Mercurial > hg > quicktun
annotate src/proto.nacltai.c @ 41:54d28a81ca99
Small updates in preparation for stateful protocols
| author | Ivo Smits <Ivo@UCIS.nl> |
|---|---|
| date | Thu, 16 May 2013 01:15:01 +0200 |
| parents | d9f5caa13898 |
| children | 4adbd9b67fe2 |
| rev | line source |
|---|---|
| 0 | 1 /* Copyright 2010 Ivo Smits <Ivo@UCIS.nl>. All rights reserved. |
| 2 Redistribution and use in source and binary forms, with or without modification, are | |
| 3 permitted provided that the following conditions are met: | |
| 4 | |
| 5 1. Redistributions of source code must retain the above copyright notice, this list of | |
| 6 conditions and the following disclaimer. | |
| 7 | |
| 8 2. Redistributions in binary form must reproduce the above copyright notice, this list | |
| 9 of conditions and the following disclaimer in the documentation and/or other materials | |
| 10 provided with the distribution. | |
| 11 | |
| 12 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED | |
| 13 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | |
| 14 FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR | |
| 15 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | |
| 16 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| 17 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON | |
| 18 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
| 19 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | |
| 20 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
| 21 | |
| 22 The views and conclusions contained in the software and documentation are those of the | |
| 23 authors and should not be interpreted as representing official policies, either expressed | |
| 24 or implied, of Ivo Smits.*/ | |
| 25 | |
| 26 #include "common.c" | |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
27 #include "crypto_box_curve25519xsalsa20poly1305.h" |
|
19
3400045a57b8
Version 2.1.6, changed sourcecode archive generation, use NaCl version 20110221, do not duplicate NaCl sourcecode, support iproute2 for persistent tunnel creation on Debian, support running as root on Debian, removed autogenerated header files
Ivo Smits <Ivo@UCIS.nl>
parents:
11
diff
changeset
|
28 #include "crypto_scalarmult_curve25519.h" |
| 0 | 29 #include <sys/types.h> |
| 30 #include <sys/time.h> | |
| 31 | |
| 32 #define uint64 unsigned long long //typedef unsigned long long uint64; | |
| 33 | |
| 34 struct tai { | |
| 35 uint64 x; | |
| 36 }; | |
| 37 struct taia { | |
| 38 struct tai sec; | |
| 39 unsigned long nano; /* 0...999999999 */ | |
| 40 unsigned long atto; /* 0...999999999 */ | |
| 41 }; | |
| 42 | |
| 43 struct qt_proto_data_nacltai { | |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
44 unsigned char cenonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES], cdnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES]; |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
45 unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; |
|
26
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
46 struct taia cdtaip, cdtaie; |
| 0 | 47 }; |
| 48 | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
49 #define noncelength 16 |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
50 #define nonceoffset (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES - noncelength) |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
51 /*static unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES]; |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
52 static unsigned char buffer1[MAX_PACKET_LEN+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES], buffer2[MAX_PACKET_LEN+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES]; |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
53 static const unsigned char* buffer1offset = buffer1 + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES; |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
54 static const unsigned char* buffer2offset = buffer2 + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength;*/ |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
55 static const int overhead = crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES + noncelength; |
| 0 | 56 |
| 57 void tai_pack(char *s, struct tai *t) { | |
| 58 uint64 x; | |
| 59 x = t->x; | |
| 60 s[7] = x & 255; x >>= 8; | |
| 61 s[6] = x & 255; x >>= 8; | |
| 62 s[5] = x & 255; x >>= 8; | |
| 63 s[4] = x & 255; x >>= 8; | |
| 64 s[3] = x & 255; x >>= 8; | |
| 65 s[2] = x & 255; x >>= 8; | |
| 66 s[1] = x & 255; x >>= 8; | |
| 67 s[0] = x; | |
| 68 } | |
| 69 void tai_unpack(char *s, struct tai *t) { | |
| 70 uint64 x; | |
| 71 x = (unsigned char) s[0]; | |
| 72 x <<= 8; x += (unsigned char) s[1]; | |
| 73 x <<= 8; x += (unsigned char) s[2]; | |
| 74 x <<= 8; x += (unsigned char) s[3]; | |
| 75 x <<= 8; x += (unsigned char) s[4]; | |
| 76 x <<= 8; x += (unsigned char) s[5]; | |
| 77 x <<= 8; x += (unsigned char) s[6]; | |
| 78 x <<= 8; x += (unsigned char) s[7]; | |
| 79 t->x = x; | |
| 80 } | |
| 81 void taia_pack(char *s, struct taia *t) { | |
| 82 unsigned long x; | |
