mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Crypto related cleanups.
Moved Bunch of functions from net_crypto to crypto_core. decrypt_data_fast and decrypt_data_symmetric were the same thing therefore, removed decrypt_data_fast. Replaced all the crypto_secretbox_* defines with the equivalent crypto_box_* one. New define: crypto_box_KEYBYTES that is equal to crypto_box_BEFORENMBYTES.
This commit is contained in:
parent
1603ca974e
commit
9c6a8432ce
|
@ -89,7 +89,7 @@ START_TEST(test_basic)
|
|||
uint8_t r_req[2 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES];
|
||||
uint16_t size = 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES;
|
||||
size = htons(size);
|
||||
ret = encrypt_data_fast(f_shared_key, f_nonce, r_req_p, 1 + crypto_box_PUBLICKEYBYTES, r_req + 2);
|
||||
ret = encrypt_data_symmetric(f_shared_key, f_nonce, r_req_p, 1 + crypto_box_PUBLICKEYBYTES, r_req + 2);
|
||||
increment_nonce(f_nonce);
|
||||
memcpy(r_req, &size, 2);
|
||||
uint32_t i;
|
||||
|
@ -110,7 +110,7 @@ START_TEST(test_basic)
|
|||
memcpy(&size, packet_resp, 2);
|
||||
ck_assert_msg(ntohs(size) == 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, "Wrong packet size.");
|
||||
uint8_t packet_resp_plain[4096];
|
||||
ret = decrypt_data_fast(f_shared_key, f_nonce_r, packet_resp + 2, recv_data_len - 2, packet_resp_plain);
|
||||
ret = decrypt_data_symmetric(f_shared_key, f_nonce_r, packet_resp + 2, recv_data_len - 2, packet_resp_plain);
|
||||
ck_assert_msg(ret != -1, "decryption failed");
|
||||
increment_nonce(f_nonce_r);
|
||||
ck_assert_msg(packet_resp_plain[0] == 1, "wrong packet id %u", packet_resp_plain[0]);
|
||||
|
@ -179,7 +179,7 @@ int write_packet_TCP_secure_connection(struct sec_TCP_con *con, uint8_t *data, u
|
|||
|
||||
uint16_t c_length = htons(length + crypto_box_MACBYTES);
|
||||
memcpy(packet, &c_length, sizeof(uint16_t));
|
||||
int len = encrypt_data_fast(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
|
||||
int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
|
||||
|
||||
if ((unsigned int)len != (sizeof(packet) - sizeof(uint16_t)))
|
||||
return -1;
|
||||
|
@ -194,7 +194,7 @@ int read_packet_sec_TCP(struct sec_TCP_con *con, uint8_t *data, uint16_t length)
|
|||
{
|
||||
int len;
|
||||
ck_assert_msg((len = recv(con->sock, data, length, 0)) == length, "wrong len %i\n", len);
|
||||
ck_assert_msg((len = decrypt_data_fast(con->shared_key, con->recv_nonce, data + 2, length - 2, data)) != -1,
|
||||
ck_assert_msg((len = decrypt_data_symmetric(con->shared_key, con->recv_nonce, data + 2, length - 2, data)) != -1,
|
||||
"Decrypt failed");
|
||||
increment_nonce(con->recv_nonce);
|
||||
return len;
|
||||
|
|
|
@ -126,12 +126,12 @@ START_TEST(test_fast_known)
|
|||
ck_assert_msg(sizeof(test_c) == sizeof(c), "sanity check failed");
|
||||
ck_assert_msg(sizeof(test_m) == sizeof(m), "sanity check failed");
|
||||
|
||||
clen = encrypt_data_fast(k, nonce, test_m, sizeof(test_m) / sizeof(unsigned char), c);
|
||||
clen = encrypt_data_symmetric(k, nonce, test_m, sizeof(test_m) / sizeof(unsigned char), c);
|
||||
|
||||
ck_assert_msg(memcmp(test_c, c, sizeof(c)) == 0, "cyphertext doesn't match test vector");
|
||||
ck_assert_msg(clen == sizeof(c) / sizeof(unsigned char), "wrong ciphertext length");
|
||||
|
||||
mlen = decrypt_data_fast(k, nonce, test_c, sizeof(test_c) / sizeof(unsigned char), m);
|
||||
mlen = decrypt_data_symmetric(k, nonce, test_c, sizeof(test_c) / sizeof(unsigned char), m);
|
||||
|
||||
ck_assert_msg(memcmp(test_m, m, sizeof(m)) == 0, "decrypted text doesn't match test vector");
|
||||
ck_assert_msg(mlen == sizeof(m) / sizeof(unsigned char), "wrong plaintext length");
|
||||
|
@ -186,8 +186,8 @@ START_TEST(test_endtoend)
|
|||
//Encrypt all four ways
|
||||
c1len = encrypt_data(pk2, sk1, n, m, mlen, c1);
|
||||
c2len = encrypt_data(pk1, sk2, n, m, mlen, c2);
|
||||
c3len = encrypt_data_fast(k1, n, m, mlen, c3);
|
||||
c4len = encrypt_data_fast(k2, n, m, mlen, c4);
|
||||
c3len = encrypt_data_symmetric(k1, n, m, mlen, c3);
|
||||
c4len = encrypt_data_symmetric(k2, n, m, mlen, c4);
|
||||
|
||||
ck_assert_msg(c1len == c2len && c1len == c3len && c1len == c4len, "cyphertext lengths differ");
|
||||
ck_assert_msg(c1len == mlen + (int)crypto_box_MACBYTES, "wrong cyphertext length");
|
||||
|
@ -197,8 +197,8 @@ START_TEST(test_endtoend)
|
|||
//Decrypt all four ways
|
||||
m1len = decrypt_data(pk2, sk1, n, c1, c1len, m1);
|
||||
m2len = decrypt_data(pk1, sk2, n, c1, c1len, m2);
|
||||
m3len = decrypt_data_fast(k1, n, c1, c1len, m3);
|
||||
m4len = decrypt_data_fast(k2, n, c1, c1len, m4);
|
||||
m3len = decrypt_data_symmetric(k1, n, c1, c1len, m3);
|
||||
m4len = decrypt_data_symmetric(k2, n, c1, c1len, m4);
|
||||
|
||||
ck_assert_msg(m1len == m2len && m1len == m3len && m1len == m4len, "decrypted text lengths differ");
|
||||
ck_assert_msg(m1len == mlen, "wrong decrypted text length");
|
||||
|
@ -233,13 +233,13 @@ START_TEST(test_large_data)
|
|||
//Generate key
|
||||
rand_bytes(k, crypto_box_BEFORENMBYTES);
|
||||
|
||||
c1len = encrypt_data_fast(k, n, m1, sizeof(m1), c1);
|
||||
c2len = encrypt_data_fast(k, n, m2, sizeof(m2), c2);
|
||||
c1len = encrypt_data_symmetric(k, n, m1, sizeof(m1), c1);
|
||||
c2len = encrypt_data_symmetric(k, n, m2, sizeof(m2), c2);
|
||||
|
||||
ck_assert_msg(c1len == sizeof(m1) + crypto_box_MACBYTES, "could not encrypt max size");
|
||||
ck_assert_msg(c2len == -1, "incorrectly succeeded encrypting massive size");
|
||||
|
||||
m1plen = decrypt_data_fast(k, n, c1, c1len, m1prime);
|
||||
m1plen = decrypt_data_symmetric(k, n, c1, c1len, m1prime);
|
||||
|
||||
ck_assert_msg(m1plen == sizeof(m1), "decrypted text lengths differ");
|
||||
ck_assert_msg(memcmp(m1prime, m1, sizeof(m1)) == 0, "decrypted texts differ");
|
||||
|
@ -248,9 +248,9 @@ END_TEST
|
|||
|
||||
START_TEST(test_large_data_symmetric)
|
||||
{
|
||||
unsigned char k[crypto_secretbox_KEYBYTES];
|
||||
unsigned char k[crypto_box_KEYBYTES];
|
||||
|
||||
unsigned char n[crypto_secretbox_NONCEBYTES];
|
||||
unsigned char n[crypto_box_NONCEBYTES];
|
||||
|
||||
unsigned char m1[16 * 16 * 16];
|
||||
unsigned char c1[sizeof(m1) + crypto_box_MACBYTES];
|
||||
|
|
|
@ -97,8 +97,8 @@ int main(int argc, char *argv[])
|
|||
starttime = get_time();
|
||||
|
||||
for (trialno = 0; trialno < numtrials; trialno++) {
|
||||
encrypt_data_fast(k1, n, m, sizeof(m), c);
|
||||
decrypt_data_fast(k2, n, c, sizeof(c), m);
|
||||
encrypt_data_symmetric(k1, n, m, sizeof(m), c);
|
||||
decrypt_data_symmetric(k2, n, c, sizeof(c), m);
|
||||
}
|
||||
|
||||
endtime = get_time();
|
||||
|
|
32
toxav/msi.c
32
toxav/msi.c
|
@ -932,11 +932,11 @@ int handle_recv_start ( MSISession *session, MSIMessage *msg )
|
|||
|
||||
session->call->state = call_active;
|
||||
|
||||
session->call->key_peer = calloc ( sizeof ( uint8_t ), crypto_secretbox_KEYBYTES );
|
||||
memcpy ( session->call->key_peer, msg->cryptokey.header_value, crypto_secretbox_KEYBYTES );
|
||||
session->call->key_peer = calloc ( sizeof ( uint8_t ), crypto_box_KEYBYTES );
|
||||
memcpy ( session->call->key_peer, msg->cryptokey.header_value, crypto_box_KEYBYTES );
|
||||
|
||||
session->call->nonce_peer = calloc ( sizeof ( uint8_t ), crypto_secretbox_NONCEBYTES );
|
||||
memcpy ( session->call->nonce_peer, msg->nonce.header_value, crypto_secretbox_NONCEBYTES );
|
||||
session->call->nonce_peer = calloc ( sizeof ( uint8_t ), crypto_box_NONCEBYTES );
|
||||
memcpy ( session->call->nonce_peer, msg->nonce.header_value, crypto_box_NONCEBYTES );
|
||||
|
||||
flush_peer_type ( session, msg, 0 );
|
||||
|
||||
|
@ -1030,24 +1030,24 @@ int handle_recv_starting ( MSISession *session, MSIMessage *msg )
|
|||
}
|
||||
|
||||
/* Generate local key/nonce to send */
|
||||
session->call->key_local = calloc ( sizeof ( uint8_t ), crypto_secretbox_KEYBYTES );
|
||||
session->call->key_local = calloc ( sizeof ( uint8_t ), crypto_box_KEYBYTES );
|
||||
new_symmetric_key ( session->call->key_local );
|
||||
|
||||
session->call->nonce_local = calloc ( sizeof ( uint8_t ), crypto_secretbox_NONCEBYTES );
|
||||
session->call->nonce_local = calloc ( sizeof ( uint8_t ), crypto_box_NONCEBYTES );
|
||||
new_nonce ( session->call->nonce_local );
|
||||
|
||||
/* Save peer key/nonce */
|
||||
session->call->key_peer = calloc ( sizeof ( uint8_t ), crypto_secretbox_KEYBYTES );
|
||||
memcpy ( session->call->key_peer, msg->cryptokey.header_value, crypto_secretbox_KEYBYTES );
|
||||
session->call->key_peer = calloc ( sizeof ( uint8_t ), crypto_box_KEYBYTES );
|
||||
memcpy ( session->call->key_peer, msg->cryptokey.header_value, crypto_box_KEYBYTES );
|
||||
|
||||
session->call->nonce_peer = calloc ( sizeof ( uint8_t ), crypto_secretbox_NONCEBYTES );
|
||||
memcpy ( session->call->nonce_peer, msg->nonce.header_value, crypto_secretbox_NONCEBYTES );
|
||||
session->call->nonce_peer = calloc ( sizeof ( uint8_t ), crypto_box_NONCEBYTES );
|
||||
memcpy ( session->call->nonce_peer, msg->nonce.header_value, crypto_box_NONCEBYTES );
|
||||
|
||||
session->call->state = call_active;
|
||||
|
||||
MSIMessage *_msg_start = msi_new_message ( TYPE_REQUEST, stringify_request ( start ) );
|
||||
msi_msg_set_cryptokey ( _msg_start, session->call->key_local, crypto_secretbox_KEYBYTES );
|
||||
msi_msg_set_nonce ( _msg_start, session->call->nonce_local, crypto_secretbox_NONCEBYTES );
|
||||
msi_msg_set_cryptokey ( _msg_start, session->call->key_local, crypto_box_KEYBYTES );
|
||||
msi_msg_set_nonce ( _msg_start, session->call->nonce_local, crypto_box_NONCEBYTES );
|
||||
send_message ( session, _msg_start, msg->friend_id );
|
||||
free_message ( _msg_start );
|
||||
|
||||
|
@ -1402,14 +1402,14 @@ int msi_answer ( MSISession *session, MSICallType call_type )
|
|||
|
||||
/* Now set the local encryption key and pass it with STARTING message */
|
||||
|
||||
session->call->key_local = calloc ( sizeof ( uint8_t ), crypto_secretbox_KEYBYTES );
|
||||
session->call->key_local = calloc ( sizeof ( uint8_t ), crypto_box_KEYBYTES );
|
||||
new_symmetric_key ( session->call->key_local );
|
||||
|
||||
session->call->nonce_local = calloc ( sizeof ( uint8_t ), crypto_secretbox_NONCEBYTES );
|
||||
session->call->nonce_local = calloc ( sizeof ( uint8_t ), crypto_box_NONCEBYTES );
|
||||
new_nonce ( session->call->nonce_local );
|
||||
|
||||
msi_msg_set_cryptokey ( _msg_starting, session->call->key_local, crypto_secretbox_KEYBYTES );
|
||||
msi_msg_set_nonce ( _msg_starting, session->call->nonce_local, crypto_secretbox_NONCEBYTES );
|
||||
msi_msg_set_cryptokey ( _msg_starting, session->call->key_local, crypto_box_KEYBYTES );
|
||||
msi_msg_set_nonce ( _msg_starting, session->call->nonce_local, crypto_box_NONCEBYTES );
|
||||
|
||||
send_message ( session, _msg_starting, session->call->peers[session->call->peer_count - 1] );
|
||||
free_message ( _msg_starting );
|
||||
|
|
40
toxav/rtp.c
40
toxav/rtp.c
|
@ -168,8 +168,8 @@ inline__ void increase_nonce(uint8_t *nonce, uint16_t target)
|
|||
uint16_t _nonce_counter;
|
||||
|
||||
uint8_t _reverse_bytes[2];
|
||||
_reverse_bytes[0] = nonce[crypto_secretbox_NONCEBYTES - 1];
|
||||
_reverse_bytes[1] = nonce[crypto_secretbox_NONCEBYTES - 2];
|
||||
_reverse_bytes[0] = nonce[crypto_box_NONCEBYTES - 1];
|
||||
_reverse_bytes[1] = nonce[crypto_box_NONCEBYTES - 2];
|
||||
|
||||
bytes_to_U16(&_nonce_counter, _reverse_bytes );
|
||||
|
||||
|
@ -177,8 +177,8 @@ inline__ void increase_nonce(uint8_t *nonce, uint16_t target)
|
|||
if (_nonce_counter > UINT16_MAX - target ) { /* 2 bytes are not long enough */
|
||||
uint8_t _it = 3;
|
||||
|
||||
while ( _it <= crypto_secretbox_NONCEBYTES ) _it += ++nonce[crypto_secretbox_NONCEBYTES - _it] ?
|
||||
crypto_secretbox_NONCEBYTES : 1;
|
||||
while ( _it <= crypto_box_NONCEBYTES ) _it += ++nonce[crypto_box_NONCEBYTES - _it] ?
|
||||
crypto_box_NONCEBYTES : 1;
|
||||
|
||||
_nonce_counter = _nonce_counter - (UINT16_MAX - target ); /* Assign the rest of it */
|
||||
} else { /* Increase nonce */
|
||||
|
@ -189,8 +189,8 @@ inline__ void increase_nonce(uint8_t *nonce, uint16_t target)
|
|||
/* Assign the last bytes */
|
||||
|
||||
U16_to_bytes( _reverse_bytes, _nonce_counter);
|
||||
nonce [crypto_secretbox_NONCEBYTES - 1] = _reverse_bytes[0];
|
||||
nonce [crypto_secretbox_NONCEBYTES - 2] = _reverse_bytes[1];
|
||||
nonce [crypto_box_NONCEBYTES - 1] = _reverse_bytes[0];
|
||||
nonce [crypto_box_NONCEBYTES - 2] = _reverse_bytes[1];
|
||||
|
||||
}
|
||||
|
||||
|
@ -496,7 +496,7 @@ int rtp_handle_packet ( void *object, IP_Port ip_port, uint8_t *data, uint32_t l
|
|||
RTPSession *_session = object;
|
||||
RTPMessage *_msg;
|
||||
|
||||
if ( !_session || length < 13 + crypto_secretbox_MACBYTES) /* 12 is the minimum length for rtp + desc. byte */
|
||||
if ( !_session || length < 13 + crypto_box_MACBYTES) /* 12 is the minimum length for rtp + desc. byte */
|
||||
return -1;
|
||||
|
||||
uint8_t _plain[MAX_UDP_PACKET_SIZE];
|
||||
|
@ -505,8 +505,8 @@ int rtp_handle_packet ( void *object, IP_Port ip_port, uint8_t *data, uint32_t l
|
|||
bytes_to_U16(&_sequnum, data + 1);
|
||||
|
||||
/* Clculate the right nonce */
|
||||
uint8_t _calculated[crypto_secretbox_NONCEBYTES];
|
||||
memcpy(_calculated, _session->decrypt_nonce, crypto_secretbox_NONCEBYTES);
|
||||
uint8_t _calculated[crypto_box_NONCEBYTES];
|
||||
memcpy(_calculated, _session->decrypt_nonce, crypto_box_NONCEBYTES);
|
||||
increase_nonce ( _calculated, _sequnum );
|
||||
|
||||
/* Decrypt message */
|
||||
|
@ -536,8 +536,8 @@ int rtp_handle_packet ( void *object, IP_Port ip_port, uint8_t *data, uint32_t l
|
|||
if ( _decrypted_length == -1 ) return -1; /* This is just an error */
|
||||
|
||||
/* A new cycle setting. */
|
||||
memcpy(_session->nonce_cycle, _session->decrypt_nonce, crypto_secretbox_NONCEBYTES);
|
||||
memcpy(_session->decrypt_nonce, _calculated, crypto_secretbox_NONCEBYTES);
|
||||
memcpy(_session->nonce_cycle, _session->decrypt_nonce, crypto_box_NONCEBYTES);
|
||||
memcpy(_session->decrypt_nonce, _calculated, crypto_box_NONCEBYTES);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -735,8 +735,8 @@ int rtp_send_msg ( RTPSession *session, Messenger *messenger, const uint8_t *dat
|
|||
_send_data[0] = session->prefix;
|
||||
|
||||
/* Generate the right nonce */
|
||||
uint8_t _calculated[crypto_secretbox_NONCEBYTES];
|
||||
memcpy(_calculated, session->encrypt_nonce, crypto_secretbox_NONCEBYTES);
|
||||
uint8_t _calculated[crypto_box_NONCEBYTES];
|
||||
memcpy(_calculated, session->encrypt_nonce, crypto_box_NONCEBYTES);
|
||||
increase_nonce ( _calculated, msg->header->sequnum );
|
||||
|
||||
/* Need to skip 2 bytes that are for sequnum */
|
||||
|
@ -760,7 +760,7 @@ int rtp_send_msg ( RTPSession *session, Messenger *messenger, const uint8_t *dat
|
|||
/* Set sequ number */
|
||||
if ( session->sequnum >= MAX_SEQU_NUM ) {
|
||||
session->sequnum = 0;
|
||||
memcpy(session->encrypt_nonce, _calculated, crypto_secretbox_NONCEBYTES);
|
||||
memcpy(session->encrypt_nonce, _calculated, crypto_box_NONCEBYTES);
|
||||
} else {
|
||||
session->sequnum++;
|
||||
}
|
||||
|
@ -850,16 +850,16 @@ RTPSession *rtp_init_session ( int payload_type,
|
|||
_retu->decrypt_key = decrypt_key;
|
||||
|
||||
/* Need to allocate new memory */
|
||||
_retu->encrypt_nonce = calloc ( crypto_secretbox_NONCEBYTES, sizeof (uint8_t) );
|
||||
_retu->encrypt_nonce = calloc ( crypto_box_NONCEBYTES, sizeof (uint8_t) );
|
||||
assert(_retu->encrypt_nonce);
|
||||
_retu->decrypt_nonce = calloc ( crypto_secretbox_NONCEBYTES, sizeof (uint8_t) );
|
||||
_retu->decrypt_nonce = calloc ( crypto_box_NONCEBYTES, sizeof (uint8_t) );
|
||||
assert(_retu->decrypt_nonce);
|
||||
_retu->nonce_cycle = calloc ( crypto_secretbox_NONCEBYTES, sizeof (uint8_t) );
|
||||
_retu->nonce_cycle = calloc ( crypto_box_NONCEBYTES, sizeof (uint8_t) );
|
||||
assert(_retu->nonce_cycle);
|
||||
|
||||
memcpy(_retu->encrypt_nonce, encrypt_nonce, crypto_secretbox_NONCEBYTES);
|
||||
memcpy(_retu->decrypt_nonce, decrypt_nonce, crypto_secretbox_NONCEBYTES);
|
||||
memcpy(_retu->nonce_cycle , decrypt_nonce, crypto_secretbox_NONCEBYTES);
|
||||
memcpy(_retu->encrypt_nonce, encrypt_nonce, crypto_box_NONCEBYTES);
|
||||
memcpy(_retu->decrypt_nonce, decrypt_nonce, crypto_box_NONCEBYTES);
|
||||
memcpy(_retu->nonce_cycle , decrypt_nonce, crypto_box_NONCEBYTES);
|
||||
|
||||
_retu->csrc = calloc(1, sizeof (uint32_t));
|
||||
assert(_retu->csrc);
|
||||
|
|
|
@ -925,7 +925,7 @@ end:
|
|||
return 0;
|
||||
}
|
||||
|
||||
#define NODES_ENCRYPTED_MESSAGE_LENGTH (crypto_secretbox_NONCEBYTES + sizeof(uint64_t) + sizeof(Node_format) + sizeof(Node_format) + crypto_secretbox_MACBYTES)
|
||||
#define NODES_ENCRYPTED_MESSAGE_LENGTH (crypto_box_NONCEBYTES + sizeof(uint64_t) + sizeof(Node_format) + sizeof(Node_format) + crypto_box_MACBYTES)
|
||||
|
||||
/* Send a getnodes request.
|
||||
sendback_node is the node that it will send back the response to (set to NULL to disable this) */
|
||||
|
@ -958,9 +958,9 @@ static int getnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cli
|
|||
nonce,
|
||||
plain_message,
|
||||
sizeof(temp_time) + sizeof(reciever) + sizeof(Node_format),
|
||||
encrypted_message + crypto_secretbox_NONCEBYTES);
|
||||
encrypted_message + crypto_box_NONCEBYTES);
|
||||
|
||||
if (len_m != NODES_ENCRYPTED_MESSAGE_LENGTH - crypto_secretbox_NONCEBYTES)
|
||||
if (len_m != NODES_ENCRYPTED_MESSAGE_LENGTH - crypto_box_NONCEBYTES)
|
||||
return -1;
|
||||
|
||||
uint8_t data[1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES + CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES];
|
||||
|
@ -973,7 +973,7 @@ static int getnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cli
|
|||
|
||||
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||
DHT_get_shared_key_sent(dht, shared_key, public_key);
|
||||
int len = encrypt_data_fast( shared_key,
|
||||
int len = encrypt_data_symmetric( shared_key,
|
||||
nonce,
|
||||
plain,
|
||||
CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH,
|
||||
|
@ -1019,7 +1019,7 @@ static int sendnodes_ipv6(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_
|
|||
return -1;
|
||||
|
||||
memcpy(plain + nodes_length, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH);
|
||||
int len = encrypt_data_fast( shared_encryption_key,
|
||||
int len = encrypt_data_symmetric( shared_encryption_key,
|
||||
nonce,
|
||||
plain,
|
||||
nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH,
|
||||
|
@ -1052,7 +1052,7 @@ static int handle_getnodes(void *object, IP_Port source, uint8_t *packet, uint32
|
|||
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||
|
||||
DHT_get_shared_key_recv(dht, shared_key, packet + 1);
|
||||
int len = decrypt_data_fast( shared_key,
|
||||
int len = decrypt_data_symmetric( shared_key,
|
||||
packet + 1 + CLIENT_ID_SIZE,
|
||||
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
|
||||
CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES,
|
||||
|
@ -1075,8 +1075,8 @@ static uint8_t sent_getnode_to_node(DHT *dht, uint8_t *client_id, IP_Port node_i
|
|||
{
|
||||
uint8_t plain_message[NODES_ENCRYPTED_MESSAGE_LENGTH];
|
||||
|
||||
if (decrypt_data_symmetric(dht->secret_symmetric_key, encrypted_data, encrypted_data + crypto_secretbox_NONCEBYTES,
|
||||
NODES_ENCRYPTED_MESSAGE_LENGTH - crypto_secretbox_NONCEBYTES,
|
||||
if (decrypt_data_symmetric(dht->secret_symmetric_key, encrypted_data, encrypted_data + crypto_box_NONCEBYTES,
|
||||
NODES_ENCRYPTED_MESSAGE_LENGTH - crypto_box_NONCEBYTES,
|
||||
plain_message) != sizeof(uint64_t) + sizeof(Node_format) * 2)
|
||||
return 0;
|
||||
|
||||
|
@ -1121,7 +1121,7 @@ static int handle_sendnodes_core(void *object, IP_Port source, uint8_t *packet,
|
|||
uint8_t plain[data_size + NODES_ENCRYPTED_MESSAGE_LENGTH];
|
||||
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||
DHT_get_shared_key_sent(dht, shared_key, packet + 1);
|
||||
int len = decrypt_data_fast(
|
||||
int len = decrypt_data_symmetric(
|
||||
shared_key,
|
||||
packet + 1 + CLIENT_ID_SIZE,
|
||||
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
|
||||
|
|
|
@ -177,7 +177,7 @@ typedef struct {
|
|||
uint32_t close_bootstrap_times;
|
||||
|
||||
/* Note: this key should not be/is not used to transmit any sensitive materials */
|
||||
uint8_t secret_symmetric_key[crypto_secretbox_KEYBYTES];
|
||||
uint8_t secret_symmetric_key[crypto_box_KEYBYTES];
|
||||
/* DHT keypair */
|
||||
uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
|
||||
uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
|
||||
|
|
|
@ -9,6 +9,8 @@ libtoxcore_la_SOURCES = ../toxcore/DHT.h \
|
|||
../toxcore/DHT.c \
|
||||
../toxcore/network.h \
|
||||
../toxcore/network.c \
|
||||
../toxcore/crypto_core.h \
|
||||
../toxcore/crypto_core.c \
|
||||
../toxcore/Lossless_UDP.h \
|
||||
../toxcore/Lossless_UDP.c \
|
||||
../toxcore/net_crypto.h \
|
||||
|
|
|
@ -2752,75 +2752,6 @@ int messenger_load(Messenger *m, uint8_t *data, uint32_t length)
|
|||
return -1;
|
||||
}
|
||||
|
||||
/* return the size of data to pass to messenger_save_encrypted(...)
|
||||
*
|
||||
*/
|
||||
uint32_t messenger_size_encrypted(Messenger *m)
|
||||
{
|
||||
return messenger_size(m) + crypto_secretbox_MACBYTES + crypto_secretbox_NONCEBYTES;
|
||||
}
|
||||
|
||||
/* Save the messenger, encrypting the data with key of length key_length
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int messenger_save_encrypted(Messenger *m, uint8_t *data, uint8_t *key, uint16_t key_length)
|
||||
{
|
||||
uint32_t m_size = messenger_size(m);
|
||||
uint8_t *plain_messenger = malloc(m_size);
|
||||
|
||||
if (plain_messenger == NULL)
|
||||
return -1;
|
||||
|
||||
messenger_save(m, plain_messenger);
|
||||
|
||||
/* Hash the key with SHA256 to get a 32byte key. */
|
||||
uint8_t hash[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash, key, key_length);
|
||||
random_nonce(data);
|
||||
encrypt_data_symmetric(hash, data, plain_messenger, m_size, data + crypto_secretbox_NONCEBYTES);
|
||||
|
||||
memset(plain_messenger, 0, m_size);
|
||||
free(plain_messenger);
|
||||
memset(hash, 0, crypto_hash_sha256_BYTES);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Load the messenger from data of size length encrypted with key of key_length.
