diff options
author | irungentoo <irungentoo@gmail.com> | 2013-07-12 16:27:19 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2013-07-12 16:27:19 -0400 |
commit | 79aa715514e7d587695ce0182fdf97537d9d9b85 (patch) | |
tree | 213a0566099fadd3b49f9e11cbb4c70053999360 /core/net_crypto.h | |
parent | e830861a9d96f4a8e8ea203e24cfe431f7960c04 (diff) |
First part of DHT hardening done.
Added crypto to the DHT communications.
This defeats completely the first attack mentioned in
docs/DHT_hardening.
Also updated the build system to build the latest test (it links it with
libsodium)
Diffstat (limited to 'core/net_crypto.h')
-rw-r--r-- | core/net_crypto.h | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/core/net_crypto.h b/core/net_crypto.h index fe655c92..4c3b53de 100644 --- a/core/net_crypto.h +++ b/core/net_crypto.h | |||
@@ -32,8 +32,9 @@ | |||
32 | #endif | 32 | #endif |
33 | //Our public key. | 33 | //Our public key. |
34 | extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; | 34 | extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; |
35 | extern uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; | ||
35 | 36 | ||
36 | 37 | #define ENCRYPTION_PADDING (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) | |
37 | 38 | ||
38 | //encrypts plain of length length to encrypted of length + 16 using the | 39 | //encrypts plain of length length to encrypted of length + 16 using the |
39 | //public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce | 40 | //public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce |
@@ -51,6 +52,10 @@ int decrypt_data(uint8_t * public_key, uint8_t * secret_key, uint8_t * nonce, | |||
51 | uint8_t * encrypted, uint32_t length, uint8_t * plain); | 52 | uint8_t * encrypted, uint32_t length, uint8_t * plain); |
52 | 53 | ||
53 | 54 | ||
55 | //fill the given nonce with random bytes. | ||
56 | void random_nonce(uint8_t * nonce); | ||
57 | |||
58 | |||
54 | //return 0 if there is no received data in the buffer | 59 | //return 0 if there is no received data in the buffer |
55 | //return -1 if the packet was discarded. | 60 | //return -1 if the packet was discarded. |
56 | //return length of received data if successful | 61 | //return length of received data if successful |