This is a header-only C++14 library implementing custom transport encryption using libsodium and Asio's stackless coroutines. It assumes pre-shared public keys and uses only the sealed box and crypto box constructs.
This library depends on Asio, libsodium, Microsoft's Guideline Support Library, and the reference implementation for std::experimental::optional. Aside from libsodium, these dependencies are bundled as submodules in the bundle directory. To use this library, just add the appropriate bundled include directories to your project along with the primary include directory. You will also need to install and link against libsodium.
For a usage example, see the socket test. Note that this library only supports in-order transports (e.g. tcp or domain sockets).
The project is currently built using the Chromium project's Generate Ninja. There is a PKGBUILD for Arch Linux here. You will also need to install the Ninja build system.
To build and run the tests:
gn gen out/release --args="is_debug=false"
ninja -C out/releaseThe default build uses clang. To use gcc:
gn gen out/release --args="is_debug=false compiler=\"gcc\""
ninja -C out/releaseUsing the server's public key, the client sends a fixed-length sealed box containing the client's public key and a random reply nonce. If the public key retrieved from the sealed box is unknown, the connection is terminated.
The server uses the reply nonce to respond with a crypto box containing a reply nonce and a followup nonce. The reply nonce is used for the client's next transmission, and the followup nonce is used for the server's next transmission.
Subsequent messages consist of a fixed-length message header followed by variable-length message data. A message header contains the length of the following message data along with the random data nonce used to encrypt the message data and a random followup nonce that will be used to encrypt the next message header. The message length is sent in little-endian format.
With a bit of work, keys could be ratcheted with each transmission.