debugged transport of encrypted items. Still needs work.

2024-10-01 02:35:48 -04:00 · 2016-02-15 23:24:18 -05:00 · 2016-02-15 23:24:18 -05:00 · 763108f5fa
commit 763108f5fa
parent 0513e71c68
3 changed files with 42 additions and 7 deletions
--- a/libretroshare/src/gxs/rsgxsnetservice.cc
+++ b/libretroshare/src/gxs/rsgxsnetservice.cc
@ -2140,7 +2140,21 @@ void RsGxsNetService::processTransactions()
                    sendItem(trans);

                    // move to completed transactions
-                    mComplTransactions.push_back(tr);
+                    
+                    // try to decrypt, if needed. This function returns true if the transaction is not encrypted.
+                    
+                    if(decryptTransaction(tr))
+                    {
+#ifdef NXS_NET_DEBUG_7
+                        GXSNETDEBUG_P_(tr->mTransaction->PeerId()) << "   successfully decrypted transaction " << transN << std::endl;
+#endif
+			    mComplTransactions.push_back(tr);
+                    }
+#ifdef NXS_NET_DEBUG_7
+                    else
+                        GXSNETDEBUG_P_(tr->mTransaction->PeerId()) << "   no decryption occurred in transaction " << transN << std::endl;
+#endif
+                    
 #ifdef NXS_NET_DEBUG_1
                    int total_transaction_time = (int)time(NULL) - (tr->mTimeOut - mTransactionTimeOut) ;
                    GXSNETDEBUG_P_(mit->first) << "    incoming completed " << tr->mTransaction->nItems << " items transaction in " << total_transaction_time << " seconds." << std::endl;
@ -3465,6 +3479,8 @@ bool RsGxsNetService::encryptTransaction(NxsTransaction *tr)
 #endif
    GxsSecurity::MultiEncryptionContext muctx ; 
    GxsSecurity::initEncryption(muctx,recipient_keys);
+    
+    uint32_t trNumber = 0 ;
            
    // 3 - serialise and encrypt each message, converting it into a NxsEncryptedDataItem
    
@ -3494,7 +3510,10 @@ bool RsGxsNetService::encryptTransaction(NxsTransaction *tr)
        
        enc_item->aes_encrypted_data.bin_len  = encrypted_len ;
        enc_item->aes_encrypted_data.bin_data = encrypted_data ;
-        enc_item->aes_encrypted_data.tlvtype  = TLV_TYPE_BIN_ENCRYPTED ;
+        enc_item->transactionNumber = (*it)->transactionNumber ;
+        enc_item->PeerId((*it)->PeerId()) ;
+        
+        trNumber= (*it)->transactionNumber ;
        
        encrypted_items.push_back(enc_item) ;
 #ifdef NXS_NET_DEBUG_7
@ -3515,6 +3534,8 @@ bool RsGxsNetService::encryptTransaction(NxsTransaction *tr)
    GXSNETDEBUG_P_(peerId) << "  Creating session key" << std::endl;
 #endif
    RsNxsSessionKeyItem *session_key_item = new RsNxsSessionKeyItem(mServType) ;
+    session_key_item->PeerId(tr->mTransaction->PeerId()) ;
+    session_key_item->transactionNumber = trNumber ;
    
    memcpy(session_key_item->iv,muctx.initialisation_vector(),EVP_MAX_IV_LENGTH) ;
    
@ -3556,9 +3577,9 @@ bool RsGxsNetService::decryptTransaction(NxsTransaction *tr)
    if(esk == NULL)
    {
 #ifdef NXS_NET_DEBUG_7
-        GXSNETDEBUG_P_(peerId) << "  (II) nothing to decrypt. No session key packet in this transaction." << std::endl;
+        GXSNETDEBUG_P_(peerId) << "  (II) nothing to decrypt. No session key packet in this transaction. Transaction is not encrypted" << std::endl;
 #endif
-        return false ;
+        return true ;
    }
    // 2 - Try to decrypt the session key. If not, return false. That probably means
    //     we don't own that identity.
@ -3578,7 +3599,7 @@ bool RsGxsNetService::decryptTransaction(NxsTransaction *tr)
                    
                    if(!mGixs->getPrivateKey(private_key_id,private_key))
                    {
-                        std::cerr << "(EE) Cannot find private key to decrypt incoming transaction, for ID " << it->first << ". This is a bug since the key is supposed ot be here." << std::endl;
+                        std::cerr << "  (EE) Cannot find private key to decrypt incoming transaction, for ID " << it->first << ". This is a bug since the key is supposed ot be here." << std::endl;
                        return false;
                    }
                    
@ -3643,7 +3664,7 @@ bool RsGxsNetService::decryptTransaction(NxsTransaction *tr)
    // 4 - put back in transaction.
    
