balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

encryption and decryption

Browse Source 
I don’t think this is secure since the receiver decrypts the message
and then sends the clear message as a `Recv` event
This commit is contained in:
Eitan Chatav 2016-11-05 12:16:48 -07:00
parent bdab9b6c05
commit 69bc2a33e2
3 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/node/net/p2p.ml
View File

@ -70,6 +70,7 @@ type packet =
| Disconnect | Disconnect
| Advertise of (addr * port) list | Advertise of (addr * port) list
| Message of Netbits.frame | Message of Netbits.frame
| Box of (Crypto_box.nonce * MBytes.t)
| Ping | Ping
| Pong | Pong
| Bootstrap | Bootstrap
@ -115,6 +116,7 @@ let recv_packet
| _ -> Unknown msg | _ -> Unknown msg
in return (decode_peers [] rest) in return (decode_peers [] rest)
| [ S 6 ; F rest ] -> return (Message rest) | [ S 6 ; F rest ] -> return (Message rest)
| [ S 7 ; B nonce ; B msg ] -> return (Box (Crypto_box.to_nonce nonce, msg))
| msg -> return (Unknown msg) | msg -> return (Unknown msg)
(* send a packet over a TCP socket *) (* send a packet over a TCP socket *)
@ -144,7 +146,8 @@ let send_packet
F [ B (MBytes.of_string @@ Ipaddr.to_string addr) ; S port ] :: rest F [ B (MBytes.of_string @@ Ipaddr.to_string addr) ; S port ] :: rest
| [] -> [] | [] -> []
in [ S 5 ; F (encode peers) ] in [ S 5 ; F (encode peers) ]
| Message message -> [ S 6 ; F message ] in | Message message -> [ S 6 ; F message ]
| Box (nonce , message) -> [ S 7 ; B (Crypto_box.of_nonce nonce) ; B message ] in
Netbits.write socket frame Netbits.write socket frame
(* A net handler, as a record-encoded object, abstract from the (* A net handler, as a record-encoded object, abstract from the
@ -177,6 +180,7 @@ and peer = {
last_seen : unit -> float ; last_seen : unit -> float ;
disconnect : unit -> unit Lwt.t; disconnect : unit -> unit Lwt.t;
send : packet -> unit Lwt.t ; send : packet -> unit Lwt.t ;
send_encr : MBytes.t -> unit Lwt.t ;
} }
(* The (internal) type of network events, those dispatched from peer (* The (internal) type of network events, those dispatched from peer
@ -283,7 +287,7 @@ end
function for communicating with the main worker using events function for communicating with the main worker using events
(including the one sent when the connection is alive). Returns a (including the one sent when the connection is alive). Returns a
canceler. *) canceler. *)
let connect_to_peer config limits my_gid my_public_key socket (addr, port) push white_listed = let connect_to_peer config limits my_gid my_public_key my_secret_key socket (addr, port) push white_listed =
(* a non exception-based cancelation mechanism *) (* a non exception-based cancelation mechanism *)
let cancelation, cancel, on_cancel = canceler () in let cancelation, cancel, on_cancel = canceler () in
(* a cancelable reception *) (* a cancelable reception *)
@ -347,9 +351,14 @@ let connect_to_peer config limits my_gid my_public_key socket (addr, port) push
let last_seen () = !last in let last_seen () = !last in
let disconnect () = cancel () in let disconnect () = cancel () in
let send p = send_packet socket p >>= fun _ -> return () in let send p = send_packet socket p >>= fun _ -> return () in
let send_encr msg =
let nonce = Crypto_box.random_nonce () in
let msg_encr = Crypto_box.box my_secret_key public_key msg nonce in
let packet = Box (nonce, msg_encr) in
send_packet socket packet >>= fun _ -> return () in
(* net object construction *) (* net object construction *)
let peer = { gid ; public_key ; point = (addr, port) ; listening_port ; let peer = { gid ; public_key ; point = (addr, port) ; listening_port ;
version ; last_seen ; disconnect ; send } in version ; last_seen ; disconnect ; send ; send_encr } in
(* The packet reception loop. *) (* The packet reception loop. *)
let rec receiver () = let rec receiver () =
recv () >>= fun packet -> recv () >>= fun packet ->
@ -370,6 +379,9 @@ let connect_to_peer config limits my_gid my_public_key socket (addr, port) push
| Pong -> receiver () | Pong -> receiver ()
| Message msg -> | Message msg ->
push (Recv (peer, msg)) ; receiver () push (Recv (peer, msg)) ; receiver ()
| Box (nonce, msg_encr) ->
let msg = Crypto_box.box_open my_secret_key public_key msg_encr nonce in
push (Recv (peer, [B msg])) ; receiver ()
in in
(* The polling loop *) (* The polling loop *)
let rec pulse_monitor ping = let rec pulse_monitor ping =
@ -942,7 +954,7 @@ let bootstrap config limits =
main () main ()
else else
let canceler = let canceler =
connect_to_peer config limits my_gid my_public_key socket (addr, port) enqueue_event white_listed in connect_to_peer config limits my_gid my_public_key my_secret_key socket (addr, port) enqueue_event white_listed in
debug "(%a) incoming peer at %a:%d" debug "(%a) incoming peer at %a:%d"
pp_gid my_gid Ipaddr.pp_hum addr port ; pp_gid my_gid Ipaddr.pp_hum addr port ;
incoming := PointMap.add (addr, port) canceler !incoming ; incoming := PointMap.add (addr, port) canceler !incoming ;

2
src/utils/crypto_box.ml
View File

@ -23,3 +23,5 @@ let to_secret_key = Sodium.Box.Bigbytes.to_secret_key
let of_secret_key = Sodium.Box.Bigbytes.of_secret_key let of_secret_key = Sodium.Box.Bigbytes.of_secret_key
let to_public_key = Sodium.Box.Bigbytes.to_public_key let to_public_key = Sodium.Box.Bigbytes.to_public_key
let of_public_key = Sodium.Box.Bigbytes.of_public_key let of_public_key = Sodium.Box.Bigbytes.of_public_key
let to_nonce = Sodium.Box.Bigbytes.to_nonce
let of_nonce = Sodium.Box.Bigbytes.of_nonce

2
src/utils/crypto_box.mli
View File

@ -22,3 +22,5 @@ val to_secret_key : MBytes.t -> secret_key
val of_secret_key : secret_key -> MBytes.t val of_secret_key : secret_key -> MBytes.t
val to_public_key : MBytes.t -> public_key val to_public_key : MBytes.t -> public_key
val of_public_key : public_key -> MBytes.t val of_public_key : public_key -> MBytes.t
val to_nonce : MBytes.t -> nonce
val of_nonce : nonce -> MBytes.t