// makes sure all the crypto line state is set up, and creates line keys if exist
int crypt_line_1a(crypt_t c, packet_t inner)
{
unsigned char line_public[uECC_BYTES*2], secret[uECC_BYTES], input[uECC_BYTES+16+16], hash[32];
char *hecc;
crypt_1a_t cs;
cs = (crypt_1a_t)c->cs;
hecc = packet_get_str(inner,"ecc"); // it's where we stashed it
if(!hecc || strlen(hecc) != uECC_BYTES*4) return 1;
crypt_rand((unsigned char*)&(cs->seq),4); // init seq to random start
// do the diffie hellman
util_unhex((unsigned char*)hecc,uECC_BYTES*4,line_public);
if(!uECC_shared_secret(line_public, cs->line_private, secret)) return 1;
// make line keys!
memcpy(input,secret,uECC_BYTES);
memcpy(input+uECC_BYTES,c->lineOut,16);
memcpy(input+uECC_BYTES+16,c->lineIn,16);
crypt_hash(input,uECC_BYTES+16+16,hash);
fold1(hash,cs->keyOut);
memcpy(input+uECC_BYTES,c->lineIn,16);
memcpy(input+uECC_BYTES+16,c->lineOut,16);
crypt_hash(input,uECC_BYTES+16+16,hash);
fold1(hash,cs->keyIn);
return 0;
}
// process an incoming handshake
link_t link_receive_handshake(link_t link, lob_t inner)
{
uint32_t out, at, err;
uint8_t csid = 0;
lob_t outer = lob_linked(inner);
if(!link || !inner || !outer) return LOG("bad args");
// inner/link must be validated by caller already, we just load if missing
if(!link->key)
{
util_unhex(lob_get(inner, "csid"), 2, &csid);
if(!link_load(link, csid, inner))
{
lob_free(inner);
return LOG("load key failed for %s %u %s",hashname_short(link->id),csid,util_hex(inner->body,inner->body_len,NULL));
}
}
if((err = e3x_exchange_verify(link->x,outer)))
{
lob_free(inner);
return LOG("handshake verification fail: %d",err);
}
out = e3x_exchange_out(link->x,0);
at = lob_get_uint(inner,"at");
link_t ready = link_up(link);
// if bad at, always send current handshake
if(e3x_exchange_in(link->x, at) < out)
{
LOG("old handshake: %s (%d,%d,%d)",lob_json(inner),at,out);
link_sync(link);
lob_free(inner);
return link;
}
// try to sync ephemeral key
if(!e3x_exchange_sync(link->x,outer))
{
lob_free(inner);
return LOG("sync failed");
}
// we may need to re-sync
if(out != e3x_exchange_out(link->x,0)) link_sync(link);
// notify of ready state change
if(!ready && link_up(link))
{
LOG("link ready");
mesh_link(link->mesh, link);
}
link->handshake = lob_free(link->handshake);
link->handshake = inner;
return link;
}
// process an incoming handshake
link_t link_receive_handshake(link_t link, lob_t inner, pipe_t pipe)
{
link_t ready;
uint32_t out, err;
seen_t seen;
uint8_t csid = 0;
char *hexid;
lob_t attached, outer = lob_linked(inner);
if(!link || !inner || !outer) return LOG("bad args");
hexid = lob_get(inner, "csid");
if(!lob_get(link->mesh->keys, hexid)) return LOG("unsupported csid %s",hexid);
util_unhex(hexid, 2, &csid);
attached = lob_parse(inner->body, inner->body_len);
if(!link->key && link_key(link->mesh, attached, csid) != link) return LOG("invalid/mismatch link handshake");
if((err = e3x_exchange_verify(link->x,outer))) return LOG("handshake verification fail: %d",err);
out = e3x_exchange_out(link->x,0);
ready = link_up(link);
// if bad at, always send current handshake
if(e3x_exchange_in(link->x, lob_get_uint(inner,"at")) < out)
{
LOG("old/bad at: %s (%d,%d,%d)",lob_json(inner),lob_get_int(inner,"at"),e3x_exchange_in(link->x,0),e3x_exchange_out(link->x,0));
// just reset pipe seen and call link_sync to resend handshake
for(seen = link->pipes;pipe && seen;seen = seen->next) if(seen->pipe == pipe) seen->at = 0;
lob_free(link_sync(link));
return NULL;
}
// trust/add this pipe
if(pipe) link_pipe(link,pipe);
// try to sync ephemeral key
if(!e3x_exchange_sync(link->x,outer)) return LOG("sync failed");
// we may need to re-sync
if(out != e3x_exchange_out(link->x,0)) lob_free(link_sync(link));
// notify of ready state change
if(!ready && link_up(link))
{
LOG("link ready");
mesh_link(link->mesh, link);
}
return link;
}
lob_t link_handshakes(link_t link)
{
uint32_t i;
uint8_t csid;
char *key;
lob_t tmp, hs = NULL, handshakes = NULL;
if(!link) return NULL;
