From 8bbde23f48eca2f51d56437fdce29c9443e21cb1 Mon Sep 17 00:00:00 2001 From: iphydf Date: Sun, 6 Nov 2016 15:05:52 +0000 Subject: [PATCH] Use apidsl for the crypto_core API. This allows us to use apidsl features like namespaces to enforce a naming standard. --- CMakeLists.txt | 2 + other/astyle/format-source | 3 +- toxcore/crypto_core.api.h | 150 +++++++++++++++++++++++++++++++++++++ toxcore/crypto_core.h | 80 ++++++++++++-------- 4 files changed, 203 insertions(+), 32 deletions(-) create mode 100644 toxcore/crypto_core.api.h diff --git a/CMakeLists.txt b/CMakeLists.txt index e454fa0a..1a6d1dec 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -196,6 +196,8 @@ set(toxcore_PKGCONFIG_LIBS) # LAYER 1: Crypto core # -------------------- +apidsl( + toxcore/crypto_core.api.h) add_module(toxcrypto toxcore/crypto_core.c toxcore/crypto_core.h) diff --git a/other/astyle/format-source b/other/astyle/format-source index d623926d..c168b80b 100755 --- a/other/astyle/format-source +++ b/other/astyle/format-source @@ -34,7 +34,8 @@ apidsl_curl() { curl -X POST --data-binary @"$1" https://apidsl.herokuapp.com/apidsl } -# Check if toxcore.h and toxav.h match apidsl tox.in.h and toxav.in.h. +# Check if apidsl generated sources are up to date. +$APIDSL toxcore/crypto_core.api.h > toxcore/crypto_core.h $APIDSL toxcore/tox.api.h > toxcore/tox.h $APIDSL toxav/toxav.api.h > toxav/toxav.h diff --git a/toxcore/crypto_core.api.h b/toxcore/crypto_core.api.h new file mode 100644 index 00000000..0c72471c --- /dev/null +++ b/toxcore/crypto_core.api.h @@ -0,0 +1,150 @@ +%{ +/* crypto_core.h + * + * Functions for the core crypto. + * + * Copyright (C) 2013 Tox project All Rights Reserved. + * + * This file is part of Tox. + * + * Tox is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Tox is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Tox. If not, see . + * + */ +#ifndef CORE_CRYPTO_H +#define CORE_CRYPTO_H + +#include "network.h" + +#ifndef VANILLA_NACL +/* We use libsodium by default. */ +#include +#else +#include +#include +#include +#include +#include +#include +#include +#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) +/* I know */ +#define sodium_memcmp(a, b, c) memcmp(a, b, c) +#define sodium_memzero(a, c) memset(a, 0, c) +#endif + +#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) +%} + +/** + * compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. + * returns 0 if both mem locations of length are equal, + * return -1 if they are not. + */ +static int32_t public_key_cmp(const uint8_t *pk1, const uint8_t *pk2); + +/** + * Return a random 32 bit integer. + */ +static uint32_t random_int(); + +/** + * Return a random 64 bit integer. + */ +static uint64_t random_64b(); + +/** + * Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. + * This should only be used for input validation. + * + * return 0 if it isn't. + * return 1 if it is. + */ +static int32_t public_key_valid(const uint8_t *public_key); + +/** + * Encrypts plain of length length to encrypted of length + 16 using the + * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. + * + * return -1 if there was a problem. + * return length of encrypted data if everything was fine. + */ +static int32_t encrypt_data( + const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, + const uint8_t *plain, uint32_t length, uint8_t *encrypted); + + +/** + * Decrypts encrypted of length length to plain of length length - 16 using the + * public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce. + * + * return -1 if there was a problem (decryption failed). + * return length of plain data if everything was fine. + */ +static int32_t decrypt_data( + const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, + const uint8_t *encrypted, uint32_t length, uint8_t *plain); + +/** + * Fast encrypt/decrypt operations. Use if this is not a one-time communication. + * encrypt_precompute does the shared-key generation once so it does not have + * to be preformed on every encrypt/decrypt. + */ +static int32_t encrypt_precompute( + const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key); + +/** + * Encrypts plain of length length to encrypted of length + 16 using a + * secret key crypto_box_KEYBYTES big and a 24 byte nonce. + * + * return -1 if there was a problem. + * return length of encrypted data if everything was fine. + */ +static int32_t encrypt_data_symmetric( + const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, + uint32_t length, uint8_t *encrypted); + +/** + * Decrypts encrypted of length length to plain of length length - 16 using a + * secret key crypto_box_KEYBYTES big and a 24 byte nonce. + * + * return -1 if there was a problem (decryption failed). + * return length of plain data if everything was fine. + */ +static int32_t decrypt_data_symmetric( + const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, + uint32_t length, uint8_t *plain); + +/** + * Increment