diff options
author | bnewbold <bnewbold@robocracy.org> | 2016-05-30 03:32:26 -0400 |
---|---|---|
committer | bnewbold <bnewbold@robocracy.org> | 2016-05-30 03:32:28 -0400 |
commit | 739816807c8b6a7c0e0be9c909f64d25dc0bf243 (patch) | |
tree | cab093c74c77e0e65966367936ce24b27374faec | |
parent | 57f85b9c8bafe3a18cfa3f639a6685e1f7bfd72d (diff) | |
download | ucp-739816807c8b6a7c0e0be9c909f64d25dc0bf243.tar.gz ucp-739816807c8b6a7c0e0be9c909f64d25dc0bf243.zip |
sort-of-working crypto
With XSalsa20, performance really isn't very good.
-rw-r--r-- | src/client.rs | 7 | ||||
-rw-r--r-- | src/crypto.rs | 12 | ||||
-rw-r--r-- | src/server.rs | 3 |
3 files changed, 12 insertions, 10 deletions
diff --git a/src/client.rs b/src/client.rs index 165a898..cc16c1d 100644 --- a/src/client.rs +++ b/src/client.rs @@ -51,8 +51,8 @@ pub fn run_client(host: &str, local_file: &str, remote_file: &str, remote_is_dir println!("\tport: {}", remote_port); println!("\thost: {}", remote_host); println!("\tsecret key: {}", remote_secret); - println!("\tsecret read key: {}", remote_read_nonce); - println!("\tsecret write key: {}", remote_write_nonce); + println!("\tsecret read nonce: {}", remote_read_nonce); + println!("\tsecret write nonce: {}", remote_write_nonce); let mut socket = UtpSocket::connect((remote_host, remote_port)).unwrap();; let mut stream: UtpStream = socket.into(); @@ -125,9 +125,10 @@ pub fn main_client() { stream.read_nonce = string2nonce(&matches.opt_str("read-nonce").unwrap()).unwrap(); stream.write_nonce = string2nonce(&matches.opt_str("write-nonce").unwrap()).unwrap(); - // XXX: + /* XXX: DEBUG: stream.read_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap(); stream.write_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap(); + */ if matches.opt_present("f") { common::source_files(&mut stream, &matches.opt_str("f").unwrap(), dir_mode); diff --git a/src/crypto.rs b/src/crypto.rs index 07c6cef..d6b65be 100644 --- a/src/crypto.rs +++ b/src/crypto.rs @@ -39,7 +39,6 @@ impl<S: Read+Write> Read for SecretStream<S> { // First try to return any extra older decrypted data if self.read_buf_len > 0 { - println!("crypto: Returning existing data"); let rlen = min(self.read_buf_len, buf.len()); buf[..rlen].clone_from_slice( &self.read_buf[self.read_buf_offset..(self.read_buf_offset+rlen)]); @@ -51,24 +50,25 @@ impl<S: Read+Write> Read for SecretStream<S> { let mut header_buf = [0; 4]; try!(self.inner.read_exact(&mut header_buf)); let len: u32 = unsafe { transmute(header_buf) }; - let len = len.to_be(); + let len = u32::from_be(len); let len = len as usize; if len as usize > self.read_buf.len() { return Err(io::Error::new(ErrorKind::Other, format!("Message too big ({})", len))); } try!(self.inner.read_exact(&mut self.read_buf[..len])); + /* println!("DECRYPT:"); println!("\tlen: {}", len); println!("\tmsg: {:?}", &self.read_buf[..len]); println!("\tnonce: {}", nonce2string(&self.write_nonce)); println!("\tkey: {}", key2string(&self.key)); + */ let cleartext = match secretbox::open(&self.read_buf[..len], &self.read_nonce, &self.key) { Ok(cleartext) => cleartext, Err(_) => { return Err(io::Error::new(ErrorKind::InvalidData, "Failed to decrypt message (could mean corruption or malicious attack"))}, }; - println!("crypto: Successfully decrypted message: {:?}", cleartext); self.read_nonce.increment_le_inplace(); let clen = cleartext.len() as usize; @@ -76,13 +76,12 @@ impl<S: Read+Write> Read for SecretStream<S> { if clen > buf.len() { let buf_len = buf.len(); buf.clone_from_slice(&cleartext[..buf_len]); - println!("copying extra: {} {} {}", self.read_buf.len(), buf_len, clen); self.read_buf[..(clen-buf_len)].clone_from_slice(&cleartext[buf_len..]); self.read_buf_offset = 0; self.read_buf_len = clen - buf_len; return Ok(buf_len); } else { - buf.clone_from_slice(&cleartext[..clen]); + buf[..clen].clone_from_slice(&cleartext[..clen]); return Ok(clen as usize); } } @@ -98,13 +97,14 @@ impl<S: Read+Write> Write for SecretStream<S> { let header_buf: [u8; 4] = unsafe { transmute(len.to_be()) }; try!(self.inner.write_all(&header_buf)); + /* println!("DECRYPT:"); println!("\tlen: {}", len); println!("\tmsg: {:?}", ciphertext); println!("\tnonce: {}", nonce2string(&self.write_nonce)); println!("\tkey: {}", key2string(&self.key)); let check = secretbox::open(&ciphertext, &self.write_nonce, &self.key).unwrap(); - //assert!(buf == check); + */ self.write_nonce.increment_le_inplace(); try!(self.inner.write_all(&ciphertext[..])); diff --git a/src/server.rs b/src/server.rs index 508bb36..6f19fb0 100644 --- a/src/server.rs +++ b/src/server.rs @@ -30,11 +30,12 @@ fn run_server(path: &str, is_recv: bool, recursive: bool, daemonize: bool) { let read_nonce = secretbox::gen_nonce(); let write_nonce = secretbox::gen_nonce(); - // XXX: + /* XXX: DEBUG: assert!(secret_key == string2key(&key2string(&secret_key)).unwrap()); assert!(read_nonce == string2nonce(&nonce2string(&read_nonce)).unwrap()); let read_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap(); let write_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap(); + */ // Send back details so client can connect println!("UCP CONNECT {} {} {} {} {}", |