// no keys means we have to generate a handshake for each key
if(!link->x)
{
for(i=0;(key = lob_get_index(link->mesh->keys,i));i+=2)
{
util_unhex(key,2,&csid);
hs = lob_new();
tmp = hashname_im(link->mesh->keys, csid);
lob_body(hs, lob_raw(tmp), lob_len(tmp));
lob_free(tmp);
handshakes = lob_link(hs, handshakes);
}
}else{ // generate one just for this csid
handshakes = lob_new();
tmp = hashname_im(link->mesh->keys, link->csid);
lob_body(handshakes, lob_raw(tmp), lob_len(tmp));
lob_free(tmp);
}
// add any custom per-link
for(hs = link->handshakes; hs; hs = lob_linked(hs)) handshakes = lob_link(lob_copy(hs), handshakes);
// add any mesh-wide handshakes
for(hs = link->mesh->handshakes; hs; hs = lob_linked(hs)) handshakes = lob_link(lob_copy(hs), handshakes);
// encrypt them if we can
if(link->x)
{
tmp = handshakes;
handshakes = NULL;
for(hs = tmp; hs; hs = lob_linked(hs)) handshakes = lob_link(e3x_exchange_handshake(link->x, hs), handshakes);
lob_free(tmp);
}
return handshakes;
}
uint8_t hashname_id(lob_t a, lob_t b)
{
uint8_t id, best;
uint32_t i;
char *key;
if(!a || !b) return 0;
best = 0;
for(i=0;(key = lob_get_index(a,i));i+=2)
{
if(strlen(key) != 2) continue;
if(!lob_get(b,key)) continue;
id = 0;
util_unhex(key,2,&id);
if(id > best) best = id;
}
return best;
}
// create hashname from intermediate values as hex/base32 key/value pairs
hashname_t hashname_key(lob_t key, uint8_t csid)
{
unsigned int i, start;
uint8_t hash[64];
char *id, *value, hexid[3];
hashname_t hn = NULL;
if(!key) return LOG("invalid args");
util_hex(&csid, 1, hexid);
// get in sorted order
lob_sort(key);
// loop through all keys rolling up
for(i=0;(id = lob_get_index(key,i));i+=2)
{
value = lob_get_index(key,i+1);
if(strlen(id) != 2 || !util_ishex(id,2) || !value) continue; // skip non-id keys
// hash the id
util_unhex(id,2,hash+32);
start = (i == 0) ? 32 : 0; // only first one excludes previous rollup
e3x_hash(hash+start,(32-start)+1,hash); // hash in place
// get the value from the body if matching csid arg
if(util_cmp(id, hexid) == 0)
{
if(key->body_len == 0) return LOG("missing key body");
// hash the body
e3x_hash(key->body,key->body_len,hash+32);
}else{
if(strlen(value) != 52) return LOG("invalid value %s %d",value,strlen(value));
if(base32_decode(value,52,hash+32,32) != 32) return LOG("base32 decode failed %s",value);
}
e3x_hash(hash,64,hash);
}
if(!i || i % 2 != 0) return LOG("invalid keys %d",i);
hn = hashname_new(hash);
return hn;
}
int main(int argc, char **argv)
{
lob_t packet;
packet = lob_new();
fail_unless(packet);
lob_free(packet);
uint8_t buf[1024];
char *hex = "001d7b2274797065223a2274657374222c22666f6f223a5b22626172225d7d616e792062696e61727921";
uint8_t len = strlen(hex)/2;
util_unhex(hex,strlen(hex),buf);
packet = lob_parse(buf,len);
fail_unless(packet);
fail_unless(lob_len(packet));
fail_unless(packet->head_len == 29);
fail_unless(packet->body_len == 11);
fail_unless(util_cmp(lob_get(packet,"type"),"test") == 0);
fail_unless(util_cmp(lob_get(packet,"foo"),"[\"bar\"]") == 0);
lob_free(packet);
packet = lob_new();
lob_set_base32(packet,"32",buf,len);
fail_unless(lob_get(packet,"32"));
fail_unless(strlen(lob_get(packet,"32")) == (base32_encode_length(len)-1));
lob_t bin = lob_get_base32(packet,"32");
fail_unless(bin);
fail_unless(bin->body_len == len);
lob_set(packet,"key","value");
fail_unless(lob_keys(packet) == 2);
// test sorting
lob_set(packet,"zz","value");
lob_set(packet,"a","value");
lob_set(packet,"z","value");
lob_sort(packet);
fail_unless(util_cmp(lob_get_index(packet,0),"32") == 0);
fail_unless(util_cmp(lob_get_index(packet,2),"a") == 0);
fail_unless(util_cmp(lob_get_index(packet,4),"key") == 0);
fail_unless(util_cmp(lob_get_index(packet,6),"z") == 0);
fail_unless(util_cmp(lob_get_index(packet,8),"zz") == 0);
lob_free(packet);
// minimal comparison test
lob_t a = lob_new();
lob_set(a,"foo","bar");
lob_t b = lob_new();
lob_set(b,"foo","bar");
fail_unless(lob_cmp(a,b) == 0);
lob_set(b,"bar","foo");
