New("Unknown sender") } + if *pktEnc.Recipient != *our.Id { + return nil, 0, errors.New("Invalid recipient") + } verified, err := TbsVerify(our, their, &pktEnc) if err != nil { return nil, 0, err @@ -292,7 +298,7 @@ func PktEncRead(our *NodeOur, nodes map[NodeId]*Node, data io.Reader, out io.Wri } sharedKey := new([32]byte) curve25519.ScalarMult(sharedKey, our.ExchPrv, pktEnc.ExchPub) - kdf := hkdf.New(blake256, sharedKey[:], nil, MagicNNCPEv1[:]) + kdf := hkdf.New(blake256, sharedKey[:], nil, MagicNNCPEv2[:]) keyEnc := make([]byte, 32) if _, err = io.ReadFull(kdf, keyEnc); err != nil {