summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoriphydf <iphydf@users.noreply.github.com>2016-12-19 02:47:42 +0000
committeriphydf <iphydf@users.noreply.github.com>2016-12-22 10:26:59 +0000
commitce29c8e7ec91d95167b2dea3aee9fd1ae1aac254 (patch)
treea288df55c44e8edf816e6abbde19a70faef73394
parent7122d2e862e028a730478d88cd61557fbed16ebf (diff)
Wrap all sodium/nacl functions in crypto_core.c.
Diffstat
-rw-r--r--auto_tests/TCP_test.c190
-rw-r--r--auto_tests/crypto_test.c88
-rw-r--r--auto_tests/dht_test.c90
-rw-r--r--auto_tests/encryptsave_test.c10
-rw-r--r--auto_tests/onion_test.c62
-rw-r--r--other/DHT_bootstrap.c10
-rw-r--r--other/bootstrap_daemon/src/config.c2
-rw-r--r--other/bootstrap_daemon/src/tox-bootstrapd.c14
-rw-r--r--testing/DHT_test.c4
-rw-r--r--testing/hstox/binary_decode.c6
-rw-r--r--testing/hstox/binary_encode.c6
-rw-r--r--testing/hstox/methods.c28
-rw-r--r--toxcore/DHT.c186
-rw-r--r--toxcore/DHT.h28
-rw-r--r--toxcore/LAN_discovery.c10
-rw-r--r--toxcore/Messenger.c38
-rw-r--r--toxcore/Messenger.h6
-rw-r--r--toxcore/TCP_client.c60
-rw-r--r--toxcore/TCP_client.h14
-rw-r--r--toxcore/TCP_connection.c18
-rw-r--r--toxcore/TCP_connection.h4
-rw-r--r--toxcore/TCP_server.c72
-rw-r--r--toxcore/TCP_server.h16
-rw-r--r--toxcore/crypto_core.api.h83
-rw-r--r--toxcore/crypto_core.c95
-rw-r--r--toxcore/crypto_core.h100
-rw-r--r--toxcore/friend_connection.c10
-rw-r--r--toxcore/friend_connection.h4
-rw-r--r--toxcore/friend_requests.c2
-rw-r--r--toxcore/friend_requests.h2
-rw-r--r--toxcore/group.c66
-rw-r--r--toxcore/group.h14
-rw-r--r--toxcore/net_crypto.c180
-rw-r--r--toxcore/net_crypto.h36
-rw-r--r--toxcore/onion.c144
-rw-r--r--toxcore/onion.h34
-rw-r--r--toxcore/onion_announce.c88
-rw-r--r--toxcore/onion_announce.h22
-rw-r--r--toxcore/onion_client.c106
-rw-r--r--toxcore/onion_client.h22
-rw-r--r--toxcore/ping.c44
-rw-r--r--toxcore/tox.c30
-rw-r--r--toxcore/util.c6
-rw-r--r--toxdns/toxdns.c33
-rw-r--r--toxencryptsave/toxencryptsave.c9
45 files changed, 1142 insertions, 950 deletions
diff --git a/auto_tests/TCP_test.c b/auto_tests/TCP_test.c
index 4fdb8a88..d9013378 100644
--- a/auto_tests/TCP_test.c
+++ b/auto_tests/TCP_test.c
@@ -29,9 +29,9 @@ static uint16_t ports[NUM_PORTS] = {1234, 33445, 25643};
29 29
30START_TEST(test_basic) 30START_TEST(test_basic)
31{ 31{
32 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 32 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
33 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 33 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
34 crypto_box_keypair(self_public_key, self_secret_key); 34 crypto_new_keypair(self_public_key, self_secret_key);
35 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); 35 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL);
36 ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server"); 36 ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server");
37 ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports"); 37 ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports");
@@ -45,23 +45,23 @@ START_TEST(test_basic)
45 int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback)); 45 int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback));
46 ck_assert_msg(ret == 0, "Failed to connect to TCP relay server"); 46 ck_assert_msg(ret == 0, "Failed to connect to TCP relay server");
47 47
48 uint8_t f_public_key[crypto_box_PUBLICKEYBYTES]; 48 uint8_t f_public_key[CRYPTO_PUBLIC_KEY_SIZE];
49 uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; 49 uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE];
50 uint8_t f_nonce[crypto_box_NONCEBYTES]; 50 uint8_t f_nonce[CRYPTO_NONCE_SIZE];
51 crypto_box_keypair(f_public_key, f_secret_key); 51 crypto_new_keypair(f_public_key, f_secret_key);
52 random_nonce(f_nonce); 52 random_nonce(f_nonce);
53 53
54 uint8_t t_secret_key[crypto_box_SECRETKEYBYTES]; 54 uint8_t t_secret_key[CRYPTO_SECRET_KEY_SIZE];
55 uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE]; 55 uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE];
56 crypto_box_keypair(handshake_plain, t_secret_key); 56 crypto_new_keypair(handshake_plain, t_secret_key);
57 memcpy(handshake_plain + crypto_box_PUBLICKEYBYTES, f_nonce, crypto_box_NONCEBYTES); 57 memcpy(handshake_plain + CRYPTO_PUBLIC_KEY_SIZE, f_nonce, CRYPTO_NONCE_SIZE);
58 uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE]; 58 uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE];
59 memcpy(handshake, f_public_key, crypto_box_PUBLICKEYBYTES); 59 memcpy(handshake, f_public_key, CRYPTO_PUBLIC_KEY_SIZE);
60 random_nonce(handshake + crypto_box_PUBLICKEYBYTES); 60 random_nonce(handshake + CRYPTO_PUBLIC_KEY_SIZE);
61 61
62 ret = encrypt_data(self_public_key, f_secret_key, handshake + crypto_box_PUBLICKEYBYTES, handshake_plain, 62 ret = encrypt_data(self_public_key, f_secret_key, handshake + CRYPTO_PUBLIC_KEY_SIZE, handshake_plain,
63 TCP_HANDSHAKE_PLAIN_SIZE, handshake + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); 63 TCP_HANDSHAKE_PLAIN_SIZE, handshake + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);
64 ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES), 64 ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE),
65 "Encrypt failed."); 65 "Encrypt failed.");
66 ck_assert_msg(send(sock, (const char *)handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1, 66 ck_assert_msg(send(sock, (const char *)handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1,
67 "send Failed."); 67 "send Failed.");
@@ -79,20 +79,20 @@ START_TEST(test_basic)
79 uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; 79 uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
80 uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE]; 80 uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE];
81 ck_assert_msg(recv(sock, (char *)response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed."); 81 ck_assert_msg(recv(sock, (char *)response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed.");
82 ret = decrypt_data(self_public_key, f_secret_key, response, response + crypto_box_NONCEBYTES, 82 ret = decrypt_data(self_public_key, f_secret_key, response, response + CRYPTO_NONCE_SIZE,
83 TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, response_plain); 83 TCP_SERVER_HANDSHAKE_SIZE - CRYPTO_NONCE_SIZE, response_plain);
84 ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed."); 84 ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed.");
85 uint8_t f_nonce_r[crypto_box_NONCEBYTES]; 85 uint8_t f_nonce_r[CRYPTO_NONCE_SIZE];
86 uint8_t f_shared_key[crypto_box_BEFORENMBYTES]; 86 uint8_t f_shared_key[CRYPTO_SHARED_KEY_SIZE];
87 encrypt_precompute(response_plain, t_secret_key, f_shared_key); 87 encrypt_precompute(response_plain, t_secret_key, f_shared_key);
88 memcpy(f_nonce_r, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES); 88 memcpy(f_nonce_r, response_plain + CRYPTO_SHARED_KEY_SIZE, CRYPTO_NONCE_SIZE);
89 89
90 uint8_t r_req_p[1 + crypto_box_PUBLICKEYBYTES] = {0}; 90 uint8_t r_req_p[1 + CRYPTO_PUBLIC_KEY_SIZE] = {0};
91 memcpy(r_req_p + 1, f_public_key, crypto_box_PUBLICKEYBYTES); 91 memcpy(r_req_p + 1, f_public_key, CRYPTO_PUBLIC_KEY_SIZE);
92 uint8_t r_req[2 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES]; 92 uint8_t r_req[2 + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE];
93 uint16_t size = 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES; 93 uint16_t size = 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE;
94 size = htons(size); 94 size = htons(size);
95 encrypt_data_symmetric(f_shared_key, f_nonce, r_req_p, 1 + crypto_box_PUBLICKEYBYTES, r_req + 2); 95 encrypt_data_symmetric(f_shared_key, f_nonce, r_req_p, 1 + CRYPTO_PUBLIC_KEY_SIZE, r_req + 2);
96 increment_nonce(f_nonce); 96 increment_nonce(f_nonce);
97 memcpy(r_req, &size, 2); 97 memcpy(r_req, &size, 2);
98 uint32_t i; 98 uint32_t i;
@@ -107,11 +107,11 @@ START_TEST(test_basic)
107 do_TCP_server(tcp_s); 107 do_TCP_server(tcp_s);
108 c_sleep(50); 108 c_sleep(50);
109 uint8_t packet_resp[4096]; 109 uint8_t packet_resp[4096];
110 int recv_data_len = recv(sock, (char *)packet_resp, 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, 0); 110 int recv_data_len = recv(sock, (char *)packet_resp, 2 + 2 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE, 0);
111 ck_assert_msg(recv_data_len == 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, 111 ck_assert_msg(recv_data_len == 2 + 2 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE,
112 "recv Failed. %u", recv_data_len); 112 "recv Failed. %u", recv_data_len);
113 memcpy(&size, packet_resp, 2); 113 memcpy(&size, packet_resp, 2);
114 ck_assert_msg(ntohs(size) == 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, "Wrong packet size."); 114 ck_assert_msg(ntohs(size) == 2 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE, "Wrong packet size.");
115 uint8_t packet_resp_plain[4096]; 115 uint8_t packet_resp_plain[4096];
116 ret = decrypt_data_symmetric(f_shared_key, f_nonce_r, packet_resp + 2, recv_data_len - 2, packet_resp_plain); 116 ret = decrypt_data_symmetric(f_shared_key, f_nonce_r, packet_resp + 2, recv_data_len - 2, packet_resp_plain);
117 ck_assert_msg(ret != -1, "decryption failed"); 117 ck_assert_msg(ret != -1, "decryption failed");
@@ -125,10 +125,10 @@ END_TEST
125 125
126struct sec_TCP_con { 126struct sec_TCP_con {
127 sock_t sock; 127 sock_t sock;
128 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 128 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
129 uint8_t recv_nonce[crypto_box_NONCEBYTES]; 129 uint8_t recv_nonce[CRYPTO_NONCE_SIZE];
130 uint8_t sent_nonce[crypto_box_NONCEBYTES]; 130 uint8_t sent_nonce[CRYPTO_NONCE_SIZE];
131 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 131 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
132}; 132};
133 133
134static struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s) 134static struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s)
@@ -143,21 +143,21 @@ static struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s)
143 int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback)); 143 int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback));
144 ck_assert_msg(ret == 0, "Failed to connect to TCP relay server"); 144 ck_assert_msg(ret == 0, "Failed to connect to TCP relay server");
145 145
146 uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; 146 uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE];
147 crypto_box_keypair(sec_c->public_key, f_secret_key); 147 crypto_new_keypair(sec_c->public_key, f_secret_key);
148 random_nonce(sec_c->sent_nonce); 148 random_nonce(sec_c->sent_nonce);
149 149
150 uint8_t t_secret_key[crypto_box_SECRETKEYBYTES]; 150 uint8_t t_secret_key[CRYPTO_SECRET_KEY_SIZE];
151 uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE]; 151 uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE];
152 crypto_box_keypair(handshake_plain, t_secret_key); 152 crypto_new_keypair(handshake_plain, t_secret_key);
153 memcpy(handshake_plain + crypto_box_PUBLICKEYBYTES, sec_c->sent_nonce, crypto_box_NONCEBYTES); 153 memcpy(handshake_plain + CRYPTO_PUBLIC_KEY_SIZE, sec_c->sent_nonce, CRYPTO_NONCE_SIZE);
154 uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE]; 154 uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE];
155 memcpy(handshake, sec_c->public_key, crypto_box_PUBLICKEYBYTES); 155 memcpy(handshake, sec_c->public_key, CRYPTO_PUBLIC_KEY_SIZE);
156 random_nonce(handshake + crypto_box_PUBLICKEYBYTES); 156 random_nonce(handshake + CRYPTO_PUBLIC_KEY_SIZE);
157 157
158 ret = encrypt_data(tcp_server_public_key(tcp_s), f_secret_key, handshake + crypto_box_PUBLICKEYBYTES, handshake_plain, 158 ret = encrypt_data(tcp_server_public_key(tcp_s), f_secret_key, handshake + CRYPTO_PUBLIC_KEY_SIZE, handshake_plain,
159 TCP_HANDSHAKE_PLAIN_SIZE, handshake + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); 159 TCP_HANDSHAKE_PLAIN_SIZE, handshake + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);
160 ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES), 160 ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE),
161 "Encrypt failed."); 161 "Encrypt failed.");
162 ck_assert_msg(send(sock, (const char *)handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1, 162 ck_assert_msg(send(sock, (const char *)handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1,
163 "send Failed."); 163 "send Failed.");
@@ -169,11 +169,11 @@ static struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s)
169 uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; 169 uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
170 uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE]; 170 uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE];
171 ck_assert_msg(recv(sock, (char *)response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed."); 171 ck_assert_msg(recv(sock, (char *)response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed.");
172 ret = decrypt_data(tcp_server_public_key(tcp_s), f_secret_key, response, response + crypto_box_NONCEBYTES, 172 ret = decrypt_data(tcp_server_public_key(tcp_s), f_secret_key, response, response + CRYPTO_NONCE_SIZE,
173 TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, response_plain); 173 TCP_SERVER_HANDSHAKE_SIZE - CRYPTO_NONCE_SIZE, response_plain);
174 ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed."); 174 ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed.");
175 encrypt_precompute(response_plain, t_secret_key, sec_c->shared_key); 175 encrypt_precompute(response_plain, t_secret_key, sec_c->shared_key);
176 memcpy(sec_c->recv_nonce, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES); 176 memcpy(sec_c->recv_nonce, response_plain + CRYPTO_SHARED_KEY_SIZE, CRYPTO_NONCE_SIZE);
177 sec_c->sock = sock; 177 sec_c->sock = sock;
178 return sec_c; 178 return sec_c;
179} 179}
@@ -186,9 +186,9 @@ static void kill_TCP_con(struct sec_TCP_con *con)
186 186
187static int write_packet_TCP_secure_connection(struct sec_TCP_con *con, uint8_t *data, uint16_t length) 187static int write_packet_TCP_secure_connection(struct sec_TCP_con *con, uint8_t *data, uint16_t length)
188{ 188{
189 uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES]; 189 uint8_t packet[sizeof(uint16_t) + length + CRYPTO_MAC_SIZE];
190 190
191 uint16_t c_length = htons(length + crypto_box_MACBYTES); 191 uint16_t c_length = htons(length + CRYPTO_MAC_SIZE);
192 memcpy(packet, &c_length, sizeof(uint16_t)); 192 memcpy(packet, &c_length, sizeof(uint16_t));
193 int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t)); 193 int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
194 194
@@ -214,9 +214,9 @@ static int read_packet_sec_TCP(struct sec_TCP_con *con, uint8_t *data, uint16_t
214 214
215START_TEST(test_some) 215START_TEST(test_some)
216{ 216{
217 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 217 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
218 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 218 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
219 crypto_box_keypair(self_public_key, self_secret_key); 219 crypto_new_keypair(self_public_key, self_secret_key);
220 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); 220 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL);
221 ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server"); 221 ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server");
222 ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports"); 222 ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports");
@@ -225,22 +225,22 @@ START_TEST(test_some)
225 struct sec_TCP_con *con2 = new_TCP_con(tcp_s); 225 struct sec_TCP_con *con2 = new_TCP_con(tcp_s);
226 struct sec_TCP_con *con3 = new_TCP_con(tcp_s); 226 struct sec_TCP_con *con3 = new_TCP_con(tcp_s);
227 227
228 uint8_t requ_p[1 + crypto_box_PUBLICKEYBYTES]; 228 uint8_t requ_p[1 + CRYPTO_PUBLIC_KEY_SIZE];
229 requ_p[0] = 0; 229 requ_p[0] = 0;
230 memcpy(requ_p + 1, con3->public_key, crypto_box_PUBLICKEYBYTES); 230 memcpy(requ_p + 1, con3->public_key, CRYPTO_PUBLIC_KEY_SIZE);
231 write_packet_TCP_secure_connection(con1, requ_p, sizeof(requ_p)); 231 write_packet_TCP_secure_connection(con1, requ_p, sizeof(requ_p));
232 memcpy(requ_p + 1, con1->public_key, crypto_box_PUBLICKEYBYTES); 232 memcpy(requ_p + 1, con1->public_key, CRYPTO_PUBLIC_KEY_SIZE);
233 write_packet_TCP_secure_connection(con3, requ_p, sizeof(requ_p)); 233 write_packet_TCP_secure_connection(con3, requ_p, sizeof(requ_p));
234 do_TCP_server(tcp_s); 234 do_TCP_server(tcp_s);
235 c_sleep(50); 235 c_sleep(50);
236 uint8_t data[2048]; 236 uint8_t data[2048];
237 int len = read_packet_sec_TCP(con1, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES); 237 int len = read_packet_sec_TCP(con1, data, 2 + 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE);
238 ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len); 238 ck_assert_msg(len == 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE, "wrong len %u", len);
239 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]); 239 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
240 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]); 240 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
241 ck_assert_msg(public_key_cmp(data + 2, con3->public_key) == 0, "key in packet wrong"); 241 ck_assert_msg(public_key_cmp(data + 2, con3->public_key) == 0, "key in packet wrong");
242 len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES); 242 len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE);
243 ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len); 243 ck_assert_msg(len == 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE, "wrong len %u", len);
244 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]); 244 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
245 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]); 245 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
246 ck_assert_msg(public_key_cmp(data + 2, con1->public_key) == 0, "key in packet wrong"); 246 ck_assert_msg(public_key_cmp(data + 2, con1->public_key) == 0, "key in packet wrong");
@@ -252,23 +252,23 @@ START_TEST(test_some)
252 c_sleep(50); 252 c_sleep(50);
253 do_TCP_server(tcp_s); 253 do_TCP_server(tcp_s);
254 c_sleep(50); 254 c_sleep(50);
255 len = read_packet_sec_TCP(con1, data, 2 + 2 + crypto_box_MACBYTES); 255 len = read_packet_sec_TCP(con1, data, 2 + 2 + CRYPTO_MAC_SIZE);
256 ck_assert_msg(len == 2, "wrong len %u", len); 256 ck_assert_msg(len == 2, "wrong len %u", len);
257 ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]); 257 ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]);
258 ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]); 258 ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]);
259 len = read_packet_sec_TCP(con3, data, 2 + 2 + crypto_box_MACBYTES); 259 len = read_packet_sec_TCP(con3, data, 2 + 2 + CRYPTO_MAC_SIZE);
260 ck_assert_msg(len == 2, "wrong len %u", len); 260 ck_assert_msg(len == 2, "wrong len %u", len);
261 ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]); 261 ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]);
262 ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]); 262 ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]);
263 len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); 263 len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE);
264 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); 264 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len);
265 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], 265 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1],
266 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); 266 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]);
267 len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); 267 len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE);
268 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); 268 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len);
269 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], 269 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1],
270 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); 270 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]);
271 len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); 271 len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE);
272 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); 272 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len);
273 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], 273 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1],
274 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); 274 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]);
@@ -278,15 +278,15 @@ START_TEST(test_some)
278 c_sleep(50); 278 c_sleep(50);
279 do_TCP_server(tcp_s); 279 do_TCP_server(tcp_s);
280 c_sleep(50); 280 c_sleep(50);
281 len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); 281 len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE);
282 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); 282 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len);
283 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], 283 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1],
284 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); 284 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]);
285 len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); 285 len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE);
286 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); 286 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len);
287 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], 287 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1],
288 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); 288 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]);
289 len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); 289 len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE);
290 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); 290 ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len);
291 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], 291 ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1],
292 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); 292 data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]);
@@ -296,7 +296,7 @@ START_TEST(test_some)
296 c_sleep(50); 296 c_sleep(50);
297 do_TCP_server(tcp_s); 297 do_TCP_server(tcp_s);
298 c_sleep(50); 298 c_sleep(50);
299 len = read_packet_sec_TCP(con1, data, 2 + sizeof(ping_packet) + crypto_box_MACBYTES); 299 len = read_packet_sec_TCP(con1, data, 2 + sizeof(ping_packet) + CRYPTO_MAC_SIZE);
300 ck_assert_msg(len == sizeof(ping_packet), "wrong len %u", len); 300 ck_assert_msg(len == sizeof(ping_packet), "wrong len %u", len);
301 ck_assert_msg(data[0] == 5, "wrong packet id %u", data[0]); 301 ck_assert_msg(data[0] == 5, "wrong packet id %u", data[0]);
302 ck_assert_msg(memcmp(ping_packet + 1, data + 1, sizeof(uint64_t)) == 0, "wrong packet data"); 302 ck_assert_msg(memcmp(ping_packet + 1, data + 1, sizeof(uint64_t)) == 0, "wrong packet data");
@@ -309,7 +309,7 @@ END_TEST
309 309
310static int response_callback_good; 310static int response_callback_good;
311static uint8_t response_callback_connection_id; 311static uint8_t response_callback_connection_id;
312static uint8_t response_callback_public_key[crypto_box_PUBLICKEYBYTES]; 312static uint8_t response_callback_public_key[CRYPTO_PUBLIC_KEY_SIZE];
313static int response_callback(void *object, uint8_t connection_id, const uint8_t *public_key) 313static int response_callback(void *object, uint8_t connection_id, const uint8_t *public_key)
314{ 314{
315 if (set_tcp_connection_number((TCP_Client_Connection *)((char *)object - 2), connection_id, 7) != 0) { 315 if (set_tcp_connection_number((TCP_Client_Connection *)((char *)object - 2), connection_id, 7) != 0) {
@@ -317,7 +317,7 @@ static int response_callback(void *object, uint8_t connection_id, const uint8_t
317 } 317 }
318 318
319 response_callback_connection_id = connection_id; 319 response_callback_connection_id = connection_id;
320 memcpy(response_callback_public_key, public_key, crypto_box_PUBLICKEYBYTES); 320 memcpy(response_callback_public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
321 response_callback_good++; 321 response_callback_good++;
322 return 0; 322 return 0;
323} 323}
@@ -364,7 +364,7 @@ static int data_callback(void *object, uint32_t number, uint8_t connection_id, c
364} 364}
365 365
366static int oob_data_callback_good; 366static int oob_data_callback_good;
367static uint8_t oob_pubkey[crypto_box_PUBLICKEYBYTES]; 367static uint8_t oob_pubkey[CRYPTO_PUBLIC_KEY_SIZE];
368static int oob_data_callback(void *object, const uint8_t *public_key, const uint8_t *data, uint16_t length, 368static int oob_data_callback(void *object, const uint8_t *public_key, const uint8_t *data, uint16_t length,
369 void *userdata) 369 void *userdata)
370{ 370{
@@ -391,16 +391,16 @@ static int oob_data_callback(void *object, const uint8_t *public_key, const uint
391START_TEST(test_client) 391START_TEST(test_client)
392{ 392{
393 unix_time_update(); 393 unix_time_update();
394 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 394 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
395 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 395 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
396 crypto_box_keypair(self_public_key, self_secret_key); 396 crypto_new_keypair(self_public_key, self_secret_key);
397 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); 397 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL);
398 ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server"); 398 ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server");
399 ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports"); 399 ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports");
400 400
401 uint8_t f_public_key[crypto_box_PUBLICKEYBYTES]; 401 uint8_t f_public_key[CRYPTO_PUBLIC_KEY_SIZE];
402 uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; 402 uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE];
403 crypto_box_keypair(f_public_key, f_secret_key); 403 crypto_new_keypair(f_public_key, f_secret_key);
404 IP_Port ip_port_tcp_s; 404 IP_Port ip_port_tcp_s;
405 405
406 ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]); 406 ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]);
@@ -430,9 +430,9 @@ START_TEST(test_client)
430 ck_assert_msg(conn->status == TCP_CLIENT_CONFIRMED, "Wrong status. Expected: %u, is: %u", TCP_CLIENT_CONFIRMED, 430 ck_assert_msg(conn->status == TCP_CLIENT_CONFIRMED, "Wrong status. Expected: %u, is: %u", TCP_CLIENT_CONFIRMED,
431 conn->status); 431 conn->status);
432 432
433 uint8_t f2_public_key[crypto_box_PUBLICKEYBYTES]; 433 uint8_t f2_public_key[CRYPTO_PUBLIC_KEY_SIZE];
434 uint8_t f2_secret_key[crypto_box_SECRETKEYBYTES]; 434 uint8_t f2_secret_key[CRYPTO_SECRET_KEY_SIZE];
435 crypto_box_keypair(f2_public_key, f2_secret_key); 435 crypto_new_keypair(f2_public_key, f2_secret_key);
436 ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]); 436 ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]);
437 TCP_Client_Connection *conn2 = new_TCP_connection(ip_port_tcp_s, self_public_key, f2_public_key, f2_secret_key, 0); 437 TCP_Client_Connection *conn2 = new_TCP_connection(ip_port_tcp_s, self_public_key, f2_public_key, f2_secret_key, 0);
438 routing_response_handler(conn, response_callback, (char *)conn + 2); 438 routing_response_handler(conn, response_callback, (char *)conn + 2);
@@ -450,7 +450,7 @@ START_TEST(test_client)
450 do_TCP_connection(conn2, NULL); 450 do_TCP_connection(conn2, NULL);
451 c_sleep(50); 451 c_sleep(50);
452 uint8_t data[5] = {1, 2, 3, 4, 5}; 452 uint8_t data[5] = {1, 2, 3, 4, 5};
453 memcpy(oob_pubkey, f2_public_key, crypto_box_PUBLICKEYBYTES); 453 memcpy(oob_pubkey, f2_public_key, CRYPTO_PUBLIC_KEY_SIZE);
454 send_oob_packet(conn2, f_public_key, data, 5); 454 send_oob_packet(conn2, f_public_key, data, 5);
455 send_routing_request(conn, f2_public_key); 455 send_routing_request(conn, f2_public_key);
456 send_routing_request(conn2, f_public_key); 456 send_routing_request(conn2, f_public_key);
@@ -492,13 +492,13 @@ END_TEST
492START_TEST(test_client_invalid) 492START_TEST(test_client_invalid)
493{ 493{
494 unix_time_update(); 494 unix_time_update();
495 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 495 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
496 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 496 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
497 crypto_box_keypair(self_public_key, self_secret_key); 497 crypto_new_keypair(self_public_key, self_secret_key);
498 498
499 uint8_t f_public_key[crypto_box_PUBLICKEYBYTES]; 499 uint8_t f_public_key[CRYPTO_PUBLIC_KEY_SIZE];
500 uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; 500 uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE];
501 crypto_box_keypair(f_public_key, f_secret_key); 501 crypto_new_keypair(f_public_key, f_secret_key);
502 IP_Port ip_port_tcp_s; 502 IP_Port ip_port_tcp_s;
503 503
504 ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]); 504 ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]);
@@ -552,19 +552,19 @@ START_TEST(test_tcp_connection)
552{ 552{
553 tcp_data_callback_called = 0; 553 tcp_data_callback_called = 0;
554 unix_time_update(); 554 unix_time_update();
555 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 555 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
556 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 556 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
557 crypto_box_keypair(self_public_key, self_secret_key); 557 crypto_new_keypair(self_public_key, self_secret_key);
558 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); 558 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL);
559 ck_assert_msg(public_key_cmp(tcp_server_public_key(tcp_s), self_public_key) == 0, "Wrong public key"); 559 ck_assert_msg(public_key_cmp(tcp_server_public_key(tcp_s), self_public_key) == 0, "Wrong public key");
560 560
561 TCP_Proxy_Info proxy_info; 561 TCP_Proxy_Info proxy_info;
562 proxy_info.proxy_type = TCP_PROXY_NONE; 562 proxy_info.proxy_type = TCP_PROXY_NONE;
563 crypto_box_keypair(self_public_key, self_secret_key); 563 crypto_new_keypair(self_public_key, self_secret_key);
564 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info); 564 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info);
565 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_1), self_public_key) == 0, "Wrong public key"); 565 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_1), self_public_key) == 0, "Wrong public key");
566 566
567 crypto_box_keypair(self_public_key, self_secret_key); 567 crypto_new_keypair(self_public_key, self_secret_key);
568 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info); 568 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info);
569 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_2), self_public_key) == 0, "Wrong public key"); 569 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_2), self_public_key) == 0, "Wrong public key");
570 570
@@ -661,19 +661,19 @@ START_TEST(test_tcp_connection2)
661 tcp_data_callback_called = 0; 661 tcp_data_callback_called = 0;
662 662
663 unix_time_update(); 663 unix_time_update();
664 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 664 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
665 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 665 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
666 crypto_box_keypair(self_public_key, self_secret_key); 666 crypto_new_keypair(self_public_key, self_secret_key);
667 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); 667 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL);
668 ck_assert_msg(public_key_cmp(tcp_server_public_key(tcp_s), self_public_key) == 0, "Wrong public key"); 668 ck_assert_msg(public_key_cmp(tcp_server_public_key(tcp_s), self_public_key) == 0, "Wrong public key");
669 669
670 TCP_Proxy_Info proxy_info; 670 TCP_Proxy_Info proxy_info;
671 proxy_info.proxy_type = TCP_PROXY_NONE; 671 proxy_info.proxy_type = TCP_PROXY_NONE;
672 crypto_box_keypair(self_public_key, self_secret_key); 672 crypto_new_keypair(self_public_key, self_secret_key);
673 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info); 673 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info);
674 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_1), self_public_key) == 0, "Wrong public key"); 674 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_1), self_public_key) == 0, "Wrong public key");
675 675
676 crypto_box_keypair(self_public_key, self_secret_key); 676 crypto_new_keypair(self_public_key, self_secret_key);
677 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info); 677 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info);
678 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_2), self_public_key) == 0, "Wrong public key"); 678 ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_2), self_public_key) == 0, "Wrong public key");
679 679
diff --git a/auto_tests/crypto_test.c b/auto_tests/crypto_test.c
index ce2101cc..c1003f80 100644
--- a/auto_tests/crypto_test.c
+++ b/auto_tests/crypto_test.c
@@ -91,8 +91,8 @@ START_TEST(test_known)
91 unsigned char m[131]; 91 unsigned char m[131];
92 int clen, mlen; 92 int clen, mlen;
93 93
94 ck_assert_msg(sizeof(c) == sizeof(m) + crypto_box_MACBYTES * sizeof(unsigned char), 94 ck_assert_msg(sizeof(c) == sizeof(m) + CRYPTO_MAC_SIZE * sizeof(unsigned char),
95 "cyphertext should be crypto_box_MACBYTES bytes longer than plaintext"); 95 "cyphertext should be CRYPTO_MAC_SIZE bytes longer than plaintext");
96 ck_assert_msg(sizeof(test_c) == sizeof(c), "sanity check failed"); 96 ck_assert_msg(sizeof(test_c) == sizeof(c), "sanity check failed");
97 ck_assert_msg(sizeof(test_m) == sizeof(m), "sanity check failed"); 97 ck_assert_msg(sizeof(test_m) == sizeof(m), "sanity check failed");
98 98
@@ -110,15 +110,15 @@ END_TEST
110 110
111START_TEST(test_fast_known) 111START_TEST(test_fast_known)
112{ 112{
113 unsigned char k[crypto_box_BEFORENMBYTES]; 113 unsigned char k[CRYPTO_SHARED_KEY_SIZE];
114 unsigned char c[147]; 114 unsigned char c[147];
115 unsigned char m[131]; 115 unsigned char m[131];
116 int clen, mlen; 116 int clen, mlen;
117 117
118 encrypt_precompute(bobpk, alicesk, k); 118 encrypt_precompute(bobpk, alicesk, k);
119 119
120 ck_assert_msg(sizeof(c) == sizeof(m) + crypto_box_MACBYTES * sizeof(unsigned char), 120 ck_assert_msg(sizeof(c) == sizeof(m) + CRYPTO_MAC_SIZE * sizeof(unsigned char),
121 "cyphertext should be crypto_box_MACBYTES bytes longer than plaintext"); 121 "cyphertext should be CRYPTO_MAC_SIZE bytes longer than plaintext");
122 ck_assert_msg(sizeof(test_c) == sizeof(c), "sanity check failed"); 122 ck_assert_msg(sizeof(test_c) == sizeof(c), "sanity check failed");
123 ck_assert_msg(sizeof(test_m) == sizeof(m), "sanity check failed"); 123 ck_assert_msg(sizeof(test_m) == sizeof(m), "sanity check failed");
124 124
@@ -136,20 +136,20 @@ END_TEST
136 136
137START_TEST(test_endtoend) 137START_TEST(test_endtoend)
138{ 138{
139 unsigned char pk1[crypto_box_PUBLICKEYBYTES]; 139 unsigned char pk1[CRYPTO_PUBLIC_KEY_SIZE];
140 unsigned char sk1[crypto_box_SECRETKEYBYTES]; 140 unsigned char sk1[CRYPTO_SECRET_KEY_SIZE];
141 unsigned char pk2[crypto_box_PUBLICKEYBYTES]; 141 unsigned char pk2[CRYPTO_PUBLIC_KEY_SIZE];
142 unsigned char sk2[crypto_box_SECRETKEYBYTES]; 142 unsigned char sk2[CRYPTO_SECRET_KEY_SIZE];
143 unsigned char k1[crypto_box_BEFORENMBYTES]; 143 unsigned char k1[CRYPTO_SHARED_KEY_SIZE];
144 unsigned char k2[crypto_box_BEFORENMBYTES]; 144 unsigned char k2[CRYPTO_SHARED_KEY_SIZE];
145 145
146 unsigned char n[crypto_box_NONCEBYTES]; 146 unsigned char n[CRYPTO_NONCE_SIZE];
147 147
148 unsigned char m[500]; 148 unsigned char m[500];
149 unsigned char c1[sizeof(m) + crypto_box_MACBYTES]; 149 unsigned char c1[sizeof(m) + CRYPTO_MAC_SIZE];
150 unsigned char c2[sizeof(m) + crypto_box_MACBYTES]; 150 unsigned char c2[sizeof(m) + CRYPTO_MAC_SIZE];
151 unsigned char c3[sizeof(m) + crypto_box_MACBYTES]; 151 unsigned char c3[sizeof(m) + CRYPTO_MAC_SIZE];
152 unsigned char c4[sizeof(m) + crypto_box_MACBYTES]; 152 unsigned char c4[sizeof(m) + CRYPTO_MAC_SIZE];
153 unsigned char m1[sizeof(m)]; 153 unsigned char m1[sizeof(m)];
154 unsigned char m2[sizeof(m)]; 154 unsigned char m2[sizeof(m)];
155 unsigned char m3[sizeof(m)]; 155 unsigned char m3[sizeof(m)];
@@ -166,17 +166,17 @@ START_TEST(test_endtoend)
166 //Generate random message (random length from 100 to 500) 166 //Generate random message (random length from 100 to 500)
167 mlen = (rand() % 400) + 100; 167 mlen = (rand() % 400) + 100;
168 rand_bytes(m, mlen); 168 rand_bytes(m, mlen);
169 rand_bytes(n, crypto_box_NONCEBYTES); 169 rand_bytes(n, CRYPTO_NONCE_SIZE);
170 170
171 //Generate keypairs 171 //Generate keypairs
172 crypto_box_keypair(pk1, sk1); 172 crypto_new_keypair(pk1, sk1);
173 crypto_box_keypair(pk2, sk2); 173 crypto_new_keypair(pk2, sk2);
174 174
175 //Precompute shared keys 175 //Precompute shared keys
176 encrypt_precompute(pk2, sk1, k1); 176 encrypt_precompute(pk2, sk1, k1);
177 encrypt_precompute(pk1, sk2, k2); 177 encrypt_precompute(pk1, sk2, k2);
178 178
179 ck_assert_msg(memcmp(k1, k2, crypto_box_BEFORENMBYTES) == 0, "encrypt_precompute: bad"); 179 ck_assert_msg(memcmp(k1, k2, CRYPTO_SHARED_KEY_SIZE) == 0, "encrypt_precompute: bad");
180 180
181 //Encrypt all four ways 181 //Encrypt all four ways
182 c1len = encrypt_data(pk2, sk1, n, m, mlen, c1); 182 c1len = encrypt_data(pk2, sk1, n, m, mlen, c1);
@@ -185,7 +185,7 @@ START_TEST(test_endtoend)
185 c4len = encrypt_data_symmetric(k2, n, m, mlen, c4); 185 c4len = encrypt_data_symmetric(k2, n, m, mlen, c4);
186 186
187 ck_assert_msg(c1len == c2len && c1len == c3len && c1len == c4len, "cyphertext lengths differ"); 187 ck_assert_msg(c1len == c2len && c1len == c3len && c1len == c4len, "cyphertext lengths differ");
188 ck_assert_msg(c1len == mlen + (int)crypto_box_MACBYTES, "wrong cyphertext length"); 188 ck_assert_msg(c1len == mlen + (int)CRYPTO_MAC_SIZE, "wrong cyphertext length");
189 ck_assert_msg(memcmp(c1, c2, c1len) == 0 && memcmp(c1, c3, c1len) == 0 189 ck_assert_msg(memcmp(c1, c2, c1len) == 0 && memcmp(c1, c3, c1len) == 0
190 && memcmp(c1, c4, c1len) == 0, "crypertexts differ"); 190 && memcmp(c1, c4, c1len) == 0, "crypertexts differ");
191 191
@@ -206,16 +206,16 @@ END_TEST
206 206
207START_TEST(test_large_data) 207START_TEST(test_large_data)
208{ 208{
209 unsigned char k[crypto_box_BEFORENMBYTES]; 209 unsigned char k[CRYPTO_SHARED_KEY_SIZE];
210 210
211 unsigned char n[crypto_box_NONCEBYTES]; 211 unsigned char n[CRYPTO_NONCE_SIZE];
212 212
213 unsigned char m1[MAX_CRYPTO_PACKET_SIZE - crypto_box_MACBYTES]; 213 unsigned char m1[MAX_CRYPTO_PACKET_SIZE - CRYPTO_MAC_SIZE];
214 unsigned char c1[sizeof(m1) + crypto_box_MACBYTES]; 214 unsigned char c1[sizeof(m1) + CRYPTO_MAC_SIZE];
215 unsigned char m1prime[sizeof(m1)]; 215 unsigned char m1prime[sizeof(m1)];
216 216
217 unsigned char m2[MAX_CRYPTO_PACKET_SIZE]; 217 unsigned char m2[MAX_CRYPTO_PACKET_SIZE];
218 unsigned char c2[sizeof(m2) + crypto_box_MACBYTES]; 218 unsigned char c2[sizeof(m2) + CRYPTO_MAC_SIZE];
219 219
220 int c1len, c2len; 220 int c1len, c2len;
221 int m1plen; 221 int m1plen;
@@ -223,16 +223,16 @@ START_TEST(test_large_data)
223 //Generate random messages 223 //Generate random messages
224 rand_bytes(m1, sizeof(m1)); 224 rand_bytes(m1, sizeof(m1));
225 rand_bytes(m2, sizeof(m2)); 225 rand_bytes(m2, sizeof(m2));
226 rand_bytes(n, crypto_box_NONCEBYTES); 226 rand_bytes(n, CRYPTO_NONCE_SIZE);
227 227
228 //Generate key 228 //Generate key
229 rand_bytes(k, crypto_box_BEFORENMBYTES); 229 rand_bytes(k, CRYPTO_SHARED_KEY_SIZE);
230 230
231 c1len = encrypt_data_symmetric(k, n, m1, sizeof(m1), c1); 231 c1len = encrypt_data_symmetric(k, n, m1, sizeof(m1), c1);
232 c2len = encrypt_data_symmetric(k, n, m2, sizeof(m2), c2); 232 c2len = encrypt_data_symmetric(k, n, m2, sizeof(m2), c2);
233 233
234 ck_assert_msg(c1len == sizeof(m1) + crypto_box_MACBYTES, "could not encrypt"); 234 ck_assert_msg(c1len == sizeof(m1) + CRYPTO_MAC_SIZE, "could not encrypt");
235 ck_assert_msg(c2len == sizeof(m2) + crypto_box_MACBYTES, "could not encrypt"); 235 ck_assert_msg(c2len == sizeof(m2) + CRYPTO_MAC_SIZE, "could not encrypt");
236 236
237 m1plen = decrypt_data_symmetric(k, n, c1, c1len, m1prime); 237 m1plen = decrypt_data_symmetric(k, n, c1, c1len, m1prime);
238 238
@@ -243,12 +243,12 @@ END_TEST
243 243
244START_TEST(test_large_data_symmetric) 244START_TEST(test_large_data_symmetric)
245{ 245{
246 unsigned char k[crypto_box_KEYBYTES]; 246 unsigned char k[CRYPTO_SYMMETRIC_KEY_SIZE];
247 247
248 unsigned char n[crypto_box_NONCEBYTES]; 248 unsigned char n[CRYPTO_NONCE_SIZE];
249 249
250 unsigned char m1[16 * 16 * 16]; 250 unsigned char m1[16 * 16 * 16];
251 unsigned char c1[sizeof(m1) + crypto_box_MACBYTES]; 251 unsigned char c1[sizeof(m1) + CRYPTO_MAC_SIZE];
252 unsigned char m1prime[sizeof(m1)]; 252 unsigned char m1prime[sizeof(m1)];
253 253
254 int c1len; 254 int c1len;
@@ -256,13 +256,13 @@ START_TEST(test_large_data_symmetric)
256 256
257 //Generate random messages 257 //Generate random messages
258 rand_bytes(m1, sizeof(m1)); 258 rand_bytes(m1, sizeof(m1));
259 rand_bytes(n, crypto_box_NONCEBYTES); 259 rand_bytes(n, CRYPTO_NONCE_SIZE);
260 260
261 //Generate key 261 //Generate key
262 new_symmetric_key(k); 262 new_symmetric_key(k);
263 263
264 c1len = encrypt_data_symmetric(k, n, m1, sizeof(m1), c1); 264 c1len = encrypt_data_symmetric(k, n, m1, sizeof(m1), c1);
265 ck_assert_msg(c1len == sizeof(m1) + crypto_box_MACBYTES, "could not encrypt data"); 265 ck_assert_msg(c1len == sizeof(m1) + CRYPTO_MAC_SIZE, "could not encrypt data");
266 266
267 m1plen = decrypt_data_symmetric(k, n, c1, c1len, m1prime); 267 m1plen = decrypt_data_symmetric(k, n, c1, c1len, m1prime);
268 268
@@ -274,14 +274,14 @@ END_TEST
274static void increment_nonce_number_cmp(uint8_t *nonce, uint32_t num) 274static void increment_nonce_number_cmp(uint8_t *nonce, uint32_t num)
275{ 275{
276 uint32_t num1, num2; 276 uint32_t num1, num2;
277 memcpy(&num1, nonce + (crypto_box_NONCEBYTES - sizeof(num1)), sizeof(num1)); 277 memcpy(&num1, nonce + (CRYPTO_NONCE_SIZE - sizeof(num1)), sizeof(num1));
278 num1 = ntohl(num1); 278 num1 = ntohl(num1);
279 num2 = num + num1; 279 num2 = num + num1;
280 280
281 if (num2 < num1) { 281 if (num2 < num1) {
282 uint32_t i; 282 uint32_t i;
283 283
284 for (i = crypto_box_NONCEBYTES - sizeof(num1); i != 0; --i) { 284 for (i = CRYPTO_NONCE_SIZE - sizeof(num1); i != 0; --i) {
285 ++nonce[i - 1]; 285 ++nonce[i - 1];
286 286
287 if (nonce[i - 1] != 0) { 287 if (nonce[i - 1] != 0) {
@@ -291,34 +291,34 @@ static void increment_nonce_number_cmp(uint8_t *nonce, uint32_t num)
291 } 291 }
292 292
293 num2 = htonl(num2); 293 num2 = htonl(num2);
294 memcpy(nonce + (crypto_box_NONCEBYTES - sizeof(num2)), &num2, sizeof(num2)); 294 memcpy(nonce + (CRYPTO_NONCE_SIZE - sizeof(num2)), &num2, sizeof(num2));
295} 295}
296 296
297START_TEST(test_increment_nonce) 297START_TEST(test_increment_nonce)
298{ 298{
299 long long unsigned int i; 299 long long unsigned int i;
300 300
301 uint8_t n[crypto_box_NONCEBYTES]; 301 uint8_t n[CRYPTO_NONCE_SIZE];
302 302
303 for (i = 0; i < crypto_box_NONCEBYTES; ++i) { 303 for (i = 0; i < CRYPTO_NONCE_SIZE; ++i) {
304 n[i] = rand(); 304 n[i] = rand();
305 } 305 }
306 306
307 uint8_t n1[crypto_box_NONCEBYTES]; 307 uint8_t n1[CRYPTO_NONCE_SIZE];
308 308
309 memcpy(n1, n, crypto_box_NONCEBYTES); 309 memcpy(n1, n, CRYPTO_NONCE_SIZE);
310 310
311 for (i = 0; i < (1 << 18); ++i) { 311 for (i = 0; i < (1 << 18); ++i) {
312 increment_nonce_number_cmp(n, 1); 312 increment_nonce_number_cmp(n, 1);
313 increment_nonce(n1); 313 increment_nonce(n1);
314 ck_assert_msg(memcmp(n, n1, crypto_box_NONCEBYTES) == 0, "Bad increment_nonce function"); 314 ck_assert_msg(memcmp(n, n1, CRYPTO_NONCE_SIZE) == 0, "Bad increment_nonce function");
315 } 315 }
316 316
317 for (i = 0; i < (1 << 18); ++i) { 317 for (i = 0; i < (1 << 18); ++i) {
318 uint32_t r = rand(); 318 uint32_t r = rand();
319 increment_nonce_number_cmp(n, r); 319 increment_nonce_number_cmp(n, r);
320 increment_nonce_number(n1, r); 320 increment_nonce_number(n1, r);
321 ck_assert_msg(memcmp(n, n1, crypto_box_NONCEBYTES) == 0, "Bad increment_nonce_number function"); 321 ck_assert_msg(memcmp(n, n1, CRYPTO_NONCE_SIZE) == 0, "Bad increment_nonce_number function");
322 } 322 }
323} 323}
324END_TEST 324END_TEST
diff --git a/auto_tests/dht_test.c b/auto_tests/dht_test.c
index 11406554..7734e64a 100644
--- a/auto_tests/dht_test.c
+++ b/auto_tests/dht_test.c
@@ -12,7 +12,8 @@
12 12
13 13
14// These tests currently fail. 14// These tests currently fail.
