int zmq::plain_server_t::process_hello (msg_t *msg_) { const unsigned char *ptr = static_cast <unsigned char *> (msg_->data ()); size_t bytes_left = msg_->size (); if (bytes_left < 6 || memcmp (ptr, "\x05HELLO", 6)) { // Temporary support for security debugging puts ("PLAIN I: invalid PLAIN client, did not send HELLO"); errno = EPROTO; return -1; } ptr += 6; bytes_left -= 6; if (bytes_left < 1) { // Temporary support for security debugging puts ("PLAIN I: invalid PLAIN client, did not send username"); errno = EPROTO; return -1; } const size_t username_length = static_cast <size_t> (*ptr++); bytes_left -= 1; if (bytes_left < username_length) { // Temporary support for security debugging puts ("PLAIN I: invalid PLAIN client, sent malformed username"); errno = EPROTO; return -1; } const std::string username = std::string ((char *) ptr, username_length); ptr += username_length; bytes_left -= username_length; if (bytes_left < 1) { // Temporary support for security debugging puts ("PLAIN I: invalid PLAIN client, did not send password"); errno = EPROTO; return -1; } const size_t password_length = static_cast <size_t> (*ptr++); bytes_left -= 1; if (bytes_left < password_length) { // Temporary support for security debugging puts ("PLAIN I: invalid PLAIN client, sent malformed password"); errno = EPROTO; return -1; } const std::string password = std::string ((char *) ptr, password_length); ptr += password_length; bytes_left -= password_length; if (bytes_left > 0) { // Temporary support for security debugging puts ("PLAIN I: invalid PLAIN client, sent extraneous data"); errno = EPROTO; return -1; } // Use ZAP protocol (RFC 27) to authenticate the user. int rc = session->zap_connect (); if (rc == 0) { send_zap_request (username, password); rc = receive_and_process_zap_reply (); if (rc == 0) state = status_code == "200" ? sending_welcome : sending_error; else if (errno == EAGAIN) state = waiting_for_zap_reply; else return -1; } else state = sending_welcome; return 0; }
int zmq::curve_server_t::process_initiate (msg_t *msg_) { if (msg_->size () < 257) { // Temporary support for security debugging puts ("CURVE I: client INITIATE is not correct size"); errno = EPROTO; return -1; } const uint8_t *initiate = static_cast <uint8_t *> (msg_->data ()); if (memcmp (initiate, "\x08INITIATE", 9)) { // Temporary support for security debugging puts ("CURVE I: client INITIATE has invalid command name"); errno = EPROTO; return -1; } uint8_t cookie_nonce [crypto_secretbox_NONCEBYTES]; uint8_t cookie_plaintext [crypto_secretbox_ZEROBYTES + 64]; uint8_t cookie_box [crypto_secretbox_BOXZEROBYTES + 80]; // Open Box [C' + s'](t) memset (cookie_box, 0, crypto_secretbox_BOXZEROBYTES); memcpy (cookie_box + crypto_secretbox_BOXZEROBYTES, initiate + 25, 80); memcpy (cookie_nonce, "COOKIE--", 8); memcpy (cookie_nonce + 8, initiate + 9, 16); int rc = crypto_secretbox_open (cookie_plaintext, cookie_box, sizeof cookie_box, cookie_nonce, cookie_key); if (rc != 0) { // Temporary support for security debugging puts ("CURVE I: cannot open client INITIATE cookie"); errno = EPROTO; return -1; } // Check cookie plain text is as expected [C' + s'] if (memcmp (cookie_plaintext + crypto_secretbox_ZEROBYTES, cn_client, 32) || memcmp (cookie_plaintext + crypto_secretbox_ZEROBYTES + 32, cn_secret, 32)) { // Temporary support for security debugging puts ("CURVE I: client INITIATE cookie is not valid"); errno = EPROTO; return -1; } const size_t clen = (msg_->size () - 113) + crypto_box_BOXZEROBYTES; uint8_t initiate_nonce [crypto_box_NONCEBYTES]; uint8_t initiate_plaintext [crypto_box_ZEROBYTES + 128 + 256]; uint8_t initiate_box [crypto_box_BOXZEROBYTES + 144 + 256]; // Open Box [C + vouch + metadata](C'->S') memset (initiate_box, 0, crypto_box_BOXZEROBYTES); memcpy (initiate_box + crypto_box_BOXZEROBYTES, initiate + 113, clen - crypto_box_BOXZEROBYTES); memcpy (initiate_nonce, "CurveZMQINITIATE", 