StarMirror/toxcore
1
0
Fork 0
mirror of https://github.com/irungentoo/toxcore.git synced 2024-03-22 13:30:51 +08:00
Code Issues Projects Releases Wiki Activity

Decided pretty much how the handshake would work.

Browse Source 
Started writing the code.

Astyled some files.
This commit is contained in:
irungentoo 2014-04-22 20:28:40 -04:00
parent c46ab5821d
commit 1bfe15ee88
No known key found for this signature in database
GPG Key ID: 10349DC9BED89E98
13 changed files with 226 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
docs/Tox_middle_level_network_protocol.txt
View File

@ -38,4 +38,26 @@ from evil "friends" framing relays must also be implemented.
Detailed implementation details:
Coming soon.
cookie request packet:
[uint8_t 24][Senders DHT Public key (32 bytes)][Random nonce (24
bytes)][Encrypted message containing: [Senders real public key (32
bytes)][Recievers real public key (32 bytes)]]
Encrypted message is encrypted with sender DHT private key, recievers DHT public
key and the nonce.
cookie response packet:
[uint8_t 25][Random nonce (24 bytes)][Encrypted message containing: [Cookie]]
Encrypted message is encrypted with sender DHT private key, recievers DHT public
key and the nonce.
The Cookie should be basically:
[nonce][encrypted data:[uint64_t time][Senders real public key (32
bytes)][Recievers real public key (32 bytes)]]
Handshake packet:
[uint8_t 26][Cookie][nonce][Encrypted message containing: [random 24 bytes base
nonce][session public key of the peer (32 bytes)]]
The handshake packet is encrypted using the real private key of the sender, the
real private key of the reciever and the nonce.

30
toxcore/DHT.c
View File

@ -163,7 +163,7 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, uint8_t *secr
}
}
/* Copy shared_key to decrypt DHT packet from client_id into shared_key
/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
* for packets that we recieve.
*/
void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id)
@ -171,7 +171,7 @@ void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id)
return get_shared_key(&dht->shared_keys_recv, shared_key, dht->self_secret_key, client_id);
}
/* Copy shared_key to decrypt DHT packet from client_id into shared_key
/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
* for packets that we send.
*/
void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id)
@ -974,10 +974,10 @@ static int getnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cli
uint8_t shared_key[crypto_box_BEFORENMBYTES];
DHT_get_shared_key_sent(dht, shared_key, public_key);
int len = encrypt_data_symmetric( shared_key,
nonce,
plain,
CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH,
encrypt );
nonce,
plain,
CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH,
encrypt );
if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES)
return -1;
@ -1020,10 +1020,10 @@ static int sendnodes_ipv6(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_
memcpy(plain + nodes_length, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH);
int len = encrypt_data_symmetric( shared_encryption_key,
nonce,
plain,
nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH,
encrypt );
nonce,
plain,
nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH,
encrypt );
if ((unsigned int)len != nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES)
return -1;
@ -1053,10 +1053,10 @@ static int handle_getnodes(void *object, IP_Port source, uint8_t *packet, uint32
DHT_get_shared_key_recv(dht, shared_key, packet + 1);
int len = decrypt_data_symmetric( shared_key,
packet + 1 + CLIENT_ID_SIZE,
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES,
plain );
packet + 1 + CLIENT_ID_SIZE,
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES,
plain );
if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH)
return 1;
@ -2283,6 +2283,7 @@ DHT *new_DHT(Net_Crypto *c)
DHT_addfriend(dht, random_key_bytes);
}
c->dht = dht;
return dht;
}
@ -2317,6 +2318,7 @@ void kill_DHT(DHT *dht)
networking_registerhandler(dht->net, NET_PACKET_SEND_NODES_IPV6, NULL, NULL);
cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_NAT_PING, NULL, NULL);
cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_HARDENING, NULL, NULL);
dht->c->dht = 0;
kill_ping(dht->ping);
free(dht->friends_list);
free(dht);

