1 files changed, 121 insertions, 0 deletions
diff --git a/src/Network/Tox/Crypto/Transport.hs b/src/Network/Tox/Crypto/Transport.hs
new file mode 100644
index 00000000..09f7fda8
--- /dev/null
+++ b/src/Network/Tox/Crypto/Transport.hs
@@ -0,0 +1,121 @@
+{-# LANGUAGE KindSignatures #-}
+module Network.Tox.Crypto.Transport
+    ( parseNetCrypto
+    , encodeNetCrypto
+    -- CryptoTransport
+    , NetCrypto(..)
+    , CryptoData(..)
+    , CryptoMessage(..)
+    , CryptoPacket(..)
+    , HandshakeData(..)
+    , Handshake(..)
+    ) where
+import Crypto.Tox
+import Network.Tox.DHT.Transport (Cookie)
+import Network.Socket
+import Data.ByteString
+import Data.Word
+import Crypto.Hash
+data NetCrypto
+    = NetHandshake (Handshake Encrypted)
+    | NetCrypto (CryptoPacket Encrypted)
+parseNetCrypto :: ByteString -> SockAddr -> Either String (NetCrypto, SockAddr)
+parseNetCrypto _ _  = Left "TODO: parseNetCrypto"
+encodeNetCrypto :: NetCrypto -> SockAddr -> (ByteString, SockAddr)
+encodeNetCrypto _ _ = _todo
+data Handshake (f :: * -> *) = Handshake
+    { handshakeCookie :: Cookie
+    , handshakeNonce :: Nonce24
+    , hadshakeData :: f HandshakeData
+    }
+data HandshakeData = HandshakeData
+    { baseNonce :: Nonce24
+    , sessionKey :: PublicKey
+    , cookieHash :: Digest SHA512
+    , otherCookie :: Cookie
+    }
+data CryptoPacket (f :: * -> *) = CryptoPacket
+    { pktNonce :: Word16
+    , pktData :: f CryptoData
+    }
+data CryptoData = CryptoData
+    { -- | [our recvbuffers buffer_start, (highest packet number handled + 1), (big endian)]
+      bufferStart :: Word32
+      -- | [  uint32_t packet number if lossless
+      --   , sendbuffer buffer_end  if lossy   , (big endian)]
+    , bufferEnd :: Word32
+      -- | [data]
+    , bufferData :: CryptoMessage
+    }
+-- TODO: Flesh this out.
+data CryptoMessage      -- First byte indicates data
+    = Padding           -- ^ 0 padding (skipped until we hit a non zero (data id) byte)
+    | PacketRequest     -- ^ 1 packet request packet (lossy packet)
+    | KillPacket        -- ^ 2 connection kill packet (lossy packet)
+    | UnspecifiedPacket -- ^ 3+ unspecified
+    | MessengerLossless -- ^ 16+  reserved for Messenger usage (lossless packets)
+    | MessengerLossy    -- ^ 192+ reserved for Messenger usage (lossy packets)
+    | Messenger255      -- ^ 255 reserved for Messenger usage (lossless packet)
+-- --> CookieRequest WithoutCookie
+-- <-- CookieResponse CookieAddress
+-- --> Handshake CookieAddress
+-- <-- Handshake CookieAddress
+-- Handshake packet:
+--    [uint8_t 26] (0x1a)
+--    [Cookie]
+--    [nonce (24 bytes)]
+--    [Encrypted message containing:
+--        [24 bytes base nonce]
+--        [session public key of the peer (32 bytes)]
+--        [sha512 hash of the entire Cookie sitting outside the encrypted part]
+--        [Other Cookie (used by the other to respond to the handshake packet)]
+--    ]
+-- cookie response packet (161 bytes):
+--
+--     [uint8_t 25]
+--     [Random nonce (24 bytes)]
+--     [Encrypted message containing:
+--         [Cookie]
+--         [uint64_t echo id (that was sent in the request)]
+--     ]
+--
+--     Encrypted message is encrypted with the exact same symmetric key as the
+--     cookie request packet it responds to but with a different nonce.
+--     (Encrypted message is encrypted with reqesters's DHT private key,
+--     responders's DHT public key and the nonce.)
+--
+--     Since we don't receive the public key, we will need to lookup the key by
+--     the SockAddr... I don't understand why the CookieResponse message is
+--     special this way.  TODO: implement a multimap (SockAddr -> SharedSecret)
+--     and wrap cookie queries with store/delete.  TODO: Should the entire
+--     SharedScret cache be keyed on only SockAddr ?  Perhaps the secret cache
+--     should be (NodeId -> Secret) and the cookie-request map should be
+--     (SockAddr -> NodeId)
+-- Encrypted packets:
+--
+--  Length    Contents
+-- :---------:--------------------------------------------------------------
+--  `1`       `uint8_t` (0x1b)
+--  `2`       `uint16_t` The last 2 bytes of the nonce used to encrypt this
+--  variable   Payload
+--
+-- The payload is encrypted with the session key and 'base nonce' set by the
+-- receiver in their handshake + packet number (starting at 0, big endian math).