16); memcpy (initiate_nonce + 16, initiate + 105, 8); cn_peer_nonce = get_uint64(initiate + 105); rc = crypto_box_open (initiate_plaintext, initiate_box, clen, initiate_nonce, cn_client, cn_secret); if (rc != 0) { // Temporary support for security debugging puts ("CURVE I: cannot open client INITIATE"); errno = EPROTO; return -1; } const uint8_t *client_key = initiate_plaintext + crypto_box_ZEROBYTES; uint8_t vouch_nonce [crypto_box_NONCEBYTES]; uint8_t vouch_plaintext [crypto_box_ZEROBYTES + 64]; uint8_t vouch_box [crypto_box_BOXZEROBYTES + 80]; // Open Box Box [C',S](C->S') and check contents memset (vouch_box, 0, crypto_box_BOXZEROBYTES); memcpy (vouch_box + crypto_box_BOXZEROBYTES, initiate_plaintext + crypto_box_ZEROBYTES + 48, 80); memcpy (vouch_nonce, "VOUCH---", 8); memcpy (vouch_nonce + 8, initiate_plaintext + crypto_box_ZEROBYTES + 32, 16); rc = crypto_box_open (vouch_plaintext, vouch_box, sizeof vouch_box, vouch_nonce, client_key, cn_secret); if (rc != 0) { // Temporary support for security debugging puts ("CURVE I: cannot open client INITIATE vouch"); errno = EPROTO; return -1; } // What we decrypted must be the client's short-term public key if (memcmp (vouch_plaintext + crypto_box_ZEROBYTES, cn_client, 32)) { // Temporary support for security debugging puts ("CURVE I: invalid handshake from client (public key)"); errno = EPROTO; return -1; } // Precompute connection secret from client key rc = crypto_box_beforenm (cn_precom, cn_client, cn_secret); zmq_assert (rc == 0); // Use ZAP protocol (RFC 27) to authenticate the user. rc = session->zap_connect (); if (rc == 0) { send_zap_request (client_key); rc = receive_and_process_zap_reply (); if (rc == 0) state = status_code == "200" ? send_ready : send_error; else if (errno == EAGAIN) state = expect_zap_reply; else return -1; } else state = send_ready; return parse_metadata (initiate_plaintext + crypto_box_ZEROBYTES + 128, clen - crypto_box_ZEROBYTES - 128); }
int zmq::null_mechanism_t::next_handshake_command (msg_t *msg_) { if (ready_command_sent || error_command_sent) { errno = EAGAIN; return -1; } if (zap_connected && !zap_reply_received) { if (zap_request_sent) { errno = EAGAIN; return -1; } send_zap_request (); zap_request_sent = true; const int rc = receive_and_process_zap_reply (); if (rc != 0) return -1; zap_reply_received = true; } if (zap_reply_received && strncmp (status_code, "200", sizeof status_code) != 0) { const int rc = msg_->init_size (6 + 1 + sizeof status_code); zmq_assert (rc == 0); unsigned char *msg_data = static_cast <unsigned char *> (msg_->data ()); memcpy (msg_data, "\5ERROR", 6); msg_data [6] = sizeof status_code; memcpy (msg_data + 7, status_code, sizeof status_code); error_command_sent = true; return 0; } unsigned char *const command_buffer = (unsigned char *) malloc (512); alloc_assert (command_buffer); unsigned char *ptr = command_buffer; // Add mechanism string memcpy (ptr, "\5READY", 6); ptr += 6; // Add socket type property const char *socket_type = socket_type_string (options.type); ptr += add_property (ptr, "Socket-Type", socket_type, strlen (socket_type)); // Add identity property if (options.type == ZMQ_REQ || options.type == ZMQ_DEALER || options.type == ZMQ_ROUTER) ptr += add_property (ptr, "Identity", options.identity, options.identity_size); const size_t command_size = ptr - command_buffer; const int rc = msg_->init_size (command_size); errno_assert (rc == 0); memcpy (msg_->data (), command_buffer, command_size); free (command_buffer); ready_command_sent = true; return 0; }
int zmq::plain_mechanism_t::process_hello_command (msg_t *msg_) { const unsigned char *ptr = static_cast <unsigned char *> (msg_->data ()); size_t bytes_left = msg_->size (); if (bytes_left < 8 || memcmp (ptr, "HELLO ", 8)) { errno = EPROTO; return -1; } ptr += 8; bytes_left -= 8; if (bytes_left < 1) { errno = EPROTO; return -1; } const size_t username_length = static_cast <size_t> (*ptr++); bytes_left -= 1; if (bytes_left < username_length) { errno = EPROTO; return -1; } const std::string username = std::string ((char *) ptr, username_length); ptr += username_length; bytes_left -= username_length; if (bytes_left < 1) { errno = EPROTO; return -1; } const size_t password_length = static_cast <size_t> (*ptr++); bytes_left -= 1; if (bytes_left < password_length) { errno = EPROTO; return -1; } const std::string password = std::string ((char *) ptr, password_length); ptr += password_length; bytes_left -= password_length; if (bytes_left > 0) { errno = EPROTO; return -1; } // Use ZAP protocol (RFC 27) to authenticate the user. int rc = session->zap_connect (); if (rc == 0) { send_zap_request (username, password); rc = receive_and_process_zap_reply (); if (rc != 0) { if (errno != EAGAIN) return -1; expecting_zap_reply = true; } } return 0; }
int zmq::curve_server_t::process_initiate (msg_t *msg_) { if (msg_->size () < 257) { errno = EPROTO; return -1; } const uint8_t *initiate = static_cast <uint8_t *> (msg_->data ()); if (memcmp (initiate, "\x08INITIATE", 9)) { errno = EPROTO; return -1; } uint8_t cookie_nonce [crypto_secretbox_NONCEBYTES]; uint8_t cookie_plaintext [crypto_secretbox_ZEROBYTES + 64]; uint8_t cookie_box [crypto_secretbox_BOXZEROBYTES + 80]; // Open Box [C' + s'](t) memset (cookie_box, 0, crypto_secretbox_BOXZEROBYTES); memcpy (cookie_box + crypto_secretbox_BOXZEROBYTES, initiate + 25, 80); memcpy (cookie_nonce, "COOKIE--", 8); memcpy (cookie_nonce + 8, initiate + 9, 16); int rc = crypto_secretbox_open (cookie_plaintext, cookie_box, sizeof cookie_box, cookie_nonce, cookie_key); if (rc != 0) { errno = EPROTO; return -1; } // Check cookie plain text is as expected [C' + s'] if (memcmp (cookie_plaintext + crypto_secretbox_ZEROBYTES, cn_client, 32) || memcmp (cookie_plaintext + crypto_secretbox_ZEROBYTES + 32, cn_secret, 32)) { errno = EPROTO; return -1; } const size_t clen = (msg_->size () - 113) + crypto_box_BOXZEROBYTES; uint8_t initiate_nonce [crypto_box_NONCEBYTES]; uint8_t initiate_plaintext [crypto_box_ZEROBYTES + 128 + 256]; uint8_t initiate_box [crypto_box_BOXZEROBYTES + 144 + 256]; // Open Box [C + vouch + metadata](C'->S') memset (initiate_box, 0, crypto_box_BOXZEROBYTES); memcpy (initiate_box + crypto_box_BOXZEROBYTES, initiate + 113, clen - crypto_box_BOXZEROBYTES); memcpy (initiate_nonce, "CurveZMQINITIATE", 16); memcpy (initiate_nonce + 16, initiate + 105, 8); rc = crypto_box_open (initiate_plaintext, initiate_box, clen, initiate_nonce, cn_client, cn_secret); if (rc != 0) { errno = EPROTO; return -1; } const uint8_t *client_key = initiate_plaintext + crypto_box_ZEROBYTES; uint8_t vouch_nonce [crypto_box_NONCEBYTES]; uint8_t vouch_plaintext [crypto_box_ZEROBYTES + 64]; uint8_t vouch_box [crypto_box_BOXZEROBYTES + 80]; // Open Box Box [C',S](C->S') and check contents memset (vouch_box, 0, crypto_box_BOXZEROBYTES); memcpy (vouch_box + crypto_box_BOXZEROBYTES, initiate_plaintext + crypto_box_ZEROBYTES + 48, 80); memcpy (vouch_nonce, "VOUCH---", 8); memcpy (vouch_nonce + 8, initiate_plaintext + crypto_box_ZEROBYTES + 32, 16); rc = crypto_box_open (vouch_plaintext, vouch_box, sizeof vouch_box, vouch_nonce, client_key, cn_secret); if (rc != 0) { errno = EPROTO; return -1; } // What we decrypted must be the client's short-term public key if (memcmp (vouch_plaintext + crypto_box_ZEROBYTES, cn_client, 32)) { errno = EPROTO; return -1; } // Precompute connection secret from client key rc = crypto_box_beforenm (cn_precom, cn_client, cn_secret); zmq_assert (rc == 0); // Use ZAP protocol (RFC 27) to authenticate the user. rc = session->zap_connect (); if (rc == 0) { send_zap_request (client_key); rc = receive_and_process_zap_reply (); if (rc != 0) { if (errno != EAGAIN) return -1; expecting_zap_reply = true; } } return parse_metadata (initiate_plaintext + crypto_box_ZEROBYTES + 128, clen - crypto_box_ZEROBYTES - 128); }