|
@@ -0,0 +1,52 @@
|
|
1
|
+Here is a very simple chat application in which parties have to take turns.
|
|
2
|
+
|
|
3
|
+The tool has three parts:
|
|
4
|
+ keygen, the key generation tool
|
|
5
|
+ server, the listener
|
|
6
|
+ client, the connector
|
|
7
|
+
|
|
8
|
+BUILDING
|
|
9
|
+
|
|
10
|
+All three components depend on libgmp and certain POSIX APIs.
|
|
11
|
+server can be built from server.c, aes.c, comm.c, and randsource.c.
|
|
12
|
+client can be built from client.c, aes.c, comm.c, and randsource.c.
|
|
13
|
+keygen requires pthreads, and can be built from keygen.c, sgprime.c, and randsource.c.
|
|
14
|
+
|
|
15
|
+RUNNING
|
|
16
|
+
|
|
17
|
+In the current implementation, randsource.c depends on the existence of
|
|
18
|
+/dev/urandom. If there is a different source of entropy on your system, use it
|
|
19
|
+instead by changing randsource.c.
|
|
20
|
+
|
|
21
|
+keygen <bits> <output file> [threads]
|
|
22
|
+will create a <bits>-bit key and store it in <output file>. If [threads] is
|
|
23
|
+specified, that many threads will be used for the computation; otherwise just
|
|
24
|
+one will be used.
|
|
25
|
+
|
|
26
|
+client <connect address> <port>
|
|
27
|
+will connect to a given address on a given port and begin encrypted
|
|
28
|
+communication.
|
|
29
|
+
|
|
30
|
+server <key file> <bind address> <port>
|
|
31
|
+will bind a listener on the given address and port, and use the given key file
|
|
32
|
+to exchange keys upon a client connecting.
|
|
33
|
+
|
|
34
|
+CAVEATS
|
|
35
|
+
|
|
36
|
+Communication is entirely turn-based. This is to simplify the code and prevent
|
|
37
|
+inconvenience on a dumb terminal.
|
|
38
|
+
|
|
39
|
+There are probably a handful of memory errors; for example, providing a key
|
|
40
|
+shorter than an AES block size uses uninitialized memory.
|
|
41
|
+
|
|
42
|
+The AES implementation is not rigorously tested, and thus may not be
|
|
43
|
+completely conformant. Also, no inverse was ever implemented, so it uses a
|
|
44
|
+strange encryption mode.
|
|
45
|
+
|
|
46
|
+In addition to network sockets, UNIX file sockets are also supported. Instead
|
|
47
|
+of a network address, use a string of the form unix:/path/to/socket to use a
|
|
48
|
+UNIX file socket.
|
|
49
|
+
|
|
50
|
+Due to the poor specification of certain parts of POSIX involving sockets,
|
|
51
|
+it's possible that this program won't work outside of Linux.
|
|
52
|
+
|