From: paulr Date: Fri, 18 Mar 2011 17:06:54 +0000 (+1100) Subject: some basic encryption beginnings. X-Git-Url: http://git.pjr.cc/?a=commitdiff_plain;h=1450d5020fd9be9193327ac035605d8aaef29714;p=pengine.git some basic encryption beginnings. --- diff --git a/lib/interComms.php b/lib/interComms.php index f53a4a0..1e7507f 100644 --- a/lib/interComms.php +++ b/lib/interComms.php @@ -5,10 +5,23 @@ define("NETCOM_PORT_SSL", 14002); // comms on this thing are very serial, the server are only capable of processing // one thing at a time... for now + +// the encryption we use here yes, it will be pub/priv but not ssl per se. +// how encryption works: +// initiate connection: +// server -> PEN:b64enc(pubkey):INE +// client -> PEN:ACK:INE +// client -> PEN:encrypt(pubkey, session key):INE +// server -> PEN:ACK:INE +// client -> PEN:encrypt(data, session key):INE <-- data transmission starts here +// server -> PEN:ACK:INE + class netCom { function __construct($am_i_a_server = false, $server_addr = "127.0.0.1") { + global $storeLocation; + // i have to set it to something, right? $this->semKey = ftok(__FILE__, "p"); $this->encrypt = false; @@ -16,55 +29,140 @@ class netCom { $this->amserver = $am_i_a_server; $this->server = $server_addr; + if($this->amserver) if(is_file("$storeLocation/mykey.priv")) { + echo "loading key\n"; + $kh = fopen("$storeLocation/mykey.priv", "r"); + $kdp = fread($kh, filesize("$storeLocation/mykey.priv")); + + $key = openssl_pkey_get_private($kdp); + $output = ""; + $km = openssl_pkey_export($key, $output); + echo "key is $output\n"; + $this->key_priv = $output; + + $ar_pubkey = openssl_pkey_get_details($key); + $this->key_pub = $ar_pubkey["key"]; + + + } else { + echo "generateing key\n"; + $key = openssl_pkey_new(); + echo "key generated $key\n"; + $output = ""; + $km = openssl_pkey_export($key, $output); + echo "key is $output\n"; + $ar_pubkey = openssl_pkey_get_details($key); + $pubkey = $ar_pubkey["key"]; + echo "array is $pubkey\n"; + // now lets write some shit + $priv_f = fopen("$storeLocation/mykey.priv", "w"); + fwrite($priv_f, $output); + $this->key_priv = $output; + fclose($priv_f); + + $pub_f = fopen("$storeLocation/mykey.pub", "w"); + fwrite($pub_f, $pubkey); + $this->key_pub = $pubkey; + fclose($pub_f); + + + } } // initiates a bind if its a server, a connect if its a client function go() { if($this->amserver) { + echo "i am a server, bind!\n"; $this->listen_socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); + $this->listen_socket_ssl = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); socket_bind($this->listen_socket, "127.0.0.1", NETCOM_PORT); socket_listen($this->listen_socket); - + socket_bind($this->listen_socket_ssl, "127.0.0.1", NETCOM_PORT_SSL); + socket_listen($this->listen_socket_ssl); + echo "bound\n"; } else { + echo "I am a client, connect!\n"; $this->socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); - $res = socket_connect($this->socket, "127.0.0.1", NETCOM_PORT); + $res = socket_connect($this->socket, "127.0.0.1", NETCOM_PORT_SSL); + $this->secure_socket = true; if(!$res) { echo "fail on connect\n"; socket_close($this->socket); return false; } + echo "connected\n"; + // now handle secure handshake; + if($this->secure_socket) { + echo "begin handshake\n"; + $msg = $this->receiveMessage(); + echo "got msg:\n"; + print_r($msg); + echo "\n"; + + } } } function waitForConnection() { + echo "in wait for connection\n"; socket_listen($this->listen_socket); $this->socket = socket_accept($this->listen_socket); + $this->secure_socket = false; + echo "exit wait for connection\n"; } + function waitForSecureConnection() + { + echo "in wait for secure connection\n"; + socket_listen($this->listen_socket_ssl); + $this->socket = socket_accept($this->listen_socket_ssl); + $this->secure_socket = true; + + // now do negotiate + if($this->secure_socket) { + $arg[0] = $this->key_pub; + $this->sendMessage($arg); + } + + echo "exit wait for connection\n"; + } + function sendMessage($message_array) { + echo "begin send message\n"; $datacomp = base64_encode(serialize($message_array)); $tosend = "PEN:$datacomp:INE"; socket_send($this->socket, $tosend, strlen($tosend), 0); - + echo "end send message\n"; // get up to one meg of data - this is bad... i can feel this function // hurting alot // TODO FIX THIS - its garbage code... im not really sure how to handle this really // we need to read back as AS:data:EOD - i think it now does.. i hope, tho we need // timeouts now. + // we wait for an ack + $size = socket_recv($this->socket, $recv, 1024, 0); + if($recv != "PEN:ACK:INE") { + echo "invalid response?\n$recv\n"; + } else { + echo "got ack\n"; + } } function receiveMessage() { + echo "begin recieve message\n"; $recvd = ""; $continue = true; while($continue) { $size = socket_recv($this->socket, $recvd_a, 1024, 0); + $recvd .= $recvd_a; + echo "got $recvd_a so far for $size\n"; + if($size == 0) return false; if(preg_match("/.*\:INE$/", $recvd)) { // we have a full string... break out $continue = false; @@ -73,14 +171,18 @@ class netCom { } + echo "rec msg next\n"; // first check we got something that makes sense - if(preg_match("/^PEN:.*:INE/", $recvd) < 1) { + if(preg_match("/^PEN:.*:INE$/", $recvd) < 1) { socket_close($this->socket); echo "Returned data is not in right format\n"; // we have a problem jim return false; } + $msg = "PEN:ACK:INE"; + socket_send($this->socket, $msg, strlen($msg), 0); + echo "got a data packet\n"; $xps = explode(":", $recvd); $component = unserialize(base64_decode($xps[1])); @@ -98,6 +200,9 @@ class netCom { private $socket_ssl; private $listen_socket; private $listen_socket_ssl; + private $key_priv; + private $key_pub; + private $secure_socket; } diff --git a/unittests/commrecv.php b/unittests/commrecv.php index 16fea30..2061063 100644 --- a/unittests/commrecv.php +++ b/unittests/commrecv.php @@ -5,7 +5,7 @@ $mn = new netCom(true); $mn->go(); while(true) { - $mn->waitForConnection(); + $mn->waitForSecureConnection(); while(($msg = $mn->receiveMessage()) !== false) { print_r($msg); } diff --git a/unittests/commsend.php b/unittests/commsend.php index cdd8e4e..d1eb4d3 100644 --- a/unittests/commsend.php +++ b/unittests/commsend.php @@ -6,7 +6,7 @@ $mn->go(); $array["asdf"] = "message"; $array["other"] = "moogie"; -for($i = 0; $i < 10; $i++) { +for($i = 0; $i < 1; $i++) { $array["bl"] = $i; $mn->sendMessage($array); }