diff options
author | irungentoo <irungentoo@gmail.com> | 2013-07-27 08:43:36 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2013-07-27 08:43:36 -0400 |
commit | 14b43651c10b596efc33e11739c22321c3dbc3bf (patch) | |
tree | 26310e5bb35b693d607076db57bf682387f4c7df /core/net_crypto.c | |
parent | 1a6446266c9727e5c95e18d5e44157fd5a60900f (diff) |
Ran the code through: astyle --style=linux
Diffstat (limited to 'core/net_crypto.c')
-rw-r--r-- | core/net_crypto.c | 138 |
1 files changed, 65 insertions, 73 deletions
diff --git a/core/net_crypto.c b/core/net_crypto.c index c1571467..a437c5ee 100644 --- a/core/net_crypto.c +++ b/core/net_crypto.c | |||
@@ -1,10 +1,10 @@ | |||
1 | /* net_crypto.c | 1 | /* net_crypto.c |
2 | * | 2 | * |
3 | * Functions for the core network crypto. | 3 | * Functions for the core network crypto. |
4 | * See also: docs/Crypto.txt | 4 | * See also: docs/Crypto.txt |
5 | * | 5 | * |
6 | * NOTE: This code has to be perfect. We don't mess around with encryption. | 6 | * NOTE: This code has to be perfect. We don't mess around with encryption. |
7 | * | 7 | * |
8 | * Copyright (C) 2013 Tox project All Rights Reserved. | 8 | * Copyright (C) 2013 Tox project All Rights Reserved. |
9 | * | 9 | * |
10 | * This file is part of Tox. | 10 | * This file is part of Tox. |
@@ -21,7 +21,7 @@ | |||
21 | * | 21 | * |
22 | * You should have received a copy of the GNU General Public License | 22 | * You should have received a copy of the GNU General Public License |
23 | * along with Tox. If not, see <http://www.gnu.org/licenses/>. | 23 | * along with Tox. If not, see <http://www.gnu.org/licenses/>. |
24 | * | 24 | * |
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "net_crypto.h" | 27 | #include "net_crypto.h" |
@@ -37,11 +37,11 @@ typedef struct { | |||
37 | uint8_t sessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* our public key for this session. */ | 37 | uint8_t sessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* our public key for this session. */ |
38 | uint8_t sessionsecret_key[crypto_box_SECRETKEYBYTES]; /* our private key for this session. */ | 38 | uint8_t sessionsecret_key[crypto_box_SECRETKEYBYTES]; /* our private key for this session. */ |
39 | uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ | 39 | uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ |
40 | uint8_t status; /* 0 if no connection, 1 we have sent a handshake, 2 if connexion is not confirmed yet | 40 | uint8_t status; /* 0 if no connection, 1 we have sent a handshake, 2 if connexion is not confirmed yet |
41 | (we have received a handshake but no empty data packet), 3 if the connection is established. | 41 | (we have received a handshake but no empty data packet), 3 if the connection is established. |
42 | 4 if the connection is timed out. */ | 42 | 4 if the connection is timed out. */ |
43 | uint16_t number; /* Lossless_UDP connection number corresponding to this connection. */ | 43 | uint16_t number; /* Lossless_UDP connection number corresponding to this connection. */ |
44 | 44 | ||
45 | } Crypto_Connection; | 45 | } Crypto_Connection; |
46 | 46 | ||
47 | #define MAX_CRYPTO_CONNECTIONS 256 | 47 | #define MAX_CRYPTO_CONNECTIONS 256 |
@@ -53,24 +53,24 @@ static Crypto_Connection crypto_connections[MAX_CRYPTO_CONNECTIONS]; | |||
53 | /* keeps track of the connection numbers for friends request so we can check later if they were sent */ | 53 | /* keeps track of the connection numbers for friends request so we can check later if they were sent */ |
54 | static int incoming_connections[MAX_INCOMING]; | 54 | static int incoming_connections[MAX_INCOMING]; |
55 | 55 | ||
56 | /* encrypts plain of length length to encrypted of length + 16 using the | 56 | /* encrypts plain of length length to encrypted of length + 16 using the |
57 | public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce | 57 | public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce |
58 | return -1 if there was a problem. | 58 | return -1 if there was a problem. |
59 | return length of encrypted data if everything was fine. */ | 59 | return length of encrypted data if everything was fine. */ |
60 | int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, | 60 | int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, |
61 | uint8_t *plain, uint32_t length, uint8_t *encrypted) | 61 | uint8_t *plain, uint32_t length, uint8_t *encrypted) |
