diff options
author | iphydf <iphydf@users.noreply.github.com> | 2016-12-19 15:27:46 +0000 |
---|---|---|
committer | iphydf <iphydf@users.noreply.github.com> | 2016-12-22 10:26:59 +0000 |
commit | 2328cb74abccd563f0cd8d14d30e5314822d321e (patch) | |
tree | b61581536d448a8846dc333b44c9b56e24605a1f /toxcore/crypto_core.api.h | |
parent | ce29c8e7ec91d95167b2dea3aee9fd1ae1aac254 (diff) |
Improve documentation of crypto_core.
Diffstat (limited to 'toxcore/crypto_core.api.h')
-rw-r--r-- | toxcore/crypto_core.api.h | 160 |
1 files changed, 109 insertions, 51 deletions
diff --git a/toxcore/crypto_core.api.h b/toxcore/crypto_core.api.h index 78a17280..6f0b1b0b 100644 --- a/toxcore/crypto_core.api.h +++ b/toxcore/crypto_core.api.h | |||
@@ -21,10 +21,12 @@ | |||
21 | * along with Tox. If not, see <http://www.gnu.org/licenses/>. | 21 | * along with Tox. If not, see <http://www.gnu.org/licenses/>. |
22 | * | 22 | * |
23 | */ | 23 | */ |
24 | #ifndef CORE_CRYPTO_H | 24 | #ifndef CRYPTO_CORE_H |
25 | #define CORE_CRYPTO_H | 25 | #define CRYPTO_CORE_H |
26 | 26 | ||
27 | #include "network.h" | 27 | #include <stdbool.h> |
28 | #include <stdint.h> | ||
29 | #include <stdlib.h> | ||
28 | %} | 30 | %} |
29 | 31 | ||
30 | /** | 32 | /** |
@@ -38,12 +40,12 @@ const CRYPTO_PUBLIC_KEY_SIZE = 32; | |||
38 | const CRYPTO_SECRET_KEY_SIZE = 32; | 40 | const CRYPTO_SECRET_KEY_SIZE = 32; |
39 | 41 | ||
40 | /** | 42 | /** |
41 | * The number of bytes in a shared key computed from public and secret key. | 43 | * The number of bytes in a shared key computed from public and secret keys. |
42 | */ | 44 | */ |
43 | const CRYPTO_SHARED_KEY_SIZE = 32; | 45 | const CRYPTO_SHARED_KEY_SIZE = 32; |
44 | 46 | ||
45 | /** | 47 | /** |
46 | * The number of bytes in a random symmetric key. | 48 | * The number of bytes in a symmetric key. |
47 | */ | 49 | */ |
48 | const CRYPTO_SYMMETRIC_KEY_SIZE = CRYPTO_SHARED_KEY_SIZE; | 50 | const CRYPTO_SYMMETRIC_KEY_SIZE = CRYPTO_SHARED_KEY_SIZE; |
49 | 51 | ||
@@ -68,20 +70,44 @@ const CRYPTO_SHA256_SIZE = 32; | |||
68 | */ | 70 | */ |
69 | const CRYPTO_SHA512_SIZE = 64; | 71 | const CRYPTO_SHA512_SIZE = 64; |
70 | 72 | ||
73 | /** | ||
74 | * A `memcmp`-like function whose running time does not depend on the input | ||
75 | * bytes, only on the input length. Useful to compare sensitive data where | ||
76 | * timing attacks could reveal that data. | ||
77 | * | ||
78 | * This means for instance that comparing "aaaa" and "aaaa" takes 4 time, and | ||
79 | * "aaaa" and "baaa" also takes 4 time. With a regular `memcmp`, the latter may | ||
80 | * take 1 time, because it immediately knows that the two strings are not equal. | ||
81 | */ | ||
71 | static int32_t crypto_memcmp(const void *p1, const void *p2, size_t length); | 82 | static int32_t crypto_memcmp(const void *p1, const void *p2, size_t length); |
83 | |||
84 | /** | ||
85 | * A `bzero`-like function which won't be optimised away by the compiler. Some | ||
86 | * compilers will inline `bzero` or `memset` if they can prove that there will | ||
87 | * be no reads to the written data. Use this function if you want to be sure the | ||
88 | * memory is indeed zeroed. | ||
89 | */ | ||
72 | static void crypto_memzero(void *data, size_t length); | 90 | static void crypto_memzero(void *data, size_t length); |
