1
// libTorrent - BitTorrent library
2
// Copyright (C) 2005-2006, Jari Sundell
4
// This program is free software; you can redistribute it and/or modify
5
// it under the terms of the GNU General Public License as published by
6
// the Free Software Foundation; either version 2 of the License, or
7
// (at your option) any later version.
9
// This program is distributed in the hope that it will be useful,
10
// but WITHOUT ANY WARRANTY; without even the implied warranty of
11
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12
// GNU General Public License for more details.
14
// You should have received a copy of the GNU General Public License
15
// along with this program; if not, write to the Free Software
16
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18
// In addition, as a special exception, the copyright holders give
19
// permission to link the code of portions of this program with the
20
// OpenSSL library under certain conditions as described in each
21
// individual source file, and distribute linked combinations
24
// You must obey the GNU General Public License in all respects for
25
// all of the code used other than OpenSSL. If you modify file(s)
26
// with this exception, you may extend this exception to your version
27
// of the file(s), but you are not obligated to do so. If you do not
28
// wish to do so, delete this exception statement from your version.
29
// If you delete this exception statement from all source files in the
30
// program, then also delete it here.
32
// Contact: Jari Sundell <jaris@ifi.uio.no>
35
// 3185 Skoppum, NORWAY
42
#include "torrent/connection_manager.h"
43
#include "torrent/exceptions.h"
44
#include "utils/diffie_hellman.h"
45
#include "utils/sha1.h"
47
#include "handshake_encryption.h"
51
const unsigned char HandshakeEncryption::dh_prime[] = {
52
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
53
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
54
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
55
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
56
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
57
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
58
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
59
0xA6, 0x3A, 0x36, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09, 0x05, 0x63,
62
const unsigned char HandshakeEncryption::dh_generator[] = { 2 };
63
const unsigned char HandshakeEncryption::vc_data[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
66
HandshakeEncryption::should_retry() const {
67
return (m_options & ConnectionManager::encryption_enable_retry) != 0 && m_retry != HandshakeEncryption::RETRY_NONE;
71
HandshakeEncryption::initialize() {
72
m_key = new DiffieHellman(dh_prime, dh_prime_length, dh_generator, dh_generator_length);
76
HandshakeEncryption::cleanup() {
82
HandshakeEncryption::compare_vc(const void* buf) {
83
return std::memcmp(buf, vc_data, vc_length) == 0;
87
HandshakeEncryption::initialize_decrypt(const char* origHash, bool incoming) {
89
unsigned char discard[1024];
91
sha1_salt(incoming ? "keyA" : "keyB", 4, m_key->c_str(), 96, origHash, 20, hash);
93
m_info.set_decrypt(RC4((const unsigned char*)hash, 20));
94
m_info.decrypt(discard, 1024);
98
HandshakeEncryption::initialize_encrypt(const char* origHash, bool incoming) {
100
unsigned char discard[1024];
102
sha1_salt(incoming ? "keyB" : "keyA", 4, m_key->c_str(), 96, origHash, 20, hash);
104
m_info.set_encrypt(RC4((const unsigned char*)hash, 20));
105
m_info.encrypt(discard, 1024);
108
// Obfuscated hash is HASH('req2', download_hash), extract that from
109
// HASH('req2', download_hash) ^ HASH('req3', S).
111
HandshakeEncryption::deobfuscate_hash(char* src) const {
113
sha1_salt("req3", 4, m_key->c_str(), m_key->size(), tmp);
115
for (int i = 0; i < 20; i++)
120
HandshakeEncryption::hash_req1_to_sync() {
122
m_key->c_str(), m_key->size(),
127
HandshakeEncryption::encrypt_vc_to_sync(const char* origHash) {
128
m_syncLength = vc_length;
129
std::memcpy(m_sync, vc_data, vc_length);
134
sha1_salt("keyB", 4, m_key->c_str(), 96, origHash, 20, hash);
136
RC4 peerEncrypt((const unsigned char*)hash, 20);
138
peerEncrypt.crypt(discard, 1024);
139
peerEncrypt.crypt(m_sync, HandshakeEncryption::vc_length);