diff options
author | irungentoo <irungentoo@gmail.com> | 2013-08-29 17:55:58 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2013-08-29 17:55:58 -0400 |
commit | ea994606fe4ee57f2d6ac1ddfb2225f8a1aacef0 (patch) | |
tree | 4c7f407486c8780ceaf68bbf17f7266027ed9d05 /toxcore/net_crypto.c | |
parent | 85940f94b2560f87988da8e793eb8998c5b77ead (diff) | |
parent | 82b8927af7f68bbfbf83bbb5ffbc747de7bc288f (diff) |
Merge branch 'master' of https://github.com/JamoBox/ProjectTox-Core into JamoBox-master
Conflicts:
toxcore/LAN_discovery.h
Diffstat (limited to 'toxcore/net_crypto.c')
-rw-r--r-- | toxcore/net_crypto.c | 207 |
1 files changed, 116 insertions, 91 deletions
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index f421c37d..1f00144a 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -46,9 +46,10 @@ uint8_t crypto_iszero(uint8_t *mem, uint32_t length) | |||
46 | } | 46 | } |
47 | 47 | ||
48 | /* Precomputes the shared key from their public_key and our secret_key. | 48 | /* Precomputes the shared key from their public_key and our secret_key. |
49 | This way we can avoid an expensive elliptic curve scalar multiply for each | 49 | * This way we can avoid an expensive elliptic curve scalar multiply for each |
50 | encrypt/decrypt operation. | 50 | * encrypt/decrypt operation. |
51 | enc_key has to be crypto_box_BEFORENMBYTES bytes long. */ | 51 | * enc_key has to be crypto_box_BEFORENMBYTES bytes long. |
52 | */ | ||
52 | void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key) | 53 | void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key) |
53 | { | 54 | { |
54 | crypto_box_beforenm(enc_key, public_key, secret_key); | 55 | crypto_box_beforenm(enc_key, public_key, secret_key); |
@@ -64,14 +65,14 @@ int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, | |||
64 | uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0}; | 65 | uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0}; |
65 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; | 66 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES]; |
66 | 67 | ||
67 | memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); /* pad the message with 32 0 bytes. */ | 68 | memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); // Pad the message with 32 0 bytes. |
68 | 69 | ||
69 | crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, enc_key); | 70 | crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, enc_key); |
70 | 71 | ||
71 | if (crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0) | 72 | if (crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0) |
72 | return -1; | 73 | return -1; |
73 | 74 | ||
74 | /* unpad the encrypted message */ | 75 | /* Unpad the encrypted message. */ |
75 | memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES); | 76 | memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES); |
76 | return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES; | 77 | return length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES; |
77 | } | 78 | } |
@@ -86,18 +87,19 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, | |||
86 | uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES]; | 87 | uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES]; |
87 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; | 88 | uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0}; |
88 | 89 | ||
89 | memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); /* pad the message with 16 0 bytes. */ | 90 | memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); // Pad the message with 16 0 bytes. |
90 | 91 | ||
91 | if (crypto_box_open_afternm(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES, | 92 | if (crypto_box_open_afternm(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES, |
92 | nonce, enc_key) == -1) | 93 | nonce, enc_key) == -1) |
93 | return -1; | 94 | return -1; |
94 | 95 | ||
95 | /* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero | 96 | /* If decryption is successful the first crypto_box_ZEROBYTES of the message will be zero. |
96 | apparently memcmp should not be used so we do this instead:*/ | 97 | * Apparently memcmp should not be used so we do this instead: |
98 | */ | ||
97 | if (crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0) | 99 | if (crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0) |
98 | return -1; | 100 | return -1; |
99 | 101 | ||
100 | /* unpad the plain message */ | 102 | /* Unpad the plain message. */ |
101 | memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES); | 103 | memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES); |
102 | return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES; | 104 | return length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES; |
103 | } | 105 | } |
@@ -118,7 +120,7 @@ int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce, | |||
118 | return decrypt_data_fast(k, nonce, encrypted, length, plain); | 120 | return decrypt_data_fast(k, nonce, encrypted, length, plain); |
119 | } | 121 | } |
120 | 122 | ||
121 | /* increment the given nonce by 1 */ | 123 | /* Increment the given nonce by 1. */ |
122 | static void increment_nonce(uint8_t *nonce) | 124 | static void increment_nonce(uint8_t *nonce) |
123 | { | 125 | { |
124 | uint32_t i; | 126 | uint32_t i; |
@@ -131,7 +133,7 @@ static void increment_nonce(uint8_t *nonce) | |||
131 | } | 133 | } |
132 | } | 134 | } |
133 | 135 | ||
134 | /* fill the given nonce with random bytes. */ | 136 | /* Fill the given nonce with random bytes. */ |
135 | void random_nonce(uint8_t *nonce) | 137 | void random_nonce(uint8_t *nonce) |
136 | { | 138 | { |
137 | uint32_t i, temp; | 139 | uint32_t i, temp; |
@@ -142,9 +144,10 @@ void random_nonce(uint8_t *nonce) | |||
142 | } | 144 | } |
143 | } | 145 | } |
144 | 146 | ||
145 | /* return 0 if there is no received data in the buffer | 147 | /* return 0 if there is no received data in the buffer. |
146 | return -1 if the packet was discarded. | 148 | * return -1 if the packet was discarded. |
147 | return length of received data if successful */ | 149 | * return length of received data if successful. |
150 | */ | ||
148 | int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data) | 151 | int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data) |
149 | { | 152 | { |
150 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) | 153 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) |
@@ -174,8 +177,9 @@ int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data) | |||
174 | return -1; | 177 | return -1; |
175 | } | 178 | } |
176 | 179 | ||
177 | /* return 0 if data could not be put in packet queue | 180 | /* return 0 if data could not be put in packet queue. |
178 | return 1 if data was put into the queue */ | 181 | * return 1 if data was put into the queue. |
182 | */ | ||
179 | int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uint32_t length) | 183 | int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uint32_t length) |
180 | { | 184 | { |
181 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) | 185 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) |
@@ -204,14 +208,16 @@ int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uin | |||
204 | return 1; | 208 | return 1; |
205 | } | 209 | } |
206 | 210 | ||
207 | /* create a request to peer. | 211 | /* Ceate a request to peer. |
208 | send_public_key and send_secret_key are the pub/secret keys of the sender | 212 | * send_public_key and send_secret_key are the pub/secret keys of the sender. |
209 | recv_public_key is public key of reciever | 213 | * recv_public_key is public key of reciever. |
210 | packet must be an array of MAX_DATA_SIZE big. | 214 | * packet must be an array of MAX_DATA_SIZE big. |
211 | Data represents the data we send with the request with length being the length of the data. | 215 | * Data represents the data we send with the request with length being the length of the data. |
212 | request_id is the id of the request (32 = friend request, 254 = ping request) | 216 | * request_id is the id of the request (32 = friend request, 254 = ping request). |
213 | returns -1 on failure | 217 | * |
214 | returns the length of the created packet on success */ | 218 | * returns -1 on failure. |
219 | * returns the length of the created packet on success. | ||
220 | */ | ||
215 | int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *packet, uint8_t *recv_public_key, | 221 | int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *packet, uint8_t *recv_public_key, |
216 | uint8_t *data, uint32_t length, uint8_t request_id) | 222 | uint8_t *data, uint32_t length, uint8_t request_id) |
217 | { | 223 | { |
@@ -237,10 +243,11 @@ int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t * | |||
237 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; | 243 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; |
238 | } | 244 | } |
239 | 245 | ||
240 | /* puts the senders public key in the request in public_key, the data from the request | 246 | /* Puts the senders public key in the request in public_key, the data from the request |
241 | in data if a friend or ping request was sent to us and returns the length of the data. | 247 | * in data if a friend or ping request was sent to us and returns the length of the data. |
242 | packet is the request packet and length is its length | 248 | * packet is the request packet and length is its length. |
243 | return -1 if not valid request. */ | 249 | * return -1 if not valid request. |
250 | */ | ||
244 | static int handle_request(Net_Crypto *c, uint8_t *public_key, uint8_t *data, uint8_t *request_id, uint8_t *packet, | 251 | static int handle_request(Net_Crypto *c, uint8_t *public_key, uint8_t *data, uint8_t *request_id, uint8_t *packet, |