15#if 0 15static bool enable_broken_tests = false;
16
16#define swap(x,y) do \ 17#define swap(x,y) do \
17 { unsigned char swap_temp[sizeof(x) == sizeof(y) ? (signed)sizeof(x) : -1]; \ 18 { unsigned char swap_temp[sizeof(x) == sizeof(y) ? (signed)sizeof(x) : -1]; \
18 memcpy(swap_temp,&y,sizeof(x)); \ 19 memcpy(swap_temp,&y,sizeof(x)); \
@@ -93,14 +94,14 @@ static void test_addto_lists_update(DHT *dht,
93{ 94{
94 int used, test, test1, test2, found; 95 int used, test, test1, test2, found;
95 IP_Port test_ipp; 96 IP_Port test_ipp;
96 uint8_t test_id[crypto_box_PUBLICKEYBYTES]; 97 uint8_t test_id[CRYPTO_PUBLIC_KEY_SIZE];
97 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; 98 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0;
98 99
99 // check id update for existing ip_port 100 // check id update for existing ip_port
100 test = rand() % length; 101 test = rand() % length;
101 ipport_copy(&test_ipp, ipv6 ? &list[test].assoc6.ip_port : &list[test].assoc4.ip_port); 102 ipport_copy(&test_ipp, ipv6 ? &list[test].assoc6.ip_port : &list[test].assoc4.ip_port);
102 103
103 randombytes(test_id, sizeof(test_id)); 104 random_bytes(test_id, sizeof(test_id));
104 used = addto_lists(dht, test_ipp, test_id); 105 used = addto_lists(dht, test_ipp, test_id);
105 ck_assert_msg(used >= 1, "Wrong number of added clients"); 106 ck_assert_msg(used >= 1, "Wrong number of added clients");
106 // it is possible to have ip_port duplicates in the list, so ip_port @ found not always equal to ip_port @ test 107 // it is possible to have ip_port duplicates in the list, so ip_port @ found not always equal to ip_port @ test
@@ -167,11 +168,11 @@ static void test_addto_lists_bad(DHT *dht,
167{ 168{
168 // check "bad" clients replacement 169 // check "bad" clients replacement
169 int used, test1, test2, test3; 170 int used, test1, test2, test3;
170 uint8_t public_key[crypto_box_PUBLICKEYBYTES], test_id1[crypto_box_PUBLICKEYBYTES], test_id2[crypto_box_PUBLICKEYBYTES], 171 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE], test_id1[CRYPTO_PUBLIC_KEY_SIZE], test_id2[CRYPTO_PUBLIC_KEY_SIZE],
171 test_id3[crypto_box_PUBLICKEYBYTES]; 172 test_id3[CRYPTO_PUBLIC_KEY_SIZE];
172 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; 173 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0;
173 174
174 randombytes(public_key, sizeof(public_key)); 175 random_bytes(public_key, sizeof(public_key));
175 mark_all_good(list, length, ipv6); 176 mark_all_good(list, length, ipv6);
176 177
177 test1 = rand() % (length / 3); 178 test1 = rand() % (length / 3);
@@ -211,11 +212,11 @@ static void test_addto_lists_possible_bad(DHT *dht,
211{ 212{
212 // check "possibly bad" clients replacement 213 // check "possibly bad" clients replacement
213 int used, test1, test2, test3; 214 int used, test1, test2, test3;
214 uint8_t public_key[crypto_box_PUBLICKEYBYTES], test_id1[crypto_box_PUBLICKEYBYTES], test_id2[crypto_box_PUBLICKEYBYTES], 215 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE], test_id1[CRYPTO_PUBLIC_KEY_SIZE], test_id2[CRYPTO_PUBLIC_KEY_SIZE],
215 test_id3[crypto_box_PUBLICKEYBYTES]; 216 test_id3[CRYPTO_PUBLIC_KEY_SIZE];
216 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; 217 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0;
217 218
218 randombytes(public_key, sizeof(public_key)); 219 random_bytes(public_key, sizeof(public_key));
219 mark_all_good(list, length, ipv6); 220 mark_all_good(list, length, ipv6);
220 221
221 test1 = rand() % (length / 3); 222 test1 = rand() % (length / 3);
@@ -274,14 +275,14 @@ static void test_addto_lists_good(DHT *dht,
274 IP_Port *ip_port, 275 IP_Port *ip_port,
275 const uint8_t *comp_client_id) 276 const uint8_t *comp_client_id)
276{ 277{
277 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 278 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
278 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; 279 uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0;
279 280
280 mark_all_good(list, length, ipv6); 281 mark_all_good(list, length, ipv6);
281 282
282 // check "good" client id replacement 283 // check "good" client id replacement
283 do { 284 do {
284 randombytes(public_key, sizeof(public_key)); 285 random_bytes(public_key, sizeof(public_key));
285 } while (is_furthest(comp_client_id, list, length, public_key)); 286 } while (is_furthest(comp_client_id, list, length, public_key));
286 287
287 ip_port->port += 1; 288 ip_port->port += 1;
@@ -290,7 +291,7 @@ static void test_addto_lists_good(DHT *dht,
290 291
291 // check "good" client id skip 292 // check "good" client id skip
292 do { 293 do {
293 randombytes(public_key, sizeof(public_key)); 294 random_bytes(public_key, sizeof(public_key));
294 } while (!is_furthest(comp_client_id, list, length, public_key)); 295 } while (!is_furthest(comp_client_id, list, length, public_key));
295 296
296 ip_port->port += 1; 297 ip_port->port += 1;
@@ -307,12 +308,12 @@ static void test_addto_lists(IP ip)
307 ck_assert_msg(dht != 0, "Failed to create DHT"); 308 ck_assert_msg(dht != 0, "Failed to create DHT");
308 309
309 IP_Port ip_port = { .ip = ip, .port = TOX_PORT_DEFAULT }; 310 IP_Port ip_port = { .ip = ip, .port = TOX_PORT_DEFAULT };
310 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 311 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
311 int i, used; 312 int i, used;
312 313
313 // check lists filling 314 // check lists filling
314 for (i = 0; i < MAX(LCLIENT_LIST, MAX_FRIEND_CLIENTS); ++i) { 315 for (i = 0; i < MAX(LCLIENT_LIST, MAX_FRIEND_CLIENTS); ++i) {
315 randombytes(public_key, sizeof(public_key)); 316 random_bytes(public_key, sizeof(public_key));
316 used = addto_lists(dht, ip_port, public_key); 317 used = addto_lists(dht, ip_port, public_key);
317 ck_assert_msg(used == dht->num_friends + 1, "Wrong number of added clients with existing ip_port"); 318 ck_assert_msg(used == dht->num_friends + 1, "Wrong number of added clients with existing ip_port");
318 } 319 }
@@ -325,7 +326,7 @@ static void test_addto_lists(IP ip)
325 326
326 for (i = 0; i < MAX(LCLIENT_LIST, MAX_FRIEND_CLIENTS); ++i) { 327 for (i = 0; i < MAX(LCLIENT_LIST, MAX_FRIEND_CLIENTS); ++i) {
327 ip_port.port += 1; 328 ip_port.port += 1;
328 randombytes(public_key, sizeof(public_key)); 329 random_bytes(public_key, sizeof(public_key));
329 used = addto_lists(dht, ip_port, public_key); 330 used = addto_lists(dht, ip_port, public_key);
330 ck_assert_msg(used >= 1, "Wrong number of added clients"); 331 ck_assert_msg(used >= 1, "Wrong number of added clients");
331 } 332 }
@@ -346,13 +347,15 @@ static void test_addto_lists(IP ip)
346 } 347 }
347 348
348 // check "possibly bad" entries 349 // check "possibly bad" entries
349 /* 350 if (enable_broken_tests) {
350 test_addto_lists_possible_bad(dht, dht->close_clientlist, LCLIENT_LIST, &ip_port, dht->self_public_key); 351 test_addto_lists_possible_bad(dht, dht->close_clientlist, LCLIENT_LIST, &ip_port, dht->self_public_key);
352
353 for (i = 0; i < dht->num_friends; ++i) {
354 test_addto_lists_possible_bad(dht, dht->friends_list[i].client_list, MAX_FRIEND_CLIENTS, &ip_port,
355 dht->friends_list[i].public_key);
356 }
357 }
351 358
352 for (i = 0; i < dht->num_friends; ++i)
353 test_addto_lists_possible_bad(dht, dht->friends_list[i].client_list, MAX_FRIEND_CLIENTS, &ip_port,
354 dht->friends_list[i].public_key);
355 */
356 // check "good" entries 359 // check "good" entries
357 test_addto_lists_good(dht, dht->close_clientlist, LCLIENT_LIST, &ip_port, dht->self_public_key); 360 test_addto_lists_good(dht, dht->close_clientlist, LCLIENT_LIST, &ip_port, dht->self_public_key);
358 361
@@ -379,7 +382,6 @@ START_TEST(test_addto_lists_ipv6)
379 test_addto_lists(ip); 382 test_addto_lists(ip);
380} 383}
381END_TEST 384END_TEST
382#endif
383 385
384#define DHT_DEFAULT_PORT (TOX_PORT_DEFAULT + 20) 386#define DHT_DEFAULT_PORT (TOX_PORT_DEFAULT + 20)
385 387
@@ -389,36 +391,36 @@ static void print_pk(uint8_t *public_key)
389{ 391{
390 uint32_t j; 392 uint32_t j;
391 393
392 for (j = 0; j < crypto_box_PUBLICKEYBYTES; j++) { 394 for (j = 0; j < CRYPTO_PUBLIC_KEY_SIZE; j++) {
393 printf("%02hhX", public_key[j]); 395 printf("%02hhX", public_key[j]);
394 } 396 }
395 397
396 printf("\n"); 398 printf("\n");
397} 399}
398 400
399static void test_add_to_list(uint8_t cmp_list[][crypto_box_PUBLICKEYBYTES + 1], 401static void test_add_to_list(uint8_t cmp_list[][CRYPTO_PUBLIC_KEY_SIZE + 1],
400 unsigned int length, const uint8_t *pk, 402 unsigned int length, const uint8_t *pk,
401 const uint8_t *cmp_pk) 403 const uint8_t *cmp_pk)
402{ 404{
403 uint8_t p_b[crypto_box_PUBLICKEYBYTES]; 405 uint8_t p_b[CRYPTO_PUBLIC_KEY_SIZE];
404 unsigned int i; 406 unsigned int i;
405 407
406 for (i = 0; i < length; ++i) { 408 for (i = 0; i < length; ++i) {
407 if (!cmp_list[i][crypto_box_PUBLICKEYBYTES]) { 409 if (!cmp_list[i][CRYPTO_PUBLIC_KEY_SIZE]) {
408 memcpy(cmp_list[i], pk, crypto_box_PUBLICKEYBYTES); 410 memcpy(cmp_list[i], pk, CRYPTO_PUBLIC_KEY_SIZE);
409 cmp_list[i][crypto_box_PUBLICKEYBYTES] = 1; 411 cmp_list[i][CRYPTO_PUBLIC_KEY_SIZE] = 1;
410 return; 412 return;
411 } 413 }
412 414
413 if (memcmp(cmp_list[i], pk, crypto_box_PUBLICKEYBYTES) == 0) { 415 if (memcmp(cmp_list[i], pk, CRYPTO_PUBLIC_KEY_SIZE) == 0) {
414 return; 416 return;
415 } 417 }
416 } 418 }
417 419
418 for (i = 0; i < length; ++i) { 420 for (i = 0; i < length; ++i) {
419 if (id_closest(cmp_pk, cmp_list[i], pk) == 2) { 421 if (id_closest(cmp_pk, cmp_list[i], pk) == 2) {
420 memcpy(p_b, cmp_list[i], crypto_box_PUBLICKEYBYTES); 422 memcpy(p_b, cmp_list[i], CRYPTO_PUBLIC_KEY_SIZE);
421 memcpy(cmp_list[i], pk, crypto_box_PUBLICKEYBYTES); 423 memcpy(cmp_list[i], pk, CRYPTO_PUBLIC_KEY_SIZE);
422 test_add_to_list(cmp_list, length, p_b, cmp_pk); 424 test_add_to_list(cmp_list, length, p_b, cmp_pk);
423 break; 425 break;
424 } 426 }
@@ -431,7 +433,7 @@ static void test_list_main(void)
431{ 433{
432 DHT *dhts[NUM_DHT]; 434 DHT *dhts[NUM_DHT];
433 435
434 uint8_t cmp_list1[NUM_DHT][MAX_FRIEND_CLIENTS][crypto_box_PUBLICKEYBYTES + 1]; 436 uint8_t cmp_list1[NUM_DHT][MAX_FRIEND_CLIENTS][CRYPTO_PUBLIC_KEY_SIZE + 1];
435 memset(cmp_list1, 0, sizeof(cmp_list1)); 437 memset(cmp_list1, 0, sizeof(cmp_list1));
436 438
437 unsigned int i, j, k, l; 439 unsigned int i, j, k, l;
@@ -480,7 +482,7 @@ static void test_list_main(void)
480 for (l = 0; l < NUM_DHT; ++l) { 482 for (l = 0; l < NUM_DHT; ++l) {
481 for (i = 0; i < MAX_FRIEND_CLIENTS; ++i) { 483 for (i = 0; i < MAX_FRIEND_CLIENTS; ++i) {
482 for (j = 1; j < NUM_DHT; ++j) { 484 for (j = 1; j < NUM_DHT; ++j) {
483 if (memcmp(cmp_list1[l][i], dhts[(l + j) % NUM_DHT]->self_public_key, crypto_box_PUBLICKEYBYTES) != 0) { 485 if (memcmp(cmp_list1[l][i], dhts[(l + j) % NUM_DHT]->self_public_key, CRYPTO_PUBLIC_KEY_SIZE) != 0) {
484 continue; 486 continue;
485 } 487 }
486 488
@@ -488,7 +490,7 @@ static void test_list_main(void)
488 490
489 for (k = 0; k < LCLIENT_LIST; ++k) { 491 for (k = 0; k < LCLIENT_LIST; ++k) {
490 if (memcmp(dhts[l]->self_public_key, dhts[(l + j) % NUM_DHT]->close_clientlist[k].public_key, 492 if (memcmp(dhts[l]->self_public_key, dhts[(l + j) % NUM_DHT]->close_clientlist[k].public_key,
491 crypto_box_PUBLICKEYBYTES) == 0) { 493 CRYPTO_PUBLIC_KEY_SIZE) == 0) {
492 ++count; 494 ++count;
493 } 495 }
494 } 496 }
@@ -519,7 +521,7 @@ static void test_list_main(void)
519 count = 0; 521 count = 0;
520 522
521 for (k = 0; k < MAX_SENT_NODES; ++k) { 523 for (k = 0; k < MAX_SENT_NODES; ++k) {
522 if (memcmp(dhts[l]->self_public_key, ln[k].public_key, crypto_box_PUBLICKEYBYTES) == 0) { 524 if (memcmp(dhts[l]->self_public_key, ln[k].public_key, CRYPTO_PUBLIC_KEY_SIZE) == 0) {
523 ++count; 525 ++count;
524 } 526 }
525 } 527 }
@@ -653,16 +655,16 @@ END_TEST
653START_TEST(test_dht_create_packet) 655START_TEST(test_dht_create_packet)
654{ 656{
655 uint8_t plain[100] = {0}; 657 uint8_t plain[100] = {0};
656 uint8_t pkt[1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES]; 658 uint8_t pkt[1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE];
657 659
658 uint8_t key[crypto_box_KEYBYTES]; 660 uint8_t key[CRYPTO_SYMMETRIC_KEY_SIZE];
659 new_symmetric_key(key); 661 new_symmetric_key(key);
660 662
661 int length = DHT_create_packet(key, key, NET_PACKET_GET_NODES, plain, sizeof(plain), pkt); 663 int length = DHT_create_packet(key, key, NET_PACKET_GET_NODES, plain, sizeof(plain), pkt);
662 664
663 ck_assert_msg(pkt[0] == NET_PACKET_GET_NODES, "Malformed packet."); 665 ck_assert_msg(pkt[0] == NET_PACKET_GET_NODES, "Malformed packet.");
664 ck_assert_msg(memcmp(pkt + 1, key, crypto_box_KEYBYTES) == 0, "Malformed packet."); 666 ck_assert_msg(memcmp(pkt + 1, key, CRYPTO_SYMMETRIC_KEY_SIZE) == 0, "Malformed packet.");
665 ck_assert_msg(length == 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES, 667 ck_assert_msg(length == 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE,
666 "Invalid size. Should be %d got %d", sizeof(pkt), length); 668 "Invalid size. Should be %d got %d", sizeof(pkt), length);
667 669
668 printf("Create Packet Successful!\n"); 670 printf("Create Packet Successful!\n");
@@ -676,10 +678,12 @@ static Suite *dht_suite(void)
676 678
677 DEFTESTCASE_SLOW(list, 20); 679 DEFTESTCASE_SLOW(list, 20);
678 DEFTESTCASE_SLOW(DHT_test, 50); 680 DEFTESTCASE_SLOW(DHT_test, 50);
679#if 0 681
680 DEFTESTCASE(addto_lists_ipv4); 682 if (enable_broken_tests) {
681 DEFTESTCASE(addto_lists_ipv6); 683 DEFTESTCASE(addto_lists_ipv4);
682#endif 684 DEFTESTCASE(addto_lists_ipv6);
685 }
686
683 return s; 687 return s;
684} 688}
685 689
diff --git a/auto_tests/encryptsave_test.c b/auto_tests/encryptsave_test.c
index 895d129b..ec98797c 100644
--- a/auto_tests/encryptsave_test.c
+++ b/auto_tests/encryptsave_test.c
@@ -17,6 +17,8 @@
17#include "../toxencryptsave/toxencryptsave.h" 17#include "../toxencryptsave/toxencryptsave.h"
18#ifdef VANILLA_NACL 18#ifdef VANILLA_NACL
19#include "../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" 19#include "../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h"
20#else
21#include <sodium.h>
20#endif 22#endif
21 23
22static unsigned char test_salt[TOX_PASS_SALT_LENGTH] = {0xB1, 0xC2, 0x09, 0xEE, 0x50, 0x6C, 0xF0, 0x20, 0xC4, 0xD6, 0xEB, 0xC0, 0x44, 0x51, 0x3B, 0x60, 0x4B, 0x39, 0x4A, 0xCF, 0x09, 0x53, 0x4F, 0xEA, 0x08, 0x41, 0xFA, 0xCA, 0x66, 0xD2, 0x68, 0x7F}; 24static unsigned char test_salt[TOX_PASS_SALT_LENGTH] = {0xB1, 0xC2, 0x09, 0xEE, 0x50, 0x6C, 0xF0, 0x20, 0xC4, 0xD6, 0xEB, 0xC0, 0x44, 0x51, 0x3B, 0x60, 0x4B, 0x39, 0x4A, 0xCF, 0x09, 0x53, 0x4F, 0xEA, 0x08, 0x41, 0xFA, 0xCA, 0x66, 0xD2, 0x68, 0x7F};
@@ -24,7 +26,7 @@ static unsigned char known_key[TOX_PASS_KEY_LENGTH] = {0x29, 0x36, 0x1c, 0x9e, 0
24static const char *pw = "hunter2"; 26static const char *pw = "hunter2";
25static unsigned int pwlen = 7; 27static unsigned int pwlen = 7;
26 28
27static unsigned char known_key2[crypto_box_BEFORENMBYTES] = {0x7a, 0xfa, 0x95, 0x45, 0x36, 0x8a, 0xa2, 0x5c, 0x40, 0xfd, 0xc0, 0xe2, 0x35, 0x8, 0x7, 0x88, 0xfa, 0xf9, 0x37, 0x86, 0xeb, 0xff, 0x50, 0x4f, 0x3, 0xe2, 0xf6, 0xd9, 0xef, 0x9, 0x17, 0x1}; 29static unsigned char known_key2[CRYPTO_SHARED_KEY_SIZE] = {0x7a, 0xfa, 0x95, 0x45, 0x36, 0x8a, 0xa2, 0x5c, 0x40, 0xfd, 0xc0, 0xe2, 0x35, 0x8, 0x7, 0x88, 0xfa, 0xf9, 0x37, 0x86, 0xeb, 0xff, 0x50, 0x4f, 0x3, 0xe2, 0xf6, 0xd9, 0xef, 0x9, 0x17, 0x1};
28// same as above, except standard opslimit instead of extra ops limit for test_known_kdf, and hash pw before kdf for compat 30// same as above, except standard opslimit instead of extra ops limit for test_known_kdf, and hash pw before kdf for compat
29 31
30/* cause I'm shameless */ 32/* cause I'm shameless */
@@ -41,16 +43,16 @@ static void accept_friend_request(Tox *m, const uint8_t *public_key, const uint8
41 43
42START_TEST(test_known_kdf) 44START_TEST(test_known_kdf)
43{ 45{
44 unsigned char out[crypto_box_BEFORENMBYTES]; 46 unsigned char out[CRYPTO_SHARED_KEY_SIZE];
45 int res = crypto_pwhash_scryptsalsa208sha256(out, 47 int res = crypto_pwhash_scryptsalsa208sha256(out,
46 crypto_box_BEFORENMBYTES, 48 CRYPTO_SHARED_KEY_SIZE,
47 pw, 49 pw,
48 pwlen, 50 pwlen,
49 test_salt, 51 test_salt,
50 crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 8, 52 crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 8,
51 crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE); 53 crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE);
52 ck_assert_msg(res != -1, "crypto function failed"); 54 ck_assert_msg(res != -1, "crypto function failed");
53 ck_assert_msg(memcmp(out, known_key, crypto_box_BEFORENMBYTES) == 0, "derived key is wrong"); 55 ck_assert_msg(memcmp(out, known_key, CRYPTO_SHARED_KEY_SIZE) == 0, "derived key is wrong");
54} 56}
55END_TEST 57END_TEST
56 58
diff --git a/auto_tests/onion_test.c b/auto_tests/onion_test.c
index 329d7371..44ea9c7d 100644
--- a/auto_tests/onion_test.c
+++ b/auto_tests/onion_test.c
@@ -75,22 +75,24 @@ void print_client_id(uint8_t *client_id, uint32_t length)
75#endif 75#endif
76static uint8_t sb_data[ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; 76static uint8_t sb_data[ONION_ANNOUNCE_SENDBACK_DATA_LENGTH];
77static int handled_test_3; 77static int handled_test_3;
78static uint8_t test_3_pub_key[crypto_box_PUBLICKEYBYTES]; 78static uint8_t test_3_pub_key[CRYPTO_PUBLIC_KEY_SIZE];
79static uint8_t test_3_ping_id[crypto_hash_sha256_BYTES]; 79static uint8_t test_3_ping_id[CRYPTO_SHA256_SIZE];
80static int handle_test_3(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) 80static int handle_test_3(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
81{ 81{
82 Onion *onion = (Onion *)object; 82 Onion *onion = (Onion *)object;
83 83
84 if (length != (1 + crypto_box_NONCEBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + 1 + crypto_hash_sha256_BYTES + 84 if (length != (1 + CRYPTO_NONCE_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + 1 + CRYPTO_SHA256_SIZE +
85 crypto_box_MACBYTES)) { 85 CRYPTO_MAC_SIZE)) {
86 return 1; 86 return 1;
87 } 87 }
88 88
89 uint8_t plain[1 + crypto_hash_sha256_BYTES]; 89 uint8_t plain[1 + CRYPTO_SHA256_SIZE];
90 //print_client_id(packet, length); 90#if 0
91 print_client_id(packet, length);
92#endif
91 int len = decrypt_data(test_3_pub_key, onion->dht->self_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, 93 int len = decrypt_data(test_3_pub_key, onion->dht->self_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH,
92 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES, 94 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE,
93 1 + crypto_hash_sha256_BYTES + crypto_box_MACBYTES, plain); 95 1 + CRYPTO_SHA256_SIZE + CRYPTO_MAC_SIZE, plain);
94 96
95 if (len == -1) { 97 if (len == -1) {
96 return 1; 98 return 1;
@@ -101,31 +103,33 @@ static int handle_test_3(void *object, IP_Port source, const uint8_t *packet, ui
101 return 1; 103 return 1;
102 } 104 }
103 105
104 memcpy(test_3_ping_id, plain + 1, crypto_hash_sha256_BYTES); 106 memcpy(test_3_ping_id, plain + 1, CRYPTO_SHA256_SIZE);
105 //print_client_id(test_3_ping_id, sizeof(test_3_ping_id)); 107#if 0
108 print_client_id(test_3_ping_id, sizeof(test_3_ping_id));
109#endif
106 handled_test_3 = 1; 110 handled_test_3 = 1;
107 return 0; 111 return 0;
108} 112}
109 113
110static uint8_t nonce[crypto_box_NONCEBYTES]; 114static uint8_t nonce[CRYPTO_NONCE_SIZE];
111static int handled_test_4; 115static int handled_test_4;
112static int handle_test_4(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) 116static int handle_test_4(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
113{ 117{
114 Onion *onion = (Onion *)object; 118 Onion *onion = (Onion *)object;
115 119
116 if (length != (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + sizeof("Install gentoo") + 120 if (length != (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + sizeof("Install gentoo") +
117 crypto_box_MACBYTES)) { 121 CRYPTO_MAC_SIZE)) {
118 return 1; 122 return 1;
119 } 123 }
120 124
121 uint8_t plain[sizeof("Install gentoo")] = {0}; 125 uint8_t plain[sizeof("Install gentoo")] = {0};
122 126
123 if (memcmp(nonce, packet + 1, crypto_box_NONCEBYTES) != 0) { 127 if (memcmp(nonce, packet + 1, CRYPTO_NONCE_SIZE) != 0) {
124 return 1; 128 return 1;
125 } 129 }
126 130
127 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1, 131 int len = decrypt_data(packet + 1 + CRYPTO_NONCE_SIZE, onion->dht->self_secret_key, packet + 1,
128 packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, sizeof("Install gentoo") + crypto_box_MACBYTES, plain); 132 packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, sizeof("Install gentoo") + CRYPTO_MAC_SIZE, plain);
129 133
130 if (len == -1) { 134 if (len == -1) {
131 return 1; 135 return 1;
@@ -151,12 +155,12 @@ START_TEST(test_basic)
151 155
152 IP_Port on1 = {ip, onion1->net->port}; 156 IP_Port on1 = {ip, onion1->net->port};
153 Node_format n1; 157 Node_format n1;
154 memcpy(n1.public_key, onion1->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 158 memcpy(n1.public_key, onion1->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
155 n1.ip_port = on1; 159 n1.ip_port = on1;
156 160
157 IP_Port on2 = {ip, onion2->net->port}; 161 IP_Port on2 = {ip, onion2->net->port};
158 Node_format n2; 162 Node_format n2;
159 memcpy(n2.public_key, onion2->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 163 memcpy(n2.public_key, onion2->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
160 n2.ip_port = on2; 164 n2.ip_port = on2;
161 165
162 Node_format nodes[4]; 166 Node_format nodes[4];
@@ -190,10 +194,10 @@ START_TEST(test_basic)
190 networking_registerhandler(onion1->net, NET_PACKET_ANNOUNCE_RESPONSE, &handle_test_3, onion1); 194 networking_registerhandler(onion1->net, NET_PACKET_ANNOUNCE_RESPONSE, &handle_test_3, onion1);
191 ck_assert_msg((onion1_a != NULL) && (onion2_a != NULL), "Onion_Announce failed initializing."); 195 ck_assert_msg((onion1_a != NULL) && (onion2_a != NULL), "Onion_Announce failed initializing.");
192 uint8_t zeroes[64] = {0}; 196 uint8_t zeroes[64] = {0};
193 randombytes(sb_data, sizeof(sb_data)); 197 random_bytes(sb_data, sizeof(sb_data));
194 uint64_t s; 198 uint64_t s;
195 memcpy(&s, sb_data, sizeof(uint64_t)); 199 memcpy(&s, sb_data, sizeof(uint64_t));
196 memcpy(test_3_pub_key, nodes[3].public_key, crypto_box_PUBLICKEYBYTES); 200 memcpy(test_3_pub_key, nodes[3].public_key, CRYPTO_PUBLIC_KEY_SIZE);
197 ret = send_announce_request(onion1->net, &path, nodes[3], onion1->dht->self_public_key, 201 ret = send_announce_request(onion1->net, &path, nodes[3], onion1->dht->self_public_key,
198 onion1->dht->self_secret_key, 202 onion1->dht->self_secret_key,
199 zeroes, onion1->dht->self_public_key, onion1->dht->self_public_key, s); 203 zeroes, onion1->dht->self_public_key, onion1->dht->self_public_key, s);
@@ -206,16 +210,16 @@ START_TEST(test_basic)
206 c_sleep(50); 210 c_sleep(50);
207 } 211 }
208 212
209 randombytes(sb_data, sizeof(sb_data)); 213 random_bytes(sb_data, sizeof(sb_data));
210 memcpy(&s, sb_data, sizeof(uint64_t)); 214 memcpy(&s, sb_data, sizeof(uint64_t));
211 memcpy(onion2_a->entries[1].public_key, onion2->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 215 memcpy(onion2_a->entries[1].public_key, onion2->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
212 onion2_a->entries[1].time = unix_time(); 216 onion2_a->entries[1].time = unix_time();
213 networking_registerhandler(onion1->net, NET_PACKET_ONION_DATA_RESPONSE, &handle_test_4, onion1); 217 networking_registerhandler(onion1->net, NET_PACKET_ONION_DATA_RESPONSE, &handle_test_4, onion1);
214 send_announce_request(onion1->net, &path, nodes[3], onion1->dht->self_public_key, onion1->dht->self_secret_key, 218 send_announce_request(onion1->net, &path, nodes[3], onion1->dht->self_public_key, onion1->dht->self_secret_key,
215 test_3_ping_id, onion1->dht->self_public_key, onion1->dht->self_public_key, s); 219 test_3_ping_id, onion1->dht->self_public_key, onion1->dht->self_public_key, s);
216 220
217 while (memcmp(onion2_a->entries[ONION_ANNOUNCE_MAX_ENTRIES - 2].public_key, onion1->dht->self_public_key, 221 while (memcmp(onion2_a->entries[ONION_ANNOUNCE_MAX_ENTRIES - 2].public_key, onion1->dht->self_public_key,
218 crypto_box_PUBLICKEYBYTES) != 0) { 222 CRYPTO_PUBLIC_KEY_SIZE) != 0) {
219 do_onion(onion1); 223 do_onion(onion1);
220 do_onion(onion2); 224 do_onion(onion2);
221 c_sleep(50); 225 c_sleep(50);
@@ -340,8 +344,8 @@ static void dht_ip_callback(void *object, int32_t number, IP_Port ip_port)
340} 344}
341 345
342static bool first, last; 346static bool first, last;
343static uint8_t first_dht_pk[crypto_box_PUBLICKEYBYTES]; 347static uint8_t first_dht_pk[CRYPTO_PUBLIC_KEY_SIZE];
344static uint8_t last_dht_pk[crypto_box_PUBLICKEYBYTES]; 348static uint8_t last_dht_pk[CRYPTO_PUBLIC_KEY_SIZE];
345 349
346static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_public_key, void *userdata) 350static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_public_key, void *userdata)
347{ 351{
@@ -355,7 +359,7 @@ static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_pub
355 if (NUM_FIRST == number && !first) { 359 if (NUM_FIRST == number && !first) {
356 first = 1; 360 first = 1;
357 361
358 if (memcmp(dht_public_key, last_dht_pk, crypto_box_PUBLICKEYBYTES) != 0) { 362 if (memcmp(dht_public_key, last_dht_pk, CRYPTO_PUBLIC_KEY_SIZE) != 0) {
359 ck_abort_msg("Error wrong dht key."); 363 ck_abort_msg("Error wrong dht key.");
360 } 364 }
361 365
@@ -365,7 +369,7 @@ static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_pub
365 if (NUM_LAST == number && !last) { 369 if (NUM_LAST == number && !last) {
366 last = 1; 370 last = 1;
367 371
368 if (memcmp(dht_public_key, first_dht_pk, crypto_box_PUBLICKEYBYTES) != 0) { 372 if (memcmp(dht_public_key, first_dht_pk, CRYPTO_PUBLIC_KEY_SIZE) != 0) {
369 ck_abort_msg("Error wrong dht key."); 373 ck_abort_msg("Error wrong dht key.");
370 } 374 }
371 375
@@ -422,8 +426,8 @@ START_TEST(test_announce)
422 c_sleep(50); 426 c_sleep(50);
423 } 427 }
424 428
425 memcpy(first_dht_pk, onions[NUM_FIRST]->onion->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 429 memcpy(first_dht_pk, onions[NUM_FIRST]->onion->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
426 memcpy(last_dht_pk, onions[NUM_LAST]->onion->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 430 memcpy(last_dht_pk, onions[NUM_LAST]->onion->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
427 431
428 printf("adding friend\n"); 432 printf("adding friend\n");
429 int frnum_f = onion_addfriend(onions[NUM_FIRST]->onion_c, onions[NUM_LAST]->onion_c->c->self_public_key); 433 int frnum_f = onion_addfriend(onions[NUM_FIRST]->onion_c, onions[NUM_LAST]->onion_c->c->self_public_key);
diff --git a/other/DHT_bootstrap.c b/other/DHT_bootstrap.c
index 7a2f7d13..e056de41 100644
--- a/other/DHT_bootstrap.c
+++ b/other/DHT_bootstrap.c
@@ -61,7 +61,7 @@
61 61
62static void manage_keys(DHT *dht) 62static void manage_keys(DHT *dht)
63{ 63{
64 enum { KEYS_SIZE = crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES }; 64 enum { KEYS_SIZE = CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE };
65 uint8_t keys[KEYS_SIZE]; 65 uint8_t keys[KEYS_SIZE];
66 66
67 FILE *keys_file = fopen("key", "r"); 67 FILE *keys_file = fopen("key", "r");
@@ -76,12 +76,12 @@ static void manage_keys(DHT *dht)
76 exit(1); 76 exit(1);
77 } 77 }
78 78
79 memcpy(dht->self_public_key, keys, crypto_box_PUBLICKEYBYTES); 79 memcpy(dht->self_public_key, keys, CRYPTO_PUBLIC_KEY_SIZE);
80 memcpy(dht->self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); 80 memcpy(dht->self_secret_key, keys + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_SECRET_KEY_SIZE);
81 printf("Keys loaded successfully.\n"); 81 printf("Keys loaded successfully.\n");
82 } else { 82 } else {
83 memcpy(keys, dht->self_public_key, crypto_box_PUBLICKEYBYTES); 83 memcpy(keys, dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
84 memcpy(keys + crypto_box_PUBLICKEYBYTES, dht->self_secret_key, crypto_box_SECRETKEYBYTES); 84 memcpy(keys + CRYPTO_PUBLIC_KEY_SIZE, dht->self_secret_key, CRYPTO_SECRET_KEY_SIZE);
85 keys_file = fopen("key", "w"); 85 keys_file = fopen("key", "w");
86 86
87 if (keys_file == NULL) { 87 if (keys_file == NULL) {
diff --git a/other/bootstrap_daemon/src/config.c b/other/bootstrap_daemon/src/config.c
index 3e102af9..1dffc843 100644
--- a/other/bootstrap_daemon/src/config.c
+++ b/other/bootstrap_daemon/src/config.c
@@ -392,7 +392,7 @@ int bootstrap_from_config(const char *cfg_file_path, DHT *dht, int enable_ipv6)
392 } 392 }
393 393
394 // Process settings 394 // Process settings
395 if (strlen(bs_public_key) != crypto_box_PUBLICKEYBYTES * 2) { 395 if (strlen(bs_public_key) != CRYPTO_PUBLIC_KEY_SIZE * 2) {
396 write_log(LOG_LEVEL_WARNING, "Bootstrap node #%d: Invalid '%s': %s. Skipping the node.\n", i, NAME_PUBLIC_KEY, 396 write_log(LOG_LEVEL_WARNING, "Bootstrap node #%d: Invalid '%s': %s. Skipping the node.\n", i, NAME_PUBLIC_KEY,
397 bs_public_key); 397 bs_public_key);
398 goto next; 398 goto next;
diff --git a/other/bootstrap_daemon/src/tox-bootstrapd.c b/other/bootstrap_daemon/src/tox-bootstrapd.c
index ce1ac5eb..4495f88e 100644
--- a/other/bootstrap_daemon/src/tox-bootstrapd.c
+++ b/other/bootstrap_daemon/src/tox-bootstrapd.c
@@ -57,7 +57,7 @@
57 57
58static int manage_keys(DHT *dht, char *keys_file_path) 58static int manage_keys(DHT *dht, char *keys_file_path)
59{ 59{
60 enum { KEYS_SIZE = crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES }; 60 enum { KEYS_SIZE = CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE };
61 uint8_t keys[KEYS_SIZE]; 61 uint8_t keys[KEYS_SIZE];
62 FILE *keys_file; 62 FILE *keys_file;
63 63
@@ -72,12 +72,12 @@ static int manage_keys(DHT *dht, char *keys_file_path)
72 return 0; 72 return 0;
73 } 73 }
74 74
75 memcpy(dht->self_public_key, keys, crypto_box_PUBLICKEYBYTES); 75 memcpy(dht->self_public_key, keys, CRYPTO_PUBLIC_KEY_SIZE);
76 memcpy(dht->self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); 76 memcpy(dht->self_secret_key, keys + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_SECRET_KEY_SIZE);
77 } else { 77 } else {
78 // Otherwise save new keys 78 // Otherwise save new keys
79 memcpy(keys, dht->self_public_key, crypto_box_PUBLICKEYBYTES); 79 memcpy(keys, dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
80 memcpy(keys + crypto_box_PUBLICKEYBYTES, dht->self_secret_key, crypto_box_SECRETKEYBYTES); 80 memcpy(keys + CRYPTO_PUBLIC_KEY_SIZE, dht->self_secret_key, CRYPTO_SECRET_KEY_SIZE);
81 81
82 keys_file = fopen(keys_file_path, "w"); 82 keys_file = fopen(keys_file_path, "w");
83 83
@@ -102,12 +102,12 @@ static int manage_keys(DHT *dht, char *keys_file_path)
102 102
103static void print_public_key(const uint8_t *public_key) 103static void print_public_key(const uint8_t *public_key)
104{ 104{
105 char buffer[2 * crypto_box_PUBLICKEYBYTES + 1]; 105 char buffer[2 * CRYPTO_PUBLIC_KEY_SIZE + 1];
106 int index = 0; 106 int index = 0;
107 107
108 size_t i; 108 size_t i;
109 109
110 for (i = 0; i < crypto_box_PUBLICKEYBYTES; i++) { 110 for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; i++) {
111 index += sprintf(buffer + index, "%02hhX", public_key[i]); 111 index += sprintf(buffer + index, "%02hhX", public_key[i]);
112 } 112 }
113 113
diff --git a/testing/DHT_test.c b/testing/DHT_test.c
index 46e6ff7c..c994f543 100644
--- a/testing/DHT_test.c
+++ b/testing/DHT_test.c
@@ -52,13 +52,13 @@
52 52
53#define PORT 33445 53#define PORT 33445
54 54
55static uint8_t zeroes_cid[crypto_box_PUBLICKEYBYTES]; 55static uint8_t zeroes_cid[CRYPTO_PUBLIC_KEY_SIZE];
56 56
57static void print_client_id(uint8_t *public_key) 57static void print_client_id(uint8_t *public_key)
58{ 58{
59 uint32_t j; 59 uint32_t j;
60 60
61 for (j = 0; j < crypto_box_PUBLICKEYBYTES; j++) { 61 for (j = 0; j < CRYPTO_PUBLIC_KEY_SIZE; j++) {
62 printf("%02hhX", public_key[j]); 62 printf("%02hhX", public_key[j]);
63 } 63 }
64} 64}
diff --git a/testing/hstox/binary_decode.c b/testing/hstox/binary_decode.c
index 49a5550a..fb3bca43 100644
--- a/testing/hstox/binary_decode.c
+++ b/testing/hstox/binary_decode.c
@@ -52,7 +52,7 @@ static void decode_bytestring(msgpack_object_bin args, msgpack_packer *res,
52 52
53METHOD(bin, Binary_decode, CipherText) 53METHOD(bin, Binary_decode, CipherText)
54{ 54{
55 decode_bytestring(args, res, crypto_box_MACBYTES); 55 decode_bytestring(args, res, CRYPTO_MAC_SIZE);
56 return 0; 56 return 0;
57} 57}
58 58
@@ -130,8 +130,8 @@ METHOD(bin, Binary_decode, NodeInfo)
130 } 130 }
131 131
132 msgpack_pack_uint16(res, port); 132 msgpack_pack_uint16(res, port);
133 msgpack_pack_bin(res, crypto_box_PUBLICKEYBYTES); 133 msgpack_pack_bin(res, CRYPTO_PUBLIC_KEY_SIZE);
134 msgpack_pack_bin_body(res, &node.public_key, crypto_box_PUBLICKEYBYTES); 134 msgpack_pack_bin_body(res, &node.public_key, CRYPTO_PUBLIC_KEY_SIZE);
135 } else { 135 } else {
136 msgpack_pack_nil(res); 136 msgpack_pack_nil(res);
137 } 137 }
diff --git a/testing/hstox/binary_encode.c b/testing/hstox/binary_encode.c
index 99c9d4a1..8809be28 100644
--- a/testing/hstox/binary_encode.c
+++ b/testing/hstox/binary_encode.c
@@ -60,7 +60,7 @@ METHOD(array, Binary_encode, KeyPair)
60 return 0; 60 return 0;
61} 61}
62 62
63#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES) 63#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE)
64METHOD(array, Binary_encode, NodeInfo) 64METHOD(array, Binary_encode, NodeInfo)
65{ 65{
66 CHECK_SIZE(args, 3); 66 CHECK_SIZE(args, 3);
@@ -85,7 +85,7 @@ METHOD(array, Binary_encode, NodeInfo)
85 CHECK_TYPE(args.ptr[2], MSGPACK_OBJECT_BIN); 85 CHECK_TYPE(args.ptr[2], MSGPACK_OBJECT_BIN);
86 msgpack_object_bin public_key = args.ptr[2].via.bin; 86 msgpack_object_bin public_key = args.ptr[2].via.bin;
87 87
88 CHECK_SIZE(public_key, crypto_box_PUBLICKEYBYTES); 88 CHECK_SIZE(public_key, CRYPTO_PUBLIC_KEY_SIZE);
89 89
90 IP_Port ipp; 90 IP_Port ipp;
91 ipp.port = htons(port_number); 91 ipp.port = htons(port_number);
@@ -131,7 +131,7 @@ METHOD(array, Binary_encode, NodeInfo)
131 131
132 Node_format node; 132 Node_format node;
133 node.ip_port = ipp; 133 node.ip_port = ipp;
134 memcpy(&node.public_key, public_key.ptr, crypto_box_PUBLICKEYBYTES); 134 memcpy(&node.public_key, public_key.ptr, CRYPTO_PUBLIC_KEY_SIZE);
135 135
136 /* We assume IP6 because it's bigger */ 136 /* We assume IP6 because it's bigger */
137 uint8_t packed_node[PACKED_NODE_SIZE_IP6]; 137 uint8_t packed_node[PACKED_NODE_SIZE_IP6];
diff --git a/testing/hstox/methods.c b/testing/hstox/methods.c
index b24fb7c1..a2420776 100644
--- a/testing/hstox/methods.c
+++ b/testing/hstox/methods.c
@@ -26,18 +26,18 @@ METHOD(array, CombinedKey, precompute)
26 26
27METHOD(array, KeyPair, newKeyPair) 27METHOD(array, KeyPair, newKeyPair)
28{ 28{
29 uint8_t key1[crypto_box_PUBLICKEYBYTES]; 29 uint8_t key1[CRYPTO_PUBLIC_KEY_SIZE];
30 uint8_t key2[crypto_box_SECRETKEYBYTES]; 30 uint8_t key2[CRYPTO_SECRET_KEY_SIZE];
31 crypto_box_keypair(key1, key2); 31 crypto_new_keypair(key1, key2);
32 32
33 SUCCESS { 33 SUCCESS {
34 // init array 34 // init array
35 msgpack_pack_array(res, 2); 35 msgpack_pack_array(res, 2);
36 msgpack_pack_bin(res, crypto_box_PUBLICKEYBYTES); 36 msgpack_pack_bin(res, CRYPTO_PUBLIC_KEY_SIZE);
37 msgpack_pack_bin_body(res, key1, crypto_box_PUBLICKEYBYTES); 37 msgpack_pack_bin_body(res, key1, CRYPTO_PUBLIC_KEY_SIZE);
38 38
39 msgpack_pack_bin(res, crypto_box_SECRETKEYBYTES); 39 msgpack_pack_bin(res, CRYPTO_SECRET_KEY_SIZE);
40 msgpack_pack_bin_body(res, key2, crypto_box_SECRETKEYBYTES); 40 msgpack_pack_bin_body(res, key2, CRYPTO_SECRET_KEY_SIZE);
41 } 41 }
42 return 0; 42 return 0;
43} 43}
@@ -46,20 +46,20 @@ METHOD(array, KeyPair, fromSecretKey)
46{ 46{
47 CHECK_SIZE(args, 1); 47 CHECK_SIZE(args, 1);
48 CHECK_TYPE(args.ptr[0], MSGPACK_OBJECT_BIN); 48 CHECK_TYPE(args.ptr[0], MSGPACK_OBJECT_BIN);
49 CHECK_SIZE(args.ptr[0].via.bin, crypto_box_SECRETKEYBYTES); 49 CHECK_SIZE(args.ptr[0].via.bin, CRYPTO_SECRET_KEY_SIZE);
50 50
51 Net_Crypto c; 51 Net_Crypto c;
52 uint8_t secret_key[crypto_box_SECRETKEYBYTES]; 52 uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE];
53 memcpy(secret_key, args.ptr[0].via.bin.ptr, crypto_box_SECRETKEYBYTES); 53 memcpy(secret_key, args.ptr[0].via.bin.ptr, CRYPTO_SECRET_KEY_SIZE);
54 load_secret_key(&c, secret_key); 54 load_secret_key(&c, secret_key);
55 55
56 SUCCESS { 56 SUCCESS {
57 msgpack_pack_array(res, 2); 57 msgpack_pack_array(res, 2);
58 58
59 msgpack_pack_bin(res, crypto_box_PUBLICKEYBYTES); 59 msgpack_pack_bin(res, CRYPTO_PUBLIC_KEY_SIZE);
60 msgpack_pack_bin_body(res, c.self_secret_key, crypto_box_PUBLICKEYBYTES); 60 msgpack_pack_bin_body(res, c.self_secret_key, CRYPTO_PUBLIC_KEY_SIZE);
61 msgpack_pack_bin(res, crypto_box_SECRETKEYBYTES); 61 msgpack_pack_bin(res, CRYPTO_SECRET_KEY_SIZE);
62 msgpack_pack_bin_body(res, c.self_public_key, crypto_box_SECRETKEYBYTES); 62 msgpack_pack_bin_body(res, c.self_public_key, CRYPTO_SECRET_KEY_SIZE);
63 } 63 }
64 return 0; 64 return 0;
65} 65}
diff --git a/toxcore/DHT.c b/toxcore/DHT.c
index 5185353e..e31405fd 100644
--- a/toxcore/DHT.c
+++ b/toxcore/DHT.c
@@ -68,7 +68,7 @@ int id_closest(const uint8_t *pk, const uint8_t *pk1, const uint8_t *pk2)
68 size_t i; 68 size_t i;
69 uint8_t distance1, distance2; 69 uint8_t distance1, distance2;
70 70
71 for (i = 0; i < crypto_box_PUBLICKEYBYTES; ++i) { 71 for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; ++i) {
72 72
73 distance1 = pk[i] ^ pk1[i]; 73 distance1 = pk[i] ^ pk1[i];
74 distance2 = pk[i] ^ pk2[i]; 74 distance2 = pk[i] ^ pk2[i];
@@ -91,7 +91,7 @@ static unsigned int bit_by_bit_cmp(const uint8_t *pk1, const uint8_t *pk2)
91{ 91{
92 unsigned int i, j = 0; 92 unsigned int i, j = 0;
93 93
94 for (i = 0; i < crypto_box_PUBLICKEYBYTES; ++i) { 94 for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; ++i) {
95 if (pk1[i] == pk2[i]) { 95 if (pk1[i] == pk2[i]) {
96 continue; 96 continue;
97 } 97 }
@@ -123,7 +123,7 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, const uint8_t
123 123
124 if (shared_keys->keys[index].stored) { 124 if (shared_keys->keys[index].stored) {
125 if (public_key_cmp(public_key, shared_keys->keys[index].public_key) == 0) { 125 if (public_key_cmp(public_key, shared_keys->keys[index].public_key) == 0) {
126 memcpy(shared_key, shared_keys->keys[index].shared_key, crypto_box_BEFORENMBYTES); 126 memcpy(shared_key, shared_keys->keys[index].shared_key, CRYPTO_SHARED_KEY_SIZE);
127 ++shared_keys->keys[index].times_requested; 127 ++shared_keys->keys[index].times_requested;
128 shared_keys->keys[index].time_last_requested = unix_time(); 128 shared_keys->keys[index].time_last_requested = unix_time();
129 return; 129 return;
@@ -151,8 +151,8 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, const uint8_t
151 if (num != (uint32_t)~0) { 151 if (num != (uint32_t)~0) {
152 shared_keys->keys[curr].stored = 1; 152 shared_keys->keys[curr].stored = 1;
153 shared_keys->keys[curr].times_requested = 1; 153 shared_keys->keys[curr].times_requested = 1;
154 memcpy(shared_keys->keys[curr].public_key, public_key, crypto_box_PUBLICKEYBYTES); 154 memcpy(shared_keys->keys[curr].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
155 memcpy(shared_keys->keys[curr].shared_key, shared_key, crypto_box_BEFORENMBYTES); 155 memcpy(shared_keys->keys[curr].shared_key, shared_key, CRYPTO_SHARED_KEY_SIZE);
156 shared_keys->keys[curr].time_last_requested = unix_time(); 156 shared_keys->keys[curr].time_last_requested = unix_time();
157 } 157 }
158} 158}
@@ -190,28 +190,28 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke
190 return -1; 190 return -1;
191 } 191 }
192 192
193 if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + 193 if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1 +
194 crypto_box_MACBYTES) { 194 CRYPTO_MAC_SIZE) {
195 return -1; 195 return -1;
196 } 196 }
197 197
198 uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; 198 uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2;
199 random_nonce(nonce); 199 random_nonce(nonce);
200 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function 200 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function
201 memcpy(temp + 1, data, length); 201 memcpy(temp + 1, data, length);
202 temp[0] = request_id; 202 temp[0] = request_id;
203 int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, 203 int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1,
204 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); 204 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + packet);
205 205
206 if (len == -1) { 206 if (len == -1) {
207 return -1; 207 return -1;
208 } 208 }
209 209
210 packet[0] = NET_PACKET_CRYPTO; 210 packet[0] = NET_PACKET_CRYPTO;
211 memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); 211 memcpy(packet + 1, recv_public_key, CRYPTO_PUBLIC_KEY_SIZE);
212 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); 212 memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, send_public_key, CRYPTO_PUBLIC_KEY_SIZE);
213 213
214 return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; 214 return len + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE;
215} 215}
216 216
217/* Puts the senders public key in the request in public_key, the data from the request 217/* Puts the senders public key in the request in public_key, the data from the request
@@ -227,7 +227,7 @@ int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_ke
227 return -1; 227 return -1;
228 } 228 }
229 229
230 if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || 230 if (length <= CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1 + CRYPTO_MAC_SIZE ||
231 length > MAX_CRYPTO_REQUEST_SIZE) { 231 length > MAX_CRYPTO_REQUEST_SIZE) {
232 return -1; 232 return -1;
233 } 233 }
@@ -236,12 +236,12 @@ int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_ke
236 return -1; 236 return -1;
237 } 237 }
238 238
239 memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); 239 memcpy(public_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE);
240 const uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; 240 const uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2;
241 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function 241 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function
242 int len1 = decrypt_data(public_key, self_secret_key, nonce, 242 int len1 = decrypt_data(public_key, self_secret_key, nonce,
243 packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, 243 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE,
244 length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); 244 length - (CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1), temp);
245 245
246 if (len1 == -1 || len1 == 0) { 246 if (len1 == -1 || len1 == 0) {
247 return -1; 247 return -1;
@@ -277,8 +277,8 @@ int to_host_family(IP *ip)
277 return -1; 277 return -1;
278} 278}
279 279
280#define PACKED_NODE_SIZE_IP4 (1 + SIZE_IP4 + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES) 280#define PACKED_NODE_SIZE_IP4 (1 + SIZE_IP4 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE)
281#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES) 281#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE)
282 282
283/* Return packet size of packed node with ip_family on success. 283/* Return packet size of packed node with ip_family on success.
