Commit 080c9df7 authored by bernd's avatar bernd

psk for stateless stuff started

parent 7c3fc063
......@@ -17,6 +17,8 @@
64 Constant state#
Variable my-0key
user-o keybuf
state# 2* Constant state2#
......@@ -46,7 +48,6 @@ object class
\ shared secred
keysize uvar keypad
1 64s uvar last-mykey
cell uvar my-0key
end-class keybuf-c
: init-keybuf ( -- )
......@@ -172,31 +173,32 @@ User last-ivskey
crypt-buf-init inbuf packet-data +cryptsu
inbuf 1+ c@ c:decrypt+auth +enc ;
: set-0key ( keyaddr -- )
sec@ dup IF
: set-0key ( keyaddr u -- )
dup IF
state# min
ivs-assembly state# bounds ?DO
2dup I swap move
I' I - umin 2dup I swap move
dup +LOOP 2drop
ELSE
2drop ivs-assembly state# erase
THEN
." 0key: " ivs-assembly state# 2* 85type cr
ivs-assembly >c:key ;
: try-0decrypt ( addr -- flag ) set-0key
: try-0decrypt ( addr -- flag ) sec@ set-0key
inbuf packet-data +cryptsu
inbuf 1+ c@ c:decrypt+auth +enc ;
: inbuf0-decrypt ( -- flag ) +calc
inbuf addr 64@ inbuf flags w@ addr>assembly
my-0key try-0decrypt dup IF EXIT THEN
my-0key try-0decrypt dup IF EXIT THEN drop
contexts BEGIN @ dup WHILE >o
next-context dest-0key try-0decrypt o>
dup IF nip EXIT THEN REPEAT ;
dup IF nip EXIT THEN drop REPEAT ;
: outbuf0-encrypt ( -- ) +calc
outbuf addr 64@ outbuf flags w@ addr>assembly
o IF dest-0key ELSE my-0key THEN set-0key
o IF dest-0key ELSE my-0key THEN sec@ set-0key
outbuf packet-data +cryptsu
outbuf 1+ c@ c:encrypt+auth +enc ;
......
......@@ -56,6 +56,7 @@ keypack-all# buffer: keypack-d
cmd-class class
field: ke-sk \ secret key
field: ke-pk \ public key
field: ke-psk \ preshared key for stateless communication
field: ke-nick
field: ke-prof
field: ke-sigs
......@@ -320,13 +321,16 @@ $40 buffer: nick-buf
key-table @ 0= IF read-keys THEN
nick-key >o o 0= IF EXIT THEN
ke-pk $@ pkc swap keysize 2* umin move
ke-psk sec@ my-0key sec!
ke-sk @ skc keysize move o> ;
: i'm ( "name" -- ) parse-name >key ;
: dest-key ( addr u -- ) dup 0= IF 2drop EXIT THEN
nick-key >o o 0= !!unknown-key!!
ke-pk $@ keysize umin o> dest-pubkey $! ;
ke-psk sec@ state# umin
ke-pk $@ keysize umin o>
dest-pubkey $! dest-0key sec! ;
: replace-key 1 /string { rev-addr u -- o } \ revocation ticket
key( ." Replace:" cr o cell- 0 .key )
......
......@@ -406,7 +406,7 @@ Variable $tmp2
0 my-ip$ [: rot >r 2over my-ip= r> or ;] $[]map ;
: my-ip-merge ( addr u -- addr u flag )
0 my-ip$ [: rot >r 2over 2over my-ip= IF
2over 2swap my-ip>merge rdrop true ELSE 2drop r> THEN ;] $[]map ;
2over 2swap my-ip>merge rdrop true ELSE 2drop r> THEN ;] $[]map ;
\ Create udp socket
......@@ -967,7 +967,6 @@ cmd-class class
KEYBYTES +field tpkc
KEYBYTES +field tskc
field: dest-pubkey \ if not 0, connect only to this key
field: src-0key \ key for stateless connections
field: dest-0key \ key for stateless connections
end-class context-class
......
......@@ -10,6 +10,7 @@ require test-keys.fs \ we want the test keys - never use this in production!
?nextarg [IF] s>number drop to net2o-port [THEN]
i'm test
strict-keys off \ server shouldn't have strict keys
init-server
server-loop
......
......@@ -4,6 +4,7 @@
\ revoke: 58AB8F52F46E73EFAB068F6337F371E14DD589BF0894D2F0AF51AE7EBB858A68
x" A91158F2C560ACCDFEFC05104B922E49C9DD022D0163921DAE08E6C2148A7BEBC83C71FCB345D24400D866C7FD32092C2D1EC056FD17B9537037590BD021EEBF" key:new >o
x" B2578B8766DB3A60F1F4F36B276924FDA6E7F559F629716BC78D95DB1CD8D400" ke-sk sec! +seckey
\ "this test account has a test key" ke-psk sec!
"test" ke-nick $! $1367B086A24E6B10. d>64 ke-first 64! 0 ke-type ! o>
\ revoke: 5843E2DC055E1F8BE14570A37B0F81146040A2CEE1D6C01B97C3BB801CDED864
x" 69D86C471E5FEED89478FB4260C898B6F69026BA4E78A9D815B53EB33CA9013A8E753EC381881FAAFFA66CD9DD47D3F2C0867E1A2B48067CA2188DF400C11074" key:new >o
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment