diff options
author | irungentoo <irungentoo@gmail.com> | 2014-05-17 09:21:07 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2014-05-17 09:21:07 -0400 |
commit | 454cadb91c57eb689eddbf41d61d66af54aa1e0f (patch) | |
tree | b3cd1a7b1c444485095d1d33823f617d800161d0 | |
parent | 86c191c2d4d4721f93067565b078b9d691a61c00 (diff) |
Changed cookie/cookie request packet.
Cookie now contains the dht public key of the peer which makes
more sense than including the real public key of the reciever.
It means we no longer have to rely entirely on onion_client to
find the dht public key of the other peer.
-rw-r--r-- | docs/Tox_middle_level_network_protocol.txt | 4 | ||||
-rw-r--r-- | toxcore/net_crypto.c | 77 | ||||
-rw-r--r-- | toxcore/net_crypto.h | 1 |
3 files changed, 48 insertions, 34 deletions
diff --git a/docs/Tox_middle_level_network_protocol.txt b/docs/Tox_middle_level_network_protocol.txt index 29ea131a..9941487b 100644 --- a/docs/Tox_middle_level_network_protocol.txt +++ b/docs/Tox_middle_level_network_protocol.txt | |||
@@ -41,7 +41,7 @@ Detailed implementation details: | |||
41 | cookie request packet: | 41 | cookie request packet: |
42 | [uint8_t 24][Senders DHT Public key (32 bytes)][Random nonce (24 | 42 | [uint8_t 24][Senders DHT Public key (32 bytes)][Random nonce (24 |
43 | bytes)][Encrypted message containing: [Senders real public key (32 | 43 | bytes)][Encrypted message containing: [Senders real public key (32 |
44 | bytes)][Recievers real public key (32 bytes)][uint64_t number (must be sent | 44 | bytes)][padding (32 bytes)][uint64_t number (must be sent |
45 | back untouched in cookie response)]] | 45 | back untouched in cookie response)]] |
46 | Encrypted message is encrypted with sender DHT private key, recievers DHT | 46 | Encrypted message is encrypted with sender DHT private key, recievers DHT |
47 | public key and the nonce. | 47 | public key and the nonce. |
@@ -54,7 +54,7 @@ public key and the nonce. | |||
54 | 54 | ||
55 | The Cookie should be basically: | 55 | The Cookie should be basically: |
56 | [nonce][encrypted data:[uint64_t time][Senders real public key (32 | 56 | [nonce][encrypted data:[uint64_t time][Senders real public key (32 |
57 | bytes)][Recievers real public key (32 bytes)]] | 57 | bytes)][Senders dht public key (32 bytes)]] |
58 | 58 | ||
59 | Handshake packet: | 59 | Handshake packet: |
60 | [uint8_t 26][Cookie][nonce][Encrypted message containing: [random 24 bytes base | 60 | [uint8_t 26][Cookie][nonce][Encrypted message containing: [random 24 bytes base |
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index 6b975fe2..35cf21cd 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -62,20 +62,20 @@ static int is_alive(uint8_t status) | |||
62 | 62 | ||
63 | /* Create a cookie request packet and put it in packet. | 63 | /* Create a cookie request packet and put it in packet. |
64 | * dht_public_key is the dht public key of the other | 64 | * dht_public_key is the dht public key of the other |
65 | * real_public_key is the real public key of the other. | ||
66 | * | 65 | * |
67 | * packet must be of size COOKIE_REQUEST_LENGTH or bigger. | 66 | * packet must be of size COOKIE_REQUEST_LENGTH or bigger. |
68 | * | 67 | * |
69 | * return -1 on failure. | 68 | * return -1 on failure. |
70 | * return COOKIE_REQUEST_LENGTH on success. | 69 | * return COOKIE_REQUEST_LENGTH on success. |
71 | */ | 70 | */ |
72 | static int create_cookie_request(Net_Crypto *c, uint8_t *packet, uint8_t *dht_public_key, uint8_t *real_public_key, | 71 | static int create_cookie_request(Net_Crypto *c, uint8_t *packet, uint8_t *dht_public_key, uint64_t number, |
73 | uint64_t number, uint8_t *shared_key) | 72 | uint8_t *shared_key) |
74 | { | 73 | { |
