refactoring PICrypt, add PIStreamPackerConfig, delete piclientserver_config

libs/client_server/piclientserver_client.cpp

@@ -48,7 +48,6 @@ PIClientServer::Client::~Client() {
 void PIClientServer::Client::connect(PINetworkAddress addr) {
 	if (!tcp || !own_tcp) return;
 	close();
-	config.apply(this);
 	tcp->connect(addr, true);
 	tcp->startThreadedRead();
 }

libs/client_server/piclientserver_config.cpp

@@ -1,50 +0,0 @@
-/*
-    PIP - Platform Independent Primitives
-	Ivan Pelipenko peri4ko@yandex.ru
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Lesser General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Lesser General Public License for more details.
-
-    You should have received a copy of the GNU Lesser General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "piclientserver_config.h"
-
-#include "piclientserver_client_base.h"
-
-
-void PIClientServer::Config::setPacketSign(ushort sign) {
-	packet_sign = sign;
-}
-
-
-void PIClientServer::Config::setPacketSize(int bytes) {
-	packet_size = bytes;
-}
-
-
-void PIClientServer::Config::enableSymmetricEncryption(const PIByteArray & key) {
-	crypt_key = key;
-}
-
-
-void PIClientServer::Config::apply(ClientBase * client) {
-	auto & s(client->stream);
-
-	s.setPacketSign(packet_sign);
-	s.setMaxPacketSize(packet_size);
-
-	if (crypt_key.isNotEmpty()) {
-		s.setCryptEnabled(true);
-		s.setCryptKey(crypt_key);
-	} else
-		s.setCryptEnabled(false);
-}

libs/client_server/piclientserver_server.cpp

@@ -20,7 +20,6 @@
 
 #include "piclientserver_client.h"
 #include "piethernet.h"
-#include "piliterals_time.h"
 
 
 PIClientServer::Server::Server() {
@@ -132,7 +131,7 @@ void PIClientServer::Server::stopServer() {
 
 void PIClientServer::Server::newClient(ServerClient * c) {
 	clients << c;
-	config.apply(c);
+	c->setConfiguration(configuration());
 	c->tcp->startThreadedRead();
 	c->connected();
 }

libs/crypt/picrypt.cpp

@@ -18,30 +18,28 @@
 */
 
 #include "picrypt.h"
-#ifdef PIP_CRYPT
-#  include <sodium.h>
-#endif
 
-#define PICRYPT_DISABLED_WARNING \
+#include <sodium.h>
-	piCout << "[PICrypt]"        \
-		   << "Warning: PICrypt is disabled, to enable install sodium library and rebuild pip";
-
-const char hash_def_key[]   = "_picrypt_\0\0\0\0\0\0\0";
-const int hash_def_key_size = 9;
 
+namespace {
+constexpr char hash_def_key[]   = "_picrypt_\0\0\0\0\0\0\0";
+constexpr int hash_def_key_size = 9;
+} // namespace
 
 PICrypt::PICrypt() {
-#ifdef PIP_CRYPT
+	if (!init()) {
-	if (!init())
 		piCout << "[PICrypt]"
 			   << "Error while initialize sodium!";
+	}
 	nonce_.resize(crypto_secretbox_NONCEBYTES);
 	key_.resize(crypto_secretbox_KEYBYTES);
 	randombytes_buf(key_.data(), key_.size());
 	randombytes_buf(nonce_.data(), nonce_.size());
-#else
+}
-	PICRYPT_DISABLED_WARNING
+
-#endif
+PICrypt::~PICrypt() {
+	key_.fill(0);
+	nonce_.fill(0);
 }
 
 
@@ -52,156 +50,144 @@ bool PICrypt::setKey(const PIByteArray & _key) {
 }
 
 
-PIByteArray PICrypt::setKey(const PIString & secret) {
+bool PICrypt::setKey(const PIString & secret) {
 	PIByteArray hash;
-#ifdef PIP_CRYPT
 	hash.resize(crypto_generichash_BYTES);
 	PIByteArray s(secret.data(), secret.size());
 	crypto_generichash(hash.data(), hash.size(), s.data(), s.size(), (const uchar *)hash_def_key, hash_def_key_size);
 	hash.resize(key_.size());
-	setKey(hash);
+	key_ = std::move(hash);
-#endif
+	secret.deleteData();
-	return hash;
+	return true;
 }
 
 
 PIByteArray PICrypt::crypt(const PIByteArray & data) {
 	PIByteArray ret;
-#ifdef PIP_CRYPT
 	ret.resize(data.size() + crypto_secretbox_MACBYTES);
 	randombytes_buf(nonce_.data(), nonce_.size());
-	crypto_secretbox_easy(ret.data(), data.data(), data.size(), nonce_.data(), key_.data());
+	if (crypto_secretbox_easy(ret.data(), data.data(), data.size(), nonce_.data(), key_.data()) != 0) {
+		ret.clear();
+	} else {
 		ret.append(nonce_);
-#endif
+	}
 	return ret;
 }
 
