Commit 1cf12ee6 authored by Pieter Hintjens's avatar Pieter Hintjens

Merge pull request #1018 from soundart/master

curve: initialize crypto libs before usage
parents ba22eff6 b846f307
...@@ -29,6 +29,8 @@ if(WITH_TWEETNACL) ...@@ -29,6 +29,8 @@ if(WITH_TWEETNACL)
else() else()
list(APPEND TWEETNACL_SOURCES tweetnacl/contrib/randombytes/devurandom.c) list(APPEND TWEETNACL_SOURCES tweetnacl/contrib/randombytes/devurandom.c)
endif() endif()
else()
find_library(SODIUM_FOUND sodium)
endif() endif()
...@@ -610,7 +612,7 @@ else() ...@@ -610,7 +612,7 @@ else()
endif() endif()
endif() endif()
target_link_libraries(libzmq ${CMAKE_THREAD_LIBS_INIT}) target_link_libraries(libzmq ${SODIUM_LIBRARY} ${CMAKE_THREAD_LIBS_INIT})
if(HAVE_WS2_32) if(HAVE_WS2_32)
target_link_libraries(libzmq ws2_32) target_link_libraries(libzmq ws2_32)
elseif(HAVE_WS2) elseif(HAVE_WS2)
......
...@@ -33,11 +33,21 @@ ...@@ -33,11 +33,21 @@
zmq::curve_client_t::curve_client_t (const options_t &options_) : zmq::curve_client_t::curve_client_t (const options_t &options_) :
mechanism_t (options_), mechanism_t (options_),
state (send_hello) state (send_hello),
sync()
{ {
memcpy (public_key, options_.curve_public_key, crypto_box_PUBLICKEYBYTES); memcpy (public_key, options_.curve_public_key, crypto_box_PUBLICKEYBYTES);
memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES); memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
memcpy (server_key, options_.curve_server_key, crypto_box_PUBLICKEYBYTES); memcpy (server_key, options_.curve_server_key, crypto_box_PUBLICKEYBYTES);
scoped_lock_t lock (sync);
#if defined(HAVE_TWEETNACL)
// allow opening of /dev/urandom
unsigned char tmpbytes[4];
randombytes(tmpbytes, 4);
#else
// todo check return code
sodium_init();
#endif
// Generate short-term key pair // Generate short-term key pair
const int rc = crypto_box_keypair (cn_public, cn_secret); const int rc = crypto_box_keypair (cn_public, cn_secret);
...@@ -318,7 +328,7 @@ int zmq::curve_client_t::produce_initiate (msg_t *msg_) ...@@ -318,7 +328,7 @@ int zmq::curve_client_t::produce_initiate (msg_t *msg_)
// Create Box [C + vouch + metadata](C'->S') // Create Box [C + vouch + metadata](C'->S')
memset (initiate_plaintext, 0, crypto_box_ZEROBYTES); memset (initiate_plaintext, 0, crypto_box_ZEROBYTES);
memcpy (initiate_plaintext + crypto_box_ZEROBYTES, memcpy (initiate_plaintext + crypto_box_ZEROBYTES,
public_key, 32); public_key, 32);
memcpy (initiate_plaintext + crypto_box_ZEROBYTES + 32, memcpy (initiate_plaintext + crypto_box_ZEROBYTES + 32,
vouch_nonce + 8, 16); vouch_nonce + 8, 16);
......
...@@ -21,6 +21,7 @@ ...@@ -21,6 +21,7 @@
#define __ZMQ_CURVE_CLIENT_HPP_INCLUDED__ #define __ZMQ_CURVE_CLIENT_HPP_INCLUDED__
#include "platform.hpp" #include "platform.hpp"
#include "mutex.hpp"
#ifdef HAVE_LIBSODIUM #ifdef HAVE_LIBSODIUM
#ifdef HAVE_TWEETNACL #ifdef HAVE_TWEETNACL
...@@ -105,6 +106,7 @@ namespace zmq ...@@ -105,6 +106,7 @@ namespace zmq
int process_welcome (msg_t *msg_); int process_welcome (msg_t *msg_);
int produce_initiate (msg_t *msg_); int produce_initiate (msg_t *msg_);
int process_ready (msg_t *msg_); int process_ready (msg_t *msg_);
mutex_t sync;
}; };
} }
......
...@@ -39,10 +39,20 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_, ...@@ -39,10 +39,20 @@ zmq::curve_server_t::curve_server_t (session_base_t *session_,
peer_address (peer_address_), peer_address (peer_address_),
state (expect_hello), state (expect_hello),
expecting_zap_reply (false), expecting_zap_reply (false),
cn_nonce (1) cn_nonce (1),
sync()
{ {
// Fetch our secret key from socket options // Fetch our secret key from socket options
memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES); memcpy (secret_key, options_.curve_secret_key, crypto_box_SECRETKEYBYTES);
scoped_lock_t lock (sync);
#if defined(HAVE_TWEETNACL)
// allow opening of /dev/urandom
unsigned char tmpbytes[4];
randombytes(tmpbytes, 4);
#else
// todo check return code
sodium_init();
#endif
// Generate short-term key pair // Generate short-term key pair
const int rc = crypto_box_keypair (cn_public, cn_secret); const int rc = crypto_box_keypair (cn_public, cn_secret);
......
...@@ -115,6 +115,7 @@ namespace zmq ...@@ -115,6 +115,7 @@ namespace zmq
void send_zap_request (const uint8_t *key); void send_zap_request (const uint8_t *key);
int receive_and_process_zap_reply (); int receive_and_process_zap_reply ();
mutex_t sync;
}; };
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment