cpp/funstraw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Start of channel_bitrates, start combining server and client common code.

Browse Source
This commit is contained in:
Ian Gulliver
2015-02-07 14:32:53 -08:00
parent 2e9d0b7960
commit 844db000f6
6 changed files with 109 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
auth-client.cc
View File

@@ -1,4 +1,5 @@
#include <getopt.h> #include <getopt.h>
#include <stdlib.h>
#include "crypto.h" #include "crypto.h"
@@ -7,6 +8,7 @@ static const struct option long_options[] = {
{"server_public_key_filename", required_argument, NULL, 'r'}, {"server_public_key_filename", required_argument, NULL, 'r'},
{"server_address", required_argument, NULL, 'a'}, {"server_address", required_argument, NULL, 'a'},
{"server_port", required_argument, NULL, 't'}, {"server_port", required_argument, NULL, 't'},
{"channel_bitrate", required_argument, NULL, 'b'},
}; };
int main(int argc, char *argv[]) { int main(int argc, char *argv[]) {
@@ -15,6 +17,7 @@ int main(int argc, char *argv[]) {
std::string server_public_key_filename; std::string server_public_key_filename;
std::string server_address; std::string server_address;
std::string server_port; std::string server_port;
std::list<uint64_t> channel_bitrates;
{ {
int option, option_index; int option, option_index;
while ((option = getopt_long(argc, argv, "s:", long_options, &option_index)) != -1) { while ((option = getopt_long(argc, argv, "s:", long_options, &option_index)) != -1) {
@@ -34,16 +37,19 @@ int main(int argc, char *argv[]) {
case 't': case 't':
server_port = optarg; server_port = optarg;
break; break;
case 'b':
channel_bitrates.push_back(strtoull(optarg, NULL, 10));
break;
} }
} }
} }
std::string secret_key; std::string secret_key;
CryptoBase::ReadKeyFromFile(secret_key_filename, &secret_key); CryptoUtil::ReadKeyFromFile(secret_key_filename, &secret_key);
std::string server_public_key; std::string server_public_key;
CryptoBase::ReadKeyFromFile(server_public_key_filename, &server_public_key); CryptoUtil::ReadKeyFromFile(server_public_key_filename, &server_public_key);
auto client = CryptoPubClient::FromHostname(server_address, server_port, secret_key, server_public_key); auto client = CryptoPubClient::FromHostname(server_address, server_port, secret_key, server_public_key, channel_bitrates);
client->Loop(); client->Loop();
} }

2
auth-server.cc
View File

@@ -20,7 +20,7 @@ int main(int argc, char *argv[]) {
} }
std::string secret_key; std::string secret_key;
CryptoBase::ReadKeyFromFile(secret_key_filename, &secret_key); CryptoUtil::ReadKeyFromFile(secret_key_filename, &secret_key);
CryptoPubServer server(secret_key); CryptoPubServer server(secret_key);
server.Loop(); server.Loop();

109
crypto.cc
View File

@@ -18,15 +18,18 @@
#define TLV_TYPE_ENCRYPTED_BLOB 0x0000 #define TLV_TYPE_ENCRYPTED_BLOB 0x0000
#define TLV_TYPE_NONCE 0x0001 #define TLV_TYPE_NONCE 0x0001
#define TLV_TYPE_PUBLIC_KEY 0x0002 #define TLV_TYPE_PUBLIC_KEY 0x0002
#define TLV_TYPE_DOWNSTREAM_BITRATE 0x0003
#define TLV_TYPE_ENCRYPTED 0x8000 #define TLV_TYPE_ENCRYPTED 0x8000
#define TLV_TYPE_CLIENT_HANDSHAKE 0x8001 #define TLV_TYPE_CLIENT_HANDSHAKE 0x8001
#define TLV_TYPE_CLIENT_HANDSHAKE_SECURE 0x8002 #define TLV_TYPE_CLIENT_HANDSHAKE_SECURE 0x8002
#define TLV_TYPE_SERVER_HANDSHAKE 0x8003 #define TLV_TYPE_SERVER_HANDSHAKE 0x8003
#define TLV_TYPE_SERVER_HANDSHAKE_SECURE 0x8004 #define TLV_TYPE_SERVER_HANDSHAKE_SECURE 0x8004
#define TLV_TYPE_TUNNEL_REQUEST 0x8005
#define TLV_TYPE_CHANNEL 0x8006
std::string CryptoBase::BinToHex(const std::string& bin) { std::string CryptoUtil::BinToHex(const std::string& bin) {
static const char hex[] = "0123456789abcdef"; static const char hex[] = "0123456789abcdef";
std::string ret; std::string ret;
ret.reserve(bin.length() * 2); ret.reserve(bin.length() * 2);
@@ -37,13 +40,13 @@ std::string CryptoBase::BinToHex(const std::string& bin) {
return ret; return ret;
} }
void CryptoBase::GenKey(std::string* key) { void CryptoUtil::GenKey(std::string* key) {
unsigned char buf[crypto_secretbox_KEYBYTES]; unsigned char buf[crypto_secretbox_KEYBYTES];
randombytes_buf(buf, crypto_secretbox_KEYBYTES); randombytes_buf(buf, crypto_secretbox_KEYBYTES);
key->assign((char*)buf, crypto_secretbox_KEYBYTES); key->assign((char*)buf, crypto_secretbox_KEYBYTES);
} }
void CryptoBase::GenKeyPair(std::string* secret_key, std::string* public_key) { void CryptoUtil::GenKeyPair(std::string* secret_key, std::string* public_key) {
unsigned char public_key_buf[crypto_box_PUBLICKEYBYTES]; unsigned char public_key_buf[crypto_box_PUBLICKEYBYTES];
unsigned char secret_key_buf[crypto_box_PUBLICKEYBYTES]; unsigned char secret_key_buf[crypto_box_PUBLICKEYBYTES];
assert(crypto_box_keypair(public_key_buf, secret_key_buf) == 0); assert(crypto_box_keypair(public_key_buf, secret_key_buf) == 0);
@@ -51,26 +54,26 @@ void CryptoBase::GenKeyPair(std::string* secret_key, std::string* public_key) {
secret_key->assign((char*)secret_key_buf, crypto_box_SECRETKEYBYTES); secret_key->assign((char*)secret_key_buf, crypto_box_SECRETKEYBYTES);
} }
void CryptoBase::DerivePublicKey(const std::string& secret_key, std::string* public_key) { void CryptoUtil::DerivePublicKey(const std::string& secret_key, std::string* public_key) {
assert(secret_key.length() == crypto_box_SECRETKEYBYTES); assert(secret_key.length() == crypto_box_SECRETKEYBYTES);
unsigned char buf[crypto_box_PUBLICKEYBYTES]; unsigned char buf[crypto_box_PUBLICKEYBYTES];
assert(!crypto_scalarmult_base(buf, (const unsigned char*)secret_key.data())); assert(!crypto_scalarmult_base(buf, (const unsigned char*)secret_key.data()));
public_key->assign((char*)buf, crypto_box_PUBLICKEYBYTES); public_key->assign((char*)buf, crypto_box_PUBLICKEYBYTES);
} }
void CryptoBase::ReadKeyFromFile(const std::string& filename, std::string* key) { void CryptoUtil::ReadKeyFromFile(const std::string& filename, std::string* key) {
std::fstream key_file(filename, std::fstream::in); std::fstream key_file(filename, std::fstream::in);
assert(!key_file.fail()); assert(!key_file.fail());
key_file >> *key; key_file >> *key;
} }
void CryptoBase::WriteKeyToFile(const std::string& filename, const std::string& key) { void CryptoUtil::WriteKeyToFile(const std::string& filename, const std::string& key) {
std::fstream key_file(filename, std::fstream::out); std::fstream key_file(filename, std::fstream::out);
assert(!key_file.fail()); assert(!key_file.fail());
key_file << key; key_file << key;
} }
void CryptoBase::EncodeEncryptAppend(const std::string& secret_key, const std::string& public_key, const TLVNode& input, TLVNode* container) { void CryptoUtil::EncodeEncryptAppend(const std::string& secret_key, const std::string& public_key, const TLVNode& input, TLVNode* container) {
assert(secret_key.length() == crypto_box_SECRETKEYBYTES); assert(secret_key.length() == crypto_box_SECRETKEYBYTES);
assert(public_key.length() == crypto_box_PUBLICKEYBYTES); assert(public_key.length() == crypto_box_PUBLICKEYBYTES);
@@ -92,7 +95,7 @@ void CryptoBase::EncodeEncryptAppend(const std::string& secret_key, const std::s
container->AppendChild(encrypted); container->AppendChild(encrypted);
} }
TLVNode* CryptoBase::DecryptDecode(const std::string& secret_key, const std::string& public_key, const TLVNode& input) { TLVNode* CryptoUtil::DecryptDecode(const std::string& secret_key, const std::string& public_key, const TLVNode& input) {
assert(secret_key.length() == crypto_box_SECRETKEYBYTES); assert(secret_key.length() == crypto_box_SECRETKEYBYTES);
assert(public_key.length() == crypto_box_PUBLICKEYBYTES); assert(public_key.length() == crypto_box_PUBLICKEYBYTES);
assert(input.GetType() == TLV_TYPE_ENCRYPTED); assert(input.GetType() == TLV_TYPE_ENCRYPTED);
@@ -110,7 +113,6 @@ TLVNode* CryptoBase::DecryptDecode(const std::string& secret_key, const std::str
unsigned char output[decrypted_bytes]; unsigned char output[decrypted_bytes];
if (crypto_box_open_easy(output, (const unsigned char*)encrypted->GetValue().data(), encrypted->GetValue().length(), (const unsigned char*)nonce->GetValue().data(), (const unsigned char*)public_key.data(), (const unsigned char*)secret_key.data())) { if (crypto_box_open_easy(output, (const unsigned char*)encrypted->GetValue().data(), encrypted->GetValue().length(), (const unsigned char*)nonce->GetValue().data(), (const unsigned char*)public_key.data(), (const unsigned char*)secret_key.data())) {
Log() << "Decryption failure" << std::endl;
return nullptr; return nullptr;
} }
@@ -130,6 +132,11 @@ std::ostream& CryptoBase::LogFatal(void *obj) {
} }
CryptoConnBase::CryptoConnBase(const std::string& secret_key)
: secret_key_(secret_key),
state_(AWAITING_HANDSHAKE) {}
CryptoPubServer::CryptoPubServer(const std::string& secret_key) CryptoPubServer::CryptoPubServer(const std::string& secret_key)
: secret_key_(secret_key), : secret_key_(secret_key),
event_base_(event_base_new()) { event_base_(event_base_new()) {
@@ -175,9 +182,8 @@ void CryptoPubServer::Loop() {
CryptoPubServerConnection::CryptoPubServerConnection(struct bufferevent* bev, const std::string& secret_key) CryptoPubServerConnection::CryptoPubServerConnection(struct bufferevent* bev, const std::string& secret_key)
: bev_(bev), : CryptoConnBase(secret_key),
secret_key_(secret_key), bev_(bev) {
state_(AWAITING_HANDSHAKE) {
} }
CryptoPubServerConnection::~CryptoPubServerConnection() { CryptoPubServerConnection::~CryptoPubServerConnection() {
@@ -211,7 +217,7 @@ void CryptoPubServerConnection::OnReadable() {
return; return;
} }
std::unique_ptr<TLVNode> decrypted(DecryptDecode(ephemeral_secret_key_, client_ephemeral_public_key_, *decoded)); std::unique_ptr<TLVNode> decrypted(CryptoUtil::DecryptDecode(ephemeral_secret_key_, peer_ephemeral_public_key_, *decoded));
if (!decrypted.get()) { if (!decrypted.get()) {
LogFatal() << "Protocol error (decryption failure)" << std::endl; LogFatal() << "Protocol error (decryption failure)" << std::endl;
return; return;
@@ -227,13 +233,13 @@ void CryptoPubServerConnection::OnHandshake(const TLVNode& decoded) {
return; return;
} }
auto client_public_key = decoded.FindChild(TLV_TYPE_PUBLIC_KEY); auto peer_public_key = decoded.FindChild(TLV_TYPE_PUBLIC_KEY);
if (!client_public_key) { if (!peer_public_key) {
LogFatal() << "Protocol error (client handshake -- no public key)" << std::endl; LogFatal() << "Protocol error (client handshake -- no public key)" << std::endl;
return; return;
} }
client_public_key_ = client_public_key->GetValue(); peer_public_key_ = peer_public_key->GetValue();
if (client_public_key_.length() != crypto_box_PUBLICKEYBYTES) { if (peer_public_key_.length() != crypto_box_PUBLICKEYBYTES) {
LogFatal() << "Protocol error (client handshake -- wrong public key length)" << std::endl; LogFatal() << "Protocol error (client handshake -- wrong public key length)" << std::endl;
return; return;
} }
@@ -243,37 +249,41 @@ void CryptoPubServerConnection::OnHandshake(const TLVNode& decoded) {
return; return;
} }
std::unique_ptr<TLVNode> decrypted(DecryptDecode(secret_key_, client_public_key->GetValue(), *encrypted)); std::unique_ptr<TLVNode> decrypted(CryptoUtil::DecryptDecode(secret_key_, peer_public_key_, *encrypted));
if (!decrypted.get()) { if (!decrypted.get()) {
LogFatal() << "Protocol error (client handshake -- decryption failure)" << std::endl; LogFatal() << "Protocol error (client handshake -- decryption failure)" << std::endl;
return; return;
} }
auto client_ephemeral_public_key = decrypted->FindChild(TLV_TYPE_PUBLIC_KEY); auto peer_ephemeral_public_key = decrypted->FindChild(TLV_TYPE_PUBLIC_KEY);
if (!client_ephemeral_public_key) { if (!peer_ephemeral_public_key) {
LogFatal() << "Protocol error (client handshake -- no ephemeral public key)" << std::endl; LogFatal() << "Protocol error (client handshake -- no ephemeral public key)" << std::endl;
return; return;
} }
client_ephemeral_public_key_ = client_ephemeral_public_key->GetValue(); peer_ephemeral_public_key_ = peer_ephemeral_public_key->GetValue();
if (client_ephemeral_public_key_.length() != crypto_box_PUBLICKEYBYTES) { if (peer_ephemeral_public_key_.length() != crypto_box_PUBLICKEYBYTES) {
LogFatal() << "Protocol error (client handshake -- wrong ephemeral public key length)" << std::endl; LogFatal() << "Protocol error (client handshake -- wrong ephemeral public key length)" << std::endl;
return; return;
} }
SendHandshake();
this->state_ = READY;
Log() << "Handshake successful (client ID: " << CryptoUtil::BinToHex(peer_public_key_) << ")" << std::endl;
}
void CryptoPubServerConnection::SendHandshake() {
std::string ephemeral_public_key; std::string ephemeral_public_key;
GenKeyPair(&ephemeral_secret_key_, &ephemeral_public_key); CryptoUtil::GenKeyPair(&ephemeral_secret_key_, &ephemeral_public_key);
TLVNode handshake(TLV_TYPE_SERVER_HANDSHAKE); TLVNode handshake(TLV_TYPE_SERVER_HANDSHAKE);
TLVNode secure_handshake(TLV_TYPE_SERVER_HANDSHAKE_SECURE); TLVNode secure_handshake(TLV_TYPE_SERVER_HANDSHAKE_SECURE);
secure_handshake.AppendChild(new TLVNode(TLV_TYPE_PUBLIC_KEY, ephemeral_public_key)); secure_handshake.AppendChild(new TLVNode(TLV_TYPE_PUBLIC_KEY, ephemeral_public_key));
EncodeEncryptAppend(secret_key_, client_public_key_, secure_handshake, &handshake); CryptoUtil::EncodeEncryptAppend(secret_key_, peer_public_key_, secure_handshake, &handshake);
std::string out; std::string out;
handshake.Encode(&out); handshake.Encode(&out);
bufferevent_write(bev_, out.data(), out.length()); bufferevent_write(bev_, out.data(), out.length());
this->state_ = READY;
Log() << "Handshake successful (client ID: " << BinToHex(client_public_key_) << ")" << std::endl;
} }
void CryptoPubServerConnection::OnError_(struct bufferevent* bev, const short what, void* this__) { void CryptoPubServerConnection::OnError_(struct bufferevent* bev, const short what, void* this__) {
@@ -286,15 +296,14 @@ void CryptoPubServerConnection::OnError(const short what) {
} }
CryptoPubClient::CryptoPubClient(struct sockaddr* addr, socklen_t addrlen, const std::string& secret_key, const std::string& server_public_key) CryptoPubClient::CryptoPubClient(struct sockaddr* addr, socklen_t addrlen, const std::string& secret_key, const std::string& server_public_key, const std::list<uint64_t>& channel_bitrates)
: event_base_(event_base_new()), : CryptoConnBase(secret_key),
event_base_(event_base_new()),
bev_(bufferevent_socket_new(event_base_, -1, BEV_OPT_CLOSE_ON_FREE)), bev_(bufferevent_socket_new(event_base_, -1, BEV_OPT_CLOSE_ON_FREE)),
secret_key_(secret_key), channel_bitrates_(channel_bitrates) {
server_public_key_(server_public_key), peer_public_key_ = server_public_key;
