diff options
author | irungentoo <irungentoo@gmail.com> | 2014-04-22 20:28:40 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2014-04-22 20:28:40 -0400 |
commit | 1bfe15ee88844bdbd43052b4026202cf924ad6ca (patch) | |
tree | a740f16199cf0a263447e2084dd8906028a7b268 | |
parent | c46ab5821d0fa8c604de52e15009e2b8da5d9c07 (diff) |
Decided pretty much how the handshake would work.
Started writing the code.
Astyled some files.
-rw-r--r-- | docs/Tox_middle_level_network_protocol.txt | 24 | ||||
-rw-r--r-- | toxcore/DHT.c | 30 | ||||
-rw-r--r-- | toxcore/DHT.h | 4 | ||||
-rw-r--r-- | toxcore/TCP_client.c | 4 | ||||
-rw-r--r-- | toxcore/TCP_server.c | 5 | ||||
-rw-r--r-- | toxcore/TCP_server.h | 2 | ||||
-rw-r--r-- | toxcore/crypto_core.c | 1 | ||||
-rw-r--r-- | toxcore/net_crypto.c | 148 | ||||
-rw-r--r-- | toxcore/net_crypto.h | 5 | ||||
-rw-r--r-- | toxcore/network.h | 7 | ||||
-rw-r--r-- | toxcore/onion.c | 12 | ||||
-rw-r--r-- | toxcore/onion_announce.c | 6 | ||||
-rw-r--r-- | toxcore/ping.c | 28 |
13 files changed, 226 insertions, 50 deletions
diff --git a/docs/Tox_middle_level_network_protocol.txt b/docs/Tox_middle_level_network_protocol.txt index ae0fd0f6..be8253cd 100644 --- a/docs/Tox_middle_level_network_protocol.txt +++ b/docs/Tox_middle_level_network_protocol.txt | |||
@@ -38,4 +38,26 @@ from evil "friends" framing relays must also be implemented. | |||
38 | 38 | ||
39 | Detailed implementation details: | 39 | Detailed implementation details: |
40 | 40 | ||
41 | Coming soon. | 41 | cookie request packet: |
42 | [uint8_t 24][Senders DHT Public key (32 bytes)][Random nonce (24 | ||
43 | bytes)][Encrypted message containing: [Senders real public key (32 | ||
44 | bytes)][Recievers real public key (32 bytes)]] | ||
45 | Encrypted message is encrypted with sender DHT private key, recievers DHT public | ||
46 | key and the nonce. | ||
47 | |||
48 | cookie response packet: | ||
49 | [uint8_t 25][Random nonce (24 bytes)][Encrypted message containing: [Cookie]] | ||
50 | Encrypted message is encrypted with sender DHT private key, recievers DHT public | ||
51 | key and the nonce. | ||
52 | |||
53 | The Cookie should be basically: | ||
54 | [nonce][encrypted data:[uint64_t time][Senders real public key (32 | ||
55 | bytes)][Recievers real public key (32 bytes)]] | ||
56 | |||
57 | Handshake packet: | ||
58 | [uint8_t 26][Cookie][nonce][Encrypted message containing: [random 24 bytes base | ||
59 | nonce][session public key of the peer (32 bytes)]] | ||
60 | |||
61 | The handshake packet is encrypted using the real private key of the sender, the | ||
62 | real private key of the reciever and the nonce. | ||
63 | |||
diff --git a/toxcore/DHT.c b/toxcore/DHT.c index 267d3ef9..5b43cdb0 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c | |||
@@ -163,7 +163,7 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, uint8_t *secr | |||
163 | } | 163 | } |
164 | } | 164 | } |
165 | 165 | ||
166 | /* Copy shared_key to decrypt DHT packet from client_id into shared_key | 166 | /* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key |
167 | * for packets that we recieve. | 167 | * for packets that we recieve. |
168 | */ | 168 | */ |
169 | void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id) | 169 | void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id) |
@@ -171,7 +171,7 @@ void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id) | |||
171 | return get_shared_key(&dht->shared_keys_recv, shared_key, dht->self_secret_key, client_id); | 171 | return get_shared_key(&dht->shared_keys_recv, shared_key, dht->self_secret_key, client_id); |
172 | } | 172 | } |
173 | 173 | ||
174 | /* Copy shared_key to decrypt DHT packet from client_id into shared_key | 174 | /* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key |
175 | * for packets that we send. | 175 | * for packets that we send. |
176 | */ | 176 | */ |
177 | void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id) | 177 | void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id) |
@@ -974,10 +974,10 @@ static int getnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cli | |||
974 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | 974 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; |
975 | DHT_get_shared_key_sent(dht, shared_key, public_key); | 975 | DHT_get_shared_key_sent(dht, shared_key, public_key); |
976 | int len = encrypt_data_symmetric( shared_key, | 976 | int len = encrypt_data_symmetric( shared_key, |
977 | nonce, | 977 | nonce, |
978 | plain, | 978 | plain, |
979 | CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH, | 979 | CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH, |
980 | encrypt ); | 980 | encrypt ); |
981 | 981 | ||
982 | if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES) | 982 | if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES) |
983 | return -1; | 983 | return -1; |
@@ -1020,10 +1020,10 @@ static int sendnodes_ipv6(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_ | |||
1020 | 1020 | ||
1021 | memcpy(plain + nodes_length, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH); | 1021 | memcpy(plain + nodes_length, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH); |
1022 | int len = encrypt_data_symmetric( shared_encryption_key, | 1022 | int len = encrypt_data_symmetric( shared_encryption_key, |
1023 | nonce, | 1023 | nonce, |
1024 | plain, | 1024 | plain, |
1025 | nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH, | 1025 | nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH, |
1026 | encrypt ); | 1026 | encrypt ); |
1027 | 1027 | ||
1028 | if ((unsigned int)len != nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES) | 1028 | if ((unsigned int)len != nodes_length + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES) |
1029 | return -1; | 1029 | return -1; |
@@ -1053,10 +1053,10 @@ static int handle_getnodes(void *object, IP_Port source, uint8_t *packet, uint32 | |||
1053 | 1053 | ||
1054 | DHT_get_shared_key_recv(dht, shared_key, packet + 1); | 1054 | DHT_get_shared_key_recv(dht, shared_key, packet + 1); |
1055 | int len = decrypt_data_symmetric( shared_key, | 1055 | int len = decrypt_data_symmetric( shared_key, |
1056 | packet + 1 + CLIENT_ID_SIZE, | 1056 | packet + 1 + CLIENT_ID_SIZE, |
1057 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, | 1057 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, |
1058 | CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES, | 1058 | CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES, |
1059 | plain ); | 1059 | plain ); |
1060 | 1060 | ||
1061 | if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH) | 1061 | if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH) |
1062 | return 1; | 1062 | return 1; |
@@ -2283,6 +2283,7 @@ DHT *new_DHT(Net_Crypto *c) | |||
2283 | DHT_addfriend(dht, random_key_bytes); | 2283 | DHT_addfriend(dht, random_key_bytes); |
2284 | } | 2284 | } |
2285 | 2285 | ||
2286 | c->dht = dht; | ||
2286 | return dht; | 2287 | return dht; |
2287 | } | 2288 | } |
2288 | 2289 | ||
@@ -2317,6 +2318,7 @@ void kill_DHT(DHT *dht) | |||
2317 | networking_registerhandler(dht->net, NET_PACKET_SEND_NODES_IPV6, NULL, NULL); | 2318 | networking_registerhandler(dht->net, NET_PACKET_SEND_NODES_IPV6, NULL, NULL); |
2318 | cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_NAT_PING, NULL, NULL); | 2319 | cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_NAT_PING, NULL, NULL); |
2319 | cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_HARDENING, NULL, NULL); | 2320 | cryptopacket_registerhandler(dht->c, CRYPTO_PACKET_HARDENING, NULL, NULL); |
2321 | dht->c->dht = 0; | ||
2320 | kill_ping(dht->ping); | 2322 | kill_ping(dht->ping); |
2321 | free(dht->friends_list); | 2323 | free(dht->friends_list); |
2322 | free(dht); | 2324 | free(dht); |
diff --git a/toxcore/DHT.h b/toxcore/DHT.h index c4c0db41..0c59dc81 100644 --- a/toxcore/DHT.h +++ b/toxcore/DHT.h | |||
@@ -204,12 +204,12 @@ typedef struct { | |||
204 | */ | 204 | */ |
205 | void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, uint8_t *secret_key, uint8_t *client_id); | 205 | void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, uint8_t *secret_key, uint8_t *client_id); |
206 | 206 | ||
207 | /* Copy shared_key to decrypt DHT packet from client_id into shared_key | 207 | /* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key |
208 | * for packets that we recieve. | 208 | * for packets that we recieve. |
209 | */ | 209 | */ |
210 | void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id); | 210 | void DHT_get_shared_key_recv(DHT *dht, uint8_t *shared_key, uint8_t *client_id); |
211 | 211 | ||
212 | /* Copy shared_key to decrypt DHT packet from client_id into shared_key | 212 | /* Copy shared_key to encrypt/decrypt DHT packet from client_id into shared_key |
213 | * for packets that we send. | 213 | * for packets that we send. |
214 | */ | 214 | */ |
215 | void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id); | 215 | void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, uint8_t *client_id); |
diff --git a/toxcore/TCP_client.c b/toxcore/TCP_client.c index 825d762c..3745e14d 100644 --- a/toxcore/TCP_client.c +++ b/toxcore/TCP_client.c | |||
@@ -75,7 +75,7 @@ static int generate_handshake(TCP_Client_Connection *TCP_conn, uint8_t *self_pub | |||
75 | memcpy(TCP_conn->last_packet, self_public_key, crypto_box_PUBLICKEYBYTES); | 75 | memcpy(TCP_conn->last_packet, self_public_key, crypto_box_PUBLICKEYBYTES); |
76 | new_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES); | 76 | new_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES); |
77 | int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain, | 77 | int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain, |
78 | sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); | 78 | sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); |
79 | 79 | ||
80 | if (len != sizeof(plain) + crypto_box_MACBYTES) | 80 | if (len != sizeof(plain) + crypto_box_MACBYTES) |
81 | return -1; | 81 | return -1; |
@@ -94,7 +94,7 @@ static int handle_handshake(TCP_Client_Connection *TCP_conn, uint8_t *data) | |||
94 | { | 94 | { |
95 | uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES]; | 95 | uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES]; |
96 | int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + crypto_box_NONCEBYTES, | 96 | int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + crypto_box_NONCEBYTES, |
97 | TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, plain); | 97 | TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, plain); |
98 | 98 | ||
99 | if (len != sizeof(plain)) | 99 | if (len != sizeof(plain)) |
100 | return -1; | 100 | return -1; |
diff --git a/toxcore/TCP_server.c b/toxcore/TCP_server.c index 0ca39c47..fa49274a 100644 --- a/toxcore/TCP_server.c +++ b/toxcore/TCP_server.c | |||
@@ -357,7 +357,7 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint1 | |||
357 | encrypt_precompute(data, self_secret_key, shared_key); | 357 | encrypt_precompute(data, self_secret_key, shared_key); |
358 | uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE]; | 358 | uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE]; |
359 | int len = decrypt_data_symmetric(shared_key, data + crypto_box_PUBLICKEYBYTES, | 359 | int len = decrypt_data_symmetric(shared_key, data + crypto_box_PUBLICKEYBYTES, |
360 | data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain); | 360 | data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain); |
361 | 361 | ||
362 | if (len != TCP_HANDSHAKE_PLAIN_SIZE) | 362 | if (len != TCP_HANDSHAKE_PLAIN_SIZE) |
363 | return -1; | 363 | return -1; |
@@ -373,7 +373,8 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, uint8_t *data, uint1 | |||
373 | uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; | 373 | uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; |
374 | new_nonce(response); | 374 | new_nonce(response); |
375 | 375 | ||
376 | len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, response + crypto_box_NONCEBYTES); | 376 | len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, |
377 | response + crypto_box_NONCEBYTES); | ||
377 | 378 | ||
378 | if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES) | 379 | if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES) |
379 | return -1; | 380 | return -1; |
diff --git a/toxcore/TCP_server.h b/toxcore/TCP_server.h index e4c45dad..26cfa493 100644 --- a/toxcore/TCP_server.h +++ b/toxcore/TCP_server.h | |||
@@ -54,8 +54,6 @@ | |||
54 | 54 | ||
55 | #define ARRAY_ENTRY_SIZE 6 | 55 | #define ARRAY_ENTRY_SIZE 6 |
56 | 56 | ||
57 | #define TCP_ONION_FAMILY (AF_INET6 + 1) | ||
58 | |||
59 | /* frequency to ping connected nodes and timeout in seconds */ | 57 | /* frequency to ping connected nodes and timeout in seconds */ |
60 | #define TCP_PING_FREQUENCY 30 | 58 | #define TCP_PING_FREQUENCY 30 |
61 | #define TCP_PING_TIMEOUT 20 | 59 | #define TCP_PING_TIMEOUT 20 |
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index 38048076..22612442 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
@@ -65,6 +65,7 @@ int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, | |||
65 | 65 | ||