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int messenger_load_encrypted(Messenger *m, uint8_t *data, uint32_t length, uint8_t *key, uint16_t key_length)
|
||||
{
|
||||
if (length <= crypto_secretbox_MACBYTES + crypto_secretbox_NONCEBYTES)
|
||||
return -1;
|
||||
|
||||
uint8_t *plain_messenger = malloc(length);
|
||||
|
||||
if (plain_messenger == NULL)
|
||||
return -1;
|
||||
|
||||
/* Hash the key with SHA256 to get a 32byte key. */
|
||||
uint8_t hash[crypto_hash_sha256_BYTES];
|
||||
crypto_hash_sha256(hash, key, key_length);
|
||||
int len = decrypt_data_symmetric(hash, data, data + crypto_secretbox_NONCEBYTES, length - crypto_secretbox_NONCEBYTES,
|
||||
plain_messenger);
|
||||
int ret;
|
||||
|
||||
if ((uint32_t)len == length - crypto_secretbox_NONCEBYTES - crypto_secretbox_MACBYTES) {
|
||||
ret = messenger_load(m, plain_messenger, length - crypto_secretbox_NONCEBYTES - crypto_secretbox_MACBYTES);
|
||||
} else {
|
||||
ret = -1;
|
||||
}
|
||||
|
||||
memset(plain_messenger, 0, length);
|
||||
free(plain_messenger);
|
||||
memset(hash, 0, crypto_hash_sha256_BYTES);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Return the number of friends in the instance m.
|
||||
* You should use this to determine how much memory to allocate
|
||||
* for copy_friendlist. */
|
||||
|
|
|
@ -736,24 +736,6 @@ void messenger_save(Messenger *m, uint8_t *data);
|
|||
/* Load the messenger from data of size length. */
|
||||
int messenger_load(Messenger *m, uint8_t *data, uint32_t length);
|
||||
|
||||
/* return the size of data to pass to messenger_save_encrypted(...)
|
||||
*/
|
||||
uint32_t messenger_size_encrypted(Messenger *m);
|
||||
|
||||
/* Save the messenger, encrypting the data with key of length key_length
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int messenger_save_encrypted(Messenger *m, uint8_t *data, uint8_t *key, uint16_t key_length);
|
||||
|
||||
/* Load the messenger from data of size length encrypted with key of key_length.
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int messenger_load_encrypted(Messenger *m, uint8_t *data, uint32_t length, uint8_t *key, uint16_t key_length);
|
||||
|
||||
/* Return the number of friends in the instance m.
|
||||
* You should use this to determine how much memory to allocate
|
||||
* for copy_friendlist. */
|
||||
|
|
|
@ -74,7 +74,7 @@ static int generate_handshake(TCP_Client_Connection *TCP_conn, uint8_t *self_pub
|
|||
memcpy(plain + crypto_box_PUBLICKEYBYTES, TCP_conn->sent_nonce, crypto_box_NONCEBYTES);
|
||||
memcpy(TCP_conn->last_packet, self_public_key, crypto_box_PUBLICKEYBYTES);
|
||||
new_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES);
|
||||
int len = encrypt_data_fast(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain,
|
||||
int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain,
|
||||
sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES);
|
||||
|
||||
if (len != sizeof(plain) + crypto_box_MACBYTES)
|
||||
|
@ -93,7 +93,7 @@ static int generate_handshake(TCP_Client_Connection *TCP_conn, uint8_t *self_pub
|
|||
static int handle_handshake(TCP_Client_Connection *TCP_conn, uint8_t *data)
|
||||
{
|
||||
uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES];
|
||||
int len = decrypt_data_fast(TCP_conn->shared_key, data, data + crypto_box_NONCEBYTES,
|
||||
int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + crypto_box_NONCEBYTES,
|
||||
TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, plain);
|
||||
|
||||
if (len != sizeof(plain))
|
||||
|
@ -149,7 +149,7 @@ static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, uint8_
|
|||
|
||||
uint16_t c_length = htons(length + crypto_box_MACBYTES);
|
||||
memcpy(packet, &c_length, sizeof(uint16_t));
|
||||
int len = encrypt_data_fast(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
|
||||
int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
|
||||
|
||||
if ((unsigned int)len != (sizeof(packet) - sizeof(uint16_t)))
|
||||
return -1;
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
#ifndef TCP_CLIENT_H
|
||||
#define TCP_CLIENT_H
|
||||
|
||||
#include "net_crypto.h"
|
||||
#include "crypto_core.h"
|
||||
#include "TCP_server.h"
|
||||
|
||||
#define TCP_CONNECTION_TIMEOUT 10
|
||||
|
|
|
@ -258,7 +258,7 @@ int read_packet_TCP_secure_connection(sock_t sock, uint16_t *next_packet_length,
|
|||
|
||||
*next_packet_length = 0;
|
||||
|
||||
int len = decrypt_data_fast(shared_key, recv_nonce, data_encrypted, len_packet, data);
|
||||
int len = decrypt_data_symmetric(shared_key, recv_nonce, data_encrypted, len_packet, data);
|
||||
|
||||
if (len + crypto_box_MACBYTES != len_packet)
|
||||
return -1;
|
||||
|
@ -313,7 +313,7 @@ static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, uint8_
|
|||
|
||||
uint16_t c_length = htons(length + crypto_box_MACBYTES);
|
||||
memcpy(packet, &c_length, sizeof(uint16_t));
|
||||
int len = encrypt_data_fast(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
|
||||
int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
|
||||
|
||||
if ((unsigned int)len != (sizeof(packet) - sizeof(uint16_t)))
|
||||
return -1;
|
||||
|
@ -356,7 +356,7 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint1
|
|||
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||
encrypt_precompute(data, self_secret_key, shared_key);
|
||||
uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE];
|
||||
int len = decrypt_data_fast(shared_key, data + crypto_box_PUBLICKEYBYTES,
|
||||
int len = decrypt_data_symmetric(shared_key, data + crypto_box_PUBLICKEYBYTES,
|
||||
data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain);
|
||||
|
||||
if (len != TCP_HANDSHAKE_PLAIN_SIZE)
|
||||
|
@ -373,7 +373,7 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint1
|
|||
uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
|
||||
new_nonce(response);
|
||||
|
||||
len = encrypt_data_fast(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, response + crypto_box_NONCEBYTES);
|
||||
len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, response + crypto_box_NONCEBYTES);
|
||||
|
||||
if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES)
|
||||
return -1;
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
#ifndef TCP_SERVER_H
|
||||
#define TCP_SERVER_H
|
||||
|
||||
#include "net_crypto.h"
|
||||
#include "crypto_core.h"
|
||||
#include "onion.h"
|
||||
|
||||
#if defined(_WIN32) || defined(__WIN32__) || defined(WIN32) || defined(__MACH__)
|
||||
|
|
168
toxcore/crypto_core.c
Normal file
168
toxcore/crypto_core.c
Normal file
|
@ -0,0 +1,168 @@
|
|||
/* net_crypto.c
|
||||
*
|
||||
* Functions for the core crypto.
|
||||
*
|
||||
* NOTE: This code has to be perfect. We don't mess around with encryption.
|
||||
*
|
||||
* Copyright (C) 2013 Tox project All Rights Reserved.
|
||||
*
|
||||
* This file is part of Tox.
|
||||
*
|
||||
* Tox is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Tox is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with Tox. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "crypto_core.h"
|
||||
|
||||
/* Use this instead of memcmp; not vulnerable to timing attacks. */
|
||||
uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
|
||||
{
|
||||
uint8_t check = 0;
|
||||
uint32_t i;
|
||||
|
||||
for (i = 0; i < length; ++i) {
|
||||
check |= mem[i];
|
||||
}
|
||||
|
||||
return check; // We return zero if mem is made out of zeroes.
|
||||
}
|
||||
|
||||
/* Precomputes the shared key from their public_key and our secret_key.
|
||||
* This way we can avoid an expensive elliptic curve scalar multiply for each
|
||||
* encrypt/decrypt operation.
|
||||
* enc_key has to be crypto_box_BEFORENMBYTES bytes long.
|
||||
*/
|
||||
void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key)
|
||||
{
|
||||
crypto_box_beforenm(enc_key, public_key, secret_key);
|
||||
}
|
||||
|
||||
int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
{
|
||||
if (length == 0)
|
||||
return -1;
|
||||
|
||||
uint8_t temp_plain[length + crypto_box_ZEROBYTES];
|
||||
uint8_t temp_encrypted[length + crypto_box_MACBYTES + crypto_box_BOXZEROBYTES];
|
||||
|
||||
memset(temp_plain, 0, crypto_box_ZEROBYTES);
|
||||
memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); // Pad the message with 32 0 bytes.
|
||||
|
||||
if (crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, secret_key) != 0)
|
||||
return -1;
|
||||
/* Unpad the encrypted message. */
|
||||
memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES);
|
||||
return length + crypto_box_MACBYTES;
|
||||
}
|
||||
|
||||
int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
{
|
||||
if (length <= crypto_box_BOXZEROBYTES)
|
||||
return -1;
|
||||
|
||||
uint8_t temp_plain[length + crypto_box_ZEROBYTES];
|
||||
uint8_t temp_encrypted[length + crypto_box_BOXZEROBYTES];
|
||||
|
||||
memset(temp_plain, 0, crypto_box_BOXZEROBYTES);
|
||||
memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); // Pad the message with 16 0 bytes.
|
||||
|
||||
if (crypto_box_open_afternm(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES, nonce, secret_key) != 0)
|
||||
return -1;
|
||||
|
||||
memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES);
|
||||
return length - crypto_box_MACBYTES;
|
||||
}
|
||||
|
||||
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
{
|
||||
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||
encrypt_precompute(public_key, secret_key, k);
|
||||
return encrypt_data_symmetric(k, nonce, plain, length, encrypted);
|
||||
}
|
||||
|
||||
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
{
|
||||
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||
encrypt_precompute(public_key, secret_key, k);
|
||||
return decrypt_data_symmetric(k, nonce, encrypted, length, plain);
|
||||
}
|
||||
|
||||
|
||||
/* Increment the given nonce by 1. */
|
||||
void increment_nonce(uint8_t *nonce)
|
||||
{
|
||||
uint32_t i;
|
||||
|
||||
for (i = crypto_box_NONCEBYTES; i != 0; --i) {
|
||||
++nonce[i - 1];
|
||||
|
||||
if (nonce[i - 1] != 0)
|
||||
break;
|
||||
}
|
||||
}
|
||||
/* increment the given nonce by num */
|
||||
void increment_nonce_number(uint8_t *nonce, uint32_t num)
|
||||
{
|
||||
uint32_t num1, num2;
|
||||
memcpy(&num1, nonce + (crypto_box_NONCEBYTES - sizeof(num1)), sizeof(num1));
|
||||
num1 = ntohl(num1);
|
||||
num2 = num + num1;
|
||||
|
||||
if (num2 < num1) {
|
||||
uint32_t i;
|
||||
|
||||
for (i = crypto_box_NONCEBYTES - sizeof(num1); i != 0; --i) {
|
||||
++nonce[i - 1];
|
||||
|
||||
if (nonce[i - 1] != 0)
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
num2 = htonl(num2);
|
||||
memcpy(nonce + (crypto_box_NONCEBYTES - sizeof(num2)), &num2, sizeof(num2));
|
||||
}
|
||||
|
||||
/* Fill the given nonce with random bytes. */
|
||||
void random_nonce(uint8_t *nonce)
|
||||
{
|
||||
randombytes(nonce, crypto_box_NONCEBYTES);
|
||||
}
|
||||
|
||||
/* Fill a key crypto_box_KEYBYTES big with random bytes */
|
||||
void new_symmetric_key(uint8_t *key)
|
||||
{
|
||||
randombytes(key, crypto_box_KEYBYTES);
|
||||
}
|
||||
|
||||
static uint8_t base_nonce[crypto_box_NONCEBYTES];
|
||||
static uint8_t nonce_set = 0;
|
||||
|
||||
/* Gives a nonce guaranteed to be different from previous ones.*/
|
||||
void new_nonce(uint8_t *nonce)
|
||||
{
|
||||
if (nonce_set == 0) {
|
||||
random_nonce(base_nonce);
|
||||
nonce_set = 1;
|
||||
}
|
||||
|
||||
increment_nonce(base_nonce);
|
||||
memcpy(nonce, base_nonce, crypto_box_NONCEBYTES);
|
||||
}
|
86
toxcore/crypto_core.h
Normal file
86
toxcore/crypto_core.h
Normal file
|
@ -0,0 +1,86 @@
|
|||
/* crypto_core.h
|
||||
*
|
||||
* Functions for the core crypto.
|
||||
*
|
||||
* Copyright (C) 2013 Tox project All Rights Reserved.
|
||||
*
|
||||
* This file is part of Tox.
|
||||
*
|
||||
* Tox is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Tox is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with Tox. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
#ifndef CORE_CRYPTO_H
|
||||
#define CORE_CRYPTO_H
|
||||
|
||||
#include "network.h"
|
||||
|
||||
/* return zero if the buffer contains only zeros. */
|
||||
uint8_t crypto_iszero(uint8_t *buffer, uint32_t blen);
|
||||
|
||||
/* Encrypts plain of length length to encrypted of length + 16 using the
|
||||
* public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem.
|
||||
* return length of encrypted data if everything was fine.
|
||||
*/
|
||||
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
|
||||
|
||||
/* Decrypts encrypted of length length to plain of length length - 16 using the
|
||||
* public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem (decryption failed).
|
||||
* return length of plain data if everything was fine.
|
||||
*/
|
||||
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
|
||||
/* Fast encrypt/decrypt operations. Use if this is not a one-time communication.
|
||||
encrypt_precompute does the shared-key generation once so it does not have
|
||||
to be preformed on every encrypt/decrypt. */
|
||||
void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key);
|
||||
|
||||
/* Encrypts plain of length length to encrypted of length + 16 using a
|
||||
* secret key crypto_box_KEYBYTES big and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem.
|
||||
* return length of encrypted data if everything was fine.
|
||||
*/
|
||||
int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
|
||||
/* Decrypts encrypted of length length to plain of length length - 16 using a
|
||||
* secret key crypto_box_KEYBYTES big and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem (decryption failed).
|
||||
* return length of plain data if everything was fine.
|
||||
*/
|
||||
int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
|
||||
/* Increment the given nonce by 1. */
|
||||
void increment_nonce(uint8_t *nonce);
|
||||
|
||||
/* increment the given nonce by num */
|
||||
void increment_nonce_number(uint8_t *nonce, uint32_t num);
|
||||
|
||||
/* Fill the given nonce with random bytes. */
|
||||
void random_nonce(uint8_t *nonce);
|
||||
|
||||
/* Fill a key crypto_box_KEYBYTES big with random bytes */
|
||||
void new_symmetric_key(uint8_t *key);
|
||||
|
||||
/*Gives a nonce guaranteed to be different from previous ones.*/
|
||||
void new_nonce(uint8_t *nonce);
|
||||
|
||||
#endif
|
|
@ -25,8 +25,6 @@
|
|||
#define FRIEND_REQUESTS_H
|
||||
|
||||
#include "onion_client.h"
|
||||
#include "net_crypto.h"
|
||||
|
||||
|
||||
typedef struct {
|
||||
uint32_t nospam;
|
||||
|
|
|
@ -26,8 +26,9 @@
|
|||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "group_chats.h"
|
||||
#include "DHT.h"
|
||||
#include "assoc.h"
|
||||
#include "group_chats.h"
|
||||
#include "LAN_discovery.h"
|
||||
#include "util.h"
|
||||
|
||||
|
|
|
@ -25,8 +25,6 @@
|
|||
#ifndef GROUP_CHATS_H
|
||||
#define GROUP_CHATS_H
|
||||
|
||||
#include "net_crypto.h"
|
||||
|
||||
#define MAX_NICK_BYTES 128
|
||||
|
||||
typedef struct {
|
||||
|
|
|
@ -35,202 +35,6 @@ static uint8_t crypt_connection_id_not_valid(Net_Crypto *c, int crypt_connection
|
|||
return (uint32_t)crypt_connection_id >= c->crypto_connections_length;
|
||||
}
|
||||
|
||||
/* Use this instead of memcmp; not vulnerable to timing attacks. */
|
||||
uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
|
||||
{
|
||||
uint8_t check = 0;
|
||||
uint32_t i;
|
||||
|
||||
for (i = 0; i < length; ++i) {
|
||||
check |= mem[i];
|
||||
}
|
||||
|
||||
return check; // We return zero if mem is made out of zeroes.
|
||||
}
|
||||
|
||||
/* Precomputes the shared key from their public_key and our secret_key.
|
||||
* This way we can avoid an expensive elliptic curve scalar multiply for each
|
||||
* encrypt/decrypt operation.
|
||||
* enc_key has to be crypto_box_BEFORENMBYTES bytes long.
|
||||
*/
|
||||
void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key)
|
||||
{
|
||||
crypto_box_beforenm(enc_key, public_key, secret_key);
|
||||
}
|
||||
|
||||
/* Fast encrypt. Depends on enc_key from encrypt_precompute. */
|
||||
int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
{
|
||||
if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0)
|
||||
return -1;
|
||||
|
||||
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0};
|
||||
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
|
||||
|
||||
memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); // Pad the message with 32 0 bytes.
|
||||
|
||||
crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, enc_key);
|
||||
|
||||
if (crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0)
|
||||
return -1;
|
||||
|
||||
/* Unpad the encrypted message. */
|
||||
memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES);
|
||||
return length + crypto_box_MACBYTES;
|
||||
}
|
||||
|
||||
/* Fast decrypt. Depends on enc_ley from encrypt_precompute. */
|
||||
int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
{
|
||||
if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES)
|
||||
return -1;
|
||||
|
||||
uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES];
|
||||
uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
|
||||
|
||||
memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); // Pad the message with 16 0 bytes.
|
||||
|
||||
if (crypto_box_open_afternm(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES,
|
||||
nonce, enc_key) == -1)
|
||||
return -1;
|
||||
|
||||
/* If decryption is successful the first crypto_box_ZEROBYTES of the message will be zero.
|
||||
* Apparently memcmp should not be used so we do this instead:
|
||||
*/
|
||||
if (crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0)
|
||||
return -1;
|
||||
|
||||
/* Unpad the plain message. */
|
||||
memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES);
|
||||
return length - crypto_box_MACBYTES;
|
||||
}
|
||||
|
||||
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
{
|
||||
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||
encrypt_precompute(public_key, secret_key, k);
|
||||
return encrypt_data_fast(k, nonce, plain, length, encrypted);
|
||||
}
|
||||
|
||||
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
{
|
||||
uint8_t k[crypto_box_BEFORENMBYTES];
|
||||
encrypt_precompute(public_key, secret_key, k);
|
||||
return decrypt_data_fast(k, nonce, encrypted, length, plain);
|
||||
}
|
||||
|
||||
int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, uint32_t length, uint8_t *encrypted)
|
||||
{
|
||||
if (length == 0)
|
||||
return -1;
|
||||
|
||||
uint8_t temp_plain[length + crypto_secretbox_ZEROBYTES];
|
||||
uint8_t temp_encrypted[length + crypto_secretbox_MACBYTES + crypto_secretbox_BOXZEROBYTES];
|
||||
|
||||
memset(temp_plain, 0, crypto_secretbox_ZEROBYTES);
|
||||
memcpy(temp_plain + crypto_secretbox_ZEROBYTES, plain, length); // Pad the message with 32 0 bytes.