fail_unless(lob_cmp(a,b) != 0);
// lots of basic list testing
lob_t list = lob_new();
lob_t item = lob_new();
fail_unless(lob_push(list,item));
fail_unless(lob_pop(list) == item);
list = item->next;
fail_unless((list = lob_unshift(list,item)));
fail_unless(lob_shift(list) == item);
list = item->next;
fail_unless(lob_push(list,item));
fail_unless(list->next == item);
lob_t insert = lob_new();
fail_unless(lob_insert(list,list,insert));
fail_unless(list->next == insert);
fail_unless(insert->next == item);
fail_unless(lob_splice(list,insert));
fail_unless(list->next == item);
lob_t array = lob_array(list);
fail_unless(array);
fail_unless(util_cmp(lob_json(array),"[,]") == 0);
fail_unless(lob_freeall(list) == NULL);
// simple index testing
lob_t index = lob_new();
lob_t c1 = lob_new();
lob_set(c1,"id","c1");
lob_push(index,c1);
lob_t c2 = lob_new();
lob_set(c2,"id","c2");
lob_push(index,c2);
fail_unless(lob_match(index,"id","c1") == c1);
fail_unless(lob_match(index,"id","c2") == c2);
float f = 42.42;
lob_t ft = lob_new();
lob_head(ft,(uint8_t*)"{\"foo\":42.42}",13);
fail_unless(lob_get_float(ft,"foo") == f);
lob_set_float(ft,"bar2",f,2);
fail_unless(lob_get_float(ft,"bar2") == f);
lob_set_float(ft,"bar1",f,1);
fail_unless(lob_get_cmp(ft,"bar1","42.4") == 0);
lob_set_float(ft,"bar0",f,0);
fail_unless(lob_get_int(ft,"bar0") == 42);
LOG("floats %s",lob_json(ft));
return 0;
}
// process any unencrypted handshake packet
link_t mesh_receive_handshake(mesh_t mesh, lob_t handshake, pipe_t pipe)
{
uint32_t now;
hashname_t from;
link_t link;
if(!mesh || !handshake) return LOG("bad args");
if(!lob_get(handshake,"id"))
{
LOG("bad handshake, no id: %s",lob_json(handshake));
lob_free(handshake);
return NULL;
}
now = util_sys_seconds();
// normalize handshake
handshake->id = now; // save when we cached it
if(!lob_get(handshake,"type")) lob_set(handshake,"type","link"); // default to link type
if(!lob_get_uint(handshake,"at")) lob_set_uint(handshake,"at",now); // require an at
LOG("handshake at %d id %s",now,lob_get(handshake,"id"));
// validate/extend link handshakes immediately
if(util_cmp(lob_get(handshake,"type"),"link") == 0)
{
// get the csid
uint8_t csid = 0;
lob_t outer;
if((outer = lob_linked(handshake)))
{
csid = outer->head[0];
}else if(lob_get(handshake,"csid")){
util_unhex(lob_get(handshake,"csid"),2,&csid);
}
if(!csid)
{
LOG("bad link handshake, no csid: %s",lob_json(handshake));
lob_free(handshake);
return NULL;
}
char hexid[3] = {0};
util_hex(&csid, 1, hexid);
// get attached hashname
lob_t tmp = lob_parse(handshake->body, handshake->body_len);
from = hashname_vkey(tmp, csid);
if(!from)
{
LOG("bad link handshake, no hashname: %s",lob_json(handshake));
lob_free(tmp);
lob_free(handshake);
return NULL;
}
lob_set(handshake,"csid",hexid);
lob_set(handshake,"hashname",hashname_char(from));
lob_set_raw(handshake,hexid,2,"true",4); // intermediate format
lob_body(handshake, tmp->body, tmp->body_len); // re-attach as raw key
lob_free(tmp);
// short-cut, if it's a key from an existing link, pass it on
// TODO: using mesh_linked here is a stack issue during loopback peer test!
if((link = mesh_linkid(mesh,from))) return link_receive_handshake(link, handshake, pipe);
LOG("no link found for handshake from %s",hashname_char(from));
// extend the key json to make it compatible w/ normal patterns
tmp = lob_new();
lob_set_base32(tmp,hexid,handshake->body,handshake->body_len);
lob_set_raw(handshake,"keys",0,(char*)tmp->head,tmp->head_len);
lob_free(tmp);
// add the path if one
if(pipe && pipe->path)
{
char *paths = malloc(pipe->path->head_len+3);
sprintf(paths,"[%.*s]",(int)pipe->path->head_len,(char*)pipe->path->head);
lob_set_raw(handshake,"paths",0,paths,pipe->path->head_len+2);
free(paths);
}
}
// always add to the front of the cached list if needed in the future
mesh->cached = lob_unshift(mesh->cached, handshake);
// tell anyone listening about the newly discovered handshake
mesh_discover(mesh, handshake, pipe);
return NULL;
}
