PoliEcho/pea_2_pea
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

first addition ś of aes

Browse Source
This commit is contained in:
PoliEcho
2025-07-26 21:28:03 +02:00
parent 3bcccc7620
commit e1d5a34e82
9 changed files with 507 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/client/main.rs
+72 -15
View File
@@ -1,4 +1,4 @@
use pea_2_pea::SERVER_PORT;
use pea_2_pea::*;
use std::{
io::{Error, ErrorKind, Read, Write},
@@ -38,6 +38,10 @@ struct Cli {
fn main() -> std::io::Result<()> {
let cli = <Cli as clap::Parser>::parse();
if cli.network_id.len() > 0xff {
eprintln!("network id cannot have more then 255 charactes");
exit(7); // posix for E2BIG
}
{
let socket: UdpSocket = (|| -> std::io::Result<UdpSocket> {
match UdpSocket::bind("0.0.0.0:0") {
@@ -50,11 +54,10 @@ fn main() -> std::io::Result<()> {
socket.set_read_timeout(Some(Duration::new(10, 0)))?; // set timeout to 10 seconds
// send query request to get server public key
let server_port: u16 = (|| -> u16 {
match cli.registrar_port {
Some(port_proveded) => return port_proveded,
None => return pea_2_pea::SERVER_PORT,
None => return SERVER_PORT,
}
})();
@@ -63,34 +66,88 @@ fn main() -> std::io::Result<()> {
.parse()
.unwrap();
{
let mut query_byte: [u8; 1] = [0; 1];
query_byte[0] = pea_2_pea::ServerMethods::QUERY as u8;
match socket.send_to(&query_byte, &server_SocketAddr) {
let mut buf: [u8; BUFFER_SIZE] = [0; BUFFER_SIZE];
let mut data_lenght;
loop {
match socket.send_to(&[ServerMethods::QUERY as u8], &server_SocketAddr) {
Ok(s) => {
#[cfg(debug_assertions)]
eprintln!("send {} bytes", s);
}
Err(e) => {
eprintln!("Error snding data: {}", e);
panic!("Error sending data: {}", e);
}
}
}
let mut buf: [u8; pea_2_pea::BUFFER_SIZE] = [0; pea_2_pea::BUFFER_SIZE];
loop {
match socket.recv_from(&mut buf) {
Ok((data_length, src)) => {}
Ok((data_length_recved, _src)) => {
data_lenght = data_length_recved;
if buf[0] != 0 {
continue;
}
break;
}
Err(e) if e.kind() == ErrorKind::WouldBlock || e.kind() == ErrorKind::TimedOut => {
// timedout
continue;
}
Err(e) => {
eprintln!("Error receiving data: {}", e);
std::process::exit(-4);
panic!("Error receiving data: {}", e);
}
}
break;
}
let mut public_sock_addr: Vec<u8> = buf[1..data_lenght].to_vec();
// register network
buf[0] = ServerMethods::REGISTER as u8;
buf[RegisterRequestDataPositions::ENCRYPTED as usize] = match cli.password {
Some(_) => true as u8,
None => false as u8,
};
buf[RegisterRequestDataPositions::ID_LEN as usize] = cli.network_id.len() as u8;
buf[RegisterRequestDataPositions::SOCKADDR_LEN as usize] =
server_SocketAddr.to_string().len() as u8;
buf[RegisterRequestDataPositions::DATA as usize
..RegisterRequestDataPositions::DATA as usize + cli.network_id.len()]
.copy_from_slice(cli.network_id.as_bytes());// store network id
match cli.password {
Some(s) => {},
None => {},// do nothig
}
buf[RegisterRequestDataPositions::DATA as usize + cli.network_id.len()..RegisterRequestDataPositions::DATA as usize + cli.network_id.len() + ]
match buf[0] {
x if x == ServerResponse::OK as u8 => {
eprintln!("network registered");
}
x if x == ServerResponse::GENERAL_ERROR as u8 => {
