|
|
@ -0,0 +1,52 @@ |
|
|
|
Here is a very simple chat application in which parties have to take turns. |
|
|
|
|
|
|
|
The tool has three parts: |
|
|
|
keygen, the key generation tool |
|
|
|
server, the listener |
|
|
|
client, the connector |
|
|
|
|
|
|
|
BUILDING |
|
|
|
|
|
|
|
All three components depend on libgmp and certain POSIX APIs. |
|
|
|
server can be built from server.c, aes.c, comm.c, and randsource.c. |
|
|
|
client can be built from client.c, aes.c, comm.c, and randsource.c. |
|
|
|
keygen requires pthreads, and can be built from keygen.c, sgprime.c, and randsource.c. |
|
|
|
|
|
|
|
RUNNING |
|
|
|
|
|
|
|
In the current implementation, randsource.c depends on the existence of |
|
|
|
/dev/urandom. If there is a different source of entropy on your system, use it |
|
|
|
instead by changing randsource.c. |
|
|
|
|
|
|
|
keygen <bits> <output file> [threads] |
|
|
|
will create a <bits>-bit key and store it in <output file>. If [threads] is |
|
|
|
specified, that many threads will be used for the computation; otherwise just |
|
|
|
one will be used. |
|
|
|
|
|
|
|
client <connect address> <port> |
|
|
|
will connect to a given address on a given port and begin encrypted |
|
|
|
communication. |
|
|
|
|
|
|
|
server <key file> <bind address> <port> |
|
|
|
will bind a listener on the given address and port, and use the given key file |
|
|
|
to exchange keys upon a client connecting. |
|
|
|
|
|
|
|
CAVEATS |
|
|
|
|
|
|
|
Communication is entirely turn-based. This is to simplify the code and prevent |
|
|
|
inconvenience on a dumb terminal. |
|
|
|
|
|
|
|
There are probably a handful of memory errors; for example, providing a key |
|
|
|
shorter than an AES block size uses uninitialized memory. |
|
|
|
|
|
|
|
The AES implementation is not rigorously tested, and thus may not be |
|
|
|
completely conformant. Also, no inverse was ever implemented, so it uses a |
|
|
|
strange encryption mode. |
|
|
|
|
|
|
|
In addition to network sockets, UNIX file sockets are also supported. Instead |
|
|
|
of a network address, use a string of the form unix:/path/to/socket to use a |
|
|
|
UNIX file socket. |
|
|
|
|
|
|
|
Due to the poor specification of certain parts of POSIX involving sockets, |
|
|
|
it's possible that this program won't work outside of Linux. |
|
|
|
|