From 69cbff9cd6173177a4b403f9776a3261d3b758d6 Mon Sep 17 00:00:00 2001 From: John Jones Date: Sun, 19 Mar 2017 07:42:52 -0500 Subject: [PATCH] Refactor - SecureSession to SessionContext --- include/libp2p/conn/session.h | 43 ++++++++++++++++++++++++++++++++++ include/libp2p/secio/secio.h | 44 +++-------------------------------- net/multistream.c | 10 ++++---- secio/secio.c | 22 +++++++++--------- test/test_multistream.h | 2 +- test/test_secio.h | 8 +++---- 6 files changed, 67 insertions(+), 62 deletions(-) create mode 100644 include/libp2p/conn/session.h diff --git a/include/libp2p/conn/session.h b/include/libp2p/conn/session.h new file mode 100644 index 0000000..74c16c8 --- /dev/null +++ b/include/libp2p/conn/session.h @@ -0,0 +1,43 @@ +/*** + * Holds the details of communication between two hosts + */ + +enum IPTrafficType { TCP, UDP }; + +struct SessionContext { + // to get the connection started + char* host; + int port; + enum IPTrafficType traffic_type; + // once the connection is established + struct Stream* insecure_stream; + struct Stream* secure_stream; + struct Stream* default_stream; + // filled in during negotiations + char* chosen_curve; + char* chosen_cipher; + char* chosen_hash; + unsigned char* shared_key; // a shared key based off of the ephemeral private key + size_t shared_key_size; + unsigned char* mac; + size_t mac_size; + /** + * The mac function to use + * @param 1 the incoming data bytes + * @param 2 the size of the incoming array + * @param 3 the results. Must be allocated to correct size (or larger) + * @returns true(1) on success, false(0) otherwise + */ + int (*mac_function)(const unsigned char*, size_t, unsigned char*); + // local only stuff + char local_nonce[16]; + struct EphemeralPrivateKey* ephemeral_private_key; + struct StretchedKey* local_stretched_key; + // remote stuff + char remote_nonce[16]; + struct PublicKey remote_key; + char* remote_peer_id; + struct StretchedKey* remote_stretched_key; + unsigned char* remote_ephemeral_public_key; + size_t remote_ephemeral_public_key_size; +}; diff --git a/include/libp2p/secio/secio.h b/include/libp2p/secio/secio.h index e2ec457..ac582e5 100644 --- a/include/libp2p/secio/secio.h +++ b/include/libp2p/secio/secio.h @@ -2,50 +2,12 @@ #include "libp2p/crypto/key.h" #include "libp2p/crypto/rsa.h" +#include "libp2p/conn/session.h" /** - * A secure connection + * Handling of a secure connection */ -enum IPTrafficType { TCP, UDP }; - -struct SecureSession { - // to get the connection started - char* host; - int port; - enum IPTrafficType traffic_type; - // once the connection is established - struct Stream* insecure_stream; - struct Stream* secure_stream; - struct Stream* default_stream; - // filled in during negotiations - char* chosen_curve; - char* chosen_cipher; - char* chosen_hash; - unsigned char* shared_key; // a shared key based off of the ephemeral private key - size_t shared_key_size; - unsigned char* mac; - size_t mac_size; - /** - * The mac function to use - * @param 1 the incoming data bytes - * @param 2 the size of the incoming array - * @param 3 the results. Must be allocated to correct size (or larger) - * @returns true(1) on success, false(0) otherwise - */ - int (*mac_function)(const unsigned char*, size_t, unsigned char*); - // local only stuff - char local_nonce[16]; - struct EphemeralPrivateKey* ephemeral_private_key; - struct StretchedKey* local_stretched_key; - // remote stuff - char remote_nonce[16]; - struct PublicKey remote_key; - char* remote_peer_id; - struct StretchedKey* remote_stretched_key; - unsigned char* remote_ephemeral_public_key; - size_t remote_ephemeral_public_key_size; -}; /*** * performs initial communication over an insecure channel to share @@ -55,4 +17,4 @@ struct SecureSession { * @param remote_requested the other side is who asked for the upgrade * @returns true(1) on success, false(0) otherwise */ -int libp2p_secio_handshake(struct SecureSession* session, struct RsaPrivateKey* private_key, int remote_requested); +int libp2p_secio_handshake(struct SessionContext* session, struct RsaPrivateKey* private_key, int remote_requested); diff --git a/net/multistream.c b/net/multistream.c index 1b96f46..e0bd471 100644 --- a/net/multistream.c +++ b/net/multistream.c @@ -16,7 +16,7 @@ */ int libp2p_net_multistream_close(void* stream_context) { - struct