9 typedef struct ConnState {
10 uchar secret[SHA1dlen];
16 int fd; // file descriptor for read/write of encrypted data
17 int alg; // if nonzero, "alg sha rc4_128"
22 SC_secret(SConn *conn, uchar *sigma, int direction)
24 SS *ss = (SS*)(conn->chan);
25 int nsigma = conn->secretlen;
28 hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->out.secret, nil);
29 hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->in.secret, nil);
31 hmac_sha1(sigma, nsigma, (uchar*)"two", 3, ss->out.secret, nil);
32 hmac_sha1(sigma, nsigma, (uchar*)"one", 3, ss->in.secret, nil);
34 setupRC4state(&ss->in.rc4, ss->in.secret, 16); // restrict to 128 bits
35 setupRC4state(&ss->out.rc4, ss->out.secret, 16);
41 hash(uchar secret[SHA1dlen], uchar *data, int len, int seqno, uchar d[SHA1dlen])
50 memset(&sha, 0, sizeof sha);
51 sha1(secret, SHA1dlen, nil, &sha);
52 sha1(data, len, nil, &sha);
53 sha1(seq, 4, d, &sha);
57 verify(uchar secret[SHA1dlen], uchar *data, int len, int seqno, uchar d[SHA1dlen])
61 uchar digest[SHA1dlen];
67 memset(&sha, 0, sizeof sha);
68 sha1(secret, SHA1dlen, nil, &sha);
69 sha1(data, len, nil, &sha);
70 sha1(seq, 4, digest, &sha);
71 return memcmp(d, digest, SHA1dlen);
75 SC_read(SConn *conn, uchar *buf, int n)
77 SS *ss = (SS*)(conn->chan);
78 uchar count[2], digest[SHA1dlen];
81 if(read(ss->fd, count, 2) != 2 || (count[0]&0x80) == 0){
82 snprint((char*)buf,n,"!SC_read invalid count");
85 len = (count[0]&0x7f)<<8 | count[1]; // SSL-style count; no pad
88 if(len <= 0 || readn(ss->fd, digest, SHA1dlen) != SHA1dlen){
89 snprint((char*)buf,n,"!SC_read missing sha1");
92 if(len > n || readn(ss->fd, buf, len) != len){
93 snprint((char*)buf,n,"!SC_read missing data");
96 rc4(&ss->in.rc4, digest, SHA1dlen);
97 rc4(&ss->in.rc4, buf, len);
98 if(verify(ss->in.secret, buf, len, ss->in.seqno, digest) != 0){
99 snprint((char*)buf,n,"!SC_read integrity check failed");
103 if(len <= 0 || len > n){
104 snprint((char*)buf,n,"!SC_read implausible record length");
107 if( (nr = readn(ss->fd, buf, len)) != len){
108 snprint((char*)buf,n,"!SC_read expected %d bytes, but got %d", len, nr);
117 SC_write(SConn *conn, uchar *buf, int n)
119 SS *ss = (SS*)(conn->chan);
120 uchar count[2], digest[SHA1dlen], enc[Maxmsg+1];
123 if(n <= 0 || n > Maxmsg+1){
124 werrstr("!SC_write invalid n %d", n);
130 count[0] = 0x80 | len>>8;
132 if(write(ss->fd, count, 2) != 2){
133 werrstr("!SC_write invalid count");
137 hash(ss->out.secret, buf, n, ss->out.seqno, digest);
138 rc4(&ss->out.rc4, digest, SHA1dlen);
140 rc4(&ss->out.rc4, enc, n);
141 if(write(ss->fd, digest, SHA1dlen) != SHA1dlen ||
142 write(ss->fd, enc, n) != n){
143 werrstr("!SC_write error on send");
147 if(write(ss->fd, buf, n) != n){
148 werrstr("!SC_write error on send");
159 SS *ss = (SS*)(conn->chan);
174 ss = (SS*)emalloc(sizeof(*ss));
175 conn = (SConn*)emalloc(sizeof(*conn));
178 conn->chan = (void*)ss;
179 conn->secretlen = SHA1dlen;
180 conn->free = SC_free;
181 conn->secret = SC_secret;
182 conn->read = SC_read;
183 conn->write = SC_write;
188 writerr(SConn *conn, char *s)
192 snprint(buf, Maxmsg, "!%s", s);
193 conn->write(conn, (uchar*)buf, strlen(buf));
197 readstr(SConn *conn, char *s)
201 n = conn->read(conn, (uchar*)s, Maxmsg);
209 strcpy(s, "read error");