Refactor - SecureSession to SessionContext
This commit is contained in:
John Jones
parent
8463e0b06b
commit
69cbff9cd6
6 changed files with 67 additions and 62 deletions
43
include/libp2p/conn/session.h
Normal file
43
include/libp2p/conn/session.h
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
/***
|
||||
* Holds the details of communication between two hosts
|
||||
*/
|
||||
|
||||
enum IPTrafficType { TCP, UDP };
|
||||
|
||||
struct SessionContext {
|
||||
// to get the connection started
|
||||
char* host;
|
||||
int port;
|
||||
enum IPTrafficType traffic_type;
|
||||
// once the connection is established
|
||||
struct Stream* insecure_stream;
|
||||
struct Stream* secure_stream;
|
||||
struct Stream* default_stream;
|
||||
// filled in during negotiations
|
||||
char* chosen_curve;
|
||||
char* chosen_cipher;
|
||||
char* chosen_hash;
|
||||
unsigned char* shared_key; // a shared key based off of the ephemeral private key
|
||||
size_t shared_key_size;
|
||||
unsigned char* mac;
|
||||
size_t mac_size;
|
||||
/**
|
||||
* The mac function to use
|
||||
* @param 1 the incoming data bytes
|
||||
* @param 2 the size of the incoming array
|
||||
* @param 3 the results. Must be allocated to correct size (or larger)
|
||||
* @returns true(1) on success, false(0) otherwise
|
||||
*/
|
||||
int (*mac_function)(const unsigned char*, size_t, unsigned char*);
|
||||
// local only stuff
|
||||
char local_nonce[16];
|
||||
struct EphemeralPrivateKey* ephemeral_private_key;
|
||||
struct StretchedKey* local_stretched_key;
|
||||
// remote stuff
|
||||
char remote_nonce[16];
|
||||
struct PublicKey remote_key;
|
||||
char* remote_peer_id;
|
||||
struct StretchedKey* remote_stretched_key;
|
||||
unsigned char* remote_ephemeral_public_key;
|
||||
size_t remote_ephemeral_public_key_size;
|
||||
};
|
||||
|
|
@ -2,50 +2,12 @@
|
|||
|
||||
#include "libp2p/crypto/key.h"
|
||||
#include "libp2p/crypto/rsa.h"
|
||||
#include "libp2p/conn/session.h"
|
||||
|
||||
/**
|
||||
* A secure connection
|
||||
* Handling of a secure connection
|
||||
*/
|
||||
|
||||
enum IPTrafficType { TCP, UDP };
|
||||
|
||||
struct SecureSession {
|
||||
// to get the connection started
|
||||
char* host;
|
||||
int port;
|
||||
enum IPTrafficType traffic_type;
|
||||
// once the connection is established
|
||||
struct Stream* insecure_stream;
|
||||
struct Stream* secure_stream;
|
||||
struct Stream* default_stream;
|
||||
// filled in during negotiations
|
||||
char* chosen_curve;
|
||||
char* chosen_cipher;
|
||||
char* chosen_hash;
|
||||
unsigned char* shared_key; // a shared key based off of the ephemeral private key
|
||||
size_t shared_key_size;
|
||||
unsigned char* mac;
|
||||
size_t mac_size;
|
||||
/**
|
||||
* The mac function to use
|
||||
* @param 1 the incoming data bytes
|
||||
* @param 2 the size of the incoming array
|
||||
* @param 3 the results. Must be allocated to correct size (or larger)
|
||||
* @returns true(1) on success, false(0) otherwise
|
||||
*/
|
||||
int (*mac_function)(const unsigned char*, size_t, unsigned char*);
|
||||
// local only stuff
|
||||
char local_nonce[16];
|
||||
struct EphemeralPrivateKey* ephemeral_private_key;
|
||||
struct StretchedKey* local_stretched_key;
|
||||
// remote stuff
|
||||
char remote_nonce[16];
|
||||
struct PublicKey remote_key;
|
||||
char* remote_peer_id;
|
||||
struct StretchedKey* remote_stretched_key;
|
||||
unsigned char* remote_ephemeral_public_key;
|
||||
size_t remote_ephemeral_public_key_size;
|
||||
};
|
||||
|
||||
/***
|
||||
* performs initial communication over an insecure channel to share
|
||||
|
|
@ -55,4 +17,4 @@ struct SecureSession {
|
|||
* @param remote_requested the other side is who asked for the upgrade
|
||||
* @returns true(1) on success, false(0) otherwise
|
||||
*/
|
||||
int libp2p_secio_handshake(struct SecureSession* session, struct RsaPrivateKey* private_key, int remote_requested);
|
||||
int libp2p_secio_handshake(struct SessionContext* session, struct RsaPrivateKey* private_key, int remote_requested);
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
*/
|
||||
|
||||
int libp2p_net_multistream_close(void* stream_context) {
|
||||
struct SecureSession* secure_context = (struct SecureSession*)stream_context;
|
||||
struct SessionContext* secure_context = (struct SessionContext*)stream_context;
|
||||
struct Stream* stream = secure_context->insecure_stream;
|
||||
close((intptr_t)stream->socket_descriptor);
|
||||
return 1;
|
||||
|
|
