Mercurial > hg > quicktun
annotate src/proto.nacltai.c @ 53:15d651dec8e9 V2.2.3
Fixed a bug in the salty protocol encoding (prepare the buffer as expected by the encryption function)
| author | Ivo Smits <Ivo@UCIS.nl> |
|---|---|
| date | Sat, 16 Nov 2013 14:55:14 +0100 |
| parents | 3115f8af98bb |
| children | 5685fad38195 |
| rev | line source |
|---|---|
| 0 | 1 /* Copyright 2010 Ivo Smits <Ivo@UCIS.nl>. All rights reserved. |
| 2 Redistribution and use in source and binary forms, with or without modification, are | |
| 3 permitted provided that the following conditions are met: | |
| 4 | |
| 5 1. Redistributions of source code must retain the above copyright notice, this list of | |
| 6 conditions and the following disclaimer. | |
| 7 | |
| 8 2. Redistributions in binary form must reproduce the above copyright notice, this list | |
| 9 of conditions and the following disclaimer in the documentation and/or other materials | |
| 10 provided with the distribution. | |
| 11 | |
| 12 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED | |
| 13 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | |
| 14 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR | |
| 15 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 16 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| 17 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON | |
| 18 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
| 19 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | |
| 20 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 21 | |
| 22 The views and conclusions contained in the software and documentation are those of the | |
| 23 authors and should not be interpreted as representing official policies, either expressed | |
| 24 or implied, of Ivo Smits.*/ | |
| 25 | |
| 26 #include "common.c" | |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
27 #include "crypto_box_curve25519xsalsa20poly1305.h" |
|
19
3400045a57b8
Version 2.1.6, changed sourcecode archive generation, use NaCl version 20110221, do not duplicate NaCl sourcecode, support iproute2 for persistent tunnel creation on Debian, support running as root on Debian, removed autogenerated header files
Ivo Smits <Ivo@UCIS.nl>
parents:
11
diff
changeset
|
28 #include "crypto_scalarmult_curve25519.h" |
| 0 | 29 #include <sys/types.h> |
| 30 #include <sys/time.h> | |
| 31 | |
|
52
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
32 struct packedtaia { |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
33 unsigned char buffer[16]; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
34 }; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
35 |
| 0 | 36 struct qt_proto_data_nacltai { |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
37 unsigned char cenonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES], cdnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES]; |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
38 unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; |
|
52
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
39 struct packedtaia cdtailog[5]; |
| 0 | 40 }; |
| 41 | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
42 #define noncelength 16 |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
43 #define nonceoffset (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES - noncelength) |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
44 static const int overhead = crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES + noncelength; |
| 0 | 45 |
|
44
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
46 static void taia_now_packed(unsigned char* b, int secoffset) { |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
47 struct timeval now; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
48 gettimeofday(&now, NULL); |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
49 u_int64_t sec = 4611686018427387914ULL + (u_int64_t)now.tv_sec + secoffset; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
50 b[0] = (sec >> 56) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
51 b[1] = (sec >> 48) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
52 b[2] = (sec >> 40) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
53 b[3] = (sec >> 32) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
54 b[4] = (sec >> 24) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
55 b[5] = (sec >> 16) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
56 b[6] = (sec >> 8) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
57 b[7] = (sec >> 0) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
58 u_int32_t nano = 1000 * now.tv_usec + 500; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
59 b[8] = (nano >> 24) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
60 b[9] = (nano >> 16) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
61 b[10] = (nano >> 8) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
62 b[11] = (nano >> 0) & 0xff; |
|
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
63 ++b[15] == 0 && ++b[14] == 0 && ++b[13] == 0 && ++b[12] == 0; |
| 0 | 64 } |
| 65 | |
|
44
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
66 //Packet format: <16 bytes taia packed timestamp><16 bytes checksum><n bytes encrypted data> |
| 0 | 67 |
| 68 static int encode(struct qtsession* sess, char* raw, char* enc, int len) { | |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
69 if (debug) fprintf(stderr, "Encoding packet of %d bytes from %p to %p\n", len, raw, enc); |
| 0 | 70 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
71 memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); |
|
44
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
72 taia_now_packed(d->cenonce + nonceoffset, 0); |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
73 if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed"); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
74 memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength); |
| 0 | 75 len += overhead; |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
76 if (debug) fprintf(stderr, "Encoded packet of %d bytes from %p to %p\n", len, raw, enc); |
| 0 | 77 return len; |
| 78 } | |
| 79 | |
| 80 static int decode(struct qtsession* sess, char* enc, char* raw, int len) { | |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
81 if (debug) fprintf(stderr, "Decoding packet of %d bytes from %p to %p\n", len, enc, raw); |
| 0 | 82 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
| 83 int i; | |
| 84 if (len < overhead) { | |
| 85 fprintf(stderr, "Short packet received: %d\n", len); | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
86 return -1; |
| 0 | 87 } |
| 88 len -= overhead; | |
|
52
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
89 struct packedtaia* tailog = &d->cdtailog[0]; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
90 struct packedtaia* taiold = tailog; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
91 for (i = 0; i < 5; i++) { |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
92 if (memcmp(enc, tailog, 16) == 0) { |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
93 fprintf(stderr, "Duplicate timestamp received\n"); |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
94 return -1; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
95 } |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
96 if (memcmp(tailog, taiold, 16) < 0) taiold = tailog; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
97 tailog++; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
98 } |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
99 if (memcmp(enc, taiold, 16) <= 0) { |
| 0 | 100 fprintf(stderr, "Timestamp going back, ignoring packet\n"); |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
101 return -1; |
| 0 | 102 } |
|
44
55f379f0a650
Fixed/improved handling of timestamp in nonce in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
43
diff
changeset
|
103 memcpy(d->cdnonce + nonceoffset, enc, noncelength); |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
104 memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
105 if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) { |
| 0 | 106 fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
107 return -1; |
| 0 | 108 } |
|
52
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
109 memcpy(taiold, d->cdnonce + nonceoffset, 16); |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
110 if (debug) fprintf(stderr, "Decoded packet of %d bytes from %p to %p\n", len, enc, raw); |
| 0 | 111 return len; |
| 112 } | |
| 113 | |
| 114 static int init(struct qtsession* sess) { | |
| 115 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; | |
| 116 char* envval; | |
| 117 printf("Initializing cryptography...\n"); | |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
118 unsigned char cownpublickey[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES], cpublickey[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES], csecretkey[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES]; |
| 0 | 119 if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY"); |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
120 if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length"); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
121 hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); |
|
37
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
122 if (envval = getconf("PRIVATE_KEY")) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
123 if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
124 hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
125 } else if (envval = getconf("PRIVATE_KEY_FILE")) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
126 FILE* pkfile = fopen(envval, "rb"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
127 if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
128 char pktextbuf[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES * 2]; |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
129 size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
130 if (pktextsize == crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
131 memcpy(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
132 } else if (pktextsize = 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
133 hex2bin(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
134 } else { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
135 return errorexit("PRIVATE_KEY length"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
136 } |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
137 fclose(pkfile); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
138 } else { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
139 return errorexit("Missing PRIVATE_KEY"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
140 } |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
141 crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey); |
| 0 | 142 |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
143 memset(d->cenonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
144 memset(d->cdnonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES); |
|
52
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
145 memset(d->cdtailog, 0, 5 * 16); |
| 0 | 146 |
|
19
3400045a57b8
Version 2.1.6, changed sourcecode archive generation, use NaCl version 20110221, do not duplicate NaCl sourcecode, support iproute2 for persistent tunnel creation on Debian, support running as root on Debian, removed autogenerated header files
Ivo Smits <Ivo@UCIS.nl>
parents:
11
diff
changeset
|
147 crypto_scalarmult_curve25519_base(cownpublickey, csecretkey); |
| 0 | 148 |
|
32
51c6d2fc712f
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
Ivo Smits <Ivo@UCIS.nl>
parents:
30
diff
changeset
|
149 if (envval = getconf("TIME_WINDOW")) { |
|
52
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
150 struct packedtaia* tailog = d->cdtailog; |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
151 taia_now_packed((unsigned char*)&tailog[0], -atol(envval)); |
|
3115f8af98bb
Added support for libsodium, fixed bug in USE_PI compatibility mode, improved timestamp checking in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
44
diff
changeset
|
152 tailog[4] = tailog[3] = tailog[2] = tailog[1] = tailog[0]; |
| 0 | 153 } else { |
| 4 | 154 fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n"); |
| 0 | 155 } |
|
43
4adbd9b67fe2
Fix nonce calculation when both sides use the same key in nacltai and salty protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
41
diff
changeset
|
156 int role = memcmp(cownpublickey, cpublickey, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); |
|
4adbd9b67fe2
Fix nonce calculation when both sides use the same key in nacltai and salty protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
41
diff
changeset
|
157 if (envval = getconf("ROLE")) role = atoi(envval) ? 1 : -1; |
|
4adbd9b67fe2
Fix nonce calculation when both sides use the same key in nacltai and salty protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
41
diff
changeset
|
158 role = (role == 0) ? 0 : ((role > 0) ? 1 : 2); |
|
4adbd9b67fe2
Fix nonce calculation when both sides use the same key in nacltai and salty protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
41
diff
changeset
|
159 d->cenonce[nonceoffset-1] = role & 1; |
|
4adbd9b67fe2
Fix nonce calculation when both sides use the same key in nacltai and salty protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
41
diff
changeset
|
160 d->cdnonce[nonceoffset-1] = (role >> 1) & 1; |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
161 return 0; |
| 0 | 162 } |
| 163 | |
|
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
164 struct qtproto qtproto_nacltai = { |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
165 1, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
166 MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
167 MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
168 crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
169 crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
170 encode, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
171 decode, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
172 init, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
173 sizeof(struct qt_proto_data_nacltai), |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
174 }; |
| 0 | 175 |
| 176 #ifndef COMBINED_BINARY | |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
37
diff
changeset
|
177 int main(int argc, char** argv) { |
| 0 | 178 print_header(); |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
37
diff
changeset
|
179 if (qtprocessargs(argc, argv) < 0) return -1; |
|
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
180 return qtrun(&qtproto_nacltai); |
| 0 | 181 } |
| 182 #endif |