diff --git a/crypto.cc b/crypto.cc index 931a1cb..513e95c 100644 --- a/crypto.cc +++ b/crypto.cc @@ -159,22 +159,48 @@ void CryptoPubServerConnection::OnReadable() { // TODO: re-buffer? return; } - std::cerr << "successful decode" << std::endl; + auto client_public_key = decoded->FindChild(TLV_TYPE_PUBLIC_KEY); - if (!client_public_key || client_public_key->GetValue().length() != crypto_box_PUBLICKEYBYTES) { - std::cerr << "Wanted " << crypto_box_PUBLICKEYBYTES << ", got " << client_public_key->GetValue().length() << " bytes" << std::endl; + if (!client_public_key) { + std::cerr << "Protocol error (client handshake -- no public key)" << std::endl; + delete this; + return; + } + client_public_key_ = client_public_key->GetValue(); + if (client_public_key_.length() != crypto_box_PUBLICKEYBYTES) { + std::cerr << "Protocol error (client handshake -- wrong public key length)" << std::endl; + delete this; return; } auto encrypted = decoded->FindChild(TLV_TYPE_ENCRYPTED); if (!encrypted) { + std::cerr << "Protocol error (client handshake -- no encrypted portion)" << std::endl; + delete this; return; } std::unique_ptr decrypted(DecryptDecode(secret_key_, client_public_key->GetValue(), *encrypted)); if (!decrypted.get()) { + std::cerr << "Protocol error (client handshake -- decryption failure)" << std::endl; + delete this; return; } - std::cerr << "successful decrypt" << std::endl; + + auto client_ephemeral_public_key = decrypted->FindChild(TLV_TYPE_PUBLIC_KEY); + if (!client_ephemeral_public_key) { + std::cerr << "Protocol error (client handshake -- no ephemeral public key)" << std::endl; + delete this; + return; + } + client_ephemeral_public_key_ = client_ephemeral_public_key->GetValue(); + if (client_ephemeral_public_key_.length() != crypto_box_PUBLICKEYBYTES) { + std::cerr << "Protocol error (client handshake -- wrong ephemeral public key length)" << std::endl; + delete this; + return; + } + + this->state_ = READY; + std::cerr << "Handshake successful" << std::endl; } void CryptoPubServerConnection::OnError_(struct bufferevent* bev, const short what, void* this__) { diff --git a/crypto.h b/crypto.h index cdd23f5..40b4699 100644 --- a/crypto.h +++ b/crypto.h @@ -50,7 +50,8 @@ class CryptoPubServerConnection : public CryptoBase { const std::string secret_key_; const std::string ephemeral_secret_key_; - const std::string client_public_key_; + std::string client_public_key_; + std::string client_ephemeral_public_key_; enum { AWAITING_HANDSHAKE, READY, diff --git a/tlv.cc b/tlv.cc index 108b407..6addf06 100644 --- a/tlv.cc +++ b/tlv.cc @@ -48,7 +48,6 @@ TLVNode* TLVNode::Decode(const std::string& input) { return nullptr; } auto header = (struct header*)input.data(); - std::cerr << "[type=" << htons(header->type) << ", value_length=" << htons(header->value_length) << "]" << std::endl; if (input.length() < sizeof(*header) + htons(header->value_length)) { return nullptr; }