340
edits
Line 114: | Line 114: | ||
== Misc Commands == | == Misc Commands == | ||
=== ENCRYPT : Encrypt Command === | |||
This is a major modification of the UDP API encryption scheme which will break compatibility with | |||
older clients. However, the current system has some weaknesses and only few clients support encryption so far. | |||
So this seems acceptable. | |||
* AES 128bit, '''CBC mode''', PKCS5 padding | |||
** 128bit MD5 sum (raw, don't convert to hex) of api encryption key (api pass) is used as 128bit key. | |||
** 128bit MD5 sum (raw, don't convert to hex) of {str salt} in the reply of the ENCRYPT command is used as 128bit IV. | |||
* a specific binary preamble is added to all encrypted packets (sent by the client or by the server). | |||
** i.e. all encrypted packets start with the three bytes \0\1\0 (hex: 00 01 00). | |||
* if encryption is enabled, check every incoming packet for preamble. | |||
** if preamble is present: decrypt and process packet. Reply is also encrypted. | |||
*** do not automatically disable encryption if the server fails to decrypt a packet, instead discard the packet. Send an unencrypted error reply "XXX DECRYPTION FAILED - PACKET IGNORED". | |||
** otherwise: | |||
*** if it is an ENCRYPT packet, disable encryption, discard the old key and iv and then process the ENCRYPT packet (thus reenabling encryption with a new key and iv) | |||
*** for any other type of unencrypted packet, discard the packet. Send an unencrypted error reply "XXX ENCRYPTION ENABLED - UNENCRYPTED PACKET IGNORED" | |||
* ENCRYPT command: | |||
** add type=0 to disable encryption (making it possible to disable encryption via "ENCRYPT type=0" once it was enabled) (such a command could be sent either encrypted or unencrypted). | |||
** type=0 does an implicit logout (prevents 3rd parties from disabling server encryption, i.e. to sniff plain text notification data). | |||
** type!=0 does an implicit logout if (and only if!) the user parameter differs from the currently logged in user for that connection. | |||
any more ideas? | |||
General goals of this change are: | |||
* use better supported and more secure CBC mode | |||
* make debugging of encryption problems easier for client developers (plain text error replies, allow disabling of encryption, resending ENCRYPT, preamble) | |||
* make it always clear whether a packet is encrypted or plain text (preamble) | |||
* allow clients to recover from encryption failures without having to wait for the connection to timeout (resending ENCRYPT) | |||
* prevent the server from unintentionally sending unencrypted data to a client, i.e. notifications. (no more dropping of encryption on decryption failure) | |||
=== PING : Ping Command === | === PING : Ping Command === |