diff options
author | irungentoo <irungentoo@gmail.com> | 2014-03-01 21:18:53 -0500 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2014-03-01 21:18:53 -0500 |
commit | de69dcef241d54dc75ce01cdeae60f445660608f (patch) | |
tree | 82cbee0d2e7349faf030dafa0793191733e744a2 | |
parent | 16b93e823bffaf68213d2f66d5af12c5a07ef290 (diff) |
Some small DHT CPU optimizations.
Only compute the shared key once instead of twice for received DHT
requests/responses.
-rw-r--r-- | toxcore/DHT.c | 45 | ||||
-rw-r--r-- | toxcore/ping.c | 28 |
2 files changed, 38 insertions, 35 deletions
diff --git a/toxcore/DHT.c b/toxcore/DHT.c index df067dc5..d7e626c4 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c | |||
@@ -844,7 +844,8 @@ static int getnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cli | |||
844 | /* because of BINARY compatibility, the Node_format MUST BE Node4_format, | 844 | /* because of BINARY compatibility, the Node_format MUST BE Node4_format, |
845 | * IPv6 nodes are sent in a different message | 845 | * IPv6 nodes are sent in a different message |
846 | * encrypted_data must be of size NODES_ENCRYPTED_MESSAGE_LENGTH */ | 846 | * encrypted_data must be of size NODES_ENCRYPTED_MESSAGE_LENGTH */ |
847 | static int sendnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *client_id, uint8_t *encrypted_data) | 847 | static int sendnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *client_id, uint8_t *encrypted_data, |
848 | uint8_t *shared_encryption_key) | ||
848 | { | 849 | { |
849 | /* Check if packet is going to be sent to ourself. */ | 850 | /* Check if packet is going to be sent to ourself. */ |
850 | if (id_equal(public_key, dht->self_public_key)) | 851 | if (id_equal(public_key, dht->self_public_key)) |
@@ -891,12 +892,11 @@ static int sendnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cl | |||
891 | } | 892 | } |
892 | 893 | ||
893 | memcpy(plain + num_nodes * Node4_format_size, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH); | 894 | memcpy(plain + num_nodes * Node4_format_size, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH); |
894 | int len = encrypt_data( public_key, | 895 | int len = encrypt_data_fast( shared_encryption_key, |
895 | dht->self_secret_key, | 896 | nonce, |
896 | nonce, | 897 | plain, |
897 | plain, | 898 | num_nodes * Node4_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH, |
898 | num_nodes * Node4_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH, | 899 | encrypt ); |
899 | encrypt ); | ||
900 | 900 | ||
901 | if ((unsigned int)len != num_nodes * Node4_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH + | 901 | if ((unsigned int)len != num_nodes * Node4_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH + |
902 | crypto_box_MACBYTES) | 902 | crypto_box_MACBYTES) |
@@ -930,7 +930,8 @@ void to_host_family(IP *ip) | |||
930 | ip->family = AF_INET6; | 930 | ip->family = AF_INET6; |
931 | } | 931 | } |
932 | /* Send a send nodes response: message for IPv6 nodes */ | 932 | /* Send a send nodes response: message for IPv6 nodes */ |
933 | static int sendnodes_ipv6(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *client_id, uint8_t *encrypted_data) | 933 | static int sendnodes_ipv6(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *client_id, uint8_t *encrypted_data, |
934 | uint8_t *shared_encryption_key) | ||
934 | { | 935 | { |
935 | /* Check if packet is going to be sent to ourself. */ | 936 | /* Check if packet is going to be sent to ourself. */ |
936 | if (id_equal(public_key, dht->self_public_key)) | 937 | if (id_equal(public_key, dht->self_public_key)) |
@@ -958,12 +959,11 @@ static int sendnodes_ipv6(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_ | |||
958 | 959 | ||
959 | memcpy(plain, nodes_list, num_nodes * Node_format_size); | 960 | memcpy(plain, nodes_list, num_nodes * Node_format_size); |
960 | memcpy(plain + num_nodes * Node_format_size, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH); | 961 | memcpy(plain + num_nodes * Node_format_size, encrypted_data, NODES_ENCRYPTED_MESSAGE_LENGTH); |
961 | int len = encrypt_data( public_key, | 962 | int len = encrypt_data_fast( shared_encryption_key, |
962 | dht->self_secret_key, | 963 | nonce, |
963 | nonce, | 964 | plain, |
964 | plain, | 965 | num_nodes * Node_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH, |
965 | num_nodes * Node_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH, | 966 | encrypt ); |
966 | encrypt ); | ||
967 | 967 | ||
968 | if ((unsigned int)len != num_nodes * Node_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES) | 968 | if ((unsigned int)len != num_nodes * Node_format_size + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES) |
969 | return -1; | 969 | return -1; |
@@ -989,20 +989,21 @@ static int handle_getnodes(void *object, IP_Port source, uint8_t *packet, uint32 | |||
989 | return 1; | 989 | return 1; |
990 | 990 | ||