66 | if (crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, secret_key) != 0) | 66 | if (crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, secret_key) != 0) |
67 | return -1; | 67 | return -1; |
68 | |||
68 | /* Unpad the encrypted message. */ | 69 | /* Unpad the encrypted message. */ |
69 | memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES); | 70 | memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES); |
70 | return length + crypto_box_MACBYTES; | 71 | return length + crypto_box_MACBYTES; |
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index d0212d11..3eb9ca4c 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -34,6 +34,145 @@ static uint8_t crypt_connection_id_not_valid(Net_Crypto *c, int crypt_connection | |||
34 | { | 34 | { |
35 | return (uint32_t)crypt_connection_id >= c->crypto_connections_length; | 35 | return (uint32_t)crypt_connection_id >= c->crypto_connections_length; |
36 | } | 36 | } |
37 | #define COOKIE_REQUEST_PLAIN_LENGTH (crypto_box_PUBLICKEYBYTES * 2) | ||
38 | #define COOKIE_REQUEST_LENGTH (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES) | ||
39 | |||
40 | /* Create a cookie request packet and put it in packet. | ||
41 | * | ||
42 | * packet must be of size COOKIE_REQUEST_LENGTH or bigger. | ||
43 | * | ||
44 | * return -1 on failure. | ||
45 | * return COOKIE_REQUEST_LENGTH on success. | ||
46 | */ | ||
47 | static int create_cookie_request(Net_Crypto *c, uint8_t *packet, uint8_t *dht_public_key, uint8_t *real_public_key) | ||
48 | { | ||
49 | if (!c->dht) | ||
50 | return -1; | ||
51 | |||
52 | uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH]; | ||
53 | |||
54 | memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES); | ||
55 | memcpy(plain + crypto_box_PUBLICKEYBYTES, real_public_key, crypto_box_PUBLICKEYBYTES); | ||
56 | |||
57 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | ||
58 | DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); | ||
59 | uint8_t nonce[crypto_box_NONCEBYTES]; | ||
60 | new_nonce(nonce); | ||
61 | packet[0] = NET_PACKET_COOKIE_REQUEST; | ||
62 | memcpy(packet + 1, c->dht->self_public_key, crypto_box_PUBLICKEYBYTES); | ||
63 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); | ||
64 | int len = encrypt_data_symmetric(shared_key, nonce, plain, sizeof(plain), | ||
65 | packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); | ||
66 | |||
67 | if (len != COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES) | ||
68 | return -1; | ||
69 | |||
70 | return (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + len); | ||
71 | } | ||
72 | |||
73 | /* cookie timeout in seconds */ | ||
74 | #define COOKIE_TIMEOUT 10 | ||
75 | #define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_REQUEST_PLAIN_LENGTH) | ||
76 | #define COOKIE_LENGTH (crypto_box_NONCEBYTES + COOKIE_CONTENTS_LENGTH + crypto_box_MACBYTES) | ||
77 | |||
78 | /* Create cookie of length COOKIE_LENGTH from bytes of length COOKIE_REQUEST_PLAIN_LENGTH using encryption_key | ||
79 | * | ||
80 | * return -1 on failure. | ||
81 | * return 0 on success. | ||
82 | */ | ||
83 | static int create_cookie(uint8_t *cookie, uint8_t *bytes, uint8_t *encryption_key) | ||
84 | { | ||
85 | uint8_t contents[COOKIE_CONTENTS_LENGTH]; | ||
86 | uint64_t temp_time = unix_time(); | ||
87 | memcpy(contents, &temp_time, sizeof(temp_time)); | ||
88 | memcpy(contents + sizeof(temp_time), bytes, COOKIE_REQUEST_PLAIN_LENGTH); | ||
89 | new_nonce(cookie); | ||
90 | int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + crypto_box_NONCEBYTES); | ||
91 | |||
92 | if (len != COOKIE_LENGTH - crypto_box_NONCEBYTES) | ||
93 | return -1; | ||
94 | |||
95 | return 0; | ||
96 | } | ||
97 | |||
98 | #define COOKIE_RESPONSE_LENGTH (1 + crypto_box_NONCEBYTES + COOKIE_LENGTH + crypto_box_MACBYTES) | ||
99 | |||
100 | /* Open cookie of length COOKIE_LENGTH from bytes of length COOKIE_REQUEST_PLAIN_LENGTH using encryption_key | ||
101 | * | ||
102 | * return -1 on failure. | ||
103 | * return 0 on success. | ||
104 | */ | ||
105 | static int open_cookie(uint8_t *bytes, uint8_t *cookie, uint8_t *encryption_key) | ||
106 | { | ||
107 | uint8_t contents[COOKIE_CONTENTS_LENGTH]; | ||
108 | int len = decrypt_data_symmetric(encryption_key, cookie, cookie + crypto_box_NONCEBYTES, | ||
109 | COOKIE_LENGTH - crypto_box_NONCEBYTES, contents); | ||
110 | |||
111 | if (len != sizeof(contents)) | ||
112 | return -1; | ||
113 | |||
114 | uint64_t cookie_time; | ||
115 | memcpy(&cookie_time, contents, sizeof(cookie_time)); | ||
116 | uint64_t temp_time = unix_time(); | ||
117 | |||
118 | if (cookie_time + COOKIE_TIMEOUT < temp_time || temp_time < cookie_time) | ||
119 | return -1; | ||
120 | |||
121 | memcpy(bytes, contents + sizeof(cookie_time), COOKIE_REQUEST_PLAIN_LENGTH); | ||
122 | return 0; | ||
123 | } | ||
124 | |||
125 | |||
126 | /* Create a cookie request packet and put it in packet. | ||
127 | * request_plain must be COOKIE_REQUEST_PLAIN_LENGTH bytes. | ||
128 | * packet must be of size COOKIE_RESPONSE_LENGTH or bigger. | ||
129 | * | ||
130 | * return -1 on failure. | ||
131 | * return COOKIE_RESPONSE_LENGTH on success. | ||
132 | */ | ||
133 | static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *request_plain, uint8_t *shared_key) | ||
134 | { | ||
135 | uint8_t cookie[COOKIE_LENGTH]; | ||
136 | |||
137 | if (create_cookie(cookie, request_plain, c->secret_symmetric_key) != 0) | ||
138 | return -1; | ||
139 | |||
140 | packet[0] = NET_PACKET_COOKIE_RESPONSE; | ||
141 | new_nonce(packet + 1); | ||
142 | int len = encrypt_data_symmetric(shared_key, packet + 1, cookie, sizeof(cookie), packet + 1 + crypto_box_NONCEBYTES); | ||
143 | |||
144 | if (len != COOKIE_RESPONSE_LENGTH - (1 + crypto_box_NONCEBYTES)) | ||
145 | return -1; | ||
146 | |||
147 | return COOKIE_RESPONSE_LENGTH; | ||
148 | } | ||
149 | |||
150 | /* Handle the cookie request packet of length length. | ||
151 | * Put what was in the request in request_plain (must be of size COOKIE_REQUEST_PLAIN_LENGTH) | ||
152 | * Put the key used to decrypt the request into shared_key (of size crypto_box_BEFORENMBYTES) for use in the response. | ||
153 | * | ||
154 | * return -1 on failure. | ||
155 | * return 0 on success. | ||
156 | */ | ||
157 | static int handle_cookie_request(Net_Crypto *c, uint8_t *request_plain, uint8_t *shared_key, uint8_t *packet, | ||
158 | uint16_t length) | ||
159 | { | ||
160 | if (!c->dht) | ||
161 | return -1; | ||
162 | |||
163 | if (length != COOKIE_REQUEST_LENGTH) | ||
164 | return -1; | ||
165 | |||
166 | DHT_get_shared_key_sent(c->dht, shared_key, packet + 1); | ||
167 | int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES, | ||
168 | packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES, | ||
169 | request_plain); | ||
170 | |||
171 | if (len != COOKIE_REQUEST_PLAIN_LENGTH) | ||
172 | return -1; | ||
173 | |||
174 | return 0; | ||
175 | } | ||
37 | 176 | ||
38 | /* return 0 if there is no received data in the buffer. | 177 | /* return 0 if there is no received data in the buffer. |
39 | * return -1 if the packet was discarded. | 178 | * return -1 if the packet was discarded. |
@@ -57,8 +196,8 @@ int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data) | |||
57 | return -1; | 196 | return -1; |
58 | 197 | ||
59 | int len = decrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key, | 198 | int len = decrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key, |
60 | c->crypto_connections[crypt_connection_id].recv_nonce, | 199 | c->crypto_connections[crypt_connection_id].recv_nonce, |
61 | temp_data + 1, length - 1, data); | 200 | temp_data + 1, length - 1, data); |
62 | 201 | ||
63 | if (len != -1) { | 202 | if (len != -1) { |
64 | increment_nonce(c->crypto_connections[crypt_connection_id].recv_nonce); | 203 | increment_nonce(c->crypto_connections[crypt_connection_id].recv_nonce); |
@@ -95,8 +234,8 @@ int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uin | |||
95 | 234 | ||
96 | uint8_t temp_data[MAX_DATA_SIZE]; | 235 | uint8_t temp_data[MAX_DATA_SIZE]; |
97 | int len = encrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key, | 236 | int len = encrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key, |
98 | c->crypto_connections[crypt_connection_id].sent_nonce, | 237 | c->crypto_connections[crypt_connection_id].sent_nonce, |
99 | data, length, temp_data + 1); | 238 | data, length, temp_data + 1); |
100 | 239 | ||
101 | if (len == -1) | 240 | if (len == -1) |
102 | return 0; | 241 | return 0; |
@@ -655,6 +794,7 @@ Net_Crypto *new_net_crypto(Networking_Core *net) | |||
655 | } | 794 | } |
656 | 795 | ||
657 | new_keys(temp); | 796 | new_keys(temp); |
797 | new_symmetric_key(temp->secret_symmetric_key); | ||
658 | return temp; | 798 | return temp; |
659 | } | 799 | } |
660 | 800 | ||
diff --git a/toxcore/net_crypto.h b/toxcore/net_crypto.h index f67ca2bd..bbb9ee23 100644 --- a/toxcore/net_crypto.h +++ b/toxcore/net_crypto.h | |||
