libzmq/src/curve_server.hpp

/*
    Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file

    This file is part of 0MQ.

    0MQ is free software; you can redistribute it and/or modify it under
    the terms of the GNU Lesser General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.

    0MQ is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Lesser General Public License for more details.

    You should have received a copy of the GNU Lesser General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

#ifndef __ZMQ_CURVE_SERVER_HPP_INCLUDED__
#define __ZMQ_CURVE_SERVER_HPP_INCLUDED__

#include "platform.hpp"

#ifdef HAVE_LIBSODIUM
#include <sodium.h>

#if crypto_box_NONCEBYTES != 24 \
||  crypto_box_PUBLICKEYBYTES != 32 \
||  crypto_box_SECRETKEYBYTES != 32 \
||  crypto_box_ZEROBYTES != 32 \
||  crypto_box_BOXZEROBYTES != 16 \
||  crypto_secretbox_NONCEBYTES != 24 \
||  crypto_secretbox_ZEROBYTES != 32 \
||  crypto_secretbox_BOXZEROBYTES != 16
#error "libsodium not built properly"
#endif

#include "mechanism.hpp"
#include "options.hpp"

namespace zmq
{

    class msg_t;
    class session_base_t;

    class curve_server_t : public mechanism_t
    {
    public:

        curve_server_t (session_base_t *session_,
                        const std::string &peer_address_,
                        const options_t &options_);
        virtual ~curve_server_t ();

        // mechanism implementation
        virtual int next_handshake_message (msg_t *msg_);
        virtual int process_handshake_message (msg_t *msg_);
        virtual int encode (msg_t *msg_);
        virtual int decode (msg_t *msg_);
        virtual int zap_msg_available ();
        virtual bool is_handshake_complete () const;

    private:

        enum state_t {
            expect_hello,
            send_welcome,
            expect_initiate,
            expect_zap_reply,
            send_ready,
            connected
        };

        session_base_t * const session;

        const std::string peer_address;

        //  Current FSM state
        state_t state;

        //  True iff we are awaiting reply from ZAP handler.
        bool expecting_zap_reply;

        uint64_t cn_nonce;

        //  Our secret key (s)
        uint8_t secret_key [crypto_box_SECRETKEYBYTES];

        //  Our short-term public key (S')
        uint8_t cn_public [crypto_box_PUBLICKEYBYTES];

        //  Our short-term secret key (s')
        uint8_t cn_secret [crypto_box_SECRETKEYBYTES];

        //  Client's short-term public key (C')
        uint8_t cn_client [crypto_box_PUBLICKEYBYTES];

        //  Key used to produce cookie
        uint8_t cookie_key [crypto_secretbox_KEYBYTES];

        //  Intermediary buffer used to speed up boxing and unboxing.
        uint8_t cn_precom [crypto_box_BEFORENMBYTES];

        int process_hello (msg_t *msg_);
        int welcome_msg (msg_t *msg_);
        int process_initiate (msg_t *msg_);
        int ready_msg (msg_t *msg_);

        void send_zap_request (const uint8_t *key);
        int receive_and_process_zap_reply ();
    };

}

#endif

#endif
Implement ZMTP/3.0 CURVE handshake 2013-06-18 23:38:24 +02:00			`/*`
			`Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file`

			`This file is part of 0MQ.`

			`0MQ is free software; you can redistribute it and/or modify it under`
			`the terms of the GNU Lesser General Public License as published by`
			`the Free Software Foundation; either version 3 of the License, or`
			`(at your option) any later version.`

			`0MQ is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU Lesser General Public License for more details.`

			`You should have received a copy of the GNU Lesser General Public License`
			`along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`#ifndef __ZMQ_CURVE_SERVER_HPP_INCLUDED__`
			`#define __ZMQ_CURVE_SERVER_HPP_INCLUDED__`

