From 597cc5edd624525563e6549dc0057eca2a51c81d Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 11 Nov 2014 13:30:46 -0500 Subject: upgrade to new version --- src/curve_server.hpp | 120 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+) create mode 100644 src/curve_server.hpp (limited to 'src/curve_server.hpp') diff --git a/src/curve_server.hpp b/src/curve_server.hpp new file mode 100644 index 0000000..c165b54 --- /dev/null +++ b/src/curve_server.hpp @@ -0,0 +1,120 @@ +/* + Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file + + This file is part of 0MQ. + + 0MQ is free software; you can redistribute it and/or modify it under + the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + 0MQ is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with this program. If not, see . +*/ + +#ifndef __ZMQ_CURVE_SERVER_HPP_INCLUDED__ +#define __ZMQ_CURVE_SERVER_HPP_INCLUDED__ + +#include "platform.hpp" + +#ifdef HAVE_LIBSODIUM +#include + +#if crypto_box_NONCEBYTES != 24 \ +|| crypto_box_PUBLICKEYBYTES != 32 \ +|| crypto_box_SECRETKEYBYTES != 32 \ +|| crypto_box_ZEROBYTES != 32 \ +|| crypto_box_BOXZEROBYTES != 16 \ +|| crypto_secretbox_NONCEBYTES != 24 \ +|| crypto_secretbox_ZEROBYTES != 32 \ +|| crypto_secretbox_BOXZEROBYTES != 16 +#error "libsodium not built properly" +#endif + +#include "mechanism.hpp" +#include "options.hpp" + +namespace zmq +{ + + class msg_t; + class session_base_t; + + class curve_server_t : public mechanism_t + { + public: + + curve_server_t (session_base_t *session_, + const std::string &peer_address_, + const options_t &options_); + virtual ~curve_server_t (); + + // mechanism implementation + virtual int next_handshake_command (msg_t *msg_); + virtual int process_handshake_command (msg_t *msg_); + virtual int encode (msg_t *msg_); + virtual int decode (msg_t *msg_); + virtual int zap_msg_available (); + virtual bool is_handshake_complete () const; + + private: + + enum state_t { + expect_hello, + send_welcome, + expect_initiate, + expect_zap_reply, + send_ready, + connected + }; + + session_base_t * const session; + + const std::string peer_address; + + // Current FSM state + state_t state; + + // True iff we are awaiting reply from ZAP handler. + bool expecting_zap_reply; + + uint64_t cn_nonce; + + // Our secret key (s) + uint8_t secret_key [crypto_box_SECRETKEYBYTES]; + + // Our short-term public key (S') + uint8_t cn_public [crypto_box_PUBLICKEYBYTES]; + + // Our short-term secret key (s') + uint8_t cn_secret [crypto_box_SECRETKEYBYTES]; + + // Client's short-term public key (C') + uint8_t cn_client [crypto_box_PUBLICKEYBYTES]; + + // Key used to produce cookie + uint8_t cookie_key [crypto_secretbox_KEYBYTES]; + + // Intermediary buffer used to speed up boxing and unboxing. + uint8_t cn_precom [crypto_box_BEFORENMBYTES]; + + int process_hello (msg_t *msg_); + int produce_welcome (msg_t *msg_); + int process_initiate (msg_t *msg_); + int produce_ready (msg_t *msg_); + + void send_zap_request (const uint8_t *key); + int receive_and_process_zap_reply (); + }; + +} + +#endif + +#endif + -- cgit v1.2.3