miegl/mud
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add a simple aes256gcm layer

Browse Source
This commit is contained in:
angt
2016-02-03 19:43:17 +01:00
parent 64e768e6e1
commit bfcfd3263e
2 changed files with 79 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
mud.c
View File

@@ -10,6 +10,8 @@
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/time.h> #include <sys/time.h>
#include <sodium.h>
#define MUD_PKT_SIZE (2048u) #define MUD_PKT_SIZE (2048u)
struct path { struct path {
@@ -45,11 +47,16 @@ struct queue {
unsigned char end; unsigned char end;
}; };
struct crypto {
crypto_aead_aes256gcm_state key;
};
struct mud { struct mud {
struct queue tx; struct queue tx;
struct queue rx; struct queue rx;
struct sock *sock; struct sock *sock;
struct path *path; struct path *path;
struct crypto crypto;
}; };
static static
@@ -62,7 +69,7 @@ void mud_write32 (unsigned char *dst, uint32_t src)
} }
static static
uint32_t mud_read32 (unsigned char *src) uint32_t mud_read32 (const unsigned char *src)
{ {
return ((uint32_t)src[0]) return ((uint32_t)src[0])
| ((uint32_t)src[1]<<8) | ((uint32_t)src[1]<<8)
@@ -275,13 +282,18 @@ int mud_bind (struct mud *mud, const char *host, const char *port)
return fd; return fd;
} }
struct mud *mud_create (void) struct mud *mud_create (const unsigned char *key, size_t key_size)
{ {
if (key_size != crypto_aead_aes256gcm_KEYBYTES)
return NULL;
struct mud *mud = calloc(1, sizeof(struct mud)); struct mud *mud = calloc(1, sizeof(struct mud));
if (!mud) if (!mud)
return NULL; return NULL;
crypto_aead_aes256gcm_beforenm(&mud->crypto.key, key);
mud->tx.packet = calloc(256, sizeof(struct packet)); mud->tx.packet = calloc(256, sizeof(struct packet));
mud->rx.packet = calloc(256, sizeof(struct packet)); mud->rx.packet = calloc(256, sizeof(struct packet));
@@ -320,6 +332,58 @@ void mud_delete (struct mud *mud)
free(mud); free(mud);
} }
static
int mud_encrypt (struct mud *mud, uint32_t nonce,
unsigned char *dst, size_t dst_size,
const unsigned char *src, size_t src_size)
{
if (!src_size)
return 0;
unsigned char npub[crypto_aead_aes256gcm_NPUBBYTES] = {0};
mud_write32(npub, nonce);
crypto_aead_aes256gcm_encrypt_afternm(
dst+4, NULL,
src, src_size,
NULL, 0,
NULL,
npub,
(const crypto_aead_aes256gcm_state *)&mud->crypto.key);
memcpy(dst, npub, 4);
return src_size+4+crypto_aead_aes256gcm_ABYTES;
}
static
size_t mud_decrypt (struct mud *mud, uint32_t *nonce,
unsigned char *dst, size_t dst_size,
const unsigned char *src, size_t src_size)
{
if (!src_size)
return 0;
unsigned char npub[crypto_aead_aes256gcm_NPUBBYTES] = {0};
memcpy(npub, src, 4);
if (crypto_aead_aes256gcm_decrypt_afternm(
dst, NULL,
NULL,
src+4, src_size-4,
NULL, 0,
npub,
(const crypto_aead_aes256gcm_state *)&mud->crypto.key))
return 0;
if (nonce)
*nonce = mud_read32(src);
return src_size-4-crypto_aead_aes256gcm_ABYTES;
}
int mud_pull (struct mud *mud) int mud_pull (struct mud *mud)
{ {
uint32_t now = mud_now(); uint32_t now = mud_now();
@@ -389,7 +453,7 @@ int mud_pull (struct mud *mud)
ssize_t mud_recv (struct mud *mud, void *data, size_t size) ssize_t mud_recv (struct mud *mud, void *data, size_t size)
{ {
if (size+4 < MUD_PKT_SIZE) { if (size+4+crypto_aead_aes256gcm_ABYTES < MUD_PKT_SIZE) {
errno = EMSGSIZE; errno = EMSGSIZE;
return -1; return -1;
} }
@@ -401,10 +465,13 @@ ssize_t mud_recv (struct mud *mud, void *data, size_t size)
struct packet *packet = &mud->rx.packet[mud->rx.start]; struct packet *packet = &mud->rx.packet[mud->rx.start];
memcpy(data, &packet->data[4], packet->size-4); ssize_t ret = mud_decrypt(mud, NULL,
data, size,
packet->data, packet->size);
mud->rx.start++; mud->rx.start++;
return packet->size-4; return ret;
} }
int mud_push (struct mud *mud) int mud_push (struct mud *mud)
@@ -447,7 +514,7 @@ int mud_push (struct mud *mud)
ssize_t mud_send (struct mud *mud, const void *data, size_t size) ssize_t mud_send (struct mud *mud, const void *data, size_t size)
{ {
if (size+4 > MUD_PKT_SIZE) { if (size+4+crypto_aead_aes256gcm_ABYTES > MUD_PKT_SIZE) {
errno = EMSGSIZE; errno = EMSGSIZE;
return -1; return -1;
} }
@@ -468,9 +535,10 @@ ssize_t mud_send (struct mud *mud, const void *data, size_t size)
struct packet *packet = &mud->tx.packet[mud->tx.end]; struct packet *packet = &mud->tx.packet[mud->tx.end];
mud_write32(packet->data, now); packet->size = mud_encrypt(mud, now,
memcpy(&packet->data[4], data, size); packet->data, sizeof(packet->data),
packet->size = size+4; data, size);
// packet->time = now; // packet->time = now;
mud->tx.end = next; mud->tx.end = next;

2
mud.h
View File

@@ -4,7 +4,7 @@
struct mud; struct mud;
struct mud *mud_create (void); struct mud *mud_create (const unsigned char *, size_t);
void mud_delete (struct mud *); void mud_delete (struct mud *);
int mud_bind (struct mud *, const char *, const char *); int mud_bind (struct mud *, const char *, const char *);