Browse Source

don't deallocate keys

cl-refactor
subtly 10 years ago
parent
commit
d6c37b7562
  1. 17
      libp2p/RLPxFrameIO.cpp
  2. 7
      libp2p/RLPxFrameIO.h

17
libp2p/RLPxFrameIO.cpp

@ -57,16 +57,19 @@ RLPXFrameIO::RLPXFrameIO(RLPXHandshake const& _init): m_socket(_init.m_socket)
// aes-secret = sha3(ecdhe-shared-secret || shared-secret)
sha3(keyMaterial, outRef); // output aes-secret
SecByteBlock aesSecretEnc(outRef.data(), h128::size);
SecByteBlock aesSecretDec(outRef.data(), h128::size);
SecByteBlock emptyIV(h128::size);
m_frameEnc.SetKeyWithIV(aesSecretEnc, h128::size, emptyIV);
m_frameDec.SetKeyWithIV(aesSecretDec, h128::size, emptyIV);
m_frameEncKey.resize(h128::size);
memcpy(m_frameEncKey.data(), outRef.data(), h128::size);
m_frameDecKey.resize(h128::size);
memcpy(m_frameDecKey.data(), outRef.data(), h128::size);
h128 iv;
m_frameEnc.SetKeyWithIV(m_frameEncKey, h128::size, iv.data());
m_frameDec.SetKeyWithIV(m_frameDecKey, h128::size, iv.data());
// mac-secret = sha3(ecdhe-shared-secret || aes-secret)
sha3(keyMaterial, outRef); // output mac-secret
SecByteBlock macSecret(outRef.data(), h128::size);
m_macEnc.SetKey(macSecret, h128::size);
m_macEncKey.resize(h128::size);
memcpy(m_macEncKey.data(), outRef.data(), h128::size);
m_macEnc.SetKey(m_macEncKey, h128::size);
// Initiator egress-mac: sha3(mac-secret^recipient-nonce || auth-sent-init)
// ingress-mac: sha3(mac-secret^initiator-nonce || auth-recvd-ack)

7
libp2p/RLPxFrameIO.h

@ -86,15 +86,18 @@ protected:
private:
void updateMAC(CryptoPP::SHA3_256& _mac, bytesConstRef _seed = bytesConstRef());
CryptoPP::SecByteBlock m_frameEncKey;
CryptoPP::SecByteBlock m_frameDecKey;
CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameEnc;
CryptoPP::CTR_Mode<CryptoPP::AES>::Encryption m_frameDec;
Mutex x_macEnc;
CryptoPP::SecByteBlock m_macEncKey;
CryptoPP::ECB_Mode<CryptoPP::AES>::Encryption m_macEnc;
Mutex x_macEnc;
CryptoPP::SHA3_256 m_egressMac;
CryptoPP::SHA3_256 m_ingressMac;
std::shared_ptr<RLPXSocket> m_socket;
};
}
}
Loading…
Cancel
Save