// Destroy peer manager object. static void peermgtDestroy(struct s_peermgt *mgt) { int size = mapGetMapSize(&mgt->map); mapDestroy(&mgt->map); nodedbDestroy(&mgt->nodedb); authmgtDestroy(&mgt->authmgt); dfragDestroy(&mgt->dfrag); cryptoDestroy(mgt->ctx, size); free(mgt->ctx); free(mgt->data); }
static int packetTestsuiteMsg(const int random_msg) { unsigned char plbuf[packetTestsuite_PLBUF_SIZE]; unsigned char plbufdec[packetTestsuite_PLBUF_SIZE]; struct s_packet_data testdata = { .pl_buf_size = packetTestsuite_PLBUF_SIZE, .pl_buf = plbuf }; struct s_packet_data testdatadec = { .pl_buf_size = packetTestsuite_PLBUF_SIZE, .pl_buf = plbufdec }; unsigned char pkbuf[packetTestsuite_PKBUF_SIZE]; struct s_crypto ctx[2]; unsigned char secret[64]; unsigned char nonce[16]; struct s_seq_state seqstate; char str[4096]; int len; memset(secret, 23, 64); memset(nonce, 5, 16); cryptoCreate(ctx, 2); if(!cryptoSetKeys(&ctx[0], 1, secret, 64, nonce, 16)) return 0; if(!cryptoSetKeys(&ctx[1], 1, secret, 64, nonce, 16)) return 0; seqInit(&seqstate, 0); memset(plbuf, 0, packetTestsuite_PLBUF_SIZE); if(random_msg) RAND_pseudo_bytes(plbuf, packetTestsuite_PLBUF_SIZE); else strcpy((char *)plbuf, "moo"); len = packetTestsuite_PLBUF_SIZE; testdata.pl_length = len; testdata.pl_type = 0; testdata.pl_options = 0; testdata.peerid = plbuf[0]; testdata.seq = 1; utilByteArrayToHexstring(str, 4096, plbuf, len); printf("%s (len=%d, peerid=%d) -> ", str, len, testdata.peerid); len = packetEncode(pkbuf, packetTestsuite_PKBUF_SIZE, &testdata, &ctx[0]); if(!(len > 0)) return 0; utilByteArrayToHexstring(str, 4096, pkbuf, len); printf("%s (%d) -> ", str, len); if(!(packetDecode(&testdatadec, pkbuf, len, &ctx[1], &seqstate))) return 0; if(!(testdatadec.pl_length > 0)) return 0; if(!(testdatadec.peerid == plbuf[0])) return 0; if(!memcmp(testdatadec.pl_buf, testdata.pl_buf, packetTestsuite_PLBUF_SIZE) == 0) return 0; utilByteArrayToHexstring(str, 4096, testdatadec.pl_buf, testdatadec.pl_length); printf("%s (len=%d, peerid=%d)\n", str, testdatadec.pl_length, testdatadec.peerid); cryptoDestroy(ctx, 2); return 1; }
static int do_crypto_test(void *param) { int ret; if(param == NULL) { printf("please input param:\n"); printf(" test_accvisio -v verify passwd\n"); printf(" test_accvisio -w write passwd\n"); return 0; } if(strcmp((char *)param, "-v") == 0) { cryptoInit(); ret = crypetoVerify(buf_passwd); if(ret == 0) printf("password verify success...\n"); else printf("password wrong...\n"); cryptoDestroy(); } else if(strcmp((char *)param, "-w") == 0) { cryptoInit(); ret = cryptoWriteSeed(buf_passwd); if(ret == 0) printf("write passwd success...\n"); else printf("write password failed...\n"); cryptoDestroy(); } return 0; }
// create cipher contexts static int cryptoCreate(struct s_crypto *ctxs, const int count) { int i; for(i=0; i<count; i++) { EVP_CIPHER_CTX_init(&ctxs[i].enc_ctx); EVP_CIPHER_CTX_init(&ctxs[i].dec_ctx); HMAC_CTX_init(&ctxs[i].hmac_ctx); } if(cryptoSetKeysRandom(ctxs, count)) { return 1; } else { cryptoDestroy(ctxs, count); return 0; } }
// Create peer manager object. static int peermgtCreate(struct s_peermgt *mgt, const int peer_slots, const int auth_slots, struct s_nodekey *local_nodekey, struct s_dh_state *dhstate) { int tnow = utilGetTime(); const char *defaultid = "default"; struct s_peermgt_data *data_mem; struct s_crypto *ctx_mem; if((peer_slots > 0) && (auth_slots > 0) && (peermgtSetNetID(mgt, defaultid, 7))) { data_mem = malloc(sizeof(struct s_peermgt_data) * (peer_slots + 1)); if(data_mem != NULL) { ctx_mem = malloc(sizeof(struct s_crypto) * (peer_slots + 1)); if(ctx_mem != NULL) { if(cryptoCreate(ctx_mem, (peer_slots + 1))) { if(dfragCreate(&mgt->dfrag, peermgt_MSGSIZE_MIN, peermgt_FRAGBUF_COUNT)) { if(authmgtCreate(&mgt->authmgt, &mgt->netid, auth_slots, local_nodekey, dhstate)) { if(nodedbCreate(&mgt->nodedb, ((peer_slots * 8) + 1))) { if(mapCreate(&mgt->map, (peer_slots + 1), nodeid_SIZE, 1)) { mgt->nodekey = local_nodekey; mgt->data = data_mem; mgt->ctx = ctx_mem; mgt->lastconnect = tnow; mgt->rrmsg.msg = mgt->rrmsgbuf; if(peermgtInit(mgt)) { return 1; } mgt->nodekey = NULL; mgt->data = NULL; mgt->ctx = NULL; mapDestroy(&mgt->map); } nodedbDestroy(&mgt->nodedb); } authmgtDestroy(&mgt->authmgt); } dfragDestroy(&mgt->dfrag); } cryptoDestroy(ctx_mem, (peer_slots + 1)); } free(ctx_mem); } free(data_mem); } } return 0; }
// generate session keys from password static int cryptoSetSessionKeysFromPassword(struct s_crypto *session_ctx, const unsigned char *password, const int password_len, const int cipher_algorithm, const int hmac_algorithm) { unsigned char key_a[64]; unsigned char key_b[64]; struct s_crypto ctx[2]; int i; int ret_a, ret_b; ret_b = 0; if(cryptoCreate(ctx, 2)) { if(cryptoCalculateSHA512(key_a, 64, password, password_len)) { ret_a = 1; for(i=0; i<31337; i++) { // hash the password multiple times if(!cryptoCalculateSHA512(key_b, 64, key_a, 64)) { ret_a = 0; break; } if(!cryptoCalculateSHA512(key_a, 64, key_b, 64)) { ret_a = 0; break; } } if(ret_a) { if(cryptoSetKeys(ctx, 2, key_a, 32, &key_a[32], 32)) { ret_b = cryptoSetSessionKeys(session_ctx, &ctx[0], &ctx[1], key_b, 64, cipher_algorithm, hmac_algorithm); } } } cryptoDestroy(ctx, 2); } return ret_b; }
// Destroy auth state object. static void authDestroy(struct s_auth_state *authstate) { authReset(authstate); cryptoDestroy(authstate->crypto_ctx, auth_CRYPTOCTX_COUNT); nodekeyDestroy(&authstate->remote_nodekey); }