diff options
author | iphydf <iphydf@users.noreply.github.com> | 2016-12-19 15:27:46 +0000 |
---|---|---|
committer | iphydf <iphydf@users.noreply.github.com> | 2016-12-22 10:26:59 +0000 |
commit | 2328cb74abccd563f0cd8d14d30e5314822d321e (patch) | |
tree | b61581536d448a8846dc333b44c9b56e24605a1f /toxcore/crypto_core.c | |
parent | ce29c8e7ec91d95167b2dea3aee9fd1ae1aac254 (diff) |
Improve documentation of crypto_core.
Diffstat (limited to 'toxcore/crypto_core.c')
-rw-r--r-- | toxcore/crypto_core.c | 61 |
1 files changed, 31 insertions, 30 deletions
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index d4f7c562..d3a3e1fc 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
@@ -29,6 +29,10 @@ | |||
29 | 29 | ||
30 | #include "crypto_core.h" | 30 | #include "crypto_core.h" |
31 | 31 | ||
32 | #include "network.h" | ||
33 | |||
34 | #include <string.h> | ||
35 | |||
32 | #ifndef VANILLA_NACL | 36 | #ifndef VANILLA_NACL |
33 | /* We use libsodium by default. */ | 37 | /* We use libsodium by default. */ |
34 | #include <sodium.h> | 38 | #include <sodium.h> |
@@ -41,9 +45,6 @@ | |||
41 | #include <crypto_verify_32.h> | 45 | #include <crypto_verify_32.h> |
42 | #include <randombytes.h> | 46 | #include <randombytes.h> |
43 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) | 47 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) |
44 | /* I know */ | ||
45 | #define sodium_memcmp(a, b, c) memcmp(a, b, c) | ||
46 | #define sodium_memzero(a, c) memset(a, 0, c) | ||
47 | #endif | 48 | #endif |
48 | 49 | ||
49 | #if CRYPTO_PUBLIC_KEY_SIZE != crypto_box_PUBLICKEYBYTES | 50 | #if CRYPTO_PUBLIC_KEY_SIZE != crypto_box_PUBLICKEYBYTES |
@@ -78,19 +79,14 @@ | |||
78 | #error CRYPTO_SHA512_SIZE should be equal to crypto_hash_sha512_BYTES | 79 | #error CRYPTO_SHA512_SIZE should be equal to crypto_hash_sha512_BYTES |
79 | #endif | 80 | #endif |
80 | 81 | ||
81 | /* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. | 82 | int32_t public_key_cmp(const uint8_t *pk1, const uint8_t *pk2) |
82 | returns 0 if both mem locations of length are equal, | ||
83 | return -1 if they are not. */ | ||
84 | int public_key_cmp(const uint8_t *pk1, const uint8_t *pk2) | ||
85 | { | 83 | { |
86 | #if crypto_box_PUBLICKEYBYTES != 32 | 84 | #if CRYPTO_PUBLIC_KEY_SIZE != 32 |
87 | #error crypto_box_PUBLICKEYBYTES is required to be 32 bytes for public_key_cmp to work, | 85 | #error CRYPTO_PUBLIC_KEY_SIZE is required to be 32 bytes for public_key_cmp to work, |
88 | #endif | 86 | #endif |
89 | return crypto_verify_32(pk1, pk2); | 87 | return crypto_verify_32(pk1, pk2); |
90 | } | 88 | } |
91 | 89 | ||
92 | /* return a random number. | ||
93 | */ | ||
94 | uint32_t random_int(void) | 90 | uint32_t random_int(void) |
95 | { | 91 | { |
96 | uint32_t randnum; | 92 | uint32_t randnum; |
@@ -105,13 +101,7 @@ uint64_t random_64b(void) | |||
105 | return randnum; | 101 | return randnum; |
106 | } | 102 | } |
107 | 103 | ||
108 | /* Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. | 104 | bool public_key_valid(const uint8_t *public_key) |
109 | * This should only be used for input validation. | ||
110 | * | ||
111 | * return 0 if it isn't. | ||
112 | * return 1 if it is. | ||
113 | */ | ||
114 | int public_key_valid(const uint8_t *public_key) | ||
115 | { | 105 | { |
116 | if (public_key[31] >= 128) { /* Last bit of key is always zero. */ | 106 | if (public_key[31] >= 128) { /* Last bit of key is always zero. */ |
117 | return 0; | 107 | return 0; |
@@ -123,15 +113,15 @@ int public_key_valid(const uint8_t *public_key) | |||
123 | /* Precomputes the shared key from their public_key and our secret_key. | 113 | /* Precomputes the shared key from their public_key and our secret_key. |
124 | * This way we can avoid an expensive elliptic curve scalar multiply for each | 114 | * This way we can avoid an expensive elliptic curve scalar multiply for each |
125 | * encrypt/decrypt operation. | 115 | * encrypt/decrypt operation. |
126 | * enc_key has to be crypto_box_BEFORENMBYTES bytes long. | 116 | * shared_key has to be crypto_box_BEFORENMBYTES bytes long. |
127 | */ | 117 | */ |
128 | int encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key) | 118 | int32_t encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, uint8_t *shared_key) |
