Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Refactored CryptoAuth so it doesn't need configuration to startup.

  • Loading branch information...
commit fa50f72018594c3433a9cdcc3a463ed5338ad977 1 parent 94bc289
Caleb James DeLisle authored
View
5 cjdroute.c
@@ -506,7 +506,7 @@ int main(int argc, char** argv)
uint8_t privateKey[32];
parsePrivateKey(&config, &myAddr, privateKey);
struct CryptoAuth* cryptoAuth =
- CryptoAuth_new(&config, allocator, privateKey, eventBase, logger);
+ CryptoAuth_new(allocator, privateKey, eventBase, logger);
struct SwitchCore* switchCore = SwitchCore_new(logger, allocator);
@@ -523,8 +523,7 @@ int main(int argc, char** argv)
SerializationModule_register(registry, allocator);
- struct Ducttape* dt = Ducttape_register(&config,
- privateKey,
+ struct Ducttape* dt = Ducttape_register(privateKey,
registry,
router,
switchCore,
View
39 crypto/CryptoAuth.c
@@ -153,7 +153,7 @@ static inline uint8_t* hashPassword(struct CryptoAuth_Auth* auth,
* @return an Auth struct with a if one is found, otherwise NULL.
*/
static inline struct CryptoAuth_Auth* getAuth(union Headers_AuthChallenge auth,
- struct CryptoAuth* context)
+ struct CryptoAuth_pvt* context)
{
if (auth.challenge.type != 1) {
return NULL;
@@ -395,7 +395,7 @@ static uint8_t encryptHandshake(struct Message* message, struct CryptoAuth_Wrapp
// garbage the auth field to frustrate DPI and set the nonce (next 24 bytes after the auth)
randombytes((uint8_t*) &header->handshake.auth, sizeof(union Headers_AuthChallenge) + 24);
- Bits_memcpyConst(&header->handshake.publicKey, wrapper->context->publicKey, 32);
+ Bits_memcpyConst(&header->handshake.publicKey, wrapper->context->pub.publicKey, 32);
if (!knowHerKey(wrapper)) {
return genReverseHandshake(message, wrapper, header);
@@ -565,7 +565,7 @@ static uint8_t sendMessage(struct Message* message, struct Interface* interface)
// This will prevent "connection in bad state" situations from lasting forever.
uint64_t nowSecs = Time_currentTimeSeconds(wrapper->context->eventBase);
- if (nowSecs - wrapper->timeOfLastPacket > wrapper->context->resetAfterInactivitySeconds) {
+ if (nowSecs - wrapper->timeOfLastPacket > wrapper->context->pub.resetAfterInactivitySeconds) {
Log_debug(wrapper->context->logger, "No traffic in [%d] seconds, resetting connection.",
(int) (nowSecs - wrapper->timeOfLastPacket));
@@ -881,13 +881,12 @@ static uint8_t receiveMessage(struct Message* received, struct Interface* interf
/////////////////////////////////////////////////////////////////////////////////////////////////
-struct CryptoAuth* CryptoAuth_new(Dict* config,
- struct Allocator* allocator,
+struct CryptoAuth* CryptoAuth_new(struct Allocator* allocator,
const uint8_t* privateKey,
struct event_base* eventBase,
struct Log* logger)
{
- struct CryptoAuth* ca = allocator->calloc(sizeof(struct CryptoAuth), 1, allocator);
+ struct CryptoAuth_pvt* ca = allocator->calloc(sizeof(struct CryptoAuth_pvt), 1, allocator);
ca->allocator = allocator;
ca->passwords = allocator->calloc(sizeof(struct CryptoAuth_Auth), 256, allocator);
@@ -895,23 +894,18 @@ struct CryptoAuth* CryptoAuth_new(Dict* config,
ca->passwordCapacity = 256;
ca->eventBase = eventBase;
ca->logger = logger;
- ca->resetAfterInactivitySeconds = UINT32_MAX;
- int64_t* resetAfterInactivitySeconds =
- Dict_getInt(config, &(String){ .len=27, .bytes="resetAfterInactivitySeconds" });
- if (resetAfterInactivitySeconds && *resetAfterInactivitySeconds > 0) {
- ca->resetAfterInactivitySeconds = (uint32_t) *resetAfterInactivitySeconds;
- }
+ ca->pub.resetAfterInactivitySeconds = CryptoAuth_DEFAULT_RESET_AFTER_INACTIVITY_SECONDS;
if (privateKey != NULL) {
Bits_memcpyConst(ca->privateKey, privateKey, 32);
- crypto_scalarmult_curve25519_base(ca->publicKey, ca->privateKey);
+ crypto_scalarmult_curve25519_base(ca->pub.publicKey, ca->privateKey);
} else {
- crypto_box_curve25519xsalsa20poly1305_keypair(ca->publicKey, ca->privateKey);
+ crypto_box_curve25519xsalsa20poly1305_keypair(ca->pub.publicKey, ca->privateKey);
}
#ifdef Log_KEYS
uint8_t publicKeyHex[65];
- printHexKey(publicKeyHex, ca->publicKey);
+ printHexKey(publicKeyHex, ca->pub.publicKey);
uint8_t privateKeyHex[65];
printHexKey(privateKeyHex, ca->privateKey);
Log_keys(logger,
@@ -920,14 +914,15 @@ struct CryptoAuth* CryptoAuth_new(Dict* config,
publicKeyHex);
#endif
- return ca;
+ return &ca->pub;
}
int32_t CryptoAuth_addUser(String* password,
uint8_t authType,
void* user,
- struct CryptoAuth* context)
+ struct CryptoAuth* ca)
{
+ struct CryptoAuth_pvt* context = (struct CryptoAuth_pvt*) ca;
if (authType != 1) {
return CryptoAuth_addUser_INVALID_AUTHTYPE;
}
@@ -952,7 +947,7 @@ int32_t CryptoAuth_addUser(String* password,
void CryptoAuth_flushUsers(struct CryptoAuth* context)
{
- context->passwordCount = 0;
+ ((struct CryptoAuth_pvt*) context)->passwordCount = 0;
}
void* CryptoAuth_getUser(struct Interface* interface)
@@ -976,8 +971,9 @@ struct Interface* CryptoAuth_wrapInterface(struct Interface* toWrap,
const uint8_t herPublicKey[32],
const bool requireAuth,
bool authenticatePackets,
- struct CryptoAuth* context)
+ struct CryptoAuth* ca)
{
+ struct CryptoAuth_pvt* context = (struct CryptoAuth_pvt*) ca;
struct CryptoAuth_Wrapper* wrapper =
toWrap->allocator->clone(sizeof(struct CryptoAuth_Wrapper), toWrap->allocator,
&(struct CryptoAuth_Wrapper) {
@@ -1018,11 +1014,6 @@ void CryptoAuth_setAuth(const String* password,
wrapper->authType = (password != NULL) ? authType : 0;
}
-void CryptoAuth_getPublicKey(uint8_t output[32], struct CryptoAuth* context)
-{
- Bits_memcpyConst(output, context->publicKey, 32);
-}
-
uint8_t* CryptoAuth_getHerPublicKey(struct Interface* interface)
{
return ((struct CryptoAuth_Wrapper*) interface->senderContext)->herPerminentPubKey;
View
22 crypto/CryptoAuth.h
@@ -25,7 +25,18 @@
#include <stdbool.h>
#include <event2/event.h>
-struct CryptoAuth;
+#define CryptoAuth_DEFAULT_RESET_AFTER_INACTIVITY_SECONDS 60
+
+struct CryptoAuth
+{
+ uint8_t publicKey[32];
+
+ /**
+ * After this number of seconds of inactivity,
+ * a connection will be reset to prevent them hanging in a bad state.
+ */
+ uint32_t resetAfterInactivitySeconds;
+};
/** The internal interface wrapper struct. */
struct CryptoAuth_Wrapper;
@@ -76,9 +87,6 @@ void* CryptoAuth_getUser(struct Interface* iface);
/**
* Create a new crypto authenticator.
*
- * @param config the configuration for this CryptoAuth, configuration options include:
- * resetAfterInactivitySeconds -- the number of seconds of inactivity after which to
- * reset the connection.
* @param allocator the means of aquiring memory.
* @param privateKey the private key to use for this CryptoAuth or null if one should be generated.
* @param eventBase the libevent context for handling timeouts.
@@ -86,8 +94,7 @@ void* CryptoAuth_getUser(struct Interface* iface);
* if NULL then no logging will be done.
* @return a new CryptoAuth context.