245 | uint16_t length) | 252 | uint16_t length) |
246 | { | 253 | { |
@@ -282,7 +289,7 @@ static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, ui | |||
282 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) | 289 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) |
283 | return 1; | 290 | return 1; |
284 | 291 | ||
285 | if (memcmp(packet + 1, dht->c->self_public_key, crypto_box_PUBLICKEYBYTES) == 0) {// check if request is for us. | 292 | if (memcmp(packet + 1, dht->c->self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { // Check if request is for us. |
286 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 293 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
287 | uint8_t data[MAX_DATA_SIZE]; | 294 | uint8_t data[MAX_DATA_SIZE]; |
288 | uint8_t number; | 295 | uint8_t number; |
@@ -296,8 +303,8 @@ static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, ui | |||
296 | dht->c->cryptopackethandlers[number].function(dht->c->cryptopackethandlers[number].object, source, public_key, data, | 303 | dht->c->cryptopackethandlers[number].function(dht->c->cryptopackethandlers[number].object, source, public_key, data, |
297 | len); | 304 | len); |
298 | 305 | ||
299 | } else { /* if request is not for us, try routing it. */ | 306 | } else { /* If request is not for us, try routing it. */ |
300 | if (route_packet(dht, packet + 1, packet, length) == length) //NOTE | 307 | if (route_packet(dht, packet + 1, packet, length) == length) |
301 | return 0; | 308 | return 0; |
302 | } | 309 | } |
303 | } | 310 | } |
@@ -306,8 +313,9 @@ static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, ui | |||
306 | } | 313 | } |
307 | 314 | ||
308 | /* Send a crypto handshake packet containing an encrypted secret nonce and session public key | 315 | /* Send a crypto handshake packet containing an encrypted secret nonce and session public key |
309 | to peer with connection_id and public_key | 316 | * to peer with connection_id and public_key. |
310 | the packet is encrypted with a random nonce which is sent in plain text with the packet */ | 317 | * The packet is encrypted with a random nonce which is sent in plain text with the packet. |
318 | */ | ||
311 | static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, | 319 | static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, |
312 | uint8_t *session_key) | 320 | uint8_t *session_key) |
313 | { | 321 | { |
@@ -332,9 +340,10 @@ static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *publi | |||
332 | len + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); | 340 | len + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); |
333 | } | 341 | } |
334 | 342 | ||
335 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length | 343 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length. |
336 | return 1 if successful | 344 | * return 1 if successful. |
337 | return 0 if failure */ | 345 | * return 0 if failure. |
346 | */ | ||
338 | static int handle_cryptohandshake(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, | 347 | static int handle_cryptohandshake(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, |
339 | uint8_t *session_key, uint8_t *data, uint16_t length) | 348 | uint8_t *session_key, uint8_t *data, uint16_t length) |
340 | { | 349 | { |
@@ -364,9 +373,10 @@ static int handle_cryptohandshake(Net_Crypto *c, uint8_t *public_key, uint8_t *s | |||
364 | return 1; | 373 | return 1; |
365 | } | 374 | } |
366 | 375 | ||
367 | /* get crypto connection id from public key of peer | 376 | /* Get crypto connection id from public key of peer. |
368 | return -1 if there are no connections like we are looking for | 377 | * return -1 if there are no connections like we are looking for. |
369 | return id if it found it */ | 378 | * return id if it found it. |
379 | */ | ||
370 | static int getcryptconnection_id(Net_Crypto *c, uint8_t *public_key) | 380 | static int getcryptconnection_id(Net_Crypto *c, uint8_t *public_key) |
371 | { | 381 | { |
372 | uint32_t i; | 382 | uint32_t i; |
@@ -380,8 +390,9 @@ static int getcryptconnection_id(Net_Crypto *c, uint8_t *public_key) | |||
380 | return -1; | 390 | return -1; |
381 | } | 391 | } |
382 | 392 | ||
383 | /* set the size of the friend list to numfriends | 393 | /* Set the size of the friend list to numfriends. |
384 | return -1 if realloc fails */ | 394 | * return -1 if realloc fails. |
395 | */ | ||
385 | int realloc_cryptoconnection(Net_Crypto *c, uint32_t num) | 396 | int realloc_cryptoconnection(Net_Crypto *c, uint32_t num) |
386 | { | 397 | { |
387 | if (num == 0) { | 398 | if (num == 0) { |
@@ -399,9 +410,10 @@ int realloc_cryptoconnection(Net_Crypto *c, uint32_t num) | |||
399 | return 0; | 410 | return 0; |