state_(AWAITING_HANDSHAKE) {
assert(secret_key_.length() == crypto_box_SECRETKEYBYTES); assert(secret_key_.length() == crypto_box_SECRETKEYBYTES);
assert(server_public_key_.length() == crypto_box_PUBLICKEYBYTES); assert(peer_public_key_.length() == crypto_box_PUBLICKEYBYTES);
DerivePublicKey(secret_key_, &public_key_);
bufferevent_setcb(bev_, &CryptoPubClient::OnReadable_, NULL, &CryptoPubClient::OnConnectOrError_, this); bufferevent_setcb(bev_, &CryptoPubClient::OnReadable_, NULL, &CryptoPubClient::OnConnectOrError_, this);
bufferevent_enable(bev_, EV_READ); bufferevent_enable(bev_, EV_READ);
@@ -307,14 +316,14 @@ CryptoPubClient::~CryptoPubClient() {
event_base_free(event_base_); event_base_free(event_base_);
} }
CryptoPubClient* CryptoPubClient::FromHostname(const std::string& server_address, const std::string& server_port, const std::string& secret_key, const std::string& server_public_key) { CryptoPubClient* CryptoPubClient::FromHostname(const std::string& server_address, const std::string& server_port, const std::string& secret_key, const std::string& server_public_key, const std::list<uint64_t>& channel_bitrates) {
struct addrinfo* res; struct addrinfo* res;
int gai_ret = getaddrinfo(server_address.c_str(), server_port.c_str(), NULL, &res); int gai_ret = getaddrinfo(server_address.c_str(), server_port.c_str(), NULL, &res);
if (gai_ret) { if (gai_ret) {
std::cerr << "Failed to resolve server_address: " << gai_strerror(gai_ret) << std::endl; std::cerr << "Failed to resolve server_address: " << gai_strerror(gai_ret) << std::endl;
return nullptr; return nullptr;
} }
auto ret = new CryptoPubClient((struct sockaddr*)res->ai_addr, res->ai_addrlen, secret_key, server_public_key); auto ret = new CryptoPubClient((struct sockaddr*)res->ai_addr, res->ai_addrlen, secret_key, server_public_key, channel_bitrates);
freeaddrinfo(res); freeaddrinfo(res);
return ret; return ret;
} }
@@ -345,7 +354,7 @@ void CryptoPubClient::OnReadable() {
return; return;
} }
std::unique_ptr<TLVNode> decrypted(DecryptDecode(ephemeral_secret_key_, server_ephemeral_public_key_, *decoded)); std::unique_ptr<TLVNode> decrypted(CryptoUtil::DecryptDecode(ephemeral_secret_key_, peer_ephemeral_public_key_, *decoded));
if (!decrypted.get()) { if (!decrypted.get()) {
LogFatal() << "Protocol error (decryption failure)" << std::endl; LogFatal() << "Protocol error (decryption failure)" << std::endl;
return; return;
@@ -367,25 +376,27 @@ void CryptoPubClient::OnHandshake(const TLVNode& decoded) {
return; return;
} }
std::unique_ptr<TLVNode> decrypted(DecryptDecode(secret_key_, server_public_key_, *encrypted)); std::unique_ptr<TLVNode> decrypted(CryptoUtil::DecryptDecode(secret_key_, peer_public_key_, *encrypted));
if (!decrypted.get()) { if (!decrypted.get()) {
LogFatal() << "Protocol error (server handshake -- decryption failure)" << std::endl; LogFatal() << "Protocol error (server handshake -- decryption failure)" << std::endl;
return; return;
} }
auto server_ephemeral_public_key = decrypted->FindChild(TLV_TYPE_PUBLIC_KEY); auto peer_ephemeral_public_key = decrypted->FindChild(TLV_TYPE_PUBLIC_KEY);
if (!server_ephemeral_public_key) { if (!peer_ephemeral_public_key) {
LogFatal() << "Protocol error (server handshake -- no ephemeral public key)" << std::endl; LogFatal() << "Protocol error (server handshake -- no ephemeral public key)" << std::endl;
return; return;
} }
server_ephemeral_public_key_ = server_ephemeral_public_key->GetValue(); peer_ephemeral_public_key_ = peer_ephemeral_public_key->GetValue();
if (server_ephemeral_public_key_.length() != crypto_box_PUBLICKEYBYTES) { if (peer_ephemeral_public_key_.length() != crypto_box_PUBLICKEYBYTES) {
