You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
libsxmp/sxt/core.c

233 lines
5.4 KiB
C

/*
* Secure eXtended Message Passing framework
* Secure eXtended Transport layer implementation: (libsxt)
* - very similar to SSH2/TLS
* - using already proven and tested crypto algos
* - better than TLS for message passing
*
* (c) Alexander Vdolainen 2016 <avdolainen@zoho.com>
*
* libsxmp is free software: you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published
* by the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* libsxmp is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.";
*
*/
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <pthread.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/mman.h>
#include <fcntl.h>
#ifdef WIN32
#include <Winsock2.h>
#define EBADE 1
#define NETDB_SUCCESS 0
#else
#include <sys/select.h>
#include <netdb.h>
#include <unistd.h>
#include <uuid/uuid.h>
#endif
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/engine.h>
#include <openssl/rand.h>
#include <tdata/list.h>
#include <sxt/errno.h>
#include <sxt/ciphers.h>
#include <sxt/lcrypt.h>
#include <sxt/safebuf.h>
#include <sxt/rdb.h>
#include <sxt/sxtkey.h>
#include <sxt/socket.h>
#include <sxt/sxt.h>
int sxt_init(void)
{
/* init SSL library */
SSL_library_init();
OpenSSL_add_all_algorithms();
return lcrypt_init_ciphers();
}
int sxt_finish(void)
{
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
return 0;
}
int sxt_reseed(void)
{
return lcrypt_reseed();
}
int sxt_get_random(void *data, int len, int pseudo)
{
if(pseudo) return RAND_bytes(data, len);
else {
#if OPENSSL_API_COMPAT < 0x10100000L
RAND_pseudo_bytes(data, len);
#else
RAND_bytes(data, len);
#endif
}
return 1;
}
int sxt_genbeer(sxtsession_t *session, sxtsafebuffer_t *o)
{
char *beer;
if(!o || !session) return SXT_EINVAL;
if(!session->linkset) return SXT_EINVAL;
if(!(beer = malloc(128))) return SXT_ENOMEM;
else memset(beer, 0, 128);
snprintf(beer, 128, "sxtbeer-%s-%d-%lu-%s", SXTBEER_TYPE, SXTPROTO_VERSION,
session->linkset->hash,
session->linkset->strctx ? session->linkset->strctx : "nil");
sxtsafebuffer_setdata(o, beer, strlen(beer));
return SXT_SUCCESS;
}
int sxt_scanbeer(sxtsession_t *session, const char *rbuf, size_t rlen)
{
char *buf = (char *)rbuf, *tbuf;
char tuple[32];
uint64_t hash = 0;
int i, st, version, len = 0;
if(!session || !rbuf) return SXT_EINVAL;
if(!rlen || !session->peerbeer) return SXT_EINVAL;
memset(tuple, 0, 32);
for(i = 0, tbuf = NULL, st = 0; i < rlen; i++, buf++) {
switch(st) {
case 0: /* first tuple */
if(!tbuf) tbuf = buf;
if(*buf == '-') {
if(i != strlen("sxtbeer")) return SXT_EPROTO;
if(strncmp(tbuf, "sxtbeer", i)) return SXT_EPROTO; /* that's wine! */
st++;
tbuf = NULL;
}
break;
case 1:
if(!tbuf) tbuf = buf;
if(*buf == '-') {
len = strlen(tbuf) - strlen(buf);
if(len < 1 || len >= 32) return SXT_EPROTO;
memcpy(tuple, tbuf, len);
/* currently one type supported */
if(strcmp(tuple, SXTBEER_TYPE)) return SXT_EPROTO;
memset(tuple, 0, 32);
tbuf = NULL; st++;
}
break;
case 2:
if(!tbuf) tbuf = buf;
if(*buf == '-') {
len = strlen(tbuf) - strlen(buf);
if(len < 1 || len >= 32) return SXT_EPROTO;
memcpy(tuple, tbuf, len);
version = atoi(tuple);
/* first version supported only */
if(version != SXTPROTO_VERSION) return SXT_EPROTO;
memset(tuple, 0, 32);
tbuf = NULL; st++;
}
break;
case 3: /* hash value */
if(!tbuf) tbuf = buf;
if(*buf == '-') {
len = strlen(tbuf) - strlen(buf);
if(len < 1 || len >= 32) return SXT_EPROTO;
memcpy(tuple, tbuf, len);
hash = strtoul(tuple, NULL, 0);
memset(tuple, 0, 32);
tbuf = NULL; st++;
}
break;
case 4: /* the rest of buffer is some custom plate */
if(!tbuf) {
tbuf = buf;
len = i;
memset(tuple, 0, 32);
}
break;
}
}
/* ok check for validity */
if(st < 3) return SXT_EPROTO;
if(!tbuf) return SXT_EPROTO;
else len = rlen - len;
if(len >= 32 || len < 1) return SXT_EPROTO;
else memcpy(tuple, tbuf, len);
session->sxt_version = version;
session->peer_swhash = hash;
if(sxtsafebuffer_length(session->peerbeer) < 128)
return SXT_ENOMEM; /* no room for peer beer */
snprintf((char *)sxtsafebuffer_getdata(session->peerbeer), 128,
"sxtbeer-%s-%d-%lu-%s", SXTBEER_TYPE, session->sxt_version,
session->peer_swhash, tuple);
return SXT_SUCCESS;
}
/* wrappers */
SHA512CTX sha512_init(void){
SHA512CTX c = malloc(sizeof(*c));
if (c == NULL) {
return NULL;
}
SHA512_Init(c);
return c;
}
void sha512_update(SHA512CTX c, const void *data, unsigned long len){
SHA512_Update(c,data,len);
}
void sha512_final(unsigned char *md, SHA512CTX c) {
SHA512_Final(md, c);
if(c) free(c);
}