284 * Return -1 on failure. 284 * Return -1 on failure.
@@ -365,11 +365,11 @@ static int pack_ip_port(uint8_t *data, uint16_t length, const IP_Port *ip_port)
365 return -1; 365 return -1;
366} 366}
367 367
368static int DHT_create_packet(const uint8_t public_key[crypto_box_PUBLICKEYBYTES], 368static int DHT_create_packet(const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
369 const uint8_t *shared_key, const uint8_t type, uint8_t *plain, size_t plain_length, uint8_t *packet) 369 const uint8_t *shared_key, const uint8_t type, uint8_t *plain, size_t plain_length, uint8_t *packet)
370{ 370{
371 uint8_t encrypted[plain_length + crypto_box_MACBYTES]; 371 uint8_t encrypted[plain_length + CRYPTO_MAC_SIZE];
372 uint8_t nonce[crypto_box_NONCEBYTES]; 372 uint8_t nonce[CRYPTO_NONCE_SIZE];
373 373
374 random_nonce(nonce); 374 random_nonce(nonce);
375 375
@@ -381,11 +381,11 @@ static int DHT_create_packet(const uint8_t public_key[crypto_box_PUBLICKEYBYTES]
381 } 381 }
382 382
383 packet[0] = type; 383 packet[0] = type;
384 memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); 384 memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE);
385 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); 385 memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE);
386 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, encrypted, encrypted_length); 386 memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, encrypted, encrypted_length);
387 387
388 return 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + encrypted_length; 388 return 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + encrypted_length;
389} 389}
390 390
391/* Unpack IP_Port structure from data of max size length into ip_port. 391/* Unpack IP_Port structure from data of max size length into ip_port.
@@ -473,14 +473,14 @@ int pack_nodes(uint8_t *data, uint16_t length, const Node_format *nodes, uint16_
473 473
474 packed_length += ipp_size; 474 packed_length += ipp_size;
475 475
476 if (packed_length + crypto_box_PUBLICKEYBYTES > length) { 476 if (packed_length + CRYPTO_PUBLIC_KEY_SIZE > length) {
477 return -1; 477 return -1;
478 } 478 }
479 479
480 memcpy(data + packed_length, nodes[i].public_key, crypto_box_PUBLICKEYBYTES); 480 memcpy(data + packed_length, nodes[i].public_key, CRYPTO_PUBLIC_KEY_SIZE);
481 packed_length += crypto_box_PUBLICKEYBYTES; 481 packed_length += CRYPTO_PUBLIC_KEY_SIZE;
482 482
483 uint32_t increment = ipp_size + crypto_box_PUBLICKEYBYTES; 483 uint32_t increment = ipp_size + CRYPTO_PUBLIC_KEY_SIZE;
484 assert(increment == PACKED_NODE_SIZE_IP4 || increment == PACKED_NODE_SIZE_IP6); 484 assert(increment == PACKED_NODE_SIZE_IP4 || increment == PACKED_NODE_SIZE_IP6);
485 } 485 }
486 486
@@ -508,15 +508,15 @@ int unpack_nodes(Node_format *nodes, uint16_t max_num_nodes, uint16_t *processed
508 508
509 len_processed += ipp_size; 509 len_processed += ipp_size;
510 510
511 if (len_processed + crypto_box_PUBLICKEYBYTES > length) { 511 if (len_processed + CRYPTO_PUBLIC_KEY_SIZE > length) {
512 return -1; 512 return -1;
513 } 513 }
514 514
515 memcpy(nodes[num].public_key, data + len_processed, crypto_box_PUBLICKEYBYTES); 515 memcpy(nodes[num].public_key, data + len_processed, CRYPTO_PUBLIC_KEY_SIZE);
516 len_processed += crypto_box_PUBLICKEYBYTES; 516 len_processed += CRYPTO_PUBLIC_KEY_SIZE;
517 ++num; 517 ++num;
518 518
519 uint32_t increment = ipp_size + crypto_box_PUBLICKEYBYTES; 519 uint32_t increment = ipp_size + CRYPTO_PUBLIC_KEY_SIZE;
520 assert(increment == PACKED_NODE_SIZE_IP4 || increment == PACKED_NODE_SIZE_IP6); 520 assert(increment == PACKED_NODE_SIZE_IP4 || increment == PACKED_NODE_SIZE_IP6);
521 } 521 }
522 522
@@ -589,7 +589,7 @@ static int client_or_ip_port_in_list(Logger *log, Client_data *list, uint16_t le
589 if ((ip_port.ip.family == AF_INET) && ipport_equal(&list[i].assoc4.ip_port, &ip_port)) { 589 if ((ip_port.ip.family == AF_INET) && ipport_equal(&list[i].assoc4.ip_port, &ip_port)) {
590 /* Initialize client timestamp. */ 590 /* Initialize client timestamp. */
591 list[i].assoc4.timestamp = temp_time; 591 list[i].assoc4.timestamp = temp_time;
592 memcpy(list[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); 592 memcpy(list[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
593 593
594 LOGGER_DEBUG(log, "coipil[%u]: switching public_key (ipv4)", i); 594 LOGGER_DEBUG(log, "coipil[%u]: switching public_key (ipv4)", i);
595 595
@@ -601,7 +601,7 @@ static int client_or_ip_port_in_list(Logger *log, Client_data *list, uint16_t le
601 if ((ip_port.ip.family == AF_INET6) && ipport_equal(&list[i].assoc6.ip_port, &ip_port)) { 601 if ((ip_port.ip.family == AF_INET6) && ipport_equal(&list[i].assoc6.ip_port, &ip_port)) {
602 /* Initialize client timestamp. */ 602 /* Initialize client timestamp. */
603 list[i].assoc6.timestamp = temp_time; 603 list[i].assoc6.timestamp = temp_time;
604 memcpy(list[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); 604 memcpy(list[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
605 605
606 LOGGER_DEBUG(log, "coipil[%u]: switching public_key (ipv6)", i); 606 LOGGER_DEBUG(log, "coipil[%u]: switching public_key (ipv6)", i);
607 607
@@ -653,16 +653,16 @@ static int friend_number(const DHT *dht, const uint8_t *public_key)
653bool add_to_list(Node_format *nodes_list, unsigned int length, const uint8_t *pk, IP_Port ip_port, 653bool add_to_list(Node_format *nodes_list, unsigned int length, const uint8_t *pk, IP_Port ip_port,
654 const uint8_t *cmp_pk) 654 const uint8_t *cmp_pk)
655{ 655{
656 uint8_t pk_bak[crypto_box_PUBLICKEYBYTES]; 656 uint8_t pk_bak[CRYPTO_PUBLIC_KEY_SIZE];
657 IP_Port ip_port_bak; 657 IP_Port ip_port_bak;
658 658
659 unsigned int i; 659 unsigned int i;
660 660
661 for (i = 0; i < length; ++i) { 661 for (i = 0; i < length; ++i) {
662 if (id_closest(cmp_pk, nodes_list[i].public_key, pk) == 2) { 662 if (id_closest(cmp_pk, nodes_list[i].public_key, pk) == 2) {
663 memcpy(pk_bak, nodes_list[i].public_key, crypto_box_PUBLICKEYBYTES); 663 memcpy(pk_bak, nodes_list[i].public_key, CRYPTO_PUBLIC_KEY_SIZE);
664 ip_port_bak = nodes_list[i].ip_port; 664 ip_port_bak = nodes_list[i].ip_port;
665 memcpy(nodes_list[i].public_key, pk, crypto_box_PUBLICKEYBYTES); 665 memcpy(nodes_list[i].public_key, pk, CRYPTO_PUBLIC_KEY_SIZE);
666 nodes_list[i].ip_port = ip_port; 666 nodes_list[i].ip_port = ip_port;
667 667
668 if (i != (length - 1)) { 668 if (i != (length - 1)) {
@@ -742,7 +742,7 @@ static void get_close_nodes_inner(const uint8_t *public_key, Node_format *nodes_
742 if (num_nodes < MAX_SENT_NODES) { 742 if (num_nodes < MAX_SENT_NODES) {
743 memcpy(nodes_list[num_nodes].public_key, 743 memcpy(nodes_list[num_nodes].public_key,
744 client->public_key, 744 client->public_key,
745 crypto_box_PUBLICKEYBYTES); 745 CRYPTO_PUBLIC_KEY_SIZE);
746 746
747 nodes_list[num_nodes].ip_port = ipptp->ip_port; 747 nodes_list[num_nodes].ip_port = ipptp->ip_port;
748 num_nodes++; 748 num_nodes++;
@@ -796,7 +796,7 @@ int get_close_nodes(const DHT *dht, const uint8_t *public_key, Node_format *node
796 return get_somewhat_close_nodes(dht, public_key, nodes_list, sa_family, is_LAN, want_good); 796 return get_somewhat_close_nodes(dht, public_key, nodes_list, sa_family, is_LAN, want_good);
797} 797}
798 798
799static uint8_t cmp_public_key[crypto_box_PUBLICKEYBYTES]; 799static uint8_t cmp_public_key[CRYPTO_PUBLIC_KEY_SIZE];
800static int cmp_dht_entry(const void *a, const void *b) 800static int cmp_dht_entry(const void *a, const void *b)
801{ 801{
802 Client_data entry1, entry2; 802 Client_data entry1, entry2;
@@ -862,7 +862,7 @@ static unsigned int store_node_ok(const Client_data *client, const uint8_t *publ
862 862
863static void sort_client_list(Client_data *list, unsigned int length, const uint8_t *comp_public_key) 863static void sort_client_list(Client_data *list, unsigned int length, const uint8_t *comp_public_key)
864{ 864{
865 memcpy(cmp_public_key, comp_public_key, crypto_box_PUBLICKEYBYTES); 865 memcpy(cmp_public_key, comp_public_key, CRYPTO_PUBLIC_KEY_SIZE);
866 qsort(list, length, sizeof(Client_data), cmp_dht_entry); 866 qsort(list, length, sizeof(Client_data), cmp_dht_entry);
867} 867}
868 868
@@ -1018,7 +1018,7 @@ static unsigned int ping_node_from_getnodes_ok(DHT *dht, const uint8_t *public_k
1018 1018
1019 if (ret && !client_in_nodelist(dht->to_bootstrap, dht->num_to_bootstrap, public_key)) { 1019 if (ret && !client_in_nodelist(dht->to_bootstrap, dht->num_to_bootstrap, public_key)) {
1020 if (dht->num_to_bootstrap < MAX_CLOSE_TO_BOOTSTRAP_NODES) { 1020 if (dht->num_to_bootstrap < MAX_CLOSE_TO_BOOTSTRAP_NODES) {
1021 memcpy(dht->to_bootstrap[dht->num_to_bootstrap].public_key, public_key, crypto_box_PUBLICKEYBYTES); 1021 memcpy(dht->to_bootstrap[dht->num_to_bootstrap].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
1022 dht->to_bootstrap[dht->num_to_bootstrap].ip_port = ip_port; 1022 dht->to_bootstrap[dht->num_to_bootstrap].ip_port = ip_port;
1023 ++dht->num_to_bootstrap; 1023 ++dht->num_to_bootstrap;
1024 } else { 1024 } else {
@@ -1045,7 +1045,7 @@ static unsigned int ping_node_from_getnodes_ok(DHT *dht, const uint8_t *public_k
1045 if (store_ok && !client_in_nodelist(dht_friend->to_bootstrap, dht_friend->num_to_bootstrap, public_key) 1045 if (store_ok && !client_in_nodelist(dht_friend->to_bootstrap, dht_friend->num_to_bootstrap, public_key)
1046 && !is_pk_in_client_list(dht_friend->client_list, MAX_FRIEND_CLIENTS, public_key, ip_port)) { 1046 && !is_pk_in_client_list(dht_friend->client_list, MAX_FRIEND_CLIENTS, public_key, ip_port)) {
1047 if (dht_friend->num_to_bootstrap < MAX_SENT_NODES) { 1047 if (dht_friend->num_to_bootstrap < MAX_SENT_NODES) {
1048 memcpy(dht_friend->to_bootstrap[dht_friend->num_to_bootstrap].public_key, public_key, crypto_box_PUBLICKEYBYTES); 1048 memcpy(dht_friend->to_bootstrap[dht_friend->num_to_bootstrap].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
1049 dht_friend->to_bootstrap[dht_friend->num_to_bootstrap].ip_port = ip_port; 1049 dht_friend->to_bootstrap[dht_friend->num_to_bootstrap].ip_port = ip_port;
1050 ++dht_friend->num_to_bootstrap; 1050 ++dht_friend->num_to_bootstrap;
1051 } else { 1051 } else {
@@ -1195,7 +1195,7 @@ static int getnodes(DHT *dht, IP_Port ip_port, const uint8_t *public_key, const
1195 uint8_t plain_message[sizeof(Node_format) * 2] = {0}; 1195 uint8_t plain_message[sizeof(Node_format) * 2] = {0};
1196 1196
1197 Node_format receiver; 1197 Node_format receiver;
1198 memcpy(receiver.public_key, public_key, crypto_box_PUBLICKEYBYTES); 1198 memcpy(receiver.public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
1199 receiver.ip_port = ip_port; 1199 receiver.ip_port = ip_port;
1200 memcpy(plain_message, &receiver, sizeof(receiver)); 1200 memcpy(plain_message, &receiver, sizeof(receiver));
1201 1201
@@ -1212,13 +1212,13 @@ static int getnodes(DHT *dht, IP_Port ip_port, const uint8_t *public_key, const
1212 return -1; 1212 return -1;
1213 } 1213 }
1214 1214
1215 uint8_t plain[crypto_box_PUBLICKEYBYTES + sizeof(ping_id)]; 1215 uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + sizeof(ping_id)];
1216 uint8_t data[1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES]; 1216 uint8_t data[1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE];
1217 1217
1218 memcpy(plain, client_id, crypto_box_PUBLICKEYBYTES); 1218 memcpy(plain, client_id, CRYPTO_PUBLIC_KEY_SIZE);
1219 memcpy(plain + crypto_box_PUBLICKEYBYTES, &ping_id, sizeof(ping_id)); 1219 memcpy(plain + CRYPTO_PUBLIC_KEY_SIZE, &ping_id, sizeof(ping_id));
1220 1220
1221 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 1221 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
1222 DHT_get_shared_key_sent(dht, shared_key, public_key); 1222 DHT_get_shared_key_sent(dht, shared_key, public_key);
1223 1223
1224 int len = DHT_create_packet(dht->self_public_key, shared_key, NET_PACKET_GET_NODES, 1224 int len = DHT_create_packet(dht->self_public_key, shared_key, NET_PACKET_GET_NODES,
@@ -1264,8 +1264,8 @@ static int sendnodes_ipv6(const DHT *dht, IP_Port ip_port, const uint8_t *public
1264 plain[0] = num_nodes; 1264 plain[0] = num_nodes;
1265 memcpy(plain + 1 + nodes_length, sendback_data, length); 1265 memcpy(plain + 1 + nodes_length, sendback_data, length);
1266 1266
1267 uint8_t data[1 + nodes_length + length + 1 + crypto_box_PUBLICKEYBYTES 1267 uint8_t data[1 + nodes_length + length + 1 + CRYPTO_PUBLIC_KEY_SIZE
1268 + crypto_box_NONCEBYTES + crypto_box_MACBYTES]; 1268 + CRYPTO_NONCE_SIZE + CRYPTO_MAC_SIZE];
1269 1269
1270 int len = DHT_create_packet(dht->self_public_key, shared_encryption_key, NET_PACKET_SEND_NODES_IPV6, 1270 int len = DHT_create_packet(dht->self_public_key, shared_encryption_key, NET_PACKET_SEND_NODES_IPV6,
1271 plain, 1 + nodes_length + length, data); 1271 plain, 1 + nodes_length + length, data);
@@ -1279,8 +1279,8 @@ static int sendnodes_ipv6(const DHT *dht, IP_Port ip_port, const uint8_t *public
1279 1279
1280static int handle_getnodes(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) 1280static int handle_getnodes(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
1281{ 1281{
1282 if (length != (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + sizeof( 1282 if (length != (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + sizeof(
1283 uint64_t) + crypto_box_MACBYTES)) { 1283 uint64_t) + CRYPTO_MAC_SIZE)) {
1284 return 1; 1284 return 1;
1285 } 1285 }
1286 1286
@@ -1291,21 +1291,21 @@ static int handle_getnodes(void *object, IP_Port source, const uint8_t *packet,
1291 return 1; 1291 return 1;
1292 } 1292 }
1293 1293
1294 uint8_t plain[crypto_box_PUBLICKEYBYTES + sizeof(uint64_t)]; 1294 uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t)];
1295 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 1295 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
1296 1296
1297 DHT_get_shared_key_recv(dht, shared_key, packet + 1); 1297 DHT_get_shared_key_recv(dht, shared_key, packet + 1);
1298 int len = decrypt_data_symmetric(shared_key, 1298 int len = decrypt_data_symmetric(shared_key,
1299 packet + 1 + crypto_box_PUBLICKEYBYTES, 1299 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
1300 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, 1300 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
1301 crypto_box_PUBLICKEYBYTES + sizeof(uint64_t) + crypto_box_MACBYTES, 1301 CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t) + CRYPTO_MAC_SIZE,
1302 plain); 1302 plain);
1303 1303
1304 if (len != crypto_box_PUBLICKEYBYTES + sizeof(uint64_t)) { 1304 if (len != CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t)) {
1305 return 1; 1305 return 1;
1306 } 1306 }
1307 1307
1308 sendnodes_ipv6(dht, source, packet + 1, plain, plain + crypto_box_PUBLICKEYBYTES, sizeof(uint64_t), shared_key); 1308 sendnodes_ipv6(dht, source, packet + 1, plain, plain + CRYPTO_PUBLIC_KEY_SIZE, sizeof(uint64_t), shared_key);
1309 1309
1310 add_to_ping(dht->ping, packet + 1, source); 1310 add_to_ping(dht->ping, packet + 1, source);
1311 1311
@@ -1344,7 +1344,7 @@ static int handle_sendnodes_core(void *object, IP_Port source, const uint8_t *pa
1344 Node_format *plain_nodes, uint16_t size_plain_nodes, uint32_t *num_nodes_out) 1344 Node_format *plain_nodes, uint16_t size_plain_nodes, uint32_t *num_nodes_out)
1345{ 1345{
1346 DHT *dht = (DHT *)object; 1346 DHT *dht = (DHT *)object;
1347 uint32_t cid_size = 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + 1 + sizeof(uint64_t) + crypto_box_MACBYTES; 1347 uint32_t cid_size = 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + 1 + sizeof(uint64_t) + CRYPTO_MAC_SIZE;
1348 1348
1349 if (length < cid_size) { /* too short */ 1349 if (length < cid_size) { /* too short */
1350 return 1; 1350 return 1;
@@ -1361,13 +1361,13 @@ static int handle_sendnodes_core(void *object, IP_Port source, const uint8_t *pa
1361 } 1361 }
1362 1362
1363 uint8_t plain[1 + data_size + sizeof(uint64_t)]; 1363 uint8_t plain[1 + data_size + sizeof(uint64_t)];
1364 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 1364 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
1365 DHT_get_shared_key_sent(dht, shared_key, packet + 1); 1365 DHT_get_shared_key_sent(dht, shared_key, packet + 1);
1366 int len = decrypt_data_symmetric( 1366 int len = decrypt_data_symmetric(
1367 shared_key, 1367 shared_key,
1368 packet + 1 + crypto_box_PUBLICKEYBYTES, 1368 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
1369 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, 1369 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
1370 1 + data_size + sizeof(uint64_t) + crypto_box_MACBYTES, 1370 1 + data_size + sizeof(uint64_t) + CRYPTO_MAC_SIZE,
1371 plain); 1371 plain);
1372 1372
1373 if ((unsigned int)len != sizeof(plain)) { 1373 if ((unsigned int)len != sizeof(plain)) {
@@ -1477,7 +1477,7 @@ int DHT_addfriend(DHT *dht, const uint8_t *public_key, void (*ip_callback)(void
1477 dht->friends_list = temp; 1477 dht->friends_list = temp;
1478 DHT_Friend *dht_friend = &dht->friends_list[dht->num_friends]; 1478 DHT_Friend *dht_friend = &dht->friends_list[dht->num_friends];
1479 memset(dht_friend, 0, sizeof(DHT_Friend)); 1479 memset(dht_friend, 0, sizeof(DHT_Friend));
1480 memcpy(dht_friend->public_key, public_key, crypto_box_PUBLICKEYBYTES); 1480 memcpy(dht_friend->public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
1481 1481
1482 dht_friend->nat.NATping_id = random_64b(); 1482 dht_friend->nat.NATping_id = random_64b();
1483 ++dht->num_friends; 1483 ++dht->num_friends;
@@ -2216,10 +2216,10 @@ static int send_hardening_req(DHT *dht, Node_format *sendto, uint8_t type, uint8
2216/* Send a get node hardening request */ 2216/* Send a get node hardening request */
2217static int send_hardening_getnode_req(DHT *dht, Node_format *dest, Node_format *node_totest, uint8_t *search_id) 2217static int send_hardening_getnode_req(DHT *dht, Node_format *dest, Node_format *node_totest, uint8_t *search_id)
2218{ 2218{
2219 uint8_t data[sizeof(Node_format) + crypto_box_PUBLICKEYBYTES]; 2219 uint8_t data[sizeof(Node_format) + CRYPTO_PUBLIC_KEY_SIZE];
2220 memcpy(data, node_totest, sizeof(Node_format)); 2220 memcpy(data, node_totest, sizeof(Node_format));
2221 memcpy(data + sizeof(Node_format), search_id, crypto_box_PUBLICKEYBYTES); 2221 memcpy(data + sizeof(Node_format), search_id, CRYPTO_PUBLIC_KEY_SIZE);
2222 return send_hardening_req(dht, dest, CHECK_TYPE_GETNODE_REQ, data, sizeof(Node_format) + crypto_box_PUBLICKEYBYTES); 2222 return send_hardening_req(dht, dest, CHECK_TYPE_GETNODE_REQ, data, sizeof(Node_format) + CRYPTO_PUBLIC_KEY_SIZE);
2223} 2223}
2224#endif 2224#endif
2225 2225
@@ -2232,10 +2232,10 @@ static int send_hardening_getnode_res(const DHT *dht, const Node_format *sendto,
2232 } 2232 }
2233 2233
2234 uint8_t packet[MAX_CRYPTO_REQUEST_SIZE]; 2234 uint8_t packet[MAX_CRYPTO_REQUEST_SIZE];
2235 uint8_t data[1 + crypto_box_PUBLICKEYBYTES + nodes_data_length]; 2235 uint8_t data[1 + CRYPTO_PUBLIC_KEY_SIZE + nodes_data_length];
2236 data[0] = CHECK_TYPE_GETNODE_RES; 2236 data[0] = CHECK_TYPE_GETNODE_RES;
2237 memcpy(data + 1, queried_client_id, crypto_box_PUBLICKEYBYTES); 2237 memcpy(data + 1, queried_client_id, CRYPTO_PUBLIC_KEY_SIZE);
2238 memcpy(data + 1 + crypto_box_PUBLICKEYBYTES, nodes_data, nodes_data_length); 2238 memcpy(data + 1 + CRYPTO_PUBLIC_KEY_SIZE, nodes_data, nodes_data_length);
2239 int len = create_request(dht->self_public_key, dht->self_secret_key, packet, sendto->public_key, data, 2239 int len = create_request(dht->self_public_key, dht->self_secret_key, packet, sendto->public_key, data,
2240 sizeof(data), CRYPTO_PACKET_HARDENING); 2240 sizeof(data), CRYPTO_PACKET_HARDENING);
2241 2241
@@ -2317,7 +2317,7 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_
2317 2317
2318 Node_format node, tocheck_node; 2318 Node_format node, tocheck_node;
2319 node.ip_port = source; 2319 node.ip_port = source;
2320 memcpy(node.public_key, source_pubkey, crypto_box_PUBLICKEYBYTES); 2320 memcpy(node.public_key, source_pubkey, CRYPTO_PUBLIC_KEY_SIZE);
2321 memcpy(&tocheck_node, packet + 1, sizeof(Node_format)); 2321 memcpy(&tocheck_node, packet + 1, sizeof(Node_format));
2322 2322
2323 if (getnodes(dht, tocheck_node.ip_port, tocheck_node.public_key, packet + 1 + sizeof(Node_format), &node) == -1) { 2323 if (getnodes(dht, tocheck_node.ip_port, tocheck_node.public_key, packet + 1 + sizeof(Node_format), &node) == -1) {
@@ -2328,17 +2328,17 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_
2328 } 2328 }
2329 2329
2330 case CHECK_TYPE_GETNODE_RES: { 2330 case CHECK_TYPE_GETNODE_RES: {
2331 if (length <= crypto_box_PUBLICKEYBYTES + 1) { 2331 if (length <= CRYPTO_PUBLIC_KEY_SIZE + 1) {
2332 return 1; 2332 return 1;
2333 } 2333 }
2334 2334
2335 if (length > 1 + crypto_box_PUBLICKEYBYTES + sizeof(Node_format) * MAX_SENT_NODES) { 2335 if (length > 1 + CRYPTO_PUBLIC_KEY_SIZE + sizeof(Node_format) * MAX_SENT_NODES) {
2336 return 1; 2336 return 1;
2337 } 2337 }
2338 2338
2339 uint16_t length_nodes = length - 1 - crypto_box_PUBLICKEYBYTES; 2339 uint16_t length_nodes = length - 1 - CRYPTO_PUBLIC_KEY_SIZE;
2340 Node_format nodes[MAX_SENT_NODES]; 2340 Node_format nodes[MAX_SENT_NODES];
2341 int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, packet + 1 + crypto_box_PUBLICKEYBYTES, length_nodes, 0); 2341 int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, length_nodes, 0);
2342 2342
2343 /* TODO(irungentoo): MAX_SENT_NODES nodes should be returned at all times 2343 /* TODO(irungentoo): MAX_SENT_NODES nodes should be returned at all times
2344 (right now we have a small network size so it could cause problems for testing and etc..) */ 2344 (right now we have a small network size so it could cause problems for testing and etc..) */
@@ -2380,10 +2380,10 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_
2380 */ 2380 */
2381static Node_format random_node(DHT *dht, sa_family_t sa_family) 2381static Node_format random_node(DHT *dht, sa_family_t sa_family)
2382{ 2382{
2383 uint8_t id[crypto_box_PUBLICKEYBYTES]; 2383 uint8_t id[CRYPTO_PUBLIC_KEY_SIZE];
2384 uint32_t i; 2384 uint32_t i;
2385 2385
2386 for (i = 0; i < crypto_box_PUBLICKEYBYTES / 4; ++i) { /* populate the id with pseudorandom bytes.*/ 2386 for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE / 4; ++i) { /* populate the id with pseudorandom bytes.*/
2387 uint32_t t = rand(); 2387 uint32_t t = rand();
2388 memcpy(id + i * sizeof(t), &t, sizeof(t)); 2388 memcpy(id + i * sizeof(t), &t, sizeof(t));
2389 } 2389 }
@@ -2430,7 +2430,7 @@ static uint16_t list_nodes(Client_data *list, unsigned int length, Node_format *
2430 } 2430 }
2431 2431
2432 if (assoc != NULL) { 2432 if (assoc != NULL) {
2433 memcpy(nodes[count].public_key, list[i - 1].public_key, crypto_box_PUBLICKEYBYTES); 2433 memcpy(nodes[count].public_key, list[i - 1].public_key, CRYPTO_PUBLIC_KEY_SIZE);
2434 nodes[count].ip_port = assoc->ip_port; 2434 nodes[count].ip_port = assoc->ip_port;
2435 ++count; 2435 ++count;
2436 2436
@@ -2513,11 +2513,11 @@ static void do_hardening(DHT *dht)
2513 2513
2514 Node_format to_test; 2514 Node_format to_test;
2515 to_test.ip_port = cur_iptspng->ip_port; 2515 to_test.ip_port = cur_iptspng->ip_port;
2516 memcpy(to_test.public_key, public_key, crypto_box_PUBLICKEYBYTES); 2516 memcpy(to_test.public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
2517 2517
2518 // TODO(irungentoo): The search id should maybe not be ours? 2518 // TODO(irungentoo): The search id should maybe not be ours?
2519 if (send_hardening_getnode_req(dht, &rand_node, &to_test, dht->self_public_key) > 0) { 2519 if (send_hardening_getnode_req(dht, &rand_node, &to_test, dht->self_public_key) > 0) {
2520 memcpy(cur_iptspng->hardening.send_nodes_pingedid, rand_node.public_key, crypto_box_PUBLICKEYBYTES); 2520 memcpy(cur_iptspng->hardening.send_nodes_pingedid, rand_node.public_key, CRYPTO_PUBLIC_KEY_SIZE);
2521 cur_iptspng->hardening.send_nodes_timestamp = unix_time(); 2521 cur_iptspng->hardening.send_nodes_timestamp = unix_time();
2522 } 2522 }
2523 } 2523 }
@@ -2545,13 +2545,13 @@ static int cryptopacket_handle(void *object, IP_Port source, const uint8_t *pack
2545 DHT *dht = (DHT *)object; 2545 DHT *dht = (DHT *)object;
2546 2546
2547 if (packet[0] == NET_PACKET_CRYPTO) { 2547 if (packet[0] == NET_PACKET_CRYPTO) {
2548 if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || 2548 if (length <= CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1 + CRYPTO_MAC_SIZE ||
2549 length > MAX_CRYPTO_REQUEST_SIZE + crypto_box_MACBYTES) { 2549 length > MAX_CRYPTO_REQUEST_SIZE + CRYPTO_MAC_SIZE) {
2550 return 1; 2550 return 1;
2551 } 2551 }
2552 2552
2553 if (public_key_cmp(packet + 1, dht->self_public_key) == 0) { // Check if request is for us. 2553 if (public_key_cmp(packet + 1, dht->self_public_key) == 0) { // Check if request is for us.
2554 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 2554 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
2555 uint8_t data[MAX_CRYPTO_REQUEST_SIZE]; 2555 uint8_t data[MAX_CRYPTO_REQUEST_SIZE];
2556 uint8_t number; 2556 uint8_t number;
2557 int len = handle_request(dht->self_public_key, dht->self_secret_key, public_key, data, &number, packet, length); 2557 int len = handle_request(dht->self_public_key, dht->self_secret_key, public_key, data, &number, packet, length);
@@ -2615,15 +2615,15 @@ DHT *new_DHT(Logger *log, Networking_Core *net, bool holepunching_enabled)
2615 cryptopacket_registerhandler(dht, CRYPTO_PACKET_HARDENING, &handle_hardening, dht); 2615 cryptopacket_registerhandler(dht, CRYPTO_PACKET_HARDENING, &handle_hardening, dht);
2616 2616
2617 new_symmetric_key(dht->secret_symmetric_key); 2617 new_symmetric_key(dht->secret_symmetric_key);
2618 crypto_box_keypair(dht->self_public_key, dht->self_secret_key); 2618 crypto_new_keypair(dht->self_public_key, dht->self_secret_key);
2619 2619
2620 ping_array_init(&dht->dht_ping_array, DHT_PING_ARRAY_SIZE, PING_TIMEOUT); 2620 ping_array_init(&dht->dht_ping_array, DHT_PING_ARRAY_SIZE, PING_TIMEOUT);
2621 ping_array_init(&dht->dht_harden_ping_array, DHT_PING_ARRAY_SIZE, PING_TIMEOUT); 2621 ping_array_init(&dht->dht_harden_ping_array, DHT_PING_ARRAY_SIZE, PING_TIMEOUT);
2622 uint32_t i; 2622 uint32_t i;
2623 2623
2624 for (i = 0; i < DHT_FAKE_FRIEND_NUMBER; ++i) { 2624 for (i = 0; i < DHT_FAKE_FRIEND_NUMBER; ++i) {
2625 uint8_t random_key_bytes[crypto_box_PUBLICKEYBYTES]; 2625 uint8_t random_key_bytes[CRYPTO_PUBLIC_KEY_SIZE];
2626 randombytes(random_key_bytes, sizeof(random_key_bytes)); 2626 random_bytes(random_key_bytes, sizeof(random_key_bytes));
2627 2627
2628 if (DHT_addfriend(dht, random_key_bytes, 0, 0, 0, 0) != 0) { 2628 if (DHT_addfriend(dht, random_key_bytes, 0, 0, 0, 0) != 0) {
2629 kill_DHT(dht); 2629 kill_DHT(dht);
@@ -2730,13 +2730,13 @@ void DHT_save(DHT *dht, uint8_t *data)
2730 2730
2731 for (num = 0, i = 0; i < LCLIENT_LIST; ++i) { 2731 for (num = 0, i = 0; i < LCLIENT_LIST; ++i) {
2732 if (dht->close_clientlist[i].assoc4.timestamp != 0) { 2732 if (dht->close_clientlist[i].assoc4.timestamp != 0) {
2733 memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, crypto_box_PUBLICKEYBYTES); 2733 memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, CRYPTO_PUBLIC_KEY_SIZE);
2734 clients[num].ip_port = dht->close_clientlist[i].assoc4.ip_port; 2734 clients[num].ip_port = dht->close_clientlist[i].assoc4.ip_port;
2735 ++num; 2735 ++num;
2736 } 2736 }
2737 2737
2738 if (dht->close_clientlist[i].assoc6.timestamp != 0) { 2738 if (dht->close_clientlist[i].assoc6.timestamp != 0) {
2739 memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, crypto_box_PUBLICKEYBYTES); 2739 memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, CRYPTO_PUBLIC_KEY_SIZE);
2740 clients[num].ip_port = dht->close_clientlist[i].assoc6.ip_port; 2740 clients[num].ip_port = dht->close_clientlist[i].assoc6.ip_port;
2741 ++num; 2741 ++num;
2742 } 2742 }
@@ -2747,13 +2747,13 @@ void DHT_save(DHT *dht, uint8_t *data)
2747 2747
2748 for (j = 0; j < MAX_FRIEND_CLIENTS; ++j) { 2748 for (j = 0; j < MAX_FRIEND_CLIENTS; ++j) {
2749 if (fr->client_list[j].assoc4.timestamp != 0) { 2749 if (fr->client_list[j].assoc4.timestamp != 0) {
2750 memcpy(clients[num].public_key, fr->client_list[j].public_key, crypto_box_PUBLICKEYBYTES); 2750 memcpy(clients[num].public_key, fr->client_list[j].public_key, CRYPTO_PUBLIC_KEY_SIZE);
2751 clients[num].ip_port = fr->client_list[j].assoc4.ip_port; 2751 clients[num].ip_port = fr->client_list[j].assoc4.ip_port;
2752 ++num; 2752 ++num;
2753 } 2753 }
2754 2754
2755 if (fr->client_list[j].assoc6.timestamp != 0) { 2755 if (fr->client_list[j].assoc6.timestamp != 0) {
2756 memcpy(clients[num].public_key, fr->client_list[j].public_key, crypto_box_PUBLICKEYBYTES); 2756 memcpy(clients[num].public_key, fr->client_list[j].public_key, CRYPTO_PUBLIC_KEY_SIZE);
2757 clients[num].ip_port = fr->client_list[j].assoc6.ip_port; 2757 clients[num].ip_port = fr->client_list[j].assoc6.ip_port;
2758 ++num; 2758 ++num;
2759 } 2759 }
diff --git a/toxcore/DHT.h b/toxcore/DHT.h
index db05fecc..c9b859be 100644
--- a/toxcore/DHT.h
+++ b/toxcore/DHT.h
@@ -111,17 +111,17 @@ typedef struct {
111 uint8_t routes_requests_ok; 111 uint8_t routes_requests_ok;
112 /* Time which we last checked this.*/ 112 /* Time which we last checked this.*/
113 uint64_t routes_requests_timestamp; 113 uint64_t routes_requests_timestamp;
114 uint8_t routes_requests_pingedid[crypto_box_PUBLICKEYBYTES]; 114 uint8_t routes_requests_pingedid[CRYPTO_PUBLIC_KEY_SIZE];
115 /* Node sends correct send_node (true (1) or false/didn't check (0)) */ 115 /* Node sends correct send_node (true (1) or false/didn't check (0)) */
116 uint8_t send_nodes_ok; 116 uint8_t send_nodes_ok;
117 /* Time which we last checked this.*/ 117 /* Time which we last checked this.*/
118 uint64_t send_nodes_timestamp; 118 uint64_t send_nodes_timestamp;
119 uint8_t send_nodes_pingedid[crypto_box_PUBLICKEYBYTES]; 119 uint8_t send_nodes_pingedid[CRYPTO_PUBLIC_KEY_SIZE];
120 /* Node can be used to test other nodes (true (1) or false/didn't check (0)) */ 120 /* Node can be used to test other nodes (true (1) or false/didn't check (0)) */
121 uint8_t testing_requests; 121 uint8_t testing_requests;
122 /* Time which we last checked this.*/ 122 /* Time which we last checked this.*/
123 uint64_t testing_timestamp; 123 uint64_t testing_timestamp;
124 uint8_t testing_pingedid[crypto_box_PUBLICKEYBYTES]; 124 uint8_t testing_pingedid[CRYPTO_PUBLIC_KEY_SIZE];
125} Hardening; 125} Hardening;
126 126
127typedef struct { 127typedef struct {
@@ -136,7 +136,7 @@ typedef struct {
136} IPPTsPng; 136} IPPTsPng;
137 137
138typedef struct { 138typedef struct {
139 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 139 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
140 IPPTsPng assoc4; 140 IPPTsPng assoc4;
141 IPPTsPng assoc6; 141 IPPTsPng assoc6;
142} Client_data; 142} Client_data;
@@ -159,13 +159,13 @@ typedef struct {
159#define DHT_FRIEND_MAX_LOCKS 32 159#define DHT_FRIEND_MAX_LOCKS 32
160 160
161typedef struct { 161typedef struct {
162 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 162 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
163 IP_Port ip_port; 163 IP_Port ip_port;
164} 164}
165Node_format; 165Node_format;
166 166
167typedef struct { 167typedef struct {
168 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 168 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
169 Client_data client_list[MAX_FRIEND_CLIENTS]; 169 Client_data client_list[MAX_FRIEND_CLIENTS];
170 170
171 /* Time at which the last get_nodes request was sent. */ 171 /* Time at which the last get_nodes request was sent. */
@@ -216,8 +216,8 @@ int unpack_nodes(Node_format *nodes, uint16_t max_num_nodes, uint16_t *processed
216#define KEYS_TIMEOUT 600 216#define KEYS_TIMEOUT 600
217typedef struct { 217typedef struct {
218 struct { 218 struct {
219 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 219 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
220 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 220 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
221 uint32_t times_requested; 221 uint32_t times_requested;
222 uint8_t stored; /* 0 if not, 1 if is */ 222 uint8_t stored; /* 0 if not, 1 if is */
223 uint64_t time_last_requested; 223 uint64_t time_last_requested;
@@ -245,10 +245,10 @@ typedef struct {
245 uint32_t close_bootstrap_times; 245 uint32_t close_bootstrap_times;
246 246
247 /* Note: this key should not be/is not used to transmit any sensitive materials */ 247 /* Note: this key should not be/is not used to transmit any sensitive materials */
248 uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; 248 uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE];
249 /* DHT keypair */ 249 /* DHT keypair */
250 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 250 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
251 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 251 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
252 252
253 DHT_Friend *friends_list; 253 DHT_Friend *friends_list;
254 uint16_t num_friends; 254 uint16_t num_friends;
@@ -294,7 +294,7 @@ void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, const uint8_t *publi
294void DHT_getnodes(DHT *dht, const IP_Port *from_ipp, const uint8_t *from_id, const uint8_t *which_id); 294void DHT_getnodes(DHT *dht, const IP_Port *from_ipp, const uint8_t *from_id, const uint8_t *which_id);
295 295
296/* Add a new friend to the friends list. 296/* Add a new friend to the friends list.
