mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Move packing and unpacking DHT request packets to DHT module.
These definitely don't belong in a module called "crypto core". The DHT module seems like the best place to put them, since they are sent to DHT nodes.
This commit is contained in:
parent
96c672aef5
commit
64870b6fd2
|
@ -176,6 +176,86 @@ void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, const uint8_t *publi
|
|||
get_shared_key(&dht->shared_keys_sent, shared_key, dht->self_secret_key, public_key);
|
||||
}
|
||||
|
||||
/* Create a request to peer.
|
||||
* send_public_key and send_secret_key are the pub/secret keys of the sender.
|
||||
* recv_public_key is public key of receiver.
|
||||
* packet must be an array of MAX_CRYPTO_REQUEST_SIZE big.
|
||||
* Data represents the data we send with the request with length being the length of the data.
|
||||
* request_id is the id of the request (32 = friend request, 254 = ping request).
|
||||
*
|
||||
* return -1 on failure.
|
||||
* return the length of the created packet on success.
|
||||
*/
|
||||
int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet,
|
||||
const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id)
|
||||
{
|
||||
if (!send_public_key || !packet || !recv_public_key || !data) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 +
|
||||
crypto_box_MACBYTES) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2;
|
||||
new_nonce(nonce);
|
||||
uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function
|
||||
memcpy(temp + 1, data, length);
|
||||
temp[0] = request_id;
|
||||
int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1,
|
||||
1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet);
|
||||
|
||||
if (len == -1) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
packet[0] = NET_PACKET_CRYPTO;
|
||||
memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES);
|
||||
memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES);
|
||||
|
||||
return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES;
|
||||
}
|
||||
|
||||
/* Puts the senders public key in the request in public_key, the data from the request
|
||||
* in data if a friend or ping request was sent to us and returns the length of the data.
|
||||
* packet is the request packet and length is its length.
|
||||
*
|
||||
* return -1 if not valid request.
|
||||
*/
|
||||
int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, const uint8_t *packet, uint16_t length)
|
||||
{
|
||||
if (!self_public_key || !public_key || !data || !request_id || !packet) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES ||
|
||||
length > MAX_CRYPTO_REQUEST_SIZE) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (public_key_cmp(packet + 1, self_public_key) != 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
|
||||
const uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2;
|
||||
uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function
|
||||
int len1 = decrypt_data(public_key, self_secret_key, nonce,
|
||||
packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES,
|
||||
length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp);
|
||||
|
||||
if (len1 == -1 || len1 == 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
request_id[0] = temp[0];
|
||||
--len1;
|
||||
memcpy(data, temp + 1, len1);
|
||||
return len1;
|
||||
}
|
||||
|
||||
void to_net_family(IP *ip)
|
||||
{
|
||||
if (ip->family == AF_INET) {
|
||||
|
|
|
@ -68,6 +68,33 @@
|
|||
/* The number of "fake" friends to add (for optimization purposes and so our paths for the onion part are more random) */
|
||||
#define DHT_FAKE_FRIEND_NUMBER 2
|
||||
|
||||
#define MAX_CRYPTO_REQUEST_SIZE 1024
|
||||
|
||||
#define CRYPTO_PACKET_FRIEND_REQ 32 /* Friend request crypto packet ID. */
|
||||
#define CRYPTO_PACKET_HARDENING 48 /* Hardening crypto packet ID. */
|
||||
#define CRYPTO_PACKET_DHTPK 156
|
||||
#define CRYPTO_PACKET_NAT_PING 254 /* NAT ping crypto packet ID. */
|
||||
|
||||
/* Create a request to peer.
|
||||
* send_public_key and send_secret_key are the pub/secret keys of the sender.
|
||||
* recv_public_key is public key of receiver.
|
||||
* packet must be an array of MAX_CRYPTO_REQUEST_SIZE big.
|
||||
* Data represents the data we send with the request with length being the length of the data.
|
||||
* request_id is the id of the request (32 = friend request, 254 = ping request).
|
||||
*
|
||||
* return -1 on failure.
|
||||
* return the length of the created packet on success.
|
||||
*/
|
||||
int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet,
|
||||
const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id);
|
||||
|
||||
/* puts the senders public key in the request in public_key, the data from the request
|
||||
in data if a friend or ping request was sent to us and returns the length of the data.
|
||||
packet is the request packet and length is its length
|
||||
return -1 if not valid request. */
|
||||
int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, const uint8_t *packet, uint16_t length);
|
||||
|
||||
/* Functions to transfer ips safely across wire. */
|
||||
void to_net_family(IP *ip);
|
||||
|
||||
|
|
|
@ -215,83 +215,3 @@ void new_nonce(uint8_t *nonce)
|
|||
{
|
||||
random_nonce(nonce);
|
||||
}
|
||||
|
||||
/* Create a request to peer.
|
||||
* send_public_key and send_secret_key are the pub/secret keys of the sender.
|
||||
* recv_public_key is public key of receiver.
|
||||
* packet must be an array of MAX_CRYPTO_REQUEST_SIZE big.
|
||||
* Data represents the data we send with the request with length being the length of the data.
|
||||
* request_id is the id of the request (32 = friend request, 254 = ping request).
|
||||
*
|
||||
* return -1 on failure.
|
||||
* return the length of the created packet on success.
|
||||
*/
|
||||
int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet,
|
||||
const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id)
|
||||
{
|
||||
if (!send_public_key || !packet || !recv_public_key || !data) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 +
|
||||
crypto_box_MACBYTES) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2;
|
||||
new_nonce(nonce);
|
||||
uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function
|
||||
memcpy(temp + 1, data, length);
|
||||
temp[0] = request_id;
|
||||
int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1,
|
||||
1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet);
|
||||
|
||||
if (len == -1) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
packet[0] = NET_PACKET_CRYPTO;
|
||||
memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES);
|
||||
memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES);
|
||||
|
||||
return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES;
|
||||
}
|
||||
|
||||
/* Puts the senders public key in the request in public_key, the data from the request
|
||||
* in data if a friend or ping request was sent to us and returns the length of the data.
|
||||
* packet is the request packet and length is its length.
|
||||
*
|
||||
* return -1 if not valid request.
|
||||
*/
|
||||
int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, const uint8_t *packet, uint16_t length)
|
||||
{
|
||||
if (!self_public_key || !public_key || !data || !request_id || !packet) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES ||
|
||||
length > MAX_CRYPTO_REQUEST_SIZE) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (public_key_cmp(packet + 1, self_public_key) != 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
|
||||
const uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2;
|
||||
uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function
|
||||
int len1 = decrypt_data(public_key, self_secret_key, nonce,
|
||||
packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES,
|
||||
length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp);
|
||||
|
||||
if (len1 == -1 || len1 == 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
request_id[0] = temp[0];
|
||||
--len1;
|
||||
memcpy(data, temp + 1, len1);
|
||||
return len1;
|
||||
}
|
||||
|
|
|
@ -122,32 +122,4 @@ void new_symmetric_key(uint8_t *key);
|
|||
/*Gives a nonce guaranteed to be different from previous ones.*/
|
||||
void new_nonce(uint8_t *nonce);
|
||||
|
||||
#define MAX_CRYPTO_REQUEST_SIZE 1024
|
||||
|
||||
#define CRYPTO_PACKET_FRIEND_REQ 32 /* Friend request crypto packet ID. */
|
||||
#define CRYPTO_PACKET_HARDENING 48 /* Hardening crypto packet ID. */
|
||||
#define CRYPTO_PACKET_DHTPK 156
|
||||
#define CRYPTO_PACKET_NAT_PING 254 /* NAT ping crypto packet ID. */
|
||||
|
||||
/* Create a request to peer.
|
||||
* send_public_key and send_secret_key are the pub/secret keys of the sender.
|
||||
* recv_public_key is public key of receiver.
|
||||
* packet must be an array of MAX_CRYPTO_REQUEST_SIZE big.
|
||||
* Data represents the data we send with the request with length being the length of the data.
|
||||
* request_id is the id of the request (32 = friend request, 254 = ping request).
|
||||
*
|
||||
* return -1 on failure.
|
||||
* return the length of the created packet on success.
|
||||
*/
|
||||
int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet,
|
||||
const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id);
|
||||
|
||||
/* puts the senders public key in the request in public_key, the data from the request
|
||||
in data if a friend or ping request was sent to us and returns the length of the data.
|
||||
packet is the request packet and length is its length
|
||||
return -1 if not valid request. */
|
||||
int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
|
||||
uint8_t *request_id, const uint8_t *packet, uint16_t length);
|
||||
|
||||
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue
Block a user