diff options
author | irungentoo <irungentoo@gmail.com> | 2013-08-19 23:54:28 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2013-08-19 23:54:28 -0400 |
commit | afa6edecc1739b635162e742cd5c95c2db8127bd (patch) | |
tree | 9421d638578ac8b752e5c5ec71957a2896da1be9 /core/net_crypto.c | |
parent | b16906d5e42cf65e198de0ccd21155df4a364c56 (diff) |
Some refactoring done.
Diffstat (limited to 'core/net_crypto.c')
-rw-r--r-- | core/net_crypto.c | 414 |
1 files changed, 205 insertions, 209 deletions
diff --git a/core/net_crypto.c b/core/net_crypto.c index 8fcb62e1..dcf36a12 100644 --- a/core/net_crypto.c +++ b/core/net_crypto.c | |||
@@ -26,42 +26,12 @@ | |||
26 | 26 | ||
27 | #include "net_crypto.h" | 27 | #include "net_crypto.h" |
28 | 28 | ||
29 | /* Our public and secret keys. */ | ||
30 | uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; | ||
31 | uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; | ||
32 | |||
33 | typedef struct { | ||
34 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* the real public key of the peer. */ | ||
35 | uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* nonce of received packets */ | ||
36 | uint8_t sent_nonce[crypto_box_NONCEBYTES]; /* nonce of sent packets. */ | ||
37 | uint8_t sessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* our public key for this session. */ | ||
38 | uint8_t sessionsecret_key[crypto_box_SECRETKEYBYTES]; /* our private key for this session. */ | ||
39 | uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ | ||
40 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; /* the precomputed shared key from encrypt_precompute */ | ||
41 | uint8_t status; /* 0 if no connection, 1 we have sent a handshake, 2 if connexion is not confirmed yet | ||
42 | (we have received a handshake but no empty data packet), 3 if the connection is established. | ||
43 | 4 if the connection is timed out. */ | ||
44 | uint16_t number; /* Lossless_UDP connection number corresponding to this connection. */ | ||
45 | |||
46 | } Crypto_Connection; | ||
47 | |||
48 | static Crypto_Connection *crypto_connections; | ||
49 | |||
50 | static uint32_t crypto_connections_length; /* Length of connections array */ | ||
51 | |||
52 | #define MAX_CRYPTO_CONNECTIONS crypto_connections_length | ||
53 | |||
54 | #define CONN_NO_CONNECTION 0 | 29 | #define CONN_NO_CONNECTION 0 |
55 | #define CONN_HANDSHAKE_SENT 1 | 30 | #define CONN_HANDSHAKE_SENT 1 |
56 | #define CONN_NOT_CONFIRMED 2 | 31 | #define CONN_NOT_CONFIRMED 2 |
57 | #define CONN_ESTABLISHED 3 | 32 | #define CONN_ESTABLISHED 3 |
58 | #define CONN_TIMED_OUT 4 | 33 | #define CONN_TIMED_OUT 4 |
59 | 34 | ||
60 | #define MAX_INCOMING 64 | ||
61 | |||
62 | /* keeps track of the connection numbers for friends request so we can check later if they were sent */ | ||
63 | static int incoming_connections[MAX_INCOMING]; | ||
64 | |||
65 | /* Use this instead of memcmp; not vulnerable to timing attacks. */ | 35 | /* Use this instead of memcmp; not vulnerable to timing attacks. */ |
66 | uint8_t crypto_iszero(uint8_t *mem, uint32_t length) | 36 | uint8_t crypto_iszero(uint8_t *mem, uint32_t length) |
67 | { | 37 | { |
@@ -175,16 +145,16 @@ void random_nonce(uint8_t *nonce) | |||
175 | /* return 0 if there is no received data in the buffer | 145 | /* return 0 if there is no received data in the buffer |
176 | return -1 if the packet was discarded. | 146 | return -1 if the packet was discarded. |
177 | return length of received data if successful */ | 147 | return length of received data if successful */ |
178 | int read_cryptpacket(int crypt_connection_id, uint8_t *data) | 148 | int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data) |
179 | { | 149 | { |
180 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 150 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) |
181 | return 0; | 151 | return 0; |
182 | 152 | ||
183 | if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) | 153 | if (c->crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) |
184 | return 0; | 154 | return 0; |
185 | 155 | ||
186 | uint8_t temp_data[MAX_DATA_SIZE]; | 156 | uint8_t temp_data[MAX_DATA_SIZE]; |
187 | int length = read_packet(crypto_connections[crypt_connection_id].number, temp_data); | 157 | int length = read_packet(c->lossless_udp, c->crypto_connections[crypt_connection_id].number, temp_data); |
188 | 158 | ||
189 | if (length == 0) | 159 | if (length == 0) |
190 | return 0; | 160 | return 0; |
@@ -192,12 +162,12 @@ int read_cryptpacket(int crypt_connection_id, uint8_t *data) | |||
192 | if (temp_data[0] != 3) | 162 | if (temp_data[0] != 3) |
193 | return -1; | 163 | return -1; |
194 | 164 | ||
195 | int len = decrypt_data_fast(crypto_connections[crypt_connection_id].shared_key, | 165 | int len = decrypt_data_fast(c->crypto_connections[crypt_connection_id].shared_key, |
196 | crypto_connections[crypt_connection_id].recv_nonce, | 166 | c->crypto_connections[crypt_connection_id].recv_nonce, |
197 | temp_data + 1, length - 1, data); | 167 | temp_data + 1, length - 1, data); |
198 | 168 | ||
199 | if (len != -1) { | 169 | if (len != -1) { |
200 | increment_nonce(crypto_connections[crypt_connection_id].recv_nonce); | 170 | increment_nonce(c->crypto_connections[crypt_connection_id].recv_nonce); |
201 | return len; | 171 | return len; |
202 | } | 172 | } |
203 | 173 | ||
@@ -206,20 +176,20 @@ int read_cryptpacket(int crypt_connection_id, uint8_t *data) | |||
206 | 176 | ||
207 | /* return 0 if data could not be put in packet queue | 177 | /* return 0 if data could not be put in packet queue |
208 | return 1 if data was put into the queue */ | 178 | return 1 if data was put into the queue */ |
209 | int write_cryptpacket(int crypt_connection_id, uint8_t *data, uint32_t length) | 179 | int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uint32_t length) |
210 | { | 180 | { |
211 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 181 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) |
