Mercurial > hg > quicktun
annotate src/proto.nacl0.c @ 53:15d651dec8e9 V2.2.3
Fixed a bug in the salty protocol encoding (prepare the buffer as expected by the encryption function)
author | Ivo Smits <Ivo@UCIS.nl> |
---|---|
date | Sat, 16 Nov 2013 14:55:14 +0100 |
parents | 54d28a81ca99 |
children | 5685fad38195 |
rev | line source |
---|---|
0 | 1 /* Copyright 2010 Ivo Smits <Ivo@UCIS.nl>. All rights reserved. |
2 Redistribution and use in source and binary forms, with or without modification, are | |
3 permitted provided that the following conditions are met: | |
4 | |
5 1. Redistributions of source code must retain the above copyright notice, this list of | |
6 conditions and the following disclaimer. | |
7 | |
8 2. Redistributions in binary form must reproduce the above copyright notice, this list | |
9 of conditions and the following disclaimer in the documentation and/or other materials | |
10 provided with the distribution. | |
11 | |
12 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED | |
13 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | |
14 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR | |
15 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
16 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
17 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON | |
18 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
19 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | |
20 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
21 | |
22 The views and conclusions contained in the software and documentation are those of the | |
23 authors and should not be interpreted as representing official policies, either expressed | |
24 or implied, of Ivo Smits.*/ | |
25 | |
26 #include "common.c" | |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
27 #include "crypto_box_curve25519xsalsa20poly1305.h" |
0 | 28 |
29 struct qt_proto_data_nacl0 { | |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
30 unsigned char cnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES], cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; |
0 | 31 }; |
32 | |
33 static int encode(struct qtsession* sess, char* raw, char* enc, int len) { | |
34 struct qt_proto_data_nacl0* d = (struct qt_proto_data_nacl0*)sess->protocol_data; | |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
35 memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); |
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
36 if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) return errorexit("Crypto failed"); |
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
37 return len + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES; |
0 | 38 } |
39 | |
40 static int decode(struct qtsession* sess, char* enc, char* raw, int len) { | |
41 struct qt_proto_data_nacl0* d = (struct qt_proto_data_nacl0*)sess->protocol_data; | |
42 int i; | |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
43 if (len < crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES) { |
0 | 44 fprintf(stderr, "Short packet received: %d\n", len); |
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
45 return -1; |
0 | 46 } |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
47 len -= crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES; |
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
48 memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); |
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
49 if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) { |
0 | 50 fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); |
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
51 return -1; |
0 | 52 } |
53 return len; | |
54 } | |
55 | |
56 static int init(struct qtsession* sess) { | |
57 char* envval; | |
58 struct qt_proto_data_nacl0* d = (struct qt_proto_data_nacl0*)sess->protocol_data; | |
59 printf("Initializing cryptography...\n"); | |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
60 memset(d->cnonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES); |
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
61 unsigned char cpublickey[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES], csecretkey[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES]; |
0 | 62 if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY"); |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
63 if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length"); |
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
64 hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); |
37
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
65 if (envval = getconf("PRIVATE_KEY")) { |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
66 if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length"); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
67 hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
68 } else if (envval = getconf("PRIVATE_KEY_FILE")) { |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
69 FILE* pkfile = fopen(envval, "rb"); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
70 if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE"); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
71 char pktextbuf[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES * 2]; |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
72 size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
73 if (pktextsize == crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
74 memcpy(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
75 } else if (pktextsize = 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
76 hex2bin(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
77 } else { |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
78 return errorexit("PRIVATE_KEY length"); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
79 } |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
80 fclose(pkfile); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
81 } else { |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
82 return errorexit("Missing PRIVATE_KEY"); |
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
83 } |
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
84 crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey); |
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
0
diff
changeset
|
85 return 0; |
0 | 86 } |
87 | |
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
88 struct qtproto qtproto_nacl0 = { |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
89 1, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
90 MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
91 MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
92 crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
93 crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
94 encode, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
95 decode, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
96 init, |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
97 sizeof(struct qt_proto_data_nacl0), |
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
98 }; |
0 | 99 |
100 #ifndef COMBINED_BINARY | |
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
37
diff
changeset
|
101 int main(int argc, char** argv) { |
0 | 102 print_header(); |
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
37
diff
changeset
|
103 if (qtprocessargs(argc, argv) < 0) return -1; |
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
24
diff
changeset
|
104 return qtrun(&qtproto_nacl0); |
0 | 105 } |
106 #endif |