ntcp/session.go: fixes and imrovements

- Stop using deprecated (and probably not cryptographically secure) exp/rand, switch to crypto/rand instead - Reduce code duplicacy by defining `buildAesStaticKey()` method - Properly handle pointer to `crypto.AESSymmetricKey` struct to prevent nil pointer dereferences - go mod tidy
2025-06-07 10:01:41 -04:00 · 2025-03-01 21:19:53 +00:00
parent 7f78fdf784
commit 7bdaf6d4ea
2 changed files with 27 additions and 15 deletions
--- a/go.mod
+++ b/go.mod
@ -17,7 +17,6 @@ require (
 	github.com/stretchr/testify v1.10.0
 	go.step.sm/crypto v0.58.1
 	golang.org/x/crypto v0.35.0
-	golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa
 	gopkg.in/yaml.v3 v3.0.1
 )

@ -43,6 +42,7 @@ require (
 	go.opentelemetry.io/otel v1.34.0 // indirect
 	go.opentelemetry.io/otel/trace v1.34.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
+	golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa // indirect
 	golang.org/x/net v0.35.0 // indirect
 	golang.org/x/sys v0.30.0 // indirect
 	golang.org/x/text v0.22.0 // indirect
--- a/lib/transport/ntcp/session.go
+++ b/lib/transport/ntcp/session.go
@ -1,6 +1,7 @@
 package ntcp

 import (
+	"math/big"
 	"time"

 	"github.com/go-i2p/go-i2p/lib/common/router_info"
@ -8,8 +9,9 @@ import (
 	"github.com/go-i2p/go-i2p/lib/transport/noise"
 	"github.com/go-i2p/go-i2p/lib/transport/obfs"

+	"crypto/rand"
+
 	"github.com/samber/oops"
-	"golang.org/x/exp/rand"
 )

 /*
@ -58,7 +60,11 @@ func (s *NTCP2Session) CreateSessionRequest() (*SessionRequest, error) {
 	timestamp := uint32(time.Now().Unix())

 	// Add random padding (implementation specific)
-	padding := make([]byte, rand.Intn(16)) // Up to 16 bytes of padding
+	randomInt, err := rand.Int(rand.Reader, big.NewInt(16))
+	if err != nil {
+		return nil, err
+	}
+	padding := make([]byte, randomInt.Int64()) // Up to 16 bytes of padding
 	if _, err := rand.Read(padding); err != nil {
 		return nil, err
 	}
@ -116,29 +122,35 @@ func (s *NTCP2Session) peerStaticIV() ([16]byte, error) {

 // ObfuscateEphemeral implements NTCP2's key obfuscation using AES-256-CBC
 func (s *NTCP2Session) ObfuscateEphemeral(ephemeralKey []byte) ([]byte, error) {
-	static, err := s.peerStaticKey()
+	AESStaticKey, err := s.buildAesStaticKey()
 	if err != nil {
 		return nil, err
 	}
-	staticIV, err := s.peerStaticIV()
-	if err != nil {
-		return nil, err
-	}
-	var AESStaticKey *crypto.AESSymmetricKey
-	AESStaticKey.Key = static[:]
-	AESStaticKey.IV = staticIV[:]
+
 	return obfs.ObfuscateEphemeralKey(ephemeralKey, AESStaticKey)
 }

 // DeobfuscateEphemeral reverses the key obfuscation
 func (s *NTCP2Session) DeobfuscateEphemeral(obfuscatedEphemeralKey []byte) ([]byte, error) {
-	static, err := s.peerStaticKey()
+	AESStaticKey, err := s.buildAesStaticKey()
+	if err != nil {
+		return nil, err
+	}
+
+	return obfs.DeobfuscateEphemeralKey(obfuscatedEphemeralKey, AESStaticKey)
+}
+
+func (s *NTCP2Session) buildAesStaticKey() (*crypto.AESSymmetricKey, error) {
+	staticKey, err := s.peerStaticKey()
 	if err != nil {
 		return nil, err
 	}
 	staticIV, err := s.peerStaticIV()
-	var AESStaticKey *crypto.AESSymmetricKey
-	AESStaticKey.Key = static[:]
+	if err != nil {
+		return nil, err
+	}
+	var AESStaticKey crypto.AESSymmetricKey
+	AESStaticKey.Key = staticKey[:]
 	AESStaticKey.IV = staticIV[:]
-	return obfs.ObfuscateEphemeralKey(obfuscatedEphemeralKey, AESStaticKey)
+	return &AESStaticKey, nil
 }