From 405a7a0fd9be56c79a7ce7e76b62d97a7940c1ff Mon Sep 17 00:00:00 2001
From: zzz <zzz@i2pmail.org>
Date: Mon, 25 Apr 2022 08:07:59 -0400
Subject: [PATCH] Prop. 159 peer test updates
---
i2p2www/spec/proposals/159-ssu2.rst | 39 +++++++++++++++++++++--------
1 file changed, 29 insertions(+), 10 deletions(-)
diff --git a/i2p2www/spec/proposals/159-ssu2.rst b/i2p2www/spec/proposals/159-ssu2.rst
index 70b7e643a..434582464 100644
--- a/i2p2www/spec/proposals/159-ssu2.rst
+++ b/i2p2www/spec/proposals/159-ssu2.rst
@@ -5,7 +5,7 @@ SSU2
:author: eyedeekay, orignal, zlatinb, zzz
:created: 2021-09-12
:thread: http://zzz.i2p/topics/2612
- :lastupdated: 2022-04-10
+ :lastupdated: 2022-04-25
:status: Open
:target: 0.9.56
@@ -4495,7 +4495,8 @@ Peer Test (Type 7)
Charlie sends to Alice, and Alice Sends to Charlie,
for Peer Test phases 5-7 only.
-Peer Test phases 1-4 must be sent in-session.
+Peer Test phases 1-4 must be sent in-session using a Peer Test block in a Data message.
+See the Peer Test Block and Peer Test Process sections below for more information.
Size: 48 + payload size.
@@ -4565,7 +4566,7 @@ Unencrypted data (Poly1305 authentication tag not shown):
Source Connection ID :: See below
- Token :: Randomly generated by ALice or Charlie, ignored
+ Token :: Randomly generated by Alice or Charlie, ignored
{% endhighlight %}
@@ -4579,13 +4580,15 @@ Payload
The minimum payload size is 8 bytes. Since the Peer Test block
totals more than that, the requirement is met with only this block.
-In messages 5 and 7, the Peer Test block is identical to
+In messages 5 and 7, the Peer Test block may be identical to
the block from in-session messages 3 and 4,
-containing the agreement signed by Charlie.
+containing the agreement signed by Charlie,
+or it may be regenerated. Signature is optional.
-In message 6, the Peer Test block is identical to
+In message 6, the Peer Test block may be identical to
the block from in-session messages 1 and 2,
-containing the request signed by Alice.
+containing the request signed by Alice,
+or it may be regenerated. Signature is optional.
Connection IDs: The two connection IDs are derived from the test nonce.
For messages sent from Charlie to Alice, the Destination Connection ID
@@ -5706,7 +5709,7 @@ either in the same payload (if there's room), or in a previous message.
3: Charlie
ver :: 1 byte SSU version to be used for messages 5-7:
1: SSU 1 (not supported)
- 2: SSU 2
+ 2: SSU 2 (required)
nonce :: 4 byte test nonce, big endian
timestamp :: Unix timestamp, unsigned seconds.
Wraps around in 2106
@@ -5719,8 +5722,8 @@ either in the same payload (if there's room), or in a previous message.
and signed data above, as signed by
Alice or Charlie.
Only present for messages 1-4.
- Not required in message 3 or 4 if
- Bob or Charlie rejects the request.
+ Optional in message 5-7.
+
{% endhighlight %}
@@ -5747,6 +5750,12 @@ Notes:
* Messages 5-7 must be contained in a Peer Test message out-of-session.
+* Messages 5 and 7 may contain the same signed data as sent in messages 3 and 4, or it may
+ be regenerated with a new timestamp. Signature is optional.
+
+* Message 6 may contain the same signed data as sent in messages 1 and 2, or it may
+ be regenerated with a new timestamp. Signature is optional.
+
Signatures:
@@ -6868,6 +6877,16 @@ Alice Bob Charlie
Messages 1-4 are in-session using Peer Test blocks in a Data message.
Messages 5-7 are out-of-session using Peer Test blocks in a Peer Test message.
+NOTE: As in SSU 1, messages 4 and 5 may arrive in either order.
+Message 5 and/or 7 may not be received at all if Alice is firewalled.
+When message 5 arrives before message 4,
+Alice cannot immediately send message 6, because she does not
+yet have Charlie's intro key to encrypt the header.
+When message 4 arrives before message 5,
+should not immediately send message 6, because she should wait
+to see if message 5 arrives without opening the firewall with message 6.
+
+
========= ============ =============
Message Path Intro Key
========= ============ =============
--
GitLab