diff --git a/src/Network/Tox/Crypto/Transport.hs b/src/Network/Tox/Crypto/Transport.hs new file mode 100644 index 00000000..09f7fda8 --- /dev/null +++ b/src/Network/Tox/Crypto/Transport.hs
@@ -0,0 +1,121 @@
	1	{-# LANGUAGE KindSignatures #-}
	2	module Network.Tox.Crypto.Transport
	3	( parseNetCrypto
	4	, encodeNetCrypto
	5	-- CryptoTransport
	6	, NetCrypto(..)
	7	, CryptoData(..)
	8	, CryptoMessage(..)
	9	, CryptoPacket(..)
	10	, HandshakeData(..)
	11	, Handshake(..)
	12	) where
	13
	14	import Crypto.Tox
	15	import Network.Tox.DHT.Transport (Cookie)
	16
	17	import Network.Socket
	18	import Data.ByteString
	19	import Data.Word
	20	import Crypto.Hash
	21
	22	data NetCrypto
	23	= NetHandshake (Handshake Encrypted)
	24	\| NetCrypto (CryptoPacket Encrypted)
	25
	26	parseNetCrypto :: ByteString -> SockAddr -> Either String (NetCrypto, SockAddr)
	27	parseNetCrypto _ _ = Left "TODO: parseNetCrypto"
	28
	29	encodeNetCrypto :: NetCrypto -> SockAddr -> (ByteString, SockAddr)
	30	encodeNetCrypto _ _ = _todo
	31
	32	data Handshake (f :: * -> *) = Handshake
	33	{ handshakeCookie :: Cookie
	34	, handshakeNonce :: Nonce24
	35	, hadshakeData :: f HandshakeData
	36	}
	37
	38	data HandshakeData = HandshakeData
	39	{ baseNonce :: Nonce24
	40	, sessionKey :: PublicKey
	41	, cookieHash :: Digest SHA512
	42	, otherCookie :: Cookie
	43	}
	44
	45	data CryptoPacket (f :: * -> *) = CryptoPacket
	46	{ pktNonce :: Word16
	47	, pktData :: f CryptoData
	48	}
	49
	50	data CryptoData = CryptoData
	51	{ -- \| [our recvbuffers buffer_start, (highest packet number handled + 1), (big endian)]
	52	bufferStart :: Word32
	53	-- \| [ uint32_t packet number if lossless
	54	-- , sendbuffer buffer_end if lossy , (big endian)]
	55	, bufferEnd :: Word32
	56	-- \| [data]
	57	, bufferData :: CryptoMessage
	58	}
	59
	60	-- TODO: Flesh this out.
	61	data CryptoMessage -- First byte indicates data
	62	= Padding -- ^ 0 padding (skipped until we hit a non zero (data id) byte)
	63	\| PacketRequest -- ^ 1 packet request packet (lossy packet)
	64	\| KillPacket -- ^ 2 connection kill packet (lossy packet)
	65	\| UnspecifiedPacket -- ^ 3+ unspecified
	66	\| MessengerLossless -- ^ 16+ reserved for Messenger usage (lossless packets)
	67	\| MessengerLossy -- ^ 192+ reserved for Messenger usage (lossy packets)
	68	\| Messenger255 -- ^ 255 reserved for Messenger usage (lossless packet)
	69
	70
	71
	72	-- --> CookieRequest WithoutCookie
	73	-- <-- CookieResponse CookieAddress
	74	-- --> Handshake CookieAddress
	75	-- <-- Handshake CookieAddress
	76
	77	-- Handshake packet:
	78	-- [uint8_t 26] (0x1a)
	79	-- [Cookie]
	80	-- [nonce (24 bytes)]
	81	-- [Encrypted message containing:
	82	-- [24 bytes base nonce]
	83	-- [session public key of the peer (32 bytes)]
	84	-- [sha512 hash of the entire Cookie sitting outside the encrypted part]
	85	-- [Other Cookie (used by the other to respond to the handshake packet)]
	86	-- ]
	87
	88	-- cookie response packet (161 bytes):
	89	--
	90	-- [uint8_t 25]
	91	-- [Random nonce (24 bytes)]
	92	-- [Encrypted message containing:
	93	-- [Cookie]
	94	-- [uint64_t echo id (that was sent in the request)]
	95	-- ]
	96	--
	97	-- Encrypted message is encrypted with the exact same symmetric key as the
	98	-- cookie request packet it responds to but with a different nonce.
	99	-- (Encrypted message is encrypted with reqesters's DHT private key,
	100	-- responders's DHT public key and the nonce.)
	101	--
	102	-- Since we don't receive the public key, we will need to lookup the key by
	103	-- the SockAddr... I don't understand why the CookieResponse message is
	104	-- special this way. TODO: implement a multimap (SockAddr -> SharedSecret)
	105	-- and wrap cookie queries with store/delete. TODO: Should the entire
	106	-- SharedScret cache be keyed on only SockAddr ? Perhaps the secret cache
	107	-- should be (NodeId -> Secret) and the cookie-request map should be
	108	-- (SockAddr -> NodeId)
	109
	110	-- Encrypted packets:
	111	--
	112	-- Length Contents
	113	-- :---------:--------------------------------------------------------------
	114	-- `1` `uint8_t` (0x1b)
	115	-- `2` `uint16_t` The last 2 bytes of the nonce used to encrypt this
	116	-- variable Payload
	117	--
	118	-- The payload is encrypted with the session key and 'base nonce' set by the
	119	-- receiver in their handshake + packet number (starting at 0, big endian math).
	120
	121