75 | uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH]; | 74 | uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH]; |
75 | uint8_t padding[crypto_box_PUBLICKEYBYTES] = {0}; | ||
76 | 76 | ||
77 | memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES); | 77 | memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES); |
78 | memcpy(plain + crypto_box_PUBLICKEYBYTES, real_public_key, crypto_box_PUBLICKEYBYTES); | 78 | memcpy(plain + crypto_box_PUBLICKEYBYTES, padding, crypto_box_PUBLICKEYBYTES); |
79 | memcpy(plain + (crypto_box_PUBLICKEYBYTES * 2), &number, sizeof(uint64_t)); | 79 | memcpy(plain + (crypto_box_PUBLICKEYBYTES * 2), &number, sizeof(uint64_t)); |
80 | 80 | ||
81 | DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); | 81 | DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); |
@@ -146,11 +146,15 @@ static int open_cookie(uint8_t *bytes, uint8_t *cookie, uint8_t *encryption_key) | |||
146 | * return -1 on failure. | 146 | * return -1 on failure. |
147 | * return COOKIE_RESPONSE_LENGTH on success. | 147 | * return COOKIE_RESPONSE_LENGTH on success. |
148 | */ | 148 | */ |
149 | static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *request_plain, uint8_t *shared_key) | 149 | static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *request_plain, uint8_t *shared_key, |
150 | uint8_t *dht_public_key) | ||
150 | { | 151 | { |
152 | uint8_t cookie_plain[COOKIE_DATA_LENGTH]; | ||
153 | memcpy(cookie_plain, request_plain, crypto_box_PUBLICKEYBYTES); | ||
154 | memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, dht_public_key, crypto_box_PUBLICKEYBYTES); | ||
151 | uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; | 155 | uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; |
152 | 156 | ||
153 | if (create_cookie(plain, request_plain, c->secret_symmetric_key) != 0) | 157 | if (create_cookie(plain, cookie_plain, c->secret_symmetric_key) != 0) |
154 | return -1; | 158 | return -1; |
155 | 159 | ||
156 | memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t)); | 160 | memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t)); |
@@ -171,13 +175,14 @@ static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *reque | |||
171 | * return -1 on failure. | 175 | * return -1 on failure. |
172 | * return 0 on success. | 176 | * return 0 on success. |
173 | */ | 177 | */ |
174 | static int handle_cookie_request(Net_Crypto *c, uint8_t *request_plain, uint8_t *shared_key, uint8_t *packet, | 178 | static int handle_cookie_request(Net_Crypto *c, uint8_t *request_plain, uint8_t *shared_key, uint8_t *dht_public_key, |
175 | uint16_t length) | 179 | uint8_t *packet, uint16_t length) |
176 | { | 180 | { |
177 | if (length != COOKIE_REQUEST_LENGTH) | 181 | if (length != COOKIE_REQUEST_LENGTH) |
178 | return -1; | 182 | return -1; |
179 | 183 | ||
180 | DHT_get_shared_key_sent(c->dht, shared_key, packet + 1); | 184 | memcpy(dht_public_key, packet + 1, crypto_box_PUBLICKEYBYTES); |
185 | DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); | ||
181 | int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES, | 186 | int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES, |
182 | packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES, | 187 | packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES, |
183 | request_plain); | 188 | request_plain); |
@@ -195,13 +200,14 @@ static int udp_handle_cookie_request(void *object, IP_Port source, uint8_t *pack | |||
195 | Net_Crypto *c = object; | 200 | Net_Crypto *c = object; |
196 | uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; | 201 | uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; |
197 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | 202 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; |
203 | uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; | ||
