func (mod *module) introduceVia(router *e3x.Exchange, to hashname.H) error {
localIdent, err := mod.e.LocalIdentity()
if err != nil {
return err
}
keys := localIdent.Keys()
parts := hashname.PartsFromKeys(keys)
for csid, key := range keys {
inner := lob.New(key.Public())
for partCSID, part := range parts {
if partCSID == csid {
inner.Header().SetBool(hex.EncodeToString([]byte{partCSID}), true)
} else {
inner.Header().SetString(hex.EncodeToString([]byte{partCSID}), part)
}
}
body, err := lob.Encode(inner)
if err != nil {
return err
}
err = mod.peerVia(router, to, body)
if err != nil {
return err
}
}
return nil
}
func (s *state) EncryptHandshake(at uint32, compact cipherset.Parts) ([]byte, error) {
pkt := lob.New(s.localKey.Public())
compact.ApplyToHeader(pkt.Header())
pkt.Header().SetUint32("at", at)
data, err := lob.Encode(pkt)
if err != nil {
return nil, err
}
return s.EncryptMessage(data.Get(nil))
}
func (s *state) EncryptPacket(pkt *lob.Packet) (*lob.Packet, error) {
s.mtx.RLock()
defer s.mtx.RUnlock()
var (
outer *lob.Packet
inner *bufpool.Buffer
body *bufpool.Buffer
bodyRaw []byte
nonce [lenNonce]byte
ctLen int
err error
)
if !s.CanEncryptPacket() {
return nil, cipherset.ErrInvalidState
}
if pkt == nil {
return nil, nil
}
// encode inner packet
inner, err = lob.Encode(pkt)
if err != nil {
return nil, err
}
// make nonce
copy(nonce[:], s.pktNoncePrefix[:])
nonceSuffix := atomic.AddUint64(&s.pktNonceSuffix, 1)
binary.BigEndian.PutUint64(nonce[16:], nonceSuffix)
// alloc enough space
body = bufpool.New().SetLen(lenToken + lenNonce + inner.Len() + box.Overhead)
bodyRaw = body.RawBytes()
// copy token
copy(bodyRaw[:lenToken], s.remoteToken[:])
// copy nonce
copy(bodyRaw[lenToken:lenToken+lenNonce], nonce[:])
// encrypt inner packet
ctLen = len(box.SealAfterPrecomputation(
bodyRaw[lenToken+lenNonce:lenToken+lenNonce], inner.RawBytes(), &nonce, s.lineEncryptionKey))
body.SetLen(lenToken + lenNonce + ctLen)
outer = lob.New(body.RawBytes())
inner.Free()
body.Free()
return outer, nil
}
func (s *state) EncryptPacket(pkt *lob.Packet) (*lob.Packet, error) {
s.mtx.RLock()
defer s.mtx.RUnlock()
var (
outer *lob.Packet
inner *bufpool.Buffer
body *bufpool.Buffer
bodyRaw []byte
nonce [16]byte
ctLen int
err error
)
if !s.CanEncryptPacket() {
return nil, cipherset.ErrInvalidState
}
if pkt == nil {
return nil, nil
}
// encode inner packet
inner, err = lob.Encode(pkt)
if err != nil {
return nil, err
}
ctLen = inner.Len()
// make nonce
_, err = io.ReadFull(rand.Reader, nonce[:4])
if err != nil {
return nil, err
}
// alloc enough space
body = bufpool.New().SetLen(16 + 4 + ctLen + 4)
bodyRaw = body.RawBytes()
// copy token
copy(bodyRaw[:16], (*s.remoteToken)[:])
// copy nonce
copy(bodyRaw[16:16+4], nonce[:])
{ // encrypt inner
aesBlock, err := aes.NewCipher(s.lineEncryptionKey)
if err != nil {
return nil, err
}
aes := Cipher.NewCTR(aesBlock, nonce[:])
if aes == nil {
return nil, cipherset.ErrInvalidMessage
}
aes.XORKeyStream(bodyRaw[16+4:16+4+ctLen], inner.RawBytes())
}
{ // compute HMAC
macKey := append(s.lineEncryptionKey, bodyRaw[16:16+4]...)
h := hmac.New(sha256.New, macKey)
h.Write(bodyRaw[16+4 : 16+4+ctLen])
sum := h.Sum(nil)
copy(bodyRaw[16+4+ctLen:], fold(sum, 4))
}
outer = lob.New(body.RawBytes())
inner.Free()
body.Free()
return outer, nil
}