			`#include "platform.hpp"`

			`#ifdef HAVE_LIBSODIUM`
			`#include <sodium.h>`

			`#if crypto_box_NONCEBYTES != 24 \`
			`\|\| crypto_box_PUBLICKEYBYTES != 32 \`
			`\|\| crypto_box_SECRETKEYBYTES != 32 \`
			`\|\| crypto_box_ZEROBYTES != 32 \`
			`\|\| crypto_box_BOXZEROBYTES != 16 \`
			`\|\| crypto_secretbox_NONCEBYTES != 24 \`
			`\|\| crypto_secretbox_ZEROBYTES != 32 \`
			`\|\| crypto_secretbox_BOXZEROBYTES != 16`
			`#error "libsodium not built properly"`
			`#endif`

			`#include "mechanism.hpp"`
			`#include "options.hpp"`

			`namespace zmq`
			`{`

			`class msg_t;`
			`class session_base_t;`

			`class curve_server_t : public mechanism_t`
			`{`
			`public:`

			`curve_server_t (session_base_t *session_,`
Update CURVE mechanism to the latest ZAP revision 2013-07-18 09:39:19 +02:00			`const std::string &peer_address_,`
Implement ZMTP/3.0 CURVE handshake 2013-06-18 23:38:24 +02:00			`const options_t &options_);`
			`virtual ~curve_server_t ();`

			`// mechanism implementation`
			`virtual int next_handshake_message (msg_t *msg_);`
			`virtual int process_handshake_message (msg_t *msg_);`
Implement CurveZMQ message encryption and authentication 2013-06-22 11:46:40 +02:00			`virtual int encode (msg_t *msg_);`
			`virtual int decode (msg_t *msg_);`
Implement ZMTP/3.0 CURVE handshake 2013-06-18 23:38:24 +02:00			`virtual int zap_msg_available ();`
			`virtual bool is_handshake_complete () const;`

			`private:`

			`enum state_t {`
			`expect_hello,`
			`send_welcome,`
			`expect_initiate,`
			`expect_zap_reply,`
			`send_ready,`
			`connected`
			`};`

			`session_base_t * const session;`

Update CURVE mechanism to the latest ZAP revision 2013-07-18 09:39:19 +02:00			`const std::string peer_address;`

Implement ZMTP/3.0 CURVE handshake 2013-06-18 23:38:24 +02:00			`// Current FSM state`
			`state_t state;`

Make ZAP optional for CURVE mechanism 2013-06-22 15:33:44 +02:00			`// True iff we are awaiting reply from ZAP handler.`
			`bool expecting_zap_reply;`

Implement ZMTP/3.0 CURVE handshake 2013-06-18 23:38:24 +02:00			`uint64_t cn_nonce;`

			`// Our secret key (s)`
			`uint8_t secret_key [crypto_box_SECRETKEYBYTES];`

			`// Our short-term public key (S')`
			`uint8_t cn_public [crypto_box_PUBLICKEYBYTES];`

			`// Our short-term secret key (s')`
			`uint8_t cn_secret [crypto_box_SECRETKEYBYTES];`

			`// Client's short-term public key (C')`
			`uint8_t cn_client [crypto_box_PUBLICKEYBYTES];`

			`// Key used to produce cookie`
			`uint8_t cookie_key [crypto_secretbox_KEYBYTES];`

			`// Intermediary buffer used to speed up boxing and unboxing.`
			`uint8_t cn_precom [crypto_box_BEFORENMBYTES];`

			`int process_hello (msg_t *msg_);`
			`int welcome_msg (msg_t *msg_);`
			`int process_initiate (msg_t *msg_);`
			`int ready_msg (msg_t *msg_);`

Make ZAP optional for CURVE mechanism 2013-06-22 15:33:44 +02:00			`void send_zap_request (const uint8_t *key);`
Implement ZMTP/3.0 CURVE handshake 2013-06-18 23:38:24 +02:00			`int receive_and_process_zap_reply ();`
			`};`

			`}`

			`#endif`

			`#endif`