diff options
Diffstat (limited to 'Tools/ProtoProxy/Connection.cpp')
-rw-r--r-- | Tools/ProtoProxy/Connection.cpp | 71 |
1 files changed, 39 insertions, 32 deletions
diff --git a/Tools/ProtoProxy/Connection.cpp b/Tools/ProtoProxy/Connection.cpp index cd66e2dfd..91d2fc42f 100644 --- a/Tools/ProtoProxy/Connection.cpp +++ b/Tools/ProtoProxy/Connection.cpp @@ -243,7 +243,8 @@ void cConnection::Run(void) FD_ZERO(&ReadFDs); FD_SET(m_ServerSocket, &ReadFDs); FD_SET(m_ClientSocket, &ReadFDs); - int res = select(2, &ReadFDs, NULL, NULL, NULL); + SOCKET MaxSocket = std::max(m_ServerSocket, m_ClientSocket); + int res = select(MaxSocket + 1, &ReadFDs, NULL, NULL, NULL); if (res <= 0) { printf("select() failed: %d; aborting client", SocketError); @@ -377,13 +378,13 @@ bool cConnection::RelayFromServer(void) } case csEncryptedUnderstood: { - m_ServerDecryptor.ProcessData((byte *)Buffer, (byte *)Buffer, res); + m_ServerDecryptor.ProcessData((Byte *)Buffer, (Byte *)Buffer, res); DataLog(Buffer, res, "Decrypted %d bytes from the SERVER", res); return DecodeServersPackets(Buffer, res); } case csEncryptedUnknown: { - m_ServerDecryptor.ProcessData((byte *)Buffer, (byte *)Buffer, res); + m_ServerDecryptor.ProcessData((Byte *)Buffer, (Byte *)Buffer, res); DataLog(Buffer, res, "Decrypted %d bytes from the SERVER", res); return CLIENTSEND(Buffer, res); } @@ -422,7 +423,7 @@ bool cConnection::RelayFromClient(void) case csEncryptedUnknown: { DataLog(Buffer, res, "Decrypted %d bytes from the CLIENT", res); - m_ServerEncryptor.ProcessData((byte *)Buffer, (byte *)Buffer, res); + m_ServerEncryptor.ProcessData((Byte *)Buffer, (Byte *)Buffer, res); return SERVERSEND(Buffer, res); } } @@ -472,13 +473,13 @@ bool cConnection::SendData(SOCKET a_Socket, cByteBuffer & a_Data, const char * a -bool cConnection::SendEncryptedData(SOCKET a_Socket, Encryptor & a_Encryptor, const char * a_Data, int a_Size, const char * a_Peer) +bool cConnection::SendEncryptedData(SOCKET a_Socket, cAESCFBEncryptor & a_Encryptor, const char * a_Data, int a_Size, const char * a_Peer) { DataLog(a_Data, a_Size, "Encrypting %d bytes to %s", a_Size, a_Peer); - const byte * Data = (const byte *)a_Data; + const Byte * Data = (const Byte *)a_Data; while (a_Size > 0) { - byte Buffer[64 KiB]; + Byte Buffer[64 KiB]; int NumBytes = (a_Size > sizeof(Buffer)) ? sizeof(Buffer) : a_Size; a_Encryptor.ProcessData(Buffer, Data, NumBytes); bool res = SendData(a_Socket, (const char *)Buffer, NumBytes, a_Peer); @@ -496,7 +497,7 @@ bool cConnection::SendEncryptedData(SOCKET a_Socket, Encryptor & a_Encryptor, co -bool cConnection::SendEncryptedData(SOCKET a_Socket, Encryptor & a_Encryptor, cByteBuffer & a_Data, const char * a_Peer) +bool cConnection::SendEncryptedData(SOCKET a_Socket, cAESCFBEncryptor & a_Encryptor, cByteBuffer & a_Data, const char * a_Peer) { AString All; a_Data.ReadAll(All); @@ -1301,6 +1302,7 @@ bool cConnection::HandleServerLoginEncryptionKeyRequest(void) } Log("Got PACKET_ENCRYPTION_KEY_REQUEST from the SERVER:"); Log(" ServerID = %s", ServerID.c_str()); + DataLog(PublicKey.data(), PublicKey.size(), " Public key (%u bytes)", (unsigned)PublicKey.size()); // Reply to the server: SendEncryptionKeyResponse(PublicKey, Nonce); @@ -2700,7 +2702,7 @@ bool cConnection::ParseMetadata(cByteBuffer & a_Buffer, AString & a_Metadata) int Length = 0; switch (Type) { - case 0: Length = 1; break; // byte + case 0: Length = 1; break; // Byte case 1: Length = 2; break; // short case 2: Length = 4; break; // int case 3: Length = 4; break; // float @@ -2859,37 +2861,42 @@ void cConnection::LogMetadata(const AString & a_Metadata, size_t a_IndentCount) void cConnection::SendEncryptionKeyResponse(const AString & a_ServerPublicKey, const AString & a_Nonce) { // Generate the shared secret and encrypt using the server's public key - byte SharedSecret[16]; - byte EncryptedSecret[128]; + Byte SharedSecret[16]; + Byte EncryptedSecret[128]; memset(SharedSecret, 0, sizeof(SharedSecret)); // Use all zeroes for the initial secret - RSA::PublicKey pk; - CryptoPP::StringSource src(a_ServerPublicKey, true); - ByteQueue bq; - src.TransferTo(bq); - bq.MessageEnd(); - pk.Load(bq); - RSAES<PKCS1v15>::Encryptor rsaEncryptor(pk); - RandomPool rng; - time_t CurTime = time(NULL); - rng.Put((const byte *)&CurTime, sizeof(CurTime)); - int EncryptedLength = rsaEncryptor.FixedCiphertextLength(); - ASSERT(EncryptedLength <= sizeof(EncryptedSecret)); - rsaEncryptor.Encrypt(rng, SharedSecret, sizeof(SharedSecret), EncryptedSecret); - m_ServerEncryptor.SetKey(SharedSecret, 16, MakeParameters(Name::IV(), ConstByteArrayParameter(SharedSecret, 16, true))(Name::FeedbackSize(), 1)); - m_ServerDecryptor.SetKey(SharedSecret, 16, MakeParameters(Name::IV(), ConstByteArrayParameter(SharedSecret, 16, true))(Name::FeedbackSize(), 1)); + cPublicKey PubKey(a_ServerPublicKey); + int res = PubKey.Encrypt(SharedSecret, sizeof(SharedSecret), EncryptedSecret, sizeof(EncryptedSecret)); + if (res < 0) + { + Log("Shared secret encryption failed: %d (0x%x)", res, res); + return; + } + + m_ServerEncryptor.Init(SharedSecret, SharedSecret); + m_ServerDecryptor.Init(SharedSecret, SharedSecret); // Encrypt the nonce: - byte EncryptedNonce[128]; - rsaEncryptor.Encrypt(rng, (const byte *)(a_Nonce.data()), a_Nonce.size(), EncryptedNonce); + Byte EncryptedNonce[128]; + res = PubKey.Encrypt((const Byte *)a_Nonce.data(), a_Nonce.size(), EncryptedNonce, sizeof(EncryptedNonce)); + if (res < 0) + { + Log("Nonce encryption failed: %d (0x%x)", res, res); + return; + } // Send the packet to the server: Log("Sending PACKET_ENCRYPTION_KEY_RESPONSE to the SERVER"); cByteBuffer ToServer(1024); ToServer.WriteByte(0x01); // To server: Encryption key response - ToServer.WriteBEShort(EncryptedLength); - ToServer.WriteBuf(EncryptedSecret, EncryptedLength); - ToServer.WriteBEShort(EncryptedLength); - ToServer.WriteBuf(EncryptedNonce, EncryptedLength); + ToServer.WriteBEShort((short)sizeof(EncryptedSecret)); + ToServer.WriteBuf(EncryptedSecret, sizeof(EncryptedSecret)); + ToServer.WriteBEShort((short)sizeof(EncryptedNonce)); + ToServer.WriteBuf(EncryptedNonce, sizeof(EncryptedNonce)); + DataLog(EncryptedSecret, sizeof(EncryptedSecret), "Encrypted secret (%u bytes)", (unsigned)sizeof(EncryptedSecret)); + DataLog(EncryptedNonce, sizeof(EncryptedNonce), "Encrypted nonce (%u bytes)", (unsigned)sizeof(EncryptedNonce)); + cByteBuffer Len(5); + Len.WriteVarInt(ToServer.GetReadableSpace()); + SERVERSEND(Len); SERVERSEND(ToServer); m_ServerState = csEncryptedUnderstood; m_IsServerEncrypted = true; |