 
 PIByteArray PICrypt::crypt(const PIByteArray & data, PIByteArray key) {
-	PIByteArray ret;
+	if (!init()) {
-#ifdef PIP_CRYPT
+		key.fill(0);
+		return PIByteArray();
+	}
 	if (key.size() != crypto_secretbox_KEYBYTES) key.resize(crypto_secretbox_KEYBYTES, ' ');
-	// return PIByteArray();
-	if (!init()) return ret;
 	PIByteArray n;
-	ret.resize(data.size() + crypto_secretbox_MACBYTES);
 	n.resize(crypto_secretbox_NONCEBYTES);
+	PIByteArray ret;
+	ret.resize(data.size() + crypto_secretbox_MACBYTES);
 	randombytes_buf(n.data(), n.size());
-	crypto_secretbox_easy(ret.data(), data.data(), data.size(), n.data(), key.data());
+	if (crypto_secretbox_easy(ret.data(), data.data(), data.size(), n.data(), key.data()) != 0) {
+		ret.clear();
+	} else {
 		ret.append(n);
-#else
+	}
-	PICRYPT_DISABLED_WARNING
+	key.fill(0);
-#endif
 	return ret;
 }
 
 
 PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, bool * ok) {
-	PIByteArray ret;
-#ifdef PIP_CRYPT
 	if (crypt_data.size() < nonce_.size() + crypto_secretbox_MACBYTES) {
 		if (ok) *ok = false;
 		return PIByteArray();
 	}
-	ret.resize(crypt_data.size() - nonce_.size() - crypto_secretbox_MACBYTES);
+	const ullong data_size = crypt_data.size() - nonce_.size();
-	memcpy(nonce_.data(), crypt_data.data(crypt_data.size() - nonce_.size()), nonce_.size());
+	PIByteArray ret;
-	if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - nonce_.size(), nonce_.data(), key_.data()) != 0) {
+	ret.resize(data_size - crypto_secretbox_MACBYTES);
+	memcpy(nonce_.data(), crypt_data.data(data_size), nonce_.size());
+	if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), data_size, nonce_.data(), key_.data()) != 0) {
+		// Bad key
 		if (ok) *ok = false;
-		//			piCout << "[PICrypt]" << "bad key_";
+		ret.clear();
-		return PIByteArray();
+	} else if (ok) {
+		*ok = true;
 	}
-#endif
-	if (ok) *ok = true;
 	return ret;
 }
 
 
 PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, PIByteArray key, bool * ok) {
-	PIByteArray ret;
+	if (!init()) {
-#ifdef PIP_CRYPT
+		key.fill(0);
-	if (key.size() != crypto_secretbox_KEYBYTES) key.resize(crypto_secretbox_KEYBYTES, ' ');
-	/*if (ok) *ok = false;
-	return PIByteArray();
-}*/
-	if (crypt_data.size() < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES) {
-		if (ok) *ok = false;
 		return PIByteArray();
 	}
-	if (!init()) return ret;
+	if (crypt_data.size() < crypto_secretbox_NONCEBYTES + crypto_secretbox_MACBYTES) {
+		if (ok) *ok = false;
+		key.fill(0);
+		return PIByteArray();
+	}
+	if (key.size() != crypto_secretbox_KEYBYTES) key.resize(crypto_secretbox_KEYBYTES, ' ');
 	PIByteArray n;
 	n.resize(crypto_secretbox_NONCEBYTES);
-	ret.resize(crypt_data.size() - n.size() - crypto_secretbox_MACBYTES);
+	const ullong data_size = crypt_data.size() - n.size();
-	memcpy(n.data(), crypt_data.data(crypt_data.size() - n.size()), n.size());
+	PIByteArray ret;
-	if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - n.size(), n.data(), key.data()) != 0) {
+	ret.resize(data_size - crypto_secretbox_MACBYTES);
+	memcpy(n.data(), crypt_data.data(data_size), n.size());
+	if (crypto_secretbox_open_easy(ret.data(), crypt_data.data(), data_size, n.data(), key.data()) != 0) {
+		// Bad key
 		if (ok) *ok = false;
-		//			piCout << "[PICrypt]" << "bad key_";
+		ret.clear();
-		return PIByteArray();
+	} else if (ok) {
-	} else if (ok)
 		*ok = true;
-#else
+	}
-	PICRYPT_DISABLED_WARNING
+	key.fill(0);
-#endif
 	return ret;
 }
 
 
 PIByteArray PICrypt::hash(const PIString & secret) {
 	PIByteArray hash;
-#ifdef PIP_CRYPT
 	if (!init()) return hash;
 	hash.resize(crypto_generichash_BYTES);
 	PIByteArray s(secret.data(), secret.size());
 	crypto_generichash(hash.data(), hash.size(), s.data(), s.size(), (const uchar *)hash_def_key, hash_def_key_size);
-#else
+	secret.deleteData();
-	PICRYPT_DISABLED_WARNING
-#endif
 	return hash;
 }
 
