Work on curve25519 stuff so I can generate my own routerInfos instead of just sending crap to other people

2024-09-09 20:10:38 -04:00
parent bba9350506
commit 3d535f67a1
9 changed files with 216 additions and 118 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -7,3 +7,5 @@
 go-i2p
 *.exe
 .idea/
 router.info
 log
--- a/go.mod
+++ b/go.mod
@@ -1,18 +1,22 @@
 module github.com/go-i2p/go-i2p
-go 1.21
+go 1.22
 toolchain go1.22.5
 require (
 	github.com/eyedeekay/go-unzip v0.0.0-20240201194209-560d8225b50e
 	github.com/flynn/noise v1.1.0
 	github.com/sirupsen/logrus v1.9.3
-	github.com/stretchr/testify v1.7.0
+	github.com/stretchr/testify v1.9.0
-	golang.org/x/crypto v0.23.0
+	go.step.sm/crypto v0.51.2
 	golang.org/x/crypto v0.26.0
 )
 require (
 	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	golang.org/x/sys v0.20.0 // indirect
+	golang.org/x/sys v0.24.0 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,3 +1,5 @@
 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -15,21 +17,25 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 go.step.sm/crypto v0.51.2 h1:5EiCGIMg7IvQTGmJrwRosbXeprtT80OhoS/PJarg60o=
 go.step.sm/crypto v0.51.2/go.mod h1:QK7czLjN2k+uqVp5CHXxJbhc70kVRSP+0CQF3zsR5M0=
 golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
-golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
+golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
-golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
+golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
+golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/lib/common/data/string.go
+++ b/lib/common/data/string.go
@@ -46,13 +46,13 @@ func (str I2PString) Length() (length int, err error) {
 	length = l.Int()
 	str_len := len(str)
 	if length > str_len {
-		log.WithFields(log.Fields{
+		/*log.WithFields(log.Fields{
 			"at":                  "(I2PString) Length",
 			"string_bytes_length": str_len,
 			"string_length_field": length,
 			"data":                string(str),
 			"reason":              "data less than specified by length",
-		}).Error("string format warning")
+		}).Error("string format warning")*/
 		err = errors.New("string parsing warning: string data is shorter than specified by length")
 	}
 	return
--- a/lib/common/keys_and_cert/keys_and_cert.go
+++ b/lib/common/keys_and_cert/keys_and_cert.go
@@ -85,78 +85,11 @@ func (keys_and_cert KeysAndCert) Bytes() []byte {
 // PublicKey returns the public key as a crypto.PublicKey.
 func (keys_and_cert *KeysAndCert) PublicKey() (key crypto.PublicKey) {
 	/*cert := keys_and_cert.Certificate()
 	cert_len := cert.Length()
 	if err != nil {
 		return
 	}
 	if cert_len == 0 {
 		// No Certificate is present, return the KEYS_AND_CERT_PUBKEY_SIZE byte
 		// PublicKey space as ElgPublicKey.
 		var elg_key crypto.ElgPublicKey
 		copy(keys_and_cert[:KEYS_AND_CERT_PUBKEY_SIZE], elg_key[:])
 		key = elg_key
 	} else {
 		// A Certificate is present in this KeysAndCert
 		cert_type := cert.Type()
 		if cert_type == CERT_KEY {
 			// This KeysAndCert contains a Key Certificate, construct
 			// a PublicKey from the data in the KeysAndCert and
 			// any additional data in the Certificate.
 			key, err = KeyCertificateFromCertificate(cert).ConstructPublicKey(
 				keys_and_cert[:KEYS_AND_CERT_PUBKEY_SIZE],
 			)
 		} else {
 			// Key Certificate is not present, return the KEYS_AND_CERT_PUBKEY_SIZE byte
 			// PublicKey space as ElgPublicKey.  No other Certificate
 			// types are currently in use.
 			var elg_key crypto.ElgPublicKey
 			copy(keys_and_cert[:KEYS_AND_CERT_PUBKEY_SIZE], elg_key[:])
 			key = elg_key
 			log.WithFields(log.Fields{
 				"at":        "(KeysAndCert) PublicKey",
 				"cert_type": cert_type,
 			}).Warn("unused certificate type observed")
 		}
 	}
 	return*/
 	return keys_and_cert.publicKey
 }
 // SigningPublicKey returns the signing public key.
 func (keys_and_cert *KeysAndCert) SigningPublicKey() (signing_public_key crypto.SigningPublicKey) {
 	/*cert := keys_and_cert.Certificate()
 	cert_len := cert.Length()
 	if err != nil {
 		return
 	}
 	if cert_len == 0 {
 		// No Certificate is present, return the KEYS_AND_CERT_SPK_SIZE byte
 		// SigningPublicKey space as legacy DSA SHA1 SigningPublicKey.