212 | return 0; | 182 | return 0; |
213 | 183 | ||
214 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1) | 184 | if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1) |
215 | return 0; | 185 | return 0; |
216 | 186 | ||
217 | if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) | 187 | if (c->crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED) |
218 | return 0; | 188 | return 0; |
219 | 189 | ||
220 | uint8_t temp_data[MAX_DATA_SIZE]; | 190 | uint8_t temp_data[MAX_DATA_SIZE]; |
221 | int len = encrypt_data_fast(crypto_connections[crypt_connection_id].shared_key, | 191 | int len = encrypt_data_fast(c->crypto_connections[crypt_connection_id].shared_key, |
222 | crypto_connections[crypt_connection_id].sent_nonce, | 192 | c->crypto_connections[crypt_connection_id].sent_nonce, |
223 | data, length, temp_data + 1); | 193 | data, length, temp_data + 1); |
224 | 194 | ||
225 | if (len == -1) | 195 | if (len == -1) |
@@ -227,20 +197,22 @@ int write_cryptpacket(int crypt_connection_id, uint8_t *data, uint32_t length) | |||
227 | 197 | ||
228 | temp_data[0] = 3; | 198 | temp_data[0] = 3; |
229 | 199 | ||
230 | if (write_packet(crypto_connections[crypt_connection_id].number, temp_data, len + 1) == 0) | 200 | if (write_packet(c->lossless_udp, c->crypto_connections[crypt_connection_id].number, temp_data, len + 1) == 0) |
231 | return 0; | 201 | return 0; |
232 | 202 | ||
233 | increment_nonce(crypto_connections[crypt_connection_id].sent_nonce); | 203 | increment_nonce(c->crypto_connections[crypt_connection_id].sent_nonce); |
234 | return 1; | 204 | return 1; |
235 | } | 205 | } |
236 | 206 | ||
237 | /* create a request to peer with public_key. | 207 | /* create a request to peer. |
208 | send_public_key and send_secret_key are the pub/secret keys of the sender | ||
209 | recv_public_key is public key of reciever | ||
238 | packet must be an array of MAX_DATA_SIZE big. | 210 | packet must be an array of MAX_DATA_SIZE big. |
239 | Data represents the data we send with the request with length being the length of the data. | 211 | Data represents the data we send with the request with length being the length of the data. |
240 | request_id is the id of the request (32 = friend request, 254 = ping request) | 212 | request_id is the id of the request (32 = friend request, 254 = ping request) |
241 | returns -1 on failure | 213 | returns -1 on failure |
242 | returns the length of the created packet on success */ | 214 | returns the length of the created packet on success */ |
243 | int create_request(uint8_t *packet, uint8_t *public_key, uint8_t *data, uint32_t length, uint8_t request_id) | 215 | int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *packet, uint8_t *recv_public_key, uint8_t *data, uint32_t length, uint8_t request_id) |
244 | { | 216 | { |
245 | if (MAX_DATA_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING) | 217 | if (MAX_DATA_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING) |
246 | return -1; | 218 | return -1; |
@@ -250,15 +222,15 @@ int create_request(uint8_t *packet, uint8_t *public_key, uint8_t *data, uint32_t | |||
250 | memcpy(temp + 1, data, length); | 222 | memcpy(temp + 1, data, length); |
251 | temp[0] = request_id; | 223 | temp[0] = request_id; |
252 | random_nonce(nonce); | 224 | random_nonce(nonce); |
253 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, length + 1, | 225 | int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, |
254 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); | 226 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); |
255 | 227 | ||
256 | if (len == -1) | 228 | if (len == -1) |
257 | return -1; | 229 | return -1; |
258 | 230 | ||
259 | packet[0] = 32; | 231 | packet[0] = 32; |
260 | memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); | 232 | memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); |
261 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, self_public_key, crypto_box_PUBLICKEYBYTES); | 233 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); |
262 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES * 2, nonce, crypto_box_NONCEBYTES); | 234 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES * 2, nonce, crypto_box_NONCEBYTES); |
263 | 235 | ||
264 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; | 236 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; |
@@ -268,17 +240,17 @@ int create_request(uint8_t *packet, uint8_t *public_key, uint8_t *data, uint32_t | |||
268 | in data if a friend or ping request was sent to us and returns the length of the data. | 240 | in data if a friend or ping request was sent to us and returns the length of the data. |
269 | packet is the request packet and length is its length | 241 | packet is the request packet and length is its length |
270 | return -1 if not valid request. */ | 242 | return -1 if not valid request. */ |
271 | static int handle_request(uint8_t *public_key, uint8_t *data, uint8_t *request_id, uint8_t *packet, uint16_t length) | 243 | static int handle_request(Net_Crypto *c, uint8_t *public_key, uint8_t *data, uint8_t *request_id, uint8_t *packet, uint16_t length) |
272 | { | 244 | { |
273 | 245 | ||
274 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && | 246 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && |
275 | length <= MAX_DATA_SIZE + ENCRYPTION_PADDING && | 247 | length <= MAX_DATA_SIZE + ENCRYPTION_PADDING && |
276 | memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 248 | memcmp(packet + 1, c->self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { |
277 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); | 249 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); |
278 | uint8_t nonce[crypto_box_NONCEBYTES]; | 250 | uint8_t nonce[crypto_box_NONCEBYTES]; |
279 | uint8_t temp[MAX_DATA_SIZE]; | 251 | uint8_t temp[MAX_DATA_SIZE]; |
280 | memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES); | 252 | memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES); |