*/
-struct CryptoAuth* CryptoAuth_new(Dict* config,
- struct Allocator* allocator,
+struct CryptoAuth* CryptoAuth_new(struct Allocator* allocator,
const uint8_t* privateKey,
struct event_base* eventBase,
struct Log* logger);
@@ -124,9 +131,6 @@ void CryptoAuth_setAuth(const String* password,
const uint8_t authType,
struct Interface* wrappedInterface);
-/** Make a copy of our public key. */
-void CryptoAuth_getPublicKey(uint8_t output[32], struct CryptoAuth* context);
-
/** @return a pointer to the other party's public key. */
uint8_t* CryptoAuth_getHerPublicKey(struct Interface* iface);
View
4 crypto/CryptoAuth_benchmark.c
@@ -114,8 +114,8 @@ void CryptoAuth_benchmark(struct event_base* base,
struct Allocator* alloc)
{
struct Context ctx = {
- .ca1 = CryptoAuth_new(NULL, alloc, NULL, base, NULL),
- .ca2 = CryptoAuth_new(NULL, alloc, privateKey, base, NULL),
+ .ca1 = CryptoAuth_new(alloc, NULL, base, NULL),
+ .ca2 = CryptoAuth_new(alloc, privateKey, base, NULL),
.if1 = {
.sendMessage = transferMessage,
.senderContext = &ctx.if2,
View
14 crypto/CryptoAuth_pvt.h
@@ -34,11 +34,11 @@ struct CryptoAuth_Auth {
void* user;
};
-struct CryptoAuth
+struct CryptoAuth_pvt
{
- uint8_t privateKey[32];
+ struct CryptoAuth pub;
- uint8_t publicKey[32];
+ uint8_t privateKey[32];
struct CryptoAuth_Auth* passwords;
uint32_t passwordCount;
@@ -47,12 +47,6 @@ struct CryptoAuth
struct Log* logger;
struct event_base* eventBase;
- /**
- * After this number of seconds of inactivity,
- * a connection will be reset to prevent them hanging in a bad state.
- */
- uint32_t resetAfterInactivitySeconds;
-
struct Allocator* allocator;
};
@@ -113,7 +107,7 @@ struct CryptoAuth_Wrapper
bool hasBufferedMessage : 1;
/** A pointer back to the main cryptoauth context. */
- struct CryptoAuth* const context;
+ struct CryptoAuth_pvt* const context;
/** The internal interface which we are wrapping. */
struct Interface* const wrappedInterface;
View
4 crypto/test/CryptoAuth_test.c
@@ -110,7 +110,7 @@ int init(const uint8_t* privateKey,
struct event_base* base = event_base_new();
- ca1 = CryptoAuth_new(NULL, allocator, NULL, base, logger);
+ ca1 = CryptoAuth_new(allocator, NULL, base, logger);
if1 = allocator->clone(sizeof(struct Interface), allocator, &(struct Interface) {
.sendMessage = sendMessageToIf2,
.receiveMessage = recvMessageOnIf2,
@@ -120,7 +120,7 @@ int init(const uint8_t* privateKey,
cif1->receiveMessage = recvMessageOnIf1;
- ca2 = CryptoAuth_new(NULL, allocator, privateKey, base, logger);
+ ca2 = CryptoAuth_new(allocator, privateKey, base, logger);
if (password) {
String passStr = {.bytes=(char*)password,.len=strlen((char*)password)};
CryptoAuth_setAuth(&passStr, 1, cif1);
View
14 crypto/test/CryptoAuth_unit_test.c
@@ -70,7 +70,7 @@ void createNew()
{
uint8_t buff[BUFFER_SIZE];
struct Allocator* allocator = BufferAllocator_new(buff, BUFFER_SIZE);
- struct CryptoAuth* ca = CryptoAuth_new(NULL, allocator, privateKey, eventBase, NULL);
+ struct CryptoAuth* ca = CryptoAuth_new(allocator, privateKey, eventBase, NULL);
/*for (int i = 0; i < 32; i++) {
printf("%.2x", ca->publicKey[i]);
}*/
@@ -103,7 +103,7 @@ struct CryptoAuth_Wrapper* setUp(uint8_t* myPrivateKey,
struct Allocator* allocator = MallocAllocator_new(8192*2);
struct Log* logger = allocator->malloc(sizeof(struct Log), allocator);
logger->writer = FileWriter_new(stdout, allocator);
- struct CryptoAuth* ca = CryptoAuth_new(NULL, allocator, myPrivateKey, eventBase, logger);
+ struct CryptoAuth* ca = CryptoAuth_new(allocator, myPrivateKey, eventBase, logger);
struct Interface* iface =
allocator->clone(sizeof(struct Interface), allocator, &(struct Interface) {
@@ -116,7 +116,7 @@ struct CryptoAuth_Wrapper* setUp(uint8_t* myPrivateKey,
allocator,
&(struct CryptoAuth_Wrapper)
{
- .context = ca,
+ .context = (struct CryptoAuth_pvt*) ca,
.wrappedInterface = iface