62 | { | 62 | { |
63 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE || length == 0) | 63 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE || length == 0) |
64 | return -1; | 64 | return -1; |
65 | 65 | ||
66 | uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES] = {0}; | 66 | uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES] = {0}; |
67 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_ZEROBYTES]; | 67 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_ZEROBYTES]; |
68 | uint8_t zeroes[crypto_box_BOXZEROBYTES] = {0}; | 68 | uint8_t zeroes[crypto_box_BOXZEROBYTES] = {0}; |
69 | 69 | ||
70 | memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */ | 70 | memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */ |
71 | 71 | ||
72 | crypto_box(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, public_key, secret_key); | 72 | crypto_box(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, public_key, secret_key); |
73 | 73 | ||
74 | /* if encryption is successful the first crypto_box_BOXZEROBYTES of the message will be zero */ | 74 | /* if encryption is successful the first crypto_box_BOXZEROBYTES of the message will be zero */ |
75 | if (memcmp(temp_encrypted, zeroes, crypto_box_BOXZEROBYTES) != 0) | 75 | if (memcmp(temp_encrypted, zeroes, crypto_box_BOXZEROBYTES) != 0) |
76 | return -1; | 76 | return -1; |
@@ -84,8 +84,8 @@ int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, | |||
84 | public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce | 84 | public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce |
85 | return -1 if there was a problem(decryption failed) | 85 | return -1 if there was a problem(decryption failed) |
86 | return length of plain data if everything was fine. */ | 86 | return length of plain data if everything was fine. */ |
87 | int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, | 87 | int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, |
88 | uint8_t *encrypted, uint32_t length, uint8_t *plain) | 88 | uint8_t *encrypted, uint32_t length, uint8_t *plain) |
89 | { | 89 | { |
90 | if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES) | 90 | if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES) |
91 | return -1; | 91 | return -1; |
@@ -93,11 +93,11 @@ int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, | |||
93 | uint8_t temp_plain[MAX_DATA_SIZE - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES]; | 93 | uint8_t temp_plain[MAX_DATA_SIZE - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES]; |
94 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0}; | 94 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0}; |
95 | uint8_t zeroes[crypto_box_ZEROBYTES] = {0}; | 95 | uint8_t zeroes[crypto_box_ZEROBYTES] = {0}; |
96 | 96 | ||
97 | memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */ | 97 | memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */ |
98 | 98 | ||
99 | if (crypto_box_open(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES, | 99 | if (crypto_box_open(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES, |
100 | nonce, public_key, secret_key) == -1) | 100 | nonce, public_key, secret_key) == -1) |
101 | return -1; | 101 | return -1; |
102 | 102 | ||
103 | /* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero */ | 103 | /* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero */ |
@@ -130,13 +130,13 @@ void random_nonce(uint8_t *nonce) | |||
130 | } | 130 | } |
131 | } | 131 | } |
132 | 132 | ||
133 | /* return 0 if there is no received data in the buffer | 133 | /* return 0 if there is no received data in the buffer |
134 | return -1 if the packet was discarded. | 134 | return -1 if the packet was discarded. |
135 | return length of received data if successful */ | 135 | return length of received data if successful */ |
136 | int read_cryptpacket(int crypt_connection_id, uint8_t *data) | 136 | int read_cryptpacket(int crypt_connection_id, uint8_t *data) |
137 | { | 137 | { |
138 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 138 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) |
139 | return 0; | 139 | return 0; |
140 | if (crypto_connections[crypt_connection_id].status != 3) | 140 | if (crypto_connections[crypt_connection_id].status != 3) |
141 | return 0; | 141 | return 0; |
142 | uint8_t temp_data[MAX_DATA_SIZE]; | 142 | uint8_t temp_data[MAX_DATA_SIZE]; |