198 | 204 | ||
199 | if (handle_cookie_request(c, request_plain, shared_key, packet, length) != 0) | 205 | if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) |
200 | return 1; | 206 | return 1; |
201 | 207 | ||
202 | uint8_t data[COOKIE_RESPONSE_LENGTH]; | 208 | uint8_t data[COOKIE_RESPONSE_LENGTH]; |
203 | 209 | ||
204 | if (create_cookie_response(c, data, request_plain, shared_key) != sizeof(data)) | 210 | if (create_cookie_response(c, data, request_plain, shared_key, dht_public_key) != sizeof(data)) |
205 | return 1; | 211 | return 1; |
206 | 212 | ||
207 | if ((uint32_t)sendpacket(c->dht->net, source, data, sizeof(data)) != sizeof(data)) | 213 | if ((uint32_t)sendpacket(c->dht->net, source, data, sizeof(data)) != sizeof(data)) |
@@ -217,13 +223,14 @@ static int tcp_handle_cookie_request(Net_Crypto *c, TCP_Client_Connection *TCP_c | |||
217 | { | 223 | { |
218 | uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; | 224 | uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; |
219 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | 225 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; |
226 | uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; | ||
220 | 227 | ||
221 | if (handle_cookie_request(c, request_plain, shared_key, packet, length) != 0) | 228 | if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) |
222 | return -1; | 229 | return -1; |
223 | 230 | ||
224 | uint8_t data[COOKIE_RESPONSE_LENGTH]; | 231 | uint8_t data[COOKIE_RESPONSE_LENGTH]; |
225 | 232 | ||
226 | if (create_cookie_response(c, data, request_plain, shared_key) != sizeof(data)) | 233 | if (create_cookie_response(c, data, request_plain, shared_key, dht_public_key) != sizeof(data)) |
227 | return -1; | 234 | return -1; |
228 | 235 | ||
229 | if ((uint32_t)send_data(TCP_con, conn_id, data, sizeof(data)) != 1) | 236 | if ((uint32_t)send_data(TCP_con, conn_id, data, sizeof(data)) != 1) |
@@ -268,7 +275,7 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, uint8_t *pa | |||
268 | * return HANDSHAKE_PACKET_LENGTH on success. | 275 | * return HANDSHAKE_PACKET_LENGTH on success. |
269 | */ | 276 | */ |
270 | static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cookie, uint8_t *nonce, uint8_t *session_pk, | 277 | static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cookie, uint8_t *nonce, uint8_t *session_pk, |
271 | uint8_t *peer_real_pk) | 278 | uint8_t *peer_real_pk, uint8_t *peer_dht_pubkey) |
272 | { | 279 | { |
273 | uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH]; | 280 | uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH]; |
274 | memcpy(plain, nonce, crypto_box_NONCEBYTES); | 281 | memcpy(plain, nonce, crypto_box_NONCEBYTES); |
@@ -276,7 +283,7 @@ static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cook | |||
276 | crypto_hash_sha512(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, cookie, COOKIE_LENGTH); | 283 | crypto_hash_sha512(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, cookie, COOKIE_LENGTH); |
277 | uint8_t cookie_plain[COOKIE_DATA_LENGTH]; | 284 | uint8_t cookie_plain[COOKIE_DATA_LENGTH]; |
278 | memcpy(cookie_plain, peer_real_pk, crypto_box_PUBLICKEYBYTES); | 285 | memcpy(cookie_plain, peer_real_pk, crypto_box_PUBLICKEYBYTES); |
279 | memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, c->self_public_key, crypto_box_PUBLICKEYBYTES); | 286 | memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, peer_dht_pubkey, crypto_box_PUBLICKEYBYTES); |
280 | 287 | ||
281 | if (create_cookie(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, cookie_plain, | 288 | if (create_cookie(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, cookie_plain, |
282 | c->secret_symmetric_key) != 0) | 289 | c->secret_symmetric_key) != 0) |
@@ -298,7 +305,8 @@ static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cook | |||
298 | /* Handle a crypto handshake packet of length. | 305 | /* Handle a crypto handshake packet of length. |
299 | * put the nonce contained in the packet in nonce, | 306 | * put the nonce contained in the packet in nonce, |
300 | * the session public key in session_pk | 307 | * the session public key in session_pk |
301 | * the real public key of the peer in peer_real_pk and | 308 | * the real public key of the peer in peer_real_pk |
309 | * the dht public key of the peer in dht_public_key and | ||
302 | * the cookie inside the encrypted part of the packet in cookie. | 310 | * the cookie inside the encrypted part of the packet in cookie. |
303 | * | 311 | * |
304 | * if expected_real_pk isn't NULL it denotes the real public key | 312 | * if expected_real_pk isn't NULL it denotes the real public key |
@@ -313,7 +321,7 @@ static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cook | |||
313 | * return 0 on success. | 321 | * return 0 on success. |
314 | */ | 322 | */ |
315 | static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *session_pk, uint8_t *peer_real_pk, | 323 | static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *session_pk, uint8_t *peer_real_pk, |
316 | uint8_t *cookie, uint8_t *packet, uint32_t length, uint8_t *expected_real_pk) | 324 | uint8_t *dht_public_key, uint8_t *cookie, uint8_t *packet, uint32_t length, uint8_t *expected_real_pk) |
317 | { | 325 | { |
318 | if (length != HANDSHAKE_PACKET_LENGTH) | 326 | if (length != HANDSHAKE_PACKET_LENGTH) |
319 | return -1; | 327 | return -1; |
@@ -327,9 +335,6 @@ static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *sessi | |||
327 | if (crypto_cmp(cookie_plain, expected_real_pk, crypto_box_PUBLICKEYBYTES) != 0) | 335 | if (crypto_cmp(cookie_plain, expected_real_pk, crypto_box_PUBLICKEYBYTES) != 0) |
328 | return -1; | 336 | return -1; |
329 | 337 | ||
330 | if (crypto_cmp(cookie_plain + crypto_box_PUBLICKEYBYTES, c->self_public_key, crypto_box_PUBLICKEYBYTES) != 0) | ||
331 | return -1; | ||
332 | |||
333 | uint8_t cookie_hash[crypto_hash_sha512_BYTES]; | 338 | uint8_t cookie_hash[crypto_hash_sha512_BYTES]; |
334 | crypto_hash_sha512(cookie_hash, packet + 1, COOKIE_LENGTH); | 339 | crypto_hash_sha512(cookie_hash, packet + 1, COOKIE_LENGTH); |
335 | 340 | ||
@@ -348,6 +353,7 @@ static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *sessi | |||
348 | memcpy(session_pk, plain + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES); | 353 | memcpy(session_pk, plain + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES); |
349 | memcpy(cookie, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, COOKIE_LENGTH); | 354 | memcpy(cookie, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, COOKIE_LENGTH); |
350 | memcpy(peer_real_pk, cookie_plain, crypto_box_PUBLICKEYBYTES); | 355 | memcpy(peer_real_pk, cookie_plain, crypto_box_PUBLICKEYBYTES); |
356 | memcpy(dht_public_key, cookie_plain + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); | ||
351 | return 0; | 357 | return 0; |
352 | } | 358 | } |
353 | 359 | ||
@@ -933,7 +939,7 @@ static int send_temp_packet(Net_Crypto *c, int crypt_connection_id) | |||
933 | * return -1 on failure. | 939 | * return -1 on failure. |
934 | * return 0 on success. | 940 | * return 0 on success. |
935 | */ | 941 | */ |
936 | static int create_send_handshake(Net_Crypto *c, int crypt_connection_id, uint8_t *cookie) | 942 | static int create_send_handshake(Net_Crypto *c, int crypt_connection_id, uint8_t *cookie, uint8_t *dht_public_key) |
937 | { | 943 | { |
938 | Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); | 944 | Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); |
939 | 945 | ||