 		var dsa_pk crypto.DSAPublicKey
 		copy(dsa_pk[:], keys_and_cert[KEYS_AND_CERT_PUBKEY_SIZE:KEYS_AND_CERT_PUBKEY_SIZE+KEYS_AND_CERT_SPK_SIZE])
 		signing_public_key = dsa_pk
 	} else {
 		// A Certificate is present in this KeysAndCert
 		cert_type := cert.Type()
 		if cert_type == CERT_KEY {
 			// This KeysAndCert contains a Key Certificate, construct
 			// a SigningPublicKey from the data in the KeysAndCert and
 			// any additional data in the Certificate.
 			signing_public_key, err = KeyCertificateFromCertificate(cert).ConstructSigningPublicKey(
 				keys_and_cert[KEYS_AND_CERT_PUBKEY_SIZE : KEYS_AND_CERT_PUBKEY_SIZE+KEYS_AND_CERT_SPK_SIZE],
 			)
 		} else {
 			// Key Certificate is not present, return the KEYS_AND_CERT_SPK_SIZE byte
 			// SigningPublicKey space as legacy SHA DSA1 SigningPublicKey.
 			// No other Certificate types are currently in use.
 			var dsa_pk crypto.DSAPublicKey
 			copy(dsa_pk[:], keys_and_cert[KEYS_AND_CERT_PUBKEY_SIZE:KEYS_AND_CERT_PUBKEY_SIZE+KEYS_AND_CERT_SPK_SIZE])
 			signing_public_key = dsa_pk
 		}
 	}*/
 	return keys_and_cert.signingPublicKey
 }
--- a/lib/common/keys_and_cert/private_keys_and_cert.go
+++ b/lib/common/keys_and_cert/private_keys_and_cert.go
@@ -0,0 +1,18 @@
 package keys_and_cert
 import "crypto"
 // PrivateKeysAndCert contains a KeysAndCert along with the corresponding private keys for the
 // Public Key and the Signing Public Key
 type PrivateKeysAndCert struct {
 	KeysAndCert
 	PK_KEY crypto.PrivateKey
 	SPK_KEY crypto.PrivateKey
 }
 func NewPrivateKeysAndCert() (*PrivateKeysAndCert, error) {
 	var pkc PrivateKeysAndCert
 	var err error
 	//pkc.PK_KEY, err = 
 	return &pkc, err
 }
--- a/lib/crypto/curve25519.go
+++ b/lib/crypto/curve25519.go
@@ -0,0 +1,141 @@
 package crypto
 import (
 	"crypto/rand"
 	"crypto/sha256"
 	"crypto/sha512"
 	"errors"
 	"io"
 	"math/big"
 	curve25519 "go.step.sm/crypto/x25519"
 )
 var Curve25519EncryptTooBig = errors.New("failed to encrypt data, too big for Curve25519")
 type Curve25519PublicKey []byte
 type Curve25519Verifier struct {
 	k []byte
 }
 func (k Curve25519PublicKey) NewVerifier() (v Verifier, err error) {
 	temp := new(Curve25519Verifier)
 	temp.k = k
 	v = temp
 	return temp, nil
 }
 func (k Curve25519PublicKey) Len() int {
 	return len(k)
 }
 func createCurve25519PublicKey(data []byte) (k *curve25519.PublicKey) {
 	if len(data) == 256 {
 		k2 := curve25519.PublicKey{}
 		copy(k2[:], data)
 		k = &k2
 	}
 	return
 }
 func createCurve25519Encryption(pub *curve25519.PublicKey, rand io.Reader) (enc *Curve25519Encryption, err error) {
 	/*kbytes := make([]byte, 256)
 	k := new(big.Int)
 	for err == nil {
 		_, err = io.ReadFull(rand, kbytes)
 		k = new(big.Int).SetBytes(kbytes)
 		k = k.Mod(k, pub.P)
 		if k.Sign() != 0 {
 			break
 		}
 	}
 	if err == nil {
 		enc = &Curve25519Encryption{}
 	}*/
 	return
 }
 type Curve25519Encryption struct {
 	p, a, b1 *big.Int
 }
 func (curve25519 *Curve25519Encryption) Encrypt(data []byte) (enc []byte, err error) {
 	return curve25519.EncryptPadding(data, true)
 }
 func (curve25519 *Curve25519Encryption) EncryptPadding(data []byte, zeroPadding bool) (encrypted []byte, err error) {
 	if len(data) > 222 {
 		err = Curve25519EncryptTooBig
 		return
 	}
 	mbytes := make([]byte, 255)
 	mbytes[0] = 0xFF
 	copy(mbytes[33:], data)
 	// do sha256 of payload
 	d := sha256.Sum256(mbytes[33 : len(data)+33])
 	copy(mbytes[1:], d[:])
 	m := new(big.Int).SetBytes(mbytes)
 	// do encryption
 	b := new(big.Int).Mod(new(big.Int).Mul(curve25519.b1, m), curve25519.p).Bytes()
 	if zeroPadding {
 		encrypted = make([]byte, 514)
 		copy(encrypted[1:], curve25519.a.Bytes())
 		copy(encrypted[258:], b)
 	} else {
 		encrypted = make([]byte, 512)
 		copy(encrypted, curve25519.a.Bytes())
 		copy(encrypted[256:], b)
 	}
 	return
 }
 func (elg Curve25519PublicKey) NewEncrypter() (enc Encrypter, err error) {
 	k := createCurve25519PublicKey(elg[:])
 	enc, err = createCurve25519Encryption(k, rand.Reader)
