Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Weird padding calculation for SSU2Session Token Request #2015

Open
webhive opened this issue Feb 16, 2024 · 6 comments
Open

Weird padding calculation for SSU2Session Token Request #2015

webhive opened this issue Feb 16, 2024 · 6 comments

Comments

@webhive
Copy link

webhive commented Feb 16, 2024
edited

We have the following code:

i2pd/libi2pd/SSU2Session.cpp

Lines 1151 to 1152 in 6439e22

size_t payloadSize = 7;
payloadSize += CreatePaddingBlock (payload + payloadSize, 25 - payloadSize, 1);

Here is a CreatePaddingBlock function implementation:

i2pd/libi2pd/SSU2Session.cpp

Lines 2640 to 2650 in 6439e22

size_t SSU2Session::CreatePaddingBlock (uint8_t * buf, size_t len, size_t minSize)
{
if (len < 3 || len < minSize) return 0;
size_t paddingSize = rand () & 0x0F; // 0 - 15
if (paddingSize + 3 > len) paddingSize = len - 3;
else if (paddingSize + 3 < minSize) paddingSize = minSize - 3;
buf[0] = eSSU2BlkPadding;
htobe16buf (buf + 1, paddingSize);
memset (buf + 3, 0, paddingSize);
return paddingSize + 3;
}

So we have the flowing params which are rally a constants:

 size_t SSU2Session::CreatePaddingBlock (uint8_t * buf, size_t len = 18, size_t minSize = 1)

And I see no way to this condition to mean something - it will never be called

if (len < 3 || len < minSize) return 0;

Same for this block

size_t paddingSize = rand () & 0x0F; // 0 - 15 
// paddingSize + 3 can have maximum value 18 and with len = 7 this condition always false
 if (paddingSize + 3 > len) paddingSize = len - 3; 
// with minSize = 1 this condition always false
 else if (paddingSize + 3 < minSize) paddingSize = minSize - 3;

Beside this weirdness it is really confusing why minSize value for padding block is 1. According Spec for TokenRequest https://geti2p.net/spec/proposals/159-ssu2#token-request-type-10 Padding block is mandatory (at least not marked as optional), but same time minimal payload size is 8.

It looks really contradictory - payload consist of DateTime block (7 bytes) and Padding block (at least 3 bytes). So minimal size should be 10 bytes at least. It mentioned there, what size can be zero, but zero IMO does not mean absence of size field.

Can someone clarify why it working such a tricky way?

PS: also why nothing specified in documentation about padding size should be 0-15? What is really a correct value?
@webhive
Copy link
Author

webhive commented Feb 16, 2024

And even more. According https://geti2p.net/spec/proposals/159-ssu2#padding padding data should be random one, but in code we can see memset (buf + 3, 0, paddingSize); so it zero instead.

@orignal
Copy link
Contributor

orignal commented Feb 19, 2024
edited

You are right, minimal size of 1 it not required, it can be zero.
Zero padding data is right, because only size matters.

@webhive
Copy link
Author

webhive commented Feb 20, 2024

What about random vs zero padding?

@webhive
Copy link
Author

webhive commented Feb 20, 2024

What about random vs zero padding? I mean filling of padding data.

@orignal
Copy link
Contributor

orignal commented Feb 20, 2024

You don't need actual random data there, all zeros are fine.

@webhive
Copy link
Author

webhive commented Feb 20, 2024

You don't need actual random data there, all zeros are fine.

I understand, but I mean difference between official specification and implementation. May be update specification then to avoid confusion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@webhive @orignal