Merge pull request #498 from ethcore/eip8

EIP-8
openethereum · Feb 27, 2016 · 22a2de9 · 22a2de9
2 parents 734adf0 + 4bdd526
commit 22a2de9
Show file tree

Hide file tree

Showing 4 changed files with 432 additions and 61 deletions.
diff --git a/util/src/crypto.rs b/util/src/crypto.rs
@@ -254,7 +254,7 @@ pub mod ecies {
 	use crypto::*;
 
 	/// Encrypt a message with a public key
-	pub fn encrypt(public: &Public, plain: &[u8]) -> Result<Bytes, CryptoError> {
+	pub fn encrypt(public: &Public, shared_mac: &[u8], plain: &[u8]) -> Result<Bytes, CryptoError> {
 		use ::rcrypto::digest::Digest;
 		use ::rcrypto::sha2::Sha256;
 		use ::rcrypto::hmac::Hmac;
@@ -284,13 +284,14 @@ pub mod ecies {
 				let cipher_iv = &msgd[64..(64 + 16 + plain.len())];
 				hmac.input(cipher_iv);
 			}
+			hmac.input(shared_mac);
 			hmac.raw_result(&mut msgd[(64 + 16 + plain.len())..]);
 		}
 		Ok(msg)
 	}
 
 	/// Decrypt a message with a secret key
-	pub fn decrypt(secret: &Secret, encrypted: &[u8]) -> Result<Bytes, CryptoError> {
+	pub fn decrypt(secret: &Secret, shared_mac: &[u8], encrypted: &[u8]) -> Result<Bytes, CryptoError> {
 		use ::rcrypto::digest::Digest;
 		use ::rcrypto::sha2::Sha256;
 		use ::rcrypto::hmac::Hmac;
@@ -322,6 +323,7 @@ pub mod ecies {
 		// Verify tag
 		let mut hmac = Hmac::new(Sha256::new(), &mkey);
 		hmac.input(cipher_with_iv);
+		hmac.input(shared_mac);
 		let mut mac = H256::new();
 		hmac.raw_result(&mut mac);
 		if &mac[..] != msg_mac {
@@ -405,4 +407,20 @@ mod tests {
 		let pair = KeyPair::from_secret(h256_from_hex("6f7b0d801bc7b5ce7bbd930b84fd0369b3eb25d09be58d64ba811091046f3aa2")).unwrap();
 		assert_eq!(pair.public().hex(), "101b3ef5a4ea7a1c7928e24c4c75fd053c235d7b80c22ae5c03d145d0ac7396e2a4ffff9adee3133a7b05044a5cee08115fd65145e5165d646bde371010d803c");
 	}
+
+	#[test]
+	fn ecies_shared() {
+		let kp = KeyPair::create().unwrap();
+		let message = b"So many books, so little time";
+
+		let shared = b"shared";
+		let wrong_shared = b"incorrect";
+		let encrypted = ecies::encrypt(kp.public(), shared, message).unwrap();
+		assert!(encrypted[..] != message[..]);
+		assert_eq!(encrypted[0], 0x04);
+
+		assert!(ecies::decrypt(kp.secret(), wrong_shared, &encrypted).is_err());
+		let decrypted = ecies::decrypt(kp.secret(), shared, &encrypted).unwrap();
+		assert_eq!(decrypted[..message.len()], message[..]);
+	}
 }
diff --git a/util/src/network/connection.rs b/util/src/network/connection.rs
@@ -279,7 +279,7 @@ impl EncryptedConnection {
 
 	/// Create an encrypted connection out of the handshake. Consumes a handshake object.
 	pub fn new(handshake: &mut Handshake) -> Result<EncryptedConnection, UtilError> {
-		let shared = try!(crypto::ecdh::agree(handshake.ecdhe.secret(), &handshake.remote_public));
+		let shared = try!(crypto::ecdh::agree(handshake.ecdhe.secret(), &handshake.remote_ephemeral));
 		let mut nonce_material = H512::new();
 		if handshake.originated {
 			handshake.remote_nonce.copy_to(&mut nonce_material[0..32]);

diff --git a/util/src/network/discovery.rs b/util/src/network/discovery.rs
@@ -85,7 +85,8 @@ pub struct Discovery {
 	discovery_id: NodeId,
 	discovery_nodes: HashSet<NodeId>,
 	node_buckets: Vec<NodeBucket>,
-	send_queue: VecDeque<Datagramm>
+	send_queue: VecDeque<Datagramm>,
+	check_timestamps: bool,
 }
 
 pub struct TableUpdates {
@@ -107,6 +108,7 @@ impl Discovery {
 			node_buckets: (0..NODE_BINS).map(|_| NodeBucket::new()).collect(),
 			udp_socket: socket,
 			send_queue: VecDeque::new(),
+			check_timestamps: true,
 		}
 	}
 
