5 Author: Pekka Riikonen <priikone@poseidon.pspt.fi>
7 Copyright (C) 1997 - 2000 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
21 * Created: Fri Jul 25 18:52:14 1997
25 #include "silcincludes.h"
27 /******************************************************************************
29 Packet Sending Routines
31 ******************************************************************************/
33 /* Writes data from encrypted buffer to the socket connection. If the
34 data cannot be written at once, it will be written later with a timeout.
35 The data is written from the data section of the buffer, not from head
36 or tail section. This automatically pulls the data section towards end
37 after writing the data. */
39 int silc_packet_write(int sock, SilcBuffer src)
43 SILC_LOG_DEBUG(("Writing data to socket %d", sock));
46 ret = write(sock, src->data, src->len);
48 if (errno == EAGAIN) {
49 SILC_LOG_DEBUG(("Could not write immediately, will do it later"));
52 SILC_LOG_ERROR(("Cannot write to socket: %s", strerror(errno)));
56 silc_buffer_pull(src, ret);
59 SILC_LOG_DEBUG(("Wrote data %d bytes", ret));
64 /* Actually sends the packet. This flushes the connections outgoing data
65 buffer. If data is sent directly to the network this returns the bytes
66 written, if error occured this returns -1 and if the data could not
67 be written directly to the network at this time this returns -2, in
68 which case the data should be queued by the caller and sent at some
69 later time. If `force_send' is TRUE this attempts to write the data
70 directly to the network, if FALSE, this returns -2. */
72 int silc_packet_send(SilcSocketConnection sock, int force_send)
74 /* Send now if forced to do so */
75 if (force_send == TRUE) {
78 SILC_LOG_DEBUG(("Forcing packet send, packet sent immediately"));
80 /* Write to network */
81 ret = silc_packet_write(sock->sock, sock->outbuf);
84 SILC_LOG_ERROR(("Error sending packet, dropped"));
89 SILC_LOG_DEBUG(("Could not force the send, packet put to queue"));
92 SILC_LOG_DEBUG(("Packet in queue"));
97 /* Encrypts a packet. This also creates HMAC of the packet before
98 encryption and adds the HMAC at the end of the buffer. This assumes
99 that there is enough free space at the end of the buffer to add the
100 computed HMAC. This is the normal way of encrypting packets, if some
101 other process of HMAC computing and encryption is needed this function
104 void silc_packet_encrypt(SilcCipher cipher, SilcHmac hmac,
105 SilcBuffer buffer, unsigned int len)
107 unsigned char mac[32];
110 SILC_LOG_DEBUG(("Encrypting packet, cipher %s, len %d (%d)",
111 cipher->cipher->name, len, len - 2));
114 /* Compute HMAC. This assumes that HMAC is created from the entire
115 data area thus this uses the length found in buffer, not the length
118 silc_hmac_make(hmac, buffer->data, buffer->len, mac);
119 silc_buffer_put_tail(buffer, mac, hmac->hash->hash->hash_len);
120 memset(mac, 0, sizeof(mac));
123 /* Encrypt the data area of the packet. 2 bytes of the packet
124 are not encrypted. */
126 cipher->cipher->encrypt(cipher->context, buffer->data + 2,
127 buffer->data + 2, len - 2, cipher->iv);
129 /* Pull the HMAC into the visible data area in the buffer */
131 silc_buffer_pull_tail(buffer, hmac->hash->hash->hash_len);
134 /* Assembles a new packet to be ready for send out. The buffer sent as
135 argument must include the data to be sent and it must not be encrypted.
136 The packet also must have enough free space so that the SILC header
137 and padding maybe added to the packet. The packet is encrypted after
138 this function has returned.