4
toxcore/DHT.h
View File

@ -204,12 +204,12 @@ typedef struct {
*/
void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, uint8_t *secret_key, uint8_t *client_id);
/* Copy shared_key to decrypt DHT packet from client_id into shared_key
/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
* for packets that we recieve.
*/
void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id);
/* Copy shared_key to decrypt DHT packet from client_id into shared_key
/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
* for packets that we send.
*/
void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id);

4
toxcore/TCP_client.c
View File

@ -75,7 +75,7 @@ static int generate_handshake(TCP_Client_Connection *TCP_conn, uint8_t *self_pub
memcpy(TCP_conn->last_packet, self_public_key, crypto_box_PUBLICKEYBYTES);
new_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES);
int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain,
sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES);
sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES);
if (len != sizeof(plain) + crypto_box_MACBYTES)
return -1;
@ -94,7 +94,7 @@ static int handle_handshake(TCP_Client_Connection *TCP_conn, uint8_t *data)
{
uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES];
int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + crypto_box_NONCEBYTES,
TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, plain);
TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, plain);
if (len != sizeof(plain))
return -1;

5
toxcore/TCP_server.c
View File

@ -357,7 +357,7 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint1
encrypt_precompute(data, self_secret_key, shared_key);
uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE];
int len = decrypt_data_symmetric(shared_key, data + crypto_box_PUBLICKEYBYTES,
data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain);
data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain);
if (len != TCP_HANDSHAKE_PLAIN_SIZE)
return -1;
@ -373,7 +373,8 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint1
uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
new_nonce(response);
len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, response + crypto_box_NONCEBYTES);
len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE,
response + crypto_box_NONCEBYTES);
if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES)
return -1;

2
toxcore/TCP_server.h
View File

@ -54,8 +54,6 @@
#define ARRAY_ENTRY_SIZE 6
#define TCP_ONION_FAMILY (AF_INET6 + 1)
/* frequency to ping connected nodes and timeout in seconds */
#define TCP_PING_FREQUENCY 30
#define TCP_PING_TIMEOUT 20

1
toxcore/crypto_core.c
View File

@ -65,6 +65,7 @@ int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain,
if (crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, secret_key) != 0)
return -1;
/* Unpad the encrypted message. */
memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES);
return length + crypto_box_MACBYTES;