73 | 91 | ||
74 | static void crypto_sha256(uint8_t *hash, const uint8_t[length] data); | 92 | /** |
75 | static void crypto_sha512(uint8_t *hash, const uint8_t[length] data); | 93 | * Compute a SHA256 hash (32 bytes). |
94 | */ | ||
95 | static void crypto_sha256(uint8_t[CRYPTO_SHA256_SIZE] hash, const uint8_t[length] data); | ||
76 | 96 | ||
77 | static void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key); | 97 | /** |
98 | * Compute a SHA512 hash (64 bytes). | ||
99 | */ | ||
100 | static void crypto_sha512(uint8_t[CRYPTO_SHA512_SIZE] hash, const uint8_t[length] data); | ||
78 | 101 | ||
79 | /** | 102 | /** |
80 | * compare 2 public keys of length CRYPTO_PUBLIC_KEY_SIZE, not vulnerable to timing attacks. | 103 | * Compare 2 public keys of length CRYPTO_PUBLIC_KEY_SIZE, not vulnerable to |
81 | * returns 0 if both mem locations of length are equal, | 104 | * timing attacks. |
82 | * return -1 if they are not. | 105 | * |
106 | * @return 0 if both mem locations of length are equal, -1 if they are not. | ||
83 | */ | 107 | */ |
84 | static int32_t public_key_cmp(const uint8_t *pk1, const uint8_t *pk2); | 108 | static int32_t public_key_cmp( |
109 | const uint8_t[CRYPTO_PUBLIC_KEY_SIZE] pk1, | ||
110 | const uint8_t[CRYPTO_PUBLIC_KEY_SIZE] pk2); | ||
85 | 111 | ||
86 | /** | 112 | /** |
87 | * Return a random 32 bit integer. | 113 | * Return a random 32 bit integer. |
@@ -94,88 +120,120 @@ static uint32_t random_int(); | |||
94 | static uint64_t random_64b(); | 120 | static uint64_t random_64b(); |
95 | 121 | ||
96 | /** | 122 | /** |
97 | * Check if a Tox public key CRYPTO_PUBLIC_KEY_SIZE is valid or not. | 123 | * Check if a Tox public key CRYPTO_PUBLIC_KEY_SIZE is valid or not. This |
98 | * This should only be used for input validation. | 124 | * should only be used for input validation. |
99 | * | 125 | * |
100 | * return 0 if it isn't. | 126 | * @return false if it isn't, true if it is. |
101 | * return 1 if it is. | 127 | */ |
128 | static bool public_key_valid(const uint8_t[CRYPTO_PUBLIC_KEY_SIZE] public_key); | ||
129 | |||
130 | /** | ||
131 | * Generate a new random keypair. Every call to this function is likely to | ||
132 | * generate a different keypair. | ||
102 | */ | 133 | */ |
103 | static int32_t public_key_valid(const uint8_t *public_key); | 134 | static int32_t crypto_new_keypair( |
135 | uint8_t[CRYPTO_PUBLIC_KEY_SIZE] public_key, | ||
136 | uint8_t[CRYPTO_SECRET_KEY_SIZE] secret_key); | ||
104 | 137 | ||
105 | static int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key); | 138 | /** |
139 | * Derive the public key from a given secret key. | ||
140 | */ | ||
141 | static void crypto_derive_public_key( | ||
142 | uint8_t[CRYPTO_PUBLIC_KEY_SIZE] public_key, | ||
143 | const uint8_t[CRYPTO_SECRET_KEY_SIZE] secret_key); | ||
106 | 144 | ||
107 | /** | 145 | /** |
108 | * Encrypts plain of length length to encrypted of length + 16 using the | 146 | * Encrypt plain text of the given length to encrypted of length + |
109 | * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. | 147 | * $CRYPTO_MAC_SIZE using the public key ($CRYPTO_PUBLIC_KEY_SIZE bytes) of the |
148 | * receiver and the secret key of the sender and a $CRYPTO_NONCE_SIZE byte | ||
149 | * nonce. | ||
110 | * | 150 | * |
