ethereum · chriseth · Feb 17, 2016 · Jan 13, 2016 · Jan 14, 2016 · Feb 11, 2016
diff --git a/libdevcrypto/Common.cpp b/libdevcrypto/Common.cpp
@@ -124,16 +124,26 @@ bool dev::decrypt(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext)
 }
 
 void dev::encryptECIES(Public const& _k, bytesConstRef _plain, bytes& o_cipher)
+{
+	encryptECIES(_k, bytesConstRef(), _plain, o_cipher);
+}
+
+void dev::encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytesConstRef _plain, bytes& o_cipher)
 {
 	bytes io = _plain.toBytes();
-	Secp256k1PP::get()->encryptECIES(_k, io);
+	Secp256k1PP::get()->encryptECIES(_k, _sharedMacData, io);
 	o_cipher = std::move(io);
 }
 
 bool dev::decryptECIES(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext)
+{
+	return decryptECIES(_k, bytesConstRef(),  _cipher, o_plaintext);
+}
+
+bool dev::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytesConstRef _cipher, bytes& o_plaintext)
 {
 	bytes io = _cipher.toBytes();
-	if (!Secp256k1PP::get()->decryptECIES(_k, io))
+	if (!Secp256k1PP::get()->decryptECIES(_k, _sharedMacData, io))
 		return false;
 	o_plaintext = std::move(io);
 	return true;

diff --git a/libdevcrypto/Common.h b/libdevcrypto/Common.h
@@ -105,9 +105,17 @@ bool decryptSym(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext);
 /// Encrypt payload using ECIES standard with AES128-CTR.
 void encryptECIES(Public const& _k, bytesConstRef _plain, bytes& o_cipher);
 
+/// Encrypt payload using ECIES standard with AES128-CTR.
+/// @a _sharedMacData is shared authenticated data.
+void encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytesConstRef _plain, bytes& o_cipher);
+
 /// Decrypt payload using ECIES standard with AES128-CTR.
 bool decryptECIES(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext);
 
+/// Decrypt payload using ECIES standard with AES128-CTR.
+/// @a _sharedMacData is shared authenticated data.
+bool decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytesConstRef _cipher, bytes& o_plaintext);
+
 /// Encrypts payload with random IV/ctr using AES128-CTR.
 std::pair<bytes, h128> encryptSymNoAuth(SecureFixedHash<16> const& _k, bytesConstRef _plain);
 

diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp
@@ -66,6 +66,11 @@ bytes Secp256k1PP::eciesKDF(Secret const& _z, bytes _s1, unsigned kdByteLen)
 }
 
 void Secp256k1PP::encryptECIES(Public const& _k, bytes& io_cipher)
+{
+	encryptECIES(_k, bytesConstRef(), io_cipher);
+}
+
+void Secp256k1PP::encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytes& io_cipher)
 {
 	// interop w/go ecies implementation
 	auto r = KeyPair::create();
@@ -93,6 +98,7 @@ void Secp256k1PP::encryptECIES(Public const& _k, bytes& io_cipher)
 	CryptoPP::HMAC<SHA256> hmacctx(mKey.data(), mKey.size());
 	bytesConstRef cipherWithIV = bytesRef(&msg).cropped(1 + Public::size, h128::size + cipherText.size());
 	hmacctx.Update(cipherWithIV.data(), cipherWithIV.size());
+	hmacctx.Update(_sharedMacData.data(), _sharedMacData.size());
 	hmacctx.Final(msg.data() + 1 + Public::size + cipherWithIV.size());
 
 	io_cipher.resize(msg.size());
@@ -101,6 +107,12 @@ void Secp256k1PP::encryptECIES(Public const& _k, bytes& io_cipher)
 
 bool Secp256k1PP::decryptECIES(Secret const& _k, bytes& io_text)
 {
+	return decryptECIES(_k, bytesConstRef(), io_text);
+}
+
+bool Secp256k1PP::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytes& io_text)
+{
+
 	// interop w/go ecies implementation
 
