some basic encryption beginnings.
authorpaulr <me@pjr.cc>
Fri, 18 Mar 2011 17:06:54 +0000 (04:06 +1100)
committerpaulr <me@pjr.cc>
Fri, 18 Mar 2011 17:06:54 +0000 (04:06 +1100)
lib/interComms.php
unittests/commrecv.php
unittests/commsend.php

index f53a4a0..1e7507f 100644 (file)
@@ -5,10 +5,23 @@ define("NETCOM_PORT_SSL", 14002);
 
 // comms on this thing are very serial, the server are only capable of processing
 // one thing at a time... for now
+
+// the encryption we use here yes, it will be pub/priv but not ssl per se.
+// how encryption works:
+// initiate connection:
+// server -> PEN:b64enc(pubkey):INE
+// client -> PEN:ACK:INE
+// client -> PEN:encrypt(pubkey, session key):INE
+// server -> PEN:ACK:INE
+// client -> PEN:encrypt(data, session key):INE <-- data transmission starts here
+// server -> PEN:ACK:INE
+
 class netCom {
        
        function __construct($am_i_a_server = false, $server_addr = "127.0.0.1")
        {
+               global $storeLocation;
+               
                // i have to set it to something, right?
                $this->semKey = ftok(__FILE__, "p");
                $this->encrypt = false;
@@ -16,55 +29,140 @@ class netCom {
                $this->amserver = $am_i_a_server;
                $this->server = $server_addr;
                
+               if($this->amserver) if(is_file("$storeLocation/mykey.priv")) {
+                       echo "loading key\n";
+                       $kh = fopen("$storeLocation/mykey.priv", "r");
+                       $kdp = fread($kh, filesize("$storeLocation/mykey.priv"));
+                       
+                       $key = openssl_pkey_get_private($kdp);
+                       $output = "";
+                       $km = openssl_pkey_export($key, $output);
+                       echo "key is $output\n";
+                       $this->key_priv = $output;
+                       
+                       $ar_pubkey = openssl_pkey_get_details($key);
+                       $this->key_pub = $ar_pubkey["key"];
+                       
+                       
+               } else {
+                       echo "generateing key\n";
+                       $key = openssl_pkey_new();
+                       echo "key generated $key\n";
+                       $output = "";
+                       $km = openssl_pkey_export($key, $output);
+                       echo "key is $output\n";
+                       $ar_pubkey = openssl_pkey_get_details($key);
+                       $pubkey = $ar_pubkey["key"];
+                       echo "array is $pubkey\n";
+                       // now lets write some shit
+                       $priv_f = fopen("$storeLocation/mykey.priv", "w");
+                       fwrite($priv_f, $output);
+                       $this->key_priv = $output;
+                       fclose($priv_f);
+                       
+                       $pub_f = fopen("$storeLocation/mykey.pub", "w");
+                       fwrite($pub_f, $pubkey);
+                       $this->key_pub = $pubkey;
+                       fclose($pub_f);
+                       
+                       
+               }
        }
        
        // initiates a bind if its a server, a connect if its a client
        function go()
        {
                if($this->amserver) {
+                       echo "i am a server, bind!\n";
                        $this->listen_socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
+                       $this->listen_socket_ssl = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
                        socket_bind($this->listen_socket, "127.0.0.1", NETCOM_PORT);
                        socket_listen($this->listen_socket);
-
+                       socket_bind($this->listen_socket_ssl, "127.0.0.1", NETCOM_PORT_SSL);
+                       socket_listen($this->listen_socket_ssl);
+                       echo "bound\n";
                } else {
+                       echo "I am a client, connect!\n";
                        $this->socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
-                       $res = socket_connect($this->socket, "127.0.0.1", NETCOM_PORT);
+                       $res = socket_connect($this->socket, "127.0.0.1", NETCOM_PORT_SSL);
+                       $this->secure_socket = true;
                        if(!$res) {
                                echo "fail on connect\n";
                                socket_close($this->socket);
                                return false;
                        }
+                       echo "connected\n";
                        
