Browse Source

docs. better method name. remove unused code.

cl-refactor
subtly 10 years ago
parent
commit
5902a8c2b0
  1. 18
      libp2p/RLPxFrameIO.cpp
  2. 56
      libp2p/RLPxFrameIO.h

18
libp2p/RLPxFrameIO.cpp

@ -120,7 +120,7 @@ void RLPXFrameIO::writeSingleFramePacket(bytesConstRef _packet, bytes& o_bytes)
if (padding) if (padding)
m_frameEnc.ProcessData(paddingRef.data(), paddingRef.data(), padding); m_frameEnc.ProcessData(paddingRef.data(), paddingRef.data(), padding);
bytesRef packetWithPaddingRef(o_bytes.data() + 32, _packet.size() + padding); bytesRef packetWithPaddingRef(o_bytes.data() + 32, _packet.size() + padding);
updateEgressMACWithEndOfFrame(packetWithPaddingRef); updateEgressMACWithFrame(packetWithPaddingRef);
bytesRef macRef(o_bytes.data() + 32 + _packet.size() + padding, h128::size); bytesRef macRef(o_bytes.data() + 32 + _packet.size() + padding, h128::size);
egressDigest().ref().copyTo(macRef); egressDigest().ref().copyTo(macRef);
} }
@ -140,7 +140,7 @@ bool RLPXFrameIO::authAndDecryptHeader(bytesRef io)
bool RLPXFrameIO::authAndDecryptFrame(bytesRef io) bool RLPXFrameIO::authAndDecryptFrame(bytesRef io)
{ {
bytesRef cipherText(io.cropped(0, io.size() - h128::size)); bytesRef cipherText(io.cropped(0, io.size() - h128::size));
updateIngressMACWithEndOfFrame(cipherText); updateIngressMACWithFrame(cipherText);
bytesConstRef frameMac(io.data() + io.size() - h128::size, h128::size); bytesConstRef frameMac(io.data() + io.size() - h128::size, h128::size);
if (*(h128*)frameMac.data() != ingressDigest()) if (*(h128*)frameMac.data() != ingressDigest())
return false; return false;
@ -169,15 +169,10 @@ void RLPXFrameIO::updateEgressMACWithHeader(bytesConstRef _headerCipher)
updateMAC(m_egressMac, _headerCipher.cropped(0, 16)); updateMAC(m_egressMac, _headerCipher.cropped(0, 16));
} }
void RLPXFrameIO::updateEgressMACWithEndOfFrame(bytesConstRef _cipher) void RLPXFrameIO::updateEgressMACWithFrame(bytesConstRef _cipher)
{ {
m_egressMac.Update(_cipher.data(), _cipher.size()); m_egressMac.Update(_cipher.data(), _cipher.size());
updateMAC(m_egressMac); updateMAC(m_egressMac);
{
SHA3_256 prev(m_egressMac);
h128 digest;
prev.TruncatedFinal(digest.data(), h128::size);
}
} }
void RLPXFrameIO::updateIngressMACWithHeader(bytesConstRef _headerCipher) void RLPXFrameIO::updateIngressMACWithHeader(bytesConstRef _headerCipher)
@ -185,15 +180,10 @@ void RLPXFrameIO::updateIngressMACWithHeader(bytesConstRef _headerCipher)
updateMAC(m_ingressMac, _headerCipher.cropped(0, 16)); updateMAC(m_ingressMac, _headerCipher.cropped(0, 16));
} }
void RLPXFrameIO::updateIngressMACWithEndOfFrame(bytesConstRef _cipher) void RLPXFrameIO::updateIngressMACWithFrame(bytesConstRef _cipher)
{ {
m_ingressMac.Update(_cipher.data(), _cipher.size()); m_ingressMac.Update(_cipher.data(), _cipher.size());
updateMAC(m_ingressMac); updateMAC(m_ingressMac);
{
SHA3_256 prev(m_ingressMac);
h128 digest;
prev.TruncatedFinal(digest.data(), h128::size);
}
} }
void RLPXFrameIO::updateMAC(SHA3_256& _mac, bytesConstRef _seed) void RLPXFrameIO::updateMAC(SHA3_256& _mac, bytesConstRef _seed)

