32 #include "platform.hpp" 36 #ifdef ZMQ_HAVE_WINDOWS 46 zmq::curve_server_t::curve_server_t (session_base_t *session_,
47 const std::string &peer_address_,
48 const options_t &options_) :
49 mechanism_t (options_),
51 peer_address (peer_address_),
58 memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
61 rc = crypto_box_keypair (cn_public, cn_secret);
65 zmq::curve_server_t::~curve_server_t ()
69 int zmq::curve_server_t::next_handshake_command (msg_t *msg_)
75 rc = produce_welcome (msg_);
77 state = expect_initiate;
80 rc = produce_ready (msg_);
85 rc = produce_error (msg_);
97 int zmq::curve_server_t::process_handshake_command (msg_t *msg_)
103 rc = process_hello (msg_);
105 case expect_initiate:
106 rc = process_initiate (msg_);
110 puts (
"CURVE I: invalid handshake command");
124 int zmq::curve_server_t::encode (msg_t *msg_)
128 const size_t mlen = crypto_box_ZEROBYTES + 1 + msg_->size ();
130 uint8_t message_nonce [crypto_box_NONCEBYTES];
131 memcpy (message_nonce,
"CurveZMQMESSAGES", 16);
140 uint8_t *message_plaintext = static_cast <uint8_t *> (malloc (mlen));
143 memset (message_plaintext, 0, crypto_box_ZEROBYTES);
144 message_plaintext [crypto_box_ZEROBYTES] = flags;
145 memcpy (message_plaintext + crypto_box_ZEROBYTES + 1,
146 msg_->data (), msg_->size ());
148 uint8_t *message_box = static_cast <uint8_t *> (malloc (mlen));
151 int rc = crypto_box_afternm (message_box, message_plaintext,
152 mlen, message_nonce, cn_precom);
158 rc = msg_->init_size (16 + mlen - crypto_box_BOXZEROBYTES);
161 uint8_t *message = static_cast <uint8_t *> (msg_->data ());
163 memcpy (message,
"\x07MESSAGE", 8);
164 memcpy (message + 8, message_nonce + 16, 8);
165 memcpy (message + 16, message_box + crypto_box_BOXZEROBYTES,
166 mlen - crypto_box_BOXZEROBYTES);
168 free (message_plaintext);
176 int zmq::curve_server_t::decode (msg_t *msg_)
180 if (msg_->size () < 33) {
182 puts (
"CURVE I: invalid CURVE client, sent malformed command");
187 const uint8_t *message = static_cast <uint8_t *> (msg_->data ());
188 if (memcmp (message,
"\x07MESSAGE", 8)) {
190 puts (
"CURVE I: invalid CURVE client, did not send MESSAGE");
195 uint8_t message_nonce [crypto_box_NONCEBYTES];
196 memcpy (message_nonce,
"CurveZMQMESSAGEC", 16);
197 memcpy (message_nonce + 16, message + 8, 8);
199 if (nonce <= cn_peer_nonce) {
203 cn_peer_nonce = nonce;
205 const size_t clen = crypto_box_BOXZEROBYTES + msg_->size () - 16;
207 uint8_t *message_plaintext = static_cast <uint8_t *> (malloc (clen));
210 uint8_t *message_box = static_cast <uint8_t *> (malloc (clen));
213 memset (message_box, 0, crypto_box_BOXZEROBYTES);
214 memcpy (message_box + crypto_box_BOXZEROBYTES,
215 message + 16, msg_->size () - 16);
217 int rc = crypto_box_open_afternm (message_plaintext, message_box,
218 clen, message_nonce, cn_precom);
223 rc = msg_->init_size (clen - 1 - crypto_box_ZEROBYTES);
226 const uint8_t flags = message_plaintext [crypto_box_ZEROBYTES];
232 memcpy (msg_->data (),
233 message_plaintext + crypto_box_ZEROBYTES + 1,
238 puts (
"CURVE I: connection key used for MESSAGE is wrong");
241 free (message_plaintext);
247 int zmq::curve_server_t::zap_msg_available ()
249 if (state != expect_zap_reply) {
253 const int rc = receive_and_process_zap_reply ();
255 state = status_code ==
"200" 263 if (state == connected)
266 if (state == error_sent)
272 int zmq::curve_server_t::process_hello (msg_t *msg_)
274 if (msg_->size () != 200) {
276 puts (
"CURVE I: client HELLO is not correct size");
281 const uint8_t *
const hello = static_cast <uint8_t *> (msg_->data ());
282 if (memcmp (hello,
"\x05HELLO", 6)) {
284 puts (
"CURVE I: client HELLO has invalid command name");
289 const uint8_t major = hello [6];
290 const uint8_t minor = hello [7];
292 if (major != 1 || minor != 0) {
294 puts (
"CURVE I: client HELLO has unknown version number");
300 memcpy (cn_client, hello + 80, 32);
302 uint8_t hello_nonce [crypto_box_NONCEBYTES];
303 uint8_t hello_plaintext [crypto_box_ZEROBYTES + 64];
304 uint8_t hello_box [crypto_box_BOXZEROBYTES + 80];
306 memcpy (hello_nonce,
"CurveZMQHELLO---", 16);
307 memcpy (hello_nonce + 16, hello + 112, 8);
310 memset (hello_box, 0, crypto_box_BOXZEROBYTES);
311 memcpy (hello_box + crypto_box_BOXZEROBYTES, hello + 120, 80);
314 int rc = crypto_box_open (hello_plaintext, hello_box,
316 hello_nonce, cn_client, secret_key);
319 puts (
"CURVE I: cannot open client HELLO -- wrong server key?");
324 state = send_welcome;
328 int zmq::curve_server_t::produce_welcome (msg_t *msg_)
330 uint8_t cookie_nonce [crypto_secretbox_NONCEBYTES];
331 uint8_t cookie_plaintext [crypto_secretbox_ZEROBYTES + 64];
332 uint8_t cookie_ciphertext [crypto_secretbox_BOXZEROBYTES + 80];
336 memcpy (cookie_nonce,
"COOKIE--", 8);
337 randombytes (cookie_nonce + 8, 16);
340 memset (cookie_plaintext, 0, crypto_secretbox_ZEROBYTES);
341 memcpy (cookie_plaintext + crypto_secretbox_ZEROBYTES,
343 memcpy (cookie_plaintext + crypto_secretbox_ZEROBYTES + 32,
347 randombytes (cookie_key, crypto_secretbox_KEYBYTES);
350 int rc = crypto_secretbox (cookie_ciphertext, cookie_plaintext,
351 sizeof cookie_plaintext,
352 cookie_nonce, cookie_key);
355 uint8_t welcome_nonce [crypto_box_NONCEBYTES];
356 uint8_t welcome_plaintext [crypto_box_ZEROBYTES + 128];
357 uint8_t welcome_ciphertext [crypto_box_BOXZEROBYTES + 144];
361 memcpy (welcome_nonce,
"WELCOME-", 8);
362 randombytes (welcome_nonce + 8, crypto_box_NONCEBYTES - 8);
365 memset (welcome_plaintext, 0, crypto_box_ZEROBYTES);
366 memcpy (welcome_plaintext + crypto_box_ZEROBYTES, cn_public, 32);
367 memcpy (welcome_plaintext + crypto_box_ZEROBYTES + 32,
368 cookie_nonce + 8, 16);
369 memcpy (welcome_plaintext + crypto_box_ZEROBYTES + 48,
370 cookie_ciphertext + crypto_secretbox_BOXZEROBYTES, 80);
372 rc = crypto_box (welcome_ciphertext, welcome_plaintext,
373 sizeof welcome_plaintext,
374 welcome_nonce, cn_client, secret_key);
378 rc = msg_->init_size (168);
381 uint8_t *
const welcome = static_cast <uint8_t *> (msg_->data ());
382 memcpy (welcome,
"\x07WELCOME", 8);
383 memcpy (welcome + 8, welcome_nonce + 8, 16);
384 memcpy (welcome + 24, welcome_ciphertext + crypto_box_BOXZEROBYTES, 144);
389 int zmq::curve_server_t::process_initiate (msg_t *msg_)
391 if (msg_->size () < 257) {
393 puts (
"CURVE I: client INITIATE is not correct size");
398 const uint8_t *initiate = static_cast <uint8_t *> (msg_->data ());