140 The buffer sent as argument should be something like following:
142 --------------------------------------------
143 | head | data | tail |
144 --------------------------------------------
148 So that the SILC header and 1 - 16 bytes of padding can fit to
149 the buffer. After assembly the buffer might look like this:
151 --------------------------------------------
153 --------------------------------------------
155 Start of assembled packet
157 Packet construct is as follows (* = won't be encrypted):
160 2 bytes Payload length (*)
163 1 byte Source ID Type
164 2 bytes Source ID Length
166 1 byte Destination ID Type
167 2 bytes Destination ID Length
168 x bytes Destination ID
174 All fields in the packet will be authenticated by MAC. The MAC is
175 not computed here, it must be computed differently before encrypting
180 void silc_packet_assemble(SilcPacketContext *ctx)
182 unsigned char tmppad[SILC_PACKET_MAX_PADLEN];
185 SILC_LOG_DEBUG(("Assembling outgoing packet"));
187 /* Get the true length of the packet. This is saved as payload length
188 into the packet header. This does not include the length of the
191 ctx->truelen = ctx->buffer->len + SILC_PACKET_HEADER_LEN +
192 ctx->src_id_len + ctx->dst_id_len;
194 /* Calculate the length of the padding. The padding is calculated from
195 the data that will be encrypted. As protocol states 3 first bytes
196 of the packet are not encrypted they are not included in the
197 padding calculation. */
199 ctx->padlen = SILC_PACKET_PADLEN(ctx->truelen);
201 /* Put the start of the data section to the right place. */
202 silc_buffer_push(ctx->buffer, SILC_PACKET_HEADER_LEN +
203 ctx->src_id_len + ctx->dst_id_len + ctx->padlen);
205 /* Get random padding */
207 for (i = 0; i < ctx->padlen; i++)
208 tmppad[i] = silc_rng_get_byte(ctx->rng);
210 /* XXX: For testing - to be removed */
211 memset(tmppad, 65, sizeof(tmppad));
214 /* Create the packet. This creates the SILC header and adds padding,
215 rest of the buffer remains as it is. */
216 silc_buffer_format(ctx->buffer,
217 SILC_STR_UI_SHORT(ctx->truelen),
218 SILC_STR_UI_CHAR(ctx->flags),
219 SILC_STR_UI_CHAR(ctx->type),
220 SILC_STR_UI_SHORT(ctx->src_id_len),
221 SILC_STR_UI_SHORT(ctx->dst_id_len),
222 SILC_STR_UI_CHAR(ctx->src_id_type),
223 SILC_STR_UI_XNSTRING(ctx->src_id, ctx->src_id_len),
224 SILC_STR_UI_CHAR(ctx->dst_id_type),
225 SILC_STR_UI_XNSTRING(ctx->dst_id, ctx->dst_id_len),
226 SILC_STR_UI_XNSTRING(tmppad, ctx->padlen),
229 SILC_LOG_HEXDUMP(("Assembled packet, len %d", ctx->buffer->len),
230 ctx->buffer->data, ctx->buffer->len);
232 SILC_LOG_DEBUG(("Outgoing packet assembled"));
235 /* Prepare outgoing data buffer for packet sending. This moves the data
236 area so that new packet may be added into it. If needed this allocates
237 more space to the buffer. This handles directly the connection's
238 outgoing buffer in SilcSocketConnection object. */
240 void silc_packet_send_prepare(SilcSocketConnection sock,
241 unsigned int header_len,
243 unsigned int data_len)
247 totlen = header_len + padlen + data_len;
249 /* Prepare the outgoing buffer for packet sending. */
251 /* Allocate new buffer. This is done only once per connection. */
252 SILC_LOG_DEBUG(("Allocating outgoing data buffer"));
254 sock->outbuf = silc_buffer_alloc(SILC_PACKET_DEFAULT_SIZE);
255 silc_buffer_pull_tail(sock->outbuf, totlen);
256 silc_buffer_pull(sock->outbuf, header_len + padlen);
258 if (SILC_IS_OUTBUF_PENDING(sock)) {
259 /* There is some pending data in the buffer. */
261 /* Allocate more space if needed */
262 if ((sock->outbuf->end - sock->outbuf->tail) < data_len) {
263 SILC_LOG_DEBUG(("Reallocating outgoing data buffer"));
264 sock->outbuf = silc_buffer_realloc(sock->outbuf,
265 sock->outbuf->truelen + totlen);
268 oldlen = sock->outbuf->len;
269 silc_buffer_pull_tail(sock->outbuf, totlen);
270 silc_buffer_pull(sock->outbuf, header_len + padlen + oldlen);
272 /* Buffer is free for use */
273 silc_buffer_clear(sock->outbuf);
274 silc_buffer_pull_tail(sock->outbuf, totlen);
275 silc_buffer_pull(sock->outbuf, header_len + padlen);
280 /******************************************************************************
282 Packet Reception Routines
284 ******************************************************************************/
286 /* Reads data from the socket connection into the incoming data buffer.
