1 /* <!-- copyright */ 2 /* 3 * aria2 - The high speed download utility 4 * 5 * Copyright (C) 2006 Tatsuhiro Tsujikawa 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 20 * 21 * In addition, as a special exception, the copyright holders give 22 * permission to link the code of portions of this program with the 23 * OpenSSL library under certain conditions as described in each 24 * individual source file, and distribute linked combinations 25 * including the two. 26 * You must obey the GNU General Public License in all respects 27 * for all of the code used other than OpenSSL. If you modify 28 * file(s) with this exception, you may extend this exception to your 29 * version of the file(s), but you are not obligated to do so. If you 30 * do not wish to do so, delete this exception statement from your 31 * version. If you delete this exception statement from all source 32 * files in the program, then also delete it here. 33 */ 34 /* copyright --> */ 35 #ifndef D_MSE_HANDSHAKE_H 36 #define D_MSE_HANDSHAKE_H 37 38 #include "common.h" 39 40 #include <vector> 41 #include <memory> 42 43 #include "BtConstants.h" 44 #include "SocketBuffer.h" 45 #include "Command.h" 46 47 namespace aria2 { 48 49 class Option; 50 class SocketCore; 51 class DHKeyExchange; 52 class ARC4Encryptor; 53 class DownloadContext; 54 class MessageDigest; 55 56 class MSEHandshake { 57 public: 58 enum HANDSHAKE_TYPE { 59 HANDSHAKE_NOT_YET = 0, 60 HANDSHAKE_LEGACY, 61 HANDSHAKE_ENCRYPTED 62 }; 63 64 enum CRYPTO_TYPE { 65 CRYPTO_NONE = 0, 66 CRYPTO_PLAIN_TEXT = 0x01u, 67 CRYPTO_ARC4 = 0x02u 68 }; 69 70 static constexpr size_t VC_LENGTH = 8U; 71 72 private: 73 static constexpr size_t PRIME_BITS = 768U; 74 static constexpr size_t KEY_LENGTH = (PRIME_BITS + 7U) / 8U; 75 // The largest buffering occurs when receiver receives step2 76 // handshake. We believe that IA is less than or equal to 77 // BtHandshakeMessage::MESSAGE_LENGTH 78 static constexpr size_t MAX_BUFFER_LENGTH = 636U; 79 80 cuid_t cuid_; 81 std::shared_ptr<SocketCore> socket_; 82 bool wantRead_; 83 const Option* option_; 84 85 unsigned char rbuf_[MAX_BUFFER_LENGTH]; 86 size_t rbufLength_; 87 88 SocketBuffer socketBuffer_; 89 90 CRYPTO_TYPE negotiatedCryptoType_; 91 std::unique_ptr<DHKeyExchange> dh_; 92 std::unique_ptr<ARC4Encryptor> encryptor_; 93 std::unique_ptr<ARC4Encryptor> decryptor_; 94 unsigned char infoHash_[INFO_HASH_LENGTH]; 95 unsigned char secret_[KEY_LENGTH]; 96 bool initiator_; 97 unsigned char initiatorVCMarker_[VC_LENGTH]; 98 size_t markerIndex_; 99 uint16_t padLength_; 100 uint16_t iaLength_; 101 std::vector<unsigned char> ia_; 102 std::unique_ptr<MessageDigest> sha1_; 103 104 void encryptAndSendData(std::vector<unsigned char> data); 105 106 void createReq1Hash(unsigned char* md) const; 107 108 void createReq23Hash(unsigned char* md, const unsigned char* infoHash) const; 109 110 uint16_t decodeLength16(const unsigned char* buffer); 111 decodeLength16(const char * buffer)112 uint16_t decodeLength16(const char* buffer) 113 { 114 return decodeLength16(reinterpret_cast<const unsigned char*>(buffer)); 115 } 116 117 uint16_t verifyPadLength(const unsigned char* padlenbuf, const char* padName); 118 119 void verifyVC(unsigned char* vcbuf); 120 121 void verifyReq1Hash(const unsigned char* req1buf); 122 123 void shiftBuffer(size_t offset); 124 125 public: 126 MSEHandshake(cuid_t cuid, const std::shared_ptr<SocketCore>& socket, 127 const Option* op); 128 129 ~MSEHandshake(); 130 131 HANDSHAKE_TYPE identifyHandshakeType(); 132 133 void initEncryptionFacility(bool initiator); 134 135 // Reads data from Socket. If EOF is reached, throws 136 // RecoverableException. 137 void read(); 138 139 // Sends pending data in the send buffer. Returns true if all data 140 // is sent. Otherwise returns false. 141 bool send(); 142 getWantRead()143 bool getWantRead() const { return wantRead_; } 144 setWantRead(bool wantRead)145 void setWantRead(bool wantRead) { wantRead_ = wantRead; } 146 147 bool getWantWrite() const; 148 149 void sendPublicKey(); 150 151 bool receivePublicKey(); 152 153 void initCipher(const unsigned char* infoHash); 154 155 void sendInitiatorStep2(); 156 157 bool findInitiatorVCMarker(); 158 159 bool receiveInitiatorCryptoSelectAndPadDLength(); 160 161 bool receivePad(); 162 163 bool findReceiverHashMarker(); 164 165 bool receiveReceiverHashAndPadCLength( 166 const std::vector<std::shared_ptr<DownloadContext>>& downloadContexts); 167 168 bool receiveReceiverIALength(); 169 170 bool receiveReceiverIA(); 171 172 void sendReceiverStep2(); 173 174 // returns plain text IA getIA()175 const unsigned char* getIA() const { return ia_.data(); } 176 getIALength()177 size_t getIALength() const { return iaLength_; } 178 getInfoHash()179 const unsigned char* getInfoHash() const { return infoHash_; } 180 getNegotiatedCryptoType()181 CRYPTO_TYPE getNegotiatedCryptoType() const { return negotiatedCryptoType_; } 182 getEncryptor()183 const std::unique_ptr<ARC4Encryptor>& getEncryptor() const 184 { 185 return encryptor_; 186 } 187 getDecryptor()188 const std::unique_ptr<ARC4Encryptor>& getDecryptor() const 189 { 190 return decryptor_; 191 } 192 193 std::unique_ptr<ARC4Encryptor> popEncryptor(); 194 195 std::unique_ptr<ARC4Encryptor> popDecryptor(); 196 getBuffer()197 const unsigned char* getBuffer() const { return rbuf_; } 198 getBuffer()199 unsigned char* getBuffer() { return rbuf_; } 200 getBufferLength()201 size_t getBufferLength() const { return rbufLength_; } 202 }; 203 204 } // namespace aria2 205 206 #endif // D_MSE_HANDSHAKE_H 207