Decided pretty much how the handshake would work.

Started writing the code.

Astyled some files.

docs/Tox_middle_level_network_protocol.txt

@@ -38,4 +38,26 @@ from evil "friends" framing relays must also be implemented.
 
 Detailed implementation details:
 
-Coming soon.
+cookie request packet:
+[uint8_t 24][Senders DHT Public key (32 bytes)][Random nonce (24 
+bytes)][Encrypted message containing: [Senders real public key (32 
+bytes)][Recievers real public key (32 bytes)]]
+Encrypted message is encrypted with sender DHT private key, recievers DHT public 
+key and the nonce.
+
+cookie response packet:
+[uint8_t 25][Random nonce (24 bytes)][Encrypted message containing: [Cookie]]
+Encrypted message is encrypted with sender DHT private key, recievers DHT public 
+key and the nonce.
+
+The Cookie should be basically:
+[nonce][encrypted data:[uint64_t time][Senders real public key (32 
+bytes)][Recievers real public key (32 bytes)]]
+
+Handshake packet:
+[uint8_t 26][Cookie][nonce][Encrypted message containing: [random 24 bytes base 
+nonce][session public key of the peer (32 bytes)]]
+
+The handshake packet is encrypted using the real private key of the sender, the 
+real private key of the reciever and the nonce.
+

toxcore/DHT.c

@@ -163,7 +163,7 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, uint8_t *secr
     }
 }
 
-/* Copy shared_key to decrypt DHT packet from client_id into shared_key
+/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
  * for packets that we recieve.
  */
 void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id)
@@ -171,7 +171,7 @@ void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id)
     return get_shared_key(&dht->shared_keys_recv, shared_key, dht->self_secret_key, client_id);
 }
 
-/* Copy shared_key to decrypt DHT packet from client_id into shared_key
+/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
  * for packets that we send.
  */
 void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id)
@@ -2283,6 +2283,7 @@ DHT *new_DHT(Net_Crypto *c)
         DHT_addfriend(dht, random_key_bytes);
     }
 
+    c->dht = dht;
     return dht;
 }
 
@@ -2317,6 +2318,7 @@ void kill_DHT(DHT *dht)
     networking_registerhandler(dht->net, NET_PACKET_SEND_NODES_IPV6, NULL, NULL);
     cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_NAT_PING, NULL, NULL);
     cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_HARDENING, NULL, NULL);
+    dht->c->dht = 0;
     kill_ping(dht->ping);
     free(dht->friends_list);
     free(dht);

toxcore/DHT.h

@@ -204,12 +204,12 @@ typedef struct {
  */
 void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, uint8_t *secret_key, uint8_t *client_id);
 
-/* Copy shared_key to decrypt DHT packet from client_id into shared_key
+/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
  * for packets that we recieve.
  */
 void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id);
 
-/* Copy shared_key to decrypt DHT packet from client_id into shared_key
+/* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key
  * for packets that we send.
  */
 void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id);

toxcore/TCP_server.c

@@ -373,7 +373,8 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint1
     uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
     new_nonce(response);
 
-    len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, response + crypto_box_NONCEBYTES);
+    len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE,
+                                 response + crypto_box_NONCEBYTES);
 
     if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES)
         return -1;

toxcore/TCP_server.h

@@ -54,8 +54,6 @@
 
 #define ARRAY_ENTRY_SIZE 6
 
-#define TCP_ONION_FAMILY (AF_INET6 + 1)
-
 /* frequency to ping connected nodes and timeout in seconds */
 #define TCP_PING_FREQUENCY 30
 #define TCP_PING_TIMEOUT 20

toxcore/crypto_core.c

@@ -65,6 +65,7 @@ int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain,
 
     if (crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, secret_key) != 0)
         return -1;
+
     /* Unpad the encrypted message. */
     memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES);
     return length + crypto_box_MACBYTES;

toxcore/net_crypto.c

@@ -34,6 +34,145 @@ static uint8_t crypt_connection_id_not_valid(Net_Crypto *c, int crypt_connection
 {
     return (uint32_t)crypt_connection_id >= c->crypto_connections_length;
 }
+#define COOKIE_REQUEST_PLAIN_LENGTH (crypto_box_PUBLICKEYBYTES * 2)
+#define COOKIE_REQUEST_LENGTH (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES)
+
+/* Create a cookie request packet and put it in packet.
+ *
+ * packet must be of size COOKIE_REQUEST_LENGTH or bigger.
+ *
+ * return -1 on failure.
+ * return COOKIE_REQUEST_LENGTH on success.
+ */
+static int create_cookie_request(Net_Crypto *c, uint8_t *packet, uint8_t *dht_public_key, uint8_t *real_public_key)
+{
+    if (!c->dht)
+        return -1;
+
+    uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH];
+
+    memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES);
+    memcpy(plain + crypto_box_PUBLICKEYBYTES, real_public_key, crypto_box_PUBLICKEYBYTES);
+
+    uint8_t shared_key[crypto_box_BEFORENMBYTES];
+    DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key);
+    uint8_t nonce[crypto_box_NONCEBYTES];
+    new_nonce(nonce);
+    packet[0] = NET_PACKET_COOKIE_REQUEST;
+    memcpy(packet + 1, c->dht->self_public_key, crypto_box_PUBLICKEYBYTES);
+    memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES);
+    int len = encrypt_data_symmetric(shared_key, nonce, plain, sizeof(plain),
+                                     packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES);
+
+    if (len != COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES)
+        return -1;
+
+    return (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + len);
+}
+
+/* cookie timeout in seconds */
+#define COOKIE_TIMEOUT 10
+#define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_REQUEST_PLAIN_LENGTH)
+#define COOKIE_LENGTH (crypto_box_NONCEBYTES + COOKIE_CONTENTS_LENGTH + crypto_box_MACBYTES)
+
+/* Create cookie of length COOKIE_LENGTH from bytes of length COOKIE_REQUEST_PLAIN_LENGTH using encryption_key
+ *
+ * return -1 on failure.
+ * return 0 on success.
+ */
+static int create_cookie(uint8_t *cookie, uint8_t *bytes, uint8_t *encryption_key)
+{
+    uint8_t contents[COOKIE_CONTENTS_LENGTH];
+    uint64_t temp_time = unix_time();
+    memcpy(contents, &temp_time, sizeof(temp_time));
+    memcpy(contents + sizeof(temp_time), bytes, COOKIE_REQUEST_PLAIN_LENGTH);
+    new_nonce(cookie);
+    int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + crypto_box_NONCEBYTES);
+
+    if (len != COOKIE_LENGTH - crypto_box_NONCEBYTES)
+        return -1;
+
+    return 0;
+}
+
+#define COOKIE_RESPONSE_LENGTH (1 + crypto_box_NONCEBYTES + COOKIE_LENGTH + crypto_box_MACBYTES)
+
+/* Open cookie of length COOKIE_LENGTH from bytes of length COOKIE_REQUEST_PLAIN_LENGTH using encryption_key
+ *
+ * return -1 on failure.
+ * return 0 on success.
+ */
+static int open_cookie(uint8_t *bytes, uint8_t *cookie, uint8_t *encryption_key)
+{
+    uint8_t contents[COOKIE_CONTENTS_LENGTH];
+    int len = decrypt_data_symmetric(encryption_key, cookie, cookie + crypto_box_NONCEBYTES,
+                                     COOKIE_LENGTH - crypto_box_NONCEBYTES, contents);
+
+    if (len != sizeof(contents))
+        return -1;
+
+    uint64_t cookie_time;
+    memcpy(&cookie_time, contents, sizeof(cookie_time));
+    uint64_t temp_time = unix_time();
+
+    if (cookie_time + COOKIE_TIMEOUT < temp_time || temp_time < cookie_time)
+        return -1;
+
+    memcpy(bytes, contents + sizeof(cookie_time), COOKIE_REQUEST_PLAIN_LENGTH);
+    return 0;
+}
+
+
+/* Create a cookie request packet and put it in packet.
+ * request_plain must be COOKIE_REQUEST_PLAIN_LENGTH bytes.
+ * packet must be of size COOKIE_RESPONSE_LENGTH or bigger.
+ *
+ * return -1 on failure.
+ * return COOKIE_RESPONSE_LENGTH on success.
+ */
+static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *request_plain, uint8_t *shared_key)
+{
+    uint8_t cookie[COOKIE_LENGTH];
+
+    if (create_cookie(cookie, request_plain, c->secret_symmetric_key) != 0)
+        return -1;
+
+    packet[0] = NET_PACKET_COOKIE_RESPONSE;
+    new_nonce(packet + 1);
+    int len = encrypt_data_symmetric(shared_key, packet + 1, cookie, sizeof(cookie), packet + 1 + crypto_box_NONCEBYTES);
+
+    if (len != COOKIE_RESPONSE_LENGTH - (1 + crypto_box_NONCEBYTES))
+        return -1;
+
+    return COOKIE_RESPONSE_LENGTH;
+}
+
+/* Handle the cookie request packet of length length.
+ * Put what was in the request in request_plain (must be of size COOKIE_REQUEST_PLAIN_LENGTH)
+ * Put the key used to decrypt the request into shared_key (of size crypto_box_BEFORENMBYTES) for use in the response.
+ *
+ * return -1 on failure.
+ * return 0 on success.
+ */
+static int handle_cookie_request(Net_Crypto *c, uint8_t *request_plain, uint8_t *shared_key, uint8_t *packet,
+                                 uint16_t length)
+{
+    if (!c->dht)
+        return -1;
+
+    if (length != COOKIE_REQUEST_LENGTH)
+        return -1;
+
+    DHT_get_shared_key_sent(c->dht, shared_key, packet + 1);
+    int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES,
+                                     packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES,
+                                     request_plain);
+
+    if (len != COOKIE_REQUEST_PLAIN_LENGTH)
+        return -1;
+
+    return 0;
+}
 
