Initial commit

Signed-off-by: Ian Moffett <ian@osmora.org>

4 files changed, 291 insertions, 0 deletions

diff --git a/lib/crypto/ecdh.c b/lib/crypto/ecdh.c
new file mode 100644
index 0000000..9062d6b
--- /dev/null
+++ b/lib/crypto/ecdh.c
@@ -0,0 +1,134 @@
+/*
+ * Copyright (c) 2023-2024 Ian Marco Moffett and the Osmora Team.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Hyra nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <openssl/evp.h>
+#include <openssl/ec.h>
+#include <openssl/pem.h>
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <crypto/ecdh.h>
+#include <stdio.h>
+
+static inline int
+x25519_check_clamp(unsigned char *key)
+{
+    key[0] &= 248;
+    key[31] &= 127;
+    key[31] |= 64;
+    return 0;
+}
+
+int
+gen_x25519_keypair(struct x25519_keypair *res)
+{
+    EVP_PKEY_CTX *ctx;
+    EVP_PKEY *keypair_raw = NULL;
+    struct x25519_keypair keypair;
+    int retor;
+
+    if (res == NULL) {
+        return -1;
+    }
+
+    ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL);
+    if (ctx == NULL) {
+        printf("ecdh: Failed to create X25519 keygen context\n");
+        return -1;
+    }
+
+    if (EVP_PKEY_keygen_init(ctx) <= 0) {
+        printf("ecdh: Failed to init X25519 keygen context\n");
+        EVP_PKEY_CTX_free(ctx);
+        return -1;
+    }
+
+    /* Create X25519 key pair */
+    if (EVP_PKEY_keygen(ctx, &keypair_raw) <= 0) {
+        printf("ecdh: Failed to generate X25519 keypair\n");
+        EVP_PKEY_CTX_free(ctx);
+        return -1;
+    }
+
+    /* Allocate a buffer for the public key */
+    EVP_PKEY_get_raw_public_key(keypair_raw, NULL, &keypair.pubkey_len);
+    keypair.pubkey = malloc(keypair.pubkey_len);
+
+    if (keypair.pubkey == NULL) {
+        printf(" ecdh: Failed to allocate memory for public key\n");
+        EVP_PKEY_free(keypair_raw);
+        EVP_PKEY_CTX_free(ctx);
+        return -1;
+    }
+
+    /* Allocate a buffer for the private key */
+    EVP_PKEY_get_raw_private_key(keypair_raw, NULL, &keypair.privkey_len);
+    keypair.privkey = malloc(keypair.privkey_len);
+
+    if (keypair.privkey == NULL) {
+        printf("ecdh: Failed allocating memory for private key\n");
+        EVP_PKEY_free(keypair_raw);
+        EVP_PKEY_CTX_free(ctx);
+        return -1;
+    }
+
+    retor = EVP_PKEY_get_raw_private_key(keypair_raw, keypair.privkey,
+        &keypair.privkey_len);
+
+    if (retor <= 0) {
+        printf("Failed to extract private key\n");
+        EVP_PKEY_free(keypair_raw);
+        EVP_PKEY_CTX_free(ctx);
+    }
+
+    retor = EVP_PKEY_get_raw_public_key(keypair_raw, keypair.pubkey,
+        &keypair.pubkey_len);
+
+    if (retor <= 0) {
+        printf("Failed to extract public key\n");
+        EVP_PKEY_free(keypair_raw);
+        EVP_PKEY_CTX_free(ctx);
+    }
+
+    EVP_PKEY_free(keypair_raw);
+    EVP_PKEY_CTX_free(ctx);
+    *res = keypair;
+    return 0;
+}
+
+int
+free_x25519_keypair(struct x25519_keypair *xkp)
+{
+    if (xkp == NULL) {
+        return -1;
+    }
+
+    free(xkp->pubkey);
+    free(xkp->privkey);
+    return 0;
+}
diff --git a/lib/include/crypto/ecdh.h b/lib/include/crypto/ecdh.h
new file mode 100644
index 0000000..6c87bbe
--- /dev/null
+++ b/lib/include/crypto/ecdh.h
@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2023-2024 Ian Marco Moffett and the Osmora Team.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Hyra nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef CRYPTO_ECDH_H_
+#define CRYPTO_ECDH_H_
+
+#include <stddef.h>
+
+struct x25519_keypair {
+    unsigned char *pubkey;
+    unsigned char *privkey;
+    size_t pubkey_len;
+    size_t privkey_len;
+};
+
+int gen_x25519_keypair(struct x25519_keypair *res);
+int free_x25519_keypair(struct x25519_keypair *xkp);
+
+#endif  /* CRYPTO_ECDH_H_ */
diff --git a/lib/include/defs.h b/lib/include/defs.h
new file mode 100644
index 0000000..4fce06d
--- /dev/null
+++ b/lib/include/defs.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2023-2024 Ian Marco Moffett and the Osmora Team.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Hyra nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef DEFS_H_
+#define DEFS_H_
+
+#define ATTR(X)     __attribute__((X))
+#define PACKED      ATTR(packed)
+#define NORETURN    ATTR(noreturn)
+
+#endif
diff --git a/lib/include/net/stpsession.h b/lib/include/net/stpsession.h
new file mode 100644
index 0000000..6564cc4
--- /dev/null
+++ b/lib/include/net/stpsession.h
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2023-2024 Ian Marco Moffett and the Osmora Team.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of Hyra nor the names of its
+ *    contributors may be used to endorse or promote products derived from
+ *    this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NSTP LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NSTP LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR STPHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef STP_SESSION_H_
+#define STP_SESSION_H_
+
+#include <stdint.h>
+#include <defs.h>
+
+/*
+ * The Session Request is sent from the client to the
+ * server and contains a HOP (hash, options, pubkey)
+ * payload along with some optional padding. If the 'U'
+ * bit of options (see Options/flag bits below) is to
+ * be set, then everything but the 'hash' field must
+ * be encrypted with the server's AES-128-CBC key and
+ * the 'hash' field should contain a SHA256 hash of the
+ * username as well as an FNV-1a hash (used for internal
+ * lookups in the server) after it. However, if the 'U'
+ * bit is to be left unset, the session request packet
+ * can be left unencrypted and 'hash' may be zeroed.
+ *
+ * @hash: SHA256 username hash + FNV-1a username hash.
+ * @options: Flags/options
+ * @pubkey: Ephemeral public key.
+ * @pad: Random padding used to obsecure message length
+ *       (can be 8 to 32 bytes, optional)
+ *
+ * -- Option/flag bits --
+ *
+ *                         Bit number
+ *                        /
+ *           0 1 2 3 4 5 6
+ *           ~ ~ ~ ~ ~ ~ ~
+ *           U R R R R R R
+ *                        \
+ *                         Purpose
+ *
+ * U: User auth.
+ * R: Reserved, keep zero.
+ */
+struct session_request {
+    char hash[64];
+    uint8_t options;
+    char pubkey[32];
+    char pad[8];
+} PACKED;
+
+#endif  /* STP_SESSION_H_ */