281 | int len1 = decrypt_data(public_key, self_secret_key, nonce, | 253 | int len1 = decrypt_data(public_key, c->self_secret_key, nonce, |
282 | packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, | 254 | packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, |
283 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); | 255 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); |
284 | 256 | ||
@@ -293,15 +265,14 @@ static int handle_request(uint8_t *public_key, uint8_t *data, uint8_t *request_i | |||
293 | return -1; | 265 | return -1; |
294 | } | 266 | } |
295 | 267 | ||
296 | static cryptopacket_handler_callback cryptopackethandlers[256] = {0}; | 268 | void cryptopacket_registerhandler(Net_Crypto *c, uint8_t byte, cryptopacket_handler_callback cb) |
297 | |||
298 | void cryptopacket_registerhandler(uint8_t byte, cryptopacket_handler_callback cb) | ||
299 | { | 269 | { |
300 | cryptopackethandlers[byte] = cb; | 270 | c->cryptopackethandlers[byte] = cb; |
301 | } | 271 | } |
302 | 272 | ||
303 | static int cryptopacket_handle(IP_Port source, uint8_t *packet, uint32_t length) | 273 | static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, uint32_t length) |
304 | { | 274 | { |
275 | Net_Crypto *c = object; | ||
305 | if (packet[0] == 32) { | 276 | if (packet[0] == 32) { |
306 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING || | 277 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING || |
307 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) | 278 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) |
@@ -311,17 +282,17 @@ static int cryptopacket_handle(IP_Port source, uint8_t *packet, uint32_t length) | |||
311 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 282 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
312 | uint8_t data[MAX_DATA_SIZE]; | 283 | uint8_t data[MAX_DATA_SIZE]; |
313 | uint8_t number; | 284 | uint8_t number; |
314 | int len = handle_request(public_key, data, &number, packet, length); | 285 | int len = handle_request(c, public_key, data, &number, packet, length); |
315 | 286 | ||
316 | if (len == -1 || len == 0) | 287 | if (len == -1 || len == 0) |
317 | return 1; | 288 | return 1; |
318 | 289 | ||
319 | if (!cryptopackethandlers[number]) return 1; | 290 | if (!c->cryptopackethandlers[number]) return 1; |
320 | 291 | ||
321 | cryptopackethandlers[number](source, public_key, data, len); | 292 | c->cryptopackethandlers[number](source, public_key, data, len); |
322 | 293 | ||
323 | } else { /* if request is not for us, try routing it. */ | 294 | } else { /* if request is not for us, try routing it. */ |
324 | if (route_packet(packet + 1, packet, length) == length) | 295 | if (route_packet(packet + 1, packet, length) == length) //NOTE |
325 | return 0; | 296 | return 0; |
326 | } | 297 | } |
327 | } | 298 | } |
@@ -332,7 +303,7 @@ static int cryptopacket_handle(IP_Port source, uint8_t *packet, uint32_t length) | |||
332 | /* Send a crypto handshake packet containing an encrypted secret nonce and session public key | 303 | /* Send a crypto handshake packet containing an encrypted secret nonce and session public key |
333 | to peer with connection_id and public_key | 304 | to peer with connection_id and public_key |
334 | the packet is encrypted with a random nonce which is sent in plain text with the packet */ | 305 | the packet is encrypted with a random nonce which is sent in plain text with the packet */ |
335 | static int send_cryptohandshake(int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 306 | static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) |
336 | { | 307 | { |
337 | uint8_t temp_data[MAX_DATA_SIZE]; | 308 | uint8_t temp_data[MAX_DATA_SIZE]; |
338 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; | 309 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; |
@@ -342,22 +313,22 @@ static int send_cryptohandshake(int connection_id, uint8_t *public_key, uint8_t | |||
342 | memcpy(temp, secret_nonce, crypto_box_NONCEBYTES); | 313 | memcpy(temp, secret_nonce, crypto_box_NONCEBYTES); |
343 | memcpy(temp + crypto_box_NONCEBYTES, session_key, crypto_box_PUBLICKEYBYTES); | 314 | memcpy(temp + crypto_box_NONCEBYTES, session_key, crypto_box_PUBLICKEYBYTES); |
344 | 315 | ||
345 | int len = encrypt_data(public_key, self_secret_key, nonce, temp, crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, | 316 | int len = encrypt_data(public_key, c->self_secret_key, nonce, temp, crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
346 | 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + temp_data); | 317 | 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + temp_data); |
347 | 318 | ||
348 | if (len == -1) | 319 | if (len == -1) |
349 | return 0; | 320 | return 0; |
350 | 321 | ||
351 | temp_data[0] = 2; | 322 | temp_data[0] = 2; |
352 | memcpy(temp_data + 1, self_public_key, crypto_box_PUBLICKEYBYTES); | 323 | memcpy(temp_data + 1, c->self_public_key, crypto_box_PUBLICKEYBYTES); |
353 | memcpy(temp_data + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); | 324 | memcpy(temp_data + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); |
354 | return write_packet(connection_id, temp_data, len + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); | 325 | return write_packet(c->lossless_udp, connection_id, temp_data, len + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); |
355 | } | 326 | } |
356 | 327 | ||
357 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length | 328 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length |
358 | return 1 if successful | 329 | return 1 if successful |
359 | return 0 if failure */ | 330 | return 0 if failure */ |
360 | static int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, | 331 | static int handle_cryptohandshake(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, |
361 | uint8_t *session_key, uint8_t *data, uint16_t length) | 332 | uint8_t *session_key, uint8_t *data, uint16_t length) |
362 | { | 333 | { |
363 | int pad = (- crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES); | 334 | int pad = (- crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES); |
@@ -374,7 +345,7 @@ static int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, | |||
374 | 345 | ||
375 | memcpy(public_key, data + 1, crypto_box_PUBLICKEYBYTES); | 346 | memcpy(public_key, data + 1, crypto_box_PUBLICKEYBYTES); |
376 | 347 | ||
377 | int len = decrypt_data(public_key, self_secret_key, data + 1 + crypto_box_PUBLICKEYBYTES, | 348 | int len = decrypt_data(public_key, c->self_secret_key, data + 1 + crypto_box_PUBLICKEYBYTES, |
378 | data + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, | 349 | data + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, |
379 | crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad, temp); | 350 | crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + pad, temp); |
380 | 351 | ||
@@ -389,13 +360,13 @@ static int handle_cryptohandshake(uint8_t *public_key, uint8_t *secret_nonce, | |||
389 | /* get crypto connection id from public key of peer | 360 | /* get crypto connection id from public key of peer |
390 | return -1 if there are no connections like we are looking for | 361 | return -1 if there are no connections like we are looking for |
391 | return id if it found it */ | 362 | return id if it found it */ |
392 | static int getcryptconnection_id(uint8_t *public_key) | 363 | static int getcryptconnection_id(Net_Crypto *c, uint8_t *public_key) |
393 | { | 364 | { |
394 | uint32_t i; | 365 | uint32_t i; |
395 | 366 | ||
396 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 367 | for (i = 0; i < c->crypto_connections_length; ++i) { |
397 | if (crypto_connections[i].status != CONN_NO_CONNECTION) | 368 | if (c->crypto_connections[i].status != CONN_NO_CONNECTION) |
398 | if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) | 369 | if (memcmp(public_key, c->crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) |
399 | return i; | 370 | return i; |
400 | } | 371 | } |
401 | 372 | ||
@@ -404,63 +375,63 @@ static int getcryptconnection_id(uint8_t *public_key) | |||
404 | 375 | ||
405 | /* set the size of the friend list to numfriends | 376 | /* set the size of the friend list to numfriends |
406 | return -1 if realloc fails */ | 377 | return -1 if realloc fails */ |
407 | int realloc_cryptoconnection(uint32_t num) | 378 | int realloc_cryptoconnection(Net_Crypto *c, uint32_t num) |
408 | { | 379 | { |
409 | if (num == 0) { | 380 | if (num == 0) { |
410 | free(crypto_connections); | 381 | free(c->crypto_connections); |
411 | crypto_connections = NULL; | 382 | c->crypto_connections = NULL; |
412 | return 0; | 383 | return 0; |
413 | } | 384 | } |
414 | 385 | ||
415 | Crypto_Connection *newcrypto_connections = realloc(crypto_connections, num * sizeof(Crypto_Connection)); | 386 | Crypto_Connection *newcrypto_connections = realloc(c->crypto_connections, num * sizeof(Crypto_Connection)); |
416 | 387 | ||
417 | if (newcrypto_connections == NULL) | 388 | if (newcrypto_connections == NULL) |
418 | return -1; | 389 | return -1; |
419 | 390 | ||
420 | crypto_connections = newcrypto_connections; | 391 | c->crypto_connections = newcrypto_connections; |
421 | return 0; | 392 | return 0; |
422 | } | 393 | } |
423 | 394 | ||
424 | /* Start a secure connection with other peer who has public_key and ip_port | 395 | /* Start a secure connection with other peer who has public_key and ip_port |
425 | returns -1 if failure | 396 | returns -1 if failure |
426 | returns crypt_connection_id of the initialized connection if everything went well. */ | 397 | returns crypt_connection_id of the initialized connection if everything went well. */ |
427 | int crypto_connect(uint8_t *public_key, IP_Port ip_port) | 398 | int crypto_connect(Net_Crypto *c, uint8_t *public_key, IP_Port ip_port) |
428 | { | 399 | { |
429 | uint32_t i; | 400 | uint32_t i; |
430 | int id = getcryptconnection_id(public_key); | 401 | int id = getcryptconnection_id(c, public_key); |
431 | 402 | ||
432 | if (id != -1) { | 403 | if (id != -1) { |
433 | IP_Port c_ip = connection_ip(crypto_connections[id].number); | 404 | IP_Port c_ip = connection_ip(c->lossless_udp, c->crypto_connections[id].number); |
434 | 405 | ||
435 | if (c_ip.ip.i == ip_port.ip.i && c_ip.port == ip_port.port) | 406 | if (c_ip.ip.i == ip_port.ip.i && c_ip.port == ip_port.port) |
436 | return -1; | 407 | return -1; |
437 | } | 408 | } |
438 | 409 | ||
439 | if (realloc_cryptoconnection(crypto_connections_length + 1) == -1) | 410 | if (realloc_cryptoconnection(c, c->crypto_connections_length + 1) == -1) |
440 | return -1; | 411 | return -1; |
441 | 412 | ||
442 | memset(&crypto_connections[crypto_connections_length], 0, sizeof(Crypto_Connection)); | 413 | memset(&(c->crypto_connections[c->crypto_connections_length]), 0, sizeof(Crypto_Connection)); |
443 | crypto_connections[crypto_connections_length].number = ~0; | 414 | c->crypto_connections[c->crypto_connections_length].number = ~0; |
444 | 415 | ||
445 | for (i = 0; i <= MAX_CRYPTO_CONNECTIONS; ++i) { | 416 | for (i = 0; i <= c->crypto_connections_length; ++i) { |
446 | if (crypto_connections[i].status == CONN_NO_CONNECTION) { | 417 | if (c->crypto_connections[i].status == CONN_NO_CONNECTION) { |
447 | int id = new_connection(ip_port); | 418 | int id = new_connection(c->lossless_udp, ip_port); |
448 | 419 | ||
449 | if (id == -1) | 420 | if (id == -1) |
450 | return -1; | 421 | return -1; |
451 | 422 | ||
452 | crypto_connections[i].number = id; | 423 | c->crypto_connections[i].number = id; |
453 | crypto_connections[i].status = CONN_HANDSHAKE_SENT; | 424 | c->crypto_connections[i].status = CONN_HANDSHAKE_SENT; |
454 | random_nonce(crypto_connections[i].recv_nonce); | 425 | random_nonce(c->crypto_connections[i].recv_nonce); |
455 | memcpy(crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); | 426 | memcpy(c->crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); |
456 | crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key); | 427 | crypto_box_keypair(c->crypto_connections[i].sessionpublic_key, c->crypto_connections[i].sessionsecret_key); |
457 | 428 | ||
458 | if (crypto_connections_length == i) | 429 | if (c->crypto_connections_length == i) |
459 | ++crypto_connections_length; | 430 | ++c->crypto_connections_length; |
460 | 431 | ||
461 | if (send_cryptohandshake(id, public_key, crypto_connections[i].recv_nonce, | 432 | if (send_cryptohandshake(c, id, public_key, c->crypto_connections[i].recv_nonce, |
462 | crypto_connections[i].sessionpublic_key) == 1) { | 433 | c->crypto_connections[i].sessionpublic_key) == 1) { |
463 | increment_nonce(crypto_connections[i].recv_nonce); | 434 | increment_nonce(c->crypto_connections[i].recv_nonce); |
464 | return i; | 435 | return i; |
465 | } | 436 | } |
466 | 437 | ||
@@ -478,25 +449,25 @@ int crypto_connect(uint8_t *public_key, IP_Port ip_port) | |||
478 | and the session public key for the connection in session_key | 449 | and the session public key for the connection in session_key |
479 | to accept it see: accept_crypto_inbound(...) | 450 | to accept it see: accept_crypto_inbound(...) |
480 | to refuse it just call kill_connection(...) on the connection id */ | 451 | to refuse it just call kill_connection(...) on the connection id */ |
481 | int crypto_inbound(uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 452 | int crypto_inbound(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) |
482 | { | 453 | { |
483 | uint32_t i; | 454 | uint32_t i; |
484 | 455 | ||
485 | for (i = 0; i < MAX_INCOMING; ++i) { | 456 | for (i = 0; i < MAX_INCOMING; ++i) { |
486 | if (incoming_connections[i] != -1) { | 457 | if (c->incoming_connections[i] != -1) { |
487 | if (is_connected(incoming_connections[i]) == 4 || is_connected(incoming_connections[i]) == 0) { | 458 | if (is_connected(c->lossless_udp, c->incoming_connections[i]) == 4 || is_connected(c->lossless_udp, c->incoming_connections[i]) == 0) { |
488 | kill_connection(incoming_connections[i]); | 459 | kill_connection(c->lossless_udp, c->incoming_connections[i]); |
489 | incoming_connections[i] = -1; | 460 | c->incoming_connections[i] = -1; |
490 | continue; | 461 | continue; |
491 | } | 462 | } |
492 | 463 | ||
493 | if (id_packet(incoming_connections[i]) == 2) { | 464 | if (id_packet(c->lossless_udp, c->incoming_connections[i]) == 2) { |
494 | uint8_t temp_data[MAX_DATA_SIZE]; | 465 | uint8_t temp_data[MAX_DATA_SIZE]; |
495 | uint16_t len = read_packet(incoming_connections[i], temp_data); | 466 | uint16_t len = read_packet(c->lossless_udp, c->incoming_connections[i], temp_data); |
496 | 467 | ||
497 | if (handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len)) { | 468 | if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) { |
498 | int connection_id = incoming_connections[i]; | 469 | int connection_id = c->incoming_connections[i]; |
499 | incoming_connections[i] = -1; /* remove this connection from the incoming connection list. */ | 470 | c->incoming_connections[i] = -1; /* remove this connection from the incoming connection list. */ |
500 | return connection_id; | 471 | return connection_id; |
501 | } | 472 | } |
502 | } | 473 | } |
@@ -509,25 +480,25 @@ int crypto_inbound(uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_ | |||
509 | /* kill a crypto connection | 480 | /* kill a crypto connection |
510 | return 0 if killed successfully | 481 | return 0 if killed successfully |
511 | return 1 if there was a problem. */ | 482 | return 1 if there was a problem. */ |
512 | int crypto_kill(int crypt_connection_id) | 483 | int crypto_kill(Net_Crypto *c, int crypt_connection_id) |
513 | { | 484 | { |
514 | if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) | 485 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) |
515 | return 1; | 486 | return 1; |
516 | 487 | ||
517 | if (crypto_connections[crypt_connection_id].status != CONN_NO_CONNECTION) { | 488 | if (c->crypto_connections[crypt_connection_id].status != CONN_NO_CONNECTION) { |
518 | crypto_connections[crypt_connection_id].status = CONN_NO_CONNECTION; | 489 | c->crypto_connections[crypt_connection_id].status = CONN_NO_CONNECTION; |
519 | kill_connection(crypto_connections[crypt_connection_id].number); | 490 | kill_connection(c->lossless_udp, c->crypto_connections[crypt_connection_id].number); |
520 | memset(&crypto_connections[crypt_connection_id], 0 , sizeof(Crypto_Connection)); | 491 | memset(&(c->crypto_connections[crypt_connection_id]), 0 , sizeof(Crypto_Connection)); |
521 | crypto_connections[crypt_connection_id].number = ~0; | 492 | c->crypto_connections[crypt_connection_id].number = ~0; |
522 | uint32_t i; | 493 | uint32_t i; |
523 | 494 | ||
524 | for (i = crypto_connections_length; i != 0; --i) { | 495 | for (i = c->crypto_connections_length; i != 0; --i) { |
525 | if (crypto_connections[i - 1].status != CONN_NO_CONNECTION) | 496 | if (c->crypto_connections[i - 1].status != CONN_NO_CONNECTION) |
526 | break; | 497 | break; |
527 | } | 498 | } |
528 | 499 | ||
529 | crypto_connections_length = i; | 500 | c->crypto_connections_length = i; |
530 | realloc_cryptoconnection(crypto_connections_length); | 501 | realloc_cryptoconnection(c, c->crypto_connections_length); |
531 | return 0; | 502 | return 0; |
532 | } | 503 | } |
533 | 504 | ||
@@ -537,7 +508,7 @@ int crypto_kill(int crypt_connection_id) | |||
537 | /* accept an incoming connection using the parameters provided by crypto_inbound | 508 | /* accept an incoming connection using the parameters provided by crypto_inbound |
538 | return -1 if not successful | 509 | return -1 if not successful |
539 | returns the crypt_connection_id if successful */ | 510 | returns the crypt_connection_id if successful */ |
540 | int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 511 | int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) |
541 | { | 512 | { |
542 | uint32_t i; | 513 | uint32_t i; |
543 | 514 | ||
@@ -549,37 +520,37 @@ int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secre | |||
549 | { | 520 | { |
550 | return -1; | 521 | return -1; |
551 | }*/ | 522 | }*/ |
552 | if (realloc_cryptoconnection(crypto_connections_length + 1) == -1) | 523 | if (realloc_cryptoconnection(c, c->crypto_connections_length + 1) == -1) |
553 | return -1; | 524 | return -1; |
554 | 525 | ||
555 | memset(&crypto_connections[crypto_connections_length], 0, sizeof(Crypto_Connection)); | 526 | memset(&(c->crypto_connections[c->crypto_connections_length]), 0, sizeof(Crypto_Connection)); |
556 | crypto_connections[crypto_connections_length].number = ~0; | 527 | c->crypto_connections[c->crypto_connections_length].number = ~0; |
557 | 528 | ||
558 | for (i = 0; i <= MAX_CRYPTO_CONNECTIONS; ++i) { | 529 | for (i = 0; i <= c->crypto_connections_length; ++i) { |
559 | if (crypto_connections[i].status == CONN_NO_CONNECTION) { | 530 | if (c->crypto_connections[i].status == CONN_NO_CONNECTION) { |
560 | crypto_connections[i].number = connection_id; | 531 | c->crypto_connections[i].number = connection_id; |
561 | crypto_connections[i].status = CONN_NOT_CONFIRMED; | 532 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; |
562 | random_nonce(crypto_connections[i].recv_nonce); | 533 | random_nonce(c->crypto_connections[i].recv_nonce); |
563 | memcpy(crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); | 534 | memcpy(c->crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); |
564 | memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); | 535 | memcpy(c->crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); |
565 | increment_nonce(crypto_connections[i].sent_nonce); | 536 | increment_nonce(c->crypto_connections[i].sent_nonce); |
566 | memcpy(crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); | 537 | memcpy(c->crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); |
567 | 538 | ||
568 | crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key); | 539 | crypto_box_keypair(c->crypto_connections[i].sessionpublic_key, c->crypto_connections[i].sessionsecret_key); |
569 | 540 | ||
570 | if (crypto_connections_length == i) | 541 | if (c->crypto_connections_length == i) |
571 | ++crypto_connections_length; | 542 | ++c->crypto_connections_length; |
572 | 543 | ||
573 | if (send_cryptohandshake(connection_id, public_key, crypto_connections[i].recv_nonce, | 544 | if (send_cryptohandshake(c, connection_id, public_key, c->crypto_connections[i].recv_nonce, |
574 | crypto_connections[i].sessionpublic_key) == 1) { | 545 | c->crypto_connections[i].sessionpublic_key) == 1) { |
575 | increment_nonce(crypto_connections[i].recv_nonce); | 546 | increment_nonce(c->crypto_connections[i].recv_nonce); |
576 | uint32_t zero = 0; | 547 | uint32_t zero = 0; |
577 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, | 548 | encrypt_precompute(c->crypto_connections[i].peersessionpublic_key, |
578 | crypto_connections[i].sessionsecret_key, | 549 | c->crypto_connections[i].sessionsecret_key, |
579 | crypto_connections[i].shared_key); | 550 | c->crypto_connections[i].shared_key); |
580 | crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 551 | c->crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ |
581 | write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); | 552 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); |
582 | crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ | 553 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ |
583 | return i; | 554 | return i; |
584 | } | 555 | } |
585 | 556 | ||
@@ -593,48 +564,54 @@ int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secre | |||
593 | /* return 0 if no connection, 1 we have sent a handshake, 2 if connection is not confirmed yet | 564 | /* return 0 if no connection, 1 we have sent a handshake, 2 if connection is not confirmed yet |
594 | (we have received a handshake but no empty data packet), 3 if the connection is established. | 565 | (we have received a handshake but no empty data packet), 3 if the connection is established. |
595 | 4 if the connection is timed out and waiting to be killed */ | 566 | 4 if the connection is timed out and waiting to be killed */ |
596 | int is_cryptoconnected(int crypt_connection_id) | 567 | int is_cryptoconnected(Net_Crypto *c, int crypt_connection_id) |
597 | { | 568 | { |
598 | if (crypt_connection_id >= 0 && crypt_connection_id < MAX_CRYPTO_CONNECTIONS) | 569 | if (crypt_connection_id >= 0 && crypt_connection_id < c->crypto_connections_length) |
599 | return crypto_connections[crypt_connection_id].status; | 570 | return c->crypto_connections[crypt_connection_id].status; |
600 | 571 | ||
601 | return CONN_NO_CONNECTION; | 572 | return CONN_NO_CONNECTION; |
602 | } | 573 | } |
603 | 574 | ||
604 | /* Generate our public and private keys | 575 | /* Generate our public and private keys |
605 | Only call this function the first time the program starts. */ | 576 | Only call this function the first time the program starts. */ |
606 | void new_keys(void) | 577 | |
578 | extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];//TODO: Remove this | ||
579 | extern uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; | ||
580 | |||
581 | void new_keys(Net_Crypto *c) | ||
607 | { | 582 | { |
608 | crypto_box_keypair(self_public_key, self_secret_key); | 583 | crypto_box_keypair(c->self_public_key, c->self_secret_key); |
584 | memcpy(self_public_key, c->self_public_key, crypto_box_PUBLICKEYBYTES); | ||
585 | memcpy(self_secret_key, c->self_secret_key, crypto_box_PUBLICKEYBYTES); | ||
609 | } | 586 | } |
610 | 587 | ||
611 | /* save the public and private keys to the keys array | 588 | /* save the public and private keys to the keys array |
612 | Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES */ | 589 | Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES */ |
613 | void save_keys(uint8_t *keys) | 590 | void save_keys(Net_Crypto *c, uint8_t *keys) |
614 | { | 591 | { |
615 | memcpy(keys, self_public_key, crypto_box_PUBLICKEYBYTES); | 592 | memcpy(keys, c->self_public_key, crypto_box_PUBLICKEYBYTES); |
616 | memcpy(keys + crypto_box_PUBLICKEYBYTES, self_secret_key, crypto_box_SECRETKEYBYTES); | 593 | memcpy(keys + crypto_box_PUBLICKEYBYTES, c->self_secret_key, crypto_box_SECRETKEYBYTES); |
617 | } | 594 | } |
618 | 595 | ||
619 | /* load the public and private keys from the keys array | 596 | /* load the public and private keys from the keys array |
620 | Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES */ | 597 | Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES */ |
621 | void load_keys(uint8_t *keys) | 598 | void load_keys(Net_Crypto *c, uint8_t *keys) |
622 | { | 599 | { |
623 | memcpy(self_public_key, keys, crypto_box_PUBLICKEYBYTES); | 600 | memcpy(c->self_public_key, keys, crypto_box_PUBLICKEYBYTES); |
624 | memcpy(self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); | 601 | memcpy(c->self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); |
625 | } | 602 | } |
626 | 603 | ||
627 | /* TODO: optimize this | 604 | /* TODO: optimize this |
628 | adds an incoming connection to the incoming_connection list. | 605 | adds an incoming connection to the incoming_connection list. |
629 | returns 0 if successful | 606 | returns 0 if successful |
630 | returns 1 if failure */ | 607 | returns 1 if failure */ |
631 | static int new_incoming(int id) | 608 | static int new_incoming(Net_Crypto *c, int id) |
632 | { | 609 | { |
633 | uint32_t i; | 610 | uint32_t i; |
634 | 611 | ||
635 | for (i = 0; i < MAX_INCOMING; ++i) { | 612 | for (i = 0; i < MAX_INCOMING; ++i) { |
636 | if (incoming_connections[i] == -1) { | 613 | if (c->incoming_connections[i] == -1) { |
637 | incoming_connections[i] = id; | 614 | c->incoming_connections[i] = id; |
638 | return 0; | 615 | return 0; |
639 | } | 616 | } |
640 | } | 617 | } |
@@ -644,81 +621,81 @@ static int new_incoming(int id) | |||
644 | 621 | ||
645 | /* TODO: optimize this | 622 | /* TODO: optimize this |
646 | handle all new incoming connections. */ | 623 | handle all new incoming connections. */ |
647 | static void handle_incomings(void) | 624 | static void handle_incomings(Net_Crypto *c) |
648 | { | 625 | { |
649 | int income; | 626 | int income; |
650 | 627 | ||
651 | while (1) { | 628 | while (1) { |
652 | income = incoming_connection(); | 629 | income = incoming_connection(c->lossless_udp); |
653 | 630 | ||
654 | if (income == -1 || new_incoming(income) ) | 631 | if (income == -1 || new_incoming(c, income) ) |
655 | break; | 632 | break; |
656 | } | 633 | } |
657 | } | 634 | } |
658 | 635 | ||
659 | /* handle received packets for not yet established crypto connections. */ | 636 | /* handle received packets for not yet established crypto connections. */ |
660 | static void receive_crypto(void) | 637 | static void receive_crypto(Net_Crypto *c) |
661 | { | 638 | { |
662 | uint32_t i; | 639 | uint32_t i; |
663 | 640 | ||
664 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 641 | for (i = 0; i < c->crypto_connections_length; ++i) { |
665 | if (crypto_connections[i].status == CONN_HANDSHAKE_SENT) { | 642 | if (c->crypto_connections[i].status == CONN_HANDSHAKE_SENT) { |
666 | uint8_t temp_data[MAX_DATA_SIZE]; | 643 | uint8_t temp_data[MAX_DATA_SIZE]; |
667 | uint8_t secret_nonce[crypto_box_NONCEBYTES]; | 644 | uint8_t secret_nonce[crypto_box_NONCEBYTES]; |
668 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 645 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
669 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; | 646 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; |
670 | uint16_t len; | 647 | uint16_t len; |
671 | 648 | ||
672 | if (id_packet(crypto_connections[i].number) == 2) { /* handle handshake packet. */ | 649 | if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 2) { /* handle handshake packet. */ |
673 | len = read_packet(crypto_connections[i].number, temp_data); | 650 | len = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data); |
674 | 651 | ||
675 | if (handle_cryptohandshake(public_key, secret_nonce, session_key, temp_data, len)) { | 652 | if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) { |
676 | if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 653 | if (memcmp(public_key, c->crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { |
677 | memcpy(crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); | 654 | memcpy(c->crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); |
678 | memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); | 655 | memcpy(c->crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); |
679 | increment_nonce(crypto_connections[i].sent_nonce); | 656 | increment_nonce(c->crypto_connections[i].sent_nonce); |
680 | uint32_t zero = 0; | 657 | uint32_t zero = 0; |
681 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, | 658 | encrypt_precompute(c->crypto_connections[i].peersessionpublic_key, |
682 | crypto_connections[i].sessionsecret_key, | 659 | c->crypto_connections[i].sessionsecret_key, |
683 | crypto_connections[i].shared_key); | 660 | c->crypto_connections[i].shared_key); |
684 | crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 661 | c->crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ |
685 | write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); | 662 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); |
686 | crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ | 663 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ |
687 | } | 664 | } |
688 | } | 665 | } |
689 | } else if (id_packet(crypto_connections[i].number) != -1) { // This should not happen kill the connection if it does | 666 | } else if (id_packet(c->lossless_udp, c->crypto_connections[i].number) != -1) { // This should not happen kill the connection if it does |
690 | crypto_kill(crypto_connections[i].number); | 667 | crypto_kill(c, i); |
691 | return; | 668 | return; |
692 | } | 669 | } |
693 | } | 670 | } |
694 | 671 | ||
695 | if (crypto_connections[i].status == CONN_NOT_CONFIRMED) { | 672 | if (c->crypto_connections[i].status == CONN_NOT_CONFIRMED) { |
696 | if (id_packet(crypto_connections[i].number) == 3) { | 673 | if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 3) { |
697 | uint8_t temp_data[MAX_DATA_SIZE]; | 674 | uint8_t temp_data[MAX_DATA_SIZE]; |
698 | uint8_t data[MAX_DATA_SIZE]; | 675 | uint8_t data[MAX_DATA_SIZE]; |
699 | int length = read_packet(crypto_connections[i].number, temp_data); | 676 | int length = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data); |
700 | int len = decrypt_data(crypto_connections[i].peersessionpublic_key, | 677 | int len = decrypt_data(c->crypto_connections[i].peersessionpublic_key, |
701 | crypto_connections[i].sessionsecret_key, | 678 | c->crypto_connections[i].sessionsecret_key, |
702 | crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data); | 679 | c->crypto_connections[i].recv_nonce, temp_data + 1, length - 1, data); |
703 | uint32_t zero = 0; | 680 | uint32_t zero = 0; |
704 | 681 | ||
705 | if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) { | 682 | if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) { |
706 | increment_nonce(crypto_connections[i].recv_nonce); | 683 | increment_nonce(c->crypto_connections[i].recv_nonce); |
707 | encrypt_precompute(crypto_connections[i].peersessionpublic_key, | 684 | encrypt_precompute(c->crypto_connections[i].peersessionpublic_key, |
708 | crypto_connections[i].sessionsecret_key, | 685 | c->crypto_connections[i].sessionsecret_key, |
709 | crypto_connections[i].shared_key); | 686 | c->crypto_connections[i].shared_key); |
710 | crypto_connections[i].status = CONN_ESTABLISHED; | 687 | c->crypto_connections[i].status = CONN_ESTABLISHED; |
711 | 688 | ||
712 | /* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */ | 689 | /* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */ |
713 | kill_connection_in(crypto_connections[i].number, 3000000); | 690 | kill_connection_in(c->lossless_udp, c->crypto_connections[i].number, 3000000); |
714 | } else { | 691 | } else { |
715 | crypto_kill(crypto_connections[i].number); // This should not happen kill the connection if it does | 692 | crypto_kill(c, i); // This should not happen kill the connection if it does |
716 | return; | 693 | return; |
717 | } | 694 | } |
718 | } else if (id_packet(crypto_connections[i].number) != -1) | 695 | } else if (id_packet(c->lossless_udp, c->crypto_connections[i].number) != -1) |
719 | /* This should not happen | 696 | /* This should not happen |
720 | kill the connection if it does */ | 697 | kill the connection if it does */ |
721 | crypto_kill(crypto_connections[i].number); | 698 | crypto_kill(c, i); |
722 | 699 | ||
723 | return; | 700 | return; |
724 | } | 701 | } |
@@ -727,33 +704,52 @@ static void receive_crypto(void) | |||
727 | 704 | ||
728 | /* run this to (re)initialize net_crypto | 705 | /* run this to (re)initialize net_crypto |
729 | sets all the global connection variables to their default values. */ | 706 | sets all the global connection variables to their default values. */ |
730 | void initNetCrypto(void) | 707 | Net_Crypto * new_net_crypto(Networking_Core * net) |
731 | { | 708 | { |
732 | memset(incoming_connections, -1 , sizeof(incoming_connections)); | 709 | Net_Crypto * temp = calloc(1, sizeof(Net_Crypto)); |
733 | networking_registerhandler(32, &cryptopacket_handle); | 710 | if (temp == NULL) |
711 | return NULL; | ||
712 | temp->lossless_udp = new_lossless_udp(net); | ||
713 | if (temp->lossless_udp == NULL) | ||
714 | return NULL; | ||
715 | memset(temp->incoming_connections, -1 , sizeof(int) * MAX_INCOMING); | ||
716 | //networking_registerhandler(temp, 32, &cryptopacket_handle); | ||
717 | networking_registerhandler(net, 32, &cryptopacket_handle, temp); | ||
718 | temp_net_crypto = temp; //TODO remove | ||
719 | return temp; | ||
734 | } | 720 | } |
735 | 721 | ||
736 | static void killTimedout(void) | 722 | static void kill_timedout(Net_Crypto *c) |
737 | { | 723 | { |
738 | uint32_t i; | 724 | uint32_t i; |
739 | 725 | ||
740 | for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { | 726 | for (i = 0; i < c->crypto_connections_length; ++i) { |
741 | if (crypto_connections[i].status != CONN_NO_CONNECTION && is_connected(crypto_connections[i].number) == 4) | 727 | if (c->crypto_connections[i].status != CONN_NO_CONNECTION && is_connected(c->lossless_udp, c->crypto_connections[i].number) == 4) |
742 | crypto_connections[i].status = CONN_TIMED_OUT; | 728 | c->crypto_connections[i].status = CONN_TIMED_OUT; |
743 | else if (is_connected(crypto_connections[i].number) == 4) { | 729 | else if (is_connected(c->lossless_udp, c->crypto_connections[i].number) == 4) { |
744 | kill_connection(crypto_connections[i].number); | 730 | kill_connection(c->lossless_udp, c->crypto_connections[i].number); |
745 | crypto_connections[i].number = ~0; | 731 | c->crypto_connections[i].number = ~0; |
746 | } | 732 | } |
747 | } | 733 | } |
748 | } | 734 | } |
749 | 735 | ||
750 | /* main loop */ | 736 | /* main loop */ |
751 | void doNetCrypto(void) | 737 | void do_net_crypto(Net_Crypto *c) |
752 | { | 738 | { |
753 | /* TODO:check if friend requests were sent correctly | 739 | do_lossless_udp(c->lossless_udp); |
754 | handle new incoming connections | 740 | handle_incomings(c); |
755 | handle friend requests */ | 741 | receive_crypto(c); |
756 | handle_incomings(); | 742 | kill_timedout(c); |
757 | receive_crypto(); | 743 | } |
758 | killTimedout(); | 744 | |
745 | void kill_net_crypto(Net_Crypto *c) | ||
746 | { | ||
747 | uint32_t i; | ||
748 | |||
749 | for (i = 0; i < c->crypto_connections_length; ++i) { | ||
750 | crypto_kill(c, i); | ||
751 | } | ||
752 | kill_lossless_udp(c->lossless_udp); | ||
753 | memset(c, 0, sizeof(Net_Crypto)); | ||
754 | free(c); | ||
759 | } | 755 | } |