From 7bdaf6d4ea7aa096516e6be471469d99bdb97ace Mon Sep 17 00:00:00 2001
From: ungrentquest <urgentquest.spsrp@passmail.com>
Date: Sat, 1 Mar 2025 21:19:53 +0000
Subject: [PATCH] ntcp/session.go: fixes and imrovements - Stop using
 deprecated (and probably not cryptographically secure) exp/rand, switch to
 crypto/rand instead - Reduce code duplicacy by defining `buildAesStaticKey()`
 method - Properly handle pointer to `crypto.AESSymmetricKey` struct to
 prevent nil pointer dereferences - go mod tidy

---
 go.mod                        |  2 +-
 lib/transport/ntcp/session.go | 40 +++++++++++++++++++++++------------
 2 files changed, 27 insertions(+), 15 deletions(-)

diff --git a/go.mod b/go.mod
index 9115ff1..aedeb48 100644
--- a/go.mod
+++ b/go.mod
@@ -17,7 +17,6 @@ require (
 	github.com/stretchr/testify v1.10.0
 	go.step.sm/crypto v0.58.1
 	golang.org/x/crypto v0.35.0
-	golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa
 	gopkg.in/yaml.v3 v3.0.1
 )
 
@@ -43,6 +42,7 @@ require (
 	go.opentelemetry.io/otel v1.34.0 // indirect
 	go.opentelemetry.io/otel/trace v1.34.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
+	golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa // indirect
 	golang.org/x/net v0.35.0 // indirect
 	golang.org/x/sys v0.30.0 // indirect
 	golang.org/x/text v0.22.0 // indirect
diff --git a/lib/transport/ntcp/session.go b/lib/transport/ntcp/session.go
index eb80800..a259677 100644
--- a/lib/transport/ntcp/session.go
+++ b/lib/transport/ntcp/session.go
@@ -1,6 +1,7 @@
 package ntcp
 
 import (
+	"math/big"
 	"time"
 
 	"github.com/go-i2p/go-i2p/lib/common/router_info"
@@ -8,8 +9,9 @@ import (
 	"github.com/go-i2p/go-i2p/lib/transport/noise"
 	"github.com/go-i2p/go-i2p/lib/transport/obfs"
 
+	"crypto/rand"
+
 	"github.com/samber/oops"
-	"golang.org/x/exp/rand"
 )
 
 /*
@@ -58,7 +60,11 @@ func (s *NTCP2Session) CreateSessionRequest() (*SessionRequest, error) {
 	timestamp := uint32(time.Now().Unix())
 
 	// Add random padding (implementation specific)
-	padding := make([]byte, rand.Intn(16)) // Up to 16 bytes of padding
+	randomInt, err := rand.Int(rand.Reader, big.NewInt(16))
+	if err != nil {
+		return nil, err
+	}
+	padding := make([]byte, randomInt.Int64()) // Up to 16 bytes of padding
 	if _, err := rand.Read(padding); err != nil {
 		return nil, err
 	}
@@ -116,29 +122,35 @@ func (s *NTCP2Session) peerStaticIV() ([16]byte, error) {
 
 // ObfuscateEphemeral implements NTCP2's key obfuscation using AES-256-CBC
 func (s *NTCP2Session) ObfuscateEphemeral(ephemeralKey []byte) ([]byte, error) {
-	static, err := s.peerStaticKey()
+	AESStaticKey, err := s.buildAesStaticKey()
 	if err != nil {
 		return nil, err
 	}
-	staticIV, err := s.peerStaticIV()
-	if err != nil {
-		return nil, err
-	}
-	var AESStaticKey *crypto.AESSymmetricKey
-	AESStaticKey.Key = static[:]
-	AESStaticKey.IV = staticIV[:]
+
 	return obfs.ObfuscateEphemeralKey(ephemeralKey, AESStaticKey)
 }
 
 // DeobfuscateEphemeral reverses the key obfuscation
 func (s *NTCP2Session) DeobfuscateEphemeral(obfuscatedEphemeralKey []byte) ([]byte, error) {
-	static, err := s.peerStaticKey()
+	AESStaticKey, err := s.buildAesStaticKey()
+	if err != nil {
+		return nil, err
+	}
+
+	return obfs.DeobfuscateEphemeralKey(obfuscatedEphemeralKey, AESStaticKey)
+}
+
+func (s *NTCP2Session) buildAesStaticKey() (*crypto.AESSymmetricKey, error) {
+	staticKey, err := s.peerStaticKey()
 	if err != nil {
 		return nil, err
 	}
 	staticIV, err := s.peerStaticIV()
-	var AESStaticKey *crypto.AESSymmetricKey
-	AESStaticKey.Key = static[:]
+	if err != nil {
+		return nil, err
+	}
+	var AESStaticKey crypto.AESSymmetricKey
+	AESStaticKey.Key = staticKey[:]
 	AESStaticKey.IV = staticIV[:]
-	return obfs.ObfuscateEphemeralKey(obfuscatedEphemeralKey, AESStaticKey)
+	return &AESStaticKey, nil
 }