annotate src/proto.nacltai.c @ 10:1e4ba8d8ffc2

Use strncat, fixed nacltai timestamp check
author Ivo Smits <Ivo@UCIS.nl>
date Sat, 04 Dec 2010 03:01:46 +0100
parents cf9b44b46be5
children 5be1ecb80cc9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
1 /* Copyright 2010 Ivo Smits <Ivo@UCIS.nl>. All rights reserved.
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
2 Redistribution and use in source and binary forms, with or without modification, are
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
3 permitted provided that the following conditions are met:
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
4
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
5 1. Redistributions of source code must retain the above copyright notice, this list of
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
6 conditions and the following disclaimer.
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
7
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
8 2. Redistributions in binary form must reproduce the above copyright notice, this list
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
9 of conditions and the following disclaimer in the documentation and/or other materials
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
10 provided with the distribution.
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
11
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
12 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
13 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
14 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
15 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
16 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
17 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
18 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
19 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
20 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
21
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
22 The views and conclusions contained in the software and documentation are those of the
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
23 authors and should not be interpreted as representing official policies, either expressed
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
24 or implied, of Ivo Smits.*/
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
25
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
26 #include "common.c"
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
27 #include "crypto_box.h"
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
28 #include <sys/types.h>
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
29 #include <sys/time.h>
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
30
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
31 #define uint64 unsigned long long //typedef unsigned long long uint64;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
32
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
33 struct tai {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
34 uint64 x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
35 };
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
36 struct taia {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
37 struct tai sec;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
38 unsigned long nano; /* 0...999999999 */
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
39 unsigned long atto; /* 0...999999999 */
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
40 };
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
41
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
42 struct qt_proto_data_nacltai {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
43 unsigned char cenonce[crypto_box_NONCEBYTES], cdnonce[crypto_box_NONCEBYTES];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
44 unsigned char cbefore[crypto_box_BEFORENMBYTES];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
45 struct taia cdtaip, cdtaic;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
46 };
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
47
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
48 #define noncelength 16
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
49 #define nonceoffset (crypto_box_NONCEBYTES - noncelength)
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
50 /*static unsigned char cbefore[crypto_box_BEFORENMBYTES];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
51 static unsigned char buffer1[MAX_PACKET_LEN+crypto_box_ZEROBYTES], buffer2[MAX_PACKET_LEN+crypto_box_ZEROBYTES];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
52 static const unsigned char* buffer1offset = buffer1 + crypto_box_ZEROBYTES;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
53 static const unsigned char* buffer2offset = buffer2 + crypto_box_BOXZEROBYTES - noncelength;*/
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
54 static const int overhead = crypto_box_BOXZEROBYTES + noncelength;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
55
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
56 void tai_pack(char *s, struct tai *t) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
57 uint64 x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
58 x = t->x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
59 s[7] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
60 s[6] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
61 s[5] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
62 s[4] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
63 s[3] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
64 s[2] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
65 s[1] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
66 s[0] = x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
67 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
68 void tai_unpack(char *s, struct tai *t) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
69 uint64 x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
70 x = (unsigned char) s[0];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
71 x <<= 8; x += (unsigned char) s[1];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
72 x <<= 8; x += (unsigned char) s[2];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
73 x <<= 8; x += (unsigned char) s[3];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
74 x <<= 8; x += (unsigned char) s[4];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
75 x <<= 8; x += (unsigned char) s[5];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
76 x <<= 8; x += (unsigned char) s[6];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
77 x <<= 8; x += (unsigned char) s[7];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
78 t->x = x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
79 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
80 void taia_pack(char *s, struct taia *t) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
81 unsigned long x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
82 tai_pack(s,&t->sec);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
83 s += 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
84 x = t->atto;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
85 s[7] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
86 s[6] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
87 s[5] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
88 s[4] = x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
89 x = t->nano;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
90 s[3] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
91 s[2] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
92 s[1] = x & 255; x >>= 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
93 s[0] = x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
94 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
95 void taia_unpack(char *s, struct taia *t) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
96 unsigned long x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
97 tai_unpack(s,&t->sec);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
98 s += 8;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
99 x = (unsigned char) s[4];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
100 x <<= 8; x += (unsigned char) s[5];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
101 x <<= 8; x += (unsigned char) s[6];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
102 x <<= 8; x += (unsigned char) s[7];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
103 t->atto = x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
104 x = (unsigned char) s[0];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
105 x <<= 8; x += (unsigned char) s[1];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
106 x <<= 8; x += (unsigned char) s[2];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
107 x <<= 8; x += (unsigned char) s[3];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
108 t->nano = x;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
109 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
110
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
111 void taia_now(struct taia *t) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
112 struct timeval now;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
113 gettimeofday(&now,(struct timezone *) 0);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
