orignal
nice
orignal
going to do the same tommorow ))
zzz
the header decryption stuff is where we really see how this is going to work
zzz
I'm already seeing some problems
zzz
about 3000 lines of code in so far
orignal
zzz, why do you say XK Noise is different than in NTCP2?
orignal
I don't see a difference
zzz
the initialization string is different
zzz
other differences listed at i2p-projekt.i2p/spec/proposals/159#additions-to-the-framework
orignal
huh?
orignal
Noise_XKaesobfse+hs2+hs3_25519_ChaChaPoly_SHA256
orignal
got i
orignal
t
orignal
h1s
zzz
oops, it's wrong in one place, right in the other
zzz
Set protocol_name = "Noise_XKchaobfse+hs1+hs2+hs3_25519_ChaChaPoly_SHA256"
orignal
I see now
orignal
the difference
zzz
no, it's the same in both
zzz
both places
orignal
I copied from NTCP2
orignal
but SSU2 adds hs1
zzz
right, we're mixHashing the headers before each message, 1 2 and 3. NTCP2 mixHashes the padding after message 1 and 2
orignal
thanks
orignal
will chnage it
orignal
also do you have sha256 of this string?
orignal
I believe you calculated it already
zzz
padding for every message is in the payload, since we know the total length
zzz
not like NTCP2 where we have fixed message length for messages 1 and 2
zzz
so the mixhash is more like ratchet
zzz
I haven't logged it yet
zzz
it's in a static initializer
zzz
sha256generator "Noise_XKchaobfse+hs1+hs2+hs3_25519_ChaChaPoly_SHA256"
zzz
sTcigXQjqP30LfLmDtHt9BuTBx2x7CSjZ~eE7CcNgTI=
orignal
I need as array of hex bytes
orignal
and will check
zzz
echo -n "Noise_XKchaobfse+hs1+hs2+hs3_25519_ChaChaPoly_SHA256" | sha256sum
zzz
b13722817423a8fdf42df2e60ed1edf41b93071db1ec24a367f784ec270d8132 -
orignal
thanks
orignal
and we also need one more
orignal
sha256
zzz
yup
zzz
Bob listening for SSU2 connections on 127.0.0.1:8887
zzz
Handing incoming connection as Bob
zzz
Got 95 byte session request as Bob
zzz
Decrypt session request header: Sess req header destID 678673286614499147 pkt num 0 type 0 srcID 5690038696058615217 token 0 key gD5zXy0q~B3jTnEDtijvQbm2klyyZznnLLnMQwGXzlY=
zzz
IV is kfnlJnel6RTVF8A3zOD8lz5CHkVLPwZMP7D-hjIxpog=
zzz
00000000 09 6b 21 c2 27 34 3f 4b 00 00 00 00 00 02 02 00 |.k!.'4?K........|
zzz
00000010 4e f7 14 0c 04 cc f5 b1 00 00 00 00 00 00 00 00 |N...............|
zzz
00000020 80 3e 73 5f 2d 2a fc 1d e3 4e 71 03 b6 28 ef 41 |.>s_-*...Nq..(.A|
zzz
00000030 b9 b6 92 5c b2 67 39 e7 2c b9 cc 43 01 97 ce 56 |...\.g9.,..C...V|
zzz
02/05 13:29:24.484 DEBUG [main ] port.udp.InboundEstablishState: State after sess req: XK-SSU2 Handshake State:
zzz
Symmetric State:
zzz
ck: af9ByX6VlRGe7p1IvDJByHQR-e2FBVkTEBDqzHDYTis=
zzz
h: IdMOUePz1SiFZ8LIfdrRz19N~oQ6jNoLxrF4ZnQwRXw=
zzz
Cipher State:
zzz
nonce: 1
zzz
poly key: EbB12ZpsxHvfnaPBUolpFuSyNBOiQfylCp5E-hPqdQE=
zzz
Local static public key (s) : 9OJd9m56VCFHK-DJU2IjEdFb482pEBNjsS6Y8ADNPzg=
zzz
Remote static public key (rs) : null
zzz
Local ephemeral public key (e) : null
zzz
Remote ephemeral public key (re) : gD5zXy0q~B3jTnEDtijvQbm2klyyZznnLLnMQwGXzlY=
zzz
woot, decrypted a session request
orignal
great
orignal
if you need precalculated XK for SSU2 here
orignal
working refactoring on common s and i keys for addresses