@@ -145,7 +145,7 @@ int read_cryptpacket(int crypt_connection_id, uint8_t *data) | |||
145 | return 0; | 145 | return 0; |
146 | if (temp_data[0] != 3) | 146 | if (temp_data[0] != 3) |
147 | return -1; | 147 | return -1; |
148 | int len = decrypt_data(crypto_connections[crypt_connection_id].peersessionpublic_key, | 148 | int len = decrypt_data(crypto_connections[crypt_connection_id].peersessionpublic_key, |
149 | crypto_connections[crypt_connection_id].sessionsecret_key, | 149 | crypto_connections[crypt_connection_id].sessionsecret_key, |
150 | crypto_connections[crypt_connection_id].recv_nonce, temp_data + 1, length - 1, data); | 150 | crypto_connections[crypt_connection_id].recv_nonce, temp_data + 1, length - 1, data); |
151 | if (len != -1) { | 151 | if (len != -1) { |
@@ -160,13 +160,13 @@ int read_cryptpacket(int crypt_connection_id, uint8_t *data) | |||
160 | int write_cryptpacket(int crypt_connection_id, uint8_t *data, uint32_t length) | 160 | int write_cryptpacket(int crypt_connection_id, uint8_t *data, uint32_t length) |
161 | { | 161 | { |
162 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 162 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) |
163 | return 0; | 163 | return 0; |
164 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1) | 164 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1) |
165 | return 0; | 165 | return 0; |
166 | if (crypto_connections[crypt_connection_id].status != 3) | 166 | if (crypto_connections[crypt_connection_id].status != 3) |
167 | return 0; | 167 | return 0; |
168 | uint8_t temp_data[MAX_DATA_SIZE]; | 168 | uint8_t temp_data[MAX_DATA_SIZE]; |
169 | int len = encrypt_data(crypto_connections[crypt_connection_id].peersessionpublic_key, | 169 | int len = encrypt_data(crypto_connections[crypt_connection_id].peersessionpublic_key, |
170 | crypto_connections[crypt_connection_id].sessionsecret_key, | 170 | crypto_connections[crypt_connection_id].sessionsecret_key, |
171 | crypto_connections[crypt_connection_id].sent_nonce, data, length, temp_data + 1); | 171 | crypto_connections[crypt_connection_id].sent_nonce, data, length, temp_data + 1); |
172 | if (len == -1) | 172 | if (len == -1) |
@@ -190,7 +190,7 @@ int create_request(uint8_t *packet, uint8_t *public_key, uint8_t *data, uint32_t | |||
190 | return -1; | 190 | return -1; |
191 | uint8_t nonce[crypto_box_NONCEBYTES]; | 191 | uint8_t nonce[crypto_box_NONCEBYTES]; |
192 | random_nonce(nonce); | 192 | random_nonce(nonce); |
193 | int len = encrypt_data(public_key, self_secret_key, nonce, data, length, | 193 | int len = encrypt_data(public_key, self_secret_key, nonce, data, length, |
194 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); | 194 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); |
195 | if (len == -1) | 195 | if (len == -1) |
196 | return -1; | 196 | return -1; |
@@ -198,11 +198,11 @@ int create_request(uint8_t *packet, uint8_t *public_key, uint8_t *data, uint32_t | |||
198 | memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); | 198 | memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); |
199 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, self_public_key, crypto_box_PUBLICKEYBYTES); | 199 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, self_public_key, crypto_box_PUBLICKEYBYTES); |
200 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES * 2, nonce, crypto_box_NONCEBYTES); | 200 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES * 2, nonce, crypto_box_NONCEBYTES); |
201 | 201 | ||
202 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; | 202 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; |
203 | } | 203 | } |
204 | 204 | ||
205 | /* puts the senders public key in the request in public_key, the data from the request | 205 | /* puts the senders public key in the request in public_key, the data from the request |
206 | in data if a friend or ping request was sent to us and returns the length of the data. | 206 | in data if a friend or ping request was sent to us and returns the length of the data. |
207 | packet is the request packet and length is its length | 207 | packet is the request packet and length is its length |
208 | return -1 if not valid request. */ | 208 | return -1 if not valid request. */ |
@@ -210,19 +210,17 @@ int handle_request(uint8_t *public_key, uint8_t *data, uint8_t *packet, uint16_t | |||
210 | { | 210 | { |
211 | 211 | ||
