2 // This file is part of the aMule Project.
4 // Copyright (c) 2003-2011 aMule Team ( admin@amule.org / http://www.amule.org )
5 // Copyright (c) 2002-2011 Merkur ( devs@emule-project.net / http://www.emule-project.net )
7 // Any parts of this program derived from the xMule, lMule or eMule project,
8 // or contributed by third-party developers are copyrighted by their
11 // This program is free software; you can redistribute it and/or modify
12 // it under the terms of the GNU General Public License as published by
13 // the Free Software Foundation; either version 2 of the License, or
14 // (at your option) any later version.
16 // This program is distributed in the hope that it will be useful,
17 // but WITHOUT ANY WARRANTY; without even the implied warranty of
18 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 // GNU General Public License for more details.
21 // You should have received a copy of the GNU General Public License
22 // along with this program; if not, write to the Free Software
23 // Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
26 /* This class supports obfuscation and encryption for a *Mule tcp connection.
27 Right now only basic obfusication is supported, but this can be expanded, as their is a
28 dedicated handshake to negotiate the encryption method used.
30 Please note, even if obfuscation uses encryption methods, it does not fulfill cryptographic standards since it
31 doesn't use secret (and for rc4 important: unique) keys
34 #ifndef __ENCRYPTEDSTREAMSOCKET_H__
35 #define __ENCRYPTEDSTREAMSOCKET_H__
38 #include <wx/string.h>
40 // cryptoPP used for DH integer calculations
41 #include "CryptoPP_Inc.h" // Needed for Crypto functions
45 #include "RC4Encrypt.h"
47 #define ERR_WRONGHEADER 0x01
48 #define ERR_TOOBIG 0x02
49 #define ERR_ENCRYPTION 0x03
50 #define ERR_ENCRYPTION_NOTALLOWED 0x04
52 enum EStreamCryptState
{
53 ECS_NONE
= 0, // Disabled or not available
54 ECS_UNKNOWN
, // Incoming connection, will test the first incoming data for encrypted protocol
55 ECS_PENDING
, // Outgoing connection, will start sending encryption protocol
56 ECS_PENDING_SERVER
, // Outgoing serverconnection, will start sending encryption protocol
57 ECS_NEGOTIATING
, // Encryption supported, handshake still uncompleted
58 ECS_ENCRYPTING
// Encryption enabled
61 enum ENegotiatingState
{
64 ONS_BASIC_CLIENTA_RANDOMPART
,
65 ONS_BASIC_CLIENTA_MAGICVALUE
,
66 ONS_BASIC_CLIENTA_METHODTAGSPADLEN
,
67 ONS_BASIC_CLIENTA_PADDING
,
69 ONS_BASIC_CLIENTB_MAGICVALUE
,
70 ONS_BASIC_CLIENTB_METHODTAGSPADLEN
,
71 ONS_BASIC_CLIENTB_PADDING
,
73 ONS_BASIC_SERVER_DHANSWER
,
74 ONS_BASIC_SERVER_MAGICVALUE
,
75 ONS_BASIC_SERVER_METHODTAGSPADLEN
,
76 ONS_BASIC_SERVER_PADDING
,
77 ONS_BASIC_SERVER_DELAYEDSENDING
,
82 enum EEncryptionMethods
{
83 ENM_OBFUSCATION
= 0x00
87 class CEncryptedStreamSocket
: public CSocketClientProxy
90 CEncryptedStreamSocket(muleSocketFlags flags
= MULE_SOCKET_NONE
, const CProxyData
*proxyData
= NULL
);
91 virtual ~CEncryptedStreamSocket();
93 void SetConnectionEncryption(bool bEnabled
, const uint8_t *pTargetClientHash
, bool bServerConnection
);
95 //! Indicates how many bytes were received including obfuscation,
96 //! so that the parent knows if the receive limit was reached
97 uint32_t GetRealReceivedBytes() const { return m_nObfusicationBytesReceived
; }
99 bool IsObfusicating() const { return m_StreamCryptState
== ECS_ENCRYPTING
&& m_EncryptionMethod
== ENM_OBFUSCATION
; }
100 bool IsServerCryptEnabledConnection() const { return m_bServerCrypt
; }
102 uint8_t m_dbgbyEncryptionSupported
;
103 uint8_t m_dbgbyEncryptionRequested
;
104 uint8_t m_dbgbyEncryptionMethodSet
;
107 int Write(const void* lpBuf
, uint32_t nBufLen
);
108 int Read(void* lpBuf
, uint32_t nBufLen
);
110 virtual void OnError(int /*nErrorCode*/) {};
111 virtual void OnSend(int nErrorCode
);
113 void CryptPrepareSendData(uint8_t* pBuffer
, uint32_t nLen
);
114 bool IsEncryptionLayerReady();
115 uint8_t GetSemiRandomNotProtocolMarker() const;
117 uint32_t m_nObfusicationBytesReceived
;
118 EStreamCryptState m_StreamCryptState
;
119 EEncryptionMethods m_EncryptionMethod
;
124 int Negotiate(const uint8_t* pBuffer
, uint32_t nLen
);
125 void StartNegotiation(bool bOutgoing
);
126 int SendNegotiatingData(const void *lpBuf
, uint32_t nBufLen
, uint32_t nStartCryptFromByte
= 0, bool bDelaySend
= false);
128 ENegotiatingState m_NegotiatingState
;
129 CRC4EncryptableBuffer m_pfiReceiveBuffer
;
130 uint32_t m_nReceiveBytesWanted
;
131 CRC4EncryptableBuffer m_pfiSendBuffer
;
132 uint32_t m_nRandomKeyPart
;
133 CryptoPP::Integer m_cryptDHA
;
136 #endif // __ENCRYPTEDSTREAMSOCKET_H__