Mercurial > hg > quicktun
annotate src/proto.nacltai.c @ 10:1e4ba8d8ffc2
Use strncat, fixed nacltai timestamp check
| author | Ivo Smits <Ivo@UCIS.nl> |
|---|---|
| date | Sat, 04 Dec 2010 03:01:46 +0100 |
| parents | cf9b44b46be5 |
| children | 5be1ecb80cc9 |
| rev | line source |
|---|---|
| 0 | 1 /* Copyright 2010 Ivo Smits <Ivo@UCIS.nl>. All rights reserved. |
| 2 Redistribution and use in source and binary forms, with or without modification, are | |
| 3 permitted provided that the following conditions are met: | |
| 4 | |
| 5 1. Redistributions of source code must retain the above copyright notice, this list of | |
| 6 conditions and the following disclaimer. | |
| 7 | |
| 8 2. Redistributions in binary form must reproduce the above copyright notice, this list | |
| 9 of conditions and the following disclaimer in the documentation and/or other materials | |
| 10 provided with the distribution. | |
| 11 | |
| 12 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED | |
| 13 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | |
| 14 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR | |
| 15 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 16 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| 17 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON | |
| 18 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
| 19 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | |
| 20 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 21 | |
| 22 The views and conclusions contained in the software and documentation are those of the | |
| 23 authors and should not be interpreted as representing official policies, either expressed | |
| 24 or implied, of Ivo Smits.*/ | |
| 25 | |
| 26 #include "common.c" | |
| 27 #include "crypto_box.h" | |
| 28 #include <sys/types.h> | |
| 29 #include <sys/time.h> | |
| 30 | |
| 31 #define uint64 unsigned long long //typedef unsigned long long uint64; | |
| 32 | |
| 33 struct tai { | |
| 34 uint64 x; | |
| 35 }; | |
| 36 struct taia { | |
| 37 struct tai sec; | |
| 38 unsigned long nano; /* 0...999999999 */ | |
| 39 unsigned long atto; /* 0...999999999 */ | |
| 40 }; | |
| 41 | |
| 42 struct qt_proto_data_nacltai { | |
| 43 unsigned char cenonce[crypto_box_NONCEBYTES], cdnonce[crypto_box_NONCEBYTES]; | |
| 44 unsigned char cbefore[crypto_box_BEFORENMBYTES]; | |
| 45 struct taia cdtaip, cdtaic; | |
| 46 }; | |
| 47 | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
48 #define noncelength 16 |
| 0 | 49 #define nonceoffset (crypto_box_NONCEBYTES - noncelength) |
| 50 /*static unsigned char cbefore[crypto_box_BEFORENMBYTES]; | |
| 51 static unsigned char buffer1[MAX_PACKET_LEN+crypto_box_ZEROBYTES], buffer2[MAX_PACKET_LEN+crypto_box_ZEROBYTES]; | |
| 52 static const unsigned char* buffer1offset = buffer1 + crypto_box_ZEROBYTES; | |
| 53 static const unsigned char* buffer2offset = buffer2 + crypto_box_BOXZEROBYTES - noncelength;*/ | |
| 54 static const int overhead = crypto_box_BOXZEROBYTES + noncelength; | |
| 55 | |
| 56 void tai_pack(char *s, struct tai *t) { | |
| 57 uint64 x; | |
| 58 x = t->x; | |
| 59 s[7] = x & 255; x >>= 8; | |
| 60 s[6] = x & 255; x >>= 8; | |
| 61 s[5] = x & 255; x >>= 8; | |
| 62 s[4] = x & 255; x >>= 8; | |
| 63 s[3] = x & 255; x >>= 8; | |
| 64 s[2] = x & 255; x >>= 8; | |
| 65 s[1] = x & 255; x >>= 8; | |