 	// io_cipher[0] must be 2, 3, or 4, else invalidpublickey
@@ -133,6 +145,7 @@ bool Secp256k1PP::decryptECIES(Secret const& _k, bytes& io_text)
 	// verify tag
 	CryptoPP::HMAC<SHA256> hmacctx(mKey.data(), mKey.size());
 	hmacctx.Update(cipherWithIV.data(), cipherWithIV.size());
+	hmacctx.Update(_sharedMacData.data(), _sharedMacData.size());
 	h256 mac;
 	hmacctx.Final(mac.data());
 	for (unsigned i = 0; i < h256::size; i++)

diff --git a/libdevcrypto/CryptoPP.h b/libdevcrypto/CryptoPP.h
@@ -63,6 +63,9 @@ inline ECP::Point publicToPoint(Public const& _p) { Integer x(_p.data(), 32); In
 
 inline Integer secretToExponent(Secret const& _s) { return std::move(Integer(_s.data(), Secret::size)); }
 
+/// Amount of bytes added when encrypting with encryptECIES.
+static const unsigned c_eciesOverhead = 113;
+
 /**
  * CryptoPP secp256k1 algorithms.
  * @todo Collect ECIES methods into class.
@@ -82,10 +85,16 @@ class Secp256k1PP
 
 	/// Encrypts text (replace input). (ECIES w/AES128-CTR-SHA256)
 	void encryptECIES(Public const& _k, bytes& io_cipher);
-
+
+	/// Encrypts text (replace input). (ECIES w/AES128-CTR-SHA256)
+	void encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytes& io_cipher);
+
 	/// Decrypts text (replace input). (ECIES w/AES128-CTR-SHA256)
 	bool decryptECIES(Secret const& _k, bytes& io_text);
 
+	/// Decrypts text (replace input). (ECIES w/AES128-CTR-SHA256)
+	bool decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytes& io_text);
+
 	/// Key derivation function used by encryptECIES and decryptECIES.
 	bytes eciesKDF(Secret const& _z, bytes _s1, unsigned kdBitLen = 256);
 

diff --git a/libp2p/Common.h b/libp2p/Common.h
@@ -194,6 +194,13 @@ class NodeIPEndpoint
 	operator bool() const { return !address.is_unspecified() && udpPort > 0 && tcpPort > 0; }
 
 	bool isAllowed() const { return NodeIPEndpoint::test_allowLocal ? !address.is_unspecified() : isPublicAddress(address); }
+
+	bool operator==(NodeIPEndpoint const& _cmp) const {
+		return address == _cmp.address && udpPort == _cmp.udpPort && tcpPort == _cmp.tcpPort;
+ 	}
+	bool operator!=(NodeIPEndpoint const& _cmp) const {
+		return !operator==(_cmp);
+ 	}
 
 	void streamRLP(RLPStream& _s, RLPAppend _append = StreamList) const;
 	void interpretRLP(RLP const& _r);

diff --git a/libp2p/Host.cpp b/libp2p/Host.cpp
@@ -98,20 +98,25 @@ bytes ReputationManager::data(Session const& _s, std::string const& _sub) const
 	return bytes();
 }
 
-Host::Host(std::string const& _clientVersion, NetworkPreferences const& _n, bytesConstRef _restoreNetwork):
+Host::Host(string const& _clientVersion, KeyPair const& _alias, NetworkPreferences const& _n):
 	Worker("p2p", 0),
-	m_restoreNetwork(_restoreNetwork.toBytes()),
 	m_clientVersion(_clientVersion),
 	m_netPrefs(_n),
 	m_ifAddresses(Network::getInterfaceAddresses()),
 	m_ioService(2),
 	m_tcp4Acceptor(m_ioService),
-	m_alias(networkAlias(_restoreNetwork)),
+	m_alias(_alias),
 	m_lastPing(chrono::steady_clock::time_point::min())
 {
 	clog(NetNote) << "Id:" << id();
 }
 
+Host::Host(string const& _clientVersion, NetworkPreferences const& _n, bytesConstRef _restoreNetwork):
+	Host(_clientVersion, networkAlias(_restoreNetwork), _n)
+{
+	m_restoreNetwork = _restoreNetwork.toBytes();
+}
+
 Host::~Host()
 {
 	stop();

diff --git a/libp2p/Host.h b/libp2p/Host.h
@@ -142,6 +142,14 @@ class Host: public Worker
 		bytesConstRef _restoreNetwork = bytesConstRef()
 	);
 
+	/// Alternative constructor that allows providing the node key directly
+	/// without restoring the network.
+	Host(
+		std::string const& _clientVersion,
+		KeyPair const& _alias,
+		NetworkPreferences const& _n = NetworkPreferences()
+	);
+
 	/// Will block on network process events.
 	virtual ~Host();