presharedClient.c (3584B)
1 #! /usr/bin/env sheepy 2 3 /* 4 client sends data to server. Client doesn't get any responses from the server 5 The keys are preshared, there is no key exchange. 6 7 The client knows: client secret key, client public key and server public key 8 The server knows: client public key, server secret key and server public key 9 10 Run this to generate the client and server keys: 11 12 ./presharedClient.c generate keys 13 14 The messages don't need to be signed because the client uses the client secret and 15 the server public keys to encrypt. 16 17 Steps in client 18 - load keys 19 - connect to server 20 - send encrypted message 21 22 Steps in server 23 - start event loop 24 - get encrypted message 25 26 It uses public key encryption which is slow compare to secret/symetric key encryption 27 Secret key encryption is between 25 and 50 times faster than public key encryption depending on the CPU. 28 With secret key encryption, my computer can encode 4GB/s which is enough (I have 1GB/s network). 29 30 The nonces are not verified, each nonce can be used multiple times, so replay attacks would be successful. 31 */ 32 33 #include "libsheepyObject.h" 34 35 #include <sys/types.h> 36 #include <sys/socket.h> 37 #include <netdb.h> 38 #include <netinet/in.h> 39 40 #include "sel.h" 41 42 int main(int ac, char **av) { 43 44 setLogMode(LOG_FUNC); 45 46 if (not selInit()) ret 1; 47 48 const char* clientSecretFilename = "presharedClientSecret.bin"; 49 const char* clientPublicFilename = "presharedClientPublic.bin"; 50 const char* serverSecretFilename = "presharedServerSecret.bin"; 51 const char* serverPublicFilename = "presharedServerPublic.bin"; 52 keyst clientKeys = init0Var; 53 keyst serverKeys = init0Var; 54 55 if (ac > 2) { 56 // generate keys 57 logI("Generate keys"); 58 newKeysBuf(&clientKeys); 59 newKeysBuf(&serverKeys); 60 pError0(writeFile(clientSecretFilename, clientKeys.secretKey, sizeof(clientKeys.secretKey))); 61 pError0(writeFile(clientPublicFilename, clientKeys.publicKey, sizeof(clientKeys.publicKey))); 62 pError0(writeFile(serverSecretFilename, serverKeys.secretKey, sizeof(serverKeys.secretKey))); 63 pError0(writeFile(serverPublicFilename, serverKeys.publicKey, sizeof(serverKeys.publicKey))); 64 ret 0; 65 } 66 67 // load keys 68 pError0(bLReadFile(clientSecretFilename, clientKeys.secretKey, sizeof(clientKeys.secretKey))); 69 pError0(bLReadFile(clientPublicFilename, clientKeys.publicKey, sizeof(clientKeys.publicKey))); 70 pError0(bLReadFile(serverPublicFilename, clientKeys.remotePublicKey, sizeof(clientKeys.remotePublicKey))); 71 72 char *msg = "Hello"; 73 74 logI("message: %s\n", msg); 75 76 77 // connect to server 78 int sock; 79 struct sockaddr_in server; 80 struct hostent *hp; 81 int mysock; 82 char buf[128*1024]; 83 int rval; 84 85 sock = socket(AF_INET, SOCK_STREAM, 0); 86 if (sock < 0){ 87 perror("Failed to create socket"); 88 } 89 90 server.sin_family = AF_INET; 91 92 hp = gethostbyname(av[1]); 93 if (hp==0) { 94 perror("gethostbyname failed"); 95 close(sock); 96 exit(1); 97 } 98 99 memcpy(&server.sin_addr, hp->h_addr, hp->h_length); 100 server.sin_port = htons(5000); 101 102 if (connect(sock,(struct sockaddr *) &server, sizeof(server))){ 103 perror("connect failed"); 104 close(sock); 105 exit(1); 106 } 107 108 void snd(void *buf, size_t sz) { 109 logVarG(sz); 110 if(send(sock, buf, sz, 0) < 0){ 111 perror("send failed"); 112 close(sock); 113 exit(1); 114 } 115 } 116 117 // send encrypted message 118 //randombytes_buf(clientKeys.nonce, sizeof(clientKeys.nonce)); 119 int len = selPublicEncrypt(buf, sizeof(buf), msg, strlen(msg), &clientKeys); 120 121 logVarG(len); 122 123 snd(&len, sizeof(len)); 124 snd(buf, len); 125 126 close(sock); 127 } 128 // vim: set expandtab ts=2 sw=2: