Merge remote-tracking branch 'upstream/master' into nTox

This commit is contained in:
Coren[m] 2013-09-14 13:32:39 +02:00
commit e818fce756
6 changed files with 31 additions and 15 deletions

View File

@ -498,7 +498,7 @@ static int getnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cli
uint8_t plain[sizeof(ping_id) + CLIENT_ID_SIZE];
uint8_t encrypt[sizeof(ping_id) + CLIENT_ID_SIZE + ENCRYPTION_PADDING];
uint8_t nonce[crypto_box_NONCEBYTES];
random_nonce(nonce);
new_nonce(nonce);
memcpy(plain, &ping_id, sizeof(ping_id));
memcpy(plain + sizeof(ping_id), client_id, CLIENT_ID_SIZE);
@ -540,7 +540,7 @@ static int sendnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cl
uint8_t plain[sizeof(ping_id) + sizeof(Node_format) * MAX_SENT_NODES];
uint8_t encrypt[sizeof(ping_id) + sizeof(Node_format) * MAX_SENT_NODES + ENCRYPTION_PADDING];
uint8_t nonce[crypto_box_NONCEBYTES];
random_nonce(nonce);
new_nonce(nonce);
memcpy(plain, &ping_id, sizeof(ping_id));
memcpy(plain + sizeof(ping_id), nodes_list, num_nodes * sizeof(Node_format));

View File

@ -145,14 +145,26 @@ static void increment_nonce(uint8_t *nonce)
/* Fill the given nonce with random bytes. */
void random_nonce(uint8_t *nonce)
{
uint32_t i, temp;
randombytes(nonce, crypto_box_NONCEBYTES);
}
for (i = 0; i < crypto_box_NONCEBYTES / 4; ++i) {
temp = random_int();
memcpy(nonce + 4 * i, &temp, 4);
static uint8_t base_nonce[crypto_box_NONCEBYTES];
static uint8_t nonce_set = 0;
/*Gives a nonce guaranteed to be different from previous ones.*/
void new_nonce(uint8_t *nonce)
{
if (nonce_set == 0) {
random_nonce(base_nonce);
nonce_set = 1;
}
increment_nonce(base_nonce);
memcpy(nonce, base_nonce, crypto_box_NONCEBYTES);
}
/* return 0 if there is no received data in the buffer.
* return -1 if the packet was discarded.
* return length of received data if successful.
@ -237,7 +249,7 @@ int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *
uint8_t temp[MAX_DATA_SIZE];
memcpy(temp + 1, data, length);
temp[0] = request_id;
random_nonce(nonce);
new_nonce(nonce);
int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1,
1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet);
@ -336,7 +348,7 @@ static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *publi
uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES];
uint8_t nonce[crypto_box_NONCEBYTES];
random_nonce(nonce);
new_nonce(nonce);
memcpy(temp, secret_nonce, crypto_box_NONCEBYTES);
memcpy(temp + crypto_box_NONCEBYTES, session_key, crypto_box_PUBLICKEYBYTES);

View File

@ -115,6 +115,9 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
/* Fill the given nonce with random bytes. */
void random_nonce(uint8_t *nonce);
/*Gives a nonce guaranteed to be different from previous ones.*/
void new_nonce(uint8_t *nonce);
/* return 0 if there is no received data in the buffer.
* return -1 if the packet was discarded.
* return length of received data if successful.

View File

@ -49,7 +49,6 @@ uint64_t current_time(void)
}
/* return a random number.
* NOTE: This function should probably not be used where cryptographic randomness is absolutely necessary.
*/
uint32_t random_int(void)
{
@ -57,7 +56,9 @@ uint32_t random_int(void)
/* NOTE: this function comes from libsodium. */
return randombytes_random();
#else
return random();
uint32_t randnum;
randombytes((uint8_t *)&randnum , sizeof(randnum));
return randnum;
#endif
}

View File

@ -57,6 +57,7 @@
#include <sodium.h>
#else
#include <crypto_box.h>
#include <randombytes.h>
#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
#endif
@ -130,7 +131,6 @@ typedef struct {
uint64_t current_time(void);
/* return a random number.
* NOTE: this function should probably not be used where cryptographic randomness is absolutely necessary.
*/
uint32_t random_int(void);

View File

@ -135,7 +135,7 @@ int send_ping_request(void *ping, Net_Crypto *c, IP_Port ipp, uint8_t *client_id
pk[0] = NET_PACKET_PING_REQUEST;
id_cpy(pk + 1, c->self_public_key); // Our pubkey
random_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate random nonce
new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce
// Encrypt ping_id using recipient privkey
rc = encrypt_data(client_id,
@ -160,7 +160,7 @@ int send_ping_response(Net_Crypto *c, IP_Port ipp, uint8_t *client_id, uint64_t
pk[0] = NET_PACKET_PING_RESPONSE;
id_cpy(pk + 1, c->self_public_key); // Our pubkey
random_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate random nonce
new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce
// Encrypt ping_id using recipient privkey
rc = encrypt_data(client_id,