287 However, this does not parse the packet, it only reads some amount from
288 the network. If there are more data available that can be read at a time
289 the rest of the data will be read later with a timeout and only after
290 that the packet is ready to be parsed.
292 The destination buffer sent as argument must be initialized before
293 calling this function, and, the data section and the start of the tail
294 section must be same. Ie. we add the read data to the tail section of
295 the buffer hence the data section is the start of the buffer.
297 This returns amount of bytes read or -1 on error or -2 on case where
298 all of the data could not be read at once. */
300 int silc_packet_read(int sock, SilcBuffer dest)
303 unsigned char buf[SILC_PACKET_READ_SIZE];
305 SILC_LOG_DEBUG(("Reading data from socket %d", sock));
307 /* Read the data from the socket. */
308 len = read(sock, buf, sizeof(buf));
310 if (errno == EAGAIN || errno == EINTR) {
311 SILC_LOG_DEBUG(("Could not read immediately, will do it later"));
314 SILC_LOG_ERROR(("Cannot read from socket: %d", strerror(errno)));
321 /* Insert the data to the buffer. If the data doesn't fit to the
322 buffer space is allocated for the buffer. */
323 /* XXX: This may actually be bad thing as if there is pending data in
324 the buffer they will be lost! */
327 /* If the data doesn't fit we just have to allocate a whole new
329 if (dest->truelen <= len) {
331 /* Free the old buffer */
332 memset(dest->head, 'F', dest->truelen);
333 silc_free(dest->head);
335 /* Allocate new data area */
336 len += SILC_PACKET_DEFAULT_SIZE;
337 dest->data = silc_calloc(len, sizeof(char));
340 dest->head = dest->data;
341 dest->data = dest->data;
342 dest->tail = dest->data;
343 dest->end = dest->data + dest->truelen;
344 len -= SILC_PACKET_DEFAULT_SIZE;
347 silc_buffer_put_tail(dest, buf, len);
348 silc_buffer_pull_tail(dest, len);
351 SILC_LOG_DEBUG(("Read %d bytes", len));
356 /* Processes the received data. This checks the received data and
357 calls parser callback that handles the actual packet decryption
358 and parsing. If more than one packet was received this calls the
359 parser multiple times. The parser callback will get context
360 SilcPacketParserContext that includes the packet and the `context'
361 sent to this function. */
363 void silc_packet_receive_process(SilcSocketConnection sock,
364 SilcCipher cipher, SilcHmac hmac,
365 SilcPacketParserCallback parser,
368 SilcPacketParserContext *parse_ctx;
369 int packetlen, paddedlen, count, mac_len = 0;
372 mac_len = hmac->hash->hash->hash_len;
374 /* Parse the packets from the data */
376 while (sock->inbuf->len > 2) {
377 SILC_PACKET_LENGTH(sock->inbuf, packetlen, paddedlen);
381 if (packetlen < SILC_PACKET_MIN_LEN) {
382 SILC_LOG_DEBUG(("Received invalid packet, dropped"));
386 if (sock->inbuf->len < paddedlen + mac_len) {
387 SILC_LOG_DEBUG(("Received partial packet, waiting for the rest"));
391 parse_ctx = silc_calloc(1, sizeof(*parse_ctx));
392 parse_ctx->packet = silc_calloc(1, sizeof(*parse_ctx->packet));
393 parse_ctx->packet->buffer = silc_buffer_alloc(paddedlen + mac_len);
394 parse_ctx->sock = sock;
395 parse_ctx->cipher = cipher;
396 parse_ctx->hmac = hmac;
397 parse_ctx->context = context;