| 66 s[0] = x; | |
| 67 } | |
| 68 void tai_unpack(char *s, struct tai *t) { | |
| 69 uint64 x; | |
| 70 x = (unsigned char) s[0]; | |
| 71 x <<= 8; x += (unsigned char) s[1]; | |
| 72 x <<= 8; x += (unsigned char) s[2]; | |
| 73 x <<= 8; x += (unsigned char) s[3]; | |
| 74 x <<= 8; x += (unsigned char) s[4]; | |
| 75 x <<= 8; x += (unsigned char) s[5]; | |
| 76 x <<= 8; x += (unsigned char) s[6]; | |
| 77 x <<= 8; x += (unsigned char) s[7]; | |
| 78 t->x = x; | |
| 79 } | |
| 80 void taia_pack(char *s, struct taia *t) { | |
| 81 unsigned long x; | |
| 82 tai_pack(s,&t->sec); | |
| 83 s += 8; | |
| 84 x = t->atto; | |
| 85 s[7] = x & 255; x >>= 8; | |
| 86 s[6] = x & 255; x >>= 8; | |
| 87 s[5] = x & 255; x >>= 8; | |
| 88 s[4] = x; | |
| 89 x = t->nano; | |
| 90 s[3] = x & 255; x >>= 8; | |
| 91 s[2] = x & 255; x >>= 8; | |
| 92 s[1] = x & 255; x >>= 8; | |
| 93 s[0] = x; | |
| 94 } | |
| 95 void taia_unpack(char *s, struct taia *t) { | |
| 96 unsigned long x; | |
| 97 tai_unpack(s,&t->sec); | |
| 98 s += 8; | |
| 99 x = (unsigned char) s[4]; | |
| 100 x <<= 8; x += (unsigned char) s[5]; | |
| 101 x <<= 8; x += (unsigned char) s[6]; | |
| 102 x <<= 8; x += (unsigned char) s[7]; | |
| 103 t->atto = x; | |
| 104 x = (unsigned char) s[0]; | |
| 105 x <<= 8; x += (unsigned char) s[1]; | |
| 106 x <<= 8; x += (unsigned char) s[2]; | |
| 107 x <<= 8; x += (unsigned char) s[3]; | |
| 108 t->nano = x; | |
| 109 } | |
| 110 | |
| 111 void taia_now(struct taia *t) { | |
| 112 struct timeval now; | |
| 113 gettimeofday(&now,(struct timezone *) 0); | |
| 114 t->sec.x = 4611686018427387914ULL + (uint64) now.tv_sec; | |
| 115 t->nano = 1000 * now.tv_usec + 500; | |
| 116 t->atto = 0; | |
| 117 } | |
| 118 | |
| 119 extern crypto_scalarmult_curve25519_base(unsigned char *pk, unsigned char *sk); | |
| 120 | |
| 121 static int encode(struct qtsession* sess, char* raw, char* enc, int len) { | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
122 fprintf(stderr, "Encoding packet of %d bytes from %d to %d\n", len, raw, enc); |
| 0 | 123 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
| 124 memset(raw, 0, crypto_box_ZEROBYTES); | |
| 125 taia_now(&d->cdtaic); | |
| 126 taia_pack(d->cenonce + nonceoffset, &(d->cdtaic)); | |
| 127 if (crypto_box_afternm(enc, raw, len + crypto_box_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Crypto failed"); | |
| 128 memcpy((void*)(enc + crypto_box_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength); | |
| 129 len += overhead; | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
130 fprintf(stderr, "Encoded packet of %d bytes from %d to %d\n", len, raw, enc); |
| 0 | 131 return len; |
| 132 } | |
| 133 | |
| 134 static int decode(struct qtsession* sess, char* enc, char* raw, int len) { | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
135 fprintf(stderr, "Decoding packet of %d bytes from %d to %d\n", len, enc, raw); |
| 0 | 136 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
| 137 int i; | |
| 138 if (len < overhead) { | |
| 139 fprintf(stderr, "Short packet received: %d\n", len); | |
| 140 return 0; | |
| 141 } | |
| 142 len -= overhead; | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
143 taia_unpack((char*)(enc + crypto_box_BOXZEROBYTES - noncelength), &d->cdtaic); |
|
10
1e4ba8d8ffc2
Use strncat, fixed nacltai timestamp check
