diff options
| author | irungentoo <irungentoo@gmail.com> | 2013-07-06 10:57:49 -0400 |
|---|---|---|
| committer | irungentoo <irungentoo@gmail.com> | 2013-07-06 10:57:49 -0400 |
| commit | 7458473dcac19b1aed0803b5f8649f905f5ce7fb (patch) | |
| tree | 99c51e4c10bef959dd851da481e6065c7576c368 /core/net_crypto.h | |
| parent | 928fc1e65a315cfb09b61f7b7ea8313a523a5326 (diff) | |
Forward secrecy implemented into crypto.
Diffstat (limited to 'core/net_crypto.h')
| -rw-r--r-- | core/net_crypto.h | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/core/net_crypto.h b/core/net_crypto.h index 850bcd13..3de0eb2f 100644 --- a/core/net_crypto.h +++ b/core/net_crypto.h | |||
| @@ -19,17 +19,19 @@ extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; | |||
| 19 | 19 | ||
| 20 | 20 | ||
| 21 | //encrypts plain of length length to encrypted of length + 16 using the | 21 | //encrypts plain of length length to encrypted of length + 16 using the |
| 22 | //public key(32 bytes) of the reciever and a 24 byte nonce | 22 | //public key(32 bytes) of the reciever and the secret key of the sender and a 24 byte nonce |
| 23 | //return -1 if there was a problem. | 23 | //return -1 if there was a problem. |
| 24 | //return length of encrypted data if everything was fine. | 24 | //return length of encrypted data if everything was fine. |
| 25 | int encrypt_data(uint8_t * public_key, uint8_t * nonce, uint8_t * plain, uint32_t length, uint8_t * encrypted); | 25 | int encrypt_data(uint8_t * public_key, uint8_t * secret_key, uint8_t * nonce, |
| 26 | uint8_t * plain, uint32_t length, uint8_t * encrypted); | ||
| 26 | 27 | ||
| 27 | 28 | ||
| 28 | //decrypts encrypted of length length to plain of length length - 16 using the | 29 | //decrypts encrypted of length length to plain of length length - 16 using the |
| 29 | //public key(32 bytes) of the sender and a 24 byte nonce | 30 | //public key(32 bytes) of the sender, the secret key of the reciever and a 24 byte nonce |
| 30 | //return -1 if there was a problem(decryption failed) | 31 | //return -1 if there was a problem(decryption failed) |
| 31 | //return length of plain data if everything was fine. | 32 | //return length of plain data if everything was fine. |
| 32 | int decrypt_data(uint8_t * public_key, uint8_t * nonce, uint8_t * encrypted, uint32_t length, uint8_t * plain); | 33 | int decrypt_data(uint8_t * public_key, uint8_t * secret_key, uint8_t * nonce, |
| 34 | uint8_t * encrypted, uint32_t length, uint8_t * plain); | ||
| 33 | 35 | ||
| 34 | 36 | ||
| 35 | //return 0 if there is no received data in the buffer | 37 | //return 0 if there is no received data in the buffer |
| @@ -76,16 +78,17 @@ int crypto_kill(int crypt_connection_id); | |||
| 76 | //handle an incoming connection | 78 | //handle an incoming connection |
| 77 | //return -1 if no crypto inbound connection | 79 | //return -1 if no crypto inbound connection |
| 78 | //return incomming connection id (Lossless_UDP one) if there is an incomming crypto connection | 80 | //return incomming connection id (Lossless_UDP one) if there is an incomming crypto connection |
| 79 | //Put the public key of the peer in public_key and the secret_nonce from the handshake into secret_nonce | 81 | //Put the public key of the peer in public_key, the secret_nonce from the handshake into secret_nonce |
| 82 | //and the session public key for the connection in session_key | ||
| 80 | //to accept it see: accept_crypto_inbound(...) | 83 | //to accept it see: accept_crypto_inbound(...) |
| 81 | //to refuse it just call kill_connection(...) on the connection id | 84 | //to refuse it just call kill_connection(...) on the connection id |
| 82 | int crypto_inbound(uint8_t * public_key, uint8_t * secret_nonce); | 85 | int crypto_inbound(uint8_t * public_key, uint8_t * secret_nonce, uint8_t * session_key); |
| 83 | 86 | ||
| 84 | 87 | ||
| 85 | //accept an incoming connection using the parameters provided by crypto_inbound | 88 | //accept an incoming connection using the parameters provided by crypto_inbound |
| 86 | //return -1 if not successful | 89 | //return -1 if not successful |
| 87 | //returns the crypt_connection_id if successful | 90 | //returns the crypt_connection_id if successful |
| 88 | int accept_crypto_inbound(int connection_id, uint8_t * public_key, uint8_t * secret_nonce); | 91 | int accept_crypto_inbound(int connection_id, uint8_t * public_key, uint8_t * secret_nonce, uint8_t * session_key); |
| 89 | 92 | ||
| 90 | //return 0 if no connection, 1 we have sent a handshake, 2 if connexion is not confirmed yet | 93 | //return 0 if no connection, 1 we have sent a handshake, 2 if connexion is not confirmed yet |
| 91 | //(we have recieved a hanshake but no empty data packet), 3 if the connection is established. | 94 | //(we have recieved a hanshake but no empty data packet), 3 if the connection is established. |