SecureSession* secure_context = (struct SecureSession*)stream_context; + struct SessionContext* secure_context = (struct SessionContext*)stream_context; struct Stream* stream = secure_context->insecure_stream; close((intptr_t)stream->socket_descriptor); return 1; @@ -30,7 +30,7 @@ int libp2p_net_multistream_close(void* stream_context) { * @returns the number of bytes written */ int libp2p_net_multistream_write(void* stream_context, const unsigned char* data, size_t data_length) { - struct SecureSession* secure_context = (struct SecureSession*)stream_context; + struct SessionContext* secure_context = (struct SessionContext*)stream_context; struct Stream* stream = secure_context->insecure_stream; int num_bytes = 0; @@ -57,7 +57,7 @@ int libp2p_net_multistream_write(void* stream_context, const unsigned char* data * @returns number of bytes received */ int libp2p_net_multistream_read(void* stream_context, unsigned char** results, size_t* results_size) { - struct SecureSession* secure_context = (struct SecureSession*)stream_context; + struct SessionContext* secure_context = (struct SessionContext*)stream_context; struct Stream* stream = secure_context->insecure_stream; int bytes = 0; size_t buffer_size = 65535; @@ -135,7 +135,7 @@ struct Stream* libp2p_net_multistream_connect(const char* hostname, int port) { if (stream == NULL) goto exit; - struct SecureSession session; + struct SessionContext session; session.insecure_stream = stream; session.default_stream = stream; @@ -170,7 +170,7 @@ int libp2p_net_multistream_negotiate(struct Stream* stream) { size_t results_length = 0; int retVal = 0; // send the protocol id - struct SecureSession secure_session; + struct SessionContext secure_session; secure_session.insecure_stream = stream; secure_session.default_stream = stream; if (!libp2p_net_multistream_write(&secure_session, (unsigned char*)protocolID, strlen(protocolID))) diff --git a/secio/secio.c b/secio/secio.c index 433d728..5355b4a 100644 --- a/secio/secio.c +++ b/secio/secio.c @@ -29,8 +29,8 @@ const char* SupportedHashes = "SHA256,SHA512"; * Create a new SecureSession struct * @returns a pointer to a new SecureSession object */ -struct SecureSession* libp2p_secio_secure_session_new() { - struct SecureSession* ss = (struct SecureSession*) malloc(sizeof(struct SecureSession)); +struct SessionContext* libp2p_secio_secure_session_new() { + struct SessionContext* ss = (struct SessionContext*) malloc(sizeof(struct SessionContext)); if (ss == NULL) return NULL; ss->insecure_stream = NULL; @@ -42,7 +42,7 @@ struct SecureSession* libp2p_secio_secure_session_new() { * Clean up resources from a SecureSession struct * @param in the SecureSession to be deallocated */ -void libp2p_secio_secure_session_free(struct SecureSession* in) { +void libp2p_secio_secure_session_free(struct SessionContext* in) { //TODO: should we close the socket? free(in); } @@ -371,7 +371,7 @@ int libp2p_secio_stretch_keys(char* cipherType, char* hashType, unsigned char* s return retVal; } -int libp2p_secio_make_mac_and_cipher(struct SecureSession* session, struct StretchedKey* stretched_key) { +int libp2p_secio_make_mac_and_cipher(struct SessionContext* session, struct StretchedKey* stretched_key) { // mac if (strcmp(session->chosen_hash, "SHA1") == 0) { stretched_key->mac_size = 40; @@ -410,7 +410,7 @@ int libp2p_secio_make_mac_and_cipher(struct SecureSession* session, struct Stret * @param data_length the number of bytes to write * @returns the number of bytes written */ -int libp2p_secio_unencrypted_write(struct SecureSession* session, unsigned char* bytes, size_t data_length) { +int libp2p_secio_unencrypted_write(struct SessionContext* session, unsigned char* bytes, size_t data_length) { int num_bytes = 0; if (data_length > 0) { // only do this is if there is something to send @@ -461,7 +461,7 @@ int libp2p_secio_unencrypted_write(struct SecureSession* session, unsigned char* * @param results_size the size of the results * @returns the number of bytes read */ -int libp2p_secio_unencrypted_read(struct SecureSession* session, unsigned char** results, size_t* results_size) { +int libp2p_secio_unencrypted_read(struct SessionContext* session, unsigned char** results, size_t* results_size) { uint32_t buffer_size; // first read the 4 byte integer @@ -524,7 +524,7 @@ int libp2p_secio_unencrypted_read(struct SecureSession* session, unsigned char** * @param outgoing_size the amount of memory allocated * @returns true(1) on success, otherwise false(0) */ -int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) { +int libp2p_secio_encrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) { unsigned char* buffer = NULL; size_t buffer_size = 0; @@ -564,7 +564,7 @@ int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned cha * @returns the number of bytes written */ int libp2p_secio_encrypted_write(void* stream_context, const unsigned char* bytes, size_t num_bytes) { - struct SecureSession* session = (struct SecureSession*) stream_context; + struct SessionContext* session = (struct SessionContext*) stream_context; // writer uses the local cipher and mac unsigned char* buffer = NULL; size_t buffer_size = 0; @@ -584,7 +584,7 @@ int libp2p_secio_encrypted_write(void* stream_context, const unsigned char* byte * @param outgoing_size the amount of memory allocated for the results * @returns number of unencrypted bytes */ -int libp2p_secio_decrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) { +int libp2p_secio_decrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size) { size_t data_section_size = incoming_size - 32; *outgoing_size = 0; unsigned char* buffer; @@ -626,7 +626,7 @@ int libp2p_secio_decrypt(const struct SecureSession* session, const unsigned cha * @returns the number of bytes read */ int libp2p_secio_encrypted_read(void* stream_context, unsigned char** bytes, size_t* num_bytes) { - struct SecureSession* session = (struct SecureSession*)stream_context; + struct SessionContext* session = (struct SessionContext*)stream_context; // reader uses the remote cipher and mac // read the data unsigned char* incoming = NULL; @@ -645,7 +645,7 @@ int libp2p_secio_encrypted_read(void* stream_context, unsigned char** bytes, siz * @param remote_requested it is the other side that requested the upgrade to secio * @returns true(1) on success, false(0) otherwise */ -int libp2p_secio_handshake(struct SecureSession* local_session, struct RsaPrivateKey* private_key, int remote_requested) { +int libp2p_secio_handshake(struct SessionContext* local_session, struct RsaPrivateKey* private_key, int remote_requested) { int retVal = 0; size_t results_size = 0, bytes_written = 0; unsigned char* propose_in_bytes = NULL; // the remote protobuf diff --git a/test/test_multistream.h b/test/test_multistream.h index 64c0704..d744d35 100644 --- a/test/test_multistream.h +++ b/test/test_multistream.h @@ -28,7 +28,7 @@ int test_multistream_get_list() { size_t response_size; char* filtered = NULL; - struct SecureSession session; + struct SessionContext session; session.insecure_stream = libp2p_net_multistream_connect("104.131.131.82", 4001); if (*((int*)session.insecure_stream->socket_descriptor) < 0) diff --git a/test/test_secio.h b/test/test_secio.h index 538b644..5dcc3e8 100644 --- a/test/test_secio.h +++ b/test/test_secio.h @@ -20,7 +20,7 @@ int test_secio_handshake() { unsigned char final_id[final_id_size]; struct PrivateKey* private_key = NULL; - struct SecureSession secure_session = {0}; + struct SessionContext secure_session = {0}; // 1) take the private key and turn it back into bytes (decode base 64) decode_base64_size = libp2p_crypto_encoding_base64_decode_size(strlen(orig_priv_key)); @@ -85,8 +85,8 @@ int test_secio_handshake() { return retVal; } -int libp2p_secio_encrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size); -int libp2p_secio_decrypt(const struct SecureSession* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size); +int libp2p_secio_encrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size); +int libp2p_secio_decrypt(const struct SessionContext* session, const unsigned char* incoming, size_t incoming_size, unsigned char** outgoing, size_t* outgoing_size); int test_secio_encrypt_decrypt() { unsigned char* original = "This is a test message"; @@ -95,7 +95,7 @@ int test_secio_encrypt_decrypt() { size_t encrypted_size = 0; unsigned char* results = NULL; size_t results_size = 0; - struct SecureSession secure_session; + struct SessionContext secure_session; struct StretchedKey stretched_key; secure_session.local_stretched_key = &stretched_key; secure_session.remote_stretched_key = &stretched_key;