LogFatal() << "Protocol error (server handshake -- wrong ephemeral public key length)" << std::endl; LogFatal() << "Protocol error (server handshake -- wrong ephemeral public key length)" << std::endl;
return; return;
} }
this->state_ = READY; this->state_ = READY;
Log() << "Handshake successful" << std::endl; Log() << "Handshake successful" << std::endl;
SendTunnelRequest();
} }
void CryptoPubClient::OnConnectOrError_(struct bufferevent* bev, const short what, void* this__) { void CryptoPubClient::OnConnectOrError_(struct bufferevent* bev, const short what, void* this__) {
@@ -399,21 +410,29 @@ void CryptoPubClient::OnConnectOrError_(struct bufferevent* bev, const short wha
void CryptoPubClient::OnConnect() { void CryptoPubClient::OnConnect() {
Log() << "Connected to server" << std::endl; Log() << "Connected to server" << std::endl;
SendHandshake();
}
void CryptoPubClient::SendHandshake() {
std::string ephemeral_public_key; std::string ephemeral_public_key;
GenKeyPair(&ephemeral_secret_key_, &ephemeral_public_key); CryptoUtil::GenKeyPair(&ephemeral_secret_key_, &ephemeral_public_key);
TLVNode handshake(TLV_TYPE_CLIENT_HANDSHAKE); TLVNode handshake(TLV_TYPE_CLIENT_HANDSHAKE);
handshake.AppendChild(new TLVNode(TLV_TYPE_PUBLIC_KEY, public_key_)); std::string public_key;
CryptoUtil::DerivePublicKey(secret_key_, &public_key);
handshake.AppendChild(new TLVNode(TLV_TYPE_PUBLIC_KEY, public_key));
TLVNode secure_handshake(TLV_TYPE_CLIENT_HANDSHAKE_SECURE); TLVNode secure_handshake(TLV_TYPE_CLIENT_HANDSHAKE_SECURE);
secure_handshake.AppendChild(new TLVNode(TLV_TYPE_PUBLIC_KEY, ephemeral_public_key)); secure_handshake.AppendChild(new TLVNode(TLV_TYPE_PUBLIC_KEY, ephemeral_public_key));
EncodeEncryptAppend(secret_key_, server_public_key_, secure_handshake, &handshake); CryptoUtil::EncodeEncryptAppend(secret_key_, peer_public_key_, secure_handshake, &handshake);
std::string out; std::string out;
handshake.Encode(&out); handshake.Encode(&out);
bufferevent_write(bev_, out.data(), out.length()); bufferevent_write(bev_, out.data(), out.length());
} }
void CryptoPubClient::SendTunnelRequest() {
}
void CryptoPubClient::OnError() { void CryptoPubClient::OnError() {
Log() << "Connection error" << std::endl; Log() << "Connection error" << std::endl;
} }

58
crypto.h
View File

@@ -6,10 +6,8 @@
#include "tlv.h" #include "tlv.h"
class CryptoBase { class CryptoUtil {
public: public:
virtual ~CryptoBase() {};
static std::string BinToHex(const std::string& bin); static std::string BinToHex(const std::string& bin);
static void GenKey(std::string* key); static void GenKey(std::string* key);
@@ -19,12 +17,30 @@ class CryptoBase {
static void WriteKeyToFile(const std::string& filename, const std::string& key); static void WriteKeyToFile(const std::string& filename, const std::string& key);
static void EncodeEncryptAppend(const std::string& secret_key, const std::string& public_key, const TLVNode& input, TLVNode* container); static void EncodeEncryptAppend(const std::string& secret_key, const std::string& public_key, const TLVNode& input, TLVNode* container);
TLVNode *DecryptDecode(const std::string& secret_key, const std::string& public_key, const TLVNode& input); static TLVNode *DecryptDecode(const std::string& secret_key, const std::string& public_key, const TLVNode& input);
};
class CryptoBase {
public:
std::ostream& Log(void *obj=nullptr); std::ostream& Log(void *obj=nullptr);
std::ostream& LogFatal(void *obj=nullptr); std::ostream& LogFatal(void *obj=nullptr);
}; };
class CryptoConnBase : public CryptoBase {
protected:
CryptoConnBase(const std::string& secret_key);
enum {
AWAITING_HANDSHAKE,
READY,
} state_;
const std::string secret_key_;
std::string peer_public_key_;
std::string ephemeral_secret_key_;
std::string peer_ephemeral_public_key_;
};
class CryptoPubServerConnection; class CryptoPubServerConnection;
class CryptoPubServer : public CryptoBase { class CryptoPubServer : public CryptoBase {
@@ -43,7 +59,7 @@ class CryptoPubServer : public CryptoBase {
const std::string secret_key_; const std::string secret_key_;
}; };
class CryptoPubServerConnection : public CryptoBase { class CryptoPubServerConnection : public CryptoConnBase {
public: public:
CryptoPubServerConnection(struct bufferevent* bev, const std::string& secret_key); CryptoPubServerConnection(struct bufferevent* bev, const std::string& secret_key);
~CryptoPubServerConnection(); ~CryptoPubServerConnection();
@@ -55,27 +71,19 @@ class CryptoPubServerConnection : public CryptoBase {
static void OnError_(struct bufferevent* bev, const short what, void* this__); static void OnError_(struct bufferevent* bev, const short what, void* this__);
void OnError(const short what); void OnError(const short what);
void SendHandshake();
struct bufferevent* bev_; struct bufferevent* bev_;
const std::string secret_key_;
std::string ephemeral_secret_key_;
std::string client_public_key_;
std::string client_ephemeral_public_key_;
enum {
AWAITING_HANDSHAKE,
READY,
} state_;
friend CryptoPubServer; friend CryptoPubServer;
}; };
class CryptoPubClient : public CryptoBase { class CryptoPubClient : public CryptoConnBase {
public: public:
CryptoPubClient(struct sockaddr* addr, socklen_t addrlen, const std::string& secret_key, const std::string& server_public_key); CryptoPubClient(struct sockaddr* addr, socklen_t addrlen, const std::string& secret_key, const std::string& server_public_key, const std::list<uint64_t>& channel_bitrates);
~CryptoPubClient(); ~CryptoPubClient();
static CryptoPubClient* FromHostname(const std::string& server_address, const std::string& server_port, const std::string& secret_key, const std::string& server_public_key); static CryptoPubClient* FromHostname(const std::string& server_address, const std::string& server_port, const std::string& secret_key, const std::string& server_public_key, const std::list<uint64_t>& channel_bitrates);
void Loop(); void Loop();
@@ -87,17 +95,11 @@ class CryptoPubClient : public CryptoBase {
void OnConnect(); void OnConnect();
void OnError(); void OnError();
void SendHandshake();
void SendTunnelRequest();
struct event_base* event_base_; struct event_base* event_base_;
struct bufferevent* bev_; struct bufferevent* bev_;
const std::string secret_key_; const std::list<uint64_t> channel_bitrates_;
const std::string server_public_key_;
std::string public_key_;
std::string ephemeral_secret_key_;
std::string server_ephemeral_public_key_;
enum {
AWAITING_HANDSHAKE,
READY,
} state_;
}; };

4
gen-key.cc
View File

@@ -11,9 +11,9 @@ int main(int argc, char *argv[]) {
} }
std::string key; std::string key;
CryptoBase::GenKey(&key); CryptoUtil::GenKey(&key);
CryptoBase::WriteKeyToFile(argv[1], key); CryptoUtil::WriteKeyToFile(argv[1], key);
return 0; return 0;
} }

6
gen-keypair.cc
View File

@@ -11,10 +11,10 @@ int main(int argc, char *argv[]) {
} }
std::string secret_key, public_key; std::string secret_key, public_key;
CryptoBase::GenKeyPair(&secret_key, &public_key); CryptoUtil::GenKeyPair(&secret_key, &public_key);
CryptoBase::WriteKeyToFile(argv[1], secret_key); CryptoUtil::WriteKeyToFile(argv[1], secret_key);
CryptoBase::WriteKeyToFile(argv[2], public_key); CryptoUtil::WriteKeyToFile(argv[2], public_key);
return 0; return 0;
} }