297 * public_key must be crypto_box_PUBLICKEYBYTES bytes long. 297 * public_key must be CRYPTO_PUBLIC_KEY_SIZE bytes long.
298 * 298 *
299 * ip_callback is the callback of a function that will be called when the ip address 299 * ip_callback is the callback of a function that will be called when the ip address
300 * is found along with arguments data and number. 300 * is found along with arguments data and number.
@@ -309,7 +309,7 @@ int DHT_addfriend(DHT *dht, const uint8_t *public_key, void (*ip_callback)(void
309 void *data, int32_t number, uint16_t *lock_count); 309 void *data, int32_t number, uint16_t *lock_count);
310 310
311/* Delete a friend from the friends list. 311/* Delete a friend from the friends list.
312 * public_key must be crypto_box_PUBLICKEYBYTES bytes long. 312 * public_key must be CRYPTO_PUBLIC_KEY_SIZE bytes long.
313 * 313 *
314 * return 0 if success. 314 * return 0 if success.
315 * return -1 if failure (public_key not in friends list). 315 * return -1 if failure (public_key not in friends list).
@@ -317,7 +317,7 @@ int DHT_addfriend(DHT *dht, const uint8_t *public_key, void (*ip_callback)(void
317int DHT_delfriend(DHT *dht, const uint8_t *public_key, uint16_t lock_count); 317int DHT_delfriend(DHT *dht, const uint8_t *public_key, uint16_t lock_count);
318 318
319/* Get ip of friend. 319/* Get ip of friend.
320 * public_key must be crypto_box_PUBLICKEYBYTES bytes long. 320 * public_key must be CRYPTO_PUBLIC_KEY_SIZE bytes long.
321 * ip must be 4 bytes long. 321 * ip must be 4 bytes long.
322 * port must be 2 bytes long. 322 * port must be 2 bytes long.
323 * 323 *
diff --git a/toxcore/LAN_discovery.c b/toxcore/LAN_discovery.c
index 48e0e7bb..6778e932 100644
--- a/toxcore/LAN_discovery.c
+++ b/toxcore/LAN_discovery.c
@@ -329,7 +329,7 @@ static int handle_LANdiscovery(void *object, IP_Port source, const uint8_t *pack
329 return 1; 329 return 1;
330 } 330 }
331 331
332 if (length != crypto_box_PUBLICKEYBYTES + 1) { 332 if (length != CRYPTO_PUBLIC_KEY_SIZE + 1) {
333 return 1; 333 return 1;
334 } 334 }
335 335
@@ -340,11 +340,11 @@ static int handle_LANdiscovery(void *object, IP_Port source, const uint8_t *pack
340 340
341int send_LANdiscovery(uint16_t port, DHT *dht) 341int send_LANdiscovery(uint16_t port, DHT *dht)
342{ 342{
343 uint8_t data[crypto_box_PUBLICKEYBYTES + 1]; 343 uint8_t data[CRYPTO_PUBLIC_KEY_SIZE + 1];
344 data[0] = NET_PACKET_LAN_DISCOVERY; 344 data[0] = NET_PACKET_LAN_DISCOVERY;
345 id_copy(data + 1, dht->self_public_key); 345 id_copy(data + 1, dht->self_public_key);
346 346
347 send_broadcasts(dht->net, port, data, 1 + crypto_box_PUBLICKEYBYTES); 347 send_broadcasts(dht->net, port, data, 1 + CRYPTO_PUBLIC_KEY_SIZE);
348 348
349 int res = -1; 349 int res = -1;
350 IP_Port ip_port; 350 IP_Port ip_port;
@@ -355,7 +355,7 @@ int send_LANdiscovery(uint16_t port, DHT *dht)
355 ip_port.ip = broadcast_ip(AF_INET6, AF_INET6); 355 ip_port.ip = broadcast_ip(AF_INET6, AF_INET6);
356 356
357 if (ip_isset(&ip_port.ip)) { 357 if (ip_isset(&ip_port.ip)) {
358 if (sendpacket(dht->net, ip_port, data, 1 + crypto_box_PUBLICKEYBYTES) > 0) { 358 if (sendpacket(dht->net, ip_port, data, 1 + CRYPTO_PUBLIC_KEY_SIZE) > 0) {
359 res = 1; 359 res = 1;
360 } 360 }
361 } 361 }
@@ -365,7 +365,7 @@ int send_LANdiscovery(uint16_t port, DHT *dht)
365 ip_port.ip = broadcast_ip(dht->net->family, AF_INET); 365 ip_port.ip = broadcast_ip(dht->net->family, AF_INET);
366 366
367 if (ip_isset(&ip_port.ip)) { 367 if (ip_isset(&ip_port.ip)) {
368 if (sendpacket(dht->net, ip_port, data, 1 + crypto_box_PUBLICKEYBYTES)) { 368 if (sendpacket(dht->net, ip_port, data, 1 + CRYPTO_PUBLIC_KEY_SIZE)) {
369 res = 1; 369 res = 1;
370 } 370 }
371 } 371 }
diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c
index 8bd9cd0c..fa11704c 100644
--- a/toxcore/Messenger.c
+++ b/toxcore/Messenger.c
@@ -93,7 +93,7 @@ int32_t getfriend_id(const Messenger *m, const uint8_t *real_pk)
93} 93}
94 94
95/* Copies the public key associated to that friend id into real_pk buffer. 95/* Copies the public key associated to that friend id into real_pk buffer.
96 * Make sure that real_pk is of size crypto_box_PUBLICKEYBYTES. 96 * Make sure that real_pk is of size CRYPTO_PUBLIC_KEY_SIZE.
97 * 97 *
98 * return 0 if success. 98 * return 0 if success.
99 * return -1 if failure. 99 * return -1 if failure.
@@ -104,7 +104,7 @@ int get_real_pk(const Messenger *m, int32_t friendnumber, uint8_t *real_pk)
104 return -1; 104 return -1;
105 } 105 }
106 106
107 memcpy(real_pk, m->friendlist[friendnumber].real_pk, crypto_box_PUBLICKEYBYTES); 107 memcpy(real_pk, m->friendlist[friendnumber].real_pk, CRYPTO_PUBLIC_KEY_SIZE);
108 return 0; 108 return 0;
109} 109}
110 110
@@ -145,9 +145,9 @@ void getaddress(const Messenger *m, uint8_t *address)
145{ 145{
146 id_copy(address, m->net_crypto->self_public_key); 146 id_copy(address, m->net_crypto->self_public_key);
147 uint32_t nospam = get_nospam(&(m->fr)); 147 uint32_t nospam = get_nospam(&(m->fr));
148 memcpy(address + crypto_box_PUBLICKEYBYTES, &nospam, sizeof(nospam)); 148 memcpy(address + CRYPTO_PUBLIC_KEY_SIZE, &nospam, sizeof(nospam));
149 uint16_t checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); 149 uint16_t checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum));
150 memcpy(address + crypto_box_PUBLICKEYBYTES + sizeof(nospam), &checksum, sizeof(checksum)); 150 memcpy(address + CRYPTO_PUBLIC_KEY_SIZE + sizeof(nospam), &checksum, sizeof(checksum));
151} 151}
152 152
153static int send_online_packet(Messenger *m, int32_t friendnumber) 153static int send_online_packet(Messenger *m, int32_t friendnumber)
@@ -240,7 +240,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u
240 return FAERR_TOOLONG; 240 return FAERR_TOOLONG;
241 } 241 }
242 242
243 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 243 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
244 id_copy(real_pk, address); 244 id_copy(real_pk, address);
245 245
246 if (!public_key_valid(real_pk)) { 246 if (!public_key_valid(real_pk)) {
@@ -248,7 +248,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u
248 } 248 }
249 249
250 uint16_t check, checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); 250 uint16_t check, checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum));
251 memcpy(&check, address + crypto_box_PUBLICKEYBYTES + sizeof(uint32_t), sizeof(check)); 251 memcpy(&check, address + CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t), sizeof(check));
252 252
253 if (check != checksum) { 253 if (check != checksum) {
254 return FAERR_BADCHECKSUM; 254 return FAERR_BADCHECKSUM;
@@ -270,7 +270,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u
270 } 270 }
271 271
272 uint32_t nospam; 272 uint32_t nospam;
273 memcpy(&nospam, address + crypto_box_PUBLICKEYBYTES, sizeof(nospam)); 273 memcpy(&nospam, address + CRYPTO_PUBLIC_KEY_SIZE, sizeof(nospam));
274 274
275 if (m->friendlist[friend_id].friendrequest_nospam == nospam) { 275 if (m->friendlist[friend_id].friendrequest_nospam == nospam) {
276 return FAERR_ALREADYSENT; 276 return FAERR_ALREADYSENT;
@@ -289,7 +289,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u
289 m->friendlist[ret].friendrequest_timeout = FRIENDREQUEST_TIMEOUT; 289 m->friendlist[ret].friendrequest_timeout = FRIENDREQUEST_TIMEOUT;
290 memcpy(m->friendlist[ret].info, data, length); 290 memcpy(m->friendlist[ret].info, data, length);
291 m->friendlist[ret].info_size = length; 291 m->friendlist[ret].info_size = length;
292 memcpy(&(m->friendlist[ret].friendrequest_nospam), address + crypto_box_PUBLICKEYBYTES, sizeof(uint32_t)); 292 memcpy(&(m->friendlist[ret].friendrequest_nospam), address + CRYPTO_PUBLIC_KEY_SIZE, sizeof(uint32_t));
293 293
294 return ret; 294 return ret;
295} 295}
@@ -2440,16 +2440,16 @@ static void connection_status_cb(Messenger *m, void *userdata)
2440 2440
2441#define DUMPING_CLIENTS_FRIENDS_EVERY_N_SECONDS 60UL 2441#define DUMPING_CLIENTS_FRIENDS_EVERY_N_SECONDS 60UL
2442static time_t lastdump = 0; 2442static time_t lastdump = 0;
2443static char IDString[crypto_box_PUBLICKEYBYTES * 2 + 1]; 2443static char IDString[CRYPTO_PUBLIC_KEY_SIZE * 2 + 1];
2444static char *ID2String(const uint8_t *pk) 2444static char *ID2String(const uint8_t *pk)
2445{ 2445{
2446 uint32_t i; 2446 uint32_t i;
2447 2447
2448 for (i = 0; i < crypto_box_PUBLICKEYBYTES; i++) { 2448 for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; i++) {
2449 sprintf(&IDString[i * 2], "%02X", pk[i]); 2449 sprintf(&IDString[i * 2], "%02X", pk[i]);
2450 } 2450 }
2451 2451
2452 IDString[crypto_box_PUBLICKEYBYTES * 2] = 0; 2452 IDString[CRYPTO_PUBLIC_KEY_SIZE * 2] = 0;
2453 return IDString; 2453 return IDString;
2454} 2454}
2455 2455
@@ -2636,7 +2636,7 @@ void do_messenger(Messenger *m, void *userdata)
2636 2636
2637struct SAVED_FRIEND { 2637struct SAVED_FRIEND {
2638 uint8_t status; 2638 uint8_t status;
2639 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 2639 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
2640 uint8_t info[SAVED_FRIEND_REQUEST_SIZE]; // the data that is sent during the friend requests we do. 2640 uint8_t info[SAVED_FRIEND_REQUEST_SIZE]; // the data that is sent during the friend requests we do.
2641 uint16_t info_size; // Length of the info. 2641 uint16_t info_size; // Length of the info.
2642 uint8_t name[MAX_NAME_LENGTH]; 2642 uint8_t name[MAX_NAME_LENGTH];
@@ -2725,7 +2725,7 @@ static uint32_t friends_list_save(const Messenger *m, uint8_t *data)
2725 if (m->friendlist[i].status > 0) { 2725 if (m->friendlist[i].status > 0) {
2726 struct SAVED_FRIEND temp = { 0 }; 2726 struct SAVED_FRIEND temp = { 0 };
2727 temp.status = m->friendlist[i].status; 2727 temp.status = m->friendlist[i].status;
2728 memcpy(temp.real_pk, m->friendlist[i].real_pk, crypto_box_PUBLICKEYBYTES); 2728 memcpy(temp.real_pk, m->friendlist[i].real_pk, CRYPTO_PUBLIC_KEY_SIZE);
2729 2729
2730 if (temp.status < 3) { 2730 if (temp.status < 3) {
2731 const size_t friendrequest_length = 2731 const size_t friendrequest_length =
@@ -2837,9 +2837,9 @@ static int friends_list_load(Messenger *m, const uint8_t *data, uint32_t length)
2837 /* TODO(irungentoo): This is not a good way to do this. */ 2837 /* TODO(irungentoo): This is not a good way to do this. */
2838 uint8_t address[FRIEND_ADDRESS_SIZE]; 2838 uint8_t address[FRIEND_ADDRESS_SIZE];
2839 id_copy(address, temp.real_pk); 2839 id_copy(address, temp.real_pk);
2840 memcpy(address + crypto_box_PUBLICKEYBYTES, &(temp.friendrequest_nospam), sizeof(uint32_t)); 2840 memcpy(address + CRYPTO_PUBLIC_KEY_SIZE, &(temp.friendrequest_nospam), sizeof(uint32_t));
2841 uint16_t checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); 2841 uint16_t checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum));
2842 memcpy(address + crypto_box_PUBLICKEYBYTES + sizeof(uint32_t), &checksum, sizeof(checksum)); 2842 memcpy(address + CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t), &checksum, sizeof(checksum));
2843 m_addfriend(m, address, temp.info, ntohs(temp.info_size)); 2843 m_addfriend(m, address, temp.info, ntohs(temp.info_size));
2844 } 2844 }
2845 } 2845 }
@@ -2852,7 +2852,7 @@ uint32_t messenger_size(const Messenger *m)
2852{ 2852{
2853 uint32_t size32 = sizeof(uint32_t), sizesubhead = size32 * 2; 2853 uint32_t size32 = sizeof(uint32_t), sizesubhead = size32 * 2;
2854 return size32 * 2 // global cookie 2854 return size32 * 2 // global cookie
2855 + sizesubhead + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES 2855 + sizesubhead + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE
2856 + sizesubhead + DHT_size(m->dht) // DHT 2856 + sizesubhead + DHT_size(m->dht) // DHT
2857 + sizesubhead + saved_friendslist_size(m) // Friendlist itself. 2857 + sizesubhead + saved_friendslist_size(m) // Friendlist itself.
2858 + sizesubhead + m->name_length // Own nickname. 2858 + sizesubhead + m->name_length // Own nickname.
@@ -2889,7 +2889,7 @@ void messenger_save(const Messenger *m, uint8_t *data)
2889#ifdef TOX_DEBUG 2889#ifdef TOX_DEBUG
2890 assert(sizeof(get_nospam(&(m->fr))) == sizeof(uint32_t)); 2890 assert(sizeof(get_nospam(&(m->fr))) == sizeof(uint32_t));
2891#endif 2891#endif
2892 len = size32 + crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES; 2892 len = size32 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE;
2893 type = MESSENGER_STATE_TYPE_NOSPAMKEYS; 2893 type = MESSENGER_STATE_TYPE_NOSPAMKEYS;
2894 data = z_state_save_subheader(data, len, type); 2894 data = z_state_save_subheader(data, len, type);
2895 *(uint32_t *)data = get_nospam(&(m->fr)); 2895 *(uint32_t *)data = get_nospam(&(m->fr));
@@ -2962,9 +2962,9 @@ static int messenger_load_state_callback(void *outer, const uint8_t *data, uint3
2962 2962
2963 switch (type) { 2963 switch (type) {
2964 case MESSENGER_STATE_TYPE_NOSPAMKEYS: 2964 case MESSENGER_STATE_TYPE_NOSPAMKEYS:
2965 if (length == crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES + sizeof(uint32_t)) { 2965 if (length == CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE + sizeof(uint32_t)) {
2966 set_nospam(&(m->fr), *(const uint32_t *)data); 2966 set_nospam(&(m->fr), *(const uint32_t *)data);
2967 load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + crypto_box_PUBLICKEYBYTES); 2967 load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + CRYPTO_PUBLIC_KEY_SIZE);
2968 2968
2969 if (public_key_cmp((&data[sizeof(uint32_t)]), m->net_crypto->self_public_key) != 0) { 2969 if (public_key_cmp((&data[sizeof(uint32_t)]), m->net_crypto->self_public_key) != 0) {
2970 return -1; 2970 return -1;
diff --git a/toxcore/Messenger.h b/toxcore/Messenger.h
index bd66739b..16220ebe 100644
--- a/toxcore/Messenger.h
+++ b/toxcore/Messenger.h
@@ -39,7 +39,7 @@
39#define MAX_CONCURRENT_FILE_PIPES 256 39#define MAX_CONCURRENT_FILE_PIPES 256
40 40
41 41
42#define FRIEND_ADDRESS_SIZE (crypto_box_PUBLICKEYBYTES + sizeof(uint32_t) + sizeof(uint16_t)) 42#define FRIEND_ADDRESS_SIZE (CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t) + sizeof(uint16_t))
43 43
44enum { 44enum {
45 MESSAGE_NORMAL, 45 MESSAGE_NORMAL,
@@ -179,7 +179,7 @@ enum {
179typedef struct Messenger Messenger; 179typedef struct Messenger Messenger;
180 180
181typedef struct { 181typedef struct {
182 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 182 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
183 int friendcon_id; 183 int friendcon_id;
184 184
185 uint64_t friendrequest_lastsent; // Time at which the last friend request was sent. 185 uint64_t friendrequest_lastsent; // Time at which the last friend request was sent.
@@ -316,7 +316,7 @@ int32_t m_addfriend_norequest(Messenger *m, const uint8_t *real_pk);
316int32_t getfriend_id(const Messenger *m, const uint8_t *real_pk); 316int32_t getfriend_id(const Messenger *m, const uint8_t *real_pk);
317 317
318/* Copies the public key associated to that friend id into real_pk buffer. 318/* Copies the public key associated to that friend id into real_pk buffer.
319 * Make sure that real_pk is of size crypto_box_PUBLICKEYBYTES. 319 * Make sure that real_pk is of size CRYPTO_PUBLIC_KEY_SIZE.
320 * 320 *
321 * return 0 if success 321 * return 0 if success
322 * return -1 if failure 322 * return -1 if failure
diff --git a/toxcore/TCP_client.c b/toxcore/TCP_client.c
index 372f034e..14e75845 100644
--- a/toxcore/TCP_client.c
+++ b/toxcore/TCP_client.c
@@ -223,20 +223,20 @@ static int proxy_socks5_read_connection_response(TCP_Client_Connection *TCP_conn
223 */ 223 */
224static int generate_handshake(TCP_Client_Connection *TCP_conn) 224static int generate_handshake(TCP_Client_Connection *TCP_conn)
225{ 225{
226 uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES]; 226 uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE];
227 crypto_box_keypair(plain, TCP_conn->temp_secret_key); 227 crypto_new_keypair(plain, TCP_conn->temp_secret_key);
228 random_nonce(TCP_conn->sent_nonce); 228 random_nonce(TCP_conn->sent_nonce);
229 memcpy(plain + crypto_box_PUBLICKEYBYTES, TCP_conn->sent_nonce, crypto_box_NONCEBYTES); 229 memcpy(plain + CRYPTO_PUBLIC_KEY_SIZE, TCP_conn->sent_nonce, CRYPTO_NONCE_SIZE);
230 memcpy(TCP_conn->last_packet, TCP_conn->self_public_key, crypto_box_PUBLICKEYBYTES); 230 memcpy(TCP_conn->last_packet, TCP_conn->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
231 random_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES); 231 random_nonce(TCP_conn->last_packet + CRYPTO_PUBLIC_KEY_SIZE);
232 int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain, 232 int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + CRYPTO_PUBLIC_KEY_SIZE, plain,
233 sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); 233 sizeof(plain), TCP_conn->last_packet + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);
234 234
235 if (len != sizeof(plain) + crypto_box_MACBYTES) { 235 if (len != sizeof(plain) + CRYPTO_MAC_SIZE) {
236 return -1; 236 return -1;
237 } 237 }
238 238
239 TCP_conn->last_packet_length = crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES; 239 TCP_conn->last_packet_length = CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE;
240 TCP_conn->last_packet_sent = 0; 240 TCP_conn->last_packet_sent = 0;
241 return 0; 241 return 0;
242} 242}
@@ -248,17 +248,17 @@ static int generate_handshake(TCP_Client_Connection *TCP_conn)
248 */ 248 */
249static int handle_handshake(TCP_Client_Connection *TCP_conn, const uint8_t *data) 249static int handle_handshake(TCP_Client_Connection *TCP_conn, const uint8_t *data)
250{ 250{
251 uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES]; 251 uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE];
252 int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + crypto_box_NONCEBYTES, 252 int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + CRYPTO_NONCE_SIZE,
253 TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, plain); 253 TCP_SERVER_HANDSHAKE_SIZE - CRYPTO_NONCE_SIZE, plain);
254 254
255 if (len != sizeof(plain)) { 255 if (len != sizeof(plain)) {
256 return -1; 256 return -1;
257 } 257 }
258 258
259 memcpy(TCP_conn->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES); 259 memcpy(TCP_conn->recv_nonce, plain + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_NONCE_SIZE);
260 encrypt_precompute(plain, TCP_conn->temp_secret_key, TCP_conn->shared_key); 260 encrypt_precompute(plain, TCP_conn->temp_secret_key, TCP_conn->shared_key);
261 sodium_memzero(TCP_conn->temp_secret_key, crypto_box_SECRETKEYBYTES); 261 crypto_memzero(TCP_conn->temp_secret_key, CRYPTO_SECRET_KEY_SIZE);
262 return 0; 262 return 0;
263} 263}
264 264
@@ -372,7 +372,7 @@ static void wipe_priority_list(TCP_Client_Connection *con)
372static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, const uint8_t *data, uint16_t length, 372static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, const uint8_t *data, uint16_t length,
373 bool priority) 373 bool priority)
374{ 374{
375 if (length + crypto_box_MACBYTES > MAX_PACKET_SIZE) { 375 if (length + CRYPTO_MAC_SIZE > MAX_PACKET_SIZE) {
376 return -1; 376 return -1;
377 } 377 }
378 378
@@ -386,9 +386,9 @@ static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, const
386 } 386 }
387 } 387 }
388 388
389 uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES]; 389 uint8_t packet[sizeof(uint16_t) + length + CRYPTO_MAC_SIZE];
390 390
391 uint16_t c_length = htons(length + crypto_box_MACBYTES); 391 uint16_t c_length = htons(length + CRYPTO_MAC_SIZE);
392 memcpy(packet, &c_length, sizeof(uint16_t)); 392 memcpy(packet, &c_length, sizeof(uint16_t));
393 int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t)); 393 int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
394 394
@@ -436,9 +436,9 @@ static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, const
436 */ 436 */
437int send_routing_request(TCP_Client_Connection *con, uint8_t *public_key) 437int send_routing_request(TCP_Client_Connection *con, uint8_t *public_key)
438{ 438{
439 uint8_t packet[1 + crypto_box_PUBLICKEYBYTES]; 439 uint8_t packet[1 + CRYPTO_PUBLIC_KEY_SIZE];
440 packet[0] = TCP_PACKET_ROUTING_REQUEST; 440 packet[0] = TCP_PACKET_ROUTING_REQUEST;
441 memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); 441 memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE);
442 return write_packet_TCP_secure_connection(con, packet, sizeof(packet), 1); 442 return write_packet_TCP_secure_connection(con, packet, sizeof(packet), 1);
443} 443}
444 444
@@ -493,10 +493,10 @@ int send_oob_packet(TCP_Client_Connection *con, const uint8_t *public_key, const
493 return -1; 493 return -1;
494 } 494 }
495 495
496 uint8_t packet[1 + crypto_box_PUBLICKEYBYTES + length]; 496 uint8_t packet[1 + CRYPTO_PUBLIC_KEY_SIZE + length];
497 packet[0] = TCP_PACKET_OOB_SEND; 497 packet[0] = TCP_PACKET_OOB_SEND;
498 memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); 498 memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE);
499 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, data, length); 499 memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, data, length);
500 return write_packet_TCP_secure_connection(con, packet, sizeof(packet), 0); 500 return write_packet_TCP_secure_connection(con, packet, sizeof(packet), 0);
501} 501}
502 502
@@ -676,8 +676,8 @@ TCP_Client_Connection *new_TCP_connection(IP_Port ip_port, const uint8_t *public
676 } 676 }
677 677
678 temp->sock = sock; 678 temp->sock = sock;
679 memcpy(temp->public_key, public_key, crypto_box_PUBLICKEYBYTES); 679 memcpy(temp->public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
680 memcpy(temp->self_public_key, self_public_key, crypto_box_PUBLICKEYBYTES); 680 memcpy(temp->self_public_key, self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
681 encrypt_precompute(temp->public_key, self_secret_key, temp->shared_key); 681 encrypt_precompute(temp->public_key, self_secret_key, temp->shared_key);
682 temp->ip_port = ip_port; 682 temp->ip_port = ip_port;
683 temp->proxy_info = *proxy_info; 683 temp->proxy_info = *proxy_info;
@@ -721,7 +721,7 @@ static int handle_TCP_packet(TCP_Client_Connection *conn, const uint8_t *data, u
721 721
722 switch (data[0]) { 722 switch (data[0]) {
723 case TCP_PACKET_ROUTING_RESPONSE: { 723 case TCP_PACKET_ROUTING_RESPONSE: {
724 if (length != 1 + 1 + crypto_box_PUBLICKEYBYTES) { 724 if (length != 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE) {
725 return -1; 725 return -1;
726 } 726 }
727 727
@@ -737,7 +737,7 @@ static int handle_TCP_packet(TCP_Client_Connection *conn, const uint8_t *data, u
737 737
738 conn->connections[con_id].status = 1; 738 conn->connections[con_id].status = 1;
739 conn->connections[con_id].number = ~0; 739 conn->connections[con_id].number = ~0;
740 memcpy(conn->connections[con_id].public_key, data + 2, crypto_box_PUBLICKEYBYTES); 740 memcpy(conn->connections[con_id].public_key, data + 2, CRYPTO_PUBLIC_KEY_SIZE);
741 741
742 if (conn->response_callback) { 742 if (conn->response_callback) {
743 conn->response_callback(conn->response_callback_object, con_id, conn->connections[con_id].public_key); 743 conn->response_callback(conn->response_callback_object, con_id, conn->connections[con_id].public_key);
@@ -832,13 +832,13 @@ static int handle_TCP_packet(TCP_Client_Connection *conn, const uint8_t *data, u
832 } 832 }
833 833
834 case TCP_PACKET_OOB_RECV: { 834 case TCP_PACKET_OOB_RECV: {
835 if (length <= 1 + crypto_box_PUBLICKEYBYTES) { 835 if (length <= 1 + CRYPTO_PUBLIC_KEY_SIZE) {
836 return -1; 836 return -1;
837 } 837 }
838 838
839 if (conn->oob_data_callback) { 839 if (conn->oob_data_callback) {
840 conn->oob_data_callback(conn->oob_data_callback_object, data + 1, data + 1 + crypto_box_PUBLICKEYBYTES, 840 conn->oob_data_callback(conn->oob_data_callback_object, data + 1, data + 1 + CRYPTO_PUBLIC_KEY_SIZE,
841 length - (1 + crypto_box_PUBLICKEYBYTES), userdata); 841 length - (1 + CRYPTO_PUBLIC_KEY_SIZE), userdata);
842 } 842 }
843 843
844 return 0; 844 return 0;
@@ -1006,6 +1006,6 @@ void kill_TCP_connection(TCP_Client_Connection *TCP_connection)
1006 1006
1007 wipe_priority_list(TCP_connection); 1007 wipe_priority_list(TCP_connection);
1008 kill_sock(TCP_connection->sock); 1008 kill_sock(TCP_connection->sock);
1009 sodium_memzero(TCP_connection, sizeof(TCP_Client_Connection)); 1009 crypto_memzero(TCP_connection, sizeof(TCP_Client_Connection));
1010 free(TCP_connection); 1010 free(TCP_connection);
1011} 1011}
diff --git a/toxcore/TCP_client.h b/toxcore/TCP_client.h
index 44049698..5b29f1db 100644
--- a/toxcore/TCP_client.h
+++ b/toxcore/TCP_client.h
@@ -53,16 +53,16 @@ enum {
53typedef struct { 53typedef struct {
54 uint8_t status; 54 uint8_t status;
55 sock_t sock; 55 sock_t sock;
56 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; /* our public key */ 56 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* our public key */
57 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* public key of the server */ 57 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* public key of the server */
58 IP_Port ip_port; /* The ip and port of the server */ 58 IP_Port ip_port; /* The ip and port of the server */
59 TCP_Proxy_Info proxy_info; 59 TCP_Proxy_Info proxy_info;
60 uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ 60 uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */
61 uint8_t sent_nonce[crypto_box_NONCEBYTES]; /* Nonce of sent packets. */ 61 uint8_t sent_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of sent packets. */
62 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 62 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
63 uint16_t next_packet_length; 63 uint16_t next_packet_length;
64 64
65 uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; 65 uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE];
66 66
67 uint8_t last_packet[2 + MAX_PACKET_SIZE]; 67 uint8_t last_packet[2 + MAX_PACKET_SIZE];
68 uint16_t last_packet_length; 68 uint16_t last_packet_length;
@@ -80,7 +80,7 @@ typedef struct {
80 80
81 struct { 81 struct {
82 uint8_t status; /* 0 if not used, 1 if other is offline, 2 if other is online. */ 82 uint8_t status; /* 0 if not used, 1 if other is offline, 2 if other is online. */
83 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 83 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
84 uint32_t number; 84 uint32_t number;
85 } connections[NUM_CLIENT_CONNECTIONS]; 85 } connections[NUM_CLIENT_CONNECTIONS];
86 int (*response_callback)(void *object, uint8_t connection_id, const uint8_t *public_key); 86 int (*response_callback)(void *object, uint8_t connection_id, const uint8_t *public_key);
diff --git a/toxcore/TCP_connection.c b/toxcore/TCP_connection.c
index 234a8d79..e8f51273 100644
--- a/toxcore/TCP_connection.c
+++ b/toxcore/TCP_connection.c
@@ -33,8 +33,8 @@
33struct TCP_Connections { 33struct TCP_Connections {
34 DHT *dht; 34 DHT *dht;
35 35
36 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 36 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
37 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 37 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
38 38
39 TCP_Connection_to *connections; 39 TCP_Connection_to *connections;
40 uint32_t connections_length; /* Length of connections array. */ 40 uint32_t connections_length; /* Length of connections array. */
@@ -509,7 +509,7 @@ int new_tcp_connection_to(TCP_Connections *tcp_c, const uint8_t *public_key, int
509 TCP_Connection_to *con_to = &tcp_c->connections[connections_number]; 509 TCP_Connection_to *con_to = &tcp_c->connections[connections_number];
510 510
511 con_to->status = TCP_CONN_VALID; 511 con_to->status = TCP_CONN_VALID;
512 memcpy(con_to->public_key, public_key, crypto_box_PUBLICKEYBYTES); 512 memcpy(con_to->public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
513 con_to->id = id; 513 con_to->id = id;
514 514
515 return connections_number; 515 return connections_number;
@@ -767,8 +767,8 @@ static int reconnect_tcp_relay_connection(TCP_Connections *tcp_c, int tcp_connec
767 } 767 }
768 768
769 IP_Port ip_port = tcp_con->connection->ip_port; 769 IP_Port ip_port = tcp_con->connection->ip_port;
770 uint8_t relay_pk[crypto_box_PUBLICKEYBYTES]; 770 uint8_t relay_pk[CRYPTO_PUBLIC_KEY_SIZE];
771 memcpy(relay_pk, tcp_con->connection->public_key, crypto_box_PUBLICKEYBYTES); 771 memcpy(relay_pk, tcp_con->connection->public_key, CRYPTO_PUBLIC_KEY_SIZE);
772 kill_TCP_connection(tcp_con->connection); 772 kill_TCP_connection(tcp_con->connection);
773 tcp_con->connection = new_TCP_connection(ip_port, relay_pk, tcp_c->self_public_key, tcp_c->self_secret_key, 773 tcp_con->connection = new_TCP_connection(ip_port, relay_pk, tcp_c->self_public_key, tcp_c->self_secret_key,
774 &tcp_c->proxy_info); 774 &tcp_c->proxy_info);
@@ -819,7 +819,7 @@ static int sleep_tcp_relay_connection(TCP_Connections *tcp_c, int tcp_connection
819 } 819 }
820 820
821 tcp_con->ip_port = tcp_con->connection->ip_port; 821 tcp_con->ip_port = tcp_con->connection->ip_port;
822 memcpy(tcp_con->relay_pk, tcp_con->connection->public_key, crypto_box_PUBLICKEYBYTES); 822 memcpy(tcp_con->relay_pk, tcp_con->connection->public_key, CRYPTO_PUBLIC_KEY_SIZE);
823 823
824 kill_TCP_connection(tcp_con->connection); 824 kill_TCP_connection(tcp_con->connection);
825 tcp_con->connection = NULL; 825 tcp_con->connection = NULL;
@@ -1271,7 +1271,7 @@ unsigned int tcp_copy_connected_relays(TCP_Connections *tcp_c, Node_format *tcp_
1271 } 1271 }
1272 1272
1273 if (tcp_con->status == TCP_CONN_CONNECTED) { 1273 if (tcp_con->status == TCP_CONN_CONNECTED) {
1274 memcpy(tcp_relays[copied].public_key, tcp_con->connection->public_key, crypto_box_PUBLICKEYBYTES); 1274 memcpy(tcp_relays[copied].public_key, tcp_con->connection->public_key, CRYPTO_PUBLIC_KEY_SIZE);
1275 tcp_relays[copied].ip_port = tcp_con->connection->ip_port; 1275 tcp_relays[copied].ip_port = tcp_con->connection->ip_port;
1276 1276
1277 if (tcp_relays[copied].ip_port.ip.family == AF_INET) { 1277 if (tcp_relays[copied].ip_port.ip.family == AF_INET) {
@@ -1376,8 +1376,8 @@ TCP_Connections *new_tcp_connections(const uint8_t *secret_key, TCP_Proxy_Info *
1376 return NULL; 1376 return NULL;
1377 } 1377 }
1378 1378
1379 memcpy(temp->self_secret_key, secret_key, crypto_box_SECRETKEYBYTES); 1379 memcpy(temp->self_secret_key, secret_key, CRYPTO_SECRET_KEY_SIZE);
1380 crypto_scalarmult_curve25519_base(temp->self_public_key, temp->self_secret_key); 1380 crypto_derive_public_key(temp->self_public_key, temp->self_secret_key);
1381 temp->proxy_info = *proxy_info; 1381 temp->proxy_info = *proxy_info;
1382 1382
1383 return temp; 1383 return temp;
diff --git a/toxcore/TCP_connection.h b/toxcore/TCP_connection.h
index e87196f0..0532c36f 100644
--- a/toxcore/TCP_connection.h
+++ b/toxcore/TCP_connection.h
@@ -53,7 +53,7 @@
53 53
54typedef struct { 54typedef struct {
55 uint8_t status; 55 uint8_t status;
56 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The dht public key of the peer */ 56 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer */
57 57
58 struct { 58 struct {
59 uint32_t tcp_connection; 59 uint32_t tcp_connection;
@@ -74,7 +74,7 @@ typedef struct {
74 74
75 /* Only used when connection is sleeping. */ 75 /* Only used when connection is sleeping. */
76 IP_Port ip_port; 76 IP_Port ip_port;
77 uint8_t relay_pk[crypto_box_PUBLICKEYBYTES]; 77 uint8_t relay_pk[CRYPTO_PUBLIC_KEY_SIZE];
78 bool unsleep; /* set to 1 to unsleep connection. */ 78 bool unsleep; /* set to 1 to unsleep connection. */
79} TCP_con; 79} TCP_con;
80 80
diff --git a/toxcore/TCP_server.c b/toxcore/TCP_server.c
index 63c1577d..0e2d0085 100644
--- a/toxcore/TCP_server.c
+++ b/toxcore/TCP_server.c
@@ -42,8 +42,8 @@ struct TCP_Server {
42 sock_t *socks_listening; 42 sock_t *socks_listening;
43 unsigned int num_listening_socks; 43 unsigned int num_listening_socks;
44 44
45 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 45 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
46 uint8_t secret_key[crypto_box_SECRETKEYBYTES]; 46 uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE];
47 TCP_Secure_Connection incomming_connection_queue[MAX_INCOMMING_CONNECTIONS]; 47 TCP_Secure_Connection incomming_connection_queue[MAX_INCOMMING_CONNECTIONS];
48 uint16_t incomming_connection_queue_index; 48 uint16_t incomming_connection_queue_index;
49 TCP_Secure_Connection unconfirmed_connection_queue[MAX_INCOMMING_CONNECTIONS]; 49 TCP_Secure_Connection unconfirmed_connection_queue[MAX_INCOMMING_CONNECTIONS];
@@ -212,7 +212,7 @@ static int del_accepted(TCP_Server *TCP_server, int index)
212 return -1; 212 return -1;
213 } 213 }
214 214
215 sodium_memzero(&TCP_server->accepted_connection_array[index], sizeof(TCP_Secure_Connection)); 215 crypto_memzero(&TCP_server->accepted_connection_array[index], sizeof(TCP_Secure_Connection));
216 --TCP_server->num_accepted_connections; 216 --TCP_server->num_accepted_connections;
217 217
218 if (TCP_server->num_accepted_connections == 0) { 218 if (TCP_server->num_accepted_connections == 0) {
@@ -314,7 +314,7 @@ int read_packet_TCP_secure_connection(sock_t sock, uint16_t *next_packet_length,
314 *next_packet_length = len; 314 *next_packet_length = len;
315 } 315 }
316 316
317 if (max_len + crypto_box_MACBYTES < *next_packet_length) { 317 if (max_len + CRYPTO_MAC_SIZE < *next_packet_length) {
318 return -1; 318 return -1;
319 } 319 }
320 320
@@ -329,7 +329,7 @@ int read_packet_TCP_secure_connection(sock_t sock, uint16_t *next_packet_length,
329 329
330 int len = decrypt_data_symmetric(shared_key, recv_nonce, data_encrypted, len_packet, data); 330 int len = decrypt_data_symmetric(shared_key, recv_nonce, data_encrypted, len_packet, data);
331 331
332 if (len + crypto_box_MACBYTES != len_packet) { 332 if (len + CRYPTO_MAC_SIZE != len_packet) {
333 return -1; 333 return -1;
334 } 334 }
335 335
@@ -437,7 +437,7 @@ static bool add_priority(TCP_Secure_Connection *con, const uint8_t *packet, uint
437static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const uint8_t *data, uint16_t length, 437static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const uint8_t *data, uint16_t length,
438 bool priority) 438 bool priority)
439{ 439{
440 if (length + crypto_box_MACBYTES > MAX_PACKET_SIZE) { 440 if (length + CRYPTO_MAC_SIZE > MAX_PACKET_SIZE) {
441 return -1; 441 return -1;
442 } 442 }
443 443
@@ -451,9 +451,9 @@ static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const
451 } 451 }
452 } 452 }
453 453
454 uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES]; 454 uint8_t packet[sizeof(uint16_t) + length + CRYPTO_MAC_SIZE];
455 455
456 uint16_t c_length = htons(length + crypto_box_MACBYTES); 456 uint16_t c_length = htons(length + CRYPTO_MAC_SIZE);
457 memcpy(packet, &c_length, sizeof(uint16_t)); 457 memcpy(packet, &c_length, sizeof(uint16_t));
458 int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t)); 458 int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
459 459
@@ -500,7 +500,7 @@ static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const
500static void kill_TCP_connection(TCP_Secure_Connection *con) 500static void kill_TCP_connection(TCP_Secure_Connection *con)
501{ 501{
502 kill_sock(con->sock); 502 kill_sock(con->sock);
503 sodium_memzero(con, sizeof(TCP_Secure_Connection)); 503 crypto_memzero(con, sizeof(TCP_Secure_Connection));
504} 504}
505 505
506static int rm_connection_index(TCP_Server *TCP_server, TCP_Secure_Connection *con, uint8_t con_number); 506static int rm_connection_index(TCP_Server *TCP_server, TCP_Secure_Connection *con, uint8_t con_number);
@@ -546,31 +546,31 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, const uint8_t *data,
546 return -1; 546 return -1;
547 } 547 }
548 548
549 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 549 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
550 encrypt_precompute(data, self_secret_key, shared_key); 550 encrypt_precompute(data, self_secret_key, shared_key);
551 uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE]; 551 uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE];
552 int len = decrypt_data_symmetric(shared_key, data + crypto_box_PUBLICKEYBYTES, 552 int len = decrypt_data_symmetric(shared_key, data + CRYPTO_PUBLIC_KEY_SIZE,
553 data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain); 553 data + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, TCP_HANDSHAKE_PLAIN_SIZE + CRYPTO_MAC_SIZE, plain);
554 554
555 if (len != TCP_HANDSHAKE_PLAIN_SIZE) { 555 if (len != TCP_HANDSHAKE_PLAIN_SIZE) {
556 return -1; 556 return -1;
557 } 557 }
558 558
559 memcpy(con->public_key, data, crypto_box_PUBLICKEYBYTES); 559 memcpy(con->public_key, data, CRYPTO_PUBLIC_KEY_SIZE);
560 uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; 560 uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE];
561 uint8_t resp_plain[TCP_HANDSHAKE_PLAIN_SIZE]; 561 uint8_t resp_plain[TCP_HANDSHAKE_PLAIN_SIZE];
562 crypto_box_keypair(resp_plain, temp_secret_key); 562 crypto_new_keypair(resp_plain, temp_secret_key);
563 random_nonce(con->sent_nonce); 563 random_nonce(con->sent_nonce);
564 memcpy(resp_plain + crypto_box_PUBLICKEYBYTES, con->sent_nonce, crypto_box_NONCEBYTES); 564 memcpy(resp_plain + CRYPTO_PUBLIC_KEY_SIZE, con->sent_nonce, CRYPTO_NONCE_SIZE);
565 memcpy(con->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES); 565 memcpy(con->recv_nonce, plain + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_NONCE_SIZE);
566 566
567 uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; 567 uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
568 random_nonce(response); 568 random_nonce(response);
569 569
570 len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, 570 len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE,
571 response + crypto_box_NONCEBYTES); 571 response + CRYPTO_NONCE_SIZE);
572 572
573 if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES) { 573 if (len != TCP_HANDSHAKE_PLAIN_SIZE + CRYPTO_MAC_SIZE) {
574 return -1; 574 return -1;
575 } 575 }
576 576
@@ -605,10 +605,10 @@ static int read_connection_handshake(TCP_Secure_Connection *con, const uint8_t *
605 */ 605 */
606static int send_routing_response(TCP_Secure_Connection *con, uint8_t rpid, const uint8_t *public_key) 606static int send_routing_response(TCP_Secure_Connection *con, uint8_t rpid, const uint8_t *public_key)
607{ 607{
608 uint8_t data[1 + 1 + crypto_box_PUBLICKEYBYTES]; 608 uint8_t data[1 + 1 + CRYPTO_PUBLIC_KEY_SIZE];
609 data[0] = TCP_PACKET_ROUTING_RESPONSE; 609 data[0] = TCP_PACKET_ROUTING_RESPONSE;
610 data[1] = rpid; 610 data[1] = rpid;
611 memcpy(data + 2, public_key, crypto_box_PUBLICKEYBYTES); 611 memcpy(data + 2, public_key, CRYPTO_PUBLIC_KEY_SIZE);
612 612
613 return write_packet_TCP_secure_connection(con, data, sizeof(data), 1); 613 return write_packet_TCP_secure_connection(con, data, sizeof(data), 1);
614} 614}
@@ -684,7 +684,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const
684 } 684 }
685 685
686 con->connections[index].status = 1; 686 con->connections[index].status = 1;
687 memcpy(con->connections[index].public_key, public_key, crypto_box_PUBLICKEYBYTES); 687 memcpy(con->connections[index].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
688 int other_index = get_TCP_connection_index(TCP_server, public_key); 688 int other_index = get_TCP_connection_index(TCP_server, public_key);
689 689
690 if (other_index != -1) { 690 if (other_index != -1) {
@@ -730,10 +730,10 @@ static int handle_TCP_oob_send(TCP_Server *TCP_server, uint32_t con_id, const ui
730 int other_index = get_TCP_connection_index(TCP_server, public_key); 730 int other_index = get_TCP_connection_index(TCP_server, public_key);
731 731
732 if (other_index != -1) { 732 if (other_index != -1) {
733 uint8_t resp_packet[1 + crypto_box_PUBLICKEYBYTES + length]; 733 uint8_t resp_packet[1 + CRYPTO_PUBLIC_KEY_SIZE + length];
734 resp_packet[0] = TCP_PACKET_OOB_RECV; 734 resp_packet[0] = TCP_PACKET_OOB_RECV;
735 memcpy(resp_packet + 1, con->public_key, crypto_box_PUBLICKEYBYTES); 735 memcpy(resp_packet + 1, con->public_key, CRYPTO_PUBLIC_KEY_SIZE);
736 memcpy(resp_packet + 1 + crypto_box_PUBLICKEYBYTES, data, length); 736 memcpy(resp_packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, data, length);
737 write_packet_TCP_secure_connection(&TCP_server->accepted_connection_array[other_index], resp_packet, 737 write_packet_TCP_secure_connection(&TCP_server->accepted_connection_array[other_index], resp_packet,
738 sizeof(resp_packet), 0); 738 sizeof(resp_packet), 0);
739 } 739 }
@@ -817,7 +817,7 @@ static int handle_TCP_packet(TCP_Server *TCP_server, uint32_t con_id, const uint
817 817
818 switch (data[0]) { 818 switch (data[0]) {
819 case TCP_PACKET_ROUTING_REQUEST: { 819 case TCP_PACKET_ROUTING_REQUEST: {
820 if (length != 1 + crypto_box_PUBLICKEYBYTES) { 820 if (length != 1 + CRYPTO_PUBLIC_KEY_SIZE) {
821 return -1; 821 return -1;
822 } 822 }
823 823
@@ -872,17 +872,17 @@ static int handle_TCP_packet(TCP_Server *TCP_server, uint32_t con_id, const uint
872 } 872 }
873 873
874 case TCP_PACKET_OOB_SEND: { 874 case TCP_PACKET_OOB_SEND: {
875 if (length <= 1 + crypto_box_PUBLICKEYBYTES) { 875 if (length <= 1 + CRYPTO_PUBLIC_KEY_SIZE) {
876 return -1; 876 return -1;
877 } 877 }
878 878
879 return handle_TCP_oob_send(TCP_server, con_id, data + 1, data + 1 + crypto_box_PUBLICKEYBYTES, 879 return handle_TCP_oob_send(TCP_server, con_id, data + 1, data + 1 + CRYPTO_PUBLIC_KEY_SIZE,
880 length - (1 + crypto_box_PUBLICKEYBYTES)); 880 length - (1 + CRYPTO_PUBLIC_KEY_SIZE));
881 } 881 }
882 882
883 case TCP_PACKET_ONION_REQUEST: { 883 case TCP_PACKET_ONION_REQUEST: {
884 if (TCP_server->onion) { 884 if (TCP_server->onion) {
885 if (length <= 1 + crypto_box_NONCEBYTES + ONION_SEND_BASE * 2) { 885 if (length <= 1 + CRYPTO_NONCE_SIZE + ONION_SEND_BASE * 2) {
886 return -1; 886 return -1;
887 } 887 }
888 888
@@ -892,7 +892,7 @@ static int handle_TCP_packet(TCP_Server *TCP_server, uint32_t con_id, const uint
892 source.ip.ip6.uint32[0] = con_id; 892 source.ip.ip6.uint32[0] = con_id;
893 source.ip.ip6.uint32[1] = 0; 893 source.ip.ip6.uint32[1] = 0;
894 source.ip.ip6.uint64[1] = con->identifier; 894 source.ip.ip6.uint64[1] = con->identifier;
895 onion_send_1(TCP_server->onion, data + 1 + crypto_box_NONCEBYTES, length - (1 + crypto_box_NONCEBYTES), source, 895 onion_send_1(TCP_server->onion, data + 1 + CRYPTO_NONCE_SIZE, length - (1 + CRYPTO_NONCE_SIZE), source,
896 data + 1); 896 data + 1);
897 } 897 }
898 898
@@ -951,7 +951,7 @@ static int confirm_TCP_connection(TCP_Server *TCP_server, TCP_Secure_Connection
951 return -1; 951 return -1;
952 } 952 }
953 953
954 sodium_memzero(con, sizeof(TCP_Secure_Connection)); 954 crypto_memzero(con, sizeof(TCP_Secure_Connection));
955 955
956 if (handle_TCP_packet(TCP_server, index, data, length) == -1) { 956 if (handle_TCP_packet(TCP_server, index, data, length) == -1) {
957 kill_accepted(TCP_server, index); 957 kill_accepted(TCP_server, index);
@@ -1102,10 +1102,10 @@ TCP_Server *new_TCP_server(uint8_t ipv6_enabled, uint16_t num_sockets, const uin
1102 set_callback_handle_recv_1(onion, &handle_onion_recv_1, temp); 1102 set_callback_handle_recv_1(onion, &handle_onion_recv_1, temp);
1103 } 1103 }
1104 1104
1105 memcpy(temp->secret_key, secret_key, crypto_box_SECRETKEYBYTES); 1105 memcpy(temp->secret_key, secret_key, CRYPTO_SECRET_KEY_SIZE);
1106 crypto_scalarmult_curve25519_base(temp->public_key, temp->secret_key); 1106 crypto_derive_public_key(temp->public_key, temp->secret_key);
1107 1107
1108 bs_list_init(&temp->accepted_key_list, crypto_box_PUBLICKEYBYTES, 8); 1108 bs_list_init(&temp->accepted_key_list, CRYPTO_PUBLIC_KEY_SIZE, 8);
1109 1109
1110 return temp; 1110 return temp;
1111} 1111}
@@ -1145,7 +1145,7 @@ static int do_incoming(TCP_Server *TCP_server, uint32_t i)
1145 } 1145 }
1146 1146
1147 memcpy(conn_new, conn_old, sizeof(TCP_Secure_Connection)); 1147 memcpy(conn_new, conn_old, sizeof(TCP_Secure_Connection));
1148 sodium_memzero(conn_old, sizeof(TCP_Secure_Connection)); 1148 crypto_memzero(conn_old, sizeof(TCP_Secure_Connection));
1149 ++TCP_server->unconfirmed_connection_queue_index; 1149 ++TCP_server->unconfirmed_connection_queue_index;
1150 1150
1151 return index_new; 1151 return index_new;
diff --git a/toxcore/TCP_server.h b/toxcore/TCP_server.h
index 4dcfe126..f2618330 100644
--- a/toxcore/TCP_server.h
+++ b/toxcore/TCP_server.h
@@ -41,9 +41,9 @@
41 41
42#define MAX_PACKET_SIZE 2048 42#define MAX_PACKET_SIZE 2048
43 43
44#define TCP_HANDSHAKE_PLAIN_SIZE (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES) 44#define TCP_HANDSHAKE_PLAIN_SIZE (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE)
45#define TCP_SERVER_HANDSHAKE_SIZE (crypto_box_NONCEBYTES + TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES) 45#define TCP_SERVER_HANDSHAKE_SIZE (CRYPTO_NONCE_SIZE + TCP_HANDSHAKE_PLAIN_SIZE + CRYPTO_MAC_SIZE)
46#define TCP_CLIENT_HANDSHAKE_SIZE (crypto_box_PUBLICKEYBYTES + TCP_SERVER_HANDSHAKE_SIZE) 46#define TCP_CLIENT_HANDSHAKE_SIZE (CRYPTO_PUBLIC_KEY_SIZE + TCP_SERVER_HANDSHAKE_SIZE)
47#define TCP_MAX_OOB_DATA_LENGTH 1024 47#define TCP_MAX_OOB_DATA_LENGTH 1024
48 48
49#define NUM_RESERVED_PORTS 16 49#define NUM_RESERVED_PORTS 16
@@ -90,13 +90,13 @@ struct TCP_Priority_List {
90 90
91typedef struct TCP_Secure_Connection { 91typedef struct TCP_Secure_Connection {
92 sock_t sock; 92 sock_t sock;
93 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 93 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
94 uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ 94 uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */
95 uint8_t sent_nonce[crypto_box_NONCEBYTES]; /* Nonce of sent packets. */ 95 uint8_t sent_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of sent packets. */
96 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 96 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
97 uint16_t next_packet_length; 97 uint16_t next_packet_length;
98 struct { 98 struct {
99 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 99 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
100 uint32_t index; 100 uint32_t index;
101 uint8_t status; /* 0 if not used, 1 if other is offline, 2 if other is online. */ 101 uint8_t status; /* 0 if not used, 1 if other is offline, 2 if other is online. */
102 uint8_t other_id; 102 uint8_t other_id;
diff --git a/toxcore/crypto_core.api.h b/toxcore/crypto_core.api.h
index 0c72471c..78a17280 100644
--- a/toxcore/crypto_core.api.h
+++ b/toxcore/crypto_core.api.h
@@ -25,29 +25,59 @@
25#define CORE_CRYPTO_H 25#define CORE_CRYPTO_H
26 26
27#include "network.h" 27#include "network.h"
28%}
28 29
29#ifndef VANILLA_NACL 30/**
30/* We use libsodium by default. */ 31 * The number of bytes in a Tox public key.
31#include <sodium.h> 32 */
32#else 33const CRYPTO_PUBLIC_KEY_SIZE = 32;
33#include <crypto_box.h>
34#include <crypto_hash_sha256.h>
35#include <crypto_hash_sha512.h>
36#include <crypto_scalarmult_curve25519.h>
37#include <crypto_verify_16.h>
38#include <crypto_verify_32.h>
39#include <randombytes.h>
40#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
41/* I know */
42#define sodium_memcmp(a, b, c) memcmp(a, b, c)
43#define sodium_memzero(a, c) memset(a, 0, c)
44#endif
45 34
46#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) 35/**
47%} 36 * The number of bytes in a Tox secret key.
37 */
38const CRYPTO_SECRET_KEY_SIZE = 32;
39
40/**
41 * The number of bytes in a shared key computed from public and secret key.
42 */
43const CRYPTO_SHARED_KEY_SIZE = 32;
44
45/**
46 * The number of bytes in a random symmetric key.
47 */
48const CRYPTO_SYMMETRIC_KEY_SIZE = CRYPTO_SHARED_KEY_SIZE;
49
50/**
51 * The number of bytes needed for the MAC (message authentication code) in an
52 * encrypted message.
53 */
54const CRYPTO_MAC_SIZE = 16;
48 55
49/** 56/**
50 * compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. 57 * The number of bytes in a nonce used for encryption/decryption.
58 */
59const CRYPTO_NONCE_SIZE = 24;
60
61/**
62 * The number of bytes in a SHA256 hash.
63 */
64const CRYPTO_SHA256_SIZE = 32;
65
66/**
67 * The number of bytes in a SHA512 hash.
68 */
69const CRYPTO_SHA512_SIZE = 64;
70
71static int32_t crypto_memcmp(const void *p1, const void *p2, size_t length);
72static void crypto_memzero(void *data, size_t length);
73
74static void crypto_sha256(uint8_t *hash, const uint8_t[length] data);
75static void crypto_sha512(uint8_t *hash, const uint8_t[length] data);
76
77static void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key);
78
79/**
80 * compare 2 public keys of length CRYPTO_PUBLIC_KEY_SIZE, not vulnerable to timing attacks.
51 * returns 0 if both mem locations of length are equal, 81 * returns 0 if both mem locations of length are equal,
52 * return -1 if they are not. 82 * return -1 if they are not.
53 */ 83 */
@@ -64,7 +94,7 @@ static uint32_t random_int();
64static uint64_t random_64b(); 94static uint64_t random_64b();
65 95
66/** 96/**
67 * Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. 97 * Check if a Tox public key CRYPTO_PUBLIC_KEY_SIZE is valid or not.
68 * This should only be used for input validation. 98 * This should only be used for input validation.
69 * 99 *
70 * return 0 if it isn't. 100 * return 0 if it isn't.
@@ -72,6 +102,8 @@ static uint64_t random_64b();
72 */ 102 */
73static int32_t public_key_valid(const uint8_t *public_key); 103static int32_t public_key_valid(const uint8_t *public_key);
74 104
105static int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key);
106
75/** 107/**
76 * Encrypts plain of length length to encrypted of length + 16 using the 108 * Encrypts plain of length length to encrypted of length + 16 using the
77 * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. 109 * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce.
@@ -105,7 +137,7 @@ static int32_t encrypt_precompute(
105 137
106/** 138/**
107 * Encrypts plain of length length to encrypted of length + 16 using a 139 * Encrypts plain of length length to encrypted of length + 16 using a
108 * secret key crypto_box_KEYBYTES big and a 24 byte nonce. 140 * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce.
109 * 141 *
110 * return -1 if there was a problem. 142 * return -1 if there was a problem.
111 * return length of encrypted data if everything was fine. 143 * return length of encrypted data if everything was fine.
@@ -116,7 +148,7 @@ static int32_t encrypt_data_symmetric(
116 148
117/** 149/**
118 * Decrypts encrypted of length length to plain of length length - 16 using a 150 * Decrypts encrypted of length length to plain of length length - 16 using a
119 * secret key crypto_box_KEYBYTES big and a 24 byte nonce. 151 * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce.
120 * 152 *
121 * return -1 if there was a problem (decryption failed). 153 * return -1 if there was a problem (decryption failed).
122 * return length of plain data if everything was fine. 154 * return length of plain data if everything was fine.
@@ -141,10 +173,15 @@ static void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num);
141static void random_nonce(uint8_t *nonce); 173static void random_nonce(uint8_t *nonce);
142 174
143/** 175/**
144 * Fill a key crypto_box_KEYBYTES big with random bytes. 176 * Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes.
145 */ 177 */
146static void new_symmetric_key(uint8_t *key); 178static void new_symmetric_key(uint8_t *key);
147 179
180/**
181 * Fill an array of bytes with random values.
182 */
183static void random_bytes(uint8_t[length] bytes);
184
148%{ 185%{
149#endif 186#endif
150%} 187%}
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c
index a71b3cb8..d4f7c562 100644
--- a/toxcore/crypto_core.c
+++ b/toxcore/crypto_core.c
@@ -29,8 +29,53 @@
29 29
30#include "crypto_core.h" 30#include "crypto_core.h"
31 31
32#if crypto_box_PUBLICKEYBYTES != 32 32#ifndef VANILLA_NACL
33#error crypto_box_PUBLICKEYBYTES is required to be 32 bytes for public_key_cmp to work, 33/* We use libsodium by default. */
34#include <sodium.h>
35#else
36#include <crypto_box.h>
37#include <crypto_hash_sha256.h>
38#include <crypto_hash_sha512.h>
39#include <crypto_scalarmult_curve25519.h>
40#include <crypto_verify_16.h>
41#include <crypto_verify_32.h>
42#include <randombytes.h>
43#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
44/* I know */
45#define sodium_memcmp(a, b, c) memcmp(a, b, c)
46#define sodium_memzero(a, c) memset(a, 0, c)
47#endif
48
49#if CRYPTO_PUBLIC_KEY_SIZE != crypto_box_PUBLICKEYBYTES
50#error CRYPTO_PUBLIC_KEY_SIZE should be equal to crypto_box_PUBLICKEYBYTES
51#endif
52
53#if CRYPTO_SECRET_KEY_SIZE != crypto_box_SECRETKEYBYTES
54#error CRYPTO_SECRET_KEY_SIZE should be equal to crypto_box_SECRETKEYBYTES
55#endif
56
57#if CRYPTO_SHARED_KEY_SIZE != crypto_box_BEFORENMBYTES
58#error CRYPTO_SHARED_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES
59#endif
60
61#if CRYPTO_SYMMETRIC_KEY_SIZE != crypto_box_BEFORENMBYTES
62#error CRYPTO_SYMMETRIC_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES
63#endif
64
65#if CRYPTO_MAC_SIZE != crypto_box_MACBYTES
66#error CRYPTO_MAC_SIZE should be equal to crypto_box_MACBYTES
67#endif
68
69#if CRYPTO_NONCE_SIZE != crypto_box_NONCEBYTES
70#error CRYPTO_NONCE_SIZE should be equal to crypto_box_NONCEBYTES
71#endif
72
73#if CRYPTO_SHA256_SIZE != crypto_hash_sha256_BYTES
74#error CRYPTO_SHA256_SIZE should be equal to crypto_hash_sha256_BYTES
75#endif
76
77#if CRYPTO_SHA512_SIZE != crypto_hash_sha512_BYTES
78#error CRYPTO_SHA512_SIZE should be equal to crypto_hash_sha512_BYTES
34#endif 79#endif
35 80
36/* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. 81/* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks.
@@ -38,6 +83,9 @@
38 return -1 if they are not. */ 83 return -1 if they are not. */
39int public_key_cmp(const uint8_t *pk1, const uint8_t *pk2) 84int public_key_cmp(const uint8_t *pk1, const uint8_t *pk2)
40{ 85{
86#if crypto_box_PUBLICKEYBYTES != 32
87#error crypto_box_PUBLICKEYBYTES is required to be 32 bytes for public_key_cmp to work,
88#endif
41 return crypto_verify_32(pk1, pk2); 89 return crypto_verify_32(pk1, pk2);
42} 90}
43 91
@@ -135,7 +183,7 @@ int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uin
135 uint8_t k[crypto_box_BEFORENMBYTES]; 183 uint8_t k[crypto_box_BEFORENMBYTES];
136 encrypt_precompute(public_key, secret_key, k); 184 encrypt_precompute(public_key, secret_key, k);
137 int ret = encrypt_data_symmetric(k, nonce, plain, length, encrypted); 185 int ret = encrypt_data_symmetric(k, nonce, plain, length, encrypted);
138 sodium_memzero(k, sizeof k); 186 crypto_memzero(k, sizeof k);
139 return ret; 187 return ret;
140} 188}
141 189
@@ -149,7 +197,7 @@ int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uin
149 uint8_t k[crypto_box_BEFORENMBYTES]; 197 uint8_t k[crypto_box_BEFORENMBYTES];
150 encrypt_precompute(public_key, secret_key, k); 198 encrypt_precompute(public_key, secret_key, k);
151 int ret = decrypt_data_symmetric(k, nonce, encrypted, length, plain); 199 int ret = decrypt_data_symmetric(k, nonce, encrypted, length, plain);
152 sodium_memzero(k, sizeof k); 200 crypto_memzero(k, sizeof k);
153 return ret; 201 return ret;
154} 202}
155 203
@@ -204,8 +252,43 @@ void random_nonce(uint8_t *nonce)
204 randombytes(nonce, crypto_box_NONCEBYTES); 252 randombytes(nonce, crypto_box_NONCEBYTES);
205} 253}
206 254
207/* Fill a key crypto_box_KEYBYTES big with random bytes */ 255/* Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes */
208void new_symmetric_key(uint8_t *key) 256void new_symmetric_key(uint8_t *key)
209{ 257{
210 randombytes(key, crypto_box_KEYBYTES); 258 randombytes(key, CRYPTO_SYMMETRIC_KEY_SIZE);
259}
260
261int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key)
262{
263 return crypto_box_keypair(public_key, secret_key);
264}
265
266void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key)
267{
268 crypto_scalarmult_curve25519_base(public_key, secret_key);
269}
270
271void crypto_sha256(uint8_t *hash, const uint8_t *data, size_t length)
272{
273 crypto_hash_sha256(hash, data, length);
274}
275
276void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length)
277{
278 crypto_hash_sha512(hash, data, length);
279}
280
281void crypto_memzero(void *data, size_t length)
282{
283 sodium_memzero(data, length);
284}
285
286int32_t crypto_memcmp(const void *p1, const void *p2, size_t length)
287{
288 return sodium_memcmp(p1, p2, length);
289}
290
291void random_bytes(uint8_t *data, size_t length)
292{
293 randombytes(data, length);
211} 294}
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h
index 5a1b153a..a5cea019 100644
--- a/toxcore/crypto_core.h
+++ b/toxcore/crypto_core.h
@@ -25,27 +25,75 @@
25 25
26#include "network.h" 26#include "network.h"
27 27
28#ifndef VANILLA_NACL 28/**
29/* We use libsodium by default. */ 29 * The number of bytes in a Tox public key.
30#include <sodium.h> 30 */
31#else 31#define CRYPTO_PUBLIC_KEY_SIZE 32
32#include <crypto_box.h> 32
33#include <crypto_hash_sha256.h> 33uint32_t crypto_public_key_size(void);
34#include <crypto_hash_sha512.h> 34
35#include <crypto_scalarmult_curve25519.h> 35/**
36#include <crypto_verify_16.h> 36 * The number of bytes in a Tox secret key.
37#include <crypto_verify_32.h> 37 */
38#include <randombytes.h> 38#define CRYPTO_SECRET_KEY_SIZE 32
39#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) 39
40/* I know */ 40uint32_t crypto_secret_key_size(void);
41#define sodium_memcmp(a, b, c) memcmp(a, b, c) 41
42#define sodium_memzero(a, c) memset(a, 0, c) 42/**
43#endif 43 * The number of bytes in a shared key computed from public and secret key.
44 */
45#define CRYPTO_SHARED_KEY_SIZE 32
44 46
45#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) 47uint32_t crypto_shared_key_size(void);
46 48
47/** 49/**
48 * compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. 50 * The number of bytes in a random symmetric key.
51 */
52#define CRYPTO_SYMMETRIC_KEY_SIZE CRYPTO_SHARED_KEY_SIZE
53
54uint32_t crypto_symmetric_key_size(void);
55
56/**
57 * The number of bytes needed for the MAC (message authentication code) in an
58 * encrypted message.
59 */
60#define CRYPTO_MAC_SIZE 16
61
62uint32_t crypto_mac_size(void);
63
64/**
65 * The number of bytes in a nonce used for encryption/decryption.
66 */
67#define CRYPTO_NONCE_SIZE 24
68
69uint32_t crypto_nonce_size(void);
70
71/**
72 * The number of bytes in a SHA256 hash.
73 */
74#define CRYPTO_SHA256_SIZE 32
75
76uint32_t crypto_sha256_size(void);
77
78/**
79 * The number of bytes in a SHA512 hash.
80 */
81#define CRYPTO_SHA512_SIZE 64
82
83uint32_t crypto_sha512_size(void);
84
85int32_t crypto_memcmp(const void *p1, const void *p2, size_t length);
86
87void crypto_memzero(void *data, size_t length);
88
89void crypto_sha256(uint8_t *hash, const uint8_t *data, size_t length);
90
91void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length);
92
93void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key);
94
95/**
96 * compare 2 public keys of length CRYPTO_PUBLIC_KEY_SIZE, not vulnerable to timing attacks.
49 * returns 0 if both mem locations of length are equal, 97 * returns 0 if both mem locations of length are equal,
50 * return -1 if they are not. 98 * return -1 if they are not.
51 */ 99 */
@@ -62,7 +110,7 @@ uint32_t random_int(void);
62uint64_t random_64b(void); 110uint64_t random_64b(void);
63 111
64/** 112/**
65 * Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. 113 * Check if a Tox public key CRYPTO_PUBLIC_KEY_SIZE is valid or not.
66 * This should only be used for input validation. 114 * This should only be used for input validation.
67 * 115 *
68 * return 0 if it isn't. 116 * return 0 if it isn't.
@@ -70,6 +118,8 @@ uint64_t random_64b(void);
70 */ 118 */
71int32_t public_key_valid(const uint8_t *public_key); 119int32_t public_key_valid(const uint8_t *public_key);
72 120
121int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key);
122
73/** 123/**
74 * Encrypts plain of length length to encrypted of length + 16 using the 124 * Encrypts plain of length length to encrypted of length + 16 using the
75 * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. 125 * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce.
@@ -99,7 +149,7 @@ int32_t encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key,
99 149
100/** 150/**
101 * Encrypts plain of length length to encrypted of length + 16 using a 151 * Encrypts plain of length length to encrypted of length + 16 using a
102 * secret key crypto_box_KEYBYTES big and a 24 byte nonce. 152 * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce.
103 * 153 *
104 * return -1 if there was a problem. 154 * return -1 if there was a problem.
105 * return length of encrypted data if everything was fine. 155 * return length of encrypted data if everything was fine.
@@ -109,7 +159,7 @@ int32_t encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce,
109 159
110/** 160/**
111 * Decrypts encrypted of length length to plain of length length - 16 using a 161 * Decrypts encrypted of length length to plain of length length - 16 using a
112 * secret key crypto_box_KEYBYTES big and a 24 byte nonce. 162 * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce.
113 * 163 *
114 * return -1 if there was a problem (decryption failed). 164 * return -1 if there was a problem (decryption failed).
115 * return length of plain data if everything was fine. 165 * return length of plain data if everything was fine.
@@ -133,8 +183,14 @@ void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num);
133void random_nonce(uint8_t *nonce); 183void random_nonce(uint8_t *nonce);
134 184
135/** 185/**
136 * Fill a key crypto_box_KEYBYTES big with random bytes. 186 * Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes.
137 */ 187 */
138void new_symmetric_key(uint8_t *key); 188void new_symmetric_key(uint8_t *key);
139 189
190/**
191 * Fill an array of bytes with random values.
192 */
193void random_bytes(uint8_t *bytes, size_t length);
194
140#endif 195#endif
196
diff --git a/toxcore/friend_connection.c b/toxcore/friend_connection.c
index 2a99070b..d4f36c96 100644
--- a/toxcore/friend_connection.c
+++ b/toxcore/friend_connection.c
@@ -190,7 +190,7 @@ int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_
190 } 190 }
191 191
192 friend_con->tcp_relays[index].ip_port = ip_port; 192 friend_con->tcp_relays[index].ip_port = ip_port;
193 memcpy(friend_con->tcp_relays[index].public_key, public_key, crypto_box_PUBLICKEYBYTES); 193 memcpy(friend_con->tcp_relays[index].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
194 ++friend_con->tcp_relay_counter; 194 ++friend_con->tcp_relay_counter;
195 195
196 return add_tcp_relay_peer(fr_c->net_crypto, friend_con->crypt_connection_id, ip_port, public_key); 196 return add_tcp_relay_peer(fr_c->net_crypto, friend_con->crypt_connection_id, ip_port, public_key);
@@ -320,7 +320,7 @@ static void change_dht_pk(Friend_Connections *fr_c, int friendcon_id, const uint
320 } 320 }
321 321
322 DHT_addfriend(fr_c->dht, dht_public_key, dht_ip_callback, fr_c, friendcon_id, &friend_con->dht_lock); 322 DHT_addfriend(fr_c->dht, dht_public_key, dht_ip_callback, fr_c, friendcon_id, &friend_con->dht_lock);
323 memcpy(friend_con->dht_temp_pk, dht_public_key, crypto_box_PUBLICKEYBYTES); 323 memcpy(friend_con->dht_temp_pk, dht_public_key, CRYPTO_PUBLIC_KEY_SIZE);
324} 324}
325 325
326static int handle_status(void *object, int number, uint8_t status, void *userdata) 326static int handle_status(void *object, int number, uint8_t status, void *userdata)
@@ -626,11 +626,11 @@ int get_friendcon_public_keys(uint8_t *real_pk, uint8_t *dht_temp_pk, Friend_Con
626 } 626 }
627 627
628 if (real_pk) { 628 if (real_pk) {
629 memcpy(real_pk, friend_con->real_public_key, crypto_box_PUBLICKEYBYTES); 629 memcpy(real_pk, friend_con->real_public_key, CRYPTO_PUBLIC_KEY_SIZE);
630 } 630 }
631 631
632 if (dht_temp_pk) { 632 if (dht_temp_pk) {
633 memcpy(dht_temp_pk, friend_con->dht_temp_pk, crypto_box_PUBLICKEYBYTES); 633 memcpy(dht_temp_pk, friend_con->dht_temp_pk, CRYPTO_PUBLIC_KEY_SIZE);
634 } 634 }
635 635
636 return 0; 636 return 0;
@@ -722,7 +722,7 @@ int new_friend_connection(Friend_Connections *fr_c, const uint8_t *real_public_k
722 722
723 friend_con->crypt_connection_id = -1; 723 friend_con->crypt_connection_id = -1;
724 friend_con->status = FRIENDCONN_STATUS_CONNECTING; 724 friend_con->status = FRIENDCONN_STATUS_CONNECTING;
725 memcpy(friend_con->real_public_key, real_public_key, crypto_box_PUBLICKEYBYTES); 725 memcpy(friend_con->real_public_key, real_public_key, CRYPTO_PUBLIC_KEY_SIZE);
726 friend_con->onion_friendnum = onion_friendnum; 726 friend_con->onion_friendnum = onion_friendnum;
727 727
728 recv_tcp_relay_handler(fr_c->onion_c, onion_friendnum, &tcp_relay_node_callback, fr_c, friendcon_id); 728 recv_tcp_relay_handler(fr_c->onion_c, onion_friendnum, &tcp_relay_node_callback, fr_c, friendcon_id);
diff --git a/toxcore/friend_connection.h b/toxcore/friend_connection.h
index 4d6f841c..13ea476d 100644
--- a/toxcore/friend_connection.h
+++ b/toxcore/friend_connection.h
@@ -65,8 +65,8 @@ enum {
65typedef struct { 65typedef struct {
66 uint8_t status; 66 uint8_t status;
67 67
68 uint8_t real_public_key[crypto_box_PUBLICKEYBYTES]; 68 uint8_t real_public_key[CRYPTO_PUBLIC_KEY_SIZE];
69 uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; 69 uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
70 uint16_t dht_lock; 70 uint16_t dht_lock;
71 IP_Port dht_ip_port; 71 IP_Port dht_ip_port;
72 uint64_t dht_pk_lastrecv, dht_ip_port_lastrecv; 72 uint64_t dht_pk_lastrecv, dht_ip_port_lastrecv;
diff --git a/toxcore/friend_requests.c b/toxcore/friend_requests.c
index f0281d3a..a2979b46 100644
--- a/toxcore/friend_requests.c
+++ b/toxcore/friend_requests.c
@@ -96,7 +96,7 @@ int remove_request_received(Friend_Requests *fr, const uint8_t *real_pk)
96 96
97 for (i = 0; i < MAX_RECEIVED_STORED; ++i) { 97 for (i = 0; i < MAX_RECEIVED_STORED; ++i) {
98 if (id_equal(fr->received_requests[i], real_pk)) { 98 if (id_equal(fr->received_requests[i], real_pk)) {
99 sodium_memzero(fr->received_requests[i], crypto_box_PUBLICKEYBYTES); 99 crypto_memzero(fr->received_requests[i], CRYPTO_PUBLIC_KEY_SIZE);
100 return 0; 100 return 0;
101 } 101 }
102 } 102 }
diff --git a/toxcore/friend_requests.h b/toxcore/friend_requests.h
index 4a9d06de..9fb06d00 100644
--- a/toxcore/friend_requests.h
+++ b/toxcore/friend_requests.h
@@ -42,7 +42,7 @@ typedef struct {
42 42
43#define MAX_RECEIVED_STORED 32 43#define MAX_RECEIVED_STORED 32
44 44
45 uint8_t received_requests[MAX_RECEIVED_STORED][crypto_box_PUBLICKEYBYTES]; 45 uint8_t received_requests[MAX_RECEIVED_STORED][CRYPTO_PUBLIC_KEY_SIZE];
46 uint16_t received_requests_index; 46 uint16_t received_requests_index;
47} Friend_Requests; 47} Friend_Requests;
48 48
diff --git a/toxcore/group.c b/toxcore/group.c
index f1c160c9..e733d550 100644
--- a/toxcore/group.c
+++ b/toxcore/group.c
@@ -113,7 +113,7 @@ static int wipe_group_chat(Group_Chats *g_c, int groupnumber)
113 } 113 }
114 114
115 uint32_t i; 115 uint32_t i;
116 sodium_memzero(&(g_c->chats[groupnumber]), sizeof(Group_c)); 116 crypto_memzero(&(g_c->chats[groupnumber]), sizeof(Group_c));
117 117
118 for (i = g_c->num_chats; i != 0; --i) { 118 for (i = g_c->num_chats; i != 0; --i) {
119 if (g_c->chats[i - 1].status != GROUPCHAT_STATUS_NONE) { 119 if (g_c->chats[i - 1].status != GROUPCHAT_STATUS_NONE) {
@@ -173,7 +173,7 @@ static int get_group_num(const Group_Chats *g_c, const uint8_t *identifier)
173 uint32_t i; 173 uint32_t i;
174 174
175 for (i = 0; i < g_c->num_chats; ++i) { 175 for (i = 0; i < g_c->num_chats; ++i) {
176 if (sodium_memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0) { 176 if (crypto_memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0) {
177 return i; 177 return i;
178 } 178 }
179 } 179 }
@@ -284,19 +284,19 @@ static int add_to_closest(Group_Chats *g_c, int groupnumber, const uint8_t *real
284 return -1; 284 return -1;
285 } 285 }
286 286
287 uint8_t old_real_pk[crypto_box_PUBLICKEYBYTES]; 287 uint8_t old_real_pk[CRYPTO_PUBLIC_KEY_SIZE];
288 uint8_t old_temp_pk[crypto_box_PUBLICKEYBYTES]; 288 uint8_t old_temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
289 uint8_t old = 0; 289 uint8_t old = 0;
290 290
291 if (g->closest_peers[index].entry) { 291 if (g->closest_peers[index].entry) {
292 memcpy(old_real_pk, g->closest_peers[index].real_pk, crypto_box_PUBLICKEYBYTES); 292 memcpy(old_real_pk, g->closest_peers[index].real_pk, CRYPTO_PUBLIC_KEY_SIZE);
293 memcpy(old_temp_pk, g->closest_peers[index].temp_pk, crypto_box_PUBLICKEYBYTES); 293 memcpy(old_temp_pk, g->closest_peers[index].temp_pk, CRYPTO_PUBLIC_KEY_SIZE);
294 old = 1; 294 old = 1;
295 } 295 }
296 296
297 g->closest_peers[index].entry = 1; 297 g->closest_peers[index].entry = 1;
298 memcpy(g->closest_peers[index].real_pk, real_pk, crypto_box_PUBLICKEYBYTES); 298 memcpy(g->closest_peers[index].real_pk, real_pk, CRYPTO_PUBLIC_KEY_SIZE);
299 memcpy(g->closest_peers[index].temp_pk, temp_pk, crypto_box_PUBLICKEYBYTES); 299 memcpy(g->closest_peers[index].temp_pk, temp_pk, CRYPTO_PUBLIC_KEY_SIZE);
300 300
301 if (old) { 301 if (old) {
302 add_to_closest(g_c, groupnumber, old_real_pk, old_temp_pk); 302 add_to_closest(g_c, groupnumber, old_real_pk, old_temp_pk);
@@ -357,8 +357,8 @@ static int connect_to_closest(Group_Chats *g_c, int groupnumber, void *userdata)
357 continue; 357 continue;
358 } 358 }
359 359
360 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 360 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
361 uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; 361 uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
362 get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[i].number); 362 get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[i].number);
363 363
364 if (!pk_in_closest_peers(g, real_pk)) { 364 if (!pk_in_closest_peers(g, real_pk)) {
@@ -743,7 +743,7 @@ int add_groupchat(Group_Chats *g_c, uint8_t type)
743 new_symmetric_key(g->identifier + 1); 743 new_symmetric_key(g->identifier + 1);
744 g->identifier[0] = type; 744 g->identifier[0] = type;
745 g->peer_number = 0; /* Founder is peer 0. */ 745 g->peer_number = 0; /* Founder is peer 0. */
746 memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES); 746 memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
747 int peer_index = addpeer(g_c, groupnumber, g->real_pk, g_c->m->dht->self_public_key, 0, NULL, false); 747 int peer_index = addpeer(g_c, groupnumber, g->real_pk, g_c->m->dht->self_public_key, 0, NULL, false);
748 748
749 if (peer_index == -1) { 749 if (peer_index == -1) {
@@ -798,7 +798,7 @@ int del_groupchat(Group_Chats *g_c, int groupnumber)
798} 798}
799 799
800/* Copy the public key of peernumber who is in groupnumber to pk. 800/* Copy the public key of peernumber who is in groupnumber to pk.
801 * pk must be crypto_box_PUBLICKEYBYTES long. 801 * pk must be CRYPTO_PUBLIC_KEY_SIZE long.
802 * 802 *
803 * return 0 on success 803 * return 0 on success
804 * return -1 if groupnumber is invalid. 804 * return -1 if groupnumber is invalid.
@@ -816,7 +816,7 @@ int group_peer_pubkey(const Group_Chats *g_c, int groupnumber, int peernumber, u
816 return -2; 816 return -2;
817 } 817 }
818 818
819 memcpy(pk, g->group[peernumber].real_pk, crypto_box_PUBLICKEYBYTES); 819 memcpy(pk, g->group[peernumber].real_pk, CRYPTO_PUBLIC_KEY_SIZE);
820 return 0; 820 return 0;
821} 821}
822 822
@@ -1077,7 +1077,7 @@ int join_groupchat(Group_Chats *g_c, int32_t friendnumber, uint8_t expected_type
1077 uint16_t group_num = htons(groupnumber); 1077 uint16_t group_num = htons(groupnumber);
1078 g->status = GROUPCHAT_STATUS_VALID; 1078 g->status = GROUPCHAT_STATUS_VALID;
1079 g->number_joined = -1; 1079 g->number_joined = -1;
1080 memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES); 1080 memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
1081 1081
1082 uint8_t response[INVITE_RESPONSE_PACKET_SIZE]; 1082 uint8_t response[INVITE_RESPONSE_PACKET_SIZE];
1083 response[0] = INVITE_RESPONSE_ID; 1083 response[0] = INVITE_RESPONSE_ID;
@@ -1231,7 +1231,7 @@ static int group_ping_send(const Group_Chats *g_c, int groupnumber)
1231} 1231}
1232 1232
1233#define GROUP_MESSAGE_NEW_PEER_ID 16 1233#define GROUP_MESSAGE_NEW_PEER_ID 16
1234#define GROUP_MESSAGE_NEW_PEER_LENGTH (sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES * 2) 1234#define GROUP_MESSAGE_NEW_PEER_LENGTH (sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE * 2)
1235/* send a new_peer message 1235/* send a new_peer message
1236 * return 0 on success 1236 * return 0 on success
1237 * return -1 on failure 1237 * return -1 on failure
@@ -1243,8 +1243,8 @@ static int group_new_peer_send(const Group_Chats *g_c, int groupnumber, uint16_t
1243 1243
1244 peer_num = htons(peer_num); 1244 peer_num = htons(peer_num);
1245 memcpy(packet, &peer_num, sizeof(uint16_t)); 1245 memcpy(packet, &peer_num, sizeof(uint16_t));
1246 memcpy(packet + sizeof(uint16_t), real_pk, crypto_box_PUBLICKEYBYTES); 1246 memcpy(packet + sizeof(uint16_t), real_pk, CRYPTO_PUBLIC_KEY_SIZE);
1247 memcpy(packet + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES, temp_pk, crypto_box_PUBLICKEYBYTES); 1247 memcpy(packet + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE, temp_pk, CRYPTO_PUBLIC_KEY_SIZE);
1248 1248
1249 if (send_message_group(g_c, groupnumber, GROUP_MESSAGE_NEW_PEER_ID, packet, sizeof(packet)) > 0) { 1249 if (send_message_group(g_c, groupnumber, GROUP_MESSAGE_NEW_PEER_ID, packet, sizeof(packet)) > 0) {
1250 return 0; 1250 return 0;
@@ -1420,7 +1420,7 @@ static void handle_friend_invite_packet(Messenger *m, uint32_t friendnumber, con
1420 return; 1420 return;
1421 } 1421 }
1422 1422
1423 if (sodium_memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0) { 1423 if (crypto_memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0) {
1424 return; 1424 return;
1425 } 1425 }
1426 1426
@@ -1443,7 +1443,7 @@ static void handle_friend_invite_packet(Messenger *m, uint32_t friendnumber, con
1443 other_groupnum = ntohs(other_groupnum); 1443 other_groupnum = ntohs(other_groupnum);
1444 1444
1445 int friendcon_id = getfriendcon_id(m, friendnumber); 1445 int friendcon_id = getfriendcon_id(m, friendnumber);
1446 uint8_t real_pk[crypto_box_PUBLICKEYBYTES], temp_pk[crypto_box_PUBLICKEYBYTES]; 1446 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE], temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
1447 get_friendcon_public_keys(real_pk, temp_pk, g_c->fr_c, friendcon_id); 1447 get_friendcon_public_keys(real_pk, temp_pk, g_c->fr_c, friendcon_id);
1448 1448
1449 addpeer(g_c, groupnum, real_pk, temp_pk, peer_number, userdata, true); 1449 addpeer(g_c, groupnum, real_pk, temp_pk, peer_number, userdata, true);
@@ -1616,7 +1616,7 @@ static unsigned int send_peers(Group_Chats *g_c, int groupnumber, int friendcon_
1616 unsigned int i; 1616 unsigned int i;
1617 1617
1618 for (i = 0; i < g->numpeers; ++i) { 1618 for (i = 0; i < g->numpeers; ++i) {
1619 if ((p - packet) + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES * 2 + 1 + g->group[i].nick_len > sizeof(packet)) { 1619 if ((p - packet) + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE * 2 + 1 + g->group[i].nick_len > sizeof(packet)) {
1620 if (send_packet_group_peer(g_c->fr_c, friendcon_id, PACKET_ID_DIRECT_CONFERENCE, group_num, packet, (p - packet))) { 1620 if (send_packet_group_peer(g_c->fr_c, friendcon_id, PACKET_ID_DIRECT_CONFERENCE, group_num, packet, (p - packet))) {
1621 sent = i; 1621 sent = i;
1622 } else { 1622 } else {
@@ -1629,10 +1629,10 @@ static unsigned int send_peers(Group_Chats *g_c, int groupnumber, int friendcon_
1629 uint16_t peer_num = htons(g->group[i].peer_number); 1629 uint16_t peer_num = htons(g->group[i].peer_number);
1630 memcpy(p, &peer_num, sizeof(peer_num)); 1630 memcpy(p, &peer_num, sizeof(peer_num));
1631 p += sizeof(peer_num); 1631 p += sizeof(peer_num);
1632 memcpy(p, g->group[i].real_pk, crypto_box_PUBLICKEYBYTES); 1632 memcpy(p, g->group[i].real_pk, CRYPTO_PUBLIC_KEY_SIZE);
1633 p += crypto_box_PUBLICKEYBYTES; 1633 p += CRYPTO_PUBLIC_KEY_SIZE;
1634 memcpy(p, g->group[i].temp_pk, crypto_box_PUBLICKEYBYTES); 1634 memcpy(p, g->group[i].temp_pk, CRYPTO_PUBLIC_KEY_SIZE);
1635 p += crypto_box_PUBLICKEYBYTES; 1635 p += CRYPTO_PUBLIC_KEY_SIZE;
1636 *p = g->group[i].nick_len; 1636 *p = g->group[i].nick_len;
1637 p += 1; 1637 p += 1;
1638 memcpy(p, g->group[i].nick, g->group[i].nick_len); 1638 memcpy(p, g->group[i].nick, g->group[i].nick_len);
@@ -1669,12 +1669,12 @@ static int handle_send_peers(Group_Chats *g_c, int groupnumber, const uint8_t *d
1669 1669
1670 const uint8_t *d = data; 1670 const uint8_t *d = data;
1671 1671
1672 while ((unsigned int)(length - (d - data)) >= sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES * 2 + 1) { 1672 while ((unsigned int)(length - (d - data)) >= sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE * 2 + 1) {
1673 uint16_t peer_num; 1673 uint16_t peer_num;
1674 memcpy(&peer_num, d, sizeof(peer_num)); 1674 memcpy(&peer_num, d, sizeof(peer_num));
1675 peer_num = ntohs(peer_num); 1675 peer_num = ntohs(peer_num);
1676 d += sizeof(uint16_t); 1676 d += sizeof(uint16_t);
1677 int peer_index = addpeer(g_c, groupnumber, d, d + crypto_box_PUBLICKEYBYTES, peer_num, userdata, true); 1677 int peer_index = addpeer(g_c, groupnumber, d, d + CRYPTO_PUBLIC_KEY_SIZE, peer_num, userdata, true);
1678 1678
1679 if (peer_index == -1) { 1679 if (peer_index == -1) {
1680 return -1; 1680 return -1;
@@ -1687,7 +1687,7 @@ static int handle_send_peers(Group_Chats *g_c, int groupnumber, const uint8_t *d
1687 group_name_send(g_c, groupnumber, g_c->m->name, g_c->m->name_length); 1687 group_name_send(g_c, groupnumber, g_c->m->name, g_c->m->name_length);
1688 } 1688 }
1689 1689
1690 d += crypto_box_PUBLICKEYBYTES * 2; 1690 d += CRYPTO_PUBLIC_KEY_SIZE * 2;
1691 uint8_t name_length = *d; 1691 uint8_t name_length = *d;
1692 d += 1; 1692 d += 1;
1693 1693
@@ -1832,8 +1832,8 @@ static unsigned int send_lossy_all_close(const Group_Chats *g_c, int groupnumber
1832 uint64_t comp_val_old = ~0; 1832 uint64_t comp_val_old = ~0;
1833 1833
1834 for (i = 0; i < num_connected_closest; ++i) { 1834 for (i = 0; i < num_connected_closest; ++i) {
1835 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 1835 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
1836 uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; 1836 uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
1837 get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[connected_closest[i]].number); 1837 get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[connected_closest[i]].number);
1838 uint64_t comp_val = calculate_comp_value(g->real_pk, real_pk); 1838 uint64_t comp_val = calculate_comp_value(g->real_pk, real_pk);
1839 1839
@@ -1852,8 +1852,8 @@ static unsigned int send_lossy_all_close(const Group_Chats *g_c, int groupnumber
1852 comp_val_old = ~0; 1852 comp_val_old = ~0;
1853 1853
1854 for (i = 0; i < num_connected_closest; ++i) { 1854 for (i = 0; i < num_connected_closest; ++i) {
1855 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 1855 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
1856 uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; 1856 uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
1857 get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[connected_closest[i]].number); 1857 get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[connected_closest[i]].number);
1858 uint64_t comp_val = calculate_comp_value(real_pk, g->real_pk); 1858 uint64_t comp_val = calculate_comp_value(real_pk, g->real_pk);
1859 1859
@@ -2046,7 +2046,7 @@ static void handle_message_packet_group(Group_Chats *g_c, int groupnumber, const
2046 uint16_t new_peer_number; 2046 uint16_t new_peer_number;
2047 memcpy(&new_peer_number, msg_data, sizeof(uint16_t)); 2047 memcpy(&new_peer_number, msg_data, sizeof(uint16_t));
2048 new_peer_number = ntohs(new_peer_number); 2048 new_peer_number = ntohs(new_peer_number);
2049 addpeer(g_c, groupnumber, msg_data + sizeof(uint16_t), msg_data + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES, 2049 addpeer(g_c, groupnumber, msg_data + sizeof(uint16_t), msg_data + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE,
2050 new_peer_number, userdata, true); 2050 new_peer_number, userdata, true);
2051 } 2051 }
2052 break; 2052 break;
@@ -2212,7 +2212,7 @@ static unsigned int lossy_packet_not_received(Group_c *g, int peer_index, uint16
2212 uint16_t top_distance = message_number - g->group[peer_index].top_lossy_number; 2212 uint16_t top_distance = message_number - g->group[peer_index].top_lossy_number;
2213 2213
2214 if (top_distance >= MAX_LOSSY_COUNT) { 2214 if (top_distance >= MAX_LOSSY_COUNT) {
2215 sodium_memzero(g->group[peer_index].recv_lossy, sizeof(g->group[peer_index].recv_lossy)); 2215 crypto_memzero(g->group[peer_index].recv_lossy, sizeof(g->group[peer_index].recv_lossy));
2216 g->group[peer_index].top_lossy_number = message_number; 2216 g->group[peer_index].top_lossy_number = message_number;
2217 g->group[peer_index].bottom_lossy_number = (message_number - MAX_LOSSY_COUNT) + 1; 2217 g->group[peer_index].bottom_lossy_number = (message_number - MAX_LOSSY_COUNT) + 1;
2218 g->group[peer_index].recv_lossy[message_number % MAX_LOSSY_COUNT] = 1; 2218 g->group[peer_index].recv_lossy[message_number % MAX_LOSSY_COUNT] = 1;
diff --git a/toxcore/group.h b/toxcore/group.h
index 54d75028..f9cc1362 100644
--- a/toxcore/group.h
+++ b/toxcore/group.h
@@ -41,8 +41,8 @@ enum {
41#define MAX_LOSSY_COUNT 256 41#define MAX_LOSSY_COUNT 256
42 42
43typedef struct { 43typedef struct {
44 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 44 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
45 uint8_t temp_pk[crypto_box_PUBLICKEYBYTES]; 45 uint8_t temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
46 46
47 uint64_t last_recv; 47 uint64_t last_recv;
48 uint32_t last_message_number; 48 uint32_t last_message_number;
@@ -60,7 +60,7 @@ typedef struct {
60 60
61#define DESIRED_CLOSE_CONNECTIONS 4 61#define DESIRED_CLOSE_CONNECTIONS 4
62#define MAX_GROUP_CONNECTIONS 16 62#define MAX_GROUP_CONNECTIONS 16
63#define GROUP_IDENTIFIER_LENGTH (1 + crypto_box_KEYBYTES) /* type + crypto_box_KEYBYTES so we can use new_symmetric_key(...) to fill it */ 63#define GROUP_IDENTIFIER_LENGTH (1 + CRYPTO_SYMMETRIC_KEY_SIZE) /* type + CRYPTO_SYMMETRIC_KEY_SIZE so we can use new_symmetric_key(...) to fill it */
64 64
65enum { 65enum {
66 GROUPCHAT_CLOSE_NONE, 66 GROUPCHAT_CLOSE_NONE,
@@ -81,11 +81,11 @@ typedef struct {
81 uint16_t group_number; 81 uint16_t group_number;
82 } close[MAX_GROUP_CONNECTIONS]; 82 } close[MAX_GROUP_CONNECTIONS];
83 83
84 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 84 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
85 struct { 85 struct {
86 uint8_t entry; 86 uint8_t entry;
87 uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; 87 uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE];
88 uint8_t temp_pk[crypto_box_PUBLICKEYBYTES]; 88 uint8_t temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
89 } closest_peers[DESIRED_CLOSE_CONNECTIONS]; 89 } closest_peers[DESIRED_CLOSE_CONNECTIONS];
90 uint8_t changed; 90 uint8_t changed;
91 91
@@ -180,7 +180,7 @@ int add_groupchat(Group_Chats *g_c, uint8_t type);
180int del_groupchat(Group_Chats *g_c, int groupnumber); 180int del_groupchat(Group_Chats *g_c, int groupnumber);
181 181
182/* Copy the public key of peernumber who is in groupnumber to pk. 182/* Copy the public key of peernumber who is in groupnumber to pk.