| 83 tai_pack(s,&t->sec); | |
| 84 s += 8; | |
| 85 x = t->atto; | |
| 86 s[7] = x & 255; x >>= 8; | |
| 87 s[6] = x & 255; x >>= 8; | |
| 88 s[5] = x & 255; x >>= 8; | |
| 89 s[4] = x; | |
| 90 x = t->nano; | |
| 91 s[3] = x & 255; x >>= 8; | |
| 92 s[2] = x & 255; x >>= 8; | |
| 93 s[1] = x & 255; x >>= 8; | |
| 94 s[0] = x; | |
| 95 } | |
| 96 void taia_unpack(char *s, struct taia *t) { | |
| 97 unsigned long x; | |
| 98 tai_unpack(s,&t->sec); | |
| 99 s += 8; | |
| 100 x = (unsigned char) s[4]; | |
| 101 x <<= 8; x += (unsigned char) s[5]; | |
| 102 x <<= 8; x += (unsigned char) s[6]; | |
| 103 x <<= 8; x += (unsigned char) s[7]; | |
| 104 t->atto = x; | |
| 105 x = (unsigned char) s[0]; | |
| 106 x <<= 8; x += (unsigned char) s[1]; | |
| 107 x <<= 8; x += (unsigned char) s[2]; | |
| 108 x <<= 8; x += (unsigned char) s[3]; | |
| 109 t->nano = x; | |
| 110 } | |
| 111 | |
| 112 void taia_now(struct taia *t) { | |
| 113 struct timeval now; | |
| 114 gettimeofday(&now,(struct timezone *) 0); | |
| 115 t->sec.x = 4611686018427387914ULL + (uint64) now.tv_sec; | |
| 116 t->nano = 1000 * now.tv_usec + 500; | |
|
26
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
117 t->atto++; |
| 0 | 118 } |
| 119 | |
| 120 static int encode(struct qtsession* sess, char* raw, char* enc, int len) { | |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
121 if (debug) fprintf(stderr, "Encoding packet of %d bytes from %p to %p\n", len, raw, enc); |
| 0 | 122 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
123 memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES); |
|
26
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
124 taia_now(&d->cdtaie); |
|
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
125 taia_pack(d->cenonce + nonceoffset, &(d->cdtaie)); |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
126 if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed"); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
127 memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength); |
| 0 | 128 len += overhead; |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
129 if (debug) fprintf(stderr, "Encoded packet of %d bytes from %p to %p\n", len, raw, enc); |
| 0 | 130 return len; |
| 131 } | |
| 132 | |
| 133 static int decode(struct qtsession* sess, char* enc, char* raw, int len) { | |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
134 if (debug) fprintf(stderr, "Decoding packet of %d bytes from %p to %p\n", len, enc, raw); |
| 0 | 135 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; |
|
26
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
136 struct taia cdtaic; |
| 0 | 137 int i; |
| 138 if (len < overhead) { | |
| 139 fprintf(stderr, "Short packet received: %d\n", len); | |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
140 return -1; |
| 0 | 141 } |
| 142 len -= overhead; | |
|
26
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
143 taia_unpack((char*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), &cdtaic); |
|
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
144 if (cdtaic.sec.x <= d->cdtaip.sec.x && cdtaic.nano <= d->cdtaip.nano && cdtaic.atto <= d->cdtaip.atto) { |
| 0 | 145 fprintf(stderr, "Timestamp going back, ignoring packet\n"); |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
146 return -1; |
| 0 | 147 } |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
148 memcpy(d->cdnonce + nonceoffset, enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength, noncelength); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
149 memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
150 if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) { |
| 0 | 151 fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i); |
|
41
54d28a81ca99
Small updates in preparation for stateful protocols
Ivo Smits <Ivo@UCIS.nl>
parents:
38
diff
changeset
|
152 return -1; |
| 0 | 153 } |
|
26
68c67c6d2080
Version 2.1.7: fixed possible duplicate encryption nonce at high packet rates in nacltai protocol
Ivo Smits <Ivo@UCIS.nl>
parents:
25
diff
changeset
|
154 d->cdtaip = cdtaic; |
|
30
6f0e6b7dc088
Fixed build script to support multiple abis on one machine, bugfix in code, minor improvements
Ivo Smits <Ivo@UCIS.nl>
parents:
27
diff
changeset
|
155 if (debug) fprintf(stderr, "Decoded packet of %d bytes from %p to %p\n", len, enc, raw); |
| 0 | 156 return len; |
| 157 } | |
| 158 | |
| 159 static int init(struct qtsession* sess) { | |
| 160 struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data; | |
| 161 char* envval; | |
| 162 printf("Initializing cryptography...\n"); | |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
163 unsigned char cownpublickey[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES], cpublickey[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES], csecretkey[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES]; |
| 0 | 164 if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY"); |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