114 t->sec.x = 4611686018427387914ULL + (uint64) now.tv_sec;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
115 t->nano = 1000 * now.tv_usec + 500;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
116 t->atto = 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
117 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
118
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
119 extern crypto_scalarmult_curve25519_base(unsigned char *pk, unsigned char *sk);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
120
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
121 static int encode(struct qtsession* sess, char* raw, char* enc, int len) {
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
122 fprintf(stderr, "Encoding packet of %d bytes from %d to %d\n", len, raw, enc);
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
123 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
124 memset(raw, 0, crypto_box_ZEROBYTES);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
125 taia_now(&d->cdtaic);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
126 taia_pack(d->cenonce + nonceoffset, &(d->cdtaic));
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
127 if (crypto_box_afternm(enc, raw, len + crypto_box_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Crypto failed");
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
128 memcpy((void*)(enc + crypto_box_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
129 len += overhead;
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
130 fprintf(stderr, "Encoded packet of %d bytes from %d to %d\n", len, raw, enc);
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
131 return len;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
132 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
133
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
134 static int decode(struct qtsession* sess, char* enc, char* raw, int len) {
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
135 fprintf(stderr, "Decoding packet of %d bytes from %d to %d\n", len, enc, raw);
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
136 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
137 int i;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
138 if (len < overhead) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
139 fprintf(stderr, "Short packet received: %d\n", len);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
140 return 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
141 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
142 len -= overhead;
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
143 taia_unpack((char*)(enc + crypto_box_BOXZEROBYTES - noncelength), &d->cdtaic);
10
1e4ba8d8ffc2 Use strncat, fixed nacltai timestamp check
Ivo Smits <Ivo@UCIS.nl>
parents: 6
diff changeset
144 if (d->cdtaic.sec.x <= d->cdtaip.sec.x && d->cdtaic.nano <= d->cdtaip.nano && d->cdtaic.atto <= d->cdtaip.atto) {
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
145 fprintf(stderr, "Timestamp going back, ignoring packet\n");
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
146 return 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
147 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
148 memcpy(d->cdnonce + nonceoffset, enc + crypto_box_BOXZEROBYTES - noncelength, noncelength);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
149 memset(enc, 0, crypto_box_BOXZEROBYTES);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
150 if (i = crypto_box_open_afternm(raw, enc, len + crypto_box_ZEROBYTES, d->cdnonce, d->cbefore)) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
151 fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
152 return 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
153 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
154 d->cdtaip = d->cdtaic;
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
155 fprintf(stderr, "Decoded packet of %d bytes from %d to %d\n", len, enc, raw);
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
156 return len;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
157 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
158
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
159 static int init(struct qtsession* sess) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
160 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
161 char* envval;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
162 printf("Initializing cryptography...\n");
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
163 unsigned char cownpublickey[crypto_box_PUBLICKEYBYTES], cpublickey[crypto_box_PUBLICKEYBYTES], csecretkey[crypto_box_SECRETKEYBYTES];
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
164 if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY");
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
165 if (strlen(envval) != 2*crypto_box_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length");
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
166 hex2bin(cpublickey, envval, crypto_box_PUBLICKEYBYTES);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
167 if (!(envval = getconf("PRIVATE_KEY"))) return errorexit("Missing PRIVATE_KEY");
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
168 if (strlen(envval) != 2*crypto_box_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length");
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
169 hex2bin(csecretkey, envval, crypto_box_SECRETKEYBYTES);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
170 crypto_box_beforenm(d->cbefore, cpublickey, csecretkey);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
171
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
172 memset(d->cenonce, 0, crypto_box_NONCEBYTES);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
173 memset(d->cdnonce, 0, crypto_box_NONCEBYTES);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
174
4
a989ecbd5f53 Fixed nacltai implementation
ivo <ivo@UFO-Net.nl>
parents: 0
diff changeset
175 const unsigned char base[32] = {9};
a989ecbd5f53 Fixed nacltai implementation
ivo <ivo@UFO-Net.nl>
parents: 0
diff changeset
176 crypto_scalarmult(cownpublickey, csecretkey, base);
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
177
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
178 if (envval = getenv("TIME_WINDOW")) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
179 taia_now(&d->cdtaip);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
180 d->cdtaip.sec.x -= atol(envval);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
181 } else {
4
a989ecbd5f53 Fixed nacltai implementation
ivo <ivo@UFO-Net.nl>
parents: 0
diff changeset
182 fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n");
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
183 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
184 if (envval = getenv("ROLE")) {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
185 d->cenonce[nonceoffset-1] = atoi(envval) ? 1 : 0;
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
186 } else {
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
187 d->cenonce[nonceoffset-1] = memcmp(cownpublickey, cpublickey, crypto_box_PUBLICKEYBYTES) > 0 ? 1 : 0;
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
188 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
189 d->cdnonce[nonceoffset-1] = d->cenonce[nonceoffset-1] ? 0 : 1;
6
cf9b44b46be5 Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents: 4
diff changeset
190 return 0;
0
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
191 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
192
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
193 #ifdef COMBINED_BINARY
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
194 int tunmain_nacltai() {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
195 #else
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
196 int tunmain() {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
197 #endif
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
198 struct qtproto p = {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
199 1,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
200 MAX_PACKET_LEN + crypto_box_ZEROBYTES,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
201 MAX_PACKET_LEN + crypto_box_ZEROBYTES,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
202 crypto_box_ZEROBYTES,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
203 crypto_box_BOXZEROBYTES - noncelength,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
204 encode,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
205 decode,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
206 init,
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
207 sizeof(struct qt_proto_data_nacltai),
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
208 };
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
209 return qtrun(&p);
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
210 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
211
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
212 #ifndef COMBINED_BINARY
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
213 int main() {
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
214 print_header();
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
215 return tunmain();
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
216 }
65c01f57bdce Initial commit
ivo <ivo@UFO-Net.nl>
parents:
diff changeset
217 #endif