forked from cory/tildefriends
Make the SSB network key configurable by command-line argument.
This commit is contained in:
101
src/ssb.c
101
src/ssb.c
@ -42,8 +42,7 @@ static_assert(k_id_base64_len == sodium_base64_ENCODED_LEN(9 + crypto_box_PUBLIC
|
||||
static_assert(k_id_bin_len == crypto_box_PUBLICKEYBYTES, "k_id_bin_len");
|
||||
static_assert(k_blob_id_len == (sodium_base64_ENCODED_LEN(crypto_hash_sha256_BYTES, sodium_base64_VARIANT_ORIGINAL) + 8), "k_blob_id_len");
|
||||
|
||||
const uint8_t k_ssb_network[] = { 0xd4, 0xa1, 0xcb, 0x88, 0xa6, 0x6f, 0x02, 0xf8, 0xdb, 0x63, 0x5c, 0xe2, 0x64, 0x41, 0xcc, 0x5d, 0xac, 0x1b, 0x08, 0x42, 0x0c, 0xea, 0xac, 0x23,
|
||||
0x08, 0x39, 0xb7, 0x55, 0x84, 0x5a, 0x9f, 0xfb };
|
||||
const char* k_ssb_network_string = "d4a1cb88a66f02f8db635ce26441cc5dac1b08420ceaac230839b755845a9ffb";
|
||||
|
||||
const char* k_ssb_type_names[] = {
|
||||
"binary",
|
||||
@ -203,6 +202,8 @@ typedef struct _tf_ssb_t
|
||||
uv_timer_t trace_timer;
|
||||
uv_tcp_t server;
|
||||
|
||||
uint8_t network_key[32];
|
||||
|
||||
uint8_t pub[crypto_sign_PUBLICKEYBYTES];
|
||||
uint8_t priv[crypto_sign_SECRETKEYBYTES];
|
||||
|
||||
@ -489,7 +490,7 @@ static void _tf_ssb_write(tf_ssb_connection_t* connection, void* data, size_t si
|
||||
static void _tf_ssb_connection_send_identity(tf_ssb_connection_t* connection, uint8_t* hmac, uint8_t* pubkey)
|
||||
{
|
||||
memcpy(connection->serverepub, pubkey, sizeof(connection->serverepub));
|
||||
if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, k_ssb_network) != 0)
|
||||
if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, connection->ssb->network_key) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "invalid server hello");
|
||||
return;
|
||||
@ -519,10 +520,10 @@ static void _tf_ssb_connection_send_identity(tf_ssb_connection_t* connection, ui
|
||||
uint8_t hash[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash, shared_secret_ab, sizeof(shared_secret_ab));
|
||||
|
||||
uint8_t msg[sizeof(k_ssb_network) + sizeof(connection->serverpub) + crypto_hash_sha256_BYTES];
|
||||
memcpy(msg, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(msg + sizeof(k_ssb_network), connection->serverpub, sizeof(connection->serverpub));
|
||||
memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->serverpub), hash, sizeof(hash));
|
||||
uint8_t msg[sizeof(connection->ssb->network_key) + sizeof(connection->serverpub) + crypto_hash_sha256_BYTES];
|
||||
memcpy(msg, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(msg + sizeof(connection->ssb->network_key), connection->serverpub, sizeof(connection->serverpub));
|
||||
memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->serverpub), hash, sizeof(hash));
|
||||
|
||||
unsigned long long siglen;
|
||||
if (crypto_sign_detached(connection->detached_signature_A, &siglen, msg, sizeof(msg), connection->ssb->priv) != 0)
|
||||
@ -536,10 +537,10 @@ static void _tf_ssb_connection_send_identity(tf_ssb_connection_t* connection, ui
|
||||
memcpy(tosend + sizeof(connection->detached_signature_A), connection->ssb->pub, sizeof(connection->ssb->pub));
|
||||
uint8_t nonce[crypto_secretbox_NONCEBYTES] = { 0 };
|
||||
|
||||
uint8_t tohash[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)];
|
||||
memcpy(tohash, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(tohash + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
uint8_t tohash[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)];
|
||||
memcpy(tohash, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(tohash + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
uint8_t hash2[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash2, tohash, sizeof(tohash));
|
||||
|
||||
@ -1136,11 +1137,11 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection,
|
||||
return;
|
||||
}
|
||||
|
||||
uint8_t tohash[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)];
|
||||
memcpy(tohash, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(tohash + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab));
|
||||
uint8_t tohash[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)];
|
||||
memcpy(tohash, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(tohash + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab));
|
||||
uint8_t hash2[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash2, tohash, sizeof(tohash));
|
||||
|
||||
@ -1164,11 +1165,11 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection,
|
||||
uint8_t hash3[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash3, shared_secret_ab, sizeof(shared_secret_ab));
|
||||
|
||||
uint8_t msg[sizeof(k_ssb_network) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub) + sizeof(hash3)];
|
||||
memcpy(msg, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(msg + sizeof(k_ssb_network), connection->detached_signature_A, sizeof(connection->detached_signature_A));
|
||||
memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->detached_signature_A), connection->ssb->pub, sizeof(connection->ssb->pub));
|
||||
memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub), hash3, sizeof(hash3));
|
||||
uint8_t msg[sizeof(connection->ssb->network_key) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub) + sizeof(hash3)];
|
||||
memcpy(msg, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(msg + sizeof(connection->ssb->network_key), connection->detached_signature_A, sizeof(connection->detached_signature_A));
|
||||
memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->detached_signature_A), connection->ssb->pub, sizeof(connection->ssb->pub));
|
||||
memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub), hash3, sizeof(hash3));
|
||||
if (crypto_sign_verify_detached(m, msg, sizeof(msg), connection->serverpub) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "unable to verify server identity");
|
||||
@ -1176,7 +1177,7 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection,
|
||||
}
|
||||
|
||||
uint8_t nonce2[crypto_auth_hmacsha512256_BYTES];
|
||||
if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), k_ssb_network) != 0)
|
||||
if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), connection->ssb->network_key) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "unable to compute client recv nonce");
|
||||
return;
|
||||
@ -1184,7 +1185,7 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection,
|
||||
memcpy(connection->nonce, nonce2, sizeof(connection->nonce));
|
||||
|
||||
uint8_t nonce3[crypto_auth_hmacsha512256_BYTES];
|
||||
if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), k_ssb_network) != 0)
|
||||
if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), connection->ssb->network_key) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "unable to compute client send nonce");
|
||||
return;
|
||||
@ -1290,11 +1291,11 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne
|
||||
return;
|
||||
}
|
||||
|
||||
static_assert(sizeof(k_ssb_network) == crypto_auth_KEYBYTES, "network key size");
|
||||
uint8_t tohash[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)];
|
||||
memcpy(tohash, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(tohash + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
static_assert(sizeof(connection->ssb->network_key) == crypto_auth_KEYBYTES, "network key size");
|
||||
uint8_t tohash[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)];
|
||||
memcpy(tohash, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(tohash + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
uint8_t hash2[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash2, tohash, sizeof(tohash));
|
||||
|
||||
@ -1335,10 +1336,10 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne
|
||||
uint8_t hash3[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash3, shared_secret_ab, sizeof(shared_secret_ab));
|
||||
|
||||
uint8_t msg[sizeof(k_ssb_network) + sizeof(connection->ssb->pub) + sizeof(hash3)];
|
||||
memcpy(msg, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(msg + sizeof(k_ssb_network), connection->ssb->pub, sizeof(connection->ssb->pub));
|
||||
memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->ssb->pub), hash3, sizeof(hash3));
|
||||
uint8_t msg[sizeof(connection->ssb->network_key) + sizeof(connection->ssb->pub) + sizeof(hash3)];
|
||||
memcpy(msg, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(msg + sizeof(connection->ssb->network_key), connection->ssb->pub, sizeof(connection->ssb->pub));
|
||||
memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->ssb->pub), hash3, sizeof(hash3));
|
||||
if (crypto_sign_verify_detached(detached_signature_A, msg, sizeof(msg), connection->serverpub) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "unable to verify client identity");
|
||||
@ -1346,7 +1347,7 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne
|
||||
}
|
||||
|
||||
uint8_t nonce2[crypto_auth_hmacsha512256_BYTES];
|
||||
if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), k_ssb_network) != 0)
|
||||
if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), connection->ssb->network_key) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "unable to compute initial recv nonce as server");
|
||||
return;
|
||||
@ -1354,7 +1355,7 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne
|
||||
memcpy(connection->nonce, nonce2, sizeof(connection->nonce));
|
||||
|
||||
uint8_t nonce3[crypto_auth_hmacsha512256_BYTES];
|
||||
if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), k_ssb_network) != 0)
|
||||
