diff --git a/toxcore/DHT.c b/toxcore/DHT.c index b3e68288..b4ba3fd5 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c @@ -176,6 +176,86 @@ void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, const uint8_t *publi get_shared_key(&dht->shared_keys_sent, shared_key, dht->self_secret_key, public_key); } +/* Create a request to peer. + * send_public_key and send_secret_key are the pub/secret keys of the sender. + * recv_public_key is public key of receiver. + * packet must be an array of MAX_CRYPTO_REQUEST_SIZE big. + * Data represents the data we send with the request with length being the length of the data. + * request_id is the id of the request (32 = friend request, 254 = ping request). + * + * return -1 on failure. + * return the length of the created packet on success. + */ +int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, + const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id) +{ + if (!send_public_key || !packet || !recv_public_key || !data) { + return -1; + } + + if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + + crypto_box_MACBYTES) { + return -1; + } + + uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; + new_nonce(nonce); + uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function + memcpy(temp + 1, data, length); + temp[0] = request_id; + int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); + + if (len == -1) { + return -1; + } + + packet[0] = NET_PACKET_CRYPTO; + memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); + + return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; +} + +/* Puts the senders public key in the request in public_key, the data from the request + * in data if a friend or ping request was sent to us and returns the length of the data. + * packet is the request packet and length is its length. + * + * return -1 if not valid request. + */ +int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data, + uint8_t *request_id, const uint8_t *packet, uint16_t length) +{ + if (!self_public_key || !public_key || !data || !request_id || !packet) { + return -1; + } + + if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || + length > MAX_CRYPTO_REQUEST_SIZE) { + return -1; + } + + if (public_key_cmp(packet + 1, self_public_key) != 0) { + return -1; + } + + memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); + const uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; + uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function + int len1 = decrypt_data(public_key, self_secret_key, nonce, + packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, + length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); + + if (len1 == -1 || len1 == 0) { + return -1; + } + + request_id[0] = temp[0]; + --len1; + memcpy(data, temp + 1, len1); + return len1; +} + void to_net_family(IP *ip) { if (ip->family == AF_INET) { diff --git a/toxcore/DHT.h b/toxcore/DHT.h index 28848a4d..0691a09e 100644 --- a/toxcore/DHT.h +++ b/toxcore/DHT.h @@ -68,6 +68,33 @@ /* The number of "fake" friends to add (for optimization purposes and so our paths for the onion part are more random) */ #define DHT_FAKE_FRIEND_NUMBER 2 +#define MAX_CRYPTO_REQUEST_SIZE 1024 + +#define CRYPTO_PACKET_FRIEND_REQ 32 /* Friend request crypto packet ID. */ +#define CRYPTO_PACKET_HARDENING 48 /* Hardening crypto packet ID. */ +#define CRYPTO_PACKET_DHTPK 156 +#define CRYPTO_PACKET_NAT_PING 254 /* NAT ping crypto packet ID. */ + +/* Create a request to peer. + * send_public_key and send_secret_key are the pub/secret keys of the sender. + * recv_public_key is public key of receiver. + * packet must be an array of MAX_CRYPTO_REQUEST_SIZE big. + * Data represents the data we send with the request with length being the length of the data. + * request_id is the id of the request (32 = friend request, 254 = ping request). + * + * return -1 on failure. + * return the length of the created packet on success. + */ +int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, + const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id); + +/* puts the senders public key in the request in public_key, the data from the request + in data if a friend or ping request was sent to us and returns the length of the data. + packet is the request packet and length is its length + return -1 if not valid request. */ +int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data, + uint8_t *request_id, const uint8_t *packet, uint16_t length); + /* Functions to transfer ips safely across wire. */ void to_net_family(IP *ip); diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index 8f7572ab..2ecac662 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c @@ -215,83 +215,3 @@ void new_nonce(uint8_t *nonce) { random_nonce(nonce); } - -/* Create a request to peer. - * send_public_key and send_secret_key are the pub/secret keys of the sender. - * recv_public_key is public key of receiver. - * packet must be an array of MAX_CRYPTO_REQUEST_SIZE big. - * Data represents the data we send with the request with length being the length of the data. - * request_id is the id of the request (32 = friend request, 254 = ping request). - * - * return -1 on failure. - * return the length of the created packet on success. - */ -int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, - const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id) -{ - if (!send_public_key || !packet || !recv_public_key || !data) { - return -1; - } - - if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + - crypto_box_MACBYTES) { - return -1; - } - - uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; - new_nonce(nonce); - uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function - memcpy(temp + 1, data, length); - temp[0] = request_id; - int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, - 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); - - if (len == -1) { - return -1; - } - - packet[0] = NET_PACKET_CRYPTO; - memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); - - return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; -} - -/* Puts the senders public key in the request in public_key, the data from the request - * in data if a friend or ping request was sent to us and returns the length of the data. - * packet is the request packet and length is its length. - * - * return -1 if not valid request. - */ -int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data, - uint8_t *request_id, const uint8_t *packet, uint16_t length) -{ - if (!self_public_key || !public_key || !data || !request_id || !packet) { - return -1; - } - - if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || - length > MAX_CRYPTO_REQUEST_SIZE) { - return -1; - } - - if (public_key_cmp(packet + 1, self_public_key) != 0) { - return -1; - } - - memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); - const uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; - uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function - int len1 = decrypt_data(public_key, self_secret_key, nonce, - packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, - length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); - - if (len1 == -1 || len1 == 0) { - return -1; - } - - request_id[0] = temp[0]; - --len1; - memcpy(data, temp + 1, len1); - return len1; -} diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index 2e89896b..90bd122e 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h @@ -122,32 +122,4 @@ void new_symmetric_key(uint8_t *key); /*Gives a nonce guaranteed to be different from previous ones.*/ void new_nonce(uint8_t *nonce); -#define MAX_CRYPTO_REQUEST_SIZE 1024 - -#define CRYPTO_PACKET_FRIEND_REQ 32 /* Friend request crypto packet ID. */ -#define CRYPTO_PACKET_HARDENING 48 /* Hardening crypto packet ID. */ -#define CRYPTO_PACKET_DHTPK 156 -#define CRYPTO_PACKET_NAT_PING 254 /* NAT ping crypto packet ID. */ - -/* Create a request to peer. - * send_public_key and send_secret_key are the pub/secret keys of the sender. - * recv_public_key is public key of receiver. - * packet must be an array of MAX_CRYPTO_REQUEST_SIZE big. - * Data represents the data we send with the request with length being the length of the data. - * request_id is the id of the request (32 = friend request, 254 = ping request). - * - * return -1 on failure. - * return the length of the created packet on success. - */ -int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, - const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id); - -/* puts the senders public key in the request in public_key, the data from the request - in data if a friend or ping request was sent to us and returns the length of the data. - packet is the request packet and length is its length - return -1 if not valid request. */ -int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data, - uint8_t *request_id, const uint8_t *packet, uint16_t length); - - #endif