 	return
 }
 func (v *Curve25519Verifier) VerifyHash(h, sig []byte) (err error) {
 	if len(sig) != curve25519.SignatureSize {
 		err = ErrBadSignatureSize
 		return
 	}
 	if len(v.k) != curve25519.PublicKeySize {
 		err = errors.New("failed to verify: invalid curve25519 public key size")
 		return
 	}
 	ok := curve25519.Verify(v.k, h, sig)
 	if !ok {
 		err = errors.New("failed to verify: invalid signature")
 	}
 	return
 }
 func (v *Curve25519Verifier) Verify(data, sig []byte) (err error) {
 	h := sha512.Sum512(data)
 	err = v.VerifyHash(h[:], sig)
 	return
 }
 type Curve25519PrivateKey curve25519.PrivateKey
 type Curve25519Signer struct {
 	k []byte
 }
 func (s *Curve25519Signer) Sign(data []byte) (sig []byte, err error) {
 	if len(s.k) != curve25519.PrivateKeySize {
 		err = errors.New("failed to sign: invalid curve25519 private key size")
 		return
 	}
 	h := sha512.Sum512(data)
 	sig, err = s.SignHash(h[:])
 	return
 }
 func (s *Curve25519Signer) SignHash(h []byte) (sig []byte, err error) {
 	return curve25519.Sign(rand.Reader, s.k, h)
 }
--- a/lib/transport/noise/noise.go
+++ b/lib/transport/noise/noise.go
@@ -72,31 +72,52 @@ func (ns *Noise) MatchAddr(addr net.Addr) (*router_address.RouterAddress, error)
 	return nil, fmt.Errorf("no suitable address found for type %s from %s", addr.Network(), addr.String())
 }
 func dialWrapper(network, address string) (net.Conn, error) {
 	switch network {
 	case "SSU24":
 		return net.Dial("udp4", address)
 	case "SSU26":
 		return net.Dial("udp6", address)
 	case "NTCP2":
 		return net.Dial("tcp", address)
 	case "NTCP24":
 		return net.Dial("tcp4", address)
 	case "NTCP26":
 		return net.Dial("tcp6", address)
 	case "NTCP4":
 		return net.Dial("tcp4", address)
 	case "NTCP6":
 		return net.Dial("tcp6", address)
 	default:
 		return nil, fmt.Errorf("unknown transport, cannot dial %s", network)
 	}
 }
 func (ns Noise) DialNoise(addr router_address.RouterAddress) (net.Conn, error) {
 	cfg := ns
 	cfg.Initiator = false
 	network := addr.Network()
 	host, err := addr.Host()
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("host error: %s", err)
 	}
 	port, err := addr.Port()
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("port error: %s", err)
 	}
 	raddr := net.JoinHostPort(host.String(), port)
 	var netConn net.Conn
-	netConn, err = net.Dial(network, raddr)
+	netConn, err = dialWrapper(network, raddr)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("dial error: %s", err)
 	}
 	cfg.HandshakeState, err = noise.NewHandshakeState(cfg.Config)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("handshake state initialization error: %s", err)
 	}
 	laddr, err := ns.MatchAddr(&addr)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("transport mismatch error %s", err)
 	}
 	// cfg.Config.PeerEphemeral, err = AESDeObfuscateEphemeralKeys()
 	return &NoiseConn{
--- a/lib/transport/noise/noise_test.go
+++ b/lib/transport/noise/noise_test.go
@@ -1,40 +1,13 @@
 package noise
 import (
 	"log"
 	"os"
 	"path/filepath"
 	"testing"
 	"github.com/go-i2p/go-i2p/lib/common/router_info"
 )
-func TestEstablishment(t *testing.T) {
+func TestServer(t *testing.T) {
-	//	assert := assert.New(t)
+
 }
 func TestEstablishment(t *testing.T) {
 	if home, err := os.UserHomeDir(); err != nil {
 		t.Error("ERROR", err)
 	} else {
 		riFile := filepath.Join(home, ".i2p", "router.info")
 		if riBytes, err := os.ReadFile(riFile); err != nil {
 			t.Error("ERROR", err)
 		} else {
 			if ri, rem, err := router_info.ReadRouterInfo(riBytes); err != nil {
 				t.Error("ERROR", err)
 			} else {
 				log.Println(ri.String(), rem)
 				if ns, err := NewNoise(ri); err != nil {
 					t.Error("ERROR", err)
 				} else {
 					host := ns.LocalAddr()
 					log.Println("NOISE TEST", host)
 					if nl, err := ns.DialNoise(*ri.RouterAddresses()[0]); err != nil {
 						t.Error("ERROR", err)
 					} else {
 						defer nl.Close()
 					}
 				}
 			}
 		}
 	}
 }