212 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && | 212 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && |
213 | length <= MAX_DATA_SIZE + ENCRYPTION_PADDING && | 213 | length <= MAX_DATA_SIZE + ENCRYPTION_PADDING && |
214 | memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) | 214 | memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { |
215 | { | ||
216 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); | 215 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); |
217 | uint8_t nonce[crypto_box_NONCEBYTES]; | 216 | uint8_t nonce[crypto_box_NONCEBYTES]; |
218 | memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES); | 217 | memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES); |
219 | int len1 = decrypt_data(public_key, self_secret_key, nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, | 218 | int len1 = decrypt_data(public_key, self_secret_key, nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, |
220 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), data); | 219 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), data); |
221 | if(len1 == -1) | 220 | if(len1 == -1) |
222 | return -1; | 221 | return -1; |
223 | return len1; | 222 | return len1; |
224 | } | 223 | } else |
225 | else | ||
226 | return -1; | 224 | return -1; |
227 | } | 225 | } |
228 | 226 | ||
@@ -234,13 +232,13 @@ int send_cryptohandshake(int connection_id, uint8_t *public_key, uint8_t *secret | |||
234 | uint8_t temp_data[MAX_DATA_SIZE]; | 232 | uint8_t temp_data[MAX_DATA_SIZE]; |
235 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; | 233 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; |
236 | uint8_t nonce[crypto_box_NONCEBYTES]; | 234 | uint8_t nonce[crypto_box_NONCEBYTES]; |
237 | 235 | ||
238 | random_nonce(nonce); | 236 | random_nonce(nonce); |
239 | memcpy(temp, secret_nonce, crypto_box_NONCEBYTES); | 237 | memcpy(temp, secret_nonce, crypto_box_NONCEBYTES); |
240 | memcpy(temp + crypto_box_NONCEBYTES, session_key, crypto_box_PUBLICKEYBYTES); | 238 | memcpy(temp + crypto_box_NONCEBYTES, session_key, crypto_box_PUBLICKEYBYTES); |
241 | 239 | ||
242 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, | 240 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
243 | 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + temp_data); | 241 | 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + temp_data); |
244 | if (len == -1) | 242 | if (len == -1) |
245 | return 0; | 243 | return 0; |
246 | temp_data[0] = 2; | 244 | temp_data[0] = 2; |
@@ -252,28 +250,27 @@ int send_cryptohandshake(int connection_id, uint8_t *public_key, uint8_t *secret | |||
252 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length | 250 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length |
253 | return 1 if successful | 251 | return 1 if successful |
254 | return 0 if failure */ | 252 | return 0 if failure */ |
255 | int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, | 253 | int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, |
256 | uint8_t *session_key, uint8_t *data, uint16_t length) | 254 | uint8_t *session_key, uint8_t *data, uint16_t length) |
257 | { | 255 | { |
258 | int pad = (- crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES); | 256 | int pad = (- crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES); |
259 | if (length != 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES | 257 | if (length != 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES |
260 | + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad) | 258 | + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad) { |
261 | { | ||
262 | return 0; | 259 | return 0; |
263 | } | 260 | } |
264 | if (data[0] != 2) | 261 | if (data[0] != 2) |
265 | return 0; | 262 | return 0; |
266 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; | 263 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; |
267 | 264 | ||
268 | memcpy(public_key, data + 1, crypto_box_PUBLICKEYBYTES); | 265 | memcpy(public_key, data + 1, crypto_box_PUBLICKEYBYTES); |
269 | 266 | ||
270 | int len = decrypt_data(public_key, self_secret_key, data + 1 + crypto_box_PUBLICKEYBYTES, | 267 | int len = decrypt_data(public_key, self_secret_key, data + 1 + crypto_box_PUBLICKEYBYTES, |
271 | data + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, | 268 | data + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, |