});
@@ -224,7 +224,7 @@ void repeatHello()
struct Allocator* allocator = BufferAllocator_new(buff, BUFFER_SIZE);
struct Writer* logwriter = FileWriter_new(stdout, allocator);
struct Log logger = { .writer = logwriter };
- struct CryptoAuth* ca = CryptoAuth_new(NULL, allocator, NULL, eventBase, &logger);
+ struct CryptoAuth* ca = CryptoAuth_new(allocator, NULL, eventBase, &logger);
struct Message* out = NULL;
struct Interface iface = {
@@ -233,7 +233,7 @@ void repeatHello()
};
struct CryptoAuth_Wrapper wrapper = {
- .context = ca,
+ .context = (struct CryptoAuth_pvt*) ca,
.wrappedInterface = &iface
};
Bits_memcpyConst(wrapper.herPerminentPubKey, publicKey, 32);
@@ -257,10 +257,10 @@ void repeatHello()
// Check the nonce
Assert_always(!memcmp(msg2.bytes, "\0\0\0\1", 4));
- ca = CryptoAuth_new(NULL, allocator, privateKey, eventBase, &logger);
+ ca = CryptoAuth_new(allocator, privateKey, eventBase, &logger);
struct Message* finalOut = NULL;
struct CryptoAuth_Wrapper wrapper2 = {
- .context = ca,
+ .context = (struct CryptoAuth_pvt*) ca,
.externalInterface = {
.receiveMessage = receiveMessage,
.receiverContext = &finalOut
View
7 net/Ducttape.c
@@ -691,8 +691,7 @@ static uint8_t incomingFromPinger(struct Message* message, struct Interface* ifa
return context->switchInterface.receiveMessage(message, &context->switchInterface);
}
-struct Ducttape* Ducttape_register(Dict* config,
- uint8_t privateKey[32],
+struct Ducttape* Ducttape_register(uint8_t privateKey[32],
struct DHTModuleRegistry* registry,
struct RouterModule* routerModule,
struct SwitchCore* switchCore,
@@ -710,8 +709,8 @@ struct Ducttape* Ducttape_register(Dict* config,
AddressMapper_init(&context->addrMap);
struct CryptoAuth* cryptoAuth =
- CryptoAuth_new(config, allocator, privateKey, eventBase, logger);
- CryptoAuth_getPublicKey(context->myAddr.key, cryptoAuth);
+ CryptoAuth_new(allocator, privateKey, eventBase, logger);
+ Bits_memcpyConst(context->myAddr.key, cryptoAuth->publicKey, 32);
Address_getPrefix(&context->myAddr);
context->sm = SessionManager_new(16,
View
3  net/Ducttape.h
@@ -28,8 +28,7 @@ struct Ducttape
struct Interface switchPingerIf;
};
-struct Ducttape* Ducttape_register(Dict* config,
- uint8_t privateKey[32],
+struct Ducttape* Ducttape_register(uint8_t privateKey[32],
struct DHTModuleRegistry* registry,
struct RouterModule* routerModule,
struct SwitchCore* switchCore,
View
6 net/test/DefaultInterfaceController_test.c
@@ -52,7 +52,7 @@ static int reconnectionNewEndpointTest(struct InterfaceController* ifController,
struct Message* outgoing =
&(struct Message) { .length = 0, .padding = 512, .bytes = buffer + 512 };
- struct CryptoAuth* externalCa = CryptoAuth_new(NULL, alloc, NULL, eventBase, logger);
+ struct CryptoAuth* externalCa = CryptoAuth_new(alloc, NULL, eventBase, logger);
struct Interface* wrapped = CryptoAuth_wrapInterface(&iface, pk, false, false, externalCa);
CryptoAuth_setAuth(String_CONST("passwd"), 1, wrapped);
@@ -145,9 +145,9 @@ int main()
struct event_base* eventBase = event_base_new();
- struct CryptoAuth* ca = CryptoAuth_new(NULL, alloc, NULL, eventBase, logger);
+ struct CryptoAuth* ca = CryptoAuth_new(alloc, NULL, eventBase, logger);
uint8_t publicKey[32];
- CryptoAuth_getPublicKey(publicKey, ca);
+ Bits_memcpyConst(publicKey, ca->publicKey, 32);
CryptoAuth_addUser(String_CONST("passwd"), 1, (void*)0x01, ca);
struct SwitchCore* switchCore = SwitchCore_new(logger, alloc);
View
2  test/TestFramework.c
@@ -51,6 +51,6 @@ struct Ducttape* TestFramework_setUp()
SerializationModule_register(registry, allocator);
- return Ducttape_register(NULL, privateKey, registry, routerModule,
+ return Ducttape_register(privateKey, registry, routerModule,
switchCore, base, allocator, logger, NULL);
}
Please sign in to comment.
Something went wrong with that request. Please try again.