 
 PIByteArray PICrypt::hash(const PIByteArray & data) {
 	PIByteArray hash;
-#ifdef PIP_CRYPT
 	if (!init()) return hash;
 	hash.resize(crypto_generichash_BYTES);
 	crypto_generichash(hash.data(), hash.size(), data.data(), data.size(), (const uchar *)hash_def_key, hash_def_key_size);
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 	return hash;
 }
 
 
 PIByteArray PICrypt::hash(const PIByteArray & data, const unsigned char * key, size_t keylen) {
 	PIByteArray hash;
-#ifdef PIP_CRYPT
 	if (!init()) return hash;
 	hash.resize(crypto_generichash_BYTES);
 	crypto_generichash(hash.data(), hash.size(), data.data(), data.size(), key, keylen);
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 	return hash;
 }
 
 
 size_t PICrypt::sizeHash() {
-#ifdef PIP_CRYPT
 	return crypto_generichash_BYTES;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
-	return 0;
 }
 
 
 ullong PICrypt::shorthash(const PIString & s, PIByteArray key) {
 	ullong hash = 0;
-#ifdef PIP_CRYPT
+	if (!init()) {
+		key.fill(0);
+		return hash;
+	}
 	if (crypto_shorthash_BYTES != sizeof(hash))
 		piCout << "[PICrypt]"
 			   << "internal error: bad hash size";
-	if (!init()) return hash;
 	if (key.size() != crypto_shorthash_KEYBYTES) {
 		piCout << "[PICrypt]"
 			   << "invalid key size" << key.size() << ", shoud be" << crypto_shorthash_KEYBYTES << ", filled zeros";
@@ -209,207 +195,154 @@ ullong PICrypt::shorthash(const PIString & s, PIByteArray key) {
 	}
 	PIByteArray in(s.data(), s.size());
 	crypto_shorthash((uchar *)&hash, in.data(), in.size(), key.data());
-#else
+	key.fill(0);
-	PICRYPT_DISABLED_WARNING
-#endif
 	return hash;
 }
 
 
 PIByteArray PICrypt::generateKey() {
-	PIByteArray hash;
+	return generateRandomBuff(sizeKey());
-#ifdef PIP_CRYPT
-	if (!init()) return hash;
-	hash.resize(crypto_secretbox_KEYBYTES);
-	randombytes_buf(hash.data(), hash.size());
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
-	return hash;
 }
 
 
 PIByteArray PICrypt::generateRandomBuff(int size) {
 	PIByteArray hash;
-#ifdef PIP_CRYPT
 	if (!init() || size <= 0) return hash;
 	hash.resize(size);
 	randombytes_buf(hash.data(), hash.size());
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 	return hash;
 }
 
 
 size_t PICrypt::sizeKey() {
-#ifdef PIP_CRYPT
 	return crypto_secretbox_KEYBYTES;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
-	return 0;
 }
 
 
 size_t PICrypt::sizeCrypt() {
-#ifdef PIP_CRYPT
 	return crypto_secretbox_MACBYTES + crypto_secretbox_NONCEBYTES;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
-	return 0;
 }
 
 
-void PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key) {
+bool PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key) {
-#ifdef PIP_CRYPT
+	if (!init()) return false;
-	if (!init()) return;
 	public_key.resize(crypto_sign_PUBLICKEYBYTES);
 	secret_key.resize(crypto_sign_SECRETKEYBYTES);
-	crypto_sign_keypair(public_key.data(), secret_key.data());
+	return crypto_sign_keypair(public_key.data(), secret_key.data()) == 0;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 }
 
 
-void PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
+bool PICrypt::generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
-#ifdef PIP_CRYPT
+	if (!init() || seed.isEmpty()) return false;
-	if (!init() || seed.isEmpty()) return;
 	public_key.resize(crypto_sign_PUBLICKEYBYTES);
 	secret_key.resize(crypto_sign_SECRETKEYBYTES);
-	crypto_sign_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data());
+	return crypto_sign_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data()) == 0;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 }
 
 
 PIByteArray PICrypt::extractSignPublicKey(const PIByteArray & secret_key) {
 	PIByteArray pk;
-#ifdef PIP_CRYPT
 	if (!init() || secret_key.size() != crypto_sign_SECRETKEYBYTES) return pk;
 	pk.resize(crypto_sign_PUBLICKEYBYTES);
-	crypto_sign_ed25519_sk_to_pk(pk.data(), secret_key.data());
+	if (crypto_sign_ed25519_sk_to_pk(pk.data(), secret_key.data()) != 0) {
-#else
+		pk.clear();
-	PICRYPT_DISABLED_WARNING
+	}
-#endif
 	return pk;
 }
 
 
-PIByteArray PICrypt::signMessage(const PIByteArray & data, PIByteArray secret_key) {
+PIByteArray PICrypt::signMessage(const PIByteArray & data, const PIByteArray & secret_key) {
 	PIByteArray sign;
-#ifdef PIP_CRYPT
 	if (!init()) return sign;
 	sign.resize(crypto_sign_BYTES);
-	crypto_sign_detached(sign.data(), 0, data.data(), data.size(), secret_key.data());
+	if (crypto_sign_detached(sign.data(), 0, data.data(), data.size(), secret_key.data()) != 0) {
-#else
+		sign.clear();
-	PICRYPT_DISABLED_WARNING
+	}
-#endif
 	return sign;
 }
 
 
-bool PICrypt::verifySign(const PIByteArray & data, const PIByteArray & signature, PIByteArray public_key) {
+bool PICrypt::verifySign(const PIByteArray & data, const PIByteArray & signature, const PIByteArray & public_key) {
-#ifdef PIP_CRYPT
 	if (!init()) return false;
 	return (crypto_sign_verify_detached(signature.data(), data.data(), data.size(), public_key.data()) == 0);
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 	return false;
 }
 
 
-void PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key) {
+bool PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key) {
-#ifdef PIP_CRYPT
+	if (!init()) return false;
-	if (!init()) return;
 	public_key.resize(crypto_box_PUBLICKEYBYTES);
 	secret_key.resize(crypto_box_SECRETKEYBYTES);
-	crypto_box_keypair(public_key.data(), secret_key.data());
+	return crypto_box_keypair(public_key.data(), secret_key.data()) == 0;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 }
 
 
-void PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
+bool PICrypt::generateKeypair(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed) {
-#ifdef PIP_CRYPT
+	if (!init()) return false;
-	if (!init()) return;
 	public_key.resize(crypto_box_PUBLICKEYBYTES);
 	secret_key.resize(crypto_box_SECRETKEYBYTES);
-	crypto_box_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data());
+	return crypto_box_seed_keypair(public_key.data(), secret_key.data(), hash(seed).data()) == 0;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 }
 
 
 PIByteArray PICrypt::crypt(const PIByteArray & data, const PIByteArray & public_key, const PIByteArray & secret_key) {
-	PIByteArray ret;
+	if (!init()) return PIByteArray();
-#ifdef PIP_CRYPT
+	if (public_key.size() != crypto_box_PUBLICKEYBYTES) return PIByteArray();
-	if (!init()) return ret;
+	if (secret_key.size() != crypto_box_SECRETKEYBYTES) return PIByteArray();
-	if (public_key.size() != crypto_box_PUBLICKEYBYTES) return ret;
-	if (secret_key.size() != crypto_box_SECRETKEYBYTES) return ret;
 	PIByteArray n;
-	ret.resize(data.size() + crypto_box_MACBYTES);
 	n.resize(crypto_box_NONCEBYTES);
+	PIByteArray ret;
+	ret.resize(data.size() + crypto_box_MACBYTES);
 	randombytes_buf(n.data(), n.size());
-	if (crypto_box_easy(ret.data(), data.data(), data.size(), n.data(), public_key.data(), secret_key.data()) != 0) return PIByteArray();
+	if (crypto_box_easy(ret.data(), data.data(), data.size(), n.data(), public_key.data(), secret_key.data()) != 0) {
+		return PIByteArray();
+	}
 	ret.append(n);
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
 	return ret;
 }
 
 
 PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, const PIByteArray & public_key, const PIByteArray & secret_key, bool * ok) {
-	PIByteArray ret;
+	if (!init()) {
-#ifdef PIP_CRYPT
+		if (ok) *ok = false;
-	if (!init()) return ret;
+		return PIByteArray();
+	}
 	if (public_key.size() != crypto_box_PUBLICKEYBYTES) {
 		if (ok) *ok = false;
-		return ret;
+		return PIByteArray();
 	}
 	if (secret_key.size() != crypto_box_SECRETKEYBYTES) {
 		if (ok) *ok = false;
-		return ret;
+		return PIByteArray();
 	}
 	if (crypt_data.size() < crypto_box_NONCEBYTES + crypto_box_MACBYTES) {
 		if (ok) *ok = false;
-		return ret;
+		return PIByteArray();
 	}
 	PIByteArray n;
 	n.resize(crypto_secretbox_NONCEBYTES);
-	ret.resize(crypt_data.size() - n.size() - crypto_secretbox_MACBYTES);
+	const ullong data_size = crypt_data.size() - n.size();
-	memcpy(n.data(), crypt_data.data(crypt_data.size() - n.size()), n.size());
+	PIByteArray ret;
-	if (crypto_box_open_easy(ret.data(), crypt_data.data(), crypt_data.size() - n.size(), n.data(), public_key.data(), secret_key.data()) !=
+	ret.resize(data_size - crypto_secretbox_MACBYTES);
-	    0) {
+	memcpy(n.data(), crypt_data.data(data_size), n.size());
+	if (crypto_box_open_easy(ret.data(), crypt_data.data(), data_size, n.data(), public_key.data(), secret_key.data()) != 0) {
+		// Bad key
 		if (ok) *ok = false;
-		//			piCout << "[PICrypt]" << "bad key_";
+		ret.clear();
-		return PIByteArray();
+	} else if (ok) {
-	} else if (ok)
 		*ok = true;
-#else
+	}
-	PICRYPT_DISABLED_WARNING
-#endif
 	return ret;
 }
 