183 * pk must be crypto_box_PUBLICKEYBYTES long. 183 * pk must be CRYPTO_PUBLIC_KEY_SIZE long.
184 * 184 *
185 * return 0 on success 185 * return 0 on success
186 * return -1 if groupnumber is invalid. 186 * return -1 if groupnumber is invalid.
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c
index 269d03a3..d4dd5ff8 100644
--- a/toxcore/net_crypto.c
+++ b/toxcore/net_crypto.c
@@ -53,13 +53,13 @@ static uint8_t crypt_connection_id_not_valid(const Net_Crypto *c, int crypt_conn
53 53
54/* cookie timeout in seconds */ 54/* cookie timeout in seconds */
55#define COOKIE_TIMEOUT 15 55#define COOKIE_TIMEOUT 15
56#define COOKIE_DATA_LENGTH (crypto_box_PUBLICKEYBYTES * 2) 56#define COOKIE_DATA_LENGTH (CRYPTO_PUBLIC_KEY_SIZE * 2)
57#define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_DATA_LENGTH) 57#define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_DATA_LENGTH)
58#define COOKIE_LENGTH (crypto_box_NONCEBYTES + COOKIE_CONTENTS_LENGTH + crypto_box_MACBYTES) 58#define COOKIE_LENGTH (CRYPTO_NONCE_SIZE + COOKIE_CONTENTS_LENGTH + CRYPTO_MAC_SIZE)
59 59
60#define COOKIE_REQUEST_PLAIN_LENGTH (COOKIE_DATA_LENGTH + sizeof(uint64_t)) 60#define COOKIE_REQUEST_PLAIN_LENGTH (COOKIE_DATA_LENGTH + sizeof(uint64_t))
61#define COOKIE_REQUEST_LENGTH (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES) 61#define COOKIE_REQUEST_LENGTH (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE)
62#define COOKIE_RESPONSE_LENGTH (1 + crypto_box_NONCEBYTES + COOKIE_LENGTH + sizeof(uint64_t) + crypto_box_MACBYTES) 62#define COOKIE_RESPONSE_LENGTH (1 + CRYPTO_NONCE_SIZE + COOKIE_LENGTH + sizeof(uint64_t) + CRYPTO_MAC_SIZE)
63 63
64/* Create a cookie request packet and put it in packet. 64/* Create a cookie request packet and put it in packet.
65 * dht_public_key is the dht public key of the other 65 * dht_public_key is the dht public key of the other
@@ -73,26 +73,26 @@ static int create_cookie_request(const Net_Crypto *c, uint8_t *packet, uint8_t *
73 uint8_t *shared_key) 73 uint8_t *shared_key)
74{ 74{
75 uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH]; 75 uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH];
76 uint8_t padding[crypto_box_PUBLICKEYBYTES] = {0}; 76 uint8_t padding[CRYPTO_PUBLIC_KEY_SIZE] = {0};
77 77
78 memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES); 78 memcpy(plain, c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
79 memcpy(plain + crypto_box_PUBLICKEYBYTES, padding, crypto_box_PUBLICKEYBYTES); 79 memcpy(plain + CRYPTO_PUBLIC_KEY_SIZE, padding, CRYPTO_PUBLIC_KEY_SIZE);
80 memcpy(plain + (crypto_box_PUBLICKEYBYTES * 2), &number, sizeof(uint64_t)); 80 memcpy(plain + (CRYPTO_PUBLIC_KEY_SIZE * 2), &number, sizeof(uint64_t));
81 81
82 DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); 82 DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key);
83 uint8_t nonce[crypto_box_NONCEBYTES]; 83 uint8_t nonce[CRYPTO_NONCE_SIZE];
84 random_nonce(nonce); 84 random_nonce(nonce);
85 packet[0] = NET_PACKET_COOKIE_REQUEST; 85 packet[0] = NET_PACKET_COOKIE_REQUEST;
86 memcpy(packet + 1, c->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 86 memcpy(packet + 1, c->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
87 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); 87 memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE);
88 int len = encrypt_data_symmetric(shared_key, nonce, plain, sizeof(plain), 88 int len = encrypt_data_symmetric(shared_key, nonce, plain, sizeof(plain),
89 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); 89 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);
90 90
91 if (len != COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES) { 91 if (len != COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE) {
92 return -1; 92 return -1;
93 } 93 }
94 94
95 return (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + len); 95 return (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + len);
96} 96}
97 97
98/* Create cookie of length COOKIE_LENGTH from bytes of length COOKIE_DATA_LENGTH using encryption_key 98/* Create cookie of length COOKIE_LENGTH from bytes of length COOKIE_DATA_LENGTH using encryption_key
@@ -107,9 +107,9 @@ static int create_cookie(uint8_t *cookie, const uint8_t *bytes, const uint8_t *e
107 memcpy(contents, &temp_time, sizeof(temp_time)); 107 memcpy(contents, &temp_time, sizeof(temp_time));
108 memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH); 108 memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH);
109 random_nonce(cookie); 109 random_nonce(cookie);
110 int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + crypto_box_NONCEBYTES); 110 int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + CRYPTO_NONCE_SIZE);
111 111
112 if (len != COOKIE_LENGTH - crypto_box_NONCEBYTES) { 112 if (len != COOKIE_LENGTH - CRYPTO_NONCE_SIZE) {
113 return -1; 113 return -1;
114 } 114 }
115 115
@@ -124,8 +124,8 @@ static int create_cookie(uint8_t *cookie, const uint8_t *bytes, const uint8_t *e
124static int open_cookie(uint8_t *bytes, const uint8_t *cookie, const uint8_t *encryption_key) 124static int open_cookie(uint8_t *bytes, const uint8_t *cookie, const uint8_t *encryption_key)
125{ 125{
126 uint8_t contents[COOKIE_CONTENTS_LENGTH]; 126 uint8_t contents[COOKIE_CONTENTS_LENGTH];
127 int len = decrypt_data_symmetric(encryption_key, cookie, cookie + crypto_box_NONCEBYTES, 127 int len = decrypt_data_symmetric(encryption_key, cookie, cookie + CRYPTO_NONCE_SIZE,
128 COOKIE_LENGTH - crypto_box_NONCEBYTES, contents); 128 COOKIE_LENGTH - CRYPTO_NONCE_SIZE, contents);
129 129
130 if (len != sizeof(contents)) { 130 if (len != sizeof(contents)) {
131 return -1; 131 return -1;
@@ -155,8 +155,8 @@ static int create_cookie_response(const Net_Crypto *c, uint8_t *packet, const ui
155 const uint8_t *shared_key, const uint8_t *dht_public_key) 155 const uint8_t *shared_key, const uint8_t *dht_public_key)
156{ 156{
157 uint8_t cookie_plain[COOKIE_DATA_LENGTH]; 157 uint8_t cookie_plain[COOKIE_DATA_LENGTH];
158 memcpy(cookie_plain, request_plain, crypto_box_PUBLICKEYBYTES); 158 memcpy(cookie_plain, request_plain, CRYPTO_PUBLIC_KEY_SIZE);
159 memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, dht_public_key, crypto_box_PUBLICKEYBYTES); 159 memcpy(cookie_plain + CRYPTO_PUBLIC_KEY_SIZE, dht_public_key, CRYPTO_PUBLIC_KEY_SIZE);
160 uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; 160 uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)];
161 161
162 if (create_cookie(plain, cookie_plain, c->secret_symmetric_key) != 0) { 162 if (create_cookie(plain, cookie_plain, c->secret_symmetric_key) != 0) {
@@ -166,9 +166,9 @@ static int create_cookie_response(const Net_Crypto *c, uint8_t *packet, const ui
166 memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t)); 166 memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t));
167 packet[0] = NET_PACKET_COOKIE_RESPONSE; 167 packet[0] = NET_PACKET_COOKIE_RESPONSE;
168 random_nonce(packet + 1); 168 random_nonce(packet + 1);
169 int len = encrypt_data_symmetric(shared_key, packet + 1, plain, sizeof(plain), packet + 1 + crypto_box_NONCEBYTES); 169 int len = encrypt_data_symmetric(shared_key, packet + 1, plain, sizeof(plain), packet + 1 + CRYPTO_NONCE_SIZE);
170 170
171 if (len != COOKIE_RESPONSE_LENGTH - (1 + crypto_box_NONCEBYTES)) { 171 if (len != COOKIE_RESPONSE_LENGTH - (1 + CRYPTO_NONCE_SIZE)) {
172 return -1; 172 return -1;
173 } 173 }
174 174
@@ -177,7 +177,7 @@ static int create_cookie_response(const Net_Crypto *c, uint8_t *packet, const ui
177 177
178/* Handle the cookie request packet of length length. 178/* Handle the cookie request packet of length length.
179 * Put what was in the request in request_plain (must be of size COOKIE_REQUEST_PLAIN_LENGTH) 179 * Put what was in the request in request_plain (must be of size COOKIE_REQUEST_PLAIN_LENGTH)
180 * Put the key used to decrypt the request into shared_key (of size crypto_box_BEFORENMBYTES) for use in the response. 180 * Put the key used to decrypt the request into shared_key (of size CRYPTO_SHARED_KEY_SIZE) for use in the response.
181 * 181 *
182 * return -1 on failure. 182 * return -1 on failure.
183 * return 0 on success. 183 * return 0 on success.
@@ -189,10 +189,10 @@ static int handle_cookie_request(const Net_Crypto *c, uint8_t *request_plain, ui
189 return -1; 189 return -1;
190 } 190 }
191 191
192 memcpy(dht_public_key, packet + 1, crypto_box_PUBLICKEYBYTES); 192 memcpy(dht_public_key, packet + 1, CRYPTO_PUBLIC_KEY_SIZE);
193 DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); 193 DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key);
194 int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES, 194 int len = decrypt_data_symmetric(shared_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
195 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES, 195 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE,
196 request_plain); 196 request_plain);
197 197
198 if (len != COOKIE_REQUEST_PLAIN_LENGTH) { 198 if (len != COOKIE_REQUEST_PLAIN_LENGTH) {
@@ -209,8 +209,8 @@ static int udp_handle_cookie_request(void *object, IP_Port source, const uint8_t
209{ 209{
210 Net_Crypto *c = (Net_Crypto *)object; 210 Net_Crypto *c = (Net_Crypto *)object;
211 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; 211 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH];
212 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 212 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
213 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; 213 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE];
214 214
215 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) { 215 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) {
216 return 1; 216 return 1;
@@ -234,8 +234,8 @@ static int udp_handle_cookie_request(void *object, IP_Port source, const uint8_t
234static int tcp_handle_cookie_request(Net_Crypto *c, int connections_number, const uint8_t *packet, uint16_t length) 234static int tcp_handle_cookie_request(Net_Crypto *c, int connections_number, const uint8_t *packet, uint16_t length)
235{ 235{
236 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; 236 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH];
237 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 237 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
238 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; 238 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE];
239 239
240 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) { 240 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) {
241 return -1; 241 return -1;
@@ -257,8 +257,8 @@ static int tcp_oob_handle_cookie_request(const Net_Crypto *c, unsigned int tcp_c
257 const uint8_t *dht_public_key, const uint8_t *packet, uint16_t length) 257 const uint8_t *dht_public_key, const uint8_t *packet, uint16_t length)
258{ 258{
259 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; 259 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH];
260 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 260 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
261 uint8_t dht_public_key_temp[crypto_box_PUBLICKEYBYTES]; 261 uint8_t dht_public_key_temp[CRYPTO_PUBLIC_KEY_SIZE];
262 262
263 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0) { 263 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0) {
264 return -1; 264 return -1;
@@ -294,8 +294,8 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, const uint8
294 } 294 }
295 295
296 uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; 296 uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)];
297 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, 297 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE,
298 length - (1 + crypto_box_NONCEBYTES), plain); 298 length - (1 + CRYPTO_NONCE_SIZE), plain);
299 299
300 if (len != sizeof(plain)) { 300 if (len != sizeof(plain)) {
301 return -1; 301 return -1;
@@ -306,7 +306,7 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, const uint8
306 return COOKIE_LENGTH; 306 return COOKIE_LENGTH;
307} 307}
308 308
309#define HANDSHAKE_PACKET_LENGTH (1 + COOKIE_LENGTH + crypto_box_NONCEBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH + crypto_box_MACBYTES) 309#define HANDSHAKE_PACKET_LENGTH (1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE + COOKIE_LENGTH + CRYPTO_MAC_SIZE)
310 310
311/* Create a handshake packet and put it in packet. 311/* Create a handshake packet and put it in packet.
312 * cookie must be COOKIE_LENGTH bytes. 312 * cookie must be COOKIE_LENGTH bytes.
@@ -318,24 +318,24 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, const uint8
318static int create_crypto_handshake(const Net_Crypto *c, uint8_t *packet, const uint8_t *cookie, const uint8_t *nonce, 318static int create_crypto_handshake(const Net_Crypto *c, uint8_t *packet, const uint8_t *cookie, const uint8_t *nonce,
319 const uint8_t *session_pk, const uint8_t *peer_real_pk, const uint8_t *peer_dht_pubkey) 319 const uint8_t *session_pk, const uint8_t *peer_real_pk, const uint8_t *peer_dht_pubkey)
320{ 320{
321 uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH]; 321 uint8_t plain[CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE + COOKIE_LENGTH];
322 memcpy(plain, nonce, crypto_box_NONCEBYTES); 322 memcpy(plain, nonce, CRYPTO_NONCE_SIZE);
323 memcpy(plain + crypto_box_NONCEBYTES, session_pk, crypto_box_PUBLICKEYBYTES); 323 memcpy(plain + CRYPTO_NONCE_SIZE, session_pk, CRYPTO_PUBLIC_KEY_SIZE);
324 crypto_hash_sha512(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, cookie, COOKIE_LENGTH); 324 crypto_sha512(plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, cookie, COOKIE_LENGTH);
325 uint8_t cookie_plain[COOKIE_DATA_LENGTH]; 325 uint8_t cookie_plain[COOKIE_DATA_LENGTH];
326 memcpy(cookie_plain, peer_real_pk, crypto_box_PUBLICKEYBYTES); 326 memcpy(cookie_plain, peer_real_pk, CRYPTO_PUBLIC_KEY_SIZE);
327 memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, peer_dht_pubkey, crypto_box_PUBLICKEYBYTES); 327 memcpy(cookie_plain + CRYPTO_PUBLIC_KEY_SIZE, peer_dht_pubkey, CRYPTO_PUBLIC_KEY_SIZE);
328 328
329 if (create_cookie(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, cookie_plain, 329 if (create_cookie(plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE, cookie_plain,
330 c->secret_symmetric_key) != 0) { 330 c->secret_symmetric_key) != 0) {
331 return -1; 331 return -1;
332 } 332 }
333 333
334 random_nonce(packet + 1 + COOKIE_LENGTH); 334 random_nonce(packet + 1 + COOKIE_LENGTH);
335 int len = encrypt_data(peer_real_pk, c->self_secret_key, packet + 1 + COOKIE_LENGTH, plain, sizeof(plain), 335 int len = encrypt_data(peer_real_pk, c->self_secret_key, packet + 1 + COOKIE_LENGTH, plain, sizeof(plain),
336 packet + 1 + COOKIE_LENGTH + crypto_box_NONCEBYTES); 336 packet + 1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE);
337 337
338 if (len != HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + crypto_box_NONCEBYTES)) { 338 if (len != HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE)) {
339 return -1; 339 return -1;
340 } 340 }
341 341
@@ -355,9 +355,9 @@ static int create_crypto_handshake(const Net_Crypto *c, uint8_t *packet, const u
355 * if expected_real_pk isn't NULL it denotes the real public key 355 * if expected_real_pk isn't NULL it denotes the real public key
356 * the packet should be from. 356 * the packet should be from.
357 * 357 *
358 * nonce must be at least crypto_box_NONCEBYTES 358 * nonce must be at least CRYPTO_NONCE_SIZE
359 * session_pk must be at least crypto_box_PUBLICKEYBYTES 359 * session_pk must be at least CRYPTO_PUBLIC_KEY_SIZE
360 * peer_real_pk must be at least crypto_box_PUBLICKEYBYTES 360 * peer_real_pk must be at least CRYPTO_PUBLIC_KEY_SIZE
361 * cookie must be at least COOKIE_LENGTH 361 * cookie must be at least COOKIE_LENGTH
362 * 362 *
363 * return -1 on failure. 363 * return -1 on failure.
@@ -382,28 +382,28 @@ static int handle_crypto_handshake(const Net_Crypto *c, uint8_t *nonce, uint8_t
382 } 382 }
383 } 383 }
384 384
385 uint8_t cookie_hash[crypto_hash_sha512_BYTES]; 385 uint8_t cookie_hash[CRYPTO_SHA512_SIZE];
386 crypto_hash_sha512(cookie_hash, packet + 1, COOKIE_LENGTH); 386 crypto_sha512(cookie_hash, packet + 1, COOKIE_LENGTH);
387 387
388 uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH]; 388 uint8_t plain[CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE + COOKIE_LENGTH];
389 int len = decrypt_data(cookie_plain, c->self_secret_key, packet + 1 + COOKIE_LENGTH, 389 int len = decrypt_data(cookie_plain, c->self_secret_key, packet + 1 + COOKIE_LENGTH,
390 packet + 1 + COOKIE_LENGTH + crypto_box_NONCEBYTES, 390 packet + 1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE,
391 HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + crypto_box_NONCEBYTES), plain); 391 HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE), plain);
392 392
393 if (len != sizeof(plain)) { 393 if (len != sizeof(plain)) {
394 return -1; 394 return -1;
395 } 395 }
396 396
397 if (sodium_memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, 397 if (crypto_memcmp(cookie_hash, plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
398 crypto_hash_sha512_BYTES) != 0) { 398 CRYPTO_SHA512_SIZE) != 0) {
399 return -1; 399 return -1;
400 } 400 }
401 401
402 memcpy(nonce, plain, crypto_box_NONCEBYTES); 402 memcpy(nonce, plain, CRYPTO_NONCE_SIZE);
403 memcpy(session_pk, plain + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES); 403 memcpy(session_pk, plain + CRYPTO_NONCE_SIZE, CRYPTO_PUBLIC_KEY_SIZE);
404 memcpy(cookie, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, COOKIE_LENGTH); 404 memcpy(cookie, plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE, COOKIE_LENGTH);
405 memcpy(peer_real_pk, cookie_plain, crypto_box_PUBLICKEYBYTES); 405 memcpy(peer_real_pk, cookie_plain, CRYPTO_PUBLIC_KEY_SIZE);
406 memcpy(dht_public_key, cookie_plain + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); 406 memcpy(dht_public_key, cookie_plain + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE);
407 return 0; 407 return 0;
408} 408}
409 409
@@ -884,7 +884,7 @@ static int handle_request_packet(Packets_Array *send_array, const uint8_t *data,
884 884
885/** END: Array Related functions **/ 885/** END: Array Related functions **/
886 886
887#define MAX_DATA_DATA_PACKET_SIZE (MAX_CRYPTO_PACKET_SIZE - (1 + sizeof(uint16_t) + crypto_box_MACBYTES)) 887#define MAX_DATA_DATA_PACKET_SIZE (MAX_CRYPTO_PACKET_SIZE - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE))
888 888
889/* Creates and sends a data packet to the peer using the fastest route. 889/* Creates and sends a data packet to the peer using the fastest route.
890 * 890 *
@@ -893,7 +893,7 @@ static int handle_request_packet(Packets_Array *send_array, const uint8_t *data,
893 */ 893 */
894static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length) 894static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length)
895{ 895{
896 if (length == 0 || length + (1 + sizeof(uint16_t) + crypto_box_MACBYTES) > MAX_CRYPTO_PACKET_SIZE) { 896 if (length == 0 || length + (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) > MAX_CRYPTO_PACKET_SIZE) {
897 return -1; 897 return -1;
898 } 898 }
899 899
@@ -904,9 +904,9 @@ static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_
904 } 904 }
905 905
906 pthread_mutex_lock(&conn->mutex); 906 pthread_mutex_lock(&conn->mutex);
907 uint8_t packet[1 + sizeof(uint16_t) + length + crypto_box_MACBYTES]; 907 uint8_t packet[1 + sizeof(uint16_t) + length + CRYPTO_MAC_SIZE];
908 packet[0] = NET_PACKET_CRYPTO_DATA; 908 packet[0] = NET_PACKET_CRYPTO_DATA;
909 memcpy(packet + 1, conn->sent_nonce + (crypto_box_NONCEBYTES - sizeof(uint16_t)), sizeof(uint16_t)); 909 memcpy(packet + 1, conn->sent_nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t));
910 int len = encrypt_data_symmetric(conn->shared_key, conn->sent_nonce, data, length, packet + 1 + sizeof(uint16_t)); 910 int len = encrypt_data_symmetric(conn->shared_key, conn->sent_nonce, data, length, packet + 1 + sizeof(uint16_t));
911 911
912 if (len + 1 + sizeof(uint16_t) != sizeof(packet)) { 912 if (len + 1 + sizeof(uint16_t) != sizeof(packet)) {
@@ -1042,7 +1042,7 @@ static int64_t send_lossless_packet(Net_Crypto *c, int crypt_connection_id, cons
1042static uint16_t get_nonce_uint16(const uint8_t *nonce) 1042static uint16_t get_nonce_uint16(const uint8_t *nonce)
1043{ 1043{
1044 uint16_t num; 1044 uint16_t num;
1045 memcpy(&num, nonce + (crypto_box_NONCEBYTES - sizeof(uint16_t)), sizeof(uint16_t)); 1045 memcpy(&num, nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t));
1046 return ntohs(num); 1046 return ntohs(num);
1047} 1047}
1048 1048
@@ -1058,7 +1058,7 @@ static uint16_t get_nonce_uint16(const uint8_t *nonce)
1058static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint8_t *data, const uint8_t *packet, 1058static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint8_t *data, const uint8_t *packet,
1059 uint16_t length) 1059 uint16_t length)
1060{ 1060{
1061 if (length <= (1 + sizeof(uint16_t) + crypto_box_MACBYTES) || length > MAX_CRYPTO_PACKET_SIZE) { 1061 if (length <= (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) || length > MAX_CRYPTO_PACKET_SIZE) {
1062 return -1; 1062 return -1;
1063 } 1063 }
1064 1064
@@ -1068,8 +1068,8 @@ static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint
1068 return -1; 1068 return -1;
1069 } 1069 }
1070 1070
1071 uint8_t nonce[crypto_box_NONCEBYTES]; 1071 uint8_t nonce[CRYPTO_NONCE_SIZE];
1072 memcpy(nonce, conn->recv_nonce, crypto_box_NONCEBYTES); 1072 memcpy(nonce, conn->recv_nonce, CRYPTO_NONCE_SIZE);
1073 uint16_t num_cur_nonce = get_nonce_uint16(nonce); 1073 uint16_t num_cur_nonce = get_nonce_uint16(nonce);
1074 uint16_t num; 1074 uint16_t num;
1075 memcpy(&num, packet + 1, sizeof(uint16_t)); 1075 memcpy(&num, packet + 1, sizeof(uint16_t));
@@ -1079,7 +1079,7 @@ static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint
1079 int len = decrypt_data_symmetric(conn->shared_key, nonce, packet + 1 + sizeof(uint16_t), 1079 int len = decrypt_data_symmetric(conn->shared_key, nonce, packet + 1 + sizeof(uint16_t),
1080 length - (1 + sizeof(uint16_t)), data); 1080 length - (1 + sizeof(uint16_t)), data);
1081 1081
1082 if ((unsigned int)len != length - (1 + sizeof(uint16_t) + crypto_box_MACBYTES)) { 1082 if ((unsigned int)len != length - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE)) {
1083 return -1; 1083 return -1;
1084 } 1084 }
1085 1085
@@ -1509,8 +1509,8 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, cons
1509 case NET_PACKET_CRYPTO_HS: { 1509 case NET_PACKET_CRYPTO_HS: {
1510 if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT 1510 if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT
1511 || conn->status == CRYPTO_CONN_NOT_CONFIRMED) { 1511 || conn->status == CRYPTO_CONN_NOT_CONFIRMED) {
1512 uint8_t peer_real_pk[crypto_box_PUBLICKEYBYTES]; 1512 uint8_t peer_real_pk[CRYPTO_PUBLIC_KEY_SIZE];
1513 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; 1513 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE];
1514 uint8_t cookie[COOKIE_LENGTH]; 1514 uint8_t cookie[COOKIE_LENGTH];
1515 1515
1516 if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, dht_public_key, cookie, 1516 if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, dht_public_key, cookie,
@@ -1636,7 +1636,7 @@ static int wipe_crypto_connection(Net_Crypto *c, int crypt_connection_id)
1636 1636
1637 /* Keep mutex, only destroy it when connection is realloced out. */ 1637 /* Keep mutex, only destroy it when connection is realloced out. */
1638 pthread_mutex_t mutex = c->crypto_connections[crypt_connection_id].mutex; 1638 pthread_mutex_t mutex = c->crypto_connections[crypt_connection_id].mutex;
1639 sodium_memzero(&(c->crypto_connections[crypt_connection_id]), sizeof(Crypto_Connection)); 1639 crypto_memzero(&(c->crypto_connections[crypt_connection_id]), sizeof(Crypto_Connection));
1640 c->crypto_connections[crypt_connection_id].mutex = mutex; 1640 c->crypto_connections[crypt_connection_id].mutex = mutex;
1641 1641
1642 for (i = c->crypto_connections_length; i != 0; --i) { 1642 for (i = c->crypto_connections_length; i != 0; --i) {
@@ -1763,8 +1763,8 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, const
1763 int ret = -1; 1763 int ret = -1;
1764 1764
1765 if (conn && (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT)) { 1765 if (conn && (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT)) {
1766 memcpy(conn->recv_nonce, n_c.recv_nonce, crypto_box_NONCEBYTES); 1766 memcpy(conn->recv_nonce, n_c.recv_nonce, CRYPTO_NONCE_SIZE);
1767 memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, crypto_box_PUBLICKEYBYTES); 1767 memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE);
1768 encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); 1768 encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key);
1769 1769
1770 crypto_connection_add_source(c, crypt_connection_id, source); 1770 crypto_connection_add_source(c, crypt_connection_id, source);
@@ -1817,11 +1817,11 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c)
1817 } 1817 }
1818 1818
1819 conn->connection_number_tcp = connection_number_tcp; 1819 conn->connection_number_tcp = connection_number_tcp;
1820 memcpy(conn->public_key, n_c->public_key, crypto_box_PUBLICKEYBYTES); 1820 memcpy(conn->public_key, n_c->public_key, CRYPTO_PUBLIC_KEY_SIZE);
1821 memcpy(conn->recv_nonce, n_c->recv_nonce, crypto_box_NONCEBYTES); 1821 memcpy(conn->recv_nonce, n_c->recv_nonce, CRYPTO_NONCE_SIZE);
1822 memcpy(conn->peersessionpublic_key, n_c->peersessionpublic_key, crypto_box_PUBLICKEYBYTES); 1822 memcpy(conn->peersessionpublic_key, n_c->peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE);
1823 random_nonce(conn->sent_nonce); 1823 random_nonce(conn->sent_nonce);
1824 crypto_box_keypair(conn->sessionpublic_key, conn->sessionsecret_key); 1824 crypto_new_keypair(conn->sessionpublic_key, conn->sessionsecret_key);
1825 encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); 1825 encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key);
1826 conn->status = CRYPTO_CONN_NOT_CONFIRMED; 1826 conn->status = CRYPTO_CONN_NOT_CONFIRMED;
1827 1827
@@ -1833,7 +1833,7 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c)
1833 return -1; 1833 return -1;
1834 } 1834 }
1835 1835
1836 memcpy(conn->dht_public_key, n_c->dht_public_key, crypto_box_PUBLICKEYBYTES); 1836 memcpy(conn->dht_public_key, n_c->dht_public_key, CRYPTO_PUBLIC_KEY_SIZE);
1837 conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; 1837 conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE;
1838 conn->packet_send_rate_requested = CRYPTO_PACKET_MIN_RATE; 1838 conn->packet_send_rate_requested = CRYPTO_PACKET_MIN_RATE;
1839 conn->packets_left = CRYPTO_MIN_QUEUE_LENGTH; 1839 conn->packets_left = CRYPTO_MIN_QUEUE_LENGTH;
@@ -1877,15 +1877,15 @@ int new_crypto_connection(Net_Crypto *c, const uint8_t *real_public_key, const u
1877 } 1877 }
1878 1878
1879 conn->connection_number_tcp = connection_number_tcp; 1879 conn->connection_number_tcp = connection_number_tcp;
1880 memcpy(conn->public_key, real_public_key, crypto_box_PUBLICKEYBYTES); 1880 memcpy(conn->public_key, real_public_key, CRYPTO_PUBLIC_KEY_SIZE);
1881 random_nonce(conn->sent_nonce); 1881 random_nonce(conn->sent_nonce);
1882 crypto_box_keypair(conn->sessionpublic_key, conn->sessionsecret_key); 1882 crypto_new_keypair(conn->sessionpublic_key, conn->sessionsecret_key);
1883 conn->status = CRYPTO_CONN_COOKIE_REQUESTING; 1883 conn->status = CRYPTO_CONN_COOKIE_REQUESTING;
1884 conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; 1884 conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE;
1885 conn->packet_send_rate_requested = CRYPTO_PACKET_MIN_RATE; 1885 conn->packet_send_rate_requested = CRYPTO_PACKET_MIN_RATE;
1886 conn->packets_left = CRYPTO_MIN_QUEUE_LENGTH; 1886 conn->packets_left = CRYPTO_MIN_QUEUE_LENGTH;
1887 conn->rtt_time = DEFAULT_PING_CONNECTION; 1887 conn->rtt_time = DEFAULT_PING_CONNECTION;
1888 memcpy(conn->dht_public_key, dht_public_key, crypto_box_PUBLICKEYBYTES); 1888 memcpy(conn->dht_public_key, dht_public_key, CRYPTO_PUBLIC_KEY_SIZE);
1889 1889
1890 conn->cookie_request_number = random_64b(); 1890 conn->cookie_request_number = random_64b();
1891 uint8_t cookie_request[COOKIE_REQUEST_LENGTH]; 1891 uint8_t cookie_request[COOKIE_REQUEST_LENGTH];
@@ -2221,7 +2221,7 @@ static int crypto_id_ip_port(const Net_Crypto *c, IP_Port ip_port)
2221 return bs_list_find(&c->ip_port_list, (uint8_t *)&ip_port); 2221 return bs_list_find(&c->ip_port_list, (uint8_t *)&ip_port);
2222} 2222}
2223 2223
2224#define CRYPTO_MIN_PACKET_SIZE (1 + sizeof(uint16_t) + crypto_box_MACBYTES) 2224#define CRYPTO_MIN_PACKET_SIZE (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE)
2225 2225
2226/* Handle raw UDP packets coming directly from the socket. 2226/* Handle raw UDP packets coming directly from the socket.
2227 * 2227 *
@@ -2752,27 +2752,27 @@ unsigned int crypto_connection_status(const Net_Crypto *c, int crypt_connection_
2752 2752
2753void new_keys(Net_Crypto *c) 2753void new_keys(Net_Crypto *c)
2754{ 2754{
2755 crypto_box_keypair(c->self_public_key, c->self_secret_key); 2755 crypto_new_keypair(c->self_public_key, c->self_secret_key);
2756} 2756}
2757 2757
2758/* Save the public and private keys to the keys array. 2758/* Save the public and private keys to the keys array.
2759 * Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES. 2759 * Length must be CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE.
2760 * 2760 *
2761 * TODO(irungentoo): Save only secret key. 2761 * TODO(irungentoo): Save only secret key.
2762 */ 2762 */
2763void save_keys(const Net_Crypto *c, uint8_t *keys) 2763void save_keys(const Net_Crypto *c, uint8_t *keys)
2764{ 2764{
2765 memcpy(keys, c->self_public_key, crypto_box_PUBLICKEYBYTES); 2765 memcpy(keys, c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
2766 memcpy(keys + crypto_box_PUBLICKEYBYTES, c->self_secret_key, crypto_box_SECRETKEYBYTES); 2766 memcpy(keys + CRYPTO_PUBLIC_KEY_SIZE, c->self_secret_key, CRYPTO_SECRET_KEY_SIZE);
2767} 2767}
2768 2768
2769/* Load the secret key. 2769/* Load the secret key.
2770 * Length must be crypto_box_SECRETKEYBYTES. 2770 * Length must be CRYPTO_SECRET_KEY_SIZE.
2771 */ 2771 */
2772void load_secret_key(Net_Crypto *c, const uint8_t *sk) 2772void load_secret_key(Net_Crypto *c, const uint8_t *sk)
2773{ 2773{
2774 memcpy(c->self_secret_key, sk, crypto_box_SECRETKEYBYTES); 2774 memcpy(c->self_secret_key, sk, CRYPTO_SECRET_KEY_SIZE);
2775 crypto_scalarmult_curve25519_base(c->self_public_key, c->self_secret_key); 2775 crypto_derive_public_key(c->self_public_key, c->self_secret_key);
2776} 2776}
2777 2777
2778/* Run this to (re)initialize net_crypto. 2778/* Run this to (re)initialize net_crypto.
@@ -2896,6 +2896,6 @@ void kill_net_crypto(Net_Crypto *c)
2896 networking_registerhandler(c->dht->net, NET_PACKET_COOKIE_RESPONSE, NULL, NULL); 2896 networking_registerhandler(c->dht->net, NET_PACKET_COOKIE_RESPONSE, NULL, NULL);
2897 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_HS, NULL, NULL); 2897 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_HS, NULL, NULL);
2898 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_DATA, NULL, NULL); 2898 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_DATA, NULL, NULL);
2899 sodium_memzero(c, sizeof(Net_Crypto)); 2899 crypto_memzero(c, sizeof(Net_Crypto));
2900 free(c); 2900 free(c);
2901} 2901}
diff --git a/toxcore/net_crypto.h b/toxcore/net_crypto.h
index b27a05e7..81885338 100644
--- a/toxcore/net_crypto.h
+++ b/toxcore/net_crypto.h
@@ -49,7 +49,7 @@
49/* Maximum total size of packets that net_crypto sends. */ 49/* Maximum total size of packets that net_crypto sends. */
50#define MAX_CRYPTO_PACKET_SIZE 1400 50#define MAX_CRYPTO_PACKET_SIZE 1400
51 51
52#define CRYPTO_DATA_PACKET_MIN_SIZE (1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + crypto_box_MACBYTES) 52#define CRYPTO_DATA_PACKET_MIN_SIZE (1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + CRYPTO_MAC_SIZE)
53 53
54/* Max size of data in packets */ 54/* Max size of data in packets */
55#define MAX_CRYPTO_DATA_SIZE (MAX_CRYPTO_PACKET_SIZE - CRYPTO_DATA_PACKET_MIN_SIZE) 55#define MAX_CRYPTO_DATA_SIZE (MAX_CRYPTO_PACKET_SIZE - CRYPTO_DATA_PACKET_MIN_SIZE)
@@ -102,20 +102,20 @@ typedef struct {
102} Packets_Array; 102} Packets_Array;
103 103
104typedef struct { 104typedef struct {
105 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The real public key of the peer. */ 105 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The real public key of the peer. */
106 uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ 106 uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */
107 uint8_t sent_nonce[crypto_box_NONCEBYTES]; /* Nonce of sent packets. */ 107 uint8_t sent_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of sent packets. */
108 uint8_t sessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* Our public key for this session. */ 108 uint8_t sessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* Our public key for this session. */
109 uint8_t sessionsecret_key[crypto_box_SECRETKEYBYTES]; /* Our private key for this session. */ 109 uint8_t sessionsecret_key[CRYPTO_SECRET_KEY_SIZE]; /* Our private key for this session. */
110 uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ 110 uint8_t peersessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The public key of the peer. */
111 uint8_t shared_key[crypto_box_BEFORENMBYTES]; /* The precomputed shared key from encrypt_precompute. */ 111 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; /* The precomputed shared key from encrypt_precompute. */
112 uint8_t status; /* 0 if no connection, 1 we are sending cookie request packets, 112 uint8_t status; /* 0 if no connection, 1 we are sending cookie request packets,
113 * 2 if we are sending handshake packets 113 * 2 if we are sending handshake packets
114 * 3 if connection is not confirmed yet (we have received a handshake but no data packets yet), 114 * 3 if connection is not confirmed yet (we have received a handshake but no data packets yet),
115 * 4 if the connection is established. 115 * 4 if the connection is established.
116 */ 116 */
117 uint64_t cookie_request_number; /* number used in the cookie request packets for this connection */ 117 uint64_t cookie_request_number; /* number used in the cookie request packets for this connection */
118 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; /* The dht public key of the peer */ 118 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer */
119 119
120 uint8_t *temp_packet; /* Where the cookie request/handshake packet is stored while it is being sent. */ 120 uint8_t *temp_packet; /* Where the cookie request/handshake packet is stored while it is being sent. */
121 uint16_t temp_packet_length; 121 uint16_t temp_packet_length;
@@ -182,10 +182,10 @@ typedef struct {
182 182
183typedef struct { 183typedef struct {
184 IP_Port source; 184 IP_Port source;
185 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The real public key of the peer. */ 185 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The real public key of the peer. */
186 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; /* The dht public key of the peer. */ 186 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer. */
187 uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ 187 uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */
188 uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ 188 uint8_t peersessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The public key of the peer. */
189 uint8_t *cookie; 189 uint8_t *cookie;
190 uint8_t cookie_length; 190 uint8_t cookie_length;
191} New_Connection; 191} New_Connection;
@@ -205,11 +205,11 @@ typedef struct {
205 uint32_t crypto_connections_length; /* Length of connections array. */ 205 uint32_t crypto_connections_length; /* Length of connections array. */
206 206
207 /* Our public and secret keys. */ 207 /* Our public and secret keys. */
208 uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; 208 uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE];
209 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 209 uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE];
210 210
211 /* The secret key used for cookies */ 211 /* The secret key used for cookies */
212 uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; 212 uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE];
213 213
214 int (*new_connection_callback)(void *object, New_Connection *n_c); 214 int (*new_connection_callback)(void *object, New_Connection *n_c);
215 void *new_connection_callback_object; 215 void *new_connection_callback_object;
@@ -400,12 +400,12 @@ unsigned int crypto_connection_status(const Net_Crypto *c, int crypt_connection_
400void new_keys(Net_Crypto *c); 400void new_keys(Net_Crypto *c);
401 401
402/* Save the public and private keys to the keys array. 402/* Save the public and private keys to the keys array.
403 * Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES. 403 * Length must be CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE.
404 */ 404 */
405void save_keys(const Net_Crypto *c, uint8_t *keys); 405void save_keys(const Net_Crypto *c, uint8_t *keys);
406 406
407/* Load the secret key. 407/* Load the secret key.
408 * Length must be crypto_box_SECRETKEYBYTES. 408 * Length must be CRYPTO_SECRET_KEY_SIZE.
