· 7 years ago · Dec 26, 2018, 12:22 PM
1diff --git a/src/main.rs b/src/main.rs
2index 19c571c..3cf9380 100644
3--- a/src/main.rs
4+++ b/src/main.rs
5@@ -3,10 +3,7 @@
6 #[macro_use]
7 extern crate serde_json;
8
9-use sodiumoxide::crypto::{box_, sign, auth, scalarmult, secretbox};
10-use sodiumoxide::crypto::hash::sha256;
11-use sodiumoxide::crypto::scalarmult::*;
12-use sodiumoxide::crypto::sign::{PublicKey, SecretKey};
13+use sodiumoxide::crypto::{box_, sign::{self, PublicKey, SecretKey}, auth, scalarmult::*, secretbox, hash::sha256};
14 use std::io;
15 use std::io::prelude::*;
16 use std::io::BufReader;
17@@ -19,8 +16,8 @@ use std::net::SocketAddr;
18 use std::str::FromStr;
19 use futures::task::*;
20
21-use net2::UdpBuilder;
22-use net2::unix::UnixUdpBuilderExt;
23+// use net2::UdpBuilder;
24+// use net2::unix::UnixUdpBuilderExt;
25
26 use byteorder::{BigEndian, WriteBytesExt, ReadBytesExt};
27
28@@ -101,21 +98,14 @@ fn sk_to_curve(sk: &sign::ed25519::SecretKey) -> [u8; 32] {
29 result
30 }
31
32-struct BoxStream<T> {
33+struct WriteBoxStream<T: AsyncWrite> {
34 key: secretbox::Key,
35 nonce: secretbox::Nonce,
36
37 stream: T,
38 }
39
40-// struct ReadBoxStream<T: AsyncRead> {
41-// key: secretbox::Key,
42-// nonce: secretbox::Nonce,
43-
44-// stream: T,
45-// }
46-
47-impl<T: AsyncWrite> AsyncWrite for BoxStream<T> {
48+impl<T: AsyncWrite> AsyncWrite for WriteBoxStream<T> {
49 fn poll_write(
50 &mut self,
51 lw: &LocalWaker,
52@@ -153,40 +143,143 @@ impl<T: AsyncWrite> AsyncWrite for BoxStream<T> {
53 }
54 }
55
56-async fn read_box<T: AsyncRead>(b: &mut BoxStream<T>) {
57- loop {
58- let mut header = [0u8; 34];
59- await!(b.stream.read_exact(&mut header)).unwrap();
60+// async fn read_box<T: AsyncRead>(b: &mut BoxStream<T>) {
61+// loop {
62+// let mut header = [0u8; 34];
63+// await!(b.stream.read_exact(&mut header)).unwrap();
64
65- secretbox::open(&header, &b.nonce, &b.key).unwrap();
66- b.nonce.increment_le_inplace();
67+// secretbox::open(&header, &b.nonce, &b.key).unwrap();
68+// b.nonce.increment_le_inplace();
69
70- let len = std::io::Cursor::new(&header[..]).read_u16::<BigEndian>().unwrap() as usize;
71+// let len = std::io::Cursor::new(&header[..]).read_u16::<BigEndian>().unwrap() as usize;
72
73- let mut data = Vec::with_capacity(len);
74- data.resize(len, 0);
75- await!(b.stream.read_exact(data.as_mut_slice())).unwrap();
76+// let mut data = Vec::with_capacity(len);
77+// data.resize(len, 0);
78+// await!(b.stream.read_exact(data.as_mut_slice())).unwrap();
79
80- unimplemented!()
81- }
82+// unimplemented!()
83+// }
84+// }
85+
86+struct ReadBoxStream<T> {
87+ key: secretbox::Key,
88+ nonce: secretbox::Nonce,
89+
90+ stream: T,
91+
92+ enc_offset: usize,
93+
94+ // The first 34 bytes are the encrypted header, then the rest is the encrypted payload.
95+ enc_bytes: [u8; 16 + 2 + 16 + 4096],
96+
97+ dec_offset: usize,
98+ dec_buf: Option<Vec<u8>>,
99 }
100
101-impl<T: AsyncRead> AsyncRead for BoxStream<T> {
102+impl<T: AsyncRead> AsyncRead for ReadBoxStream<T> {
103 fn poll_read(
104 &mut self,
105 lw: &LocalWaker,
106 buf: &mut [u8]
107 ) -> Poll<Result<usize, futures::io::Error>> {
108-
109- //let mut local_buf = [0u8; 4096];
110- //self.stream.poll_read(lw, local_buf)
111- unimplemented!()
112+ println!("poll_read buf {}", buf.len());
113+ // We previously decoded too many bytes for buf. Just return some of those bytes.
114+ if let Some(dec_buf) = &self.dec_buf {
115+ let to_copy = std::cmp::min(dec_buf.len() - self.dec_offset, buf.len());
116+ assert!(to_copy > 0);
117+ buf[..to_copy].copy_from_slice(&dec_buf[self.dec_offset..self.dec_offset + to_copy]);
118+ self.dec_offset += to_copy;
119+ if self.dec_offset == dec_buf.len() {
120+ self.dec_buf = None;
121+ self.dec_offset = 0;
122+ }
123+ return Poll::Ready(Ok(to_copy));
124+ }
125+
126+ let bytes_read = match self.stream.poll_read(lw, &mut self.enc_bytes[self.enc_offset..]) {
127+ Poll::Ready(Ok(bytes_read)) => {
128+ bytes_read
129+ },
130+ // If we got an error or poll_read returned pending, do nothing.
131+ result => {
132+ println!("chain poll read failed {:?}", result);
133+ return result;
134+ }
135+ };
136+
137+ self.enc_offset += bytes_read;
138+ println!("Read {} bytes from network. {} bytes pending", bytes_read, self.enc_offset);
139+ println!("Got bytes {:?}", &self.enc_bytes[34..self.enc_offset]);
140+
141+ // We have a chunk from enc_bytes[0] to enc_offset to try and decode.
142+
143+ // The header is exactly 34 bytes. If we have less than that, wait until we have more and try again.
144+ if self.enc_offset < 34 { return Poll::Pending; }
145+
146+ let (header_enc, rest) = &self.enc_bytes.split_at(34);
147+ let header_dec = secretbox::open(&header_enc, &self.nonce, &self.key).unwrap();
148+
149+ let len = std::io::Cursor::new(&header_dec).read_u16::<BigEndian>().unwrap() as usize;
150+ // let len = ((header_dec[0] as usize) << 8) | (header_dec[1] as usize); // Big endian read.
151+ let body_auth_tag = &header_dec[2..];
152+ assert_eq!(body_auth_tag.len(), 16);
153+
154+ println!("len {} bytes_read {} {:?} {:?} enc_offset {}", len, bytes_read, header_dec, self.nonce, self.enc_offset);
155+
156+ // Uuuummm len is actually the decrypted length. No idea if this will 100% match.
157+ if self.enc_offset < 34 + len { return Poll::Pending; }
158+
159+
160+ let mut data_enc = Vec::with_capacity(16 + len);
161+ data_enc.extend_from_slice(body_auth_tag);
162+ data_enc.extend_from_slice(&rest[..len]);
163+
164+ // println!("data_enc {:?}", data_enc);
165+
166+ // Hold off on saving the new nonce until decryption succeeds. (Not sure if this is needed...)
167+ let mut nonce2 = self.nonce;
168+ nonce2.increment_le_inplace();
169+ // let result = secretbox::open_detached(&mut self.enc_bytes[34..34+len],
170+ // &secretbox::Tag::from_slice(body_auth_tag).unwrap(),
171+ // &nonce2, &self.key
172+ // );
173+ // result.unwrap();
174+
175+ // self.nonce.increment_le_inplace();
176+
177+ // println!("nonce {:?}", self.nonce);
178+ // println!("nonc2 {:?}", nonce2);
179+
180+ // assert_eq!(data_enc.len(), 16 + len);
181+
182+ secretbox::open(data_enc.as_slice(), &nonce2, &self.key).unwrap();
183+ let data_dec = match secretbox::open(data_enc.as_slice(), &nonce2, &self.key) {
184+ Err(()) => {
185+ println!("Data decryption failed... promise will still be pending?");
186+ return Poll::Pending;
187+ }
188+ Ok(data) => { data }
189+ };
190+
191+ let to_copy = std::cmp::min(len, buf.len());
192+ // Copy as many bytes as we can directly.
193+ buf[..to_copy].copy_from_slice(&data_dec[..to_copy]);
194+ if to_copy > buf.len() {
195+ self.dec_buf = Some(data_dec);
196+ self.dec_offset = to_copy;
197+ }
198+
199+ self.nonce = nonce2;
200+ self.nonce.increment_le_inplace();
201+
202+ return Poll::Ready(Ok(to_copy));
203 }
204
205 }
206
207-async fn foo() -> io::Result<()> {
208- let discovery = "net:192.168.2.4:8008~shs:tPF29LyiYrobdLcAZnBIRNMjAZv38qa4OXnlbKb1zN8=";
209+async fn foo() -> io::Result<(WriteBoxStream<impl AsyncWrite>, ReadBoxStream<impl AsyncRead>)> {
210+ // let discovery = "net:192.168.2.4:8008~shs:tPF29LyiYrobdLcAZnBIRNMjAZv38qa4OXnlbKb1zN8=";
211+ let discovery = "net:192.168.1.20:8008~shs:ppR/uuTDeJzHZ29jYNPvSj3RZu9Z1hciaxzMAduRAbU=";
212 let config = parse_multiserver_address(discovery);
213 let (client_longterm_pk, client_longterm_sk) = sign::gen_keypair();
214 let server_public_key = match config[0][1] {
215@@ -299,23 +392,34 @@ async fn foo() -> io::Result<()> {
216
217 let hmac_server_epk = auth::authenticate(&server_epk[..], &network_id_key);
218
219- let cs_bs = BoxStream {
220+ let (read_half, write_half) = stream.split();
221+
222+ let cs_bs = WriteBoxStream {
223 key: secretbox::Key::from_slice(&cs_box_key[..]).unwrap(),
224 nonce: secretbox::Nonce::from_slice(&hmac_server_epk[..24]).unwrap(),
225- stream: unimplemented!()
226+ stream: write_half
227 };
228- let sc_bs = BoxStream {
229+ let sc_bs = ReadBoxStream {
230 key: secretbox::Key::from_slice(&sc_box_key[..]).unwrap(),
231 nonce: secretbox::Nonce::from_slice(&hmac_client_epk[..24]).unwrap(),
232- stream: unimplemented!()
233+ stream: read_half,
234+ enc_offset: 0,
235+ enc_bytes: [0u8; 16 + 2 + 16 + 4096],
236+ dec_offset: 0,
237+ dec_buf: None,
238 };
239
240- Ok(())
241+ Ok((cs_bs, sc_bs))
242 }
243
244 fn main() -> () {
245 executor::block_on(async {
246- await!(foo());
247+ let (writer, mut reader) = await!(foo()).unwrap();
248+ loop {
249+ let mut buf = [0; 4096];
250+ let msg = await!(reader.read(&mut buf)).unwrap();
251+ println!("got msg {}", msg)
252+ }
253 })
254 }