399 silc_buffer_pull_tail(parse_ctx->packet->buffer,
400 SILC_BUFFER_END(parse_ctx->packet->buffer));
401 silc_buffer_put(parse_ctx->packet->buffer, sock->inbuf->data,
402 paddedlen + mac_len);
404 SILC_LOG_HEXDUMP(("Incoming packet, len %d",
405 parse_ctx->packet->buffer->len),
406 parse_ctx->packet->buffer->data,
407 parse_ctx->packet->buffer->len);
409 /* Call the parser */
411 (*parser)(parse_ctx);
413 /* Pull the packet from inbuf thus we'll get the next one
415 silc_buffer_pull(sock->inbuf, paddedlen);
417 silc_buffer_pull(sock->inbuf, mac_len);
420 silc_buffer_clear(sock->inbuf);
423 /* Receives packet from network and reads the data into connection's
424 incoming data buffer. If the data was read directly this returns the
425 read bytes, if error occured this returns -1, if the data could not
426 be read directly at this time this returns -2 in which case the data
427 should be read again at some later time, or If EOF occured this returns
430 int silc_packet_receive(SilcSocketConnection sock)
434 /* Allocate the incoming data buffer if not done already. */
436 sock->inbuf = silc_buffer_alloc(SILC_PACKET_DEFAULT_SIZE);
438 /* Read some data from connection */
439 ret = silc_packet_read(sock->sock, sock->inbuf);
443 SILC_LOG_ERROR(("Error reading packet, dropped"));
449 /* Checks MAC in the packet. Returns TRUE if MAC is Ok. This is called
450 after packet has been totally decrypted and parsed. */
452 static int silc_packet_check_mac(SilcHmac hmac, SilcBuffer buffer)
456 unsigned char mac[32];
458 SILC_LOG_DEBUG(("Verifying MAC"));
460 /* Compute HMAC of packet */
461 memset(mac, 0, sizeof(mac));
462 silc_hmac_make(hmac, buffer->data, buffer->len, mac);
464 /* Compare the HMAC's (buffer->tail has the packet's HMAC) */
465 if (memcmp(mac, buffer->tail, hmac->hash->hash->hash_len)) {
466 SILC_LOG_DEBUG(("MAC failed"));
470 SILC_LOG_DEBUG(("MAC is Ok"));
471 memset(mac, 0, sizeof(mac));
477 /* Decrypts rest of the packet (after decrypting just the SILC header).
478 After calling this function the packet is ready to be parsed by calling
479 silc_packet_parse. If everything goes without errors this returns TRUE,
480 if packet is malformed this returns FALSE. */
482 static int silc_packet_decrypt_rest(SilcCipher cipher, SilcHmac hmac,
487 /* Pull MAC from packet before decryption */
489 if ((buffer->len - hmac->hash->hash->hash_len) > SILC_PACKET_MIN_LEN) {
490 silc_buffer_push_tail(buffer, hmac->hash->hash->hash_len);
492 SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
497 SILC_LOG_DEBUG(("Decrypting rest of the packet"));
499 /* Decrypt rest of the packet */
500 silc_buffer_pull(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
501 cipher->cipher->decrypt(cipher->context, buffer->data + 2,
502 buffer->data + 2, buffer->len - 2,
504 silc_buffer_push(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
506 SILC_LOG_HEXDUMP(("Fully decrypted packet, len %d", buffer->len),
507 buffer->data, buffer->len);
513 /* Decrypts rest of the SILC Packet header that has been decrypted partly
514 already. This decrypts the padding of the packet also. After calling
515 this function the packet is ready to be parsed by calling function
516 silc_packet_parse. This is used in special packet reception (protocol
517 defines the way of decrypting special packets). */
519 static int silc_packet_decrypt_rest_special(SilcCipher cipher,
523 /* Decrypt rest of the header plus padding */
525 unsigned short truelen, len1, len2, padlen;
527 /* Pull MAC from packet before decryption */
529 if ((buffer->len - hmac->hash->hash->hash_len) > SILC_PACKET_MIN_LEN) {
530 silc_buffer_push_tail(buffer, hmac->hash->hash->hash_len);
532 SILC_LOG_DEBUG(("Bad MAC length in packet, packet dropped"));
537 SILC_LOG_DEBUG(("Decrypting rest of the header"));
539 SILC_GET16_MSB(len1, &buffer->data[4]);
540 SILC_GET16_MSB(len2, &buffer->data[6]);
542 truelen = SILC_PACKET_HEADER_LEN + len1 + len2;
543 padlen = SILC_PACKET_PADLEN(truelen);
544 len1 = (truelen + padlen) - (SILC_PACKET_MIN_HEADER_LEN - 2);
546 silc_buffer_pull(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
547 cipher->cipher->decrypt(cipher->context, buffer->data + 2,
548 buffer->data + 2, len1 - 2,
550 silc_buffer_push(buffer, SILC_PACKET_MIN_HEADER_LEN - 2);
556 /* Decrypts a packet. This assumes that typical SILC packet is the
557 packet to be decrypted and thus checks for normal and special SILC
558 packets and can handle both of them. This also computes and checks
559 the HMAC of the packet. If any other special or customized decryption
560 processing is required this function cannot be used. This returns
561 -1 on error, 0 when packet is normal packet and 1 when the packet
562 is special and requires special processing. */
564 int silc_packet_decrypt(SilcCipher cipher, SilcHmac hmac,
565 SilcBuffer buffer, SilcPacketContext *packet)
568 SILC_LOG_DEBUG(("Decrypting packet, cipher %s, len %d (%d)",
569 cipher->cipher->name, len, len - 2));
572 /* Decrypt start of the packet header */
574 cipher->cipher->decrypt(cipher->context, buffer->data + 2,
575 buffer->data + 2, SILC_PACKET_MIN_HEADER_LEN - 2,
578 /* If the packet type is not any special type lets decrypt rest
579 of the packet here. */
580 if ((buffer->data[3] == SILC_PACKET_PRIVATE_MESSAGE &&
581 !(buffer->data[2] & SILC_PACKET_FLAG_PRIVMSG_KEY)) ||
582 buffer->data[3] != SILC_PACKET_CHANNEL_MESSAGE) {
584 /* Normal packet, decrypt rest of the packet */
585 if (!silc_packet_decrypt_rest(cipher, hmac, buffer))
589 if (!silc_packet_check_mac(hmac, buffer))
594 /* Packet requires special handling, decrypt rest of the header.
595 This only decrypts. */
596 silc_packet_decrypt_rest_special(cipher, hmac, buffer);
599 if (!silc_packet_check_mac(hmac, buffer))
606 /* Parses the packet. This is called when a whole packet is ready to be
607 parsed. The buffer sent must be already decrypted before calling this
608 function. The len argument must be the true length of the packet. This
609 function returns the type of the packet. The data section of the
610 buffer is parsed, not head or tail sections. */
612 SilcPacketType silc_packet_parse(SilcPacketContext *ctx)
614 SilcBuffer buffer = ctx->buffer;
617 SILC_LOG_DEBUG(("Parsing incoming packet"));
619 /* Check the length of the buffer */
620 if (buffer->len < SILC_PACKET_MIN_LEN) {
621 SILC_LOG_ERROR(("Bad packet length: %d, packet dropped", buffer->len));
622 return SILC_PACKET_NONE;
625 /* Parse the buffer. This parses the SILC header of the packet. */
626 len = silc_buffer_unformat(buffer,
627 SILC_STR_UI_SHORT(&ctx->truelen),
628 SILC_STR_UI_CHAR(&ctx->flags),
629 SILC_STR_UI_CHAR(&ctx->type),
630 SILC_STR_UI_SHORT(&ctx->src_id_len),
631 SILC_STR_UI_SHORT(&ctx->dst_id_len),
632 SILC_STR_UI_CHAR(&ctx->src_id_type),
635 if (ctx->src_id_len > SILC_PACKET_MAX_ID_LEN ||
636 ctx->dst_id_len > SILC_PACKET_MAX_ID_LEN) {
637 SILC_LOG_ERROR(("Bad ID lengths in packet"));
638 return SILC_PACKET_NONE;
641 /* Calculate length of padding in packet */
642 ctx->padlen = SILC_PACKET_PADLEN(ctx->truelen);
644 silc_buffer_pull(buffer, len);
645 silc_buffer_unformat(buffer,
646 SILC_STR_UI_XNSTRING_ALLOC(&ctx->src_id,
648 SILC_STR_UI_CHAR(&ctx->dst_id_type),
649 SILC_STR_UI_XNSTRING_ALLOC(&ctx->dst_id,
651 SILC_STR_UI_XNSTRING(NULL, ctx->padlen),
653 silc_buffer_push(buffer, len);
655 SILC_LOG_HEXDUMP(("parsed packet, len %d", ctx->buffer->len),
656 ctx->buffer->data, ctx->buffer->len);
658 /* Pull SILC header and padding from packet */
659 silc_buffer_pull(buffer, SILC_PACKET_HEADER_LEN +
660 ctx->src_id_len + ctx->dst_id_len + ctx->padlen);
662 SILC_LOG_DEBUG(("Incoming packet type: %d", ctx->type));
667 /* Perform special SILC Packet header parsing. This is required to some
668 packet types that have the data payload encrypted with different key
669 than the header area plus padding of the packet. Hence, this parses
670 the header in a way that it does not take the data area into account
671 and parses the header and padding area only. */
673 SilcPacketType silc_packet_parse_special(SilcPacketContext *ctx)
675 SilcBuffer buffer = ctx->buffer;
678 SILC_LOG_DEBUG(("Parsing incoming packet"));
680 /* Check the length of the buffer */
681 if (buffer->len < SILC_PACKET_MIN_LEN) {
682 SILC_LOG_ERROR(("Bad packet length: %d, packet dropped", buffer->len));
683 return SILC_PACKET_NONE;
686 /* Parse the buffer. This parses the SILC header of the packet. */
687 len = silc_buffer_unformat(buffer,
688 SILC_STR_UI_SHORT(&ctx->truelen),
689 SILC_STR_UI_CHAR(&ctx->flags),
690 SILC_STR_UI_CHAR(&ctx->type),
691 SILC_STR_UI_SHORT(&ctx->src_id_len),
692 SILC_STR_UI_SHORT(&ctx->dst_id_len),
693 SILC_STR_UI_CHAR(&ctx->src_id_type),
696 if (ctx->src_id_len > SILC_PACKET_MAX_ID_LEN ||
697 ctx->dst_id_len > SILC_PACKET_MAX_ID_LEN) {
698 SILC_LOG_ERROR(("Bad ID lengths in packet"));
699 return SILC_PACKET_NONE;
702 /* Calculate length of padding in packet. As this is special packet
703 the data area is not used in the padding calculation as it won't
704 be decrypted by the caller. */
705 tmplen = SILC_PACKET_HEADER_LEN + ctx->src_id_len + ctx->dst_id_len;
706 ctx->padlen = SILC_PACKET_PADLEN(tmplen);
708 silc_buffer_pull(buffer, len);
709 silc_buffer_unformat(buffer,
710 SILC_STR_UI_XNSTRING_ALLOC(&ctx->src_id,
712 SILC_STR_UI_CHAR(&ctx->dst_id_type),
713 SILC_STR_UI_XNSTRING_ALLOC(&ctx->dst_id,
715 SILC_STR_UI_XNSTRING(NULL, ctx->padlen),
717 silc_buffer_push(buffer, len);
719 SILC_LOG_HEXDUMP(("parsed packet, len %d", ctx->buffer->len),
720 ctx->buffer->data, ctx->buffer->len);
722 /* Pull SILC header and padding from packet */
723 silc_buffer_pull(buffer, SILC_PACKET_HEADER_LEN +
724 ctx->src_id_len + ctx->dst_id_len + ctx->padlen);
726 SILC_LOG_DEBUG(("Incoming packet type: %d", ctx->type));