409 */ 409 */
410void load_secret_key(Net_Crypto *c, const uint8_t *sk); 410void load_secret_key(Net_Crypto *c, const uint8_t *sk);
411 411
diff --git a/toxcore/onion.c b/toxcore/onion.c
index 06ff719b..07908f2e 100644
--- a/toxcore/onion.c
+++ b/toxcore/onion.c
@@ -122,26 +122,26 @@ int create_onion_path(const DHT *dht, Onion_Path *new_path, const Node_format *n
122 } 122 }
123 123
124 encrypt_precompute(nodes[0].public_key, dht->self_secret_key, new_path->shared_key1); 124 encrypt_precompute(nodes[0].public_key, dht->self_secret_key, new_path->shared_key1);
125 memcpy(new_path->public_key1, dht->self_public_key, crypto_box_PUBLICKEYBYTES); 125 memcpy(new_path->public_key1, dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
126 126
127 uint8_t random_public_key[crypto_box_PUBLICKEYBYTES]; 127 uint8_t random_public_key[CRYPTO_PUBLIC_KEY_SIZE];
128 uint8_t random_secret_key[crypto_box_SECRETKEYBYTES]; 128 uint8_t random_secret_key[CRYPTO_SECRET_KEY_SIZE];
129 129
130 crypto_box_keypair(random_public_key, random_secret_key); 130 crypto_new_keypair(random_public_key, random_secret_key);
131 encrypt_precompute(nodes[1].public_key, random_secret_key, new_path->shared_key2); 131 encrypt_precompute(nodes[1].public_key, random_secret_key, new_path->shared_key2);
132 memcpy(new_path->public_key2, random_public_key, crypto_box_PUBLICKEYBYTES); 132 memcpy(new_path->public_key2, random_public_key, CRYPTO_PUBLIC_KEY_SIZE);
133 133
134 crypto_box_keypair(random_public_key, random_secret_key); 134 crypto_new_keypair(random_public_key, random_secret_key);
135 encrypt_precompute(nodes[2].public_key, random_secret_key, new_path->shared_key3); 135 encrypt_precompute(nodes[2].public_key, random_secret_key, new_path->shared_key3);
136 memcpy(new_path->public_key3, random_public_key, crypto_box_PUBLICKEYBYTES); 136 memcpy(new_path->public_key3, random_public_key, CRYPTO_PUBLIC_KEY_SIZE);
137 137
138 new_path->ip_port1 = nodes[0].ip_port; 138 new_path->ip_port1 = nodes[0].ip_port;
139 new_path->ip_port2 = nodes[1].ip_port; 139 new_path->ip_port2 = nodes[1].ip_port;
140 new_path->ip_port3 = nodes[2].ip_port; 140 new_path->ip_port3 = nodes[2].ip_port;
141 141
142 memcpy(new_path->node_public_key1, nodes[0].public_key, crypto_box_PUBLICKEYBYTES); 142 memcpy(new_path->node_public_key1, nodes[0].public_key, CRYPTO_PUBLIC_KEY_SIZE);
143 memcpy(new_path->node_public_key2, nodes[1].public_key, crypto_box_PUBLICKEYBYTES); 143 memcpy(new_path->node_public_key2, nodes[1].public_key, CRYPTO_PUBLIC_KEY_SIZE);
144 memcpy(new_path->node_public_key3, nodes[2].public_key, crypto_box_PUBLICKEYBYTES); 144 memcpy(new_path->node_public_key3, nodes[2].public_key, CRYPTO_PUBLIC_KEY_SIZE);
145 145
146 return 0; 146 return 0;
147} 147}
@@ -161,9 +161,9 @@ int onion_path_to_nodes(Node_format *nodes, unsigned int num_nodes, const Onion_
161 nodes[1].ip_port = path->ip_port2; 161 nodes[1].ip_port = path->ip_port2;
162 nodes[2].ip_port = path->ip_port3; 162 nodes[2].ip_port = path->ip_port3;
163 163
164 memcpy(nodes[0].public_key, path->node_public_key1, crypto_box_PUBLICKEYBYTES); 164 memcpy(nodes[0].public_key, path->node_public_key1, CRYPTO_PUBLIC_KEY_SIZE);
165 memcpy(nodes[1].public_key, path->node_public_key2, crypto_box_PUBLICKEYBYTES); 165 memcpy(nodes[1].public_key, path->node_public_key2, CRYPTO_PUBLIC_KEY_SIZE);
166 memcpy(nodes[2].public_key, path->node_public_key3, crypto_box_PUBLICKEYBYTES); 166 memcpy(nodes[2].public_key, path->node_public_key3, CRYPTO_PUBLIC_KEY_SIZE);
167 return 0; 167 return 0;
168} 168}
169 169
@@ -188,42 +188,42 @@ int create_onion_packet(uint8_t *packet, uint16_t max_packet_length, const Onion
188 ipport_pack(step1, &dest); 188 ipport_pack(step1, &dest);
189 memcpy(step1 + SIZE_IPPORT, data, length); 189 memcpy(step1 + SIZE_IPPORT, data, length);
190 190
191 uint8_t nonce[crypto_box_NONCEBYTES]; 191 uint8_t nonce[CRYPTO_NONCE_SIZE];
192 random_nonce(nonce); 192 random_nonce(nonce);
193 193
194 uint8_t step2[SIZE_IPPORT + SEND_BASE + length]; 194 uint8_t step2[SIZE_IPPORT + SEND_BASE + length];
195 ipport_pack(step2, &path->ip_port3); 195 ipport_pack(step2, &path->ip_port3);
196 memcpy(step2 + SIZE_IPPORT, path->public_key3, crypto_box_PUBLICKEYBYTES); 196 memcpy(step2 + SIZE_IPPORT, path->public_key3, CRYPTO_PUBLIC_KEY_SIZE);
197 197
198 int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1), 198 int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1),
199 step2 + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); 199 step2 + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE);
200 200
201 if (len != SIZE_IPPORT + length + crypto_box_MACBYTES) { 201 if (len != SIZE_IPPORT + length + CRYPTO_MAC_SIZE) {
202 return -1; 202 return -1;
203 } 203 }
204 204
205 uint8_t step3[SIZE_IPPORT + SEND_BASE * 2 + length]; 205 uint8_t step3[SIZE_IPPORT + SEND_BASE * 2 + length];
206 ipport_pack(step3, &path->ip_port2); 206 ipport_pack(step3, &path->ip_port2);
207 memcpy(step3 + SIZE_IPPORT, path->public_key2, crypto_box_PUBLICKEYBYTES); 207 memcpy(step3 + SIZE_IPPORT, path->public_key2, CRYPTO_PUBLIC_KEY_SIZE);
208 len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2), 208 len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2),
209 step3 + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); 209 step3 + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE);
210 210
211 if (len != SIZE_IPPORT + SEND_BASE + length + crypto_box_MACBYTES) { 211 if (len != SIZE_IPPORT + SEND_BASE + length + CRYPTO_MAC_SIZE) {
212 return -1; 212 return -1;
213 } 213 }
214 214
215 packet[0] = NET_PACKET_ONION_SEND_INITIAL; 215 packet[0] = NET_PACKET_ONION_SEND_INITIAL;
216 memcpy(packet + 1, nonce, crypto_box_NONCEBYTES); 216 memcpy(packet + 1, nonce, CRYPTO_NONCE_SIZE);
217 memcpy(packet + 1 + crypto_box_NONCEBYTES, path->public_key1, crypto_box_PUBLICKEYBYTES); 217 memcpy(packet + 1 + CRYPTO_NONCE_SIZE, path->public_key1, CRYPTO_PUBLIC_KEY_SIZE);
218 218
219 len = encrypt_data_symmetric(path->shared_key1, nonce, step3, sizeof(step3), 219 len = encrypt_data_symmetric(path->shared_key1, nonce, step3, sizeof(step3),
220 packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); 220 packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE);
221 221
222 if (len != SIZE_IPPORT + SEND_BASE * 2 + length + crypto_box_MACBYTES) { 222 if (len != SIZE_IPPORT + SEND_BASE * 2 + length + CRYPTO_MAC_SIZE) {
223 return -1; 223 return -1;
224 } 224 }
225 225
226 return 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + len; 226 return 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + len;
227} 227}
228 228
229/* Create a onion packet to be sent over tcp. 229/* Create a onion packet to be sent over tcp.
@@ -238,7 +238,7 @@ int create_onion_packet(uint8_t *packet, uint16_t max_packet_length, const Onion
238int create_onion_packet_tcp(uint8_t *packet, uint16_t max_packet_length, const Onion_Path *path, IP_Port dest, 238int create_onion_packet_tcp(uint8_t *packet, uint16_t max_packet_length, const Onion_Path *path, IP_Port dest,
239 const uint8_t *data, uint16_t length) 239 const uint8_t *data, uint16_t length)
240{ 240{
241 if (crypto_box_NONCEBYTES + SIZE_IPPORT + SEND_BASE * 2 + length > max_packet_length || length == 0) { 241 if (CRYPTO_NONCE_SIZE + SIZE_IPPORT + SEND_BASE * 2 + length > max_packet_length || length == 0) {
242 return -1; 242 return -1;
243 } 243 }
244 244
@@ -247,32 +247,32 @@ int create_onion_packet_tcp(uint8_t *packet, uint16_t max_packet_length, const O
247 ipport_pack(step1, &dest); 247 ipport_pack(step1, &dest);
248 memcpy(step1 + SIZE_IPPORT, data, length); 248 memcpy(step1 + SIZE_IPPORT, data, length);
249 249
250 uint8_t nonce[crypto_box_NONCEBYTES]; 250 uint8_t nonce[CRYPTO_NONCE_SIZE];
251 random_nonce(nonce); 251 random_nonce(nonce);
252 252
253 uint8_t step2[SIZE_IPPORT + SEND_BASE + length]; 253 uint8_t step2[SIZE_IPPORT + SEND_BASE + length];
254 ipport_pack(step2, &path->ip_port3); 254 ipport_pack(step2, &path->ip_port3);
255 memcpy(step2 + SIZE_IPPORT, path->public_key3, crypto_box_PUBLICKEYBYTES); 255 memcpy(step2 + SIZE_IPPORT, path->public_key3, CRYPTO_PUBLIC_KEY_SIZE);
256 256
257 int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1), 257 int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1),
258 step2 + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); 258 step2 + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE);
259 259
260 if (len != SIZE_IPPORT + length + crypto_box_MACBYTES) { 260 if (len != SIZE_IPPORT + length + CRYPTO_MAC_SIZE) {
261 return -1; 261 return -1;
262 } 262 }
263 263
264 ipport_pack(packet + crypto_box_NONCEBYTES, &path->ip_port2); 264 ipport_pack(packet + CRYPTO_NONCE_SIZE, &path->ip_port2);
265 memcpy(packet + crypto_box_NONCEBYTES + SIZE_IPPORT, path->public_key2, crypto_box_PUBLICKEYBYTES); 265 memcpy(packet + CRYPTO_NONCE_SIZE + SIZE_IPPORT, path->public_key2, CRYPTO_PUBLIC_KEY_SIZE);
266 len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2), 266 len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2),
267 packet + crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); 267 packet + CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE);
268 268
269 if (len != SIZE_IPPORT + SEND_BASE + length + crypto_box_MACBYTES) { 269 if (len != SIZE_IPPORT + SEND_BASE + length + CRYPTO_MAC_SIZE) {
270 return -1; 270 return -1;
271 } 271 }
272 272
273 memcpy(packet, nonce, crypto_box_NONCEBYTES); 273 memcpy(packet, nonce, CRYPTO_NONCE_SIZE);
274 274
275 return crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES + len; 275 return CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE + len;
276} 276}
277 277
278/* Create and send a onion packet. 278/* Create and send a onion packet.
@@ -338,12 +338,12 @@ static int handle_send_initial(void *object, IP_Port source, const uint8_t *pack
338 change_symmetric_key(onion); 338 change_symmetric_key(onion);
339 339
340 uint8_t plain[ONION_MAX_PACKET_SIZE]; 340 uint8_t plain[ONION_MAX_PACKET_SIZE];
341 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 341 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
342 get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); 342 get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + CRYPTO_NONCE_SIZE);
343 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, 343 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
344 length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), plain); 344 length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE), plain);
345 345
346 if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES)) { 346 if (len != length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE)) {
347 return 1; 347 return 1;
348 } 348 }
349 349
@@ -352,7 +352,7 @@ static int handle_send_initial(void *object, IP_Port source, const uint8_t *pack
352 352
353int onion_send_1(const Onion *onion, const uint8_t *plain, uint16_t len, IP_Port source, const uint8_t *nonce) 353int onion_send_1(const Onion *onion, const uint8_t *plain, uint16_t len, IP_Port source, const uint8_t *nonce)
354{ 354{
355 if (len > ONION_MAX_PACKET_SIZE + SIZE_IPPORT - (1 + crypto_box_NONCEBYTES + ONION_RETURN_1)) { 355 if (len > ONION_MAX_PACKET_SIZE + SIZE_IPPORT - (1 + CRYPTO_NONCE_SIZE + ONION_RETURN_1)) {
356 return 1; 356 return 1;
357 } 357 }
358 358
@@ -371,19 +371,19 @@ int onion_send_1(const Onion *onion, const uint8_t *plain, uint16_t len, IP_Port
371 371
372 uint8_t data[ONION_MAX_PACKET_SIZE]; 372 uint8_t data[ONION_MAX_PACKET_SIZE];
373 data[0] = NET_PACKET_ONION_SEND_1; 373 data[0] = NET_PACKET_ONION_SEND_1;
374 memcpy(data + 1, nonce, crypto_box_NONCEBYTES); 374 memcpy(data + 1, nonce, CRYPTO_NONCE_SIZE);
375 memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); 375 memcpy(data + 1 + CRYPTO_NONCE_SIZE, plain + SIZE_IPPORT, len - SIZE_IPPORT);
376 uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); 376 uint16_t data_len = 1 + CRYPTO_NONCE_SIZE + (len - SIZE_IPPORT);
377 uint8_t *ret_part = data + data_len; 377 uint8_t *ret_part = data + data_len;
378 random_nonce(ret_part); 378 random_nonce(ret_part);
379 len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ip_port, SIZE_IPPORT, 379 len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ip_port, SIZE_IPPORT,
380 ret_part + crypto_box_NONCEBYTES); 380 ret_part + CRYPTO_NONCE_SIZE);
381 381
382 if (len != SIZE_IPPORT + crypto_box_MACBYTES) { 382 if (len != SIZE_IPPORT + CRYPTO_MAC_SIZE) {
383 return 1; 383 return 1;
384 } 384 }
385 385
386 data_len += crypto_box_NONCEBYTES + len; 386 data_len += CRYPTO_NONCE_SIZE + len;
387 387
388 if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len) { 388 if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len) {
389 return 1; 389 return 1;
@@ -407,12 +407,12 @@ static int handle_send_1(void *object, IP_Port source, const uint8_t *packet, ui
407 change_symmetric_key(onion); 407 change_symmetric_key(onion);
408 408
409 uint8_t plain[ONION_MAX_PACKET_SIZE]; 409 uint8_t plain[ONION_MAX_PACKET_SIZE];
410 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 410 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
411 get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); 411 get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + CRYPTO_NONCE_SIZE);
412 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, 412 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
413 length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1), plain); 413 length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_1), plain);
414 414
415 if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1 + crypto_box_MACBYTES)) { 415 if (len != length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_1 + CRYPTO_MAC_SIZE)) {
416 return 1; 416 return 1;
417 } 417 }
418 418
@@ -424,22 +424,22 @@ static int handle_send_1(void *object, IP_Port source, const uint8_t *packet, ui
424 424
425 uint8_t data[ONION_MAX_PACKET_SIZE]; 425 uint8_t data[ONION_MAX_PACKET_SIZE];
426 data[0] = NET_PACKET_ONION_SEND_2; 426 data[0] = NET_PACKET_ONION_SEND_2;
427 memcpy(data + 1, packet + 1, crypto_box_NONCEBYTES); 427 memcpy(data + 1, packet + 1, CRYPTO_NONCE_SIZE);
428 memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); 428 memcpy(data + 1 + CRYPTO_NONCE_SIZE, plain + SIZE_IPPORT, len - SIZE_IPPORT);
429 uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); 429 uint16_t data_len = 1 + CRYPTO_NONCE_SIZE + (len - SIZE_IPPORT);
430 uint8_t *ret_part = data + data_len; 430 uint8_t *ret_part = data + data_len;
431 random_nonce(ret_part); 431 random_nonce(ret_part);
432 uint8_t ret_data[RETURN_1 + SIZE_IPPORT]; 432 uint8_t ret_data[RETURN_1 + SIZE_IPPORT];
433 ipport_pack(ret_data, &source); 433 ipport_pack(ret_data, &source);
434 memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_1), RETURN_1); 434 memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_1), RETURN_1);
435 len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data), 435 len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data),
436 ret_part + crypto_box_NONCEBYTES); 436 ret_part + CRYPTO_NONCE_SIZE);
437 437
438 if (len != RETURN_2 - crypto_box_NONCEBYTES) { 438 if (len != RETURN_2 - CRYPTO_NONCE_SIZE) {
439 return 1; 439 return 1;
440 } 440 }
441 441
442 data_len += crypto_box_NONCEBYTES + len; 442 data_len += CRYPTO_NONCE_SIZE + len;
443 443
444 if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len) { 444 if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len) {
445 return 1; 445 return 1;
@@ -463,12 +463,12 @@ static int handle_send_2(void *object, IP_Port source, const uint8_t *packet, ui
463 change_symmetric_key(onion); 463 change_symmetric_key(onion);
464 464
465 uint8_t plain[ONION_MAX_PACKET_SIZE]; 465 uint8_t plain[ONION_MAX_PACKET_SIZE];
466 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 466 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
467 get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); 467 get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + CRYPTO_NONCE_SIZE);
468 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, 468 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
469 length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2), plain); 469 length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_2), plain);
470 470
471 if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES)) { 471 if (len != length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_2 + CRYPTO_MAC_SIZE)) {
472 return 1; 472 return 1;
473 } 473 }
474 474
@@ -487,9 +487,9 @@ static int handle_send_2(void *object, IP_Port source, const uint8_t *packet, ui
487 ipport_pack(ret_data, &source); 487 ipport_pack(ret_data, &source);
488 memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_2), RETURN_2); 488 memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_2), RETURN_2);
489 len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data), 489 len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data),
490 ret_part + crypto_box_NONCEBYTES); 490 ret_part + CRYPTO_NONCE_SIZE);
491 491
492 if (len != RETURN_3 - crypto_box_NONCEBYTES) { 492 if (len != RETURN_3 - CRYPTO_NONCE_SIZE) {
493 return 1; 493 return 1;
494 } 494 }
495 495
@@ -518,8 +518,8 @@ static int handle_recv_3(void *object, IP_Port source, const uint8_t *packet, ui
518 change_symmetric_key(onion); 518 change_symmetric_key(onion);
519 519
520 uint8_t plain[SIZE_IPPORT + RETURN_2]; 520 uint8_t plain[SIZE_IPPORT + RETURN_2];
521 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, 521 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE,
522 SIZE_IPPORT + RETURN_2 + crypto_box_MACBYTES, plain); 522 SIZE_IPPORT + RETURN_2 + CRYPTO_MAC_SIZE, plain);
523 523
524 if ((uint32_t)len != sizeof(plain)) { 524 if ((uint32_t)len != sizeof(plain)) {
525 return 1; 525 return 1;
@@ -559,8 +559,8 @@ static int handle_recv_2(void *object, IP_Port source, const uint8_t *packet, ui
559 change_symmetric_key(onion); 559 change_symmetric_key(onion);
560 560
561 uint8_t plain[SIZE_IPPORT + RETURN_1]; 561 uint8_t plain[SIZE_IPPORT + RETURN_1];
562 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, 562 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE,
563 SIZE_IPPORT + RETURN_1 + crypto_box_MACBYTES, plain); 563 SIZE_IPPORT + RETURN_1 + CRYPTO_MAC_SIZE, plain);
564 564
565 if ((uint32_t)len != sizeof(plain)) { 565 if ((uint32_t)len != sizeof(plain)) {
566 return 1; 566 return 1;
@@ -600,8 +600,8 @@ static int handle_recv_1(void *object, IP_Port source, const uint8_t *packet, ui
600 change_symmetric_key(onion); 600 change_symmetric_key(onion);
601 601
602 uint8_t plain[SIZE_IPPORT]; 602 uint8_t plain[SIZE_IPPORT];
603 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, 603 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE,
604 SIZE_IPPORT + crypto_box_MACBYTES, plain); 604 SIZE_IPPORT + CRYPTO_MAC_SIZE, plain);
605 605
606 if ((uint32_t)len != SIZE_IPPORT) { 606 if ((uint32_t)len != SIZE_IPPORT) {
607 return 1; 607 return 1;
diff --git a/toxcore/onion.h b/toxcore/onion.h
index 2b270ea9..0c2dcc04 100644
--- a/toxcore/onion.h
+++ b/toxcore/onion.h
@@ -28,7 +28,7 @@
28typedef struct { 28typedef struct {
29 DHT *dht; 29 DHT *dht;
30 Networking_Core *net; 30 Networking_Core *net;
31 uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; 31 uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE];
32 uint64_t timestamp; 32 uint64_t timestamp;
33 33
34 Shared_Keys shared_keys_1; 34 Shared_Keys shared_keys_1;
@@ -41,14 +41,14 @@ typedef struct {
41 41
42#define ONION_MAX_PACKET_SIZE 1400 42#define ONION_MAX_PACKET_SIZE 1400
43 43
44#define ONION_RETURN_1 (crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_MACBYTES) 44#define ONION_RETURN_1 (CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE)
45#define ONION_RETURN_2 (crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_MACBYTES + ONION_RETURN_1) 45#define ONION_RETURN_2 (CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE + ONION_RETURN_1)
46#define ONION_RETURN_3 (crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_MACBYTES + ONION_RETURN_2) 46#define ONION_RETURN_3 (CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE + ONION_RETURN_2)
47 47
48#define ONION_SEND_BASE (crypto_box_PUBLICKEYBYTES + SIZE_IPPORT + crypto_box_MACBYTES) 48#define ONION_SEND_BASE (CRYPTO_PUBLIC_KEY_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE)
49#define ONION_SEND_3 (crypto_box_NONCEBYTES + ONION_SEND_BASE + ONION_RETURN_2) 49#define ONION_SEND_3 (CRYPTO_NONCE_SIZE + ONION_SEND_BASE + ONION_RETURN_2)
50#define ONION_SEND_2 (crypto_box_NONCEBYTES + ONION_SEND_BASE*2 + ONION_RETURN_1) 50#define ONION_SEND_2 (CRYPTO_NONCE_SIZE + ONION_SEND_BASE*2 + ONION_RETURN_1)
51#define ONION_SEND_1 (crypto_box_NONCEBYTES + ONION_SEND_BASE*3) 51#define ONION_SEND_1 (CRYPTO_NONCE_SIZE + ONION_SEND_BASE*3)
52 52
53#define ONION_MAX_DATA_SIZE (ONION_MAX_PACKET_SIZE - (ONION_SEND_1 + 1)) 53#define ONION_MAX_DATA_SIZE (ONION_MAX_PACKET_SIZE - (ONION_SEND_1 + 1))
54#define ONION_RESPONSE_MAX_DATA_SIZE (ONION_MAX_PACKET_SIZE - (1 + ONION_RETURN_3)) 54#define ONION_RESPONSE_MAX_DATA_SIZE (ONION_MAX_PACKET_SIZE - (1 + ONION_RETURN_3))
@@ -56,22 +56,22 @@ typedef struct {
56#define ONION_PATH_LENGTH 3 56#define ONION_PATH_LENGTH 3
57 57
58typedef struct { 58typedef struct {
59 uint8_t shared_key1[crypto_box_BEFORENMBYTES]; 59 uint8_t shared_key1[CRYPTO_SHARED_KEY_SIZE];
60 uint8_t shared_key2[crypto_box_BEFORENMBYTES]; 60 uint8_t shared_key2[CRYPTO_SHARED_KEY_SIZE];
61 uint8_t shared_key3[crypto_box_BEFORENMBYTES]; 61 uint8_t shared_key3[CRYPTO_SHARED_KEY_SIZE];
62 62
63 uint8_t public_key1[crypto_box_PUBLICKEYBYTES]; 63 uint8_t public_key1[CRYPTO_PUBLIC_KEY_SIZE];
64 uint8_t public_key2[crypto_box_PUBLICKEYBYTES]; 64 uint8_t public_key2[CRYPTO_PUBLIC_KEY_SIZE];
65 uint8_t public_key3[crypto_box_PUBLICKEYBYTES]; 65 uint8_t public_key3[CRYPTO_PUBLIC_KEY_SIZE];
66 66
67 IP_Port ip_port1; 67 IP_Port ip_port1;
68 uint8_t node_public_key1[crypto_box_PUBLICKEYBYTES]; 68 uint8_t node_public_key1[CRYPTO_PUBLIC_KEY_SIZE];
69 69
70 IP_Port ip_port2; 70 IP_Port ip_port2;
71 uint8_t node_public_key2[crypto_box_PUBLICKEYBYTES]; 71 uint8_t node_public_key2[CRYPTO_PUBLIC_KEY_SIZE];
72 72
73 IP_Port ip_port3; 73 IP_Port ip_port3;
74 uint8_t node_public_key3[crypto_box_PUBLICKEYBYTES]; 74 uint8_t node_public_key3[CRYPTO_PUBLIC_KEY_SIZE];
75 75
76 uint32_t path_num; 76 uint32_t path_num;
77} Onion_Path; 77} Onion_Path;
diff --git a/toxcore/onion_announce.c b/toxcore/onion_announce.c
index acde04a7..5d371a99 100644
--- a/toxcore/onion_announce.c
+++ b/toxcore/onion_announce.c
@@ -56,25 +56,25 @@ int create_announce_request(uint8_t *packet, uint16_t max_packet_length, const u
56 return -1; 56 return -1;
57 } 57 }
58 58
59 uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + 59 uint8_t plain[ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE +
60 ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; 60 ONION_ANNOUNCE_SENDBACK_DATA_LENGTH];
61 memcpy(plain, ping_id, ONION_PING_ID_SIZE); 61 memcpy(plain, ping_id, ONION_PING_ID_SIZE);
62 memcpy(plain + ONION_PING_ID_SIZE, client_id, crypto_box_PUBLICKEYBYTES); 62 memcpy(plain + ONION_PING_ID_SIZE, client_id, CRYPTO_PUBLIC_KEY_SIZE);
63 memcpy(plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES, data_public_key, crypto_box_PUBLICKEYBYTES); 63 memcpy(plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE, data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
64 memcpy(plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES, &sendback_data, 64 memcpy(plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE, &sendback_data,
65 sizeof(sendback_data)); 65 sizeof(sendback_data));
66 66
67 packet[0] = NET_PACKET_ANNOUNCE_REQUEST; 67 packet[0] = NET_PACKET_ANNOUNCE_REQUEST;
68 random_nonce(packet + 1); 68 random_nonce(packet + 1);
69 69
70 int len = encrypt_data(dest_client_id, secret_key, packet + 1, plain, sizeof(plain), 70 int len = encrypt_data(dest_client_id, secret_key, packet + 1, plain, sizeof(plain),
71 packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); 71 packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE);
72 72
73 if ((uint32_t)len + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES != ONION_ANNOUNCE_REQUEST_SIZE) { 73 if ((uint32_t)len + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE != ONION_ANNOUNCE_REQUEST_SIZE) {
74 return -1; 74 return -1;
75 } 75 }
76 76
77 memcpy(packet + 1 + crypto_box_NONCEBYTES, public_key, crypto_box_PUBLICKEYBYTES); 77 memcpy(packet + 1 + CRYPTO_NONCE_SIZE, public_key, CRYPTO_PUBLIC_KEY_SIZE);
78 78
79 return ONION_ANNOUNCE_REQUEST_SIZE; 79 return ONION_ANNOUNCE_REQUEST_SIZE;
80} 80}
@@ -101,19 +101,19 @@ int create_data_request(uint8_t *packet, uint16_t max_packet_length, const uint8
101 } 101 }
102 102
103 packet[0] = NET_PACKET_ONION_DATA_REQUEST; 103 packet[0] = NET_PACKET_ONION_DATA_REQUEST;
104 memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); 104 memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE);
105 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); 105 memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE);
106 106
107 uint8_t random_public_key[crypto_box_PUBLICKEYBYTES]; 107 uint8_t random_public_key[CRYPTO_PUBLIC_KEY_SIZE];
108 uint8_t random_secret_key[crypto_box_SECRETKEYBYTES]; 108 uint8_t random_secret_key[CRYPTO_SECRET_KEY_SIZE];
109 crypto_box_keypair(random_public_key, random_secret_key); 109 crypto_new_keypair(random_public_key, random_secret_key);
110 110
111 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, random_public_key, crypto_box_PUBLICKEYBYTES); 111 memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, random_public_key, CRYPTO_PUBLIC_KEY_SIZE);
112 112
113 int len = encrypt_data(encrypt_public_key, random_secret_key, packet + 1 + crypto_box_PUBLICKEYBYTES, data, length, 113 int len = encrypt_data(encrypt_public_key, random_secret_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, data, length,
114 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); 114 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE);
115 115
116 if (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + len != DATA_REQUEST_MIN_SIZE + 116 if (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + len != DATA_REQUEST_MIN_SIZE +
117 length) { 117 length) {
118 return -1; 118 return -1;
119 } 119 }
@@ -204,12 +204,12 @@ static void generate_ping_id(const Onion_Announce *onion_a, uint64_t time, const
204 IP_Port ret_ip_port, uint8_t *ping_id) 204 IP_Port ret_ip_port, uint8_t *ping_id)
205{ 205{
206 time /= PING_ID_TIMEOUT; 206 time /= PING_ID_TIMEOUT;
207 uint8_t data[crypto_box_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES + sizeof(ret_ip_port)]; 207 uint8_t data[CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(ret_ip_port)];
208 memcpy(data, onion_a->secret_bytes, crypto_box_KEYBYTES); 208 memcpy(data, onion_a->secret_bytes, CRYPTO_SYMMETRIC_KEY_SIZE);
209 memcpy(data + crypto_box_KEYBYTES, &time, sizeof(time)); 209 memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE, &time, sizeof(time));
210 memcpy(data + crypto_box_KEYBYTES + sizeof(time), public_key, crypto_box_PUBLICKEYBYTES); 210 memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time), public_key, CRYPTO_PUBLIC_KEY_SIZE);
211 memcpy(data + crypto_box_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES, &ret_ip_port, sizeof(ret_ip_port)); 211 memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time) + CRYPTO_PUBLIC_KEY_SIZE, &ret_ip_port, sizeof(ret_ip_port));
212 crypto_hash_sha256(ping_id, data, sizeof(data)); 212 crypto_sha256(ping_id, data, sizeof(data));
213} 213}
214 214
215/* check if public key is in entries list 215/* check if public key is in entries list
@@ -231,7 +231,7 @@ static int in_entries(const Onion_Announce *onion_a, const uint8_t *public_key)
231 return -1; 231 return -1;
232} 232}
233 233
234static uint8_t cmp_public_key[crypto_box_PUBLICKEYBYTES]; 234static uint8_t cmp_public_key[CRYPTO_PUBLIC_KEY_SIZE];
235static int cmp_entry(const void *a, const void *b) 235static int cmp_entry(const void *a, const void *b)
236{ 236{
237 Onion_Announce_Entry entry1, entry2; 237 Onion_Announce_Entry entry1, entry2;
@@ -296,13 +296,13 @@ static int add_to_entries(Onion_Announce *onion_a, IP_Port ret_ip_port, const ui
296 return -1; 296 return -1;
297 } 297 }
298 298
299 memcpy(onion_a->entries[pos].public_key, public_key, crypto_box_PUBLICKEYBYTES); 299 memcpy(onion_a->entries[pos].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
300 onion_a->entries[pos].ret_ip_port = ret_ip_port; 300 onion_a->entries[pos].ret_ip_port = ret_ip_port;
301 memcpy(onion_a->entries[pos].ret, ret, ONION_RETURN_3); 301 memcpy(onion_a->entries[pos].ret, ret, ONION_RETURN_3);
302 memcpy(onion_a->entries[pos].data_public_key, data_public_key, crypto_box_PUBLICKEYBYTES); 302 memcpy(onion_a->entries[pos].data_public_key, data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
303 onion_a->entries[pos].time = unix_time(); 303 onion_a->entries[pos].time = unix_time();
304 304
305 memcpy(cmp_public_key, onion_a->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 305 memcpy(cmp_public_key, onion_a->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
306 qsort(onion_a->entries, ONION_ANNOUNCE_MAX_ENTRIES, sizeof(Onion_Announce_Entry), cmp_entry); 306 qsort(onion_a->entries, ONION_ANNOUNCE_MAX_ENTRIES, sizeof(Onion_Announce_Entry), cmp_entry);
307 return in_entries(onion_a, public_key); 307 return in_entries(onion_a, public_key);
308} 308}
@@ -315,15 +315,15 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t *
315 return 1; 315 return 1;
316 } 316 }
317 317
318 const uint8_t *packet_public_key = packet + 1 + crypto_box_NONCEBYTES; 318 const uint8_t *packet_public_key = packet + 1 + CRYPTO_NONCE_SIZE;
319 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 319 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
320 get_shared_key(&onion_a->shared_keys_recv, shared_key, onion_a->dht->self_secret_key, packet_public_key); 320 get_shared_key(&onion_a->shared_keys_recv, shared_key, onion_a->dht->self_secret_key, packet_public_key);
321 321
322 uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + 322 uint8_t plain[ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE +
323 ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; 323 ONION_ANNOUNCE_SENDBACK_DATA_LENGTH];
324 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, 324 int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
325 ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + 325 ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH +
326 crypto_box_MACBYTES, plain); 326 CRYPTO_MAC_SIZE, plain);
327 327
328 if ((uint32_t)len != sizeof(plain)) { 328 if ((uint32_t)len != sizeof(plain)) {
329 return 1; 329 return 1;
@@ -337,10 +337,10 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t *
337 337
338 int index = -1; 338 int index = -1;
339 339
340 uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES; 340 uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE;
341 341
342 if (sodium_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 342 if (crypto_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0
343 || sodium_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { 343 || crypto_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) {
344 index = add_to_entries(onion_a, source, packet_public_key, data_public_key, 344 index = add_to_entries(onion_a, source, packet_public_key, data_public_key,
345 packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)); 345 packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3));
346 } else { 346 } else {
@@ -351,7 +351,7 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t *
351 Node_format nodes_list[MAX_SENT_NODES]; 351 Node_format nodes_list[MAX_SENT_NODES];
352 unsigned int num_nodes = get_close_nodes(onion_a->dht, plain + ONION_PING_ID_SIZE, nodes_list, 0, 352 unsigned int num_nodes = get_close_nodes(onion_a->dht, plain + ONION_PING_ID_SIZE, nodes_list, 0,
353 LAN_ip(source.ip) == 0, 1); 353 LAN_ip(source.ip) == 0, 1);
354 uint8_t nonce[crypto_box_NONCEBYTES]; 354 uint8_t nonce[CRYPTO_NONCE_SIZE];
355 random_nonce(nonce); 355 random_nonce(nonce);
356 356
357 uint8_t pl[1 + ONION_PING_ID_SIZE + sizeof(nodes_list)]; 357 uint8_t pl[1 + ONION_PING_ID_SIZE + sizeof(nodes_list)];
@@ -370,7 +370,7 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t *
370 } 370 }
371 } else { 371 } else {
372 pl[0] = 1; 372 pl[0] = 1;
373 memcpy(pl + 1, onion_a->entries[index].data_public_key, crypto_box_PUBLICKEYBYTES); 373 memcpy(pl + 1, onion_a->entries[index].data_public_key, CRYPTO_PUBLIC_KEY_SIZE);
374 } 374 }
375 } 375 }
376 376
@@ -386,19 +386,19 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t *
386 386
387 uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE]; 387 uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE];
388 len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length, 388 len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length,
389 data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES); 389 data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE);
390 390
391 if (len != 1 + ONION_PING_ID_SIZE + nodes_length + crypto_box_MACBYTES) { 391 if (len != 1 + ONION_PING_ID_SIZE + nodes_length + CRYPTO_MAC_SIZE) {
392 return 1; 392 return 1;
393 } 393 }
394 394
395 data[0] = NET_PACKET_ANNOUNCE_RESPONSE; 395 data[0] = NET_PACKET_ANNOUNCE_RESPONSE;
396 memcpy(data + 1, plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES, 396 memcpy(data + 1, plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
397 ONION_ANNOUNCE_SENDBACK_DATA_LENGTH); 397 ONION_ANNOUNCE_SENDBACK_DATA_LENGTH);
398 memcpy(data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, nonce, crypto_box_NONCEBYTES); 398 memcpy(data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, nonce, CRYPTO_NONCE_SIZE);
399 399
400 if (send_onion_response(onion_a->net, source, data, 400 if (send_onion_response(onion_a->net, source, data,
401 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + len, 401 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE + len,
402 packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)) == -1) { 402 packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)) == -1) {
403 return 1; 403 return 1;
404 } 404 }
@@ -424,9 +424,9 @@ static int handle_data_request(void *object, IP_Port source, const uint8_t *pack
424 return 1; 424 return 1;
425 } 425 }
426 426
427 uint8_t data[length - (crypto_box_PUBLICKEYBYTES + ONION_RETURN_3)]; 427 uint8_t data[length - (CRYPTO_PUBLIC_KEY_SIZE + ONION_RETURN_3)];
428 data[0] = NET_PACKET_ONION_DATA_RESPONSE; 428 data[0] = NET_PACKET_ONION_DATA_RESPONSE;
429 memcpy(data + 1, packet + 1 + crypto_box_PUBLICKEYBYTES, length - (1 + crypto_box_PUBLICKEYBYTES + ONION_RETURN_3)); 429 memcpy(data + 1, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, length - (1 + CRYPTO_PUBLIC_KEY_SIZE + ONION_RETURN_3));
430 430
431 if (send_onion_response(onion_a->net, onion_a->entries[index].ret_ip_port, data, sizeof(data), 431 if (send_onion_response(onion_a->net, onion_a->entries[index].ret_ip_port, data, sizeof(data),
432 onion_a->entries[index].ret) == -1) { 432 onion_a->entries[index].ret) == -1) {
diff --git a/toxcore/onion_announce.h b/toxcore/onion_announce.h
index a9128be8..821e0c15 100644
--- a/toxcore/onion_announce.h
+++ b/toxcore/onion_announce.h
@@ -27,29 +27,29 @@
27 27
28#define ONION_ANNOUNCE_MAX_ENTRIES 160 28#define ONION_ANNOUNCE_MAX_ENTRIES 160
29#define ONION_ANNOUNCE_TIMEOUT 300 29#define ONION_ANNOUNCE_TIMEOUT 300
30#define ONION_PING_ID_SIZE crypto_hash_sha256_BYTES 30#define ONION_PING_ID_SIZE CRYPTO_SHA256_SIZE
31 31
32#define ONION_ANNOUNCE_SENDBACK_DATA_LENGTH (sizeof(uint64_t)) 32#define ONION_ANNOUNCE_SENDBACK_DATA_LENGTH (sizeof(uint64_t))
33 33
34#define ONION_ANNOUNCE_REQUEST_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_MACBYTES) 34#define ONION_ANNOUNCE_REQUEST_SIZE (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_MAC_SIZE)
35 35
36#define ONION_ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + 1 + ONION_PING_ID_SIZE + crypto_box_MACBYTES) 36#define ONION_ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE + 1 + ONION_PING_ID_SIZE + CRYPTO_MAC_SIZE)
37#define ONION_ANNOUNCE_RESPONSE_MAX_SIZE (ONION_ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES) 37#define ONION_ANNOUNCE_RESPONSE_MAX_SIZE (ONION_ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES)
38 38
39#define ONION_DATA_RESPONSE_MIN_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) 39#define ONION_DATA_RESPONSE_MIN_SIZE (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE)
40 40
41#if ONION_PING_ID_SIZE != crypto_box_PUBLICKEYBYTES 41#if ONION_PING_ID_SIZE != CRYPTO_PUBLIC_KEY_SIZE
42#error announce response packets assume that ONION_PING_ID_SIZE is equal to crypto_box_PUBLICKEYBYTES 42#error announce response packets assume that ONION_PING_ID_SIZE is equal to CRYPTO_PUBLIC_KEY_SIZE
43#endif 43#endif
44 44
45#define ONION_DATA_REQUEST_MIN_SIZE (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) 45#define ONION_DATA_REQUEST_MIN_SIZE (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE)
46#define MAX_DATA_REQUEST_SIZE (ONION_MAX_DATA_SIZE - ONION_DATA_REQUEST_MIN_SIZE) 46#define MAX_DATA_REQUEST_SIZE (ONION_MAX_DATA_SIZE - ONION_DATA_REQUEST_MIN_SIZE)
47 47
48typedef struct { 48typedef struct {
49 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 49 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
50 IP_Port ret_ip_port; 50 IP_Port ret_ip_port;
51 uint8_t ret[ONION_RETURN_3]; 51 uint8_t ret[ONION_RETURN_3];
52 uint8_t data_public_key[crypto_box_PUBLICKEYBYTES]; 52 uint8_t data_public_key[CRYPTO_PUBLIC_KEY_SIZE];
53 uint64_t time; 53 uint64_t time;
54} Onion_Announce_Entry; 54} Onion_Announce_Entry;
55 55
@@ -57,8 +57,8 @@ typedef struct {
57 DHT *dht; 57 DHT *dht;
58 Networking_Core *net; 58 Networking_Core *net;
59 Onion_Announce_Entry entries[ONION_ANNOUNCE_MAX_ENTRIES]; 59 Onion_Announce_Entry entries[ONION_ANNOUNCE_MAX_ENTRIES];
60 /* This is crypto_box_KEYBYTES long just so we can use new_symmetric_key() to fill it */ 60 /* This is CRYPTO_SYMMETRIC_KEY_SIZE long just so we can use new_symmetric_key() to fill it */
61 uint8_t secret_bytes[crypto_box_KEYBYTES]; 61 uint8_t secret_bytes[CRYPTO_SYMMETRIC_KEY_SIZE];
62 62
63 Shared_Keys shared_keys_recv; 63 Shared_Keys shared_keys_recv;
64} Onion_Announce; 64} Onion_Announce;
diff --git a/toxcore/onion_client.c b/toxcore/onion_client.c
index c03036ac..6ef22314 100644
--- a/toxcore/onion_client.c
+++ b/toxcore/onion_client.c
@@ -55,7 +55,7 @@ int onion_add_bs_path_node(Onion_Client *onion_c, IP_Port ip_port, const uint8_t
55 55
56 onion_c->path_nodes_bs[onion_c->path_nodes_index_bs % MAX_PATH_NODES].ip_port = ip_port; 56 onion_c->path_nodes_bs[onion_c->path_nodes_index_bs % MAX_PATH_NODES].ip_port = ip_port;
57 memcpy(onion_c->path_nodes_bs[onion_c->path_nodes_index_bs % MAX_PATH_NODES].public_key, public_key, 57 memcpy(onion_c->path_nodes_bs[onion_c->path_nodes_index_bs % MAX_PATH_NODES].public_key, public_key,
58 crypto_box_PUBLICKEYBYTES); 58 CRYPTO_PUBLIC_KEY_SIZE);
59 59
60 uint16_t last = onion_c->path_nodes_index_bs; 60 uint16_t last = onion_c->path_nodes_index_bs;
61 ++onion_c->path_nodes_index_bs; 61 ++onion_c->path_nodes_index_bs;
@@ -88,7 +88,7 @@ static int onion_add_path_node(Onion_Client *onion_c, IP_Port ip_port, const uin
88 88
89 onion_c->path_nodes[onion_c->path_nodes_index % MAX_PATH_NODES].ip_port = ip_port; 89 onion_c->path_nodes[onion_c->path_nodes_index % MAX_PATH_NODES].ip_port = ip_port;
90 memcpy(onion_c->path_nodes[onion_c->path_nodes_index % MAX_PATH_NODES].public_key, public_key, 90 memcpy(onion_c->path_nodes[onion_c->path_nodes_index % MAX_PATH_NODES].public_key, public_key,
91 crypto_box_PUBLICKEYBYTES); 91 CRYPTO_PUBLIC_KEY_SIZE);
92 92
93 uint16_t last = onion_c->path_nodes_index; 93 uint16_t last = onion_c->path_nodes_index;
94 ++onion_c->path_nodes_index; 94 ++onion_c->path_nodes_index;
@@ -376,11 +376,11 @@ static int send_onion_packet_tcp_udp(const Onion_Client *onion_c, const Onion_Pa
376static int new_sendback(Onion_Client *onion_c, uint32_t num, const uint8_t *public_key, IP_Port ip_port, 376static int new_sendback(Onion_Client *onion_c, uint32_t num, const uint8_t *public_key, IP_Port ip_port,
377 uint32_t path_num, uint64_t *sendback) 377 uint32_t path_num, uint64_t *sendback)
378{ 378{
379 uint8_t data[sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + sizeof(uint32_t)]; 379 uint8_t data[sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port) + sizeof(uint32_t)];
380 memcpy(data, &num, sizeof(uint32_t)); 380 memcpy(data, &num, sizeof(uint32_t));
381 memcpy(data + sizeof(uint32_t), public_key, crypto_box_PUBLICKEYBYTES); 381 memcpy(data + sizeof(uint32_t), public_key, CRYPTO_PUBLIC_KEY_SIZE);
382 memcpy(data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES, &ip_port, sizeof(IP_Port)); 382 memcpy(data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE, &ip_port, sizeof(IP_Port));
383 memcpy(data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port), &path_num, sizeof(uint32_t)); 383 memcpy(data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port), &path_num, sizeof(uint32_t));
384 *sendback = ping_array_add(&onion_c->announce_ping_array, data, sizeof(data)); 384 *sendback = ping_array_add(&onion_c->announce_ping_array, data, sizeof(data));
385 385
386 if (*sendback == 0) { 386 if (*sendback == 0) {
@@ -394,7 +394,7 @@ static int new_sendback(Onion_Client *onion_c, uint32_t num, const uint8_t *publ
394 * ip contained in it in ret_ip_port 394 * ip contained in it in ret_ip_port
395 * 395 *
396 * sendback is the sendback ONION_ANNOUNCE_SENDBACK_DATA_LENGTH big 396 * sendback is the sendback ONION_ANNOUNCE_SENDBACK_DATA_LENGTH big
397 * ret_pubkey must be at least crypto_box_PUBLICKEYBYTES big 397 * ret_pubkey must be at least CRYPTO_PUBLIC_KEY_SIZE big
398 * ret_ip_port must be at least 1 big 398 * ret_ip_port must be at least 1 big
399 * 399 *
400 * return ~0 on failure 400 * return ~0 on failure
@@ -405,15 +405,15 @@ static uint32_t check_sendback(Onion_Client *onion_c, const uint8_t *sendback, u
405{ 405{
406 uint64_t sback; 406 uint64_t sback;
407 memcpy(&sback, sendback, sizeof(uint64_t)); 407 memcpy(&sback, sendback, sizeof(uint64_t));
408 uint8_t data[sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + sizeof(uint32_t)]; 408 uint8_t data[sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port) + sizeof(uint32_t)];
409 409
410 if (ping_array_check(data, sizeof(data), &onion_c->announce_ping_array, sback) != sizeof(data)) { 410 if (ping_array_check(data, sizeof(data), &onion_c->announce_ping_array, sback) != sizeof(data)) {
411 return ~0; 411 return ~0;
412 } 412 }
413 413
414 memcpy(ret_pubkey, data + sizeof(uint32_t), crypto_box_PUBLICKEYBYTES); 414 memcpy(ret_pubkey, data + sizeof(uint32_t), CRYPTO_PUBLIC_KEY_SIZE);
415 memcpy(ret_ip_port, data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES, sizeof(IP_Port)); 415 memcpy(ret_ip_port, data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE, sizeof(IP_Port));
416 memcpy(path_num, data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port), sizeof(uint32_t)); 416 memcpy(path_num, data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port), sizeof(uint32_t));
417 417
418 uint32_t num; 418 uint32_t num;
419 memcpy(&num, data, sizeof(uint32_t)); 419 memcpy(&num, data, sizeof(uint32_t));
@@ -469,7 +469,7 @@ static int client_send_announce_request(Onion_Client *onion_c, uint32_t num, IP_
469 return send_onion_packet_tcp_udp(onion_c, &path, dest, request, len); 469 return send_onion_packet_tcp_udp(onion_c, &path, dest, request, len);
470} 470}
471 471
472static uint8_t cmp_public_key[crypto_box_PUBLICKEYBYTES]; 472static uint8_t cmp_public_key[CRYPTO_PUBLIC_KEY_SIZE];
473static int cmp_entry(const void *a, const void *b) 473static int cmp_entry(const void *a, const void *b)
474{ 474{
475 Onion_Node entry1, entry2; 475 Onion_Node entry1, entry2;
@@ -532,7 +532,7 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t
532 list_length = MAX_ONION_CLIENTS; 532 list_length = MAX_ONION_CLIENTS;
533 } 533 }
534 534
535 memcpy(cmp_public_key, reference_id, crypto_box_PUBLICKEYBYTES); 535 memcpy(cmp_public_key, reference_id, CRYPTO_PUBLIC_KEY_SIZE);
536 qsort(list_nodes, list_length, sizeof(Onion_Node), cmp_entry); 536 qsort(list_nodes, list_length, sizeof(Onion_Node), cmp_entry);
537 537
538 int index = -1, stored = 0; 538 int index = -1, stored = 0;
@@ -555,14 +555,14 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t
555 return 0; 555 return 0;
556 } 556 }
557 557
558 memcpy(list_nodes[index].public_key, public_key, crypto_box_PUBLICKEYBYTES); 558 memcpy(list_nodes[index].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
559 list_nodes[index].ip_port = ip_port; 559 list_nodes[index].ip_port = ip_port;
560 560
561 // TODO(irungentoo): remove this and find a better source of nodes to use for paths. 561 // TODO(irungentoo): remove this and find a better source of nodes to use for paths.