|
||||
|
||||
crypto_secretbox(temp_encrypted, temp_plain, length + crypto_secretbox_ZEROBYTES, nonce, secret_key);
|
||||
/* Unpad the encrypted message. */
|
||||
memcpy(encrypted, temp_encrypted + crypto_secretbox_BOXZEROBYTES, length + crypto_secretbox_MACBYTES);
|
||||
return length + crypto_secretbox_MACBYTES;
|
||||
}
|
||||
|
||||
int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain)
|
||||
{
|
||||
if (length <= crypto_secretbox_BOXZEROBYTES)
|
||||
return -1;
|
||||
|
||||
uint8_t temp_plain[length + crypto_secretbox_ZEROBYTES];
|
||||
uint8_t temp_encrypted[length + crypto_secretbox_BOXZEROBYTES];
|
||||
|
||||
memset(temp_plain, 0, crypto_secretbox_BOXZEROBYTES);
|
||||
memcpy(temp_encrypted + crypto_secretbox_BOXZEROBYTES, encrypted, length); // Pad the message with 16 0 bytes.
|
||||
|
||||
if (crypto_secretbox_open(temp_plain, temp_encrypted, length + crypto_secretbox_BOXZEROBYTES, nonce, secret_key) == -1)
|
||||
return -1;
|
||||
|
||||
memcpy(plain, temp_plain + crypto_secretbox_ZEROBYTES, length - crypto_secretbox_MACBYTES);
|
||||
return length - crypto_secretbox_MACBYTES;
|
||||
}
|
||||
|
||||
/* Increment the given nonce by 1. */
|
||||
void increment_nonce(uint8_t *nonce)
|
||||
{
|
||||
uint32_t i;
|
||||
|
||||
for (i = crypto_box_NONCEBYTES; i != 0; --i) {
|
||||
++nonce[i - 1];
|
||||
|
||||
if (nonce[i - 1] != 0)
|
||||
break;
|
||||
}
|
||||
}
|
||||
/* increment the given nonce by num */
|
||||
void increment_nonce_number(uint8_t *nonce, uint32_t num)
|
||||
{
|
||||
uint32_t num1, num2;
|
||||
memcpy(&num1, nonce + (crypto_box_NONCEBYTES - sizeof(num1)), sizeof(num1));
|
||||
num1 = ntohl(num1);
|
||||
num2 = num + num1;
|
||||
|
||||
if (num2 < num1) {
|
||||
uint32_t i;
|
||||
|
||||
for (i = crypto_box_NONCEBYTES - sizeof(num1); i != 0; --i) {
|
||||
++nonce[i - 1];
|
||||
|
||||
if (nonce[i - 1] != 0)
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
num2 = htonl(num2);
|
||||
memcpy(nonce + (crypto_box_NONCEBYTES - sizeof(num2)), &num2, sizeof(num2));
|
||||
}
|
||||
|
||||
#if crypto_box_NONCEBYTES != crypto_secretbox_NONCEBYTES
|
||||
/*if they no longer equal each other, this function and the previous ones
|
||||
*must be split into two.
|
||||
*/
|
||||
#error random_nonce(): crypto_box_NONCEBYTES must equal crypto_secretbox_NONCEBYTES.
|
||||
#endif
|
||||
/* Fill the given nonce with random bytes. */
|
||||
void random_nonce(uint8_t *nonce)
|
||||
{
|
||||
randombytes(nonce, crypto_box_NONCEBYTES);
|
||||
}
|
||||
|
||||
/* Fill a key crypto_secretbox_KEYBYTES big with random bytes */
|
||||
void new_symmetric_key(uint8_t *key)
|
||||
{
|
||||
randombytes(key, crypto_secretbox_KEYBYTES);
|
||||
}
|
||||
|
||||
static uint8_t base_nonce[crypto_box_NONCEBYTES];
|
||||
static uint8_t nonce_set = 0;
|
||||
|
||||
#if crypto_box_NONCEBYTES != crypto_secretbox_NONCEBYTES
|
||||
/*if they no longer equal each other, this function must be split into two.*/
|
||||
#error new_nonce(): crypto_box_NONCEBYTES must equal crypto_secretbox_NONCEBYTES.
|
||||
#endif
|
||||
/* Gives a nonce guaranteed to be different from previous ones.*/
|
||||
void new_nonce(uint8_t *nonce)
|
||||
{
|
||||
if (nonce_set == 0) {
|
||||
random_nonce(base_nonce);
|
||||
nonce_set = 1;
|
||||
}
|
||||
|
||||
increment_nonce(base_nonce);
|
||||
memcpy(nonce, base_nonce, crypto_box_NONCEBYTES);
|
||||
}
|
||||
|
||||
|
||||
/* return 0 if there is no received data in the buffer.
|
||||
* return -1 if the packet was discarded.
|
||||
* return length of received data if successful.
|
||||
|
@ -252,7 +56,7 @@ int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data)
|
|||
if (temp_data[0] != 3)
|
||||
return -1;
|
||||
|
||||
int len = decrypt_data_fast(c->crypto_connections[crypt_connection_id].shared_key,
|
||||
int len = decrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key,
|
||||
c->crypto_connections[crypt_connection_id].recv_nonce,
|
||||
temp_data + 1, length - 1, data);
|
||||
|
||||
|
@ -290,7 +94,7 @@ int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uin
|
|||
return 0;
|
||||
|
||||
uint8_t temp_data[MAX_DATA_SIZE];
|
||||
int len = encrypt_data_fast(c->crypto_connections[crypt_connection_id].shared_key,
|
||||
int len = encrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key,
|
||||
c->crypto_connections[crypt_connection_id].sent_nonce,
|
||||
data, length, temp_data + 1);
|
||||
|
||||
|
|
|
@ -81,72 +81,6 @@ typedef struct {
|
|||
|
||||
#include "DHT.h"
|
||||
|
||||
/* return zero if the buffer contains only zeros. */
|
||||
uint8_t crypto_iszero(uint8_t *buffer, uint32_t blen);
|
||||
|
||||
/* Encrypts plain of length length to encrypted of length + 16 using the
|
||||
* public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem.
|
||||
* return length of encrypted data if everything was fine.
|
||||
*/
|
||||
int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
|
||||
|
||||
/* Decrypts encrypted of length length to plain of length length - 16 using the
|
||||
* public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem (decryption failed).
|
||||
* return length of plain data if everything was fine.
|
||||
*/
|
||||
int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
|
||||
/* Fast encrypt/decrypt operations. Use if this is not a one-time communication.
|
||||
encrypt_precompute does the shared-key generation once so it does not have
|
||||
to be preformed on every encrypt/decrypt. */
|
||||
void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key);
|
||||
|
||||
/* Fast encrypt. Depends on enc_key from encrypt_precompute. */
|
||||
int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||
uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
|
||||
/* Fast decrypt. Depends on enc_ley from encrypt_precompute. */
|
||||
int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
|
||||
uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
|
||||
/* Encrypts plain of length length to encrypted of length + 16 using a
|
||||
* secret key crypto_secretbox_KEYBYTES big and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem.
|
||||
* return length of encrypted data if everything was fine.
|
||||
*/
|
||||
int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, uint32_t length, uint8_t *encrypted);
|
||||
|
||||
/* Decrypts encrypted of length length to plain of length length - 16 using a
|
||||
* secret key crypto_secretbox_KEYBYTES big and a 24 byte nonce.
|
||||
*
|
||||
* return -1 if there was a problem (decryption failed).
|
||||
* return length of plain data if everything was fine.
|
||||
*/
|
||||
int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain);
|
||||
|
||||
/* Increment the given nonce by 1. */
|
||||
void increment_nonce(uint8_t *nonce);
|
||||
|
||||
/* increment the given nonce by num */
|
||||
void increment_nonce_number(uint8_t *nonce, uint32_t num);
|
||||
|
||||
/* Fill the given nonce with random bytes. */
|
||||
void random_nonce(uint8_t *nonce);
|
||||
|
||||
/* Fill a key crypto_secretbox_KEYBYTES big with random bytes */
|
||||
void new_symmetric_key(uint8_t *key);
|
||||
|
||||
/*Gives a nonce guaranteed to be different from previous ones.*/
|
||||
void new_nonce(uint8_t *nonce);
|
||||
|
||||
/* return 0 if there is no received data in the buffer.
|
||||
* return -1 if the packet was discarded.
|
||||
* return length of received data if successful.