111 | * return -1 if there was a problem. | 151 | * @return -1 if there was a problem, length of encrypted data if everything |
112 | * return length of encrypted data if everything was fine. | 152 | * was fine. |
113 | */ | 153 | */ |
114 | static int32_t encrypt_data( | 154 | static int32_t encrypt_data( |
115 | const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, | 155 | const uint8_t[CRYPTO_PUBLIC_KEY_SIZE] public_key, |
116 | const uint8_t *plain, uint32_t length, uint8_t *encrypted); | 156 | const uint8_t[CRYPTO_SECRET_KEY_SIZE] secret_key, |
157 | const uint8_t[CRYPTO_NONCE_SIZE] nonce, | ||
158 | const uint8_t[length] plain, | ||
159 | uint8_t *encrypted); | ||
117 | 160 | ||
118 | 161 | ||
119 | /** | 162 | /** |
120 | * Decrypts encrypted of length length to plain of length length - 16 using the | 163 | * Decrypt encrypted text of the given length to plain text of the given length |
121 | * public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce. | 164 | * - $CRYPTO_MAC_SIZE using the public key ($CRYPTO_PUBLIC_KEY_SIZE bytes) of |
165 | * the sender, the secret key of the receiver and a $CRYPTO_NONCE_SIZE byte | ||
166 | * nonce. | ||
122 | * | 167 | * |
123 | * return -1 if there was a problem (decryption failed). | 168 | * @return -1 if there was a problem (decryption failed), length of plain text |
124 | * return length of plain data if everything was fine. | 169 | * data if everything was fine. |
125 | */ | 170 | */ |
126 | static int32_t decrypt_data( | 171 | static int32_t decrypt_data( |
127 | const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, | 172 | const uint8_t[CRYPTO_PUBLIC_KEY_SIZE] public_key, |
128 | const uint8_t *encrypted, uint32_t length, uint8_t *plain); | 173 | const uint8_t[CRYPTO_SECRET_KEY_SIZE] secret_key, |
174 | const uint8_t[CRYPTO_NONCE_SIZE] nonce, | ||
175 | const uint8_t[length] encrypted, | ||
176 | uint8_t *plain); | ||
129 | 177 | ||
130 | /** | 178 | /** |
131 | * Fast encrypt/decrypt operations. Use if this is not a one-time communication. | 179 | * Fast encrypt/decrypt operations. Use if this is not a one-time communication. |
132 | * encrypt_precompute does the shared-key generation once so it does not have | 180 | * $encrypt_precompute does the shared-key generation once so it does not have |
133 | * to be preformed on every encrypt/decrypt. | 181 | * to be preformed on every encrypt/decrypt. |
134 | */ | 182 | */ |
135 | static int32_t encrypt_precompute( | 183 | static int32_t encrypt_precompute( |
136 | const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key); | 184 | const uint8_t[CRYPTO_PUBLIC_KEY_SIZE] public_key, |
185 | const uint8_t[CRYPTO_SECRET_KEY_SIZE] secret_key, | ||
186 | uint8_t[CRYPTO_SHARED_KEY_SIZE] shared_key); | ||
137 | 187 | ||
138 | /** | 188 | /** |
139 | * Encrypts plain of length length to encrypted of length + 16 using a | 189 | * Encrypts plain of length length to encrypted of length + $CRYPTO_MAC_SIZE |
140 | * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce. | 190 | * using a shared key $CRYPTO_SYMMETRIC_KEY_SIZE big and a $CRYPTO_NONCE_SIZE |
191 | * byte nonce. | ||
141 | * | 192 | * |
142 | * return -1 if there was a problem. | 193 | * @return -1 if there was a problem, length of encrypted data if everything |