272 | crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad, temp); | 269 | crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad, temp); |
273 | 270 | ||
274 | if (len != crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES) | 271 | if (len != crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES) |
275 | return 0; | 272 | return 0; |
276 | 273 | ||
277 | memcpy(secret_nonce, temp, crypto_box_NONCEBYTES); | 274 | memcpy(secret_nonce, temp, crypto_box_NONCEBYTES); |
278 | memcpy(session_key, temp + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES); | 275 | memcpy(session_key, temp + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES); |
279 | return 1; | 276 | return 1; |
@@ -316,9 +313,8 @@ int crypto_connect(uint8_t *public_key, IP_Port ip_port) | |||
316 | memcpy(crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); | 313 | memcpy(crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); |
317 | crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key); | 314 | crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key); |
318 | 315 | ||
319 | if (send_cryptohandshake(id, public_key, crypto_connections[i].recv_nonce, | 316 | if (send_cryptohandshake(id, public_key, crypto_connections[i].recv_nonce, |
320 | crypto_connections[i].sessionpublic_key) == 1) | 317 | crypto_connections[i].sessionpublic_key) == 1) { |
321 | { | ||
322 | increment_nonce(crypto_connections[i].recv_nonce); | 318 | increment_nonce(crypto_connections[i].recv_nonce); |
323 | return i; | 319 | return i; |
324 | } | 320 | } |
@@ -363,9 +359,9 @@ int crypto_inbound(uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_ | |||
363 | return 0 if killed successfully | 359 | return 0 if killed successfully |
364 | return 1 if there was a problem. */ | 360 | return 1 if there was a problem. */ |
365 | int crypto_kill(int crypt_connection_id) | 361 | int crypto_kill(int crypt_connection_id) |
366 | { | 362 | { |
367 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 363 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) |
368 | return 1; | 364 | return 1; |
369 | if (crypto_connections[crypt_connection_id].status != 0) { | 365 | if (crypto_connections[crypt_connection_id].status != 0) { |
370 | crypto_connections[crypt_connection_id].status = 0; | 366 | crypto_connections[crypt_connection_id].status = 0; |
371 | kill_connection(crypto_connections[crypt_connection_id].number); | 367 | kill_connection(crypto_connections[crypt_connection_id].number); |
@@ -400,9 +396,8 @@ int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secre | |||
400 | 396 | ||
401 | crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key); | 397 | crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key); |
402 | 398 | ||
403 | if (send_cryptohandshake(connection_id, public_key, crypto_connections[i].recv_nonce, | 399 | if (send_cryptohandshake(connection_id, public_key, crypto_connections[i].recv_nonce, |
404 | crypto_connections[i].sessionpublic_key) == 1) | 400 | crypto_connections[i].sessionpublic_key) == 1) { |
405 | { | ||
406 | increment_nonce(crypto_connections[i].recv_nonce); | 401 | increment_nonce(crypto_connections[i].recv_nonce); |
407 | uint32_t zero = 0; | 402 | uint32_t zero = 0; |
408 | crypto_connections[i].status = 3; /* connection status needs to be 3 for write_cryptpacket() to work */ | 403 | crypto_connections[i].status = 3; /* connection status needs to be 3 for write_cryptpacket() to work */ |
@@ -413,10 +408,10 @@ int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secre | |||
413 | return -1; /* this should never happen. */ | 408 | return -1; /* this should never happen. */ |
414 | } | 409 | } |
415 | } | 410 | } |
416 | return -1; | 411 | return -1; |
417 | } | 412 | } |
418 | 413 | ||
419 | /* return 0 if no connection, 1 we have sent a handshake, 2 if connection is not confirmed yet | 414 | /* return 0 if no connection, 1 we have sent a handshake, 2 if connection is not confirmed yet |
420 | (we have received a handshake but no empty data packet), 3 if the connection is established. | 415 | (we have received a handshake but no empty data packet), 3 if the connection is established. |
421 | 4 if the connection is timed out and waiting to be killed */ | 416 | 4 if the connection is timed out and waiting to be killed */ |
422 | int is_cryptoconnected(int crypt_connection_id) | 417 | int is_cryptoconnected(int crypt_connection_id) |
