From d9ed50094da3890b10872a4955dceb2817931f1f Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Wed, 14 Mar 2012 17:16:28 +0100 Subject: Require libuecc; rename cfxp to ecfxp; add some basic infrastructure for crypto implementation --- CMakeLists.txt | 13 ++- FindNaCl.cmake | 2 +- FindUECC.cmake | 16 ++++ config.h.in | 2 +- src/CMakeLists.txt | 10 +- src/fastd.c | 8 +- src/fastd.h | 2 + src/method_curve25519_fhmqvc_xsalsa20_poly1305.c | 102 -------------------- src/method_ec25519_fhmqvc_xsalsa20_poly1305.c | 117 +++++++++++++++++++++++ src/method_null.c | 9 ++ src/peer.c | 4 + src/peer.h | 4 +- 12 files changed, 172 insertions(+), 117 deletions(-) create mode 100644 FindUECC.cmake delete mode 100644 src/method_curve25519_fhmqvc_xsalsa20_poly1305.c create mode 100644 src/method_ec25519_fhmqvc_xsalsa20_poly1305.c diff --git a/CMakeLists.txt b/CMakeLists.txt index f536086..da8027e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,13 +3,18 @@ project(FASTD C) set(CMAKE_MODULE_PATH ${FASTD_SOURCE_DIR}) +find_package(UECC) find_package(NaCl) -set(WITH_CFXP ${NACL_FOUND} CACHE BOOL "Include curve25519-fhmqvc-xsalsa20-poly1305 method") +if(UECC_FOUND AND NACL_FOUND) + set(CRYPTO_FOUND TRUE) +endif(UECC_FOUND AND NACL_FOUND) -if(WITH_CFXP AND NOT NACL_FOUND) - MESSAGE(FATAL_ERROR "NaCl: Networking and Cryptography library is required for the curve25519-fhmqvc-xsalsa20-poly1305 method") -endif(WITH_CFXP AND NOT NACL_FOUND) +set(WITH_METHOD_ECFXP ${CRYPTO_FOUND} CACHE BOOL "Include ec25519-fhmqvc-xsalsa20-poly1305 method") + +if(WITH_METHOD_ECFXP AND NOT CRYPTO_FOUND) + MESSAGE(FATAL_ERROR "libuecc and NaCl are required for the ec25519-fhmqvc-xsalsa20-poly1305 method") +endif(WITH_METHOD_ECFXP AND NOT CRYPTO_FOUND) configure_file(${FASTD_SOURCE_DIR}/config.h.in ${FASTD_BINARY_DIR}/config.h) diff --git a/FindNaCl.cmake b/FindNaCl.cmake index 0d453b0..6388df6 100644 --- a/FindNaCl.cmake +++ b/FindNaCl.cmake @@ -1,5 +1,5 @@ FIND_PATH(NACL_INCLUDE_DIR crypto_secretbox_xsalsa20poly1305.h PATH_SUFFIXES nacl) -FIND_LIBRARY(NACL_LIBRARY NAMES nacl) +FIND_LIBRARY(NACL_LIBRARY NAMES nacl) IF (NACL_INCLUDE_DIR AND NACL_LIBRARY) SET(NACL_FOUND TRUE) diff --git a/FindUECC.cmake b/FindUECC.cmake new file mode 100644 index 0000000..269c8f7 --- /dev/null +++ b/FindUECC.cmake @@ -0,0 +1,16 @@ +FIND_PATH(UECC_INCLUDE_DIR libuecc/ecc.h) +FIND_LIBRARY(UECC_LIBRARY NAMES uecc) + +IF (UECC_INCLUDE_DIR AND UECC_LIBRARY) + SET(UECC_FOUND TRUE) +ENDIF (UECC_INCLUDE_DIR AND UECC_LIBRARY) + +IF (UECC_FOUND) + IF (NOT UECC_FIND_QUIETLY) + MESSAGE(STATUS "Found libuecc: ${UECC_LIBRARY}; include path: ${UECC_INCLUDE_DIR}") + ENDIF (NOT UECC_FIND_QUIETLY) +ELSE (UECC_FOUND) + IF (UECC_FIND_REQUIRED) + MESSAGE(FATAL_ERROR "Could not find libuecc") + ENDIF (UECC_FIND_REQUIRED) +ENDIF (UECC_FOUND) diff --git a/config.h.in b/config.h.in index 926e49a..8697ede 100644 --- a/config.h.in +++ b/config.h.in @@ -28,6 +28,6 @@ #ifndef _FASTD_CONFIG_H_ #define _FASTD_CONFIG_H_ -#cmakedefine WITH_CFXP +#cmakedefine