 
 PIByteArray PICrypt::passwordHash(const PIString & password, const PIByteArray & seed) {
 #ifdef crypto_pwhash_ALG_ARGON2I13
-	//	char out[crypto_pwhash_STRBYTES];
 	PIByteArray pass = password.toUTF8();
 	PIByteArray n    = hash(seed);
 	PIByteArray ph;
 	ph.resize(crypto_box_SEEDBYTES);
 	n.resize(crypto_pwhash_SALTBYTES);
-	//	randombytes_buf(n.data(), n.size());
-	//	crypto_shorthash(n.data(), seed.data(), seed.size(), PIByteArray(crypto_shorthash_KEYBYTES).data());
 	int r = crypto_pwhash(ph.data(),
 	                      ph.size(),
 	                      (const char *)pass.data(),
@@ -418,31 +351,23 @@ PIByteArray PICrypt::passwordHash(const PIString & password, const PIByteArray &
 	                      crypto_pwhash_argon2i_opslimit_moderate(),
 	                      crypto_pwhash_argon2i_memlimit_moderate(),
 	                      crypto_pwhash_ALG_ARGON2I13);
-	// crypto_pwhash_str(out, (const char*)pass.data(), pass.size(), crypto_pwhash_argon2i_opslimit_moderate(),
-	// crypto_pwhash_argon2i_memlimit_moderate());
 	pass.fill(0);
+	password.deleteData();
 	if (r != 0) return PIByteArray();
 	return ph;
-//	PIByteArray ret;
-//	ret << ph << n << crypto_pwhash_argon2i_opslimit_moderate() << crypto_pwhash_argon2i_memlimit_moderate();
-//	return ret;
 #else
+	piCout << "[PICrypt] Error, ALG_ARGON2I13 not availible!";
 	return PIByteArray();
 #endif
 }
 
 
 PIString PICrypt::version() {
-#ifdef PIP_CRYPT
 	return SODIUM_VERSION_STRING;
-#else
-	return PIString();
-#endif
 }
 
 
 bool PICrypt::init() {
-#ifdef PIP_CRYPT
 	static bool inited = false;
 	if (inited) return true;
 	// piCout << "[PICrypt]" << "init ...";
@@ -450,8 +375,4 @@ bool PICrypt::init() {
 	if (!inited) inited = sodium_init();
 	// piCout << "[PICrypt]" << "init" << inited;
 	return inited;
-#else
-	PICRYPT_DISABLED_WARNING
-#endif
-	return false;
 }

libs/io_utils/piethutilbase.cpp

@@ -118,3 +118,11 @@ PIByteArray PIEthUtilBase::decryptData(const PIByteArray & data) {
 	return PIByteArray();
 #endif
 }
+
+size_t PIEthUtilBase::cryptSizeAddition() {
+#ifdef PIP_CRYPT
+	return PICrypt::sizeCrypt();
+#else
+	return 0;
+#endif
+}

libs/io_utils/pistreampacker.cpp

@@ -24,7 +24,6 @@
 #include "pistreampacker.h"
 
 #include "piiodevice.h"
-#include "piliterals_bytes.h"
 #ifdef __GNUC__
 #  pragma GCC diagnostic pop
 #endif
@@ -49,28 +48,10 @@
 
 
 PIStreamPacker::PIStreamPacker(PIIODevice * dev): PIObject() {
-	crypt_frag = crypt_size = false;
-	aggressive_optimization = true;
 	packet_size = -1;
-	size_crypted_size       = sizeof(int);
+	if (dev) assignDevice(dev);
-	crypt_frag_size         = 1_MiB;
-	max_packet_size         = 1400;
-	packet_sign             = 0xAFBE;
-	assignDevice(dev);
 }
 
-
-void PIStreamPacker::setCryptSizeEnabled(bool on) {
-	crypt_size = on;
-	if (crypt_size) {
-		PIByteArray ba;
-		ba << int(0);
-		size_crypted_size = cryptData(ba).size_s();
-	} else
-		size_crypted_size = sizeof(int);
-}
-
-
 void PIStreamPacker::clear() {
 	packet.clear();
 	packet_size = -1;
@@ -129,7 +110,7 @@ void PIStreamPacker::received(const PIByteArray & data) {
 	stream.append(data);
 	// piCout << "rec" << data.size();
 	while (!stream.isEmpty()) {
-		int hdr_size = sizeof(packet_sign) + size_crypted_size;
+		int hdr_size = sizeof(packet_sign) + sizeCryptedSize();
 		if (packet_size < 0) {
 			if (stream.size_s() < hdr_size) return;
 			ushort sign(0);
@@ -143,8 +124,8 @@ void PIStreamPacker::received(const PIByteArray & data) {
 			}
 			int sz = -1;
 			if (crypt_size) {
-				PIByteArray crsz((uint)size_crypted_size);
+				PIByteArray crsz(sizeCryptedSize());
-				memcpy(crsz.data(), stream.data(2), size_crypted_size);
+				memcpy(crsz.data(), stream.data(2), crsz.size());
 				crsz = decryptData(crsz);
 				if (crsz.size() < sizeof(sz)) {
 					if (aggressive_optimization)
@@ -155,7 +136,7 @@ void PIStreamPacker::received(const PIByteArray & data) {
 				}
 				crsz >> sz;
 			} else {
-				memcpy(&sz, stream.data(2), size_crypted_size);
+				memcpy(&sz, stream.data(2), sizeCryptedSize());
 			}
 			if (sz < 0) {
 				if (aggressive_optimization)
@@ -212,10 +193,17 @@ void PIStreamPacker::received(const PIByteArray & data) {
 
 
 void PIStreamPacker::assignDevice(PIIODevice * dev) {
-	if (!dev) return;
+	if (!dev) {
+		piCoutObj << "Error! device is NULL";
+		return;
+	}
 	if (!dev->infoFlags()[PIIODevice::Reliable]) {
 		piCoutObj << "Warning! Not recommended to use with non-reliable" << dev;
 	}
 	CONNECT2(void, const uchar *, ssize_t, dev, threadedReadEvent, this, received);
 	CONNECT1(void, PIByteArray, this, sendRequest, dev, write);
 }
+
+uint PIStreamPacker::sizeCryptedSize() {
+	return sizeof(int) + (crypt_size ? cryptSizeAddition() : 0);
+}

libs/main/client_server/piclientserver_client_base.h

@@ -25,7 +25,6 @@
 #ifndef piclientserver_client_base_H
 #define piclientserver_client_base_H
 
-#include "piclientserver_config.h"
 #include "pidiagnostics.h"
 #include "pip_client_server_export.h"
 #include "pistreampacker.h"
@@ -36,8 +35,10 @@ namespace PIClientServer {
 
 class Server;
 
+class ClientInterface {};
+
+// template<bool EnableDiagnostics = false>
 class PIP_CLIENT_SERVER_EXPORT ClientBase {
-	friend class Config;
 	friend class Server;
 	NO_COPY_CLASS(ClientBase);
 
@@ -57,7 +58,9 @@ public:
 	PIDiagnostics::State diagnostics() const;
 	int receivePacketProgress() const;
 
-	Config & configuration() { return config; }
+	const PIStreamPackerConfig & configuration() const { return stream.configuration(); }
+	PIStreamPackerConfig & configuration() { return stream.configuration(); }
+	void setConfiguration(const PIStreamPackerConfig & config) { stream.setConfiguration(config); }
 
 protected:
 	virtual void readed(PIByteArray data) {}
@@ -71,7 +74,6 @@ protected:
 	bool own_tcp               = false;
 	std::atomic_bool can_write = {true};
 	PIEthernet * tcp           = nullptr;
-	Config config;
 
 private:
 	void destroy();

libs/main/client_server/piclientserver_config.h

@@ -1,60 +0,0 @@
-/*! \file piclientserver_config.h
- * \ingroup ClientServer
- * \~\brief
- * \~english
- * \~russian
- */
-/*
-    PIP - Platform Independent Primitives
-	Ivan Pelipenko peri4ko@yandex.ru
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Lesser General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Lesser General Public License for more details.
-
-    You should have received a copy of the GNU Lesser General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef piclientserver_config_H
-#define piclientserver_config_H
-
-#include "pibytearray.h"
-#include "pip_client_server_export.h"
-
-
-namespace PIClientServer {
-
-class Server;
-class Client;
-class ClientBase;
-
-class PIP_CLIENT_SERVER_EXPORT Config {
-	friend class Server;
-	friend class Client;
-
-public:
-	void setPacketSign(ushort sign);
-	void setPacketSize(int bytes);
-
-	void enableSymmetricEncryption(const PIByteArray & key);
-
-protected:
-	void apply(ClientBase * client);
-
-	PIByteArray crypt_key;
-	ushort packet_sign = 0xAFBE;
-	int packet_size    = 1400;
-
-private:
-};
-
-} // namespace PIClientServer
-
-#endif

libs/main/client_server/piclientserver_server.h

@@ -25,10 +25,10 @@
 #ifndef piclientserver_server_H
 #define piclientserver_server_H
 