148
toxcore/net_crypto.c
View File

@ -34,6 +34,145 @@ static uint8_t crypt_connection_id_not_valid(Net_Crypto *c, int crypt_connection
{
return (uint32_t)crypt_connection_id >= c->crypto_connections_length;
}
#define COOKIE_REQUEST_PLAIN_LENGTH (crypto_box_PUBLICKEYBYTES * 2)
#define COOKIE_REQUEST_LENGTH (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES)
/* Create a cookie request packet and put it in packet.
*
* packet must be of size COOKIE_REQUEST_LENGTH or bigger.
*
* return -1 on failure.
* return COOKIE_REQUEST_LENGTH on success.
*/
static int create_cookie_request(Net_Crypto *c, uint8_t *packet, uint8_t *dht_public_key, uint8_t *real_public_key)
{
if (!c->dht)
return -1;
uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH];
memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES);
memcpy(plain + crypto_box_PUBLICKEYBYTES, real_public_key, crypto_box_PUBLICKEYBYTES);
uint8_t shared_key[crypto_box_BEFORENMBYTES];
DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key);
uint8_t nonce[crypto_box_NONCEBYTES];
new_nonce(nonce);
packet[0] = NET_PACKET_COOKIE_REQUEST;
memcpy(packet + 1, c->dht->self_public_key, crypto_box_PUBLICKEYBYTES);
memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES);
int len = encrypt_data_symmetric(shared_key, nonce, plain, sizeof(plain),
packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES);
if (len != COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES)
return -1;
return (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + len);
}
/* cookie timeout in seconds */
#define COOKIE_TIMEOUT 10
#define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_REQUEST_PLAIN_LENGTH)
#define COOKIE_LENGTH (crypto_box_NONCEBYTES + COOKIE_CONTENTS_LENGTH + crypto_box_MACBYTES)
/* Create cookie of length COOKIE_LENGTH from bytes of length COOKIE_REQUEST_PLAIN_LENGTH using encryption_key
*
* return -1 on failure.
* return 0 on success.
*/
static int create_cookie(uint8_t *cookie, uint8_t *bytes, uint8_t *encryption_key)
{
uint8_t contents[COOKIE_CONTENTS_LENGTH];
uint64_t temp_time = unix_time();
memcpy(contents, &temp_time, sizeof(temp_time));
memcpy(contents + sizeof(temp_time), bytes, COOKIE_REQUEST_PLAIN_LENGTH);
new_nonce(cookie);
int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + crypto_box_NONCEBYTES);
if (len != COOKIE_LENGTH - crypto_box_NONCEBYTES)
return -1;
return 0;
}
#define COOKIE_RESPONSE_LENGTH (1 + crypto_box_NONCEBYTES + COOKIE_LENGTH + crypto_box_MACBYTES)
/* Open cookie of length COOKIE_LENGTH from bytes of length COOKIE_REQUEST_PLAIN_LENGTH using encryption_key
*
* return -1 on failure.
* return 0 on success.
*/
static int open_cookie(uint8_t *bytes, uint8_t *cookie, uint8_t *encryption_key)
{
uint8_t contents[COOKIE_CONTENTS_LENGTH];
int len = decrypt_data_symmetric(encryption_key, cookie, cookie + crypto_box_NONCEBYTES,
COOKIE_LENGTH - crypto_box_NONCEBYTES, contents);
if (len != sizeof(contents))
return -1;
uint64_t cookie_time;
memcpy(&cookie_time, contents, sizeof(cookie_time));
uint64_t temp_time = unix_time();
if (cookie_time + COOKIE_TIMEOUT < temp_time || temp_time < cookie_time)
return -1;
memcpy(bytes, contents + sizeof(cookie_time), COOKIE_REQUEST_PLAIN_LENGTH);
return 0;
}
/* Create a cookie request packet and put it in packet.
* request_plain must be COOKIE_REQUEST_PLAIN_LENGTH bytes.
* packet must be of size COOKIE_RESPONSE_LENGTH or bigger.
*
* return -1 on failure.
* return COOKIE_RESPONSE_LENGTH on success.
*/
static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *request_plain, uint8_t *shared_key)
{
uint8_t cookie[COOKIE_LENGTH];
if (create_cookie(cookie, request_plain, c->secret_symmetric_key) != 0)
return -1;
packet[0] = NET_PACKET_COOKIE_RESPONSE;
new_nonce(packet + 1);
int len = encrypt_data_symmetric(shared_key, packet + 1, cookie, sizeof(cookie), packet + 1 + crypto_box_NONCEBYTES);
if (len != COOKIE_RESPONSE_LENGTH - (1 + crypto_box_NONCEBYTES))
return -1;
return COOKIE_RESPONSE_LENGTH;
}
/* Handle the cookie request packet of length length.
* Put what was in the request in request_plain (must be of size COOKIE_REQUEST_PLAIN_LENGTH)
* Put the key used to decrypt the request into shared_key (of size crypto_box_BEFORENMBYTES) for use in the response.
*
* return -1 on failure.
* return 0 on success.
*/
static int handle_cookie_request(Net_Crypto *c, uint8_t *request_plain, uint8_t *shared_key, uint8_t *packet,
uint16_t length)
{
if (!c->dht)
return -1;
if (length != COOKIE_REQUEST_LENGTH)
return -1;
DHT_get_shared_key_sent(c->dht, shared_key, packet + 1);
int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES,
packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES,
request_plain);
if (len != COOKIE_REQUEST_PLAIN_LENGTH)
return -1;
return 0;
}
/* return 0 if there is no received data in the buffer.
* return -1 if the packet was discarded.
@ -57,8 +196,8 @@ int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data)
return -1;
int len = decrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key,
c->crypto_connections[crypt_connection_id].recv_nonce,
temp_data + 1, length - 1, data);
c->crypto_connections[crypt_connection_id].recv_nonce,
temp_data + 1, length - 1, data);
if (len != -1) {
increment_nonce(c->crypto_connections[crypt_connection_id].recv_nonce);
@ -95,8 +234,8 @@ int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uin
uint8_t temp_data[MAX_DATA_SIZE];
int len = encrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key,
c->crypto_connections[crypt_connection_id].sent_nonce,
data, length, temp_data + 1);
c->crypto_connections[crypt_connection_id].sent_nonce,
data, length, temp_data + 1);
if (len == -1)
return 0;
@ -655,6 +794,7 @@ Net_Crypto *new_net_crypto(Networking_Core *net)
}
new_keys(temp);
new_symmetric_key(temp->secret_symmetric_key);
return temp;
}