 /*  return 0 if there is no received data in the buffer.
  *  return -1  if the packet was discarded.
@@ -655,6 +794,7 @@ Net_Crypto *new_net_crypto(Networking_Core *net)
     }
 
     new_keys(temp);
+    new_symmetric_key(temp->secret_symmetric_key);
     return temp;
 }
 

toxcore/net_crypto.h

@@ -25,6 +25,7 @@
 #define NET_CRYPTO_H
 
 #include "Lossless_UDP.h"
+#include "DHT.h"
 
 #define CRYPTO_PACKET_FRIEND_REQ    32  /* Friend request crypto packet ID. */
 #define CRYPTO_PACKET_HARDENING     48  /* Hardening crypto packet ID. */
@@ -67,6 +68,7 @@ typedef struct {
 
 typedef struct {
     Lossless_UDP *lossless_udp;
+    DHT *dht;
 
     Crypto_Connection *crypto_connections;
 
@@ -76,6 +78,9 @@ typedef struct {
     uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
     uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
 
+    /* The secret key used for cookies */
+    uint8_t secret_symmetric_key[crypto_secretbox_KEYBYTES];
+
     Cryptopacket_Handles cryptopackethandlers[256];
 } Net_Crypto;
 

toxcore/network.h

@@ -126,6 +126,8 @@ typedef int sock_t;
 #define NET_PACKET_HANDSHAKE       16  /* Handshake packet ID. */
 #define NET_PACKET_SYNC            17  /* SYNC packet ID. */
 #define NET_PACKET_DATA            18  /* Data packet ID. */
+#define NET_PACKET_COOKIE_REQUEST  24  /* Cookie request packet */
+#define NET_PACKET_COOKIE_RESPONSE 25  /* Cookie response packet */
 #define NET_PACKET_CRYPTO          32  /* Encrypted data packet ID. */
 #define NET_PACKET_LAN_DISCOVERY   33  /* LAN discovery packet ID. */
 #define NET_PACKET_GROUP_CHATS     48  /* Group chats packet ID. */
@@ -158,6 +160,11 @@ typedef int sock_t;
 #define TOX_PORTRANGE_TO   33545
 #define TOX_PORT_DEFAULT   TOX_PORTRANGE_FROM
 
+/* TCP related */
+#define TCP_ONION_FAMILY (AF_INET6 + 1)
+#define TCP_INET (AF_INET6 + 2)
+#define TCP_INET6 (AF_INET6 + 3)
+
 typedef union __attribute__ ((__packed__))
 {
     uint8_t uint8[4];