First part of DHT hardening done.

Added crypto to the DHT communications. This defeats completely the first attack mentioned in docs/DHT_hardening. Also updated the build system to build the latest test (it links it with libsodium)
author: irungentoo <irungentoo@gmail.com> 2013-07-12 16:27:19 -0400
committer: irungentoo <irungentoo@gmail.com> 2013-07-12 16:27:19 -0400
commit: 79aa715514e7d587695ce0182fdf97537d9d9b85 (patch)
tree: 213a0566099fadd3b49f9e11cbb4c70053999360 /core/net_crypto.h
parent: e830861a9d96f4a8e8ea203e24cfe431f7960c04 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/core/net_crypto.h b/core/net_crypto.h
index fe655c92..4c3b53de 100644
--- a/core/net_crypto.h
+++ b/core/net_crypto.h
@@ -32,8 +32,9 @@
 #endif
 //Our public key.
 extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
+extern uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
+#define ENCRYPTION_PADDING (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
 //encrypts plain of length length to encrypted of length + 16 using the 
 //public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce
@@ -51,6 +52,10 @@ int decrypt_data(uint8_t * public_key, uint8_t * secret_key, uint8_t * nonce,
                                       uint8_t * encrypted, uint32_t length, uint8_t * plain);
+//fill the given nonce with random bytes.
+void random_nonce(uint8_t * nonce);
 //return 0 if there is no received data in the buffer 
 //return -1  if the packet was discarded.
 //return length of received data if successful
author	irungentoo <irungentoo@gmail.com>	2013-07-12 16:27:19 -0400
committer	irungentoo <irungentoo@gmail.com>	2013-07-12 16:27:19 -0400
commit	79aa715514e7d587695ce0182fdf97537d9d9b85 (patch)
tree	213a0566099fadd3b49f9e11cbb4c70053999360 /core/net_crypto.h
parent	e830861a9d96f4a8e8ea203e24cfe431f7960c04 (diff)

diff --git a/core/net_crypto.h b/core/net_crypto.h index fe655c92..4c3b53de 100644 --- a/core/net_crypto.h +++ b/core/net_crypto.h
@@ -32,8 +32,9 @@
32	#endif	32	#endif
33	//Our public key.	33	//Our public key.
34	extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];	34	extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
		35	extern uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
35		36
36		37	#define ENCRYPTION_PADDING (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
37		38
38	//encrypts plain of length length to encrypted of length + 16 using the	39	//encrypts plain of length length to encrypted of length + 16 using the
39	//public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce	40	//public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce
@@ -51,6 +52,10 @@ int decrypt_data(uint8_t * public_key, uint8_t * secret_key, uint8_t * nonce,
51	uint8_t * encrypted, uint32_t length, uint8_t * plain);	52	uint8_t * encrypted, uint32_t length, uint8_t * plain);
52		53
53		54
		55	//fill the given nonce with random bytes.
		56	void random_nonce(uint8_t * nonce);
		57
		58
54	//return 0 if there is no received data in the buffer	59	//return 0 if there is no received data in the buffer
55	//return -1 if the packet was discarded.	60	//return -1 if the packet was discarded.
56	//return length of received data if successful	61	//return length of received data if successful