Halaman utama Jelajahi Bantuan
Daftar Masuk
skyfffire
/
core-chain
1
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Pohon: 22659a7fea
Ranting Tag
core-chain
/
p2p
/
rlpx.go

rlpx.go 4.4 KB
Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169 
  1. package p2p
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"crypto/aes"
    6. 

  6. 	"crypto/cipher"
    7. 

  7. 	"crypto/hmac"
    8. 

  8. 	"errors"
    9. 

  9. 	"hash"
    10. 

  10. 	"io"
    11. 

  11. 

  12. 	"github.com/ethereum/go-ethereum/rlp"
    13. 

  13. )
    14. 

  14. 

  15. var (
    16. 

  16. 	// this is used in place of actual frame header data.
    17. 

  17. 	// TODO: replace this when Msg contains the protocol type code.
    18. 

  18. 	zeroHeader = []byte{0xC2, 0x80, 0x80}
    19. 

  19. 

  20. 	// sixteen zero bytes
    21. 

  21. 	zero16 = make([]byte, 16)
    22. 

  22. )
    23. 

  23. 

  24. // rlpxFrameRW implements a simplified version of RLPx framing.
    25. 

  25. // chunked messages are not supported and all headers are equal to
    26. 

  26. // zeroHeader.
    27. 

  27. //
    28. 

  28. // rlpxFrameRW is not safe for concurrent use from multiple goroutines.
    29. 

  29. type rlpxFrameRW struct {
    30. 

  30. 	conn io.ReadWriter
    31. 

  31. 	enc  cipher.Stream
    32. 

  32. 	dec  cipher.Stream
    33. 

  33. 

  34. 	macCipher  cipher.Block
    35. 

  35. 	egressMAC  hash.Hash
    36. 

  36. 	ingressMAC hash.Hash
    37. 

  37. }
    38. 

  38. 

  39. func newRlpxFrameRW(conn io.ReadWriter, s secrets) *rlpxFrameRW {
    40. 

  40. 	macc, err := aes.NewCipher(s.MAC)
    41. 

  41. 	if err != nil {
    42. 

  42. 		panic("invalid MAC secret: " + err.Error())
    43. 

  43. 	}
    44. 

  44. 	encc, err := aes.NewCipher(s.AES)
    45. 

  45. 	if err != nil {
    46. 

  46. 		panic("invalid AES secret: " + err.Error())
    47. 

  47. 	}
    48. 

  48. 	// we use an all-zeroes IV for AES because the key used
    49. 

  49. 	// for encryption is ephemeral.
    50. 

  50. 	iv := make([]byte, encc.BlockSize())
    51. 

  51. 	return &rlpxFrameRW{
    52. 

  52. 		conn:       conn,
    53. 

  53. 		enc:        cipher.NewCTR(encc, iv),
    54. 

  54. 		dec:        cipher.NewCTR(encc, iv),
    55. 

  55. 		macCipher:  macc,
    56. 

  56. 		egressMAC:  s.EgressMAC,
    57. 

  57. 		ingressMAC: s.IngressMAC,
    58. 

  58. 	}
    59. 

  59. }
    60. 

  60. 

  61. func (rw *rlpxFrameRW) WriteMsg(msg Msg) error {
    62. 

  62. 	ptype, _ := rlp.EncodeToBytes(msg.Code)
    63. 

  63. 

  64. 	// write header
    65. 

  65. 	headbuf := make([]byte, 32)
    66. 

  66. 	fsize := uint32(len(ptype)) + msg.Size
    67. 

  67. 	putInt24(fsize, headbuf) // TODO: check overflow
    68. 

  68. 	copy(headbuf[3:], zeroHeader)
    69. 

  69. 	rw.enc.XORKeyStream(headbuf[:16], headbuf[:16]) // first half is now encrypted
    70. 

  70. 

  71. 	// write header MAC
    72. 

  72. 	copy(headbuf[16:], updateMAC(rw.egressMAC, rw.macCipher, headbuf[:16]))
    73. 

  73. 	if _, err := rw.conn.Write(headbuf); err != nil {
    74. 

  74. 		return err
    75. 

  75. 	}
    76. 

  76. 

  77. 	// write encrypted frame, updating the egress MAC hash with
    78. 

  78. 	// the data written to conn.
    79. 

  79. 	tee := cipher.StreamWriter{S: rw.enc, W: io.MultiWriter(rw.conn, rw.egressMAC)}
    80. 

  80. 	if _, err := tee.Write(ptype); err != nil {
    81. 

  81. 		return err
    82. 

  82. 	}
    83. 

  83. 	if _, err := io.Copy(tee, msg.Payload); err != nil {
    84. 

  84. 		return err
    85. 

  85. 	}
    86. 

  86. 	if padding := fsize % 16; padding > 0 {
    87. 