the given nonce by 1. + */ +static void increment_nonce(uint8_t *nonce); + +/** + * Increment the given nonce by num. + */ +static void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num); + +/** + * Fill the given nonce with random bytes. + */ +static void random_nonce(uint8_t *nonce); + +/** + * Fill a key crypto_box_KEYBYTES big with random bytes. + */ +static void new_symmetric_key(uint8_t *key); + +%{ +#endif +%} diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index a3463c38..5a1b153a 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h @@ -44,79 +44,97 @@ #define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) -/* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. - returns 0 if both mem locations of length are equal, - return -1 if they are not. */ -int public_key_cmp(const uint8_t *pk1, const uint8_t *pk2); +/** + * compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. + * returns 0 if both mem locations of length are equal, + * return -1 if they are not. + */ +int32_t public_key_cmp(const uint8_t *pk1, const uint8_t *pk2); -/* return a random number. - * - * random_int for a 32bin int. - * random_64b for a 64bit int. +/** + * Return a random 32 bit integer. */ uint32_t random_int(void); + +/** + * Return a random 64 bit integer. + */ uint64_t random_64b(void); -/* Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. +/** + * Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. * This should only be used for input validation. * * return 0 if it isn't. * return 1 if it is. */ -int public_key_valid(const uint8_t *public_key); +int32_t public_key_valid(const uint8_t *public_key); -/* Encrypts plain of length length to encrypted of length + 16 using the +/** + * Encrypts plain of length length to encrypted of length + 16 using the * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. * * return -1 if there was a problem. * return length of encrypted data if everything was fine. */ -int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, - const uint8_t *plain, uint32_t length, uint8_t *encrypted); +int32_t encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, + uint32_t length, uint8_t *encrypted); - -/* Decrypts encrypted of length length to plain of length length - 16 using the +/** + * Decrypts encrypted of length length to plain of length length - 16 using the * public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce. * * return -1 if there was a problem (decryption failed). * return length of plain data if everything was fine. */ -int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, - const uint8_t *encrypted, uint32_t length, uint8_t *plain); +int32_t decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, + const uint8_t *encrypted, uint32_t length, uint8_t *plain); -/* Fast encrypt/decrypt operations. Use if this is not a one-time communication. - encrypt_precompute does the shared-key generation once so it does not have - to be preformed on every encrypt/decrypt. */ -int encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key); +/** + * Fast encrypt/decrypt operations. Use if this is not a one-time communication. + * encrypt_precompute does the shared-key generation once so it does not have + * to be preformed on every encrypt/decrypt. + */ +int32_t encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key); -/* Encrypts plain of length length to encrypted of length + 16 using a +/** + * Encrypts plain of length length to encrypted of length + 16 using a * secret key crypto_box_KEYBYTES big and a 24 byte nonce. * * return -1 if there was a problem. * return length of encrypted data if everything was fine. */ -int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, - uint8_t *encrypted); +int32_t encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, + uint8_t *encrypted); -/* Decrypts encrypted of length length to plain of length length - 16 using a +/** + * Decrypts encrypted of length length to plain of length length - 16 using a * secret key crypto_box_KEYBYTES big and a 24 byte nonce. * * return -1 if there was a problem (decryption failed). * return length of plain data if everything was fine. */ -int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length, - uint8_t *plain); +int32_t decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, + uint32_t length, uint8_t *plain); -/* Increment the given nonce by 1. */ +/** + * Increment the given nonce by 1. + */ void increment_nonce(uint8_t *nonce); -/* increment the given nonce by num */ +/** + * Increment the given nonce by num. + */ void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num); -/* Fill the given nonce with random bytes. */ +/** + * Fill the given nonce with random bytes. + */ void random_nonce(uint8_t *nonce); -/* Fill a key crypto_box_KEYBYTES big with random bytes */ +/** + * Fill a key crypto_box_KEYBYTES big with random bytes. + */ void new_symmetric_key(uint8_t *key); #endif