Ivo Smits <Ivo@UCIS.nl>
parents:
6
diff
changeset
|
144 if (d->cdtaic.sec.x <= d->cdtaip.sec.x && d->cdtaic.nano <= d->cdtaip.nano && d->cdtaic.atto <= d->cdtaip.atto) { |
| 0 | 145 fprintf(stderr, "Timestamp going back, ignoring packet\n"); |
| 146 return 0; | |
| 147 } | |
| 148 memcpy(d->cdnonce + nonceoffset, enc + crypto_box_BOXZEROBYTES - noncelength, noncelength); | |
| 149 memset(enc, 0, crypto_box_BOXZEROBYTES); | |
| 150 if (i = crypto_box_open_afternm(raw, enc, len + crypto_box_ZEROBYTES, d->cdnonce, d->cbefore)) { | |
| 151 fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); | |
| 152 return 0; | |
| 153 } | |
| 154 d->cdtaip = d->cdtaic; | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
155 fprintf(stderr, "Decoded packet of %d bytes from %d to %d\n", len, enc, raw); |
| 0 | 156 return len; |
| 157 } | |
| 158 | |
| 159 static int init(struct qtsession* sess) { | |
| 160 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; | |
| 161 char* envval; | |
| 162 printf("Initializing cryptography...\n"); | |
| 163 unsigned char cownpublickey[crypto_box_PUBLICKEYBYTES], cpublickey[crypto_box_PUBLICKEYBYTES], csecretkey[crypto_box_SECRETKEYBYTES]; | |
| 164 if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY"); | |
| 165 if (strlen(envval) != 2*crypto_box_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length"); | |
| 166 hex2bin(cpublickey, envval, crypto_box_PUBLICKEYBYTES); | |
| 167 if (!(envval = getconf("PRIVATE_KEY"))) return errorexit("Missing PRIVATE_KEY"); | |
| 168 if (strlen(envval) != 2*crypto_box_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length"); | |
| 169 hex2bin(csecretkey, envval, crypto_box_SECRETKEYBYTES); | |
| 170 crypto_box_beforenm(d->cbefore, cpublickey, csecretkey); | |
| 171 | |
| 172 memset(d->cenonce, 0, crypto_box_NONCEBYTES); | |
| 173 memset(d->cdnonce, 0, crypto_box_NONCEBYTES); | |
| 174 | |
| 4 | 175 const unsigned char base[32] = {9}; |
| 176 crypto_scalarmult(cownpublickey, csecretkey, base); | |
| 0 | 177 |
| 178 if (envval = getenv("TIME_WINDOW")) { | |
| 179 taia_now(&d->cdtaip); | |
| 180 d->cdtaip.sec.x -= atol(envval); | |
| 181 } else { | |
| 4 | 182 fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n"); |
| 0 | 183 } |
| 184 if (envval = getenv("ROLE")) { | |
| 185 d->cenonce[nonceoffset-1] = atoi(envval) ? 1 : 0; | |
| 186 } else { | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
187 d->cenonce[nonceoffset-1] = memcmp(cownpublickey, cpublickey, crypto_box_PUBLICKEYBYTES) > 0 ? 1 : 0; |
| 0 | 188 } |
| 189 d->cdnonce[nonceoffset-1] = d->cenonce[nonceoffset-1] ? 0 : 1; | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
190 return 0; |
| 0 | 191 } |
| 192 | |
| 193 #ifdef COMBINED_BINARY | |
| 194 int tunmain_nacltai() { | |
| 195 #else | |
| 196 int tunmain() { | |
| 197 #endif | |
| 198 struct qtproto p = { | |
| 199 1, | |
| 200 MAX_PACKET_LEN + crypto_box_ZEROBYTES, | |
| 201 MAX_PACKET_LEN + crypto_box_ZEROBYTES, | |
| 202 crypto_box_ZEROBYTES, | |
| 203 crypto_box_BOXZEROBYTES - noncelength, | |
| 204 encode, | |
| 205 decode, | |
| 206 init, | |
| 207 sizeof(struct qt_proto_data_nacltai), | |
| 208 }; | |
| 209 return qtrun(&p); | |
| 210 } | |
| 211 | |
| 212 #ifndef COMBINED_BINARY | |
| 213 int main() { | |
| 214 print_header(); | |
| 215 return tunmain(); | |
| 216 } | |
| 217 #endif |