NAME

Net::BitTorrent::Protocol::MSE::KeyExchange - Diffie-Hellman and RC4 Key Management

SYNOPSIS

use Net::BitTorrent::Protocol::MSE::KeyExchange;

my $kx = Net::BitTorrent::Protocol::MSE::KeyExchange->new(
    infohash     => $bin_ih,
    is_initiator => 1
);

# Share this with the peer
my $my_pub = $kx->public_key();

# Compute shared secret once peer's key arrives
$kx->compute_secret( $remote_pub );

# Get ready-to-use ciphers
my $cipher = $kx->encrypt_rc4();
$cipher->crypt( $plaintext );

DESCRIPTION

This module handles the 768-bit Diffie-Hellman key exchange and RC4 stream cipher management for BitTorrent encryption. It uses a fixed 768-bit safe prime (P) and generator (G=2) as defined in the MSE specification.

METHODS (KeyExchange)

new( %params )

Creates a new KeyExchange object.

Expected parameters:

infohash

The 20-byte binary infohash.

is_initiator

Boolean. True if we are the connection initiator.

compute_secret( $remote_pub_bytes )

Computes the shared secret using the remote peer's public key and derives the RC4 encryption and decryption keys. This method automatically discards the first 1024 bytes of both RC4 keystreams to mitigate known weaknesses in the RC4 cipher's initial output (a requirement of the MSE spec).

Expected parameters:

$remote_pub_bytes

The 96-byte binary public key from the peer.

get_secret( )

Returns the computed 96-byte binary shared secret.

my $s = $kx->get_secret();

get_sync_data( [$override_ih] )

Returns the hashes needed for MSE synchronization.

my ($req1, $xor_mask) = $kx->get_sync_data();

Expected parameters:

$override_ih - optional

A binary infohash to use instead of the one passed to the constructor.

verify_skey( $xor_block, $candidate_ih )

Verifies if an XORed SKEY matches a candidate infohash.

my $ok = $kx->verify_skey( $block, $ih );

Expected parameters:

$xor_block

The 20-byte XORed block from the peer.

$candidate_ih

The 20-byte binary infohash to check.

init_rc4( $ih )

Initializes the RC4 encryptor and decryptor.

$kx->init_rc4( $ih );

Expected parameters:

$ih

The negotiated binary infohash.

scan_for_vc( $buffer )

Scans a buffer for the encrypted Verification Constant (VC).

my $offset = $kx->scan_for_vc( $incoming_data );

This method uses brute force to find the sync point in an encrypted stream.

Expected parameters:

$buffer

The raw data buffer to scan.

infohash( )

Returns the configured infohash.

is_initiator( )

Returns true if we are the connection initiator.

public_key( )

Returns our 96-byte binary public key.

encrypt_rc4( )

Returns the Net::BitTorrent::Protocol::MSE::RC4 object for encryption.

decrypt_rc4( )

Returns the Net::BitTorrent::Protocol::MSE::RC4 object for decryption.

METHODS (RC4)

discard( $bytes )

Discards bytes from the PRGA stream.

$rc4->discard( 1024 );

Expected parameters:

$bytes

The number of bytes to discard.

crypt( $data )

XORs data with the RC4 stream.

my $cipher = $rc4->crypt( $plain );

Expected parameters:

$data

The binary data to process.

snapshot( )

Returns a lightweight snapshot of the RC4 state.

my $snap = $rc4->snapshot();

restore( $snap )

Restores the RC4 state from a snapshot.

$rc4->restore( $snap );

Expected parameters:

$snap

The snapshot data.

AUTHOR

Sanko Robinson <sanko@cpan.org>

COPYRIGHT

Copyright (C) 2008-2026 by Sanko Robinson.

This library is free software; you can redistribute it and/or modify it under the terms of the Artistic License 2.0.

cpanm Net::BitTorrent

perl -MCPAN -e shell
install Net::BitTorrent