562 onion_add_path_node(onion_c, ip_port, public_key); 562 onion_add_path_node(onion_c, ip_port, public_key);
563 563
564 if (is_stored == 1) { 564 if (is_stored == 1) {
565 memcpy(list_nodes[index].data_public_key, pingid_or_key, crypto_box_PUBLICKEYBYTES); 565 memcpy(list_nodes[index].data_public_key, pingid_or_key, CRYPTO_PUBLIC_KEY_SIZE);
566 } else { 566 } else {
567 memcpy(list_nodes[index].ping_id, pingid_or_key, ONION_PING_ID_SIZE); 567 memcpy(list_nodes[index].ping_id, pingid_or_key, ONION_PING_ID_SIZE);
568 } 568 }
@@ -590,7 +590,7 @@ static int good_to_ping(Last_Pinged *last_pinged, uint8_t *last_pinged_index, co
590 } 590 }
591 } 591 }
592 592
593 memcpy(last_pinged[*last_pinged_index % MAX_STORED_PINGED_NODES].public_key, public_key, crypto_box_PUBLICKEYBYTES); 593 memcpy(last_pinged[*last_pinged_index % MAX_STORED_PINGED_NODES].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
594 last_pinged[*last_pinged_index % MAX_STORED_PINGED_NODES].timestamp = unix_time(); 594 last_pinged[*last_pinged_index % MAX_STORED_PINGED_NODES].timestamp = unix_time();
595 ++*last_pinged_index; 595 ++*last_pinged_index;
596 return 1; 596 return 1;
@@ -670,7 +670,7 @@ static int handle_announce_response(void *object, IP_Port source, const uint8_t
670 670
671 uint16_t len_nodes = length - ONION_ANNOUNCE_RESPONSE_MIN_SIZE; 671 uint16_t len_nodes = length - ONION_ANNOUNCE_RESPONSE_MIN_SIZE;
672 672
673 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 673 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
674 IP_Port ip_port; 674 IP_Port ip_port;
675 uint32_t path_num; 675 uint32_t path_num;
676 uint32_t num = check_sendback(onion_c, packet + 1, public_key, &ip_port, &path_num); 676 uint32_t num = check_sendback(onion_c, packet + 1, public_key, &ip_port, &path_num);
@@ -684,8 +684,8 @@ static int handle_announce_response(void *object, IP_Port source, const uint8_t
684 684
685 if (num == 0) { 685 if (num == 0) {
686 len = decrypt_data(public_key, onion_c->c->self_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, 686 len = decrypt_data(public_key, onion_c->c->self_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH,
687 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES, 687 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE,
688 length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES), plain); 688 length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE), plain);
689 } else { 689 } else {
690 if (onion_c->friends_list[num - 1].status == 0) { 690 if (onion_c->friends_list[num - 1].status == 0) {
691 return 1; 691 return 1;
@@ -693,8 +693,8 @@ static int handle_announce_response(void *object, IP_Port source, const uint8_t
693 693
694 len = decrypt_data(public_key, onion_c->friends_list[num - 1].temp_secret_key, 694 len = decrypt_data(public_key, onion_c->friends_list[num - 1].temp_secret_key,
695 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, 695 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH,
696 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES, 696 packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE,
697 length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES), plain); 697 length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE), plain);
698 } 698 }
699 699
700 if ((uint32_t)len != sizeof(plain)) { 700 if ((uint32_t)len != sizeof(plain)) {
@@ -738,17 +738,17 @@ static int handle_data_response(void *object, IP_Port source, const uint8_t *pac
738 } 738 }
739 739
740 uint8_t temp_plain[length - ONION_DATA_RESPONSE_MIN_SIZE]; 740 uint8_t temp_plain[length - ONION_DATA_RESPONSE_MIN_SIZE];
741 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion_c->temp_secret_key, packet + 1, 741 int len = decrypt_data(packet + 1 + CRYPTO_NONCE_SIZE, onion_c->temp_secret_key, packet + 1,
742 packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, 742 packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE,
743 length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), temp_plain); 743 length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE), temp_plain);
744 744
745 if ((uint32_t)len != sizeof(temp_plain)) { 745 if ((uint32_t)len != sizeof(temp_plain)) {
746 return 1; 746 return 1;
747 } 747 }
748 748
749 uint8_t plain[sizeof(temp_plain) - DATA_IN_RESPONSE_MIN_SIZE]; 749 uint8_t plain[sizeof(temp_plain) - DATA_IN_RESPONSE_MIN_SIZE];
750 len = decrypt_data(temp_plain, onion_c->c->self_secret_key, packet + 1, temp_plain + crypto_box_PUBLICKEYBYTES, 750 len = decrypt_data(temp_plain, onion_c->c->self_secret_key, packet + 1, temp_plain + CRYPTO_PUBLIC_KEY_SIZE,
751 sizeof(temp_plain) - crypto_box_PUBLICKEYBYTES, plain); 751 sizeof(temp_plain) - CRYPTO_PUBLIC_KEY_SIZE, plain);
752 752
753 if ((uint32_t)len != sizeof(plain)) { 753 if ((uint32_t)len != sizeof(plain)) {
754 return 1; 754 return 1;
@@ -762,7 +762,7 @@ static int handle_data_response(void *object, IP_Port source, const uint8_t *pac
762 sizeof(plain), userdata); 762 sizeof(plain), userdata);
763} 763}
764 764
765#define DHTPK_DATA_MIN_LENGTH (1 + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES) 765#define DHTPK_DATA_MIN_LENGTH (1 + sizeof(uint64_t) + CRYPTO_PUBLIC_KEY_SIZE)
766#define DHTPK_DATA_MAX_LENGTH (DHTPK_DATA_MIN_LENGTH + sizeof(Node_format)*MAX_SENT_NODES) 766#define DHTPK_DATA_MAX_LENGTH (DHTPK_DATA_MIN_LENGTH + sizeof(Node_format)*MAX_SENT_NODES)
767static int handle_dhtpk_announce(void *object, const uint8_t *source_pubkey, const uint8_t *data, uint16_t length, 767static int handle_dhtpk_announce(void *object, const uint8_t *source_pubkey, const uint8_t *data, uint16_t length,
768 void *userdata) 768 void *userdata)
@@ -805,7 +805,7 @@ static int handle_dhtpk_announce(void *object, const uint8_t *source_pubkey, con
805 805
806 if (len_nodes != 0) { 806 if (len_nodes != 0) {
807 Node_format nodes[MAX_SENT_NODES]; 807 Node_format nodes[MAX_SENT_NODES];
808 int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, data + 1 + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES, 808 int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, data + 1 + sizeof(uint64_t) + CRYPTO_PUBLIC_KEY_SIZE,
809 len_nodes, 1); 809 len_nodes, 1);
810 810
811 if (num_nodes <= 0) { 811 if (num_nodes <= 0) {
@@ -894,15 +894,15 @@ int send_onion_data(Onion_Client *onion_c, int friend_num, const uint8_t *data,
894 return -1; 894 return -1;
895 } 895 }
896 896
897 uint8_t nonce[crypto_box_NONCEBYTES]; 897 uint8_t nonce[CRYPTO_NONCE_SIZE];
898 random_nonce(nonce); 898 random_nonce(nonce);
899 899
900 uint8_t packet[DATA_IN_RESPONSE_MIN_SIZE + length]; 900 uint8_t packet[DATA_IN_RESPONSE_MIN_SIZE + length];
901 memcpy(packet, onion_c->c->self_public_key, crypto_box_PUBLICKEYBYTES); 901 memcpy(packet, onion_c->c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
902 int len = encrypt_data(onion_c->friends_list[friend_num].real_public_key, onion_c->c->self_secret_key, nonce, data, 902 int len = encrypt_data(onion_c->friends_list[friend_num].real_public_key, onion_c->c->self_secret_key, nonce, data,
903 length, packet + crypto_box_PUBLICKEYBYTES); 903 length, packet + CRYPTO_PUBLIC_KEY_SIZE);
904 904
905 if ((uint32_t)len + crypto_box_PUBLICKEYBYTES != sizeof(packet)) { 905 if ((uint32_t)len + CRYPTO_PUBLIC_KEY_SIZE != sizeof(packet)) {
906 return -1; 906 return -1;
907 } 907 }
908 908
@@ -948,16 +948,16 @@ static int send_dht_dhtpk(const Onion_Client *onion_c, int friend_num, const uin
948 return -1; 948 return -1;
949 } 949 }
950 950
951 uint8_t nonce[crypto_box_NONCEBYTES]; 951 uint8_t nonce[CRYPTO_NONCE_SIZE];
952 random_nonce(nonce); 952 random_nonce(nonce);
953 953
954 uint8_t temp[DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES + length]; 954 uint8_t temp[DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE + length];
955 memcpy(temp, onion_c->c->self_public_key, crypto_box_PUBLICKEYBYTES); 955 memcpy(temp, onion_c->c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
956 memcpy(temp + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); 956 memcpy(temp + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE);
957 int len = encrypt_data(onion_c->friends_list[friend_num].real_public_key, onion_c->c->self_secret_key, nonce, data, 957 int len = encrypt_data(onion_c->friends_list[friend_num].real_public_key, onion_c->c->self_secret_key, nonce, data,
958 length, temp + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); 958 length, temp + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);
959 959
960 if ((uint32_t)len + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES != sizeof(temp)) { 960 if ((uint32_t)len + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE != sizeof(temp)) {
961 return -1; 961 return -1;
962 } 962 }
963 963
@@ -977,20 +977,20 @@ static int handle_dht_dhtpk(void *object, IP_Port source, const uint8_t *source_
977{ 977{
978 Onion_Client *onion_c = (Onion_Client *)object; 978 Onion_Client *onion_c = (Onion_Client *)object;
979 979
980 if (length < DHTPK_DATA_MIN_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES) { 980 if (length < DHTPK_DATA_MIN_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE) {
981 return 1; 981 return 1;
982 } 982 }
983 983
984 if (length > DHTPK_DATA_MAX_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES) { 984 if (length > DHTPK_DATA_MAX_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE) {
985 return 1; 985 return 1;
986 } 986 }
987 987
988 uint8_t plain[DHTPK_DATA_MAX_LENGTH]; 988 uint8_t plain[DHTPK_DATA_MAX_LENGTH];
989 int len = decrypt_data(packet, onion_c->c->self_secret_key, packet + crypto_box_PUBLICKEYBYTES, 989 int len = decrypt_data(packet, onion_c->c->self_secret_key, packet + CRYPTO_PUBLIC_KEY_SIZE,
990 packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, 990 packet + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
991 length - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES), plain); 991 length - (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE), plain);
992 992
993 if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES)) { 993 if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE)) {
994 return 1; 994 return 1;
995 } 995 }
996 996
@@ -1020,7 +1020,7 @@ static int send_dhtpk_announce(Onion_Client *onion_c, uint16_t friend_num, uint8
1020 uint64_t no_replay = unix_time(); 1020 uint64_t no_replay = unix_time();
1021 host_to_net((uint8_t *)&no_replay, sizeof(no_replay)); 1021 host_to_net((uint8_t *)&no_replay, sizeof(no_replay));
1022 memcpy(data + 1, &no_replay, sizeof(no_replay)); 1022 memcpy(data + 1, &no_replay, sizeof(no_replay));
1023 memcpy(data + 1 + sizeof(uint64_t), onion_c->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 1023 memcpy(data + 1 + sizeof(uint64_t), onion_c->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
1024 Node_format nodes[MAX_SENT_NODES]; 1024 Node_format nodes[MAX_SENT_NODES];
1025 uint16_t num_relays = copy_connected_tcp_relays(onion_c->c, nodes, (MAX_SENT_NODES / 2)); 1025 uint16_t num_relays = copy_connected_tcp_relays(onion_c->c, nodes, (MAX_SENT_NODES / 2));
1026 uint16_t num_nodes = closelist_nodes(onion_c->dht, &nodes[num_relays], MAX_SENT_NODES - num_relays); 1026 uint16_t num_nodes = closelist_nodes(onion_c->dht, &nodes[num_relays], MAX_SENT_NODES - num_relays);
@@ -1135,8 +1135,8 @@ int onion_addfriend(Onion_Client *onion_c, const uint8_t *public_key)
1135 } 1135 }
1136 1136
1137 onion_c->friends_list[index].status = 1; 1137 onion_c->friends_list[index].status = 1;
1138 memcpy(onion_c->friends_list[index].real_public_key, public_key, crypto_box_PUBLICKEYBYTES); 1138 memcpy(onion_c->friends_list[index].real_public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
1139 crypto_box_keypair(onion_c->friends_list[index].temp_public_key, onion_c->friends_list[index].temp_secret_key); 1139 crypto_new_keypair(onion_c->friends_list[index].temp_public_key, onion_c->friends_list[index].temp_secret_key);
1140 return index; 1140 return index;
1141} 1141}
1142 1142
@@ -1154,7 +1154,7 @@ int onion_delfriend(Onion_Client *onion_c, int friend_num)
1154 //if (onion_c->friends_list[friend_num].know_dht_public_key) 1154 //if (onion_c->friends_list[friend_num].know_dht_public_key)
1155 // DHT_delfriend(onion_c->dht, onion_c->friends_list[friend_num].dht_public_key, 0); 1155 // DHT_delfriend(onion_c->dht, onion_c->friends_list[friend_num].dht_public_key, 0);
1156 1156
1157 sodium_memzero(&(onion_c->friends_list[friend_num]), sizeof(Onion_Friend)); 1157 crypto_memzero(&(onion_c->friends_list[friend_num]), sizeof(Onion_Friend));
1158 unsigned int i; 1158 unsigned int i;
1159 1159
1160 for (i = onion_c->num_friends; i != 0; --i) { 1160 for (i = onion_c->num_friends; i != 0; --i) {
@@ -1238,7 +1238,7 @@ int onion_set_friend_DHT_pubkey(Onion_Client *onion_c, int friend_num, const uin
1238 1238
1239 onion_c->friends_list[friend_num].last_seen = unix_time(); 1239 onion_c->friends_list[friend_num].last_seen = unix_time();
1240 onion_c->friends_list[friend_num].know_dht_public_key = 1; 1240 onion_c->friends_list[friend_num].know_dht_public_key = 1;
1241 memcpy(onion_c->friends_list[friend_num].dht_public_key, dht_key, crypto_box_PUBLICKEYBYTES); 1241 memcpy(onion_c->friends_list[friend_num].dht_public_key, dht_key, CRYPTO_PUBLIC_KEY_SIZE);
1242 1242
1243 return 0; 1243 return 0;
1244} 1244}
@@ -1262,7 +1262,7 @@ unsigned int onion_getfriend_DHT_pubkey(const Onion_Client *onion_c, int friend_
1262 return 0; 1262 return 0;
1263 } 1263 }
1264 1264
1265 memcpy(dht_key, onion_c->friends_list[friend_num].dht_public_key, crypto_box_PUBLICKEYBYTES); 1265 memcpy(dht_key, onion_c->friends_list[friend_num].dht_public_key, CRYPTO_PUBLIC_KEY_SIZE);
1266 return 1; 1266 return 1;
1267} 1267}
1268 1268
@@ -1275,7 +1275,7 @@ unsigned int onion_getfriend_DHT_pubkey(const Onion_Client *onion_c, int friend_
1275 */ 1275 */
1276int onion_getfriendip(const Onion_Client *onion_c, int friend_num, IP_Port *ip_port) 1276int onion_getfriendip(const Onion_Client *onion_c, int friend_num, IP_Port *ip_port)
1277{ 1277{
1278 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; 1278 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE];
1279 1279
1280 if (onion_getfriend_DHT_pubkey(onion_c, friend_num, dht_public_key) == 0) { 1280 if (onion_getfriend_DHT_pubkey(onion_c, friend_num, dht_public_key) == 0) {
1281 return -1; 1281 return -1;
@@ -1620,7 +1620,7 @@ Onion_Client *new_onion_client(Net_Crypto *c)
1620 onion_c->net = c->dht->net; 1620 onion_c->net = c->dht->net;
1621 onion_c->c = c; 1621 onion_c->c = c;
1622 new_symmetric_key(onion_c->secret_symmetric_key); 1622 new_symmetric_key(onion_c->secret_symmetric_key);
1623 crypto_box_keypair(onion_c->temp_public_key, onion_c->temp_secret_key); 1623 crypto_new_keypair(onion_c->temp_public_key, onion_c->temp_secret_key);
1624 networking_registerhandler(onion_c->net, NET_PACKET_ANNOUNCE_RESPONSE, &handle_announce_response, onion_c); 1624 networking_registerhandler(onion_c->net, NET_PACKET_ANNOUNCE_RESPONSE, &handle_announce_response, onion_c);
1625 networking_registerhandler(onion_c->net, NET_PACKET_ONION_DATA_RESPONSE, &handle_data_response, onion_c); 1625 networking_registerhandler(onion_c->net, NET_PACKET_ONION_DATA_RESPONSE, &handle_data_response, onion_c);
1626 oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, &handle_dhtpk_announce, onion_c); 1626 oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, &handle_dhtpk_announce, onion_c);
@@ -1643,7 +1643,7 @@ void kill_onion_client(Onion_Client *onion_c)
1643 oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, NULL, NULL); 1643 oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, NULL, NULL);
1644 cryptopacket_registerhandler(onion_c->dht, CRYPTO_PACKET_DHTPK, NULL, NULL); 1644 cryptopacket_registerhandler(onion_c->dht, CRYPTO_PACKET_DHTPK, NULL, NULL);
1645 set_onion_packet_tcp_connection_callback(onion_c->c->tcp_c, NULL, NULL); 1645 set_onion_packet_tcp_connection_callback(onion_c->c->tcp_c, NULL, NULL);
1646 sodium_memzero(onion_c, sizeof(Onion_Client)); 1646 crypto_memzero(onion_c, sizeof(Onion_Client));
1647 free(onion_c); 1647 free(onion_c);
1648} 1648}
1649 1649
diff --git a/toxcore/onion_client.h b/toxcore/onion_client.h
index 47d08eca..afe72ca1 100644
--- a/toxcore/onion_client.h
+++ b/toxcore/onion_client.h
@@ -61,10 +61,10 @@
61#define ONION_DATA_DHTPK CRYPTO_PACKET_DHTPK 61#define ONION_DATA_DHTPK CRYPTO_PACKET_DHTPK
62 62
63typedef struct { 63typedef struct {
64 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 64 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
65 IP_Port ip_port; 65 IP_Port ip_port;
66 uint8_t ping_id[ONION_PING_ID_SIZE]; 66 uint8_t ping_id[ONION_PING_ID_SIZE];
67 uint8_t data_public_key[crypto_box_PUBLICKEYBYTES]; 67 uint8_t data_public_key[CRYPTO_PUBLIC_KEY_SIZE];
68 uint8_t is_stored; 68 uint8_t is_stored;
69 69
70 uint64_t timestamp; 70 uint64_t timestamp;
@@ -84,7 +84,7 @@ typedef struct {
84} Onion_Client_Paths; 84} Onion_Client_Paths;
85 85
86typedef struct { 86typedef struct {
87 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 87 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE];
88 uint64_t timestamp; 88 uint64_t timestamp;
89} Last_Pinged; 89} Last_Pinged;
90 90
@@ -93,12 +93,12 @@ typedef struct {
93 uint8_t is_online; /* Set by the onion_set_friend_status function. */ 93 uint8_t is_online; /* Set by the onion_set_friend_status function. */
94 94
95 uint8_t know_dht_public_key; /* 0 if we don't know the dht public key of the other, 1 if we do. */ 95 uint8_t know_dht_public_key; /* 0 if we don't know the dht public key of the other, 1 if we do. */
96 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; 96 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE];
97 uint8_t real_public_key[crypto_box_PUBLICKEYBYTES]; 97 uint8_t real_public_key[CRYPTO_PUBLIC_KEY_SIZE];
98 98
99 Onion_Node clients_list[MAX_ONION_CLIENTS]; 99 Onion_Node clients_list[MAX_ONION_CLIENTS];
100 uint8_t temp_public_key[crypto_box_PUBLICKEYBYTES]; 100 uint8_t temp_public_key[CRYPTO_PUBLIC_KEY_SIZE];
101 uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; 101 uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE];
102 102
103 uint64_t last_dht_pk_onion_sent; 103 uint64_t last_dht_pk_onion_sent;
104 uint64_t last_dht_pk_dht_sent; 104 uint64_t last_dht_pk_dht_sent;
@@ -136,11 +136,11 @@ typedef struct {
136 Onion_Client_Paths onion_paths_self; 136 Onion_Client_Paths onion_paths_self;
137 Onion_Client_Paths onion_paths_friends; 137 Onion_Client_Paths onion_paths_friends;
138 138
139 uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; 139 uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE];
140 uint64_t last_run, first_run; 140 uint64_t last_run, first_run;
141 141
142 uint8_t temp_public_key[crypto_box_PUBLICKEYBYTES]; 142 uint8_t temp_public_key[CRYPTO_PUBLIC_KEY_SIZE];
143 uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; 143 uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE];
144 144
145 Last_Pinged last_pinged[MAX_STORED_PINGED_NODES]; 145 Last_Pinged last_pinged[MAX_STORED_PINGED_NODES];
146 146
@@ -257,7 +257,7 @@ int onion_set_friend_DHT_pubkey(Onion_Client *onion_c, int friend_num, const uin
257 */ 257 */
258unsigned int onion_getfriend_DHT_pubkey(const Onion_Client *onion_c, int friend_num, uint8_t *dht_key); 258unsigned int onion_getfriend_DHT_pubkey(const Onion_Client *onion_c, int friend_num, uint8_t *dht_key);
259 259
260#define ONION_DATA_IN_RESPONSE_MIN_SIZE (crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) 260#define ONION_DATA_IN_RESPONSE_MIN_SIZE (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE)
261#define ONION_CLIENT_MAX_DATA_SIZE (MAX_DATA_REQUEST_SIZE - ONION_DATA_IN_RESPONSE_MIN_SIZE) 261#define ONION_CLIENT_MAX_DATA_SIZE (MAX_DATA_REQUEST_SIZE - ONION_DATA_IN_RESPONSE_MIN_SIZE)
262 262
263/* Send data of length length to friendnum. 263/* Send data of length length to friendnum.
diff --git a/toxcore/ping.c b/toxcore/ping.c
index bde28b59..bf61b095 100644
--- a/toxcore/ping.c
+++ b/toxcore/ping.c
@@ -55,8 +55,8 @@ struct PING {
55 55
56 56
57#define PING_PLAIN_SIZE (1 + sizeof(uint64_t)) 57#define PING_PLAIN_SIZE (1 + sizeof(uint64_t))
58#define DHT_PING_SIZE (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + PING_PLAIN_SIZE + crypto_box_MACBYTES) 58#define DHT_PING_SIZE (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + PING_PLAIN_SIZE + CRYPTO_MAC_SIZE)
59#define PING_DATA_SIZE (crypto_box_PUBLICKEYBYTES + sizeof(IP_Port)) 59#define PING_DATA_SIZE (CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port))
60 60
61int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key) 61int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key)
62{ 62{
@@ -68,14 +68,14 @@ int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key)
68 return 1; 68 return 1;
69 } 69 }
70 70
71 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 71 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
72 72
73 // generate key to encrypt ping_id with recipient privkey 73 // generate key to encrypt ping_id with recipient privkey
74 DHT_get_shared_key_sent(ping->dht, shared_key, public_key); 74 DHT_get_shared_key_sent(ping->dht, shared_key, public_key);
75 // Generate random ping_id. 75 // Generate random ping_id.
76 uint8_t data[PING_DATA_SIZE]; 76 uint8_t data[PING_DATA_SIZE];
77 id_copy(data, public_key); 77 id_copy(data, public_key);
78 memcpy(data + crypto_box_PUBLICKEYBYTES, &ipp, sizeof(IP_Port)); 78 memcpy(data + CRYPTO_PUBLIC_KEY_SIZE, &ipp, sizeof(IP_Port));
79 ping_id = ping_array_add(&ping->ping_array, data, sizeof(data)); 79 ping_id = ping_array_add(&ping->ping_array, data, sizeof(data));
80 80
81 if (ping_id == 0) { 81 if (ping_id == 0) {
@@ -88,15 +88,15 @@ int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key)
88 88
89 pk[0] = NET_PACKET_PING_REQUEST; 89 pk[0] = NET_PACKET_PING_REQUEST;
90 id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey 90 id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey
91 random_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce 91 random_nonce(pk + 1 + CRYPTO_PUBLIC_KEY_SIZE); // Generate new nonce
92 92
93 93
94 rc = encrypt_data_symmetric(shared_key, 94 rc = encrypt_data_symmetric(shared_key,
95 pk + 1 + crypto_box_PUBLICKEYBYTES, 95 pk + 1 + CRYPTO_PUBLIC_KEY_SIZE,
96 ping_plain, sizeof(ping_plain), 96 ping_plain, sizeof(ping_plain),
97 pk + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); 97 pk + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);
98 98
99 if (rc != PING_PLAIN_SIZE + crypto_box_MACBYTES) { 99 if (rc != PING_PLAIN_SIZE + CRYPTO_MAC_SIZE) {
100 return 1; 100 return 1;
101 } 101 }
102 102
@@ -119,15 +119,15 @@ static int send_ping_response(PING *ping, IP_Port ipp, const uint8_t *public_key
119 119
120 pk[0] = NET_PACKET_PING_RESPONSE; 120 pk[0] = NET_PACKET_PING_RESPONSE;
121 id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey 121 id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey
122 random_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce 122 random_nonce(pk + 1 + CRYPTO_PUBLIC_KEY_SIZE); // Generate new nonce
123 123
124 // Encrypt ping_id using recipient privkey 124 // Encrypt ping_id using recipient privkey
125 rc = encrypt_data_symmetric(shared_encryption_key, 125 rc = encrypt_data_symmetric(shared_encryption_key,
126 pk + 1 + crypto_box_PUBLICKEYBYTES, 126 pk + 1 + CRYPTO_PUBLIC_KEY_SIZE,
127 ping_plain, sizeof(ping_plain), 127 ping_plain, sizeof(ping_plain),
128 pk + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); 128 pk + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE);
129 129
130 if (rc != PING_PLAIN_SIZE + crypto_box_MACBYTES) { 130 if (rc != PING_PLAIN_SIZE + CRYPTO_MAC_SIZE) {
131 return 1; 131 return 1;
132 } 132 }
133 133
@@ -149,15 +149,15 @@ static int handle_ping_request(void *object, IP_Port source, const uint8_t *pack
149 return 1; 149 return 1;
150 } 150 }
151 151
152 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 152 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
153 153
154 uint8_t ping_plain[PING_PLAIN_SIZE]; 154 uint8_t ping_plain[PING_PLAIN_SIZE];
155 // Decrypt ping_id 155 // Decrypt ping_id
156 DHT_get_shared_key_recv(dht, shared_key, packet + 1); 156 DHT_get_shared_key_recv(dht, shared_key, packet + 1);
157 rc = decrypt_data_symmetric(shared_key, 157 rc = decrypt_data_symmetric(shared_key,
158 packet + 1 + crypto_box_PUBLICKEYBYTES, 158 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
159 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, 159 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
160 PING_PLAIN_SIZE + crypto_box_MACBYTES, 160 PING_PLAIN_SIZE + CRYPTO_MAC_SIZE,
161 ping_plain); 161 ping_plain);
162 162
163 if (rc != sizeof(ping_plain)) { 163 if (rc != sizeof(ping_plain)) {
@@ -192,7 +192,7 @@ static int handle_ping_response(void *object, IP_Port source, const uint8_t *pac
192 return 1; 192 return 1;
193 } 193 }
194 194
195 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 195 uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE];
196 196
197 // generate key to encrypt ping_id with recipient privkey 197 // generate key to encrypt ping_id with recipient privkey
198 DHT_get_shared_key_sent(ping->dht, shared_key, packet + 1); 198 DHT_get_shared_key_sent(ping->dht, shared_key, packet + 1);
@@ -200,9 +200,9 @@ static int handle_ping_response(void *object, IP_Port source, const uint8_t *pac
200 uint8_t ping_plain[PING_PLAIN_SIZE]; 200 uint8_t ping_plain[PING_PLAIN_SIZE];
201 // Decrypt ping_id 201 // Decrypt ping_id
202 rc = decrypt_data_symmetric(shared_key, 202 rc = decrypt_data_symmetric(shared_key,
203 packet + 1 + crypto_box_PUBLICKEYBYTES, 203 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE,
204 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, 204 packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE,
205 PING_PLAIN_SIZE + crypto_box_MACBYTES, 205 PING_PLAIN_SIZE + CRYPTO_MAC_SIZE,
206 ping_plain); 206 ping_plain);
207 207
208 if (rc != sizeof(ping_plain)) { 208 if (rc != sizeof(ping_plain)) {
@@ -226,7 +226,7 @@ static int handle_ping_response(void *object, IP_Port source, const uint8_t *pac
226 } 226 }
227 227
228 IP_Port ipp; 228 IP_Port ipp;
229 memcpy(&ipp, data + crypto_box_PUBLICKEYBYTES, sizeof(IP_Port)); 229 memcpy(&ipp, data + CRYPTO_PUBLIC_KEY_SIZE, sizeof(IP_Port));
230 230
231 if (!ipport_equal(&ipp, &source)) { 231 if (!ipport_equal(&ipp, &source)) {
232 return 1; 232 return 1;
@@ -299,7 +299,7 @@ int add_to_ping(PING *ping, const uint8_t *public_key, IP_Port ip_port)
299 299
300 for (i = 0; i < MAX_TO_PING; ++i) { 300 for (i = 0; i < MAX_TO_PING; ++i) {
301 if (!ip_isset(&ping->to_ping[i].ip_port.ip)) { 301 if (!ip_isset(&ping->to_ping[i].ip_port.ip)) {
302 memcpy(ping->to_ping[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); 302 memcpy(ping->to_ping[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE);
303 ipport_copy(&ping->to_ping[i].ip_port, &ip_port); 303 ipport_copy(&ping->to_ping[i].ip_port, &ip_port);
304 return 0; 304 return 0;
305 } 305 }
diff --git a/toxcore/tox.c b/toxcore/tox.c
index 37ea4849..7a9a708c 100644
--- a/toxcore/tox.c
+++ b/toxcore/tox.c
@@ -37,28 +37,28 @@ typedef struct Messenger Tox;
37 37
38#define SET_ERROR_PARAMETER(param, x) {if(param) {*param = x;}} 38#define SET_ERROR_PARAMETER(param, x) {if(param) {*param = x;}}
39 39
40#if TOX_HASH_LENGTH != crypto_hash_sha256_BYTES 40#if TOX_HASH_LENGTH != CRYPTO_SHA256_SIZE
41#error TOX_HASH_LENGTH is assumed to be equal to crypto_hash_sha256_BYTES 41#error TOX_HASH_LENGTH is assumed to be equal to CRYPTO_SHA256_SIZE
42#endif 42#endif
43 43
44#if FILE_ID_LENGTH != crypto_box_KEYBYTES 44#if FILE_ID_LENGTH != CRYPTO_SYMMETRIC_KEY_SIZE
45#error FILE_ID_LENGTH is assumed to be equal to crypto_box_KEYBYTES 45#error FILE_ID_LENGTH is assumed to be equal to CRYPTO_SYMMETRIC_KEY_SIZE
46#endif 46#endif
47 47
48#if TOX_FILE_ID_LENGTH != crypto_box_KEYBYTES 48#if TOX_FILE_ID_LENGTH != CRYPTO_SYMMETRIC_KEY_SIZE
49#error TOX_FILE_ID_LENGTH is assumed to be equal to crypto_box_KEYBYTES 49#error TOX_FILE_ID_LENGTH is assumed to be equal to CRYPTO_SYMMETRIC_KEY_SIZE
50#endif 50#endif
51 51
52#if TOX_FILE_ID_LENGTH != TOX_HASH_LENGTH 52#if TOX_FILE_ID_LENGTH != TOX_HASH_LENGTH
53#error TOX_FILE_ID_LENGTH is assumed to be equal to TOX_HASH_LENGTH 53#error TOX_FILE_ID_LENGTH is assumed to be equal to TOX_HASH_LENGTH
54#endif 54#endif
55 55
56#if TOX_PUBLIC_KEY_SIZE != crypto_box_PUBLICKEYBYTES 56#if TOX_PUBLIC_KEY_SIZE != CRYPTO_PUBLIC_KEY_SIZE
57#error TOX_PUBLIC_KEY_SIZE is assumed to be equal to crypto_box_PUBLICKEYBYTES 57#error TOX_PUBLIC_KEY_SIZE is assumed to be equal to CRYPTO_PUBLIC_KEY_SIZE
58#endif 58#endif
59 59
60#if TOX_SECRET_KEY_SIZE != crypto_box_SECRETKEYBYTES 60#if TOX_SECRET_KEY_SIZE != CRYPTO_SECRET_KEY_SIZE
61#error TOX_SECRET_KEY_SIZE is assumed to be equal to crypto_box_SECRETKEYBYTES 61#error TOX_SECRET_KEY_SIZE is assumed to be equal to CRYPTO_SECRET_KEY_SIZE
62#endif 62#endif
63 63
64#if TOX_MAX_NAME_LENGTH != MAX_NAME_LENGTH 64#if TOX_MAX_NAME_LENGTH != MAX_NAME_LENGTH
@@ -206,7 +206,7 @@ Tox *tox_new(const struct Tox_Options *options, TOX_ERR_NEW *error)
206 return NULL; 206 return NULL;
207 } 207 }
208 208
209 if (sodium_memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) { 209 if (crypto_memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) {
210 SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_ENCRYPTED); 210 SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_ENCRYPTED);
211 return NULL; 211 return NULL;
212 } 212 }
@@ -495,7 +495,7 @@ void tox_self_get_public_key(const Tox *tox, uint8_t *public_key)
495 const Messenger *m = tox; 495 const Messenger *m = tox;
496 496
497 if (public_key) { 497 if (public_key) {
498 memcpy(public_key, m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES); 498 memcpy(public_key, m->net_crypto->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
499 } 499 }
500} 500}
501 501
@@ -504,7 +504,7 @@ void tox_self_get_secret_key(const Tox *tox, uint8_t *secret_key)
504 const Messenger *m = tox; 504 const Messenger *m = tox;
505 505
506 if (secret_key) { 506 if (secret_key) {
507 memcpy(secret_key, m->net_crypto->self_secret_key, crypto_box_SECRETKEYBYTES); 507 memcpy(secret_key, m->net_crypto->self_secret_key, CRYPTO_SECRET_KEY_SIZE);
508 } 508 }
509} 509}
510 510
@@ -972,7 +972,7 @@ bool tox_hash(uint8_t *hash, const uint8_t *data, size_t length)
972 return 0; 972 return 0;
973 } 973 }
974 974
975 crypto_hash_sha256(hash, data, length); 975 crypto_sha256(hash, data, length);
976 return 1; 976 return 1;
977} 977}
978 978
@@ -1645,7 +1645,7 @@ void tox_self_get_dht_id(const Tox *tox, uint8_t *dht_id)
1645{ 1645{
1646 if (dht_id) { 1646 if (dht_id) {
1647 const Messenger *m = tox; 1647 const Messenger *m = tox;
1648 memcpy(dht_id , m->dht->self_public_key, crypto_box_PUBLICKEYBYTES); 1648 memcpy(dht_id , m->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE);
1649 } 1649 }
1650} 1650}
1651 1651
diff --git a/toxcore/util.c b/toxcore/util.c
index 25068db6..2dfa360e 100644
--- a/toxcore/util.c
+++ b/toxcore/util.c
@@ -28,7 +28,7 @@
28 28
29#include "util.h" 29#include "util.h"
30 30
31#include "crypto_core.h" /* for crypto_box_PUBLICKEYBYTES */ 31#include "crypto_core.h" /* for CRYPTO_PUBLIC_KEY_SIZE */
32 32
33#include <time.h> 33#include <time.h>
34 34
@@ -65,8 +65,8 @@ bool id_equal(const uint8_t *dest, const uint8_t *src)
65 65
66uint32_t id_copy(uint8_t *dest, const uint8_t *src) 66uint32_t id_copy(uint8_t *dest, const uint8_t *src)
67{ 67{
68 memcpy(dest, src, crypto_box_PUBLICKEYBYTES); 68 memcpy(dest, src, CRYPTO_PUBLIC_KEY_SIZE);
69 return crypto_box_PUBLICKEYBYTES; 69 return CRYPTO_PUBLIC_KEY_SIZE;
70} 70}
71 71
72void host_to_net(uint8_t *num, uint16_t numbytes) 72void host_to_net(uint8_t *num, uint16_t numbytes)
diff --git a/toxdns/toxdns.c b/toxdns/toxdns.c
index 01380772..3f010118 100644
--- a/toxdns/toxdns.c
+++ b/toxdns/toxdns.c
@@ -50,10 +50,10 @@ static const char base32[32] = {
50} 50}
51 51
52typedef struct { 52typedef struct {
53 uint8_t temp_pk[crypto_box_PUBLICKEYBYTES]; 53 uint8_t temp_pk[CRYPTO_PUBLIC_KEY_SIZE];
54 uint8_t temp_sk[crypto_box_SECRETKEYBYTES]; 54 uint8_t temp_sk[CRYPTO_SECRET_KEY_SIZE];
55 uint8_t server_public_key[crypto_box_PUBLICKEYBYTES]; 55 uint8_t server_public_key[CRYPTO_PUBLIC_KEY_SIZE];
56 uint8_t shared_key[crypto_box_KEYBYTES]; 56 uint8_t shared_key[CRYPTO_SYMMETRIC_KEY_SIZE];
57 uint32_t nonce; 57 uint32_t nonce;
58 uint32_t nonce_start; 58 uint32_t nonce_start;
59} DNS_Object; 59} DNS_Object;
@@ -61,7 +61,7 @@ typedef struct {
61static void dns_new_temp_keys(DNS_Object *d) 61static void dns_new_temp_keys(DNS_Object *d)
62{ 62{
63 d->nonce = d->nonce_start = random_int(); 63 d->nonce = d->nonce_start = random_int();
64 crypto_box_keypair(d->temp_pk, d->temp_sk); 64 crypto_new_keypair(d->temp_pk, d->temp_sk);
65 encrypt_precompute(d->server_public_key, d->temp_sk, d->shared_key); 65 encrypt_precompute(d->server_public_key, d->temp_sk, d->shared_key);
66} 66}
67 67
@@ -78,7 +78,7 @@ void *tox_dns3_new(uint8_t *server_public_key)
78 return NULL; 78 return NULL;
79 } 79 }
80 80
81 memcpy(d->server_public_key, server_public_key, crypto_box_PUBLICKEYBYTES); 81 memcpy(d->server_public_key, server_public_key, CRYPTO_PUBLIC_KEY_SIZE);
82 dns_new_temp_keys(d); 82 dns_new_temp_keys(d);
83 return d; 83 return d;
84} 84}
@@ -107,7 +107,7 @@ int tox_generate_dns3_string(void *dns3_object, uint8_t *string, uint16_t string
107 uint8_t *name, uint8_t name_len) 107 uint8_t *name, uint8_t name_len)
108{ 108{
109#define DOT_INTERVAL (6 * 5) 109#define DOT_INTERVAL (6 * 5)
110 int base = (sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + name_len + crypto_box_MACBYTES); 110 int base = (sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + name_len + CRYPTO_MAC_SIZE);
111 int end_len = ((base * 8) / 5) + (base / DOT_INTERVAL) + !!(base % 5); 111 int end_len = ((base * 8) / 5) + (base / DOT_INTERVAL) + !!(base % 5);
112 end_len -= !(base % DOT_INTERVAL); 112 end_len -= !(base % DOT_INTERVAL);
113 113
@@ -117,18 +117,18 @@ int tox_generate_dns3_string(void *dns3_object, uint8_t *string, uint16_t string
117 117
118 DNS_Object *d = (DNS_Object *)dns3_object; 118 DNS_Object *d = (DNS_Object *)dns3_object;
119 uint8_t buffer[1024]; 119 uint8_t buffer[1024];
120 uint8_t nonce[crypto_box_NONCEBYTES] = {0}; 120 uint8_t nonce[CRYPTO_NONCE_SIZE] = {0};
121 memcpy(nonce, &d->nonce, sizeof(uint32_t)); 121 memcpy(nonce, &d->nonce, sizeof(uint32_t));
122 memcpy(buffer, &d->nonce, sizeof(uint32_t)); 122 memcpy(buffer, &d->nonce, sizeof(uint32_t));
123 memcpy(buffer + sizeof(uint32_t), d->temp_pk, crypto_box_PUBLICKEYBYTES); 123 memcpy(buffer + sizeof(uint32_t), d->temp_pk, CRYPTO_PUBLIC_KEY_SIZE);
124 int len = encrypt_data_symmetric(d->shared_key, nonce, name, name_len, 124 int len = encrypt_data_symmetric(d->shared_key, nonce, name, name_len,
125 buffer + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES); 125 buffer + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE);
126 126
127 if (len == -1) { 127 if (len == -1) {
128 return -1; 128 return -1;
129 } 129 }
130 130
131 int total_len = len + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES; 131 int total_len = len + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE;
132 uint8_t *buff = buffer, *old_str = string; 132 uint8_t *buff = buffer, *old_str = string;
133 buffer[total_len] = 0; 133 buffer[total_len] = 0;
134 uint8_t bits = 0; 134 uint8_t bits = 0;
@@ -212,8 +212,13 @@ int tox_decrypt_dns3_TXT(void *dns3_object, uint8_t *tox_id, uint8_t *id_record,
212 return -1; 212 return -1;
213 } 213 }
214 214
215 /*if (id_record_len > 255 || id_record_len <= (sizeof(uint32_t) + crypto_box_MACBYTES)) 215#if 0
216 return -1;*/ 216
217 if (id_record_len > 255 || id_record_len <= (sizeof(uint32_t) + CRYPTO_MAC_SIZE)) {
218 return -1;
219 }
220
221#endif
217 222
218 uint8_t id_record_null[id_record_len + 1]; 223 uint8_t id_record_null[id_record_len + 1];
219 memcpy(id_record_null, id_record, id_record_len); 224 memcpy(id_record_null, id_record, id_record_len);
@@ -225,7 +230,7 @@ int tox_decrypt_dns3_TXT(void *dns3_object, uint8_t *tox_id, uint8_t *id_record,
225 return -1; 230 return -1;
226 } 231 }
227 232
228 uint8_t nonce[crypto_box_NONCEBYTES] = {0}; 233 uint8_t nonce[CRYPTO_NONCE_SIZE] = {0};
229 memcpy(nonce, &request_id, sizeof(uint32_t)); 234 memcpy(nonce, &request_id, sizeof(uint32_t));
230 nonce[sizeof(uint32_t)] = 1; 235 nonce[sizeof(uint32_t)] = 1;
231 int len = decrypt_data_symmetric(d->shared_key, nonce, data, length, tox_id); 236 int len = decrypt_data_symmetric(d->shared_key, nonce, data, length, tox_id);
diff --git a/toxencryptsave/toxencryptsave.c b/toxencryptsave/toxencryptsave.c
index 8d4cf6fa..360952ad 100644
--- a/toxencryptsave/toxencryptsave.c
+++ b/toxencryptsave/toxencryptsave.c
@@ -34,13 +34,14 @@
34#include <crypto_hash_sha256.h> 34#include <crypto_hash_sha256.h>
35#include "crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" 35#include "crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h"
36#endif 36#endif
37#include <sodium.h>
37 38
38#if TOX_PASS_SALT_LENGTH != crypto_pwhash_scryptsalsa208sha256_SALTBYTES 39#if TOX_PASS_SALT_LENGTH != crypto_pwhash_scryptsalsa208sha256_SALTBYTES
39#error TOX_PASS_SALT_LENGTH is assumed to be equal to crypto_pwhash_scryptsalsa208sha256_SALTBYTES 40#error TOX_PASS_SALT_LENGTH is assumed to be equal to crypto_pwhash_scryptsalsa208sha256_SALTBYTES
40#endif 41#endif
41 42
42#if TOX_PASS_KEY_LENGTH != crypto_box_KEYBYTES 43#if TOX_PASS_KEY_LENGTH != CRYPTO_SHARED_KEY_SIZE
43#error TOX_PASS_KEY_LENGTH is assumed to be equal to crypto_box_KEYBYTES 44#error TOX_PASS_KEY_LENGTH is assumed to be equal to CRYPTO_SHARED_KEY_SIZE
44#endif 45#endif
45 46
46#if TOX_PASS_ENCRYPTION_EXTRA_LENGTH != (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) 47#if TOX_PASS_ENCRYPTION_EXTRA_LENGTH != (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH)
@@ -126,7 +127,7 @@ bool tox_pass_key_derive_with_salt(Tox_Pass_Key *out_key, const uint8_t *passphr
126 uint8_t passkey[crypto_hash_sha256_BYTES]; 127 uint8_t passkey[crypto_hash_sha256_BYTES];
127 crypto_hash_sha256(passkey, passphrase, pplength); 128 crypto_hash_sha256(passkey, passphrase, pplength);
128 129
129 uint8_t key[crypto_box_KEYBYTES]; 130 uint8_t key[CRYPTO_SHARED_KEY_SIZE];
130 131
131 /* Derive a key from the password */ 132 /* Derive a key from the password */
132 /* http://doc.libsodium.org/key_derivation/README.html */ 133 /* http://doc.libsodium.org/key_derivation/README.html */
@@ -143,7 +144,7 @@ bool tox_pass_key_derive_with_salt(Tox_Pass_Key *out_key, const uint8_t *passphr
143 144
144 sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ 145 sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */
145 memcpy(out_key->salt, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); 146 memcpy(out_key->salt, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES);
146 memcpy(out_key->key, key, crypto_box_KEYBYTES); 147 memcpy(out_key->key, key, CRYPTO_SHARED_KEY_SIZE);
147 SET_ERROR_PARAMETER(error, TOX_ERR_KEY_DERIVATION_OK); 148 SET_ERROR_PARAMETER(error, TOX_ERR_KEY_DERIVATION_OK);
148 return 1; 149 return 1;
149} 150}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-19 19:14:11 +0000