@@ -943,7 +949,7 @@ static int create_send_handshake(Net_Crypto *c, int crypt_connection_id, uint8_t | |||
943 | uint8_t handshake_packet[HANDSHAKE_PACKET_LENGTH]; | 949 | uint8_t handshake_packet[HANDSHAKE_PACKET_LENGTH]; |
944 | 950 | ||
945 | if (create_crypto_handshake(c, handshake_packet, cookie, conn->sent_nonce, conn->sessionpublic_key, | 951 | if (create_crypto_handshake(c, handshake_packet, cookie, conn->sent_nonce, conn->sessionpublic_key, |
946 | conn->public_key) != sizeof(handshake_packet)) | 952 | conn->public_key, dht_public_key) != sizeof(handshake_packet)) |
947 | return -1; | 953 | return -1; |
948 | 954 | ||
949 | if (new_temp_packet(c, crypt_connection_id, handshake_packet, sizeof(handshake_packet)) != 0) | 955 | if (new_temp_packet(c, crypt_connection_id, handshake_packet, sizeof(handshake_packet)) != 0) |
@@ -1083,7 +1089,7 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, uint | |||
1083 | if (number != conn->cookie_request_number) | 1089 | if (number != conn->cookie_request_number) |
1084 | return -1; | 1090 | return -1; |
1085 | 1091 | ||
1086 | if (create_send_handshake(c, crypt_connection_id, cookie) != 0) | 1092 | if (create_send_handshake(c, crypt_connection_id, cookie, conn->dht_public_key) != 0) |
1087 | return -1; | 1093 | return -1; |
1088 | 1094 | ||
1089 | conn->status = CRYPTO_CONN_HANDSHAKE_SENT; | 1095 | conn->status = CRYPTO_CONN_HANDSHAKE_SENT; |
@@ -1093,20 +1099,23 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, uint | |||
1093 | case NET_PACKET_CRYPTO_HS: { | 1099 | case NET_PACKET_CRYPTO_HS: { |
1094 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT) { | 1100 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT) { |
1095 | uint8_t peer_real_pk[crypto_box_PUBLICKEYBYTES]; | 1101 | uint8_t peer_real_pk[crypto_box_PUBLICKEYBYTES]; |
1102 | uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; | ||
1096 | uint8_t cookie[COOKIE_LENGTH]; | 1103 | uint8_t cookie[COOKIE_LENGTH]; |
1097 | 1104 | ||
1098 | if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, cookie, packet, length, | 1105 | if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, dht_public_key, cookie, |
1099 | conn->public_key) != 0) | 1106 | packet, length, conn->public_key) != 0) |
1100 | return -1; | 1107 | return -1; |
1101 | 1108 | ||
1102 | encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); | 1109 | encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); |
1103 | 1110 | ||
1104 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) { | 1111 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) { |
1105 | if (create_send_handshake(c, crypt_connection_id, cookie) != 0) | 1112 | if (create_send_handshake(c, crypt_connection_id, cookie, dht_public_key) != 0) |
1106 | return -1; | 1113 | return -1; |
1107 | } | 1114 | } |
1108 | 1115 | ||
1109 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1116 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; |
1117 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ | ||
1118 | set_connection_dht_public_key(c, crypt_connection_id, dht_public_key); | ||
1110 | } else { | 1119 | } else { |
1111 | return -1; | 1120 | return -1; |
1112 | } | 1121 | } |
@@ -1295,8 +1304,8 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, uint8_ | |||
1295 | n_c.source = source; | 1304 | n_c.source = source; |
1296 | n_c.cookie_length = COOKIE_LENGTH; | 1305 | n_c.cookie_length = COOKIE_LENGTH; |
1297 | 1306 | ||
1298 | if (handle_crypto_handshake(c, n_c.recv_nonce, n_c.peersessionpublic_key, n_c.public_key, n_c.cookie, data, length, | 1307 | if (handle_crypto_handshake(c, n_c.recv_nonce, n_c.peersessionpublic_key, n_c.public_key, n_c.dht_public_key, |
1299 | 0) != 0) { | 1308 | n_c.cookie, data, length, 0) != 0) { |
1300 | free(n_c.cookie); | 1309 | free(n_c.cookie); |