5
toxcore/net_crypto.h
View File

@ -25,6 +25,7 @@
#define NET_CRYPTO_H
#include "Lossless_UDP.h"
#include "DHT.h"
#define CRYPTO_PACKET_FRIEND_REQ 32 /* Friend request crypto packet ID. */
#define CRYPTO_PACKET_HARDENING 48 /* Hardening crypto packet ID. */
@ -67,6 +68,7 @@ typedef struct {
typedef struct {
Lossless_UDP *lossless_udp;
DHT *dht;
Crypto_Connection *crypto_connections;
@ -76,6 +78,9 @@ typedef struct {
uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
/* The secret key used for cookies */
uint8_t secret_symmetric_key[crypto_secretbox_KEYBYTES];
Cryptopacket_Handles cryptopackethandlers[256];
} Net_Crypto;

7
toxcore/network.h
View File

@ -126,6 +126,8 @@ typedef int sock_t;
#define NET_PACKET_HANDSHAKE 16 /* Handshake packet ID. */
#define NET_PACKET_SYNC 17 /* SYNC packet ID. */
#define NET_PACKET_DATA 18 /* Data packet ID. */
#define NET_PACKET_COOKIE_REQUEST 24 /* Cookie request packet */
#define NET_PACKET_COOKIE_RESPONSE 25 /* Cookie response packet */
#define NET_PACKET_CRYPTO 32 /* Encrypted data packet ID. */
#define NET_PACKET_LAN_DISCOVERY 33 /* LAN discovery packet ID. */
#define NET_PACKET_GROUP_CHATS 48 /* Group chats packet ID. */
@ -158,6 +160,11 @@ typedef int sock_t;
#define TOX_PORTRANGE_TO 33545
#define TOX_PORT_DEFAULT TOX_PORTRANGE_FROM
/* TCP related */
#define TCP_ONION_FAMILY (AF_INET6 + 1)
#define TCP_INET (AF_INET6 + 2)
#define TCP_INET6 (AF_INET6 + 3)
typedef union __attribute__ ((__packed__))
{
uint8_t uint8[4];

12
toxcore/onion.c
View File

@ -112,7 +112,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint
memcpy(step2 + sizeof(IP_Port), path->public_key3, crypto_box_PUBLICKEYBYTES);
int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1),
step2 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES);
step2 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES);
if ((uint32_t)len != sizeof(IP_Port) + length + crypto_box_MACBYTES)
return -1;
@ -121,7 +121,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint
memcpy(step3, &path->ip_port2, sizeof(IP_Port));
memcpy(step3 + sizeof(IP_Port), path->public_key2, crypto_box_PUBLICKEYBYTES);
len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2),
step3 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES);
step3 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES);
if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE + length + crypto_box_MACBYTES)
return -1;
@ -132,7 +132,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint
memcpy(packet + 1 + crypto_box_NONCEBYTES, path->public_key1, crypto_box_PUBLICKEYBYTES);
len = encrypt_data_symmetric(path->shared_key1, nonce, step3, sizeof(step3),
packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES);
packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES);
if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE * 2 + length + crypto_box_MACBYTES)
return -1;
@ -176,7 +176,7 @@ static int handle_send_initial(void *object, IP_Port source, uint8_t *packet, ui
uint8_t shared_key[crypto_box_BEFORENMBYTES];
get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES);
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), plain);
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), plain);
if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES))
return 1;
@ -227,7 +227,7 @@ static int handle_send_1(void *object, IP_Port source, uint8_t *packet, uint32_t
uint8_t shared_key[crypto_box_BEFORENMBYTES];
get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES);
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1), plain);
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1), plain);
if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1 + crypto_box_MACBYTES))
return 1;
@ -276,7 +276,7 @@ static int handle_send_2(void *object, IP_Port source, uint8_t *packet, uint32_t
uint8_t shared_key[crypto_box_BEFORENMBYTES];
get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES);
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2), plain);
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2), plain);
if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES))
return 1;