@ -30,7 +30,7 @@ int libp2p_net_multistream_close(void* stream_context) {
|
|||
* @returns the number of bytes written
|
||||
*/
|
||||
int libp2p_net_multistream_write(void* stream_context, const unsigned char* data, size_t data_length) {
|
||||
struct SecureSession* secure_context = (struct SecureSession*)stream_context;
|
||||
struct SessionContext* secure_context = (struct SessionContext*)stream_context;
|
||||
struct Stream* stream = secure_context->insecure_stream;
|
||||
int num_bytes = 0;
|
||||
|
||||
|
|
@ -57,7 +57,7 @@ int libp2p_net_multistream_write(void* stream_context, const unsigned char* data
|
|||
* @returns number of bytes received
|
||||
*/
|
||||
int libp2p_net_multistream_read(void* stream_context, unsigned char** results, size_t* results_size) {
|
||||
struct SecureSession* secure_context = (struct SecureSession*)stream_context;
|
||||
struct SessionContext* secure_context = (struct SessionContext*)stream_context;
|
||||
struct Stream* stream = secure_context->insecure_stream;
|
||||
int bytes = 0;
|
||||
size_t buffer_size = 65535;
|
||||
|
|
@ -135,7 +135,7 @@ struct Stream* libp2p_net_multistream_connect(const char* hostname, int port) {
|
|||
if (stream == NULL)
|
||||
goto exit;
|
||||
|
||||
struct SecureSession session;
|
||||
struct SessionContext session;
|
||||
session.insecure_stream = stream;
|
||||
session.default_stream = stream;
|
||||
|
||||
|
|
@ -170,7 +170,7 @@ int libp2p_net_multistream_negotiate(struct Stream* stream) {
|
|||
size_t results_length = 0;
|
||||
int retVal = 0;
|
||||
// send the protocol id
|
||||
struct SecureSession secure_session;
|
||||
struct SessionContext secure_session;
|
||||
secure_session.insecure_stream = stream;
|
||||
secure_session.default_stream = stream;
|
||||
if (!libp2p_net_multistream_write(&secure_session, (unsigned char*)protocolID, strlen(protocolID)))
|
||||
|
|
|
|||
|
|
@ -29,8 +29,8 @@ const char* SupportedHashes = "SHA256,SHA512";
|
|||
* Create a new SecureSession struct
|
||||
* @returns a pointer to a new SecureSession object
|
||||
*/
|
||||
struct SecureSession* libp2p_secio_secure_session_new() {
|
||||
struct SecureSession* ss = (struct SecureSession*) malloc(sizeof(struct SecureSession));
|
||||
struct SessionContext* libp2p_secio_secure_session_new() {
|
||||
struct SessionContext* ss = (struct SessionContext*) malloc(sizeof(struct SessionContext));
|
||||
if (ss == NULL)
|
||||
return NULL;
|
||||
ss->insecure_stream = NULL;
|
||||
|
|
@ -42,7 +42,7 @@ struct SecureSession* libp2p_secio_secure_session_new() {
|
|||
* Clean up resources from a SecureSession struct
|
||||
* @param in the SecureSession to be deallocated
|
||||
*/
|
||||
void libp2p_secio_secure_session_free(struct SecureSession* in) {
|
||||
void libp2p_secio_secure_session_free(struct SessionContext* in) {
|
||||
//TODO: should we close the socket?
|
||||
free(in);
|
||||
}
|
||||
|
|
@ -371,7 +371,7 @@ int libp2p_secio_stretch_keys(char* cipherType, char* hashType, unsigned char* s
|
|||
return retVal;
|
||||
}
|
||||
|
||||
int libp2p_secio_make_mac_and_cipher(struct SecureSession* session, struct StretchedKey* stretched_key) {
|
||||
int libp2p_secio_make_mac_and_cipher(struct SessionContext* session, struct StretchedKey* stretched_key) {
|
||||
// mac
|
||||
if (strcmp(session->chosen_hash, "SHA1") == 0) {
|
||||
stretched_key->mac_size = 40;
|
||||
|
|
@ -410,7 +410,7 @@ int libp2p_secio_make_mac_and_cipher(struct SecureSession* session, struct Stret
|
|||
* @param data_length the number of bytes to write
|
||||
* @returns the number of bytes written
|
||||
*/
|
||||
int libp2p_secio_unencrypted_write(struct SecureSession* session, unsigned char* bytes, size_t data_length) {
|
||||
int libp2p_secio_unencrypted_write(struct SessionContext* session, unsigned char* bytes, size_t data_length) {
|
||||
int num_bytes = 0;
|
||||
|
||||
if (data_length > 0) { // only do this is if there is something to send
|
||||
|
|
@ -461,7 +461,7 @@ int libp2p_secio_unencrypted_write(struct SecureSession* session, unsigned char*
|
|||
* @param results_size the size of the results
|
||||
* @returns the number of bytes read
|
||||
*/
|
||||
int libp2p_secio_unencrypted_read(struct SecureSession* session, unsigned char** results, size_t* results_size) {
|
||||
int libp2p_secio_unencrypted_read(struct SessionContext* session, unsigned char** results, size_t* results_size) {
|
||||
uint32_t buffer_size;
|
||||
|
||||
// first read the 4 byte integer
|
||||
|
|
