mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Merge pull request #464 from slvr/crypto-fix
Incorrect constants: s/BOXZERO/ZERO/
This commit is contained in:
commit
0338c3c9e8
|
@ -197,6 +197,43 @@ START_TEST(test_endtoend)
|
||||||
}
|
}
|
||||||
END_TEST
|
END_TEST
|
||||||
|
|
||||||
|
START_TEST(test_large_data)
|
||||||
|
{
|
||||||
|
unsigned char k[crypto_box_BEFORENMBYTES];
|
||||||
|
|
||||||
|
unsigned char n[crypto_box_NONCEBYTES];
|
||||||
|
|
||||||
|
unsigned char m1[MAX_DATA_SIZE - ENCRYPTION_PADDING];
|
||||||
|
unsigned char c1[sizeof(m1) + ENCRYPTION_PADDING];
|
||||||
|
unsigned char m1prime[sizeof(m1)];
|
||||||
|
|
||||||
|
unsigned char m2[MAX_DATA_SIZE];
|
||||||
|
unsigned char c2[sizeof(m2) + ENCRYPTION_PADDING];
|
||||||
|
|
||||||
|
int c1len, c2len;
|
||||||
|
int m1plen;
|
||||||
|
|
||||||
|
//Generate random messages
|
||||||
|
rand_bytes(m1, sizeof(m1));
|
||||||
|
rand_bytes(m2, sizeof(m2));
|
||||||
|
rand_bytes(n, crypto_box_NONCEBYTES);
|
||||||
|
|
||||||
|
//Generate key
|
||||||
|
rand_bytes(k, crypto_box_BEFORENMBYTES);
|
||||||
|
|
||||||
|
c1len = encrypt_data_fast(k, n, m1, sizeof(m1), c1);
|
||||||
|
c2len = encrypt_data_fast(k, n, m2, sizeof(m2), c2);
|
||||||
|
|
||||||
|
ck_assert_msg(c1len == sizeof(m1) + ENCRYPTION_PADDING, "Could not encrypt max size");
|
||||||
|
ck_assert_msg(c2len == -1, "incorrectly succeeded encrypting massive size");
|
||||||
|
|
||||||
|
m1plen = decrypt_data_fast(k, n, c1, c1len, m1prime);
|
||||||
|
|
||||||
|
ck_assert_msg(m1plen == sizeof(m1), "decrypted text lengths differ");
|
||||||
|
ck_assert_msg(memcmp(m1prime, m1, sizeof(m1)) == 0, "decrypted texts differ");
|
||||||
|
}
|
||||||
|
END_TEST
|
||||||
|
|
||||||
#define DEFTESTCASE(NAME) \
|
#define DEFTESTCASE(NAME) \
|
||||||
TCase *NAME = tcase_create(#NAME); \
|
TCase *NAME = tcase_create(#NAME); \
|
||||||
tcase_add_test(NAME, test_##NAME); \
|
tcase_add_test(NAME, test_##NAME); \
|
||||||
|
@ -209,6 +246,7 @@ Suite* crypto_suite(void)
|
||||||
DEFTESTCASE(known);
|
DEFTESTCASE(known);
|
||||||
DEFTESTCASE(fast_known);
|
DEFTESTCASE(fast_known);
|
||||||
DEFTESTCASE(endtoend);
|
DEFTESTCASE(endtoend);
|
||||||
|
DEFTESTCASE(large_data);
|
||||||
|
|
||||||
return s;
|
return s;
|
||||||
}
|
}
|
||||||
|
|
|
@ -71,33 +71,6 @@ uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
|
||||||
return check; // We return zero if mem is made out of zeroes.
|
return check; // We return zero if mem is made out of zeroes.
|
||||||
}
|
}
|
||||||
|
|
||||||
/* encrypts plain of length length to encrypted of length + 16 using the
|
|
||||||
public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce
|
|
||||||
return -1 if there was a problem.
|
|
||||||
return length of encrypted data if everything was fine. */
|
|
||||||
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
|
||||||
uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
|
||||||
{
|
|
||||||
if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0)
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
|
|
||||||
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
|
|
||||||
|
|
||||||
memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */
|
|
||||||
|
|
||||||
crypto_box(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, public_key, secret_key);
|
|
||||||
|
|
||||||
/* if encryption is successful the first crypto_box_BOXZEROBYTES of the message will be zero
|
|
||||||
apparently memcmp should not be used so we do this instead:*/
|
|
||||||
if(crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0)
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
/* unpad the encrypted message */
|
|
||||||
memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES);
|
|
||||||
return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Precomputes the shared key from their public_key and our secret_key.
|
/* Precomputes the shared key from their public_key and our secret_key.
|
||||||
This way we can avoid an expensive elliptic curve scalar multiply for each
|
This way we can avoid an expensive elliptic curve scalar multiply for each
|
||||||
encrypt/decrypt operation.
|
encrypt/decrypt operation.
|
||||||
|
@ -114,7 +87,7 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||||
if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0)
|
if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
|
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0};
|
||||||
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
|
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
|
||||||
|
|
||||||
memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */
|
memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */
|
||||||
|
@ -129,35 +102,6 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||||
return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES;
|
return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* decrypts encrypted of length length to plain of length length - 16 using the
|
|
||||||
public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce
|
|
||||||
return -1 if there was a problem(decryption failed)
|
|
||||||
return length of plain data if everything was fine. */
|
|
||||||
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
|
||||||
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
|
||||||
{
|
|
||||||
if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES)
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
|
|
||||||
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
|
|
||||||
|
|
||||||
memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */
|
|
||||||
|
|
||||||
if (crypto_box_open(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES,
|
|
||||||
nonce, public_key, secret_key) == -1)
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
/* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero
|
|
||||||
apparently memcmp should not be used so we do this instead:*/
|
|
||||||
if(crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0)
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
/* unpad the plain message */
|
|
||||||
memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES);
|
|
||||||
return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Fast decrypt. Depends on enc_ley from encrypt_precompute. */
|
/* Fast decrypt. Depends on enc_ley from encrypt_precompute. */
|
||||||
int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||||
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||||
|
@ -165,7 +109,7 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||||
if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES)
|
if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
|
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES];
|
||||||
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
|
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
|
||||||
|
|
||||||
memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */
|
memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */
|
||||||
|
@ -184,6 +128,22 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||||
return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES;
|
return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||||
|
uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||||
|
{
|
||||||
|
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||||
|
encrypt_precompute(public_key, secret_key, k);
|
||||||
|
return encrypt_data_fast(k, nonce, plain, length, encrypted);
|
||||||
|
}
|
||||||
|
|
||||||
|
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||||
|
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||||
|
{
|
||||||
|
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||||
|
encrypt_precompute(public_key, secret_key, k);
|
||||||
|
return decrypt_data_fast(k, nonce, encrypted, length, plain);
|
||||||
|
}
|
||||||
|
|
||||||
/* increment the given nonce by 1 */
|
/* increment the given nonce by 1 */
|
||||||
static void increment_nonce(uint8_t *nonce)
|
static void increment_nonce(uint8_t *nonce)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue
Block a user