diff options
author | irungentoo <irungentoo@gmail.com> | 2013-08-16 13:11:09 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2013-08-16 13:11:09 -0400 |
commit | 88ff81d9def5efe69cbaf91aa41906177ba7dde9 (patch) | |
tree | cb9f149e438bcd1f18d8c1eb5d8be6b0a22f58a4 /core/net_crypto.c | |
parent | c5af8f44a9d040a0bbe0442ec074d9fc8562dd32 (diff) |
Passed everything through astyle.
Diffstat (limited to 'core/net_crypto.c')
-rw-r--r-- | core/net_crypto.c | 131 |
1 files changed, 99 insertions, 32 deletions
diff --git a/core/net_crypto.c b/core/net_crypto.c index a05208ef..4b7fa043 100644 --- a/core/net_crypto.c +++ b/core/net_crypto.c | |||
@@ -65,14 +65,16 @@ uint8_t crypto_iszero(uint8_t *mem, uint32_t length) | |||
65 | { | 65 | { |
66 | uint8_t check = 0; | 66 | uint8_t check = 0; |
67 | uint32_t i; | 67 | uint32_t i; |
68 | |||
68 | for (i = 0; i < length; ++i) { | 69 | for (i = 0; i < length; ++i) { |
69 | check |= mem[i]; | 70 | check |= mem[i]; |
70 | } | 71 | } |
72 | |||
71 | return check; // We return zero if mem is made out of zeroes. | 73 | return check; // We return zero if mem is made out of zeroes. |
72 | } | 74 | } |
73 | 75 | ||
74 | /* Precomputes the shared key from their public_key and our secret_key. | 76 | /* Precomputes the shared key from their public_key and our secret_key. |
75 | This way we can avoid an expensive elliptic curve scalar multiply for each | 77 | This way we can avoid an expensive elliptic curve scalar multiply for each |
76 | encrypt/decrypt operation. | 78 | encrypt/decrypt operation. |
77 | enc_key has to be crypto_box_BEFORENMBYTES bytes long. */ | 79 | enc_key has to be crypto_box_BEFORENMBYTES bytes long. */ |
78 | void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key) | 80 | void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key) |
@@ -81,7 +83,7 @@ void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_k | |||
81 | } | 83 | } |
82 | 84 | ||
83 | /* Fast encrypt. Depends on enc_key from encrypt_precompute. */ | 85 | /* Fast encrypt. Depends on enc_key from encrypt_precompute. */ |
84 | int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, | 86 | int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, |
85 | uint8_t *plain, uint32_t length, uint8_t *encrypted) | 87 | uint8_t *plain, uint32_t length, uint8_t *encrypted) |
86 | { | 88 | { |
87 | if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0) | 89 | if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0) |
@@ -94,7 +96,7 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, | |||
94 | 96 | ||
95 | crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, enc_key); | 97 | crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, enc_key); |
96 | 98 | ||
97 | if(crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0) | 99 | if (crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0) |
98 | return -1; | 100 | return -1; |
99 | 101 | ||
100 | /* unpad the encrypted message */ | 102 | /* unpad the encrypted message */ |
@@ -118,9 +120,9 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, | |||
118 | nonce, enc_key) == -1) | 120 | nonce, enc_key) == -1) |
119 | return -1; | 121 | return -1; |
120 | 122 | ||
121 | /* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero | 123 | /* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero |
122 | apparently memcmp should not be used so we do this instead:*/ | 124 | apparently memcmp should not be used so we do this instead:*/ |
123 | if(crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0) | 125 | if (crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0) |
124 | return -1; | 126 | return -1; |
125 | 127 | ||
126 | /* unpad the plain message */ | 128 | /* unpad the plain message */ |
@@ -148,9 +150,11 @@ int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, | |||
148 | static void increment_nonce(uint8_t *nonce) | 150 | static void increment_nonce(uint8_t *nonce) |
149 | { | 151 | { |
150 | uint32_t i; | 152 | uint32_t i; |
153 | |||
151 | for (i = 0; i < crypto_box_NONCEBYTES; ++i) { | 154 | for (i = 0; i < crypto_box_NONCEBYTES; ++i) { |
152 | ++nonce[i]; | 155 | ++nonce[i]; |
153 | if(nonce[i] != 0) | 156 | |
157 | if (nonce[i] != 0) | ||
154 | break; | 158 | break; |
155 | } | 159 | } |
156 | } | 160 | } |
@@ -159,6 +163,7 @@ static void increment_nonce(uint8_t *nonce) | |||
159 | void random_nonce(uint8_t *nonce) | 163 | void random_nonce(uint8_t *nonce) |
160 | { | 164 | { |
161 | uint32_t i, temp; | 165 | uint32_t i, temp; |
166 | |||
162 | for (i = 0; i < crypto_box_NONCEBYTES / 4; ++i) { | 167 | for (i = 0; i < crypto_box_NONCEBYTES / 4; ++i) { |
163 | temp = random_int(); | 168 | temp = random_int(); |
164 | memcpy(nonce + 4 * i, &temp, 4); | 169 | memcpy(nonce + 4 * i, &temp, 4); |
@@ -172,21 +177,28 @@ int read_cryptpacket(int crypt_connection_id, uint8_t *data) | |||
172 | { | 177 | { |
173 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 178 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) |
174 | return 0; | 179 | return 0; |
180 | |||
175 | if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) | 181 | if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) |
176 | return 0; | 182 | return 0; |
183 | |||
177 | uint8_t temp_data[MAX_DATA_SIZE]; | 184 | uint8_t temp_data[MAX_DATA_SIZE]; |
178 | int length = read_packet(crypto_connections[crypt_connection_id].number, temp_data); | 185 | int length = read_packet(crypto_connections[crypt_connection_id].number, temp_data); |
186 | |||
179 | if (length == 0) | 187 | if (length == 0) |
180 | return 0; | 188 | return 0; |
189 | |||
181 | if (temp_data[0] != 3) | 190 | if (temp_data[0] != 3) |
182 | return -1; | 191 | return -1; |
192 | |||
183 | int len = decrypt_data_fast(crypto_connections[crypt_connection_id].shared_key, | 193 | int len = decrypt_data_fast(crypto_connections[crypt_connection_id].shared_key, |
184 | crypto_connections[crypt_connection_id].recv_nonce, | 194 | crypto_connections[crypt_connection_id].recv_nonce, |
185 | temp_data + 1, length - 1, data); | 195 | temp_data + 1, length - 1, data); |
196 | |||
186 | if (len != -1) { | 197 | if (len != -1) { |
187 | increment_nonce(crypto_connections[crypt_connection_id].recv_nonce); | 198 | increment_nonce(crypto_connections[crypt_connection_id].recv_nonce); |
188 | return len; | 199 | return len; |
189 | } | 200 | } |
201 | |||
190 | return -1; | 202 | return -1; |
191 | } | 203 | } |
192 | 204 | ||
@@ -196,19 +208,26 @@ int write_cryptpacket(int crypt_connection_id, uint8_t *data, uint32_t length) | |||
196 | { | 208 | { |
197 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 209 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) |
198 | return 0; | 210 | return 0; |
211 | |||
199 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1) | 212 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1) |
200 | return 0; | 213 | return 0; |
214 | |||
201 | if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) | 215 | if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) |
202 | return 0; | 216 | return 0; |
217 | |||
203 | uint8_t temp_data[MAX_DATA_SIZE]; | 218 | uint8_t temp_data[MAX_DATA_SIZE]; |
204 | int len = encrypt_data_fast(crypto_connections[crypt_connection_id].shared_key, | 219 | int len = encrypt_data_fast(crypto_connections[crypt_connection_id].shared_key, |
205 | crypto_connections[crypt_connection_id].sent_nonce, | 220 | crypto_connections[crypt_connection_id].sent_nonce, |
206 | data, length, temp_data + 1); | 221 | data, length, temp_data + 1); |
222 | |||
207 | if (len == -1) | 223 | if (len == -1) |
208 | return 0; | 224 | return 0; |
225 | |||
209 | temp_data[0] = 3; | 226 | temp_data[0] = 3; |
227 | |||
210 | if (write_packet(crypto_connections[crypt_connection_id].number, temp_data, len + 1) == 0) | 228 | if (write_packet(crypto_connections[crypt_connection_id].number, temp_data, len + 1) == 0) |
211 | return 0; | 229 | return 0; |
230 | |||
212 | increment_nonce(crypto_connections[crypt_connection_id].sent_nonce); | 231 | increment_nonce(crypto_connections[crypt_connection_id].sent_nonce); |
213 | return 1; | 232 | return 1; |
214 | } | 233 | } |
@@ -223,6 +242,7 @@ int create_request(uint8_t *packet, uint8_t *public_key, uint8_t *data, uint32_t | |||
223 | { | 242 | { |
224 | if (MAX_DATA_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING) | 243 | if (MAX_DATA_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING) |
225 | return -1; | 244 | return -1; |
245 | |||
226 | uint8_t nonce[crypto_box_NONCEBYTES]; | 246 | uint8_t nonce[crypto_box_NONCEBYTES]; |
227 | uint8_t temp[MAX_DATA_SIZE]; | 247 | uint8_t temp[MAX_DATA_SIZE]; |
228 | memcpy(temp + 1, data, length); | 248 | memcpy(temp + 1, data, length); |
@@ -230,8 +250,10 @@ int create_request(uint8_t *packet, uint8_t *public_key, uint8_t *data, uint32_t | |||
230 | random_nonce(nonce); | 250 | random_nonce(nonce); |
231 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, length + 1, | 251 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, length + 1, |
232 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); | 252 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); |
253 | |||
233 | if (len == -1) | 254 | if (len == -1) |
234 | return -1; | 255 | return -1; |
256 | |||
235 | packet[0] = 32; | 257 | packet[0] = 32; |
236 | memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); | 258 | memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); |
237 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, self_public_key, crypto_box_PUBLICKEYBYTES); | 259 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, self_public_key, crypto_box_PUBLICKEYBYTES); |
@@ -248,16 +270,19 @@ static int handle_request(uint8_t *public_key, uint8_t *data, uint8_t *request_i | |||
248 | { | 270 | { |
249 | 271 | ||
250 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && | 272 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && |
251 | length <= MAX_DATA_SIZE + ENCRYPTION_PADDING && | 273 | length <= MAX_DATA_SIZE + ENCRYPTION_PADDING && |
252 | memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 274 | memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { |
253 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); | 275 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); |
254 | uint8_t nonce[crypto_box_NONCEBYTES]; | 276 | uint8_t nonce[crypto_box_NONCEBYTES]; |
255 | uint8_t temp[MAX_DATA_SIZE]; | 277 | uint8_t temp[MAX_DATA_SIZE]; |
256 | memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES); | 278 | memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES); |
257 | int len1 = decrypt_data(public_key, self_secret_key, nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, | 279 | int len1 = decrypt_data(public_key, self_secret_key, nonce, |
280 | packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, | ||
258 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); | 281 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); |
259 | if(len1 == -1 || len1 == 0) | 282 | |
283 | if (len1 == -1 || len1 == 0) | ||
260 | return -1; | 284 | return -1; |
285 | |||
261 | request_id[0] = temp[0]; | 286 | request_id[0] = temp[0]; |
262 | --len1; | 287 | --len1; |
263 | memcpy(data, temp + 1, len1); | 288 | memcpy(data, temp + 1, len1); |
@@ -273,27 +298,32 @@ void cryptopacket_registerhandler(uint8_t byte, cryptopacket_handler_callback cb | |||
273 | cryptopackethandlers[byte] = cb; | 298 | cryptopackethandlers[byte] = cb; |
274 | } | 299 | } |
275 | 300 | ||
276 | static int cryptopacket_handle(IP_Port source, uint8_t * packet, uint32_t length) | 301 | static int cryptopacket_handle(IP_Port source, uint8_t *packet, uint32_t length) |
277 | { | 302 | { |
278 | if (packet[0] == 32) { | 303 | if (packet[0] == 32) { |
279 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING || | 304 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING || |
280 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) | 305 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) |
281 | return 1; | 306 | return 1; |
307 | |||
282 | if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) {// check if request is for us. | 308 | if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) {// check if request is for us. |
283 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 309 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
284 | uint8_t data[MAX_DATA_SIZE]; | 310 | uint8_t data[MAX_DATA_SIZE]; |
285 | uint8_t number; | 311 | uint8_t number; |
286 | int len = handle_request(public_key, data, &number, packet, length); | 312 | int len = handle_request(public_key, data, &number, packet, length); |
313 | |||
287 | if (len == -1 || len == 0) | 314 | if (len == -1 || len == 0) |
288 | return 1; | 315 | return 1; |
316 | |||
289 | if (!cryptopackethandlers[number]) return 1; | 317 | if (!cryptopackethandlers[number]) return 1; |
318 | |||
290 | cryptopackethandlers[number](source, public_key, data, len); | 319 | cryptopackethandlers[number](source, public_key, data, len); |
291 | 320 | ||
292 | } else { /* if request is not for us, try routing it. */ | 321 | } else { /* if request is not for us, try routing it. */ |
293 | if(route_packet(packet + 1, packet, length) == length) | 322 | if (route_packet(packet + 1, packet, length) == length) |
294 | return 0; | 323 | return 0; |
295 | } | 324 | } |
296 | } | 325 | } |
326 | |||
297 | return 1; | 327 | return 1; |
298 | } | 328 | } |
299 | 329 | ||
@@ -312,8 +342,10 @@ static int send_cryptohandshake(int connection_id, uint8_t *public_key, uint8_t | |||
312 | 342 | ||
313 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, | 343 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
314 | 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + temp_data); | 344 | 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + temp_data); |
345 | |||
315 | if (len == -1) | 346 | if (len == -1) |
316 | return 0; | 347 | return 0; |
348 | |||
317 | temp_data[0] = 2; | 349 | temp_data[0] = 2; |
318 | memcpy(temp_data + 1, self_public_key, crypto_box_PUBLICKEYBYTES); | 350 | memcpy(temp_data + 1, self_public_key, crypto_box_PUBLICKEYBYTES); |
319 | memcpy(temp_data + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); | 351 | memcpy(temp_data + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); |
@@ -324,15 +356,18 @@ static int send_cryptohandshake(int connection_id, uint8_t *public_key, uint8_t | |||
324 | return 1 if successful | 356 | return 1 if successful |
325 | return 0 if failure */ | 357 | return 0 if failure */ |
326 | static int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, | 358 | static int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, |
327 | uint8_t *session_key, uint8_t *data, uint16_t length) | 359 | uint8_t *session_key, uint8_t *data, uint16_t length) |
328 | { | 360 | { |
329 | int pad = (- crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES); | 361 | int pad = (- crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES); |
362 | |||
330 | if (length != 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES | 363 | if (length != 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES |
331 | + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad) { | 364 | + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad) { |
332 | return 0; | 365 | return 0; |
333 | } | 366 | } |
367 | |||
334 | if (data[0] != 2) | 368 | if (data[0] != 2) |
335 | return 0; | 369 | return 0; |
370 | |||
336 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; | 371 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; |
337 | 372 | ||
338 | memcpy(public_key, data + 1, crypto_box_PUBLICKEYBYTES); | 373 | memcpy(public_key, data + 1, crypto_box_PUBLICKEYBYTES); |
@@ -355,11 +390,13 @@ static int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, | |||
355 | static int getcryptconnection_id(uint8_t *public_key) | 390 | static int getcryptconnection_id(uint8_t *public_key) |
356 | { | 391 | { |
357 | uint32_t i; | 392 | uint32_t i; |
393 | |||
358 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 394 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { |
359 | if (crypto_connections[i].status != CONN_NO_CONNECTION) | 395 | if (crypto_connections[i].status != CONN_NO_CONNECTION) |
360 | if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) | 396 | if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) |
361 | return i; | 397 | return i; |
362 | } | 398 | } |
399 | |||
363 | return -1; | 400 | return -1; |
364 | } | 401 | } |
365 | 402 | ||
@@ -370,16 +407,21 @@ int crypto_connect(uint8_t *public_key, IP_Port ip_port) | |||
370 | { | 407 | { |
371 | uint32_t i; | 408 | uint32_t i; |
372 | int id = getcryptconnection_id(public_key); | 409 | int id = getcryptconnection_id(public_key); |
410 | |||
373 | if (id != -1) { | 411 | if (id != -1) { |
374 | IP_Port c_ip = connection_ip(crypto_connections[id].number); | 412 | IP_Port c_ip = connection_ip(crypto_connections[id].number); |
375 | if(c_ip.ip.i == ip_port.ip.i && c_ip.port == ip_port.port) | 413 | |
414 | if (c_ip.ip.i == ip_port.ip.i && c_ip.port == ip_port.port) | ||
376 | return -1; | 415 | return -1; |
377 | } | 416 | } |
417 | |||
378 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 418 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { |
379 | if (crypto_connections[i].status == CONN_NO_CONNECTION) { | 419 | if (crypto_connections[i].status == CONN_NO_CONNECTION) { |
380 | int id = new_connection(ip_port); | 420 | int id = new_connection(ip_port); |
421 | |||
381 | if (id == -1) | 422 | if (id == -1) |
382 | return -1; | 423 | return -1; |
424 | |||
383 | crypto_connections[i].number = id; | 425 | crypto_connections[i].number = id; |
384 | crypto_connections[i].status = CONN_HANDSHAKE_SENT; | 426 | crypto_connections[i].status = CONN_HANDSHAKE_SENT; |
385 | random_nonce(crypto_connections[i].recv_nonce); | 427 | random_nonce(crypto_connections[i].recv_nonce); |
@@ -391,9 +433,11 @@ int crypto_connect(uint8_t *public_key, IP_Port ip_port) | |||
391 | increment_nonce(crypto_connections[i].recv_nonce); | 433 | increment_nonce(crypto_connections[i].recv_nonce); |
392 | return i; | 434 | return i; |
393 | } | 435 | } |
436 | |||
394 | return -1; /* this should never happen. */ | 437 | return -1; /* this should never happen. */ |
395 | } | 438 | } |
396 | } | 439 | } |
440 | |||
397 | return -1; | 441 | return -1; |
398 | } | 442 | } |
399 | 443 | ||
@@ -407,6 +451,7 @@ int crypto_connect(uint8_t *public_key, IP_Port ip_port) | |||
407 | int crypto_inbound(uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 451 | int crypto_inbound(uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) |
408 | { | 452 | { |
409 | uint32_t i; | 453 | uint32_t i; |
454 | |||
410 | for (i = 0; i < MAX_INCOMING; ++i) { | 455 | for (i = 0; i < MAX_INCOMING; ++i) { |
411 | if (incoming_connections[i] != -1) { | 456 | if (incoming_connections[i] != -1) { |
412 | if (is_connected(incoming_connections[i]) == 4 || is_connected(incoming_connections[i]) == 0) { | 457 | if (is_connected(incoming_connections[i]) == 4 || is_connected(incoming_connections[i]) == 0) { |
@@ -414,9 +459,11 @@ int crypto_inbound(uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_ | |||
414 | incoming_connections[i] = -1; | 459 | incoming_connections[i] = -1; |
415 | continue; | 460 | continue; |
416 | } | 461 | } |
462 | |||
417 | if (id_packet(incoming_connections[i]) == 2) { | 463 | if (id_packet(incoming_connections[i]) == 2) { |
418 | uint8_t temp_data[MAX_DATA_SIZE]; | 464 | uint8_t temp_data[MAX_DATA_SIZE]; |
419 | uint16_t len = read_packet(incoming_connections[i], temp_data); | 465 | uint16_t len = read_packet(incoming_connections[i], temp_data); |
466 | |||
420 | if (handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len)) { | 467 | if (handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len)) { |
421 | int connection_id = incoming_connections[i]; | 468 | int connection_id = incoming_connections[i]; |
422 | incoming_connections[i] = -1; /* remove this connection from the incoming connection list. */ | 469 | incoming_connections[i] = -1; /* remove this connection from the incoming connection list. */ |
@@ -425,6 +472,7 @@ int crypto_inbound(uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_ | |||
425 | } | 472 | } |
426 | } | 473 | } |
427 | } | 474 | } |
475 | |||
428 | return -1; | 476 | return -1; |
429 | } | 477 | } |
430 | 478 | ||
@@ -435,13 +483,15 @@ int crypto_kill(int crypt_connection_id) | |||
435 | { | 483 | { |
436 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 484 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) |
437 | return 1; | 485 | return 1; |
486 | |||
438 | if (crypto_connections[crypt_connection_id].status != CONN_NO_CONNECTION) { | 487 | if (crypto_connections[crypt_connection_id].status != CONN_NO_CONNECTION) { |
439 | crypto_connections[crypt_connection_id].status = CONN_NO_CONNECTION; | 488 | crypto_connections[crypt_connection_id].status = CONN_NO_CONNECTION; |
440 | kill_connection(crypto_connections[crypt_connection_id].number); | 489 | kill_connection(crypto_connections[crypt_connection_id].number); |
441 | memset(&crypto_connections[crypt_connection_id], 0 ,sizeof(Crypto_Connection)); | 490 | memset(&crypto_connections[crypt_connection_id], 0 , sizeof(Crypto_Connection)); |
442 | crypto_connections[crypt_connection_id].number = ~0; | 491 | crypto_connections[crypt_connection_id].number = ~0; |
443 | return 0; | 492 | return 0; |
444 | } | 493 | } |
494 | |||
445 | return 1; | 495 | return 1; |
446 | } | 496 | } |
447 | 497 | ||
@@ -451,15 +501,17 @@ int crypto_kill(int crypt_connection_id) | |||
451 | int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 501 | int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) |
452 | { | 502 | { |
453 | uint32_t i; | 503 | uint32_t i; |
504 | |||
454 | if (connection_id == -1) | 505 | if (connection_id == -1) |
455 | return -1; | 506 | return -1; |
507 | |||
456 | /* | 508 | /* |
457 | if(getcryptconnection_id(public_key) != -1) | 509 | if(getcryptconnection_id(public_key) != -1) |
458 | { | 510 | { |
459 | return -1; | 511 | return -1; |
460 | }*/ | 512 | }*/ |
461 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 513 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { |
462 | if(crypto_connections[i].status == CONN_NO_CONNECTION) { | 514 | if (crypto_connections[i].status == CONN_NO_CONNECTION) { |
463 | crypto_connections[i].number = connection_id; | 515 | crypto_connections[i].number = connection_id; |
464 | crypto_connections[i].status = CONN_NOT_CONFIRMED; | 516 | crypto_connections[i].status = CONN_NOT_CONFIRMED; |
465 | random_nonce(crypto_connections[i].recv_nonce); | 517 | random_nonce(crypto_connections[i].recv_nonce); |
@@ -474,17 +526,19 @@ int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secre | |||
474 | crypto_connections[i].sessionpublic_key) == 1) { | 526 | crypto_connections[i].sessionpublic_key) == 1) { |
475 | increment_nonce(crypto_connections[i].recv_nonce); | 527 | increment_nonce(crypto_connections[i].recv_nonce); |
476 | uint32_t zero = 0; | 528 | uint32_t zero = 0; |
477 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, | 529 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, |
478 | crypto_connections[i].sessionsecret_key, | 530 | crypto_connections[i].sessionsecret_key, |
479 | crypto_connections[i].shared_key); | 531 | crypto_connections[i].shared_key); |
480 | crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 532 | crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ |
481 | write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); | 533 | write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); |
482 | crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ | 534 | crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ |
483 | return i; | 535 | return i; |
484 | } | 536 | } |
537 | |||
485 | return -1; /* this should never happen. */ | 538 | return -1; /* this should never happen. */ |
486 | } | 539 | } |
487 | } | 540 | } |
541 | |||
488 | return -1; | 542 | return -1; |
489 | } | 543 | } |
490 | 544 | ||
@@ -495,6 +549,7 @@ int is_cryptoconnected(int crypt_connection_id) | |||
495 | { | 549 | { |
496 | if (crypt_connection_id >= 0 && crypt_connection_id < MAX_CRYPTO_CONNECTIONS) | 550 | if (crypt_connection_id >= 0 && crypt_connection_id < MAX_CRYPTO_CONNECTIONS) |
497 | return crypto_connections[crypt_connection_id].status; | 551 | return crypto_connections[crypt_connection_id].status; |
552 | |||
498 | return CONN_NO_CONNECTION; | 553 | return CONN_NO_CONNECTION; |
499 | } | 554 | } |
500 | 555 | ||
@@ -502,7 +557,7 @@ int is_cryptoconnected(int crypt_connection_id) | |||
502 | Only call this function the first time the program starts. */ | 557 | Only call this function the first time the program starts. */ |
503 | void new_keys(void) | 558 | void new_keys(void) |
504 | { | 559 | { |
505 | crypto_box_keypair(self_public_key,self_secret_key); | 560 | crypto_box_keypair(self_public_key, self_secret_key); |
506 | } | 561 | } |
507 | 562 | ||
508 | /* save the public and private keys to the keys array | 563 | /* save the public and private keys to the keys array |
@@ -528,12 +583,14 @@ void load_keys(uint8_t *keys) | |||
528 | static int new_incoming(int id) | 583 | static int new_incoming(int id) |
529 | { | 584 | { |
530 | uint32_t i; | 585 | uint32_t i; |
586 | |||
531 | for (i = 0; i < MAX_INCOMING; ++i) { | 587 | for (i = 0; i < MAX_INCOMING; ++i) { |
532 | if (incoming_connections[i] == -1) { | 588 | if (incoming_connections[i] == -1) { |
533 | incoming_connections[i] = id; | 589 | incoming_connections[i] = id; |
534 | return 0; | 590 | return 0; |
535 | } | 591 | } |
536 | } | 592 | } |
593 | |||
537 | return 1; | 594 | return 1; |
538 | } | 595 | } |
539 | 596 | ||
@@ -542,9 +599,11 @@ static int new_incoming(int id) | |||
542 | static void handle_incomings(void) | 599 | static void handle_incomings(void) |
543 | { | 600 | { |
544 | int income; | 601 | int income; |
602 | |||
545 | while (1) { | 603 | while (1) { |
546 | income = incoming_connection(); | 604 | income = incoming_connection(); |
547 | if(income == -1 || new_incoming(income) ) | 605 | |
606 | if (income == -1 || new_incoming(income) ) | ||
548 | break; | 607 | break; |
549 | } | 608 | } |
550 | } | 609 | } |
@@ -553,6 +612,7 @@ static void handle_incomings(void) | |||
553 | static void receive_crypto(void) | 612 | static void receive_crypto(void) |
554 | { | 613 | { |
555 | uint32_t i; | 614 | uint32_t i; |
615 | |||
556 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 616 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { |
557 | if (crypto_connections[i].status == CONN_HANDSHAKE_SENT) { | 617 | if (crypto_connections[i].status == CONN_HANDSHAKE_SENT) { |
558 | uint8_t temp_data[MAX_DATA_SIZE]; | 618 | uint8_t temp_data[MAX_DATA_SIZE]; |
@@ -560,19 +620,22 @@ static void receive_crypto(void) | |||
560 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 620 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
561 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; | 621 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; |
562 | uint16_t len; | 622 | uint16_t len; |
623 | |||
563 | if (id_packet(crypto_connections[i].number) == 1) | 624 | if (id_packet(crypto_connections[i].number) == 1) |
564 | /* if the packet is a friend request drop it (because we are already friends) */ | 625 | /* if the packet is a friend request drop it (because we are already friends) */ |
565 | len = read_packet(crypto_connections[i].number, temp_data); | 626 | len = read_packet(crypto_connections[i].number, temp_data); |
627 | |||
566 | if (id_packet(crypto_connections[i].number) == 2) { /* handle handshake packet. */ | 628 | if (id_packet(crypto_connections[i].number) == 2) { /* handle handshake packet. */ |
567 | len = read_packet(crypto_connections[i].number, temp_data); | 629 | len = read_packet(crypto_connections[i].number, temp_data); |
630 | |||
568 | if (handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len)) { | 631 | if (handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len)) { |
569 | if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 632 | if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { |
570 | memcpy(crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); | 633 | memcpy(crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); |
571 | memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); | 634 | memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); |
572 | increment_nonce(crypto_connections[i].sent_nonce); | 635 | increment_nonce(crypto_connections[i].sent_nonce); |
573 | uint32_t zero = 0; | 636 | uint32_t zero = 0; |
574 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, | 637 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, |
575 | crypto_connections[i].sessionsecret_key, | 638 | crypto_connections[i].sessionsecret_key, |
576 | crypto_connections[i].shared_key); | 639 | crypto_connections[i].shared_key); |
577 | crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 640 | crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ |
578 | write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); | 641 | write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); |
@@ -583,6 +646,7 @@ static void receive_crypto(void) | |||
583 | crypto_kill(crypto_connections[i].number); | 646 | crypto_kill(crypto_connections[i].number); |
584 | 647 | ||
585 | } | 648 | } |
649 | |||
586 | if (crypto_connections[i].status == CONN_NOT_CONFIRMED) { | 650 | if (crypto_connections[i].status == CONN_NOT_CONFIRMED) { |
587 | if (id_packet(crypto_connections[i].number) == 3) { | 651 | if (id_packet(crypto_connections[i].number) == 3) { |
588 | uint8_t temp_data[MAX_DATA_SIZE]; | 652 | uint8_t temp_data[MAX_DATA_SIZE]; |
@@ -592,10 +656,11 @@ static void receive_crypto(void) | |||
592 | crypto_connections[i].sessionsecret_key, | 656 | crypto_connections[i].sessionsecret_key, |
593 | crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data); | 657 | crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data); |
594 | uint32_t zero = 0; | 658 | uint32_t zero = 0; |
659 | |||
595 | if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) { | 660 | if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) { |
596 | increment_nonce(crypto_connections[i].recv_nonce); | 661 | increment_nonce(crypto_connections[i].recv_nonce); |
597 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, | 662 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, |
598 | crypto_connections[i].sessionsecret_key, | 663 | crypto_connections[i].sessionsecret_key, |
599 | crypto_connections[i].shared_key); | 664 | crypto_connections[i].shared_key); |
600 | crypto_connections[i].status = CONN_ESTABLISHED; | 665 | crypto_connections[i].status = CONN_ESTABLISHED; |
601 | 666 | ||
@@ -603,7 +668,7 @@ static void receive_crypto(void) | |||
603 | kill_connection_in(crypto_connections[i].number, 3000000); | 668 | kill_connection_in(crypto_connections[i].number, 3000000); |
604 | } else | 669 | } else |
605 | crypto_kill(crypto_connections[i].number); // This should not happen kill the connection if it does | 670 | crypto_kill(crypto_connections[i].number); // This should not happen kill the connection if it does |
606 | } else if(id_packet(crypto_connections[i].number) != -1) | 671 | } else if (id_packet(crypto_connections[i].number) != -1) |
607 | /* This should not happen | 672 | /* This should not happen |
608 | kill the connection if it does */ | 673 | kill the connection if it does */ |
609 | crypto_kill(crypto_connections[i].number); | 674 | crypto_kill(crypto_connections[i].number); |
@@ -615,10 +680,11 @@ static void receive_crypto(void) | |||
615 | sets all the global connection variables to their default values. */ | 680 | sets all the global connection variables to their default values. */ |
616 | void initNetCrypto(void) | 681 | void initNetCrypto(void) |
617 | { | 682 | { |
618 | memset(crypto_connections, 0 ,sizeof(crypto_connections)); | 683 | memset(crypto_connections, 0 , sizeof(crypto_connections)); |
619 | memset(incoming_connections, -1 ,sizeof(incoming_connections)); | 684 | memset(incoming_connections, -1 , sizeof(incoming_connections)); |
620 | networking_registerhandler(32, &cryptopacket_handle); | 685 | networking_registerhandler(32, &cryptopacket_handle); |
621 | uint32_t i; | 686 | uint32_t i; |
687 | |||
622 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) | 688 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) |
623 | crypto_connections[i].number = ~0; | 689 | crypto_connections[i].number = ~0; |
624 | } | 690 | } |
@@ -626,6 +692,7 @@ void initNetCrypto(void) | |||
626 | static void killTimedout(void) | 692 | static void killTimedout(void) |
627 | { | 693 | { |
628 | uint32_t i; | 694 | uint32_t i; |
695 | |||
629 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 696 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { |
630 | if (crypto_connections[i].status != CONN_NO_CONNECTION && is_connected(crypto_connections[i].number) == 4) | 697 | if (crypto_connections[i].status != CONN_NO_CONNECTION && is_connected(crypto_connections[i].number) == 4) |
631 | crypto_connections[i].status = CONN_TIMED_OUT; | 698 | crypto_connections[i].status = CONN_TIMED_OUT; |