aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbnewbold <bnewbold@robocracy.org>2016-05-30 03:32:26 -0400
committerbnewbold <bnewbold@robocracy.org>2016-05-30 03:32:28 -0400
commit739816807c8b6a7c0e0be9c909f64d25dc0bf243 (patch)
treecab093c74c77e0e65966367936ce24b27374faec
parent57f85b9c8bafe3a18cfa3f639a6685e1f7bfd72d (diff)
downloaducp-739816807c8b6a7c0e0be9c909f64d25dc0bf243.tar.gz
ucp-739816807c8b6a7c0e0be9c909f64d25dc0bf243.zip
sort-of-working crypto
With XSalsa20, performance really isn't very good.
-rw-r--r--src/client.rs7
-rw-r--r--src/crypto.rs12
-rw-r--r--src/server.rs3
3 files changed, 12 insertions, 10 deletions
diff --git a/src/client.rs b/src/client.rs
index 165a898..cc16c1d 100644
--- a/src/client.rs
+++ b/src/client.rs
@@ -51,8 +51,8 @@ pub fn run_client(host: &str, local_file: &str, remote_file: &str, remote_is_dir
println!("\tport: {}", remote_port);
println!("\thost: {}", remote_host);
println!("\tsecret key: {}", remote_secret);
- println!("\tsecret read key: {}", remote_read_nonce);
- println!("\tsecret write key: {}", remote_write_nonce);
+ println!("\tsecret read nonce: {}", remote_read_nonce);
+ println!("\tsecret write nonce: {}", remote_write_nonce);
let mut socket = UtpSocket::connect((remote_host, remote_port)).unwrap();;
let mut stream: UtpStream = socket.into();
@@ -125,9 +125,10 @@ pub fn main_client() {
stream.read_nonce = string2nonce(&matches.opt_str("read-nonce").unwrap()).unwrap();
stream.write_nonce = string2nonce(&matches.opt_str("write-nonce").unwrap()).unwrap();
- // XXX:
+ /* XXX: DEBUG:
stream.read_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap();
stream.write_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap();
+ */
if matches.opt_present("f") {
common::source_files(&mut stream, &matches.opt_str("f").unwrap(), dir_mode);
diff --git a/src/crypto.rs b/src/crypto.rs
index 07c6cef..d6b65be 100644
--- a/src/crypto.rs
+++ b/src/crypto.rs
@@ -39,7 +39,6 @@ impl<S: Read+Write> Read for SecretStream<S> {
// First try to return any extra older decrypted data
if self.read_buf_len > 0 {
- println!("crypto: Returning existing data");
let rlen = min(self.read_buf_len, buf.len());
buf[..rlen].clone_from_slice(
&self.read_buf[self.read_buf_offset..(self.read_buf_offset+rlen)]);
@@ -51,24 +50,25 @@ impl<S: Read+Write> Read for SecretStream<S> {
let mut header_buf = [0; 4];
try!(self.inner.read_exact(&mut header_buf));
let len: u32 = unsafe { transmute(header_buf) };
- let len = len.to_be();
+ let len = u32::from_be(len);
let len = len as usize;
if len as usize > self.read_buf.len() {
return Err(io::Error::new(ErrorKind::Other,
format!("Message too big ({})", len)));
}
try!(self.inner.read_exact(&mut self.read_buf[..len]));
+ /*
println!("DECRYPT:");
println!("\tlen: {}", len);
println!("\tmsg: {:?}", &self.read_buf[..len]);
println!("\tnonce: {}", nonce2string(&self.write_nonce));
println!("\tkey: {}", key2string(&self.key));
+ */
let cleartext = match secretbox::open(&self.read_buf[..len], &self.read_nonce, &self.key) {
Ok(cleartext) => cleartext,
Err(_) => { return Err(io::Error::new(ErrorKind::InvalidData,
"Failed to decrypt message (could mean corruption or malicious attack"))},
};
- println!("crypto: Successfully decrypted message: {:?}", cleartext);
self.read_nonce.increment_le_inplace();
let clen = cleartext.len() as usize;
@@ -76,13 +76,12 @@ impl<S: Read+Write> Read for SecretStream<S> {
if clen > buf.len() {
let buf_len = buf.len();
buf.clone_from_slice(&cleartext[..buf_len]);
- println!("copying extra: {} {} {}", self.read_buf.len(), buf_len, clen);
self.read_buf[..(clen-buf_len)].clone_from_slice(&cleartext[buf_len..]);
self.read_buf_offset = 0;
self.read_buf_len = clen - buf_len;
return Ok(buf_len);
} else {
- buf.clone_from_slice(&cleartext[..clen]);
+ buf[..clen].clone_from_slice(&cleartext[..clen]);
return Ok(clen as usize);
}
}
@@ -98,13 +97,14 @@ impl<S: Read+Write> Write for SecretStream<S> {
let header_buf: [u8; 4] = unsafe { transmute(len.to_be()) };
try!(self.inner.write_all(&header_buf));
+ /*
println!("DECRYPT:");
println!("\tlen: {}", len);
println!("\tmsg: {:?}", ciphertext);
println!("\tnonce: {}", nonce2string(&self.write_nonce));
println!("\tkey: {}", key2string(&self.key));
let check = secretbox::open(&ciphertext, &self.write_nonce, &self.key).unwrap();
- //assert!(buf == check);
+ */
self.write_nonce.increment_le_inplace();
try!(self.inner.write_all(&ciphertext[..]));
diff --git a/src/server.rs b/src/server.rs
index 508bb36..6f19fb0 100644
--- a/src/server.rs
+++ b/src/server.rs
@@ -30,11 +30,12 @@ fn run_server(path: &str, is_recv: bool, recursive: bool, daemonize: bool) {
let read_nonce = secretbox::gen_nonce();
let write_nonce = secretbox::gen_nonce();
- // XXX:
+ /* XXX: DEBUG:
assert!(secret_key == string2key(&key2string(&secret_key)).unwrap());
assert!(read_nonce == string2nonce(&nonce2string(&read_nonce)).unwrap());
let read_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap();
let write_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap();
+ */
// Send back details so client can connect
println!("UCP CONNECT {} {} {} {} {}",