WITH_METHOD_ECFXP #endif /* _FASTD_CONFIG_H_ */ diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index ca32e30..7315aa0 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -2,11 +2,11 @@ set(METHODS method_null.c) set(FASTD_INCLUDES ${FASTD_BINARY_DIR}) set(FASTD_LIBS "") -if(WITH_CFXP) - set(METHODS ${METHODS} method_curve25519_fhmqvc_xsalsa20_poly1305.c) - set(FASTD_INCLUDES ${FASTD_INCLUDES} ${NACL_INCLUDE_DIR}) - set(FASTD_LIBS ${FASTD_LIBS} ${NACL_LIBRARY}) -endif(WITH_CFXP) +if(WITH_METHOD_ECFXP) + set(METHODS ${METHODS} method_ec25519_fhmqvc_xsalsa20_poly1305.c) + set(FASTD_INCLUDES ${FASTD_INCLUDES} ${UECC_INCLUDE_DIR} ${NACL_INCLUDE_DIR}) + set(FASTD_LIBS ${FASTD_LIBS} ${UECC_LIBRARY} ${NACL_LIBRARY}) +endif(WITH_METHOD_ECFXP) include_directories(${FASTD_INCLUDES}) diff --git a/src/fastd.c b/src/fastd.c index 5dcec14..496df97 100644 --- a/src/fastd.c +++ b/src/fastd.c @@ -47,8 +47,8 @@ extern fastd_method fastd_method_null; -#ifdef WITH_CFXP -extern fastd_method fastd_method_curve25519_fhmqvc_xsalsa20_poly1305; +#ifdef WITH_METHOD_ECFXP +extern fastd_method fastd_method_ec25519_fhmqvc_xsalsa20_poly1305; #endif @@ -255,6 +255,10 @@ static void configure(fastd_context *ctx, fastd_config *conf, int argc, char *ar case 'm': if (!strcmp(optarg, "null")) conf->method = &fastd_method_null; +#ifdef WITH_METHOD_ECFXP + if (!strcmp(optarg, "ecfxp")) + conf->method = &fastd_method_ec25519_fhmqvc_xsalsa20_poly1305; +#endif else exit_error(ctx, "invalid method `%s'", optarg); break; diff --git a/src/fastd.h b/src/fastd.h index 806beb7..834fa39 100644 --- a/src/fastd.h +++ b/src/fastd.h @@ -69,6 +69,8 @@ struct _fastd_method { void (*handle_recv)(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); void (*send)(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer); + + void (*free_peer_private)(fastd_context *ctx, fastd_peer *peer); }; struct _fastd_config { diff --git a/src/method_curve25519_fhmqvc_xsalsa20_poly1305.c b/src/method_curve25519_fhmqvc_xsalsa20_poly1305.c deleted file mode 100644 index 9551ad9..0000000 --- a/src/method_curve25519_fhmqvc_xsalsa20_poly1305.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - Copyright (c) 2012, Matthias Schiffer - Partly based on QuickTun Copyright (c) 2010, Ivo Smits . - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER - CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -*/ - - -#define _GNU_SOURCE - -#include "fastd.h" -#include "peer.h" - -#include - -#include - - -static bool method_check_config(fastd_context *ctx, const fastd_config *conf) { - return true; -} - -static size_t method_max_packet_size(fastd_context *ctx) { - return (fastd_max_packet_size(ctx) - crypto_secretbox_xsalsa20poly1305_NONCEBYTES); -} - -static char* method_peer_str(const fastd_context *ctx, const fastd_peer *peer) { - char addr_buf[INET6_ADDRSTRLEN] = ""; - char *ret; - - const char *temp = fastd_peer_is_temporary(peer) ? " (temporary)" : ""; - - switch (peer->address.sa.sa_family) { - case AF_UNSPEC: - if (asprintf(&ret, "%s", temp) > 0) - return ret; - break; - - case AF_INET: - if (inet_ntop(AF_INET, &peer->address.in.sin_addr, addr_buf, sizeof(addr_buf))) { - if (asprintf(&ret, "%s:%u%s", addr_buf, ntohs(peer->address.in.sin_port), temp) > 0) - return ret; - } - break; - - case AF_INET6: - if (inet_ntop(AF_INET6, &peer->address.in6.sin6_addr, addr_buf, sizeof(addr_buf))) { - if (asprintf(&ret, "[%s]:%u%s", addr_buf, ntohs(peer->address.in6.sin6_port), temp) > 0) - return ret; - } - break; - - default: - exit_bug(ctx, "unsupported address family"); - } - - return NULL; -} - -static void method_init(fastd_context *ctx, fastd_peer *peer) { -} - -static void method_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer) { - fastd_buffer_free(buffer); -} - -static void method_send(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer) { - fastd_buffer_free(buffer); -} - -const fastd_method fastd_method_curve25519_fhmqvc_xsalsa20_poly1305 = { - .name = "curve25519-fhmqvc-xsalsa20-poly1305", - - .check_config = method_check_config, - - .max_packet_size = method_max_packet_size, - - .peer_str = method_peer_str, - - .init = method_init, - .handle_recv = method_handle_recv, - .send = method_send, -}; diff --git a/src/method_ec25519_fhmqvc_xsalsa20_poly1305.c b/src/method_ec25519_fhmqvc_xsalsa20_poly1305.c new file mode 100644 index 0000000..2a01ccd --- /dev/null +++ b/src/method_ec25519_fhmqvc_xsalsa20_poly1305.c @@ -0,0 +1,117 @@ +/* + Copyright (c) 2012, Matthias Schiffer + Partly based on QuickTun Copyright (c) 2010, Ivo Smits . + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + + +#define _GNU_SOURCE + +#include "fastd.h" +#include "peer.h" + +#include + +#include +#include + + +typedef struct _method_peer_config { +} method_peer_config; + +typedef struct _method_peer_state { +} method_peer_state; + + +static bool method_check_config(fastd_context *ctx, const fastd_config *conf) { + return true; +} + +static size_t method_max_packet_size(fastd_context *ctx) { + return (fastd_max_packet_size(ctx) - crypto_secretbox_xsalsa20poly1305_NONCEBYTES); +} + +static char* method_peer_str(const fastd_context *ctx, const fastd_peer *peer) { + char addr_buf[INET6_ADDRSTRLEN] = ""; + char *ret; + + const char *temp = fastd_peer_is_temporary(peer) ? " (temporary)" : ""; + + switch (peer->address.sa.sa_family) { + case AF_UNSPEC: + if (asprintf(&ret, "%s", temp) > 0) + return ret; + break; + + case AF_INET: + if (inet_ntop(AF_INET, &peer->address.in.sin_addr, addr_buf, sizeof(addr_buf))) { + if (asprintf(&ret, "%s:%u%s", addr_buf, ntohs(peer->address.in.sin_port), temp) > 0) + return ret; + } + break; + + case AF_INET6: + if (inet_ntop(AF_INET6, &peer->address.in6.sin6_addr, addr_buf, sizeof(addr_buf))) { + if (asprintf(&ret, "[%s]:%u%s", addr_buf, ntohs(peer->address.in6.sin6_port), temp) > 0) + return ret; + } + break; + + default: + exit_bug(ctx, "unsupported address family"); + } + + return NULL; +} + +static void method_init(fastd_context *ctx, fastd_peer *peer) { + pr_info(ctx, "Initializing session with %P...", peer); +} + +static void method_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer) { + fastd_buffer_free(buffer); +} + +static void method_send(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer) { + fastd_buffer_free(buffer); +} + +static void method_free_peer_private(fastd_context *ctx, fastd_peer *peer) { +} + + +const fastd_method fastd_method_ec25519_fhmqvc_xsalsa20_poly1305 = { + .name = "ec25519-fhmqvc-xsalsa20-poly1305", + + .check_config = method_check_config, + + .max_packet_size = method_max_packet_size, + + .peer_str = method_peer_str, + + .init = method_init, + .handle_recv = method_handle_recv, + .send = method_send, + + .free_peer_private = method_free_peer_private, +}; diff --git a/src/method_null.c b/src/method_null.c index e8d8f58..f5a0d74 100644 --- a/src/method_null.c +++ b/src/method_null.c @@ -81,11 +81,15 @@ static char* method_peer_str(const fastd_context *ctx, const fastd_peer *peer) { } static void method_init(fastd_context *ctx, fastd_peer *peer) { + pr_info(ctx, "Connection with %P established.", peer); + fastd_task_put_send(ctx, peer, fastd_buffer_alloc(0, 0, 0)); } static void method_handle_recv(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffer) { if (!fastd_peer_is_established(peer)) { + pr_info(ctx, "Connection with %P established.", peer); + fastd_peer_set_established(ctx, peer); } @@ -114,6 +118,9 @@ static void method_send(fastd_context *ctx, fastd_peer *peer, fastd_buffer buffe fastd_task_put_send(ctx, peer, buffer); } +static void method_free_peer_private(fastd_context *ctx, fastd_peer *peer) { +} + const fastd_method fastd_method_null = { .name = "null", @@ -127,4 +134,6 @@ const fastd_method fastd_method_null = { .init = method_init, .handle_recv = method_handle_recv, .send = method_send, + + .free_peer_private = method_free_peer_private, }; diff --git a/src/peer.c b/src/peer.c index 98eebe9..ab09a1a 100644 --- a/src/peer.c +++ b/src/peer.c @@ -50,6 +50,9 @@ const fastd_eth_addr* fastd_get_dest_address(const fastd_context *ctx, fastd_buf } static inline void reset_peer(fastd_context *ctx, fastd_peer *peer) { + ctx->conf->method->free_peer_private(ctx, peer); + peer->method_private = NULL; + int i, deleted = 0; for (i = 0; i < ctx->n_eth_addr; i++) { if (ctx->eth_addr[i].peer == peer) { @@ -92,6 +95,7 @@ static fastd_peer* add_peer(fastd_context *ctx) { peer->next = ctx->peers; peer->last_req_id = 0; + peer->method_private = NULL; ctx->peers = peer; diff --git a/src/peer.h b/src/peer.h index 696dae6..121276c 100644 --- a/src/peer.h +++ b/src/peer.h @@ -48,6 +48,8 @@ struct _fastd_peer { uint8_t last_req_id; struct timespec seen; + + void *method_private; }; struct _fastd_peer_config { @@ -103,8 +105,6 @@ static inline void fastd_peer_set_established(fastd_context *ctx, fastd_peer *pe pr_warn(ctx, "tried to set an already established connection to established"); return; } - - pr_info(ctx, "Connection with %P established.", peer); } static inline bool fastd_eth_addr_is_unicast(const fastd_eth_addr *addr) { -- cgit v1.2.3