@@ -25,6 +25,7 @@ | |||
25 | #define NET_CRYPTO_H | 25 | #define NET_CRYPTO_H |
26 | 26 | ||
27 | #include "Lossless_UDP.h" | 27 | #include "Lossless_UDP.h" |
28 | #include "DHT.h" | ||
28 | 29 | ||
29 | #define CRYPTO_PACKET_FRIEND_REQ 32 /* Friend request crypto packet ID. */ | 30 | #define CRYPTO_PACKET_FRIEND_REQ 32 /* Friend request crypto packet ID. */ |
30 | #define CRYPTO_PACKET_HARDENING 48 /* Hardening crypto packet ID. */ | 31 | #define CRYPTO_PACKET_HARDENING 48 /* Hardening crypto packet ID. */ |
@@ -67,6 +68,7 @@ typedef struct { | |||
67 | 68 | ||
68 | typedef struct { | 69 | typedef struct { |
69 | Lossless_UDP *lossless_udp; | 70 | Lossless_UDP *lossless_udp; |
71 | DHT *dht; | ||
70 | 72 | ||
71 | Crypto_Connection *crypto_connections; | 73 | Crypto_Connection *crypto_connections; |
72 | 74 | ||
@@ -76,6 +78,9 @@ typedef struct { | |||
76 | uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; | 78 | uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; |
77 | uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; | 79 | uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; |
78 | 80 | ||
81 | /* The secret key used for cookies */ | ||
82 | uint8_t secret_symmetric_key[crypto_secretbox_KEYBYTES]; | ||
83 | |||
79 | Cryptopacket_Handles cryptopackethandlers[256]; | 84 | Cryptopacket_Handles cryptopackethandlers[256]; |
80 | } Net_Crypto; | 85 | } Net_Crypto; |
81 | 86 | ||
diff --git a/toxcore/network.h b/toxcore/network.h index c4fe0a7b..0e79954f 100644 --- a/toxcore/network.h +++ b/toxcore/network.h | |||
@@ -126,6 +126,8 @@ typedef int sock_t; | |||
126 | #define NET_PACKET_HANDSHAKE 16 /* Handshake packet ID. */ | 126 | #define NET_PACKET_HANDSHAKE 16 /* Handshake packet ID. */ |
127 | #define NET_PACKET_SYNC 17 /* SYNC packet ID. */ | 127 | #define NET_PACKET_SYNC 17 /* SYNC packet ID. */ |
128 | #define NET_PACKET_DATA 18 /* Data packet ID. */ | 128 | #define NET_PACKET_DATA 18 /* Data packet ID. */ |
129 | #define NET_PACKET_COOKIE_REQUEST 24 /* Cookie request packet */ | ||
130 | #define NET_PACKET_COOKIE_RESPONSE 25 /* Cookie response packet */ | ||
129 | #define NET_PACKET_CRYPTO 32 /* Encrypted data packet ID. */ | 131 | #define NET_PACKET_CRYPTO 32 /* Encrypted data packet ID. */ |
130 | #define NET_PACKET_LAN_DISCOVERY 33 /* LAN discovery packet ID. */ | 132 | #define NET_PACKET_LAN_DISCOVERY 33 /* LAN discovery packet ID. */ |
131 | #define NET_PACKET_GROUP_CHATS 48 /* Group chats packet ID. */ | 133 | #define NET_PACKET_GROUP_CHATS 48 /* Group chats packet ID. */ |
@@ -158,6 +160,11 @@ typedef int sock_t; | |||
158 | #define TOX_PORTRANGE_TO 33545 | 160 | #define TOX_PORTRANGE_TO 33545 |
159 | #define TOX_PORT_DEFAULT TOX_PORTRANGE_FROM | 161 | #define TOX_PORT_DEFAULT TOX_PORTRANGE_FROM |
160 | 162 | ||
163 | /* TCP related */ | ||
164 | #define TCP_ONION_FAMILY (AF_INET6 + 1) | ||
165 | #define TCP_INET (AF_INET6 + 2) | ||
166 | #define TCP_INET6 (AF_INET6 + 3) | ||
167 | |||
161 | typedef union __attribute__ ((__packed__)) | 168 | typedef union __attribute__ ((__packed__)) |
162 | { | 169 | { |
163 | uint8_t uint8[4]; | 170 | uint8_t uint8[4]; |
diff --git a/toxcore/onion.c b/toxcore/onion.c index 8603de0a..c2ca21f8 100644 --- a/toxcore/onion.c +++ b/toxcore/onion.c | |||
@@ -112,7 +112,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint | |||
112 | memcpy(step2 + sizeof(IP_Port), path->public_key3, crypto_box_PUBLICKEYBYTES); | 112 | memcpy(step2 + sizeof(IP_Port), path->public_key3, crypto_box_PUBLICKEYBYTES); |
113 | 113 | ||
114 | int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1), | 114 | int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1), |
115 | step2 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES); | 115 | step2 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES); |
116 | 116 | ||
117 | if ((uint32_t)len != sizeof(IP_Port) + length + crypto_box_MACBYTES) | 117 | if ((uint32_t)len != sizeof(IP_Port) + length + crypto_box_MACBYTES) |
118 | return -1; | 118 | return -1; |
@@ -121,7 +121,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint | |||
121 | memcpy(step3, &path->ip_port2, sizeof(IP_Port)); | 121 | memcpy(step3, &path->ip_port2, sizeof(IP_Port)); |
122 | memcpy(step3 + sizeof(IP_Port), path->public_key2, crypto_box_PUBLICKEYBYTES); | 122 | memcpy(step3 + sizeof(IP_Port), path->public_key2, crypto_box_PUBLICKEYBYTES); |