|
||||
|
|
|
@ -102,15 +102,12 @@ typedef int sock_t;
|
|||
#include <sodium.h>
|
||||
#else
|
||||
#include <crypto_box.h>
|
||||
#include <crypto_secretbox.h>
|
||||
#include <randombytes.h>
|
||||
#include <crypto_hash_sha256.h>
|
||||
#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
|
||||
#endif
|
||||
|
||||
#ifndef crypto_secretbox_MACBYTES
|
||||
#define crypto_secretbox_MACBYTES (crypto_secretbox_ZEROBYTES - crypto_secretbox_BOXZEROBYTES)
|
||||
#endif
|
||||
#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)
|
||||
|
||||
#ifndef IPV6_ADD_MEMBERSHIP
|
||||
#ifdef IPV6_JOIN_GROUP
|
||||
|
|
|
@ -111,7 +111,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint
|
|||
memcpy(step2, &path->ip_port3, sizeof(IP_Port));
|
||||
memcpy(step2 + sizeof(IP_Port), path->public_key3, crypto_box_PUBLICKEYBYTES);
|
||||
|
||||
int len = encrypt_data_fast(path->shared_key3, nonce, step1, sizeof(step1),
|
||||
int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1),
|
||||
step2 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES);
|
||||
|
||||
if ((uint32_t)len != sizeof(IP_Port) + length + crypto_box_MACBYTES)
|
||||
|
@ -120,7 +120,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint
|
|||
uint8_t step3[sizeof(IP_Port) + SEND_BASE * 2 + length];
|
||||
memcpy(step3, &path->ip_port2, sizeof(IP_Port));
|
||||
memcpy(step3 + sizeof(IP_Port), path->public_key2, crypto_box_PUBLICKEYBYTES);
|
||||
len = encrypt_data_fast(path->shared_key2, nonce, step2, sizeof(step2),
|
||||
len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2),
|
||||
step3 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES);
|
||||
|
||||
if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE + length + crypto_box_MACBYTES)
|
||||
|
@ -131,7 +131,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint
|
|||
memcpy(packet + 1, nonce, crypto_box_NONCEBYTES);
|
||||
memcpy(packet + 1 + crypto_box_NONCEBYTES, path->public_key1, crypto_box_PUBLICKEYBYTES);
|
||||
|
||||
len = encrypt_data_fast(path->shared_key1, nonce, step3, sizeof(step3),
|
||||
len = encrypt_data_symmetric(path->shared_key1, nonce, step3, sizeof(step3),
|
||||
packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES);
|
||||
|
||||
if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE * 2 + length + crypto_box_MACBYTES)
|
||||
|
@ -175,7 +175,7 @@ static int handle_send_initial(void *object, IP_Port source, uint8_t *packet, ui
|
|||
uint8_t plain[MAX_ONION_SIZE];
|
||||
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||
get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES);
|
||||
int len = decrypt_data_fast(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), plain);
|
||||
|
||||
if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES))
|
||||
|
@ -198,12 +198,12 @@ int onion_send_1(Onion *onion, uint8_t *plain, uint32_t len, IP_Port source, uin
|
|||
uint8_t *ret_part = data + data_len;
|
||||
new_nonce(ret_part);
|
||||
len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, (uint8_t *)&source, sizeof(IP_Port),
|
||||
ret_part + crypto_secretbox_NONCEBYTES);
|
||||
ret_part + crypto_box_NONCEBYTES);
|
||||
|
||||
if (len != sizeof(IP_Port) + crypto_secretbox_MACBYTES)
|
||||
if (len != sizeof(IP_Port) + crypto_box_MACBYTES)
|
||||
return 1;
|
||||
|
||||
data_len += crypto_secretbox_NONCEBYTES + len;
|
||||
data_len += crypto_box_NONCEBYTES + len;
|
||||
|
||||
if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len)
|
||||
return 1;
|
||||
|
@ -226,7 +226,7 @@ static int handle_send_1(void *object, IP_Port source, uint8_t *packet, uint32_t
|
|||
uint8_t plain[MAX_ONION_SIZE];
|
||||
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||
get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES);
|
||||
int len = decrypt_data_fast(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1), plain);
|
||||
|
||||
if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1 + crypto_box_MACBYTES))
|
||||
|
@ -247,12 +247,12 @@ static int handle_send_1(void *object, IP_Port source, uint8_t *packet, uint32_t
|
|||
memcpy(ret_data, &source, sizeof(IP_Port));
|
||||
memcpy(ret_data + sizeof(IP_Port), packet + (length - RETURN_1), RETURN_1);
|
||||
len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data),
|
||||
ret_part + crypto_secretbox_NONCEBYTES);
|
||||
ret_part + crypto_box_NONCEBYTES);
|
||||
|
||||
if (len != RETURN_2 - crypto_secretbox_NONCEBYTES)
|
||||
if (len != RETURN_2 - crypto_box_NONCEBYTES)
|
||||
return 1;
|
||||
|
||||
data_len += crypto_secretbox_NONCEBYTES + len;
|
||||
data_len += crypto_box_NONCEBYTES + len;
|
||||
|
||||
if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len)
|
||||
return 1;
|
||||
|
@ -275,7 +275,7 @@ static int handle_send_2(void *object, IP_Port source, uint8_t *packet, uint32_t
|
|||
uint8_t plain[MAX_ONION_SIZE];
|
||||
uint8_t shared_key[crypto_box_BEFORENMBYTES];
|
||||
get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES);
|
||||
int len = decrypt_data_fast(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2), plain);
|
||||
|
||||
if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES))
|
||||
|
@ -294,9 +294,9 @@ static int handle_send_2(void *object, IP_Port source, uint8_t *packet, uint32_t
|
|||
memcpy(ret_data, &source, sizeof(IP_Port));
|
||||
memcpy(ret_data + sizeof(IP_Port), packet + (length - RETURN_2), RETURN_2);
|
||||
len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data),
|
||||
ret_part + crypto_secretbox_NONCEBYTES);
|
||||
ret_part + crypto_box_NONCEBYTES);
|
||||
|
||||
if (len != RETURN_3 - crypto_secretbox_NONCEBYTES)
|
||||
if (len != RETURN_3 - crypto_box_NONCEBYTES)
|
||||
return 1;
|
||||
|
||||
data_len += RETURN_3;
|
||||
|
@ -321,8 +321,8 @@ static int handle_recv_3(void *object, IP_Port source, uint8_t *packet, uint32_t
|
|||
change_symmetric_key(onion);
|
||||
|
||||
uint8_t plain[sizeof(IP_Port) + RETURN_2];
|
||||
int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES,
|
||||
sizeof(IP_Port) + RETURN_2 + crypto_secretbox_MACBYTES, plain);
|
||||
int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES,
|
||||
sizeof(IP_Port) + RETURN_2 + crypto_box_MACBYTES, plain);
|
||||
|
||||
if ((uint32_t)len != sizeof(plain))
|
||||
return 1;
|
||||
|
@ -355,8 +355,8 @@ static int handle_recv_2(void *object, IP_Port source, uint8_t *packet, uint32_t
|
|||
change_symmetric_key(onion);
|
||||
|
||||
uint8_t plain[sizeof(IP_Port) + RETURN_1];
|
||||
int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES,
|
||||
sizeof(IP_Port) + RETURN_1 + crypto_secretbox_MACBYTES, plain);
|
||||
int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES,
|
||||
sizeof(IP_Port) + RETURN_1 + crypto_box_MACBYTES, plain);
|
||||
|
||||
if ((uint32_t)len != sizeof(plain))
|
||||
return 1;
|
||||
|
@ -390,8 +390,8 @@ static int handle_recv_1(void *object, IP_Port source, uint8_t *packet, uint32_t
|
|||
|
||||
IP_Port send_to;
|
||||
|
||||
int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES,
|
||||
sizeof(IP_Port) + crypto_secretbox_MACBYTES, (uint8_t *) &send_to);
|
||||
int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES,
|
||||
sizeof(IP_Port) + crypto_box_MACBYTES, (uint8_t *) &send_to);
|
||||
|
||||
if ((uint32_t)len != sizeof(IP_Port))
|
||||
return 1;
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
typedef struct {
|
||||
DHT *dht;
|
||||
Networking_Core *net;
|
||||
uint8_t secret_symmetric_key[crypto_secretbox_KEYBYTES];
|
||||
uint8_t secret_symmetric_key[crypto_box_KEYBYTES];
|
||||
uint64_t timestamp;
|
||||
|
||||
Shared_Keys shared_keys_1;
|
||||
|
@ -39,9 +39,9 @@ typedef struct {
|
|||
void *callback_object;
|
||||
} Onion;
|
||||
|
||||
#define ONION_RETURN_1 (crypto_secretbox_NONCEBYTES + sizeof(IP_Port) + crypto_secretbox_MACBYTES)
|
||||
#define ONION_RETURN_2 (crypto_secretbox_NONCEBYTES + sizeof(IP_Port) + crypto_secretbox_MACBYTES + ONION_RETURN_1)
|
||||
#define ONION_RETURN_3 (crypto_secretbox_NONCEBYTES + sizeof(IP_Port) + crypto_secretbox_MACBYTES + ONION_RETURN_2)
|
||||
#define ONION_RETURN_1 (crypto_box_NONCEBYTES + sizeof(IP_Port) + crypto_box_MACBYTES)
|
||||
#define ONION_RETURN_2 (crypto_box_NONCEBYTES + sizeof(IP_Port) + crypto_box_MACBYTES + ONION_RETURN_1)
|
||||
#define ONION_RETURN_3 (crypto_box_NONCEBYTES + sizeof(IP_Port) + crypto_box_MACBYTES + ONION_RETURN_2)
|
||||
|
||||
#define ONION_SEND_BASE (crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + crypto_box_MACBYTES)
|
||||
#define ONION_SEND_3 (crypto_box_NONCEBYTES + ONION_SEND_BASE + ONION_RETURN_2)
|
||||
|
|
|
@ -115,11 +115,11 @@ static void generate_ping_id(Onion_Announce *onion_a, uint64_t time, uint8_t *pu
|
|||
uint8_t *ping_id)
|
||||
{
|
||||
time /= PING_ID_TIMEOUT;
|
||||
uint8_t data[crypto_secretbox_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES + sizeof(ret_ip_port)];
|
||||
memcpy(data, onion_a->secret_bytes, crypto_secretbox_KEYBYTES);
|
||||