129 | { | 119 | { |
130 | return crypto_box_beforenm(enc_key, public_key, secret_key); | 120 | return crypto_box_beforenm(shared_key, public_key, secret_key); |
131 | } | 121 | } |
132 | 122 | ||
133 | int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, | 123 | int32_t encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, size_t length, |
134 | uint8_t *encrypted) | 124 | uint8_t *encrypted) |
135 | { | 125 | { |
136 | if (length == 0 || !secret_key || !nonce || !plain || !encrypted) { | 126 | if (length == 0 || !secret_key || !nonce || !plain || !encrypted) { |
137 | return -1; | 127 | return -1; |
@@ -152,8 +142,8 @@ int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons | |||
152 | return length + crypto_box_MACBYTES; | 142 | return length + crypto_box_MACBYTES; |
153 | } | 143 | } |
154 | 144 | ||
155 | int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length, | 145 | int32_t decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, size_t length, |
156 | uint8_t *plain) | 146 | uint8_t *plain) |
157 | { | 147 | { |
158 | if (length <= crypto_box_BOXZEROBYTES || !secret_key || !nonce || !encrypted || !plain) { | 148 | if (length <= crypto_box_BOXZEROBYTES || !secret_key || !nonce || !encrypted || !plain) { |
159 | return -1; | 149 | return -1; |
@@ -173,8 +163,8 @@ int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons | |||
173 | return length - crypto_box_MACBYTES; | 163 | return length - crypto_box_MACBYTES; |
174 | } | 164 | } |
175 | 165 | ||
176 | int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, | 166 | int32_t encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, |
177 | const uint8_t *plain, uint32_t length, uint8_t *encrypted) | 167 | const uint8_t *plain, size_t length, uint8_t *encrypted) |
178 | { | 168 | { |
179 | if (!public_key || !secret_key) { | 169 | if (!public_key || !secret_key) { |
180 | return -1; | 170 | return -1; |
@@ -187,8 +177,8 @@ int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uin | |||
187 | return ret; | 177 | return ret; |
188 | } | 178 | } |
189 | 179 | ||
190 | int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, | 180 | int32_t decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, |
191 | const uint8_t *encrypted, uint32_t length, uint8_t *plain) | 181 | const uint8_t *encrypted, size_t length, uint8_t *plain) |
192 | { | 182 | { |
193 | if (!public_key || !secret_key) { | 183 | if (!public_key || !secret_key) { |
194 | return -1; | 184 | return -1; |
@@ -263,7 +253,7 @@ int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key) | |||
263 | return crypto_box_keypair(public_key, secret_key); | 253 | return crypto_box_keypair(public_key, secret_key); |
264 | } | 254 | } |
265 | 255 | ||
266 | void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key) | 256 | void crypto_derive_public_key(uint8_t *public_key, const uint8_t *secret_key) |
267 | { | 257 | { |
268 | crypto_scalarmult_curve25519_base(public_key, secret_key); | 258 | crypto_scalarmult_curve25519_base(public_key, secret_key); |
269 | } | 259 | } |
@@ -280,12 +270,23 @@ void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length) | |||
280 | 270 | ||
281 | void crypto_memzero(void *data, size_t length) | 271 | void crypto_memzero(void *data, size_t length) |
282 | { | 272 | { |
273 | #ifdef VANILLA_NACL | ||
274 | /* TODO(c-toxcore#347): this is insecure. We need to provide our own | ||
275 | * secure memzero/memcmp for NaCL. */ | ||
276 | memset(data, 0, length); | ||
277 | #else | ||
283 | sodium_memzero(data, length); | 278 | sodium_memzero(data, length); |
279 | #endif | ||
284 | } | 280 | } |
285 | 281 | ||
286 | int32_t crypto_memcmp(const void *p1, const void *p2, size_t length) | 282 | int32_t crypto_memcmp(const void *p1, const void *p2, size_t length) |
287 | { | 283 | { |
284 | #ifdef VANILLA_NACL | ||
285 | /* TODO(c-toxcore#347): Implement secure memcmp. */ | ||
286 | return memcmp(p1, p2, length); | ||
287 | #else | ||
288 | return sodium_memcmp(p1, p2, length); | 288 | return sodium_memcmp(p1, p2, length); |
289 | #endif | ||
289 | } | 290 | } |
290 | 291 | ||
291 | void random_bytes(uint8_t *data, size_t length) | 292 | void random_bytes(uint8_t *data, size_t length) |