399 if (memcmp (initiate,
"\x08INITIATE", 9)) {
401 puts (
"CURVE I: client INITIATE has invalid command name");
406 uint8_t cookie_nonce [crypto_secretbox_NONCEBYTES];
407 uint8_t cookie_plaintext [crypto_secretbox_ZEROBYTES + 64];
408 uint8_t cookie_box [crypto_secretbox_BOXZEROBYTES + 80];
411 memset (cookie_box, 0, crypto_secretbox_BOXZEROBYTES);
412 memcpy (cookie_box + crypto_secretbox_BOXZEROBYTES, initiate + 25, 80);
414 memcpy (cookie_nonce,
"COOKIE--", 8);
415 memcpy (cookie_nonce + 8, initiate + 9, 16);
417 int rc = crypto_secretbox_open (cookie_plaintext, cookie_box,
419 cookie_nonce, cookie_key);
422 puts (
"CURVE I: cannot open client INITIATE cookie");
428 if (memcmp (cookie_plaintext + crypto_secretbox_ZEROBYTES, cn_client, 32)
429 || memcmp (cookie_plaintext + crypto_secretbox_ZEROBYTES + 32, cn_secret, 32)) {
431 puts (
"CURVE I: client INITIATE cookie is not valid");
436 const size_t clen = (msg_->size () - 113) + crypto_box_BOXZEROBYTES;
438 uint8_t initiate_nonce [crypto_box_NONCEBYTES];
439 uint8_t initiate_plaintext [crypto_box_ZEROBYTES + 128 + 256];
440 uint8_t initiate_box [crypto_box_BOXZEROBYTES + 144 + 256];
443 memset (initiate_box, 0, crypto_box_BOXZEROBYTES);
444 memcpy (initiate_box + crypto_box_BOXZEROBYTES,
445 initiate + 113, clen - crypto_box_BOXZEROBYTES);
447 memcpy (initiate_nonce,
"CurveZMQINITIATE", 16);
448 memcpy (initiate_nonce + 16, initiate + 105, 8);
451 rc = crypto_box_open (initiate_plaintext, initiate_box,
452 clen, initiate_nonce, cn_client, cn_secret);
455 puts (
"CURVE I: cannot open client INITIATE");
460 const uint8_t *client_key = initiate_plaintext + crypto_box_ZEROBYTES;
462 uint8_t vouch_nonce [crypto_box_NONCEBYTES];
463 uint8_t vouch_plaintext [crypto_box_ZEROBYTES + 64];
464 uint8_t vouch_box [crypto_box_BOXZEROBYTES + 80];
467 memset (vouch_box, 0, crypto_box_BOXZEROBYTES);
468 memcpy (vouch_box + crypto_box_BOXZEROBYTES,
469 initiate_plaintext + crypto_box_ZEROBYTES + 48, 80);
471 memcpy (vouch_nonce,
"VOUCH---", 8);
472 memcpy (vouch_nonce + 8,
473 initiate_plaintext + crypto_box_ZEROBYTES + 32, 16);
475 rc = crypto_box_open (vouch_plaintext, vouch_box,
477 vouch_nonce, client_key, cn_secret);
480 puts (
"CURVE I: cannot open client INITIATE vouch");
486 if (memcmp (vouch_plaintext + crypto_box_ZEROBYTES, cn_client, 32)) {
488 puts (
"CURVE I: invalid handshake from client (public key)");
494 rc = crypto_box_beforenm (cn_precom, cn_client, cn_secret);
498 rc = session->zap_connect ();
500 send_zap_request (client_key);
501 rc = receive_and_process_zap_reply ();
503 state = status_code ==
"200" 508 state = expect_zap_reply;
515 return parse_metadata (initiate_plaintext + crypto_box_ZEROBYTES + 128,
516 clen - crypto_box_ZEROBYTES - 128);
519 int zmq::curve_server_t::produce_ready (msg_t *msg_)
521 uint8_t ready_nonce [crypto_box_NONCEBYTES];
522 uint8_t ready_plaintext [crypto_box_ZEROBYTES + 256];
523 uint8_t ready_box [crypto_box_BOXZEROBYTES + 16 + 256];
526 memset (ready_plaintext, 0, crypto_box_ZEROBYTES);
527 uint8_t *ptr = ready_plaintext + crypto_box_ZEROBYTES;
530 const char *socket_type = socket_type_string (options.type);
531 ptr += add_property (ptr,
"Socket-Type", socket_type, strlen (socket_type));
537 ptr += add_property (ptr,
"Identity", options.identity, options.identity_size);
539 const size_t mlen = ptr - ready_plaintext;
541 memcpy (ready_nonce,
"CurveZMQREADY---", 16);
544 int rc = crypto_box_afternm (ready_box, ready_plaintext,
545 mlen, ready_nonce, cn_precom);
548 rc = msg_->init_size (14 + mlen - crypto_box_BOXZEROBYTES);
551 uint8_t *ready = static_cast <uint8_t *> (msg_->data ());
553 memcpy (ready,
"\x05READY", 6);
555 memcpy (ready + 6, ready_nonce + 16, 8);
557 memcpy (ready + 14, ready_box + crypto_box_BOXZEROBYTES,
558 mlen - crypto_box_BOXZEROBYTES);
565 int zmq::curve_server_t::produce_error (msg_t *msg_)
const 568 const int rc = msg_->init_size (6 + 1 + status_code.length ());
570 char *msg_data = static_cast <
char *> (msg_->data ());
571 memcpy (msg_data,
"\5ERROR", 6);
572 msg_data [6] =
sizeof status_code;
573 memcpy (msg_data + 7, status_code.c_str (), status_code.length ());
577 void zmq::curve_server_t::send_zap_request (
const uint8_t *key)
586 rc = session->write_zap_msg (&msg);
590 rc = msg.init_size (3);
592 memcpy (msg.data (),
"1.0", 3);
594 rc = session->write_zap_msg (&msg);
598 rc = msg.init_size (1);
600 memcpy (msg.data (),
"1", 1);
602 rc = session->write_zap_msg (&msg);
606 rc = msg.init_size (options.zap_domain.length ());
608 memcpy (msg.data (), options.zap_domain.c_str (), options.zap_domain.length ());
610 rc = session->write_zap_msg (&msg);
614 rc = msg.init_size (peer_address.length ());
616 memcpy (msg.data (), peer_address.c_str (), peer_address.length ());
618 rc = session->write_zap_msg (&msg);
622 rc = msg.init_size (options.identity_size);
624 memcpy (msg.data (), options.identity, options.identity_size);
626 rc = session->write_zap_msg (&msg);
630 rc = msg.init_size (5);
632 memcpy (msg.data (),
"CURVE", 5);
634 rc = session->write_zap_msg (&msg);
638 rc = msg.init_size (crypto_box_PUBLICKEYBYTES);
640 memcpy (msg.data (), key, crypto_box_PUBLICKEYBYTES);
641 rc = session->write_zap_msg (&msg);
645 int zmq::curve_server_t::receive_and_process_zap_reply ()
651 for (
int i = 0; i < 7; i++) {
652 rc = msg [i].init ();
656 for (
int i = 0; i < 7; i++) {
657 rc = session->read_zap_msg (&msg [i]);
662 puts (
"CURVE I: ZAP handler sent incomplete reply message");
673 if (msg [0].
size () > 0) {
675 puts (
"CURVE I: ZAP handler sent malformed reply message");
682 if (msg [1].
size () != 3 || memcmp (msg [1].data (),
"1.0", 3)) {
684 puts (
"CURVE I: ZAP handler sent bad version number");
691 if (msg [2].
size () != 1 || memcmp (msg [2].data (),
"1", 1)) {
693 puts (
"CURVE I: ZAP handler sent bad request ID");
700 if (msg [3].
size () != 3) {
702 puts (
"CURVE I: ZAP handler rejected client authentication");
709 status_code.assign (static_cast <char *> (msg [3].data ()), 3);
712 set_user_id (msg [5].data (), msg [5].
size ());
715 rc = parse_metadata (static_cast <const unsigned char*> (msg [6].data ()),
716 msg [6].
size (),
true);
719 for (
int i = 0; i < 7; i++) {
720 const int rc2 = msg [i].close ();
uint64_t get_uint64(const unsigned char *buffer_)
void put_uint64(unsigned char *buffer_, uint64_t value)