400 | } | 411 | } |
401 | 412 | ||
402 | /* Start a secure connection with other peer who has public_key and ip_port | 413 | /* Start a secure connection with other peer who has public_key and ip_port. |
403 | returns -1 if failure | 414 | * returns -1 if failure. |
404 | returns crypt_connection_id of the initialized connection if everything went well. */ | 415 | * returns crypt_connection_id of the initialized connection if everything went well. |
416 | */ | ||
405 | int crypto_connect(Net_Crypto *c, uint8_t *public_key, IP_Port ip_port) | 417 | int crypto_connect(Net_Crypto *c, uint8_t *public_key, IP_Port ip_port) |
406 | { | 418 | { |
407 | uint32_t i; | 419 | uint32_t i; |
@@ -442,20 +454,22 @@ int crypto_connect(Net_Crypto *c, uint8_t *public_key, IP_Port ip_port) | |||
442 | return i; | 454 | return i; |
443 | } | 455 | } |
444 | 456 | ||
445 | return -1; /* this should never happen. */ | 457 | return -1; /* This should never happen. */ |
446 | } | 458 | } |
447 | } | 459 | } |
448 | 460 | ||
449 | return -1; | 461 | return -1; |
450 | } | 462 | } |
451 | 463 | ||
452 | /* handle an incoming connection | 464 | /* Handle an incoming connection. |
453 | return -1 if no crypto inbound connection | 465 | * return -1 if no crypto inbound connection. |
454 | return incoming connection id (Lossless_UDP one) if there is an incoming crypto connection | 466 | * return incoming connection id (Lossless_UDP one) if there is an incoming crypto connection. |
455 | Put the public key of the peer in public_key, the secret_nonce from the handshake into secret_nonce | 467 | * |
456 | and the session public key for the connection in session_key | 468 | * Put the public key of the peer in public_key, the secret_nonce from the handshake into secret_nonce |
457 | to accept it see: accept_crypto_inbound(...) | 469 | * and the session public key for the connection in session_key. |
458 | to refuse it just call kill_connection(...) on the connection id */ | 470 | * to accept it see: accept_crypto_inbound(...). |
471 | * to refuse it just call kill_connection(...) on the connection id. | ||
472 | */ | ||
459 | int crypto_inbound(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 473 | int crypto_inbound(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) |
460 | { | 474 | { |
461 | uint32_t i; | 475 | uint32_t i; |
@@ -475,7 +489,7 @@ int crypto_inbound(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, ui | |||
475 | 489 | ||
476 | if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) { | 490 | if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) { |
477 | int connection_id = c->incoming_connections[i]; | 491 | int connection_id = c->incoming_connections[i]; |
478 | c->incoming_connections[i] = -1; /* remove this connection from the incoming connection list. */ | 492 | c->incoming_connections[i] = -1; /* Remove this connection from the incoming connection list. */ |
479 | return connection_id; | 493 | return connection_id; |
480 | } | 494 | } |
481 | } | 495 | } |
@@ -485,9 +499,10 @@ int crypto_inbound(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, ui | |||
485 | return -1; | 499 | return -1; |
486 | } | 500 | } |
487 | 501 | ||
488 | /* kill a crypto connection | 502 | /* Kill a crypto connection. |
489 | return 0 if killed successfully | 503 | * return 0 if killed successfully. |
490 | return 1 if there was a problem. */ | 504 | * return 1 if there was a problem. |
505 | */ | ||
491 | int crypto_kill(Net_Crypto *c, int crypt_connection_id) | 506 | int crypto_kill(Net_Crypto *c, int crypt_connection_id) |
492 | { | 507 | { |
493 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) | 508 | if (crypt_connection_id < 0 || crypt_connection_id >= c->crypto_connections_length) |
@@ -513,9 +528,10 @@ int crypto_kill(Net_Crypto *c, int crypt_connection_id) | |||
513 | return 1; | 528 | return 1; |
514 | } | 529 | } |
515 | 530 | ||
516 | /* accept an incoming connection using the parameters provided by crypto_inbound | 531 | /* Accept an incoming connection using the parameters provided by crypto_inbound. |
517 | return -1 if not successful | 532 | * return -1 if not successful. |
518 | returns the crypt_connection_id if successful */ | 533 | * returns the crypt_connection_id if successful. |
534 | */ | ||
519 | int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, | 535 | int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, |
520 | uint8_t *session_key) | 536 | uint8_t *session_key) |
521 | { | 537 | { |
@@ -525,10 +541,11 @@ int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, | |||
525 | return -1; | 541 | return -1; |
526 | 542 | ||
527 | /* | 543 | /* |
528 | if(getcryptconnection_id(public_key) != -1) | 544 | * if(getcryptconnection_id(public_key) != -1) |
529 | { | 545 | * { |
530 | return -1; | 546 | * return -1; |
531 