 #ifdef NXS_NET_DEBUG_7
-    GXSNETDEBUG_P_(peerId) << "  replacing items with clear items" << std::endl;
+    GXSNETDEBUG_P_(peerId) << "  Decryption successful: replacing items with clear items" << std::endl;
 #endif
    
    for(std::list<RsNxsItem*>::const_iterator it(tr->mItems.begin());it!=tr->mItems.end();++it)
--- a/libretroshare/src/serialiser/rsnxsitems.cc
+++ b/libretroshare/src/serialiser/rsnxsitems.cc
@ -425,6 +425,8 @@ bool RsNxsSessionKeyItem::serialise(void *data, uint32_t& size) const
    if(!serialise_header(data,size,tlvsize,offset))
        return false ;

+    ok &= setRawUInt32(data, size, &offset, transactionNumber);
+    
    if(offset + EVP_MAX_IV_LENGTH >= size)
    {
        std::cerr << "RsNxsSessionKeyItem::serialize(): error. Not enough room for IV !" << std::endl;
@ -460,6 +462,7 @@ bool RsNxsEncryptedDataItem::serialise(void *data, uint32_t& size) const
    if(!serialise_header(data,size,tlvsize,offset))
        return false ;

+    ok &= setRawUInt32(data, size, &offset, transactionNumber);
    ok &= aes_encrypted_data.SetTlv(data, size, &offset) ;

    if(offset != tlvsize)
@ -840,6 +843,8 @@ RsNxsSessionKeyItem      *RsNxsSerialiser::deserialNxsSessionKeyItem(void* data,
    uint32_t offset = 8 ;

    RsNxsSessionKeyItem* item = new RsNxsSessionKeyItem(SERVICE_TYPE);
+    
+    ok &= getRawUInt32(data, *size, &offset, &(item->transactionNumber));

    if(offset + EVP_MAX_IV_LENGTH >= *size)
    {
@ -891,6 +896,9 @@ RsNxsEncryptedDataItem   *RsNxsSerialiser::deserialNxsEncryptedDataItem(void* da

    RsNxsEncryptedDataItem* item = new RsNxsEncryptedDataItem(SERVICE_TYPE);

+    ok &= getRawUInt32(data, *size, &offset, &(item->transactionNumber));
+    item->aes_encrypted_data.tlvtype = TLV_TYPE_BIN_ENCRYPTED ;
+    
    ok &= item->aes_encrypted_data.GetTlv(data,*size,&offset) ;
    
    if (offset != *size)
@ -1037,6 +1045,7 @@ uint32_t RsNxsEncryptedDataItem::serial_size() const
 {
    uint32_t s = 8; // header size

+    s += 4; // transaction number
    s += aes_encrypted_data.TlvSize() ;

    return s;
@ -1045,6 +1054,7 @@ uint32_t RsNxsSessionKeyItem::serial_size() const
 {
    uint32_t s = 8; // header size

+    s += 4; 			// transaction number
    s += EVP_MAX_IV_LENGTH ;	// iv
    s += 4 ; 			// encrypted_session_keys.size() ;
    
--- a/libretroshare/src/serialiser/rsnxsitems.h
+++ b/libretroshare/src/serialiser/rsnxsitems.h
@ -277,7 +277,11 @@ class RsNxsEncryptedDataItem : public RsNxsItem

 public:

-    RsNxsEncryptedDataItem(uint16_t servtype) : RsNxsItem(servtype, RS_PKT_SUBTYPE_NXS_SESSION_KEY_ITEM),aes_encrypted_data(servtype) { clear(); }
+    RsNxsEncryptedDataItem(uint16_t servtype) : RsNxsItem(servtype, RS_PKT_SUBTYPE_NXS_ENCRYPTED_DATA_ITEM),aes_encrypted_data(servtype) 
+    { 
+	aes_encrypted_data.tlvtype = TLV_TYPE_BIN_ENCRYPTED ;
+	clear(); 
+    }
    virtual ~RsNxsEncryptedDataItem() {}

 	virtual bool serialise(void *data,uint32_t& size) const;