-#include "piclientserver_config.h"
 #include "pimutex.h"
 #include "pinetworkaddress.h"
 #include "pip_client_server_export.h"
+#include "pistreampacker.h"
 #include "pithreadnotifier.h"
 
 class PIEthernet;
@@ -38,7 +38,7 @@ namespace PIClientServer {
 
 class ServerClient;
 
-class PIP_CLIENT_SERVER_EXPORT Server {
+class PIP_CLIENT_SERVER_EXPORT Server: public PIStreamPackerConfig {
 	friend class ServerClient;
 	NO_COPY_CLASS(Server);
 
@@ -58,8 +58,6 @@ public:
 
 	void setClientFactory(std::function<ServerClient *()> f) { client_factory = f; }
 
-	Config & configuration() { return config; }
-
 private:
 	void stopServer();
 	void newClient(ServerClient * c);
@@ -70,7 +68,6 @@ private:
 	PIEthernet * tcp_server     = nullptr;
 	PIThread * clean_thread     = nullptr;
 	PIThreadNotifier clean_notifier;
-	Config config;
 	PIVector<ServerClient *> clients;
 	mutable PIMutex clients_mutex;
 

libs/main/crypt/picrypt.h

@@ -40,6 +40,8 @@ public:
 	//! \~russian Конструктор, генерирующий случайный ключ
 	PICrypt();
 
+	~PICrypt();
+
 	//! \~\brief
 	//! \~english Set key to "key", key size must be a \a sizeKey()
 	//! \~russian Установить ключ "key", размер ключа должен быть равен \a sizeKey()
@@ -48,7 +50,7 @@ public:
 	//! \~\brief
 	//! \~english Generate and set key from keyphrase "secret"
 	//! \~russian Генерировать и установить ключ из ключевой фразы "secret"
-	PIByteArray setKey(const PIString & secret);
+	bool setKey(const PIString & secret);
 
 	//! \~\brief
 	//! \~english Returns current key
@@ -123,12 +125,12 @@ public:
 	//! \~\brief
 	//! \~english Function randomly generates a secret key and a corresponding public key for digital signature
 	//! \~russian Функция случайным образом генерирует секретный ключ и соответствующий ему открытый ключ для цифровой подписи
-	static void generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key);
+	static bool generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key);
 
 	//! \~\brief
 	//! \~english Function generates a secret key from input data and a corresponding public key for digital signature
 	//! \~russian Функция генерирует секретный ключ из входных данных и соответствующий ему открытый ключ для цифровой подписи
-	static void generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed);
+	static bool generateSignKeys(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed);
 
 	//! \~\brief
 	//! \~english Function extract sign public key from sing secret key
@@ -138,24 +140,24 @@ public:
 	//! \~\brief
 	//! \~english Calculate digital signature for data
 	//! \~russian Вычислить цифровую подпись для данных
-	PIByteArray signMessage(const PIByteArray & data, PIByteArray secret_key);
+	PIByteArray signMessage(const PIByteArray & data, const PIByteArray & secret_key);
 
 	//! \~\brief
 	//! \~english Verify digital signature of signed message
 	//! \~russian Проверить цифровую подпись подписанного сообщения
-	bool verifySign(const PIByteArray & data, const PIByteArray & signature, PIByteArray public_key);
+	bool verifySign(const PIByteArray & data, const PIByteArray & signature, const PIByteArray & public_key);
 
 	//! \~\brief
 	//! \~english Function randomly generates a secret key and a corresponding public key for authenticated encryption
 	//! \~russian Функция случайным образом генерирует секретный ключ и соответствующий ему открытый ключ для аутентифицированного
 	//! шифрования
-	static void generateKeypair(PIByteArray & public_key, PIByteArray & secret_key);
+	static bool generateKeypair(PIByteArray & public_key, PIByteArray & secret_key);
 
 	//! \~\brief
 	//! \~english Function generates a secret key from input data and a corresponding public key for authenticated encryption
 	//! \~russian Функция генерирует секретный ключ из входных данных и соответствующий ему открытый ключ для аутентифицированного
 	//! шифрования
-	static void generateKeypair(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed);
+	static bool generateKeypair(PIByteArray & public_key, PIByteArray & secret_key, const PIByteArray & seed);
 
 	//! \~\brief
 	//! \~english Encrypt given data "data"

libs/main/io_utils/piethutilbase.h

@@ -57,6 +57,9 @@ public:
 	//! Returns crypt layer key
 	PIByteArray cryptKey() const;
 
+	//! \brief Returns addition size for crypted data.
+	static size_t cryptSizeAddition();
+
 protected:
 	/*! \brief Returns encrypted data if layer enabled,
 	 *  otherwise returns unchanged \"data\" */

libs/main/io_utils/pistreampacker.h

@@ -33,15 +33,17 @@
 
 class PIIODevice;
 