if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), connection->ssb->network_key) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "unable to compute initial send nonce as server");
|
||||
return;
|
||||
@ -1362,11 +1363,11 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne
|
||||
memcpy(connection->send_nonce, nonce3, sizeof(connection->send_nonce));
|
||||
|
||||
int detached_signature_A_size = 64;
|
||||
uint8_t sign_b[sizeof(k_ssb_network) + detached_signature_A_size + sizeof(connection->serverpub) + sizeof(hash3)];
|
||||
memcpy(sign_b, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(sign_b + sizeof(k_ssb_network), detached_signature_A, detached_signature_A_size);
|
||||
memcpy(sign_b + sizeof(k_ssb_network) + detached_signature_A_size, connection->serverpub, sizeof(connection->serverpub));
|
||||
memcpy(sign_b + sizeof(k_ssb_network) + detached_signature_A_size + sizeof(connection->serverpub), hash3, sizeof(hash3));
|
||||
uint8_t sign_b[sizeof(connection->ssb->network_key) + detached_signature_A_size + sizeof(connection->serverpub) + sizeof(hash3)];
|
||||
memcpy(sign_b, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(sign_b + sizeof(connection->ssb->network_key), detached_signature_A, detached_signature_A_size);
|
||||
memcpy(sign_b + sizeof(connection->ssb->network_key) + detached_signature_A_size, connection->serverpub, sizeof(connection->serverpub));
|
||||
memcpy(sign_b + sizeof(connection->ssb->network_key) + detached_signature_A_size + sizeof(connection->serverpub), hash3, sizeof(hash3));
|
||||
|
||||
uint8_t detached_signature_B[crypto_sign_BYTES];
|
||||
unsigned long long siglen;
|
||||
@ -1390,11 +1391,11 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne
|
||||
return;
|
||||
}
|
||||
|
||||
uint8_t key_buf[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)];
|
||||
memcpy(key_buf, k_ssb_network, sizeof(k_ssb_network));
|
||||
memcpy(key_buf + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(key_buf + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
memcpy(key_buf + sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab));
|
||||
uint8_t key_buf[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)];
|
||||
memcpy(key_buf, connection->ssb->network_key, sizeof(connection->ssb->network_key));
|
||||
memcpy(key_buf + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab));
|
||||
memcpy(key_buf + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB));
|
||||
memcpy(key_buf + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab));
|
||||
|
||||
uint8_t key_hash[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(key_hash, key_buf, sizeof(key_buf));
|
||||
@ -1941,7 +1942,7 @@ static void _tf_ssb_connection_on_tcp_recv_internal(tf_ssb_connection_t* connect
|
||||
uint8_t* hmac = hello;
|
||||
memcpy(connection->serverepub, hello + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
|
||||
static_assert(sizeof(connection->serverepub) == crypto_box_PUBLICKEYBYTES, "serverepub size");
|
||||
if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, k_ssb_network) != 0)
|
||||
if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, connection->ssb->network_key) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "crypto_auth_hmacsha512256_verify failed");
|
||||
}
|
||||
@ -1998,7 +1999,7 @@ static void _tf_ssb_connection_client_send_hello(tf_ssb_connection_t* connection
|
||||
}
|
||||
|
||||
uint8_t a[crypto_auth_hmacsha512256_BYTES];
|
||||
if (crypto_auth_hmacsha512256(a, connection->epub, sizeof(connection->epub), k_ssb_network) != 0)
|
||||
if (crypto_auth_hmacsha512256(a, connection->epub, sizeof(connection->epub), connection->ssb->network_key) != 0)
|
||||
{
|
||||
_tf_ssb_connection_close(connection, "failed to create hello message");
|
||||
return;
|
||||
@ -2106,11 +2107,17 @@ void tf_ssb_get_stats(tf_ssb_t* ssb, tf_ssb_stats_t* out_stats)
|
||||
ssb->rpc_out = 0;
|
||||
}
|
||||
|
||||
tf_ssb_t* tf_ssb_create(uv_loop_t* loop, JSContext* context, const char* db_path)
|
||||
tf_ssb_t* tf_ssb_create(uv_loop_t* loop, JSContext* context, const char* db_path, const char* network_key)
|
||||
{
|
||||
tf_ssb_t* ssb = tf_malloc(sizeof(tf_ssb_t));
|
||||
memset(ssb, 0, sizeof(*ssb));
|
||||
|
||||
const char* actual_key = network_key ? network_key : k_ssb_network_string;
|
||||
if (sodium_hex2bin(ssb->network_key, sizeof(ssb->network_key), actual_key, strlen(actual_key), ": ", NULL, NULL))
|
||||
{
|
||||
tf_printf("Error parsing network key: %s.", actual_key);
|
||||
}
|
||||
|
||||
char buffer[8] = { 0 };
|
||||
size_t buffer_size = sizeof(buffer);
|
||||
ssb->store_debug_messages = uv_os_getenv("TF_DEBUG_CLOSE", buffer, &buffer_size) == 0 && strcmp(buffer, "1") == 0;
|
||||
|
||||
Reference in New Issue
Block a user