@@ -471,9 +466,9 @@ static void handle_incomings() | |||
471 | { | 466 | { |
472 | int income; | 467 | int income; |
473 | while (1) { | 468 | while (1) { |
474 | income = incoming_connection(); | 469 | income = incoming_connection(); |
475 | if(income == -1 || new_incoming(income) ) | 470 | if(income == -1 || new_incoming(income) ) |
476 | break; | 471 | break; |
477 | } | 472 | } |
478 | } | 473 | } |
479 | 474 | ||
@@ -488,8 +483,8 @@ static void receive_crypto() | |||
488 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 483 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
489 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; | 484 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; |
490 | uint16_t len; | 485 | uint16_t len; |
491 | if (id_packet(crypto_connections[i].number) == 1) | 486 | if (id_packet(crypto_connections[i].number) == 1) |
492 | /* if the packet is a friend request drop it (because we are already friends) */ | 487 | /* if the packet is a friend request drop it (because we are already friends) */ |
493 | len = read_packet(crypto_connections[i].number, temp_data); | 488 | len = read_packet(crypto_connections[i].number, temp_data); |
494 | if (id_packet(crypto_connections[i].number) == 2) { /* handle handshake packet. */ | 489 | if (id_packet(crypto_connections[i].number) == 2) { /* handle handshake packet. */ |
495 | len = read_packet(crypto_connections[i].number, temp_data); | 490 | len = read_packet(crypto_connections[i].number, temp_data); |
@@ -504,31 +499,28 @@ static void receive_crypto() | |||
504 | crypto_connections[i].status = 2; /* set it to its proper value right after. */ | 499 | crypto_connections[i].status = 2; /* set it to its proper value right after. */ |
505 | } | 500 | } |
506 | } | 501 | } |
507 | } | 502 | } else if (id_packet(crypto_connections[i].number) != -1) // This should not happen kill the connection if it does |
508 | else if (id_packet(crypto_connections[i].number) != -1) // This should not happen kill the connection if it does | ||
509 | crypto_kill(crypto_connections[i].number); | 503 | crypto_kill(crypto_connections[i].number); |
510 | 504 | ||
511 | } | 505 | } |
512 | if (crypto_connections[i].status == 2) { | 506 | if (crypto_connections[i].status == 2) { |
513 | if (id_packet(crypto_connections[i].number) == 3) { | 507 | if (id_packet(crypto_connections[i].number) == 3) { |
514 | uint8_t temp_data[MAX_DATA_SIZE]; | 508 | uint8_t temp_data[MAX_DATA_SIZE]; |
515 | uint8_t data[MAX_DATA_SIZE]; | 509 | uint8_t data[MAX_DATA_SIZE]; |
516 | int length = read_packet(crypto_connections[i].number, temp_data); | 510 | int length = read_packet(crypto_connections[i].number, temp_data); |
517 | int len = decrypt_data(crypto_connections[i].peersessionpublic_key, | 511 | int len = decrypt_data(crypto_connections[i].peersessionpublic_key, |
518 | crypto_connections[i].sessionsecret_key, | 512 | crypto_connections[i].sessionsecret_key, |
519 | crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data); | 513 | crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data); |
520 | uint32_t zero = 0; | 514 | uint32_t zero = 0; |
521 | if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) { | 515 | if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) { |
522 | increment_nonce(crypto_connections[i].recv_nonce); | 516 | increment_nonce(crypto_connections[i].recv_nonce); |
523 | crypto_connections[i].status = 3; | 517 | crypto_connections[i].status = 3; |
524 | 518 | ||
525 | /* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */ | 519 | /* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */ |
526 | kill_connection_in(crypto_connections[i].number, 3000000); | 520 | kill_connection_in(crypto_connections[i].number, 3000000); |
527 | } | 521 | } else |
528 | else | ||
529 | crypto_kill(crypto_connections[i].number); // This should not happen kill the connection if it does | 522 | crypto_kill(crypto_connections[i].number); // This should not happen kill the connection if it does |
530 | } | 523 | } else if(id_packet(crypto_connections[i].number) != -1) |
531 | else if(id_packet(crypto_connections[i].number) != -1) | ||
532 | /* This should not happen | 524 | /* This should not happen |
533 | kill the connection if it does */ | 525 | kill the connection if it does */ |
534 | crypto_kill(crypto_connections[i].number); | 526 | crypto_kill(crypto_connections[i].number); |