path-build tweaking, DRYing out path messages generally

oxen-io · Oct 25, 2024 · bfd6006 · bfd6006
1 parent 0805844
commit bfd6006
Show file tree

Hide file tree

Showing 9 changed files with 34 additions and 27 deletions.
diff --git a/llarp/crypto/crypto.cpp b/llarp/crypto/crypto.cpp
@@ -262,9 +262,12 @@ namespace llarp
     }
 
     void crypto::derive_decrypt_outer_wrapping(
-        const Ed25519SecretKey& local_sk, const PubKey& remote, const SymmNonce& nonce, uspan encrypted)
+        const Ed25519SecretKey& local_sk,
+        SharedSecret& shared,
+        const PubKey& remote,
+        const SymmNonce& nonce,
+        uspan encrypted)
     {
-        SharedSecret shared;
         // derive shared secret using ephemeral pubkey and our secret key (and nonce)
         if (!crypto::dh_server(shared, remote, local_sk, nonce))
         {

diff --git a/llarp/crypto/crypto.hpp b/llarp/crypto/crypto.hpp
@@ -73,7 +73,11 @@ namespace llarp
         /// pubkey and the provided nonce. The encrypted payload is mutated in-place. Will throw on failure of either
         /// the server DH derivation or the xchacha20 payload mutation
         void derive_decrypt_outer_wrapping(
-            const Ed25519SecretKey& local, const PubKey& remote, const SymmNonce& nonce, uspan encrypted);
+            const Ed25519SecretKey& local,
+            SharedSecret& shared,
+            const PubKey& remote,
+            const SymmNonce& nonce,
+            uspan encrypted);
 
         bool make_scalar(AlignedBuffer<32>& out, const PubKey& k, uint64_t i);
 

diff --git a/llarp/link/link_manager.cpp b/llarp/link/link_manager.cpp
@@ -1267,16 +1267,16 @@ namespace llarp
             log::trace(logcat, "Deserializing frame: {}", buffer_printer{frames.front()});
 
             SymmNonce nonce;
-            PubKey remote_pk;
             ustring hop_payload;
+            SharedSecret shared;
 
-            std::tie(nonce, remote_pk, hop_payload) =
+            std::tie(nonce, shared, hop_payload) =
                 PathBuildMessage::deserialize_hop(oxenc::bt_dict_consumer{frames.front()}, _router.identity());
 
             log::trace(logcat, "Deserializing hop payload: {}", buffer_printer{hop_payload});
 
             auto hop = path::TransitHop::deserialize_hop(
-                oxenc::bt_dict_consumer{hop_payload}, from, _router, remote_pk, nonce);
+                oxenc::bt_dict_consumer{hop_payload}, from, _router, std::move(shared));
 
             hop->started = _router.now();
             set_conn_persist(hop->downstream(), hop->expiry_time() + 10s);

diff --git a/llarp/messages/common.hpp b/llarp/messages/common.hpp
@@ -48,6 +48,8 @@ namespace llarp
             return std::move(btdp).str();
         }
 
+        // inline static std::string serialize(const SymmNonce& nonce, std::string_view)
+
         inline static std::string serialize(const SymmNonce& nonce, const HopID& hop_id, const ustring_view& payload)
         {
             return serialize(

diff --git a/llarp/messages/path.hpp b/llarp/messages/path.hpp
@@ -122,8 +122,8 @@ namespace llarp
             - Generate the XOR nonce by hashing the symmetric key from DH (`hop.shared`) and truncating
 
             Bt-encoded contents:
+            - 'k' : shared pubkey used to derive symmetric key
             - 'n' : symmetric nonce used for DH key-exchange
-            - 's' : shared pubkey used to derive symmetric key
             - 'x' : encrypted payload
                 - 'l' : path lifetime
                 - 'r' : rxID (the path ID for messages going *to* the hop)
@@ -171,26 +171,26 @@ namespace llarp
                 buffer_printer{hop_payload});
 
             oxenc::bt_dict_producer btdp;
-
+            btdp.append("k", ephemeral_key.to_pubkey().to_view());
             btdp.append("n", hop.nonce.to_view());
-            btdp.append("s", ephemeral_key.to_pubkey().to_view());
             btdp.append("x", hop_payload);
 
             return std::move(btdp).str();
         }
 
-        inline static std::tuple<SymmNonce, PubKey, ustring> deserialize_hop(
+        inline static std::tuple<SymmNonce, SharedSecret, ustring> deserialize_hop(
             oxenc::bt_dict_consumer&& btdc, const Ed25519SecretKey& local_sk)
         {
             SymmNonce nonce;
             PubKey remote_pk;
             ustring hop_payload;
+            SharedSecret shared;
 
             try
             {
+                remote_pk.from_string(btdc.require<std::string_view>("k"));
                 nonce.from_string(btdc.require<std::string_view>("n"));
-                remote_pk.from_string(btdc.require<std::string_view>("s"));
-                hop_payload = btdc.require<ustring>("x");
+                hop_payload = btdc.require<ustring_view>("x");
             }
             catch (const std::exception& e)
             {
@@ -207,7 +207,7 @@ namespace llarp
 
             try
             {
-                crypto::derive_decrypt_outer_wrapping(local_sk, remote_pk, nonce, to_uspan(hop_payload));
+                crypto::derive_decrypt_outer_wrapping(local_sk, shared, remote_pk, nonce, to_uspan(hop_payload));
             }
             catch (...)
             {
@@ -222,7 +222,7 @@ namespace llarp
                 remote_pk.to_string(),
                 buffer_printer{hop_payload});
 
-            return {std::move(nonce), std::move(remote_pk), std::move(hop_payload)};
+            return {std::move(nonce), std::move(shared), std::move(hop_payload)};
         }
     }  // namespace PathBuildMessage
 }  // namespace llarp
diff --git a/llarp/messages/session.hpp b/llarp/messages/session.hpp
@@ -82,14 +82,15 @@ namespace llarp
             SymmNonce nonce;
             RouterID shared_pubkey;
             ustring payload;
+            SharedSecret shared;
 
             try
             {
                 nonce = SymmNonce::make(btdc.require<std::string>("n"));
                 shared_pubkey = RouterID{btdc.require<std::string>("s")};
                 payload = btdc.require<ustring>("x");
 
-                crypto::derive_decrypt_outer_wrapping(local, shared_pubkey, nonce, to_uspan(payload));
+                crypto::derive_decrypt_outer_wrapping(local, shared, shared_pubkey, nonce, to_uspan(payload));
 
                 {
                     RouterID remote;

diff --git a/llarp/path/path_handler.cpp b/llarp/path/path_handler.cpp
@@ -555,7 +555,7 @@ namespace llarp::path
         // the same entity from knowing they are part of the same path
         // (unless they're adjacent in the path; nothing we can do about that obviously).
 
-        // i from n_hops downto 0
+        // i from n_hops down to 0
         for (int i = n_hops - 1; i >= 0; --i)
         {
             const auto& next_rid = i == n_hops - 1 ? path_hops[i].rc.router_id() : path_hops[i + 1].rc.router_id();

diff --git a/llarp/path/transit_hop.cpp b/llarp/path/transit_hop.cpp
@@ -10,7 +10,7 @@ namespace llarp::path
     static auto logcat = log::Cat("transit-hop");
 
     std::shared_ptr<TransitHop> TransitHop::deserialize_hop(
-        oxenc::bt_dict_consumer&& btdc, const RouterID& src, Router& r, const PubKey& remote_pk, const SymmNonce& nonce)
+        oxenc::bt_dict_consumer&& btdc, const RouterID& src, Router& r, SharedSecret secret)
     {
         auto hop = std::make_shared<TransitHop>();
 
@@ -34,13 +34,14 @@ namespace llarp::path
             throw std::runtime_error{PathBuildMessage::BAD_LIFETIME};
 
         hop->downstream() = src;
+        hop->shared = std::move(secret);
 
         if (r.path_context()->has_transit_hop(hop))
             throw std::runtime_error{PathBuildMessage::BAD_PATHID};
 
         // TODO: get this from the first dh
-        if (!crypto::dh_server(hop->shared, remote_pk, r.identity(), nonce))
-            throw std::runtime_error{PathBuildMessage::BAD_CRYPTO};
+        // if (!crypto::dh_server(hop->shared, remote_pk, r.identity(), nonce))
+        //     throw std::runtime_error{PathBuildMessage::BAD_CRYPTO};
 
         // generate hash of hop key for nonce mutation
         ShortHash xor_hash;

diff --git a/llarp/path/transit_hop.hpp b/llarp/path/transit_hop.hpp
@@ -27,19 +27,15 @@ namespace llarp
             // This static factory function is used in path-build logic. The exceptions thrown are the exact response
             // bodies passed to message::respond(...) function
             static std::shared_ptr<TransitHop> deserialize_hop(
-                oxenc::bt_dict_consumer&& btdc,
-                const RouterID& src,
-                Router& r,
-                const PubKey& remote_pk,
-                const SymmNonce& nonce);
+                oxenc::bt_dict_consumer&& btdc, const RouterID& src, Router& r, SharedSecret secret);
 
             SharedSecret shared;
             SymmNonce nonceXOR;
-            std::chrono::milliseconds started = 0s;
+            std::chrono::milliseconds started{0s};
             // 10 minutes default
-            std::chrono::milliseconds lifetime = DEFAULT_LIFETIME;
+            std::chrono::milliseconds lifetime{DEFAULT_LIFETIME};
             uint8_t version;
-            std::chrono::milliseconds _last_activity = 0s;
+            std::chrono::milliseconds _last_activity{0s};
             bool terminal_hop{false};
 
             RouterID& upstream() { return _upstream; }