@ -524,7 +524,7 @@ int libp2p_secio_unencrypted_read(struct SecureSession* session, unsigned char**
|
|||
* @param outgoing_size the amount of memory allocated
|
||||
* @returns true(1) on success, otherwise false(0)
|
||||
*/
|
||||
int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) {
|
||||
int libp2p_secio_encrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) {
|
||||
unsigned char* buffer = NULL;
|
||||
size_t buffer_size = 0;
|
||||
|
||||
|
|
@ -564,7 +564,7 @@ int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned cha
|
|||
* @returns the number of bytes written
|
||||
*/
|
||||
int libp2p_secio_encrypted_write(void* stream_context, const unsigned char* bytes, size_t num_bytes) {
|
||||
struct SecureSession* session = (struct SecureSession*) stream_context;
|
||||
struct SessionContext* session = (struct SessionContext*) stream_context;
|
||||
// writer uses the local cipher and mac
|
||||
unsigned char* buffer = NULL;
|
||||
size_t buffer_size = 0;
|
||||
|
|
@ -584,7 +584,7 @@ int libp2p_secio_encrypted_write(void* stream_context, const unsigned char* byte
|
|||
* @param outgoing_size the amount of memory allocated for the results
|
||||
* @returns number of unencrypted bytes
|
||||
*/
|
||||
int libp2p_secio_decrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) {
|
||||
int libp2p_secio_decrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) {
|
||||
size_t data_section_size = incoming_size - 32;
|
||||
*outgoing_size = 0;
|
||||
unsigned char* buffer;
|
||||
|
|
@ -626,7 +626,7 @@ int libp2p_secio_decrypt(const struct SecureSession* session, const unsigned cha
|
|||
* @returns the number of bytes read
|
||||
*/
|
||||
int libp2p_secio_encrypted_read(void* stream_context, unsigned char** bytes, size_t* num_bytes) {
|
||||
struct SecureSession* session = (struct SecureSession*)stream_context;
|
||||
struct SessionContext* session = (struct SessionContext*)stream_context;
|
||||
// reader uses the remote cipher and mac
|
||||
// read the data
|
||||
unsigned char* incoming = NULL;
|
||||
|
|
@ -645,7 +645,7 @@ int libp2p_secio_encrypted_read(void* stream_context, unsigned char** bytes, siz
|
|||
* @param remote_requested it is the other side that requested the upgrade to secio
|
||||
* @returns true(1) on success, false(0) otherwise
|
||||
*/
|
||||
int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivateKey* private_key, int remote_requested) {
|
||||
int libp2p_secio_handshake(struct SessionContext* local_session, struct RsaPrivateKey* private_key, int remote_requested) {
|
||||
int retVal = 0;
|
||||
size_t results_size = 0, bytes_written = 0;
|
||||
unsigned char* propose_in_bytes = NULL; // the remote protobuf
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ int test_multistream_get_list() {
|
|||
size_t response_size;
|
||||
char* filtered = NULL;
|
||||
|
||||
struct SecureSession session;
|
||||
struct SessionContext session;
|
||||
session.insecure_stream = libp2p_net_multistream_connect("104.131.131.82", 4001);
|
||||
|
||||
if (*((int*)session.insecure_stream->socket_descriptor) < 0)
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ int test_secio_handshake() {
|
|||
unsigned char final_id[final_id_size];
|
||||
|
||||
struct PrivateKey* private_key = NULL;
|
||||
struct SecureSession secure_session = {0};
|
||||
struct SessionContext secure_session = {0};
|
||||
|
||||
// 1) take the private key and turn it back into bytes (decode base 64)
|
||||
decode_base64_size = libp2p_crypto_encoding_base64_decode_size(strlen(orig_priv_key));
|
||||
|
|
@ -85,8 +85,8 @@ int test_secio_handshake() {
|
|||
return retVal;
|
||||
}
|
||||
|
||||
int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size);
|
||||
int libp2p_secio_decrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size);
|
||||
int libp2p_secio_encrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size);
|
||||
int libp2p_secio_decrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size);
|
||||
|
||||
int test_secio_encrypt_decrypt() {
|
||||
unsigned char* original = "This is a test message";
|
||||
|
|
@ -95,7 +95,7 @@ int test_secio_encrypt_decrypt() {
|
|||
size_t encrypted_size = 0;
|
||||
unsigned char* results = NULL;
|
||||
size_t results_size = 0;
|
||||
struct SecureSession secure_session;
|
||||
struct SessionContext secure_session;
|
||||
struct StretchedKey stretched_key;
|
||||
secure_session.local_stretched_key = &stretched_key;
|
||||
secure_session.remote_stretched_key = &stretched_key;
|
||||
|
|
|
|||
Loading…
Reference in a new issue