mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Const correctness in toxcore/crypto_core.c
This commit is contained in:
Marc Schütz
parent
9e028b243a
commit
55d986270b
|
|
@ -33,7 +33,7 @@
|
|||
/* Use this instead of memcmp; not vulnerable to timing attacks.
|
||||
returns 0 if both mem locations of length are equal,
|
||||
return -1 if they are not. */
|
||||
int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length)
|
||||
int crypto_cmp(const uint8_t *mem1, const uint8_t *mem2, uint32_t length)
|
||||
{
|
||||
if (length == 16) {
|
||||
return crypto_verify_16(mem1, mem2);
|
||||
|
|
@ -71,12 +71,12 @@ uint64_t random_64b(void)
|
|||
* encrypt/decrypt operation.
|
||||
* enc_key has to be crypto_box_BEFORENMBYTES bytes long.
|
||||
*/
|
||||
void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key)
|
||||
void encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key)
|
||||
{
|
||||
crypto_box_beforenm(enc_key, public_key, secret_key);
|
||||
}
|
||||
|
||||
int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
{
|
||||
if (length == 0)
|
||||
return -1;
|
||||
|
|
@ -95,7 +95,7 @@ int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain,
|
|||
return length + crypto_box_MACBYTES;
|
||||
}
|
||||
|
||||
int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
{
|
||||
if (length <= crypto_box_BOXZEROBYTES)
|
||||
return -1;
|
||||
|
|
@ -113,16 +113,16 @@ int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypt
|
|||
return length - crypto_box_MACBYTES;
|
||||
}
|
||||
|
||||
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
|
||||
const uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
{
|
||||
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||
encrypt_precompute(public_key, secret_key, k);
|
||||
return encrypt_data_symmetric(k, nonce, plain, length, encrypted);
|
||||
}
|
||||
|
||||
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
|
||||
const uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
{
|
||||
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||
encrypt_precompute(public_key, secret_key, k);
|
||||
|
|
@ -202,8 +202,8 @@ void new_nonce(uint8_t *nonce)
|
|||
* return -1 on failure.
|
||||
* return the length of the created packet on success.
|
||||
*/
|
||||
int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *packet, uint8_t *recv_public_key,
|
||||
uint8_t *data, uint32_t length, uint8_t request_id)
|
||||
int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, const uint8_t *recv_public_key,
|
||||
const uint8_t *data, uint32_t length, uint8_t request_id)
|
||||
{
|
||||
if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 +
|
||||
crypto_box_MACBYTES)
|
||||
|
|
@ -234,8 +234,8 @@ int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *
|
|||
*
|
||||
* return -1 if not valid request.
|
||||
*/
|
||||
int handle_request(uint8_t *self_public_key, uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, uint8_t *packet, uint16_t length)
|
||||
int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, const uint8_t *packet, uint16_t length)
|
||||
{
|
||||
if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES &&
|
||||
length <= MAX_CRYPTO_REQUEST_SIZE) {
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@
|
|||
/* Use this instead of memcmp; not vulnerable to timing attacks.
|
||||
returns 0 if both mem locations of length are equal,
|
||||
return -1 if they are not. */
|
||||
int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length);
|
||||
int crypto_cmp(const uint8_t *mem1, const uint8_t *mem2, uint32_t length);
|
||||
|
||||
/* return a random number.
|
||||
*
|
||||
|
|
@ -60,8 +60,8 @@ uint64_t random_64b(void);
|
|||
* return -1 if there was a problem.
|
||||
* return length of encrypted data if everything was fine.
|
||||
*/
|
||||
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
|
||||
const uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
|
||||
|
||||
/* Decrypts encrypted of length length to plain of length length - 16 using the
|
||||
|
|
@ -70,13 +70,13 @@ int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
|||
* return -1 if there was a problem (decryption failed).
|
||||
* return length of plain data if everything was fine.
|
||||
*/
|
||||
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
|
||||
const uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
|
||||
/* Fast encrypt/decrypt operations. Use if this is not a one-time communication.
|
||||
encrypt_precompute does the shared-key generation once so it does not have
|
||||
to be preformed on every encrypt/decrypt. */
|
||||
void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key);
|
||||
void encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key);
|
||||
|
||||
/* Encrypts plain of length length to encrypted of length + 16 using a
|
||||
* secret key crypto_box_KEYBYTES big and a 24 byte nonce.
|
||||
|
|
@ -84,7 +84,7 @@ void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_k
|
|||
* return -1 if there was a problem.
|
||||
* return length of encrypted data if everything was fine.
|
||||
*/
|
||||
int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
|
||||
/* Decrypts encrypted of length length to plain of length length - 16 using a
|
||||
* secret key crypto_box_KEYBYTES big and a 24 byte nonce.
|
||||
|
|
@ -92,7 +92,7 @@ int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain,
|
|||
* return -1 if there was a problem (decryption failed).
|
||||
* return length of plain data if everything was fine.
|
||||
*/
|
||||
int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
|
||||
/* Increment the given nonce by 1. */
|
||||
void increment_nonce(uint8_t *nonce);
|
||||
|
|
@ -128,15 +128,15 @@ void new_nonce(uint8_t *nonce);
|
|||
* return -1 on failure.
|
||||
* return the length of the created packet on success.
|
||||
*/
|
||||
int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *packet, uint8_t *recv_public_key,
|
||||
uint8_t *data, uint32_t length, uint8_t request_id);
|
||||
int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, const uint8_t *recv_public_key,
|
||||
const uint8_t *data, uint32_t length, uint8_t request_id);
|
||||
|
||||
/* puts the senders public key in the request in public_key, the data from the request
|
||||
in data if a friend or ping request was sent to us and returns the length of the data.
|
||||
packet is the request packet and length is its length
|
||||
return -1 if not valid request. */
|
||||
int handle_request(uint8_t *self_public_key, uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, uint8_t *packet, uint16_t length);
|
||||
int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, const uint8_t *packet, uint16_t length);
|
||||
|
||||
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user