143 | * return length of encrypted data if everything was fine. | 194 | * was fine. |
144 | */ | 195 | */ |
145 | static int32_t encrypt_data_symmetric( | 196 | static int32_t encrypt_data_symmetric( |
146 | const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, | 197 | const uint8_t[CRYPTO_SHARED_KEY_SIZE] shared_key, |
147 | uint32_t length, uint8_t *encrypted); | 198 | const uint8_t[CRYPTO_NONCE_SIZE] nonce, |
199 | const uint8_t[length] plain, | ||
200 | uint8_t *encrypted); | ||
148 | 201 | ||
149 | /** | 202 | /** |
150 | * Decrypts encrypted of length length to plain of length length - 16 using a | 203 | * Decrypts encrypted of length length to plain of length length - |
151 | * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce. | 204 | * $CRYPTO_MAC_SIZE using a shared key CRYPTO_SHARED_KEY_SIZE big and a |
205 | * $CRYPTO_NONCE_SIZE byte nonce. | ||
152 | * | 206 | * |
153 | * return -1 if there was a problem (decryption failed). | 207 | * @return -1 if there was a problem (decryption failed), length of plain data |
154 | * return length of plain data if everything was fine. | 208 | * if everything was fine. |
155 | */ | 209 | */ |
156 | static int32_t decrypt_data_symmetric( | 210 | static int32_t decrypt_data_symmetric( |
157 | const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, | 211 | const uint8_t[CRYPTO_SHARED_KEY_SIZE] shared_key, |
158 | uint32_t length, uint8_t *plain); | 212 | const uint8_t[CRYPTO_NONCE_SIZE] nonce, |
213 | const uint8_t[length] encrypted, | ||
214 | uint8_t *plain); | ||
159 | 215 | ||
160 | /** | 216 | /** |
161 | * Increment the given nonce by 1. | 217 | * Increment the given nonce by 1 in big endian (rightmost byte incremented |
218 | * first). | ||
162 | */ | 219 | */ |
163 | static void increment_nonce(uint8_t *nonce); | 220 | static void increment_nonce(uint8_t[CRYPTO_NONCE_SIZE] nonce); |
164 | 221 | ||
165 | /** | 222 | /** |
166 | * Increment the given nonce by num. | 223 | * Increment the given nonce by a given number. The number should be in host |
224 | * byte order. | ||
167 | */ | 225 | */ |
168 | static void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num); | 226 | static void increment_nonce_number(uint8_t[CRYPTO_NONCE_SIZE] nonce, uint32_t host_order_num); |
169 | 227 | ||
170 | /** | 228 | /** |
171 | * Fill the given nonce with random bytes. | 229 | * Fill the given nonce with random bytes. |
172 | */ | 230 | */ |
173 | static void random_nonce(uint8_t *nonce); | 231 | static void random_nonce(uint8_t[CRYPTO_NONCE_SIZE] nonce); |
174 | 232 | ||
175 | /** | 233 | /** |
176 | * Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes. | 234 | * Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes. |
177 | */ | 235 | */ |
178 | static void new_symmetric_key(uint8_t *key); | 236 | static void new_symmetric_key(uint8_t[CRYPTO_SYMMETRIC_KEY_SIZE] key); |
179 | 237 | ||
180 | /** | 238 | /** |
181 | * Fill an array of bytes with random values. | 239 | * Fill an array of bytes with random values. |
@@ -183,5 +241,5 @@ static void new_symmetric_key(uint8_t *key); | |||
183 | static void random_bytes(uint8_t[length] bytes); | 241 | static void random_bytes(uint8_t[length] bytes); |
184 | 242 | ||
185 | %{ | 243 | %{ |
186 | #endif | 244 | #endif /* CRYPTO_CORE_H */ |
187 | %} | 245 | %} |