memcpy(data + crypto_secretbox_KEYBYTES, &time, sizeof(time));
|
||||
memcpy(data + crypto_secretbox_KEYBYTES + sizeof(time), public_key, crypto_box_PUBLICKEYBYTES);
|
||||
memcpy(data + crypto_secretbox_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES, &ret_ip_port, sizeof(ret_ip_port));
|
||||
uint8_t data[crypto_box_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES + sizeof(ret_ip_port)];
|
||||
memcpy(data, onion_a->secret_bytes, crypto_box_KEYBYTES);
|
||||
memcpy(data + crypto_box_KEYBYTES, &time, sizeof(time));
|
||||
memcpy(data + crypto_box_KEYBYTES + sizeof(time), public_key, crypto_box_PUBLICKEYBYTES);
|
||||
memcpy(data + crypto_box_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES, &ret_ip_port, sizeof(ret_ip_port));
|
||||
crypto_hash_sha256(ping_id, data, sizeof(data));
|
||||
}
|
||||
|
||||
|
@ -221,7 +221,7 @@ static int handle_announce_request(void *object, IP_Port source, uint8_t *packet
|
|||
get_shared_key(&onion_a->shared_keys_recv, shared_key, onion_a->dht->self_secret_key, packet_public_key);
|
||||
|
||||
uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH];
|
||||
int len = decrypt_data_fast(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES,
|
||||
ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH +
|
||||
crypto_box_MACBYTES, plain);
|
||||
|
||||
|
@ -278,7 +278,7 @@ static int handle_announce_request(void *object, IP_Port source, uint8_t *packet
|
|||
}
|
||||
|
||||
uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE];
|
||||
len = encrypt_data_fast(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length,
|
||||
len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length,
|
||||
data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES);
|
||||
|
||||
if (len != 1 + ONION_PING_ID_SIZE + nodes_length + crypto_box_MACBYTES)
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
#define ONION_ANNOUNCE_TIMEOUT 300
|
||||
#define ONION_PING_ID_SIZE crypto_hash_sha256_BYTES
|
||||
|
||||
#define ONION_ANNOUNCE_SENDBACK_DATA_LENGTH (crypto_secretbox_NONCEBYTES + sizeof(uint32_t) + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + crypto_secretbox_MACBYTES)
|
||||
#define ONION_ANNOUNCE_SENDBACK_DATA_LENGTH (crypto_box_NONCEBYTES + sizeof(uint32_t) + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + crypto_box_MACBYTES)
|
||||
|
||||
#define ONION_ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + 1 + ONION_PING_ID_SIZE + crypto_box_MACBYTES)
|
||||
#define ONION_ANNOUNCE_RESPONSE_MAX_SIZE (ONION_ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES)
|
||||
|
@ -52,8 +52,8 @@ typedef struct {
|
|||
DHT *dht;
|
||||
Networking_Core *net;
|
||||
Onion_Announce_Entry entries[ONION_ANNOUNCE_MAX_ENTRIES];
|
||||
/* This is crypto_secretbox_KEYBYTES long just so we can use new_symmetric_key() to fill it */
|
||||
uint8_t secret_bytes[crypto_secretbox_KEYBYTES];
|
||||
/* This is crypto_box_KEYBYTES long just so we can use new_symmetric_key() to fill it */
|
||||
uint8_t secret_bytes[crypto_box_KEYBYTES];
|
||||
|
||||
Shared_Keys shared_keys_recv;
|
||||
} Onion_Announce;
|
||||
|
|
|
@ -116,9 +116,9 @@ static int new_sendback(Onion_Client *onion_c, uint32_t num, uint8_t *public_key
|
|||
memcpy(plain + sizeof(uint32_t) + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES, &ip_port, sizeof(IP_Port));
|
||||
|
||||
int len = encrypt_data_symmetric(onion_c->secret_symmetric_key, sendback, plain, sizeof(plain),
|
||||
sendback + crypto_secretbox_NONCEBYTES);
|
||||
sendback + crypto_box_NONCEBYTES);
|
||||
|
||||
if ((uint32_t)len + crypto_secretbox_NONCEBYTES != ONION_ANNOUNCE_SENDBACK_DATA_LENGTH)
|
||||
if ((uint32_t)len + crypto_box_NONCEBYTES != ONION_ANNOUNCE_SENDBACK_DATA_LENGTH)
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
|
@ -137,8 +137,8 @@ static int new_sendback(Onion_Client *onion_c, uint32_t num, uint8_t *public_key
|
|||
static uint32_t check_sendback(Onion_Client *onion_c, uint8_t *sendback, uint8_t *ret_pubkey, IP_Port *ret_ip_port)
|
||||
{
|
||||
uint8_t plain[sizeof(uint32_t) + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port)];
|
||||
int len = decrypt_data_symmetric(onion_c->secret_symmetric_key, sendback, sendback + crypto_secretbox_NONCEBYTES,
|
||||
ONION_ANNOUNCE_SENDBACK_DATA_LENGTH - crypto_secretbox_NONCEBYTES, plain);
|
||||
int len = decrypt_data_symmetric(onion_c->secret_symmetric_key, sendback, sendback + crypto_box_NONCEBYTES,
|
||||
ONION_ANNOUNCE_SENDBACK_DATA_LENGTH - crypto_box_NONCEBYTES, plain);
|
||||
|
||||
if ((uint32_t)len != sizeof(plain))
|
||||
return ~0;
|
||||
|
|
|
@ -113,7 +113,7 @@ typedef struct {
|
|||
|
||||
Onion_Client_Paths onion_paths;
|
||||
|
||||
uint8_t secret_symmetric_key[crypto_secretbox_KEYBYTES];
|
||||
uint8_t secret_symmetric_key[crypto_box_KEYBYTES];
|
||||
uint64_t last_run;
|
||||
|
||||
uint8_t temp_public_key[crypto_box_PUBLICKEYBYTES];
|
||||
|
|
|
@ -168,7 +168,7 @@ int send_ping_request(PING *ping, IP_Port ipp, uint8_t *client_id)
|
|||
new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce
|
||||
|
||||
|
||||
rc = encrypt_data_fast(shared_key,
|
||||
rc = encrypt_data_symmetric(shared_key,
|
||||
pk + 1 + CLIENT_ID_SIZE,
|
||||
(uint8_t *) &ping_id, sizeof(ping_id),
|
||||
pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES);
|
||||
|
@ -193,7 +193,7 @@ static int send_ping_response(PING *ping, IP_Port ipp, uint8_t *client_id, uint6
|
|||
new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce
|
||||
|
||||
// Encrypt ping_id using recipient privkey
|
||||
rc = encrypt_data_fast(shared_encryption_key,
|
||||
rc = encrypt_data_symmetric(shared_encryption_key,
|
||||
pk + 1 + CLIENT_ID_SIZE,
|
||||
(uint8_t *) &ping_id, sizeof(ping_id),
|
||||
pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES );
|
||||
|
@ -222,7 +222,7 @@ static int handle_ping_request(void *_dht, IP_Port source, uint8_t *packet, uint
|
|||
|
||||
// Decrypt ping_id
|
||||
DHT_get_shared_key_recv(dht, shared_key, packet + 1);
|
||||
rc = decrypt_data_fast(shared_key,
|
||||
rc = decrypt_data_symmetric(shared_key,
|
||||
packet + 1 + CLIENT_ID_SIZE,
|
||||
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
|
||||
sizeof(ping_id) + crypto_box_MACBYTES,
|
||||
|
@ -259,7 +259,7 @@ static int handle_ping_response(void *_dht, IP_Port source, uint8_t *packet, uin
|
|||
|
||||
--ping_index;
|
||||
// Decrypt ping_id
|
||||
rc = decrypt_data_fast(ping->pings[ping_index].shared_key,
|
||||
rc = decrypt_data_symmetric(ping->pings[ping_index].shared_key,
|
||||
packet + 1 + CLIENT_ID_SIZE,
|
||||
packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES,
|
||||
sizeof(ping_id) + crypto_box_MACBYTES,
|
||||
|
|
|
@ -828,34 +828,4 @@ int tox_load(Tox *tox, uint8_t *data, uint32_t length)
|
|||
{
|
||||
Messenger *m = tox;
|
||||
return messenger_load(m, data, length);
|
||||
}
|
||||
|
||||
/* return the size of data to pass to messenger_save_encrypted(...)
|
||||
*/
|
||||
uint32_t tox_size_encrypted(Tox *tox)
|
||||
{
|
||||
Messenger *m = tox;
|
||||
return messenger_size_encrypted(m);
|
||||
}
|
||||
|
||||
/* Save the messenger, encrypting the data with key of length key_length
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int tox_save_encrypted(Tox *tox, uint8_t *data, uint8_t *key, uint16_t key_length)
|
||||
{
|
||||
Messenger *m = tox;
|
||||
return messenger_save_encrypted(m, data, key, key_length);
|
||||
}
|
||||
|
||||
/* Load the messenger from data of size length encrypted with key of key_length.
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int tox_load_encrypted(Tox *tox, uint8_t *data, uint32_t length, uint8_t *key, uint16_t key_length)
|
||||
{
|
||||
Messenger *m = tox;
|
||||
return messenger_load_encrypted(m, data, length, key, key_length);
|
||||
}
|
||||
}
|
|
@ -702,32 +702,6 @@ void tox_save(Tox *tox, uint8_t *data);
|
|||
*/
|
||||
int tox_load(Tox *tox, uint8_t *data, uint32_t length);
|
||||
|
||||
/**/
|
||||
|
||||
/* return the size of data to pass to messenger_save_encrypted(...)
|
||||
*/
|
||||
uint32_t tox_size_encrypted(Tox *tox);
|
||||
|
||||
/* Save the messenger, encrypting the data with key of length key_length
|
||||
*
|
||||
* This functions simply calls and then encrypt the output of tox_save(..)
|
||||
* with crypto_secretbox(...) from NaCl/libsodium with the key
|
||||
* given to crypto_secretbox(...) being the SHA256 sum of the key
|
||||
* passed to this function.
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int tox_save_encrypted(Tox *tox, uint8_t *data, uint8_t *key, uint16_t key_length);
|
||||
|
||||
/* Load the messenger from data of size length encrypted with key of key_length.
|
||||
*
|
||||
* return 0 on success.
|
||||
* return -1 on failure.
|
||||
*/
|
||||
int tox_load_encrypted(Tox *tox, uint8_t *data, uint32_t length, uint8_t *key, uint16_t key_length);
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue
Block a user