56
libp2p/RLPxFrameIO.h

@ -38,6 +38,10 @@ namespace p2p
class RLPXHandshake; class RLPXHandshake;
/**
* @brief Encoder/decoder transport for RLPx connections established by RLPXHandshake.
* Managed (via shared_ptr) socket for use by RLPXHandshake and RLPXFrameIO.
*/
class RLPXSocket: public std::enable_shared_from_this<RLPXSocket> class RLPXSocket: public std::enable_shared_from_this<RLPXSocket>
{ {
public: public:
@ -53,48 +57,68 @@ protected:
bi::tcp::socket m_socket; bi::tcp::socket m_socket;
}; };
/**
* @brief Encoder/decoder transport for RLPx connections established by RLPXHandshake.
*
* Thread Safety
* Distinct Objects: Safe.
* Shared objects: Unsafe.
*/
class RLPXFrameIO class RLPXFrameIO
{ {
friend class Session; friend class Session;
public: public:
/// Constructor.
/// Requires instance of RLPXHandshake which has completed first two phases of handshake.
RLPXFrameIO(RLPXHandshake const& _init); RLPXFrameIO(RLPXHandshake const& _init);
~RLPXFrameIO() {} ~RLPXFrameIO() {}
/// Encrypt _packet as RLPx frame.
void writeSingleFramePacket(bytesConstRef _packet, bytes& o_bytes); void writeSingleFramePacket(bytesConstRef _packet, bytes& o_bytes);
/// Authenticates and decrypts header in-place. /// Authenticate and decrypt header in-place.
bool authAndDecryptHeader(bytesRef io_cipherWithMac); bool authAndDecryptHeader(bytesRef io_cipherWithMac);
/// Authenticates and decrypts frame in-place. /// Authenticate and decrypt frame in-place.
bool authAndDecryptFrame(bytesRef io_cipherWithMac); bool authAndDecryptFrame(bytesRef io_cipherWithMac);
/// Return first 16 bytes of current digest from egress mac.
h128 egressDigest(); h128 egressDigest();
/// Return first 16 bytes of current digest from ingress mac.
h128 ingressDigest(); h128 ingressDigest();
protected:
/// Update state of egress MAC with frame header.
void updateEgressMACWithHeader(bytesConstRef _headerCipher); void updateEgressMACWithHeader(bytesConstRef _headerCipher);
/// Update state of egress MAC with frame.
void updateEgressMACWithFrame(bytesConstRef _cipher);
void updateEgressMACWithEndOfFrame(bytesConstRef _cipher); /// Update state of ingress MAC with frame header.
void updateIngressMACWithHeader(bytesConstRef _headerCipher); void updateIngressMACWithHeader(bytesConstRef _headerCipher);
void updateIngressMACWithEndOfFrame(bytesConstRef _cipher); /// Update state of ingress MAC with frame.
void updateIngressMACWithFrame(bytesConstRef _cipher);
protected:
bi::tcp::socket& socket() { return m_socket->ref(); } bi::tcp::socket& socket() { return m_socket->ref(); }
private: private:
/// Update state of _mac.
void updateMAC(CryptoPP::SHA3_256& _mac, bytesConstRef _seed = bytesConstRef()); void updateMAC(CryptoPP::SHA3_256& _mac, bytesConstRef _seed = bytesConstRef());
CryptoPP::SecByteBlock m_frameEncKey; CryptoPP::SecByteBlock m_frameEncKey; ///< Key for m_frameEnc
CryptoPP::SecByteBlock m_frameDecKey; CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameEnc; ///< Encoder for egress plaintext.
CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameEnc;
CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameDec; CryptoPP::SecByteBlock m_frameDecKey; ///< Key for m_frameDec
CryptoPP::SecByteBlock m_macEncKey; CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameDec; ///< Decoder for egress plaintext.
CryptoPP::ECB_Mode<CryptoPP::AES>::Encryption m_macEnc;
Mutex x_macEnc; CryptoPP::SecByteBlock m_macEncKey; /// Key for m_macEnd
CryptoPP::SHA3_256 m_egressMac; CryptoPP::ECB_Mode<CryptoPP::AES>::Encryption m_macEnc; /// One-way coder used by updateMAC for ingress and egress MAC updates.
CryptoPP::SHA3_256 m_ingressMac; Mutex x_macEnc; /// Mutex
CryptoPP::SHA3_256 m_egressMac; ///< State of MAC for egress ciphertext.
CryptoPP::SHA3_256 m_ingressMac; ///< State of MAC for ingress ciphertext.
std::shared_ptr<RLPXSocket> m_socket; std::shared_ptr<RLPXSocket> m_socket;
}; };

Loading…
Cancel
Save