[Verse-dev] Crypto questions

Eskil Steenberg eskil at obsession.se
Fri Feb 18 21:17:20 CET 2005 

Hi

> I really need a description of the way you've designed the connection
> phase of Verse, command-by-command.

Ok to start with  the connect code is kind of different and all connect
commands are send and unpacked in their own functions that are different
from the normal path. This is because of security so that someone not
fully connect shouldent be able to make any calls.

the function:

void v_update_connection_pending(void)

updates the current state of a pending connection and sends out new
packets. (During connection, pakets are sent multiple times since no
nak/ack system has been establiched yet)

the function:

void v_unpack_connection(const char *buf, unsigned int buffer_length)

unpacks a incomming packet for connection. All packets here are not
encrypted using the data encryption.

So lets look at the different stages. a connection goes threw a number of
modes before it is compleated, to find out how far the connetion is look
ate the enum:

typedef enum{
	V_CS_IDLE = 0, /* Host connection waiting for connection */
	V_CS_CONTACT = 1, /* client tryes to contact host */
	V_CS_CONTACTED = 2, /* Host replyes with challange */
	V_CS_PENDING_ACCEPT = 3, /* Client sends login */
	V_CS_PENDING_HOST_CALLBACK = 4, /* Host got login waits for accept
connect callback */
	V_CS_PENDING_CLIENT_CALLBACK_ACCEPT = 5, /* Host got login waits for
accept connect callback */
	V_CS_PENDING_CLIENT_CALLBACK_TERMINATE = 6, /* Host got login waits for
connect terminate callback */
	V_CS_PENDING_DECISION = 7, /* Host got has executed Callback waits for
accept command */
	V_CS_CONNECTED = 8 /* Connection establiched */
}VConnectStage;

and the function:

extern VConnectStage	v_con_get_connect_stage(void);

to get the stage of the currentbconnection. its a good thing to print out
if you want to know whats going on.

stage one:

Client sends a command initiating connection. This command includes the
clients public key and can fbe found in v_send_hidden_connect_contact().

Stage two:

Host reseves the clients public keys and creates a connection and sets it
to "V_CS_CONTACTED". the host replyes with a packet containing the version
of the protocol, the current server time and the servers host_id public
key.

Stage three:

the client now gets the host_id form the server and can compare it to one
provided by the user. If the test passes the client can send name/pass
encrypted using host public host_id key.

Stage four

Once the host get this reply it has to run the callback and wait for the
host application to either accept or deny the connection request. Once it
has been accepted. It sends back the final packet including the transfer
data encryption key, encrypted by the clients public key.

Thats it. once this has been done the connection is up and running.

This is how it stands right now, there is some minor things i would like
to add in the future but its good for now.

E

More information about the Verse-dev mailing list