  87. 		if _, err := tee.Write(zero16[:16-padding]); err != nil {
    88. 

  88. 			return err
    89. 

  89. 		}
    90. 

  90. 	}
    91. 

  91. 

  92. 	// write frame MAC. egress MAC hash is up to date because
    93. 

  93. 	// frame content was written to it as well.
    94. 

  94. 	fmacseed := rw.egressMAC.Sum(nil)
    95. 

  95. 	mac := updateMAC(rw.egressMAC, rw.macCipher, fmacseed)
    96. 

  96. 	_, err := rw.conn.Write(mac)
    97. 

  97. 	return err
    98. 

  98. }
    99. 

  99. 

  100. func (rw *rlpxFrameRW) ReadMsg() (msg Msg, err error) {
    101. 

  101. 	// read the header
    102. 

  102. 	headbuf := make([]byte, 32)
    103. 

  103. 	if _, err := io.ReadFull(rw.conn, headbuf); err != nil {
    104. 

  104. 		return msg, err
    105. 

  105. 	}
    106. 

  106. 	// verify header mac
    107. 

  107. 	shouldMAC := updateMAC(rw.ingressMAC, rw.macCipher, headbuf[:16])
    108. 

  108. 	if !hmac.Equal(shouldMAC, headbuf[16:]) {
    109. 

  109. 		return msg, errors.New("bad header MAC")
    110. 

  110. 	}
    111. 

  111. 	rw.dec.XORKeyStream(headbuf[:16], headbuf[:16]) // first half is now decrypted
    112. 

  112. 	fsize := readInt24(headbuf)
    113. 

  113. 	// ignore protocol type for now
    114. 

  114. 

  115. 	// read the frame content
    116. 

  116. 	var rsize = fsize // frame size rounded up to 16 byte boundary
    117. 

  117. 	if padding := fsize % 16; padding > 0 {
    118. 

  118. 		rsize += 16 - padding
    119. 

  119. 	}
    120. 

  120. 	framebuf := make([]byte, rsize)
    121. 

  121. 	if _, err := io.ReadFull(rw.conn, framebuf); err != nil {
    122. 

  122. 		return msg, err
    123. 

  123. 	}
    124. 

  124. 

  125. 	// read and validate frame MAC. we can re-use headbuf for that.
    126. 

  126. 	rw.ingressMAC.Write(framebuf)
    127. 

  127. 	fmacseed := rw.ingressMAC.Sum(nil)
    128. 

  128. 	if _, err := io.ReadFull(rw.conn, headbuf[:16]); err != nil {
    129. 

  129. 		return msg, err
    130. 

  130. 	}
    131. 

  131. 	shouldMAC = updateMAC(rw.ingressMAC, rw.macCipher, fmacseed)
    132. 

  132. 	if !hmac.Equal(shouldMAC, headbuf[:16]) {
    133. 

  133. 		return msg, errors.New("bad frame MAC")
    134. 

  134. 	}
    135. 

  135. 

  136. 	// decrypt frame content
    137. 

  137. 	rw.dec.XORKeyStream(framebuf, framebuf)
    138. 

  138. 

  139. 	// decode message code
    140. 

  140. 	content := bytes.NewReader(framebuf[:fsize])
    141. 

  141. 	if err := rlp.Decode(content, &msg.Code); err != nil {
    142. 

  142. 		return msg, err
    143. 

  143. 	}
    144. 

  144. 	msg.Size = uint32(content.Len())
    145. 

  145. 	msg.Payload = content
    146. 

  146. 	return msg, nil
    147. 

  147. }
    148. 

  148. 

  149. // updateMAC reseeds the given hash with encrypted seed.
    150. 

  150. // it returns the first 16 bytes of the hash sum after seeding.
    151. 

  151. func updateMAC(mac hash.Hash, block cipher.Block, seed []byte) []byte {
    152. 

  152. 	aesbuf := make([]byte, aes.BlockSize)
    153. 

  153. 	block.Encrypt(aesbuf, mac.Sum(nil))
    154. 

  154. 	for i := range aesbuf {
    155. 

  155. 		aesbuf[i] ^= seed[i]
    156. 

  156. 	}
    157. 

  157. 	mac.Write(aesbuf)
    158. 

  158. 	return mac.Sum(nil)[:16]
    159. 

  159. }
    160. 

  160. 

  161. func readInt24(b []byte) uint32 {
    162. 

  162. 	return uint32(b[2]) | uint32(b[1])<<8 | uint32(b[0])<<16
    163. 

  163. }
    164. 

  164. 

  165. func putInt24(v uint32, b []byte) {
    166. 

  166. 	b[0] = byte(v >> 16)
    167. 

  167. 	b[1] = byte(v >> 8)
    168. 

  168. 	b[2] = byte(v)
    169. 

  169. }
    170.