6
toxcore/onion_announce.c
View File

@ -222,8 +222,8 @@ static int handle_announce_request(void *object, IP_Port source, uint8_t *packet
uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH];
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH +
crypto_box_MACBYTES, plain);
ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH +
crypto_box_MACBYTES, plain);
if ((uint32_t)len != sizeof(plain))
return 1;
@ -279,7 +279,7 @@ static int handle_announce_request(void *object, IP_Port source, uint8_t *packet
uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE];
len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length,
data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES);
data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES);
if (len != 1 + ONION_PING_ID_SIZE + nodes_length + crypto_box_MACBYTES)
return 1;

28
toxcore/ping.c
View File

@ -169,9 +169,9 @@ int send_ping_request(PING *ping, IP_Port ipp, uint8_t *client_id)
rc = encrypt_data_symmetric(shared_key,
pk + 1 + CLIENT_ID_SIZE,
(uint8_t *) &ping_id, sizeof(ping_id),
pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES);
pk + 1 + CLIENT_ID_SIZE,
(uint8_t *) &ping_id, sizeof(ping_id),
pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES);
if (rc != sizeof(ping_id) + crypto_box_MACBYTES)
return 1;
@ -194,9 +194,9 @@ static int send_ping_response(PING *ping, IP_Port ipp, uint8_t *client_id, uint6
// Encrypt ping_id using recipient privkey
rc = encrypt_data_symmetric(shared_encryption_key,
pk + 1 + CLIENT_ID_SIZE,
(uint8_t *) &ping_id, sizeof(ping_id),
pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES );
pk + 1 + CLIENT_ID_SIZE,
(uint8_t *) &ping_id, sizeof(ping_id),
pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES );
if (rc != sizeof(ping_id) + crypto_box_MACBYTES)
return 1;
@ -223,10 +223,10 @@ static int handle_ping_request(void *_dht, IP_Port source, uint8_t *packet, uint
// Decrypt ping_id
DHT_get_shared_key_recv(dht, shared_key, packet + 1);
rc = decrypt_data_symmetric(shared_key,
packet + 1 + CLIENT_ID_SIZE,
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
sizeof(ping_id) + crypto_box_MACBYTES,
(uint8_t *) &ping_id );
packet + 1 + CLIENT_ID_SIZE,
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
sizeof(ping_id) + crypto_box_MACBYTES,
(uint8_t *) &ping_id );
if (rc != sizeof(ping_id))
return 1;
@ -260,10 +260,10 @@ static int handle_ping_response(void *_dht, IP_Port source, uint8_t *packet, uin
--ping_index;
// Decrypt ping_id
rc = decrypt_data_symmetric(ping->pings[ping_index].shared_key,
packet + 1 + CLIENT_ID_SIZE,
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
sizeof(ping_id) + crypto_box_MACBYTES,
(uint8_t *) &ping_id);
packet + 1 + CLIENT_ID_SIZE,
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
sizeof(ping_id) + crypto_box_MACBYTES,
(uint8_t *) &ping_id);
if (rc != sizeof(ping_id))
return 1;