@@ -344,20 +346,20 @@ impl Discovery {
 		}
 	}
 
+	fn check_timestamp(&self, timestamp: u64) -> Result<(), NetworkError> {
+		if self.check_timestamps && timestamp < time::get_time().sec as u64{
+			debug!(target: "discovery", "Expired packet");
+			return Err(NetworkError::Expired);
+		}
+		Ok(())
+	}
+
 	fn on_ping(&mut self, rlp: &UntrustedRlp, node: &NodeId, from: &SocketAddr) -> Result<Option<TableUpdates>, NetworkError> {
 		trace!(target: "discovery", "Got Ping from {:?}", &from);
-		let version: u32 = try!(rlp.val_at(0));
-		if version != PROTOCOL_VERSION {
-			debug!(target: "discovery", "Unexpected protocol version: {}", version);
-			return Err(NetworkError::BadProtocol);
-		}
 		let source = try!(NodeEndpoint::from_rlp(&try!(rlp.at(1))));
 		let dest = try!(NodeEndpoint::from_rlp(&try!(rlp.at(2))));
 		let timestamp: u64 = try!(rlp.val_at(3));
-		if timestamp < time::get_time().sec as u64{
-			debug!(target: "discovery", "Expired ping");
-			return Err(NetworkError::Expired);
-		}
+		try!(self.check_timestamp(timestamp));
 		let mut added_map = HashMap::new();
 		let entry = NodeEntry { id: node.clone(), endpoint: source.clone() };
 		if !entry.endpoint.is_valid() || !entry.endpoint.is_global() {
@@ -381,9 +383,7 @@ impl Discovery {
 		// TODO: validate pong packet
 		let dest = try!(NodeEndpoint::from_rlp(&try!(rlp.at(0))));
 		let timestamp: u64 = try!(rlp.val_at(2));
-		if timestamp < time::get_time().sec as u64 {
-			return Err(NetworkError::Expired);
-		}
+		try!(self.check_timestamp(timestamp));
 		let mut entry = NodeEntry { id: node.clone(), endpoint: dest };
 		if !entry.endpoint.is_valid() {
 			debug!(target: "discovery", "Bad address: {:?}", entry);
@@ -399,10 +399,7 @@ impl Discovery {
 		trace!(target: "discovery", "Got FindNode from {:?}", &from);
 		let target: NodeId = try!(rlp.val_at(0));
 		let timestamp: u64 = try!(rlp.val_at(1));
-		if timestamp < time::get_time().sec as u64 {
-			return Err(NetworkError::Expired);
-		}
-
+		try!(self.check_timestamp(timestamp));
 		let limit = (MAX_DATAGRAM_SIZE - 109) / 90;
 		let nearest = Discovery::nearest_node_entries(&target, &self.node_buckets);
 		if nearest.is_empty() {
@@ -501,6 +498,7 @@ mod tests {
 	use network::node_table::*;
 	use crypto::KeyPair;
 	use std::str::FromStr;
+	use rustc_serialize::hex::FromHex;
 
 	#[test]
 	fn discovery() {
@@ -540,7 +538,7 @@ mod tests {
 	#[test]
 	fn removes_expired() {
 		let key = KeyPair::create().unwrap();
-		let ep = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40446").unwrap(), udp_port: 40444 };
+		let ep = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40446").unwrap(), udp_port: 40447 };
 		let mut discovery = Discovery::new(&key, ep.address.clone(), ep.clone(), 0);
 		for _ in 0..1200 {
 			discovery.add_node(NodeEntry { id: NodeId::random(), endpoint: ep.clone() });
@@ -549,4 +547,70 @@ mod tests {
 		let removed = discovery.check_expired(true).len();
 		assert!(removed > 0);
 	}
+
+	#[test]
+	fn packets() {
+		let key = KeyPair::create().unwrap();
+		let ep = NodeEndpoint { address: SocketAddr::from_str("127.0.0.1:40447").unwrap(), udp_port: 40447 };
+		let mut discovery = Discovery::new(&key, ep.address.clone(), ep.clone(), 0);
+		discovery.check_timestamps = false;
+		let from = SocketAddr::from_str("99.99.99.99:40445").unwrap();
+
+		let packet = "\
+		e9614ccfd9fc3e74360018522d30e1419a143407ffcce748de3e22116b7e8dc92ff74788c0b6663a\
+		aa3d67d641936511c8f8d6ad8698b820a7cf9e1be7155e9a241f556658c55428ec0563514365799a\
+		4be2be5a685a80971ddcfa80cb422cdd0101ec04cb847f000001820cfa8215a8d790000000000000\
+		000000000000000000018208ae820d058443b9a3550102\
+		".from_hex().unwrap();
+		assert!(discovery.on_packet(&packet, from.clone()).is_ok());
+
+		let packet = "\
+		577be4349c4dd26768081f58de4c6f375a7a22f3f7adda654d1428637412c3d7fe917cadc56d4e5e\
+		7ffae1dbe3efffb9849feb71b262de37977e7c7a44e677295680e9e38ab26bee2fcbae207fba3ff3\
+		d74069a50b902a82c9903ed37cc993c50001f83e82022bd79020010db83c4d001500000000abcdef\
+		12820cfa8215a8d79020010db885a308d313198a2e037073488208ae82823a8443b9a355c5010203\
+		040531b9019afde696e582a78fa8d95ea13ce3297d4afb8ba6433e4154caa5ac6431af1b80ba7602\
+		3fa4090c408f6b4bc3701562c031041d4702971d102c9ab7fa5eed4cd6bab8f7af956f7d565ee191\
+		7084a95398b6a21eac920fe3dd1345ec0a7ef39367ee69ddf092cbfe5b93e5e568ebc491983c09c7\
+		6d922dc3\
+		".from_hex().unwrap();
+		assert!(discovery.on_packet(&packet, from.clone()).is_ok());
+
+		let packet = "\
+		09b2428d83348d27cdf7064ad9024f526cebc19e4958f0fdad87c15eb598dd61d08423e0bf66b206\
+		9869e1724125f820d851c136684082774f870e614d95a2855d000f05d1648b2d5945470bc187c2d2\
+		216fbe870f43ed0909009882e176a46b0102f846d79020010db885a308d313198a2e037073488208\
+		ae82823aa0fbc914b16819237dcd8801d7e53f69e9719adecb3cc0e790c57e91ca4461c9548443b9\
+		a355c6010203c2040506a0c969a58f6f9095004c0177a6b47f451530cab38966a25cca5cb58f0555
+		42124e\
+		".from_hex().unwrap();
+		assert!(discovery.on_packet(&packet, from.clone()).is_ok());
+
+		let packet = "\
+		c7c44041b9f7c7e41934417ebac9a8e1a4c6298f74553f2fcfdcae6ed6fe53163eb3d2b52e39fe91\
+		831b8a927bf4fc222c3902202027e5e9eb812195f95d20061ef5cd31d502e47ecb61183f74a504fe\
+		04c51e73df81f25c4d506b26db4517490103f84eb840ca634cae0d49acb401d8a4c6b6fe8c55b70d\
+		115bf400769cc1400f3258cd31387574077f301b421bc84df7266c44e9e6d569fc56be0081290476\
+		7bf5ccd1fc7f8443b9a35582999983999999280dc62cc8255c73471e0a61da0c89acdc0e035e260a\
+		dd7fc0c04ad9ebf3919644c91cb247affc82b69bd2ca235c71eab8e49737c937a2c396\
+		".from_hex().unwrap();
+		assert!(discovery.on_packet(&packet, from.clone()).is_ok());
+
+		let packet = "\
+		c679fc8fe0b8b12f06577f2e802d34f6fa257e6137a995f6f4cbfc9ee50ed3710faf6e66f932c4c8\
+		d81d64343f429651328758b47d3dbc02c4042f0fff6946a50f4a49037a72bb550f3a7872363a83e1\
+		b9ee6469856c24eb4ef80b7535bcf99c0004f9015bf90150f84d846321163782115c82115db84031\
+		55e1427f85f10a5c9a7755877748041af1bcd8d474ec065eb33df57a97babf54bfd2103575fa8291\
+		15d224c523596b401065a97f74010610fce76382c0bf32f84984010203040101b840312c55512422\
+		cf9b8a4097e9a6ad79402e87a15ae909a4bfefa22398f03d20951933beea1e4dfa6f968212385e82\
+		9f04c2d314fc2d4e255e0d3bc08792b069dbf8599020010db83c4d001500000000abcdef12820d05\
+		820d05b84038643200b172dcfef857492156971f0e6aa2c538d8b74010f8e140811d53b98c765dd2\
+		d96126051913f44582e8c199ad7c6d6819e9a56483f637feaac9448aacf8599020010db885a308d3\
+		13198a2e037073488203e78203e8b8408dcab8618c3253b558d459da53bd8fa68935a719aff8b811\
+		197101a4b2b47dd2d47295286fc00cc081bb542d760717d1bdd6bec2c37cd72eca367d6dd3b9df73\
+		8443b9a355010203b525a138aa34383fec3d2719a0\
+		".from_hex().unwrap();
+		assert!(discovery.on_packet(&packet, from.clone()).is_ok());
+	}
+
 }