eprintln!(
"{}",
match std::str::from_utf8(&buf[1..data_lenght]) {
Ok(s) => s.to_string(),
Err(e) => {
panic!("id to utf-8 failed: {}", e);
}
}
)
}
x if x == ServerResponse::ID_EXISTS as u8 => {
panic!("network ID already exist try differnt one!");
}
_ => {
panic!("unknown responce from server code: 0x{:02x}", buf[0])
}
}
}
Ok(())
src/lib.rs
+4 -2
View File
@@ -2,7 +2,7 @@ pub const SERVER_PORT: u16 = 3543;
pub const BUFFER_SIZE: usize = 65535;
pub const DEFAULT_TIMEOUT: u64 = 30;
pub const VERSION: &str = "v0.1";
pub const RSA_SIZE: usize = 2048;
pub const SALT_AND_IV_SIZE: u8 = 16;
#[repr(u8)]
pub enum ServerMethods {
@@ -24,7 +24,9 @@ pub enum RegisterRequestDataPositions {
ENCRYPTED = 1, // this feeld should be 0 if not encrypted
ID_LEN = 2,
SOCKADDR_LEN = 3,
DATA = 4, // after this there will be id and sockaddr in string or encrypted form after
SALT = 4,
IV = (SALT_AND_IV_SIZE + RegisterRequestDataPositions::SALT as u8) as isize,
DATA = (SALT_AND_IV_SIZE + RegisterRequestDataPositions::IV as u8) as isize, // after this there will be id and sockaddr in string or encrypted form after
}
pub mod shared;
src/server/net.rs
+71 -15
View File
@@ -2,6 +2,7 @@ use super::types;
use super::utils;
use orx_concurrent_vec::ConcurrentVec;
use pea_2_pea::*;
use rayon::prelude::*;
use std::sync::Arc;
pub async fn handle_request(
@@ -55,26 +56,81 @@ pub async fn handle_request(
return;
};
let net_id: String = match std::str::from_utf8(
&buf[(RegisterRequestDataPositions::DATA as usize)
..(len_id as usize) + (RegisterRequestDataPositions::DATA as usize)],
) {
Ok(s) => s.to_string(),
Err(e) => {
eprint!("id to utf-8 failed: {}", e);
utils::send_general_error_to_client(src, e, socket);
return;
}
};
match registration_vector
.iter()
.find(|elem| elem.map(|s| &s.net_id == &net_id)) // find if id exists
{
Some(_) => {
match socket.send_to(&[ServerResponse::ID_EXISTS as u8], src) {
Ok(s) => {
#[cfg(debug_assertions)]
eprintln!("send {} bytes", s);
}
Err(e) => {
eprintln!("Error sending data: {}", e);
}
};
return;
}
None => {}
}
let salt: Option<[u8; SALT_AND_IV_SIZE as usize]>;
let iv: Option<[u8; SALT_AND_IV_SIZE as usize]>;
if encrypted {
salt = Some(
buf[(RegisterRequestDataPositions::SALT as usize)
..(RegisterRequestDataPositions::SALT as usize)
+ (SALT_AND_IV_SIZE as usize)]
.try_into()
.expect("this should never happen"),
);
iv = Some(
buf[(RegisterRequestDataPositions::IV as usize)
..(RegisterRequestDataPositions::IV as usize)
+ (SALT_AND_IV_SIZE as usize)]
.try_into()
.expect("this should never happen"),
)
} else {
salt = None;
iv = None;
}
registration_vector.push(types::Registration::new(
match std::str::from_utf8(
&buf[(RegisterRequestDataPositions::DATA as usize)
..(len_id as usize) + (RegisterRequestDataPositions::DATA as usize)],
) {
Ok(s) => s.to_string(),
Err(e) => {
eprint!("id to utf-8 failed: {}", e);
utils::send_general_error_to_client(src, e, socket);
return;
}
},
buf[(len_id as usize) + (RegisterRequestDataPositions::DATA as usize)
..(len_id as usize)
+ (RegisterRequestDataPositions::DATA as usize)
+ (sock_addr_len as usize)]
net_id,
buf[(RegisterRequestDataPositions::DATA as usize)
..(RegisterRequestDataPositions::DATA as usize) + (sock_addr_len as usize)]
.to_vec(),
encrypted,
chrono::Utc::now().timestamp(),
salt,
iv,
));
match socket.send_to(&[ServerResponse::OK as u8], src) {
Ok(s) => {
#[cfg(debug_assertions)]
eprintln!("send {} bytes", s);
}
Err(e) => {
eprintln!("Error sending data: {}", e);
}
}
#[cfg(debug_assertions)]
println!("network registered");
}
x if x == ServerMethods::HEARTBEAT as u8 => {
src/server/types.rs
+20 -3
View File
@@ -1,3 +1,4 @@
use pea_2_pea::*;
use std::sync::{Arc, atomic::Ordering};
#[readonly::make]
@@ -20,19 +21,35 @@ impl Client {
pub struct Registration {
#[readonly]
pub net_id: String,
#[readonly]
pub clients: Vec<Client>,
pub last_heart_beat: i64,
#[readonly]
pub encrypted: bool,
pub last_heart_beat: i64,
#[readonly]
pub salt: [u8; SALT_AND_IV_SIZE as usize],
#[readonly]
pub iv: [u8; SALT_AND_IV_SIZE as usize],
}
impl Registration {
pub fn new(net_id: String, client_addr: Vec<u8>, encrypted: bool, heart_beat: i64) -> Self {
pub fn new(
net_id: String,
client_addr: Vec<u8>,
encrypted: bool,
heart_beat: i64,
salt: Option<[u8; SALT_AND_IV_SIZE as usize]>,
iv: Option<[u8; SALT_AND_IV_SIZE as usize]>,
) -> Self {
Registration {
net_id: net_id,
net_id,
clients: vec![Client::new(client_addr, heart_beat)],
encrypted,
last_heart_beat: heart_beat,
salt: salt.unwrap_or([0; SALT_AND_IV_SIZE as usize]),
iv: iv.unwrap_or([0; SALT_AND_IV_SIZE as usize]),
}
}
}
src/server/utils.rs
+1 -2
View File
@@ -7,8 +7,7 @@ pub fn send_general_error_to_client<T: std::error::Error>(
let mut resp_buf: Box<[u8]> = vec![0; e.to_string().len() + 1].into_boxed_slice();
resp_buf[0] = ServerResponse::GENERAL_ERROR as u8; // set 1st byte to ERROR
resp_buf[1..1 + e.to_string().len()] // send error text to client
.copy_from_slice(e.to_string().as_bytes());
resp_buf[1..1 + e.to_string().len()].copy_from_slice(e.to_string().as_bytes()); // send error text to client
let _ = socket.send_to(&[ServerResponse::GENERAL_ERROR as u8], dst);
}
src/shared/crypto.rs
+37
View File
@@ -1 +1,38 @@
use aes::Aes256;
use cbc::cipher::{BlockDecryptMut, BlockEncryptMut, KeyIvInit, block_padding::Pkcs7};
use cbc::{Decryptor, Encryptor};
use hmac::Hmac;
use pbkdf2::pbkdf2;
use sha2::Sha256;
// they are used
#[allow(dead_code)]
type Aes256CbcEnc = Encryptor<Aes256>;
#[allow(dead_code)]
type Aes256CbcDec = Decryptor<Aes256>;
pub fn derive_key_from_password(password: &[u8], salt: &[u8]) -> [u8; 32] {
let mut key = [0u8; 32];
let _ = pbkdf2::<Hmac<Sha256>>(password, salt, 10000, &mut key);
key
}
/// Encrypt using AES-256-CBC
pub fn encrypt(
key: &[u8],
iv: &[u8],
plaintext: &[u8],
) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let cipher = Aes256CbcEnc::new_from_slices(key, iv)?;
Ok(cipher.encrypt_padded_vec_mut::<Pkcs7>(plaintext))
}
/// Decrypt using AES-256-CBC
pub fn decrypt(
key: &[u8],
iv: &[u8],
ciphertext: &[u8],
) -> Result<Vec<u8>, Box<dyn std::error::Error>> {
let cipher = Aes256CbcDec::new_from_slices(key, iv)?;
Ok(cipher.decrypt_padded_vec_mut::<Pkcs7>(ciphertext).unwrap())
}
src/shared/mod.rs
+1 -1
View File
@@ -1 +1 @@
mod crypto;