+                       // now handle secure handshake;
+                       if($this->secure_socket) {
+                               echo "begin handshake\n";
+                               $msg = $this->receiveMessage();
+                               echo "got msg:\n";
+                               print_r($msg);
+                               echo "\n";
+                               
+                       }
                }
        }
        
        function waitForConnection()
        {
+               echo "in wait for connection\n";
                socket_listen($this->listen_socket);
                $this->socket = socket_accept($this->listen_socket);
+               $this->secure_socket = false;
+               echo "exit wait for connection\n";
        }
 
+       function waitForSecureConnection()
+       {
+               echo "in wait for secure connection\n";
+               socket_listen($this->listen_socket_ssl);
+               $this->socket = socket_accept($this->listen_socket_ssl);
+               $this->secure_socket = true;
+               
+               // now do negotiate
+               if($this->secure_socket) {
+                       $arg[0] = $this->key_pub;
+                       $this->sendMessage($arg);
+               }
+               
+               echo "exit wait for connection\n";
+       }
+       
        function sendMessage($message_array)
        {               
+               echo "begin send message\n";
                $datacomp = base64_encode(serialize($message_array));
                $tosend = "PEN:$datacomp:INE";
                
                socket_send($this->socket, $tosend, strlen($tosend), 0);
-               
+               echo "end send message\n";
                // get up to one meg of data - this is bad... i can feel this function
                // hurting alot
                // TODO FIX THIS - its garbage code... im not really sure how to handle this really
                // we need to read back as AS:data:EOD - i think it now does.. i hope, tho we need
                // timeouts now.
+               // we wait for an ack
+               $size = socket_recv($this->socket, $recv, 1024, 0);
+               if($recv != "PEN:ACK:INE") {
+                       echo "invalid response?\n$recv\n";
+               } else {
+                       echo "got ack\n";
+               }
        }
        
        function receiveMessage()
        {
+               echo "begin recieve message\n";
                $recvd = "";
                $continue = true;
                while($continue) {
                        $size = socket_recv($this->socket, $recvd_a, 1024, 0);
+                       
                        $recvd .= $recvd_a;
+                       echo "got $recvd_a so far for $size\n";
+                       if($size == 0) return false;
                        if(preg_match("/.*\:INE$/", $recvd)) {
                                // we have a full string... break out
                                $continue = false;
@@ -73,14 +171,18 @@ class netCom {
                }
                
                
+               echo "rec msg next\n";
                // first check we got something that makes sense
-               if(preg_match("/^PEN:.*:INE/", $recvd) < 1) {
+               if(preg_match("/^PEN:.*:INE$/", $recvd) < 1) {
                        socket_close($this->socket);
                        echo "Returned data is not in right format\n";
                        // we have a problem jim
                        return false;
                }
+               $msg = "PEN:ACK:INE";
+               socket_send($this->socket, $msg, strlen($msg), 0);
                
+               echo "got a data packet\n";
                $xps = explode(":", $recvd);
                
                $component =  unserialize(base64_decode($xps[1]));
@@ -98,6 +200,9 @@ class netCom {
        private $socket_ssl;
        private $listen_socket;
        private $listen_socket_ssl;
+       private $key_priv;
+       private $key_pub;
+       private $secure_socket;
        
 }
 
index 16fea30..2061063 100644 (file)
@@ -5,7 +5,7 @@ $mn = new netCom(true);
 
 $mn->go();
 while(true) {
-       $mn->waitForConnection();
+       $mn->waitForSecureConnection();
        while(($msg = $mn->receiveMessage()) !== false) {
                print_r($msg);
        }
index cdd8e4e..d1eb4d3 100644 (file)
@@ -6,7 +6,7 @@ $mn->go();
 
 $array["asdf"] = "message";
 $array["other"] = "moogie";
-for($i = 0; $i < 10; $i++) {
+for($i = 0; $i < 1; $i++) {
        $array["bl"] = $i;
        $mn->sendMessage($array);
 }