1301 | return -1; | 1310 | return -1; |
1302 | } | 1311 | } |
@@ -1314,8 +1323,10 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, uint8_ | |||
1314 | 1323 | ||
1315 | crypto_connection_add_source(c, crypt_connection_id, source); | 1324 | crypto_connection_add_source(c, crypt_connection_id, source); |
1316 | 1325 | ||
1317 | if (create_send_handshake(c, crypt_connection_id, n_c.cookie) == 0) { | 1326 | if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) == 0) { |
1318 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1327 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; |
1328 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ | ||
1329 | set_connection_dht_public_key(c, crypt_connection_id, n_c.dht_public_key); | ||
1319 | ret = 0; | 1330 | ret = 0; |
1320 | } | 1331 | } |
1321 | } | 1332 | } |
@@ -1359,10 +1370,12 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c) | |||
1359 | if (n_c->cookie_length != COOKIE_LENGTH) | 1370 | if (n_c->cookie_length != COOKIE_LENGTH) |
1360 | return -1; | 1371 | return -1; |
1361 | 1372 | ||
1362 | if (create_send_handshake(c, crypt_connection_id, n_c->cookie) != 0) | 1373 | if (create_send_handshake(c, crypt_connection_id, n_c->cookie, n_c->dht_public_key) != 0) |
1363 | return -1; | 1374 | return -1; |
1364 | 1375 | ||
1365 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1376 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; |
1377 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ | ||
1378 | set_connection_dht_public_key(c, crypt_connection_id, n_c->dht_public_key); | ||
1366 | conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; | 1379 | conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; |
1367 | crypto_connection_add_source(c, crypt_connection_id, n_c->source); | 1380 | crypto_connection_add_source(c, crypt_connection_id, n_c->source); |
1368 | return crypt_connection_id; | 1381 | return crypt_connection_id; |
@@ -1475,8 +1488,8 @@ int set_connection_dht_public_key(Net_Crypto *c, int crypt_connection_id, uint8_ | |||
1475 | conn->cookie_request_number = random_64b(); | 1488 | conn->cookie_request_number = random_64b(); |
1476 | uint8_t cookie_request[COOKIE_REQUEST_LENGTH]; | 1489 | uint8_t cookie_request[COOKIE_REQUEST_LENGTH]; |
1477 | 1490 | ||
1478 | if (create_cookie_request(c, cookie_request, conn->dht_public_key, conn->public_key, | 1491 | if (create_cookie_request(c, cookie_request, conn->dht_public_key, conn->cookie_request_number, |
1479 | conn->cookie_request_number, conn->shared_key) != sizeof(cookie_request)) | 1492 | conn->shared_key) != sizeof(cookie_request)) |
1480 | return -1; | 1493 | return -1; |
1481 | 1494 | ||
1482 | if (new_temp_packet(c, crypt_connection_id, cookie_request, sizeof(cookie_request)) != 0) | 1495 | if (new_temp_packet(c, crypt_connection_id, cookie_request, sizeof(cookie_request)) != 0) |
diff --git a/toxcore/net_crypto.h b/toxcore/net_crypto.h index e55427f2..e2e0fffb 100644 --- a/toxcore/net_crypto.h +++ b/toxcore/net_crypto.h | |||
@@ -133,6 +133,7 @@ typedef struct { | |||
133 | typedef struct { | 133 | typedef struct { |
134 | IP_Port source; | 134 | IP_Port source; |
135 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The real public key of the peer. */ | 135 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The real public key of the peer. */ |
136 | uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; /* The dht public key of the peer. */ | ||
136 | uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ | 137 | uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ |
137 | uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ | 138 | uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ |
138 | uint8_t *cookie; | 139 | uint8_t *cookie; |