165 if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length"); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
166 hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES); |
|
37
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
167 if (envval = getconf("PRIVATE_KEY")) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
168 if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
169 hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
170 } else if (envval = getconf("PRIVATE_KEY_FILE")) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
171 FILE* pkfile = fopen(envval, "rb"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
172 if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
173 char pktextbuf[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES * 2]; |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
174 size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
175 if (pktextsize == crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
176 memcpy(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
177 } else if (pktextsize = 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
178 hex2bin(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
179 } else { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
180 return errorexit("PRIVATE_KEY length"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
181 } |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
182 fclose(pkfile); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
183 } else { |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
184 return errorexit("Missing PRIVATE_KEY"); |
|
bb4bbf380938
Added option PRIVATE_KEY_FILE to read private key from file
Ivo Smits <Ivo@UCIS.nl>
parents:
32
diff
changeset
|
185 } |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
186 crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey); |
| 0 | 187 |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
188 memset(d->cenonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES); |
|
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
189 memset(d->cdnonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES); |
| 0 | 190 |
|
19
3400045a57b8
Version 2.1.6, changed sourcecode archive generation, use NaCl version 20110221, do not duplicate NaCl sourcecode, support iproute2 for persistent tunnel creation on Debian, support running as root on Debian, removed autogenerated header files
Ivo Smits <Ivo@UCIS.nl>
parents:
11
diff
changeset
|
191 crypto_scalarmult_curve25519_base(cownpublickey, csecretkey); |
| 0 | 192 |
|
32
51c6d2fc712f
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
Ivo Smits <Ivo@UCIS.nl>
parents:
30
diff
changeset
|
193 if (envval = getconf("TIME_WINDOW")) { |
| 0 | 194 taia_now(&d->cdtaip); |
| 195 d->cdtaip.sec.x -= atol(envval); | |
| 196 } else { | |
| 4 | 197 fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n"); |
| 0 | 198 } |
|
32
51c6d2fc712f
Fixes contributed by Daniel Dickinson <daniel@cshore.neomailbox.net>
Ivo Smits <Ivo@UCIS.nl>
parents:
30
diff
changeset
|
199 if (envval = getconf("ROLE")) { |
| 0 | 200 d->cenonce[nonceoffset-1] = atoi(envval) ? 1 : 0; |
| 201 } else { | |
|
24
dfac56805c77
Fixed support for shared NaCl library, explicitly refer to cryptographic primitives
Ivo Smits <Ivo@UCIS.nl>
parents:
22
diff
changeset
|
202 d->cenonce[nonceoffset-1] = memcmp(cownpublickey, cpublickey, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) > 0 ? 1 : 0; |
| 0 | 203 } |
| 204 d->cdnonce[nonceoffset-1] = d->cenonce[nonceoffset-1] ? 0 : 1; | |
|
6
cf9b44b46be5
Use stderr for output instead of stdout, added debugging code to nacltai
root <root@Really.UFO-Net.nl>
parents:
4
diff
changeset
|
205 return 0; |
| 0 | 206 } |
| 207 | |
|
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
208 struct qtproto qtproto_nacltai = { |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
209 1, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
210 MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
211 MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
212 crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
213 crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
214 encode, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
215 decode, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
216 init, |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
217 sizeof(struct qt_proto_data_nacltai), |
|
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
218 }; |
| 0 | 219 |
| 220 #ifndef COMBINED_BINARY | |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
37
diff
changeset
|
221 int main(int argc, char** argv) { |
| 0 | 222 print_header(); |
|
38
d9f5caa13898
Added support for NetBSD, added command line parsing to provide configuration options
Ivo Smits <Ivo@UCIS.nl>
parents:
37
diff
changeset
|
223 if (qtprocessargs(argc, argv) < 0) return -1; |
|
27
5ba185ca7102
Fixed error checking during initialization, restructured code a bit to make it even simpler
Ivo Smits <Ivo@UCIS.nl>
parents:
26
diff
changeset
|
224 return qtrun(&qtproto_nacltai); |
| 0 | 225 } |
| 226 #endif |