123 | len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2), | 123 | len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2), |
124 | step3 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES); | 124 | step3 + sizeof(IP_Port) + crypto_box_PUBLICKEYBYTES); |
125 | 125 | ||
126 | if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE + length + crypto_box_MACBYTES) | 126 | if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE + length + crypto_box_MACBYTES) |
127 | return -1; | 127 | return -1; |
@@ -132,7 +132,7 @@ int send_onion_packet(Networking_Core *net, Onion_Path *path, IP_Port dest, uint | |||
132 | memcpy(packet + 1 + crypto_box_NONCEBYTES, path->public_key1, crypto_box_PUBLICKEYBYTES); | 132 | memcpy(packet + 1 + crypto_box_NONCEBYTES, path->public_key1, crypto_box_PUBLICKEYBYTES); |
133 | 133 | ||
134 | len = encrypt_data_symmetric(path->shared_key1, nonce, step3, sizeof(step3), | 134 | len = encrypt_data_symmetric(path->shared_key1, nonce, step3, sizeof(step3), |
135 | packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); | 135 | packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); |
136 | 136 | ||
137 | if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE * 2 + length + crypto_box_MACBYTES) | 137 | if ((uint32_t)len != sizeof(IP_Port) + SEND_BASE * 2 + length + crypto_box_MACBYTES) |
138 | return -1; | 138 | return -1; |
@@ -176,7 +176,7 @@ static int handle_send_initial(void *object, IP_Port source, uint8_t *packet, ui | |||
176 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | 176 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; |
177 | get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); | 177 | get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); |
178 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, | 178 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
179 | length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), plain); | 179 | length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), plain); |
180 | 180 | ||
181 | if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES)) | 181 | if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES)) |
182 | return 1; | 182 | return 1; |
@@ -227,7 +227,7 @@ static int handle_send_1(void *object, IP_Port source, uint8_t *packet, uint32_t | |||
227 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | 227 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; |
228 | get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); | 228 | get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); |
229 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, | 229 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
230 | length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1), plain); | 230 | length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1), plain); |
231 | 231 | ||
232 | if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1 + crypto_box_MACBYTES)) | 232 | if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1 + crypto_box_MACBYTES)) |
233 | return 1; | 233 | return 1; |
@@ -276,7 +276,7 @@ static int handle_send_2(void *object, IP_Port source, uint8_t *packet, uint32_t | |||
276 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | 276 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; |
277 | get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); | 277 | get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); |
278 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, | 278 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
279 | length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2), plain); | 279 | length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2), plain); |
280 | 280 | ||
281 | if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES)) | 281 | if ((uint32_t)len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES)) |
282 | return 1; | 282 | return 1; |
diff --git a/toxcore/onion_announce.c b/toxcore/onion_announce.c index 28339ee6..5bab931a 100644 --- a/toxcore/onion_announce.c +++ b/toxcore/onion_announce.c | |||
@@ -222,8 +222,8 @@ static int handle_announce_request(void *object, IP_Port source, uint8_t *packet | |||
222 | 222 | ||
223 | uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; | 223 | uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; |
224 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, | 224 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
225 | ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + | 225 | ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + |
226 | crypto_box_MACBYTES, plain); | 226 | crypto_box_MACBYTES, plain); |
227 | 227 | ||
228 | if ((uint32_t)len != sizeof(plain)) | 228 | if ((uint32_t)len != sizeof(plain)) |
229 | return 1; | 229 | return 1; |
@@ -279,7 +279,7 @@ static int handle_announce_request(void *object, IP_Port source, uint8_t *packet | |||
279 | 279 | ||
280 | uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE]; | 280 | uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE]; |
281 | len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length, | 281 | len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length, |
282 | data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES); | 282 | data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES); |
283 | 283 | ||
284 | if (len != 1 + ONION_PING_ID_SIZE + nodes_length + crypto_box_MACBYTES) | 284 | if (len != 1 + ONION_PING_ID_SIZE + nodes_length + crypto_box_MACBYTES) |
285 | return 1; | 285 | return 1; |
diff --git a/toxcore/ping.c b/toxcore/ping.c index b0928d95..35aab86f 100644 --- a/toxcore/ping.c +++ b/toxcore/ping.c | |||
@@ -169,9 +169,9 @@ int send_ping_request(PING *ping, IP_Port ipp, uint8_t *client_id) | |||
169 | 169 | ||
170 | 170 | ||
171 | rc = encrypt_data_symmetric(shared_key, | 171 | rc = encrypt_data_symmetric(shared_key, |
172 | pk + 1 + CLIENT_ID_SIZE, | 172 | pk + 1 + CLIENT_ID_SIZE, |
173 | (uint8_t *) &ping_id, sizeof(ping_id), | 173 | (uint8_t *) &ping_id, sizeof(ping_id), |
174 | pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES); | 174 | pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES); |
175 | 175 | ||
176 | if (rc != sizeof(ping_id) + crypto_box_MACBYTES) | 176 | if (rc != sizeof(ping_id) + crypto_box_MACBYTES) |
177 | return 1; | 177 | return 1; |
@@ -194,9 +194,9 @@ static int send_ping_response(PING *ping, IP_Port ipp, uint8_t *client_id, uint6 | |||
194 | 194 | ||
195 | // Encrypt ping_id using recipient privkey | 195 | // Encrypt ping_id using recipient privkey |
196 | rc = encrypt_data_symmetric(shared_encryption_key, | 196 | rc = encrypt_data_symmetric(shared_encryption_key, |
197 | pk + 1 + CLIENT_ID_SIZE, | 197 | pk + 1 + CLIENT_ID_SIZE, |
198 | (uint8_t *) &ping_id, sizeof(ping_id), | 198 | (uint8_t *) &ping_id, sizeof(ping_id), |
199 | pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES ); | 199 | pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES ); |
200 | 200 | ||
201 | if (rc != sizeof(ping_id) + crypto_box_MACBYTES) | 201 | if (rc != sizeof(ping_id) + crypto_box_MACBYTES) |
202 | return 1; | 202 | return 1; |
@@ -223,10 +223,10 @@ static int handle_ping_request(void *_dht, IP_Port source, uint8_t *packet, uint | |||
223 | // Decrypt ping_id | 223 | // Decrypt ping_id |
224 | DHT_get_shared_key_recv(dht, shared_key, packet + 1); | 224 | DHT_get_shared_key_recv(dht, shared_key, packet + 1); |
225 | rc = decrypt_data_symmetric(shared_key, | 225 | rc = decrypt_data_symmetric(shared_key, |
226 | packet + 1 + CLIENT_ID_SIZE, | 226 | packet + 1 + CLIENT_ID_SIZE, |
227 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, | 227 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, |
228 | sizeof(ping_id) + crypto_box_MACBYTES, | 228 | sizeof(ping_id) + crypto_box_MACBYTES, |
229 | (uint8_t *) &ping_id ); | 229 | (uint8_t *) &ping_id ); |
230 | 230 | ||
231 | if (rc != sizeof(ping_id)) | 231 | if (rc != sizeof(ping_id)) |
232 | return 1; | 232 | return 1; |
@@ -260,10 +260,10 @@ static int handle_ping_response(void *_dht, IP_Port source, uint8_t *packet, uin | |||
260 | --ping_index; | 260 | --ping_index; |
261 | // Decrypt ping_id | 261 | // Decrypt ping_id |
262 | rc = decrypt_data_symmetric(ping->pings[ping_index].shared_key, | 262 | rc = decrypt_data_symmetric(ping->pings[ping_index].shared_key, |
263 | packet + 1 + CLIENT_ID_SIZE, | 263 | packet + 1 + CLIENT_ID_SIZE, |
264 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, | 264 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, |
265 | sizeof(ping_id) + crypto_box_MACBYTES, | 265 | sizeof(ping_id) + crypto_box_MACBYTES, |
266 | (uint8_t *) &ping_id); | 266 | (uint8_t *) &ping_id); |
267 | 267 | ||
268 | if (rc != sizeof(ping_id)) | 268 | if (rc != sizeof(ping_id)) |
269 | return 1; | 269 | return 1; |