991 | uint8_t plain[CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH]; | 991 | uint8_t plain[CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH]; |
992 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | ||
992 | 993 | ||
993 | int len = decrypt_data( packet + 1, | 994 | encrypt_precompute(packet + 1, dht->self_secret_key, shared_key); |
994 | dht->self_secret_key, | 995 | int len = decrypt_data_fast( shared_key, |
995 | packet + 1 + CLIENT_ID_SIZE, | 996 | packet + 1 + CLIENT_ID_SIZE, |
996 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, | 997 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, |
997 | CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES, | 998 | CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH + crypto_box_MACBYTES, |
998 | plain ); | 999 | plain ); |
999 | 1000 | ||
1000 | if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH) | 1001 | if (len != CLIENT_ID_SIZE + NODES_ENCRYPTED_MESSAGE_LENGTH) |
1001 | return 1; | 1002 | return 1; |
1002 | 1003 | ||
1003 | sendnodes(dht, source, packet + 1, plain, plain + CLIENT_ID_SIZE); | 1004 | sendnodes(dht, source, packet + 1, plain, plain + CLIENT_ID_SIZE, shared_key); |
1004 | sendnodes_ipv6(dht, source, packet + 1, plain, | 1005 | sendnodes_ipv6(dht, source, packet + 1, plain, |
1005 | plain + CLIENT_ID_SIZE); /* TODO: prevent possible amplification attacks */ | 1006 | plain + CLIENT_ID_SIZE, shared_key); /* TODO: prevent possible amplification attacks */ |
1006 | 1007 | ||
1007 | add_toping(dht->ping, packet + 1, source); | 1008 | add_toping(dht->ping, packet + 1, source); |
1008 | //send_ping_request(dht, source, packet + 1); /* TODO: make this smarter? */ | 1009 | //send_ping_request(dht, source, packet + 1); /* TODO: make this smarter? */ |
diff --git a/toxcore/ping.c b/toxcore/ping.c index 6b1b906a..f521542f 100644 --- a/toxcore/ping.c +++ b/toxcore/ping.c | |||
@@ -171,7 +171,8 @@ int send_ping_request(PING *ping, IP_Port ipp, uint8_t *client_id) | |||
171 | return sendpacket(ping->dht->net, ipp, pk, sizeof(pk)); | 171 | return sendpacket(ping->dht->net, ipp, pk, sizeof(pk)); |
172 | } | 172 | } |
173 | 173 | ||
174 | static int send_ping_response(PING *ping, IP_Port ipp, uint8_t *client_id, uint64_t ping_id) | 174 | static int send_ping_response(PING *ping, IP_Port ipp, uint8_t *client_id, uint64_t ping_id, |
175 | uint8_t *shared_encryption_key) | ||
175 | { | 176 | { |
176 | uint8_t pk[DHT_PING_SIZE]; | 177 | uint8_t pk[DHT_PING_SIZE]; |
177 | int rc; | 178 | int rc; |
@@ -184,11 +185,10 @@ static int send_ping_response(PING *ping, IP_Port ipp, uint8_t *client_id, uint6 | |||
184 | new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce | 185 | new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce |
185 | 186 | ||
186 | // Encrypt ping_id using recipient privkey | 187 | // Encrypt ping_id using recipient privkey |
187 | rc = encrypt_data(client_id, | 188 | rc = encrypt_data_fast(shared_encryption_key, |
188 | ping->dht->self_secret_key, | 189 | pk + 1 + CLIENT_ID_SIZE, |
189 | pk + 1 + CLIENT_ID_SIZE, | 190 | (uint8_t *) &ping_id, sizeof(ping_id), |
190 | (uint8_t *) &ping_id, sizeof(ping_id), | 191 | pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES ); |
191 | pk + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES); | ||
192 | 192 | ||
193 | if (rc != sizeof(ping_id) + crypto_box_MACBYTES) | 193 | if (rc != sizeof(ping_id) + crypto_box_MACBYTES) |
194 | return 1; | 194 | return 1; |
@@ -210,19 +210,21 @@ static int handle_ping_request(void *_dht, IP_Port source, uint8_t *packet, uint | |||
210 | if (id_equal(packet + 1, ping->dht->self_public_key)) | 210 | if (id_equal(packet + 1, ping->dht->self_public_key)) |
211 | return 1; | 211 | return 1; |
212 | 212 | ||
213 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | ||
214 | |||
213 | // Decrypt ping_id | 215 | // Decrypt ping_id |
214 | rc = decrypt_data(packet + 1, | 216 | encrypt_precompute(packet + 1, ping->dht->self_secret_key, shared_key); |
215 | ping->dht->self_secret_key, | 217 | rc = decrypt_data_fast(shared_key, |
216 | packet + 1 + CLIENT_ID_SIZE, | 218 | packet + 1 + CLIENT_ID_SIZE, |
217 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, | 219 | packet + 1 + CLIENT_ID_SIZE + crypto_box_NONCEBYTES, |
218 | sizeof(ping_id) + crypto_box_MACBYTES, | 220 | sizeof(ping_id) + crypto_box_MACBYTES, |
219 | (uint8_t *) &ping_id); | 221 | (uint8_t *) &ping_id ); |
220 | 222 | ||
221 | if (rc != sizeof(ping_id)) | 223 | if (rc != sizeof(ping_id)) |
222 | return 1; | 224 | return 1; |
223 | 225 | ||
224 | // Send response | 226 | // Send response |
225 | send_ping_response(ping, source, packet + 1, ping_id); | 227 | send_ping_response(ping, source, packet + 1, ping_id, shared_key); |
226 | add_toping(ping, packet + 1, source); | 228 | add_toping(ping, packet + 1, source); |
227 | 229 | ||
228 | return 0; | 230 | return 0; |