-class PIP_IO_UTILS_EXPORT PIStreamPacker
+class PIStreamPackerConfig: public PIEthUtilBase {
-	: public PIObject
+	friend class PIStreamPacker;
-	, public PIEthUtilBase {
-	PIOBJECT(PIStreamPacker)
 
 public:
-	//! Contructs packer and try to assign \"dev\"
+	PIStreamPackerConfig() {
-	PIStreamPacker(PIIODevice * dev = 0);
+		crypt_frag = crypt_size = false;
-
+		aggressive_optimization = true;
+		crypt_frag_size         = 1 * 1024 * 1024;
+		max_packet_size         = 1400;
+		packet_sign             = 0xAFBE;
+	}
 
 	//! Set maximum size of single packet
 	void setMaxPacketSize(int max_size) { max_packet_size = max_size; }
@@ -49,17 +51,12 @@ public:
 	//! Returns maximum size of single packet, default 1400 bytes
 	int maxPacketSize() const { return max_packet_size; }
 
-
 	//! Set packet sinature
 	void setPacketSign(ushort sign_) { packet_sign = sign_; }
 
 	//! Returns packet sinature, default 0xAFBE
 	ushort packetSign() const { return packet_sign; }
 
-	//! Returns progress of current packet receive in bytes
-	int receivePacketProgress() const { return packet.size_s(); }
-
-
 	//! Set receive aggressive optimization. If yes then %PIStreamPacker doesn`t
 	//! check every byte in incoming stream but check only begin of each read()
 	//! result. Default is \b true.
@@ -68,17 +65,42 @@ public:
 	//! Returns aggressive optimization
 	bool aggressiveOptimization() const { return aggressive_optimization; }
 
-
 	bool cryptFragmentationEnabled() const { return crypt_frag; }
 	void setCryptFragmentationEnabled(bool on) { crypt_frag = on; }
 	int cryptFragmentationSize() const { return crypt_frag_size; }
 	void setCryptFragmentationSize(int size_) { crypt_frag_size = size_; }
 	bool cryptSizeEnabled() const { return crypt_size; }
-	void setCryptSizeEnabled(bool on);
+	void setCryptSizeEnabled(bool on) { crypt_size = on; }
+
+	//! Get configuration
+	const PIStreamPackerConfig & configuration() const { return *this; }
+	PIStreamPackerConfig & configuration() { return *this; }
+
+	//! Apply configuration
+	void setConfiguration(const PIStreamPackerConfig & config) { *this = config; }
+
+private:
+	bool crypt_frag, crypt_size, aggressive_optimization;
+	int crypt_frag_size;
+	ushort packet_sign;
+	int max_packet_size;
+};
+
+
+class PIP_IO_UTILS_EXPORT PIStreamPacker
+	: public PIObject
+	, public PIStreamPackerConfig {
+	PIOBJECT(PIStreamPacker)
+
+public:
+	//! Contructs packer and try to assign \"dev\"
+	PIStreamPacker(PIIODevice * dev = nullptr);
+
+	//! Returns progress of current packet receive in bytes
+	int receivePacketProgress() const { return packet.size_s(); }
 
 	void clear();
 
-
 	//! Prepare data for send and raise \a sendRequest() events
 	void send(const PIByteArray & data);
 
@@ -130,11 +152,10 @@ protected:
 	virtual void packetReceived(PIByteArray data) {}
 
 private:
+	uint sizeCryptedSize();
+
 	PIByteArray stream, packet;
-	bool crypt_frag, crypt_size, aggressive_optimization;
+	int packet_size;
-	int packet_size, crypt_frag_size;
-	ushort packet_sign;
-	int max_packet_size, size_crypted_size;
 	mutable PIMutex prog_s_mutex, prog_r_mutex;
 };
 

libs/main/text/pistring.h

@@ -40,6 +40,7 @@ class PIStringList;
 //! \~russian Класс строки.
 class PIP_EXPORT PIString {
 	BINARY_STREAM_FRIEND(PIString);
+	friend class PICrypt;
 
 public:
 	typedef PIDeque<PIChar>::iterator iterator;

main.cpp

@@ -142,7 +142,8 @@ int main(int argc, char * argv[]) {
 		piCout << "Server";
 		s = new PIClientServer::Server();
 		s->setClientFactory([] { return new MyServerClient(); });
-		s->configuration().enableSymmetricEncryption("1122334455667788"_hex);
+		s->setCryptEnabled(true);;
+		s->setCryptKey("1122334455667788"_hex);
 		s->listenAll(12345);
 		s_thread->start(
 			[s] {
@@ -161,7 +162,8 @@ int main(int argc, char * argv[]) {
 		piForTimes(2) {
 			piMSleep(25);
 			auto c = new MyClient();
-			c->configuration().enableSymmetricEncryption("1122334455667788"_hex);
+			c->configuration().setCryptEnabled(true);
+			c->configuration().setCryptKey("1122334455667788"_hex);
 			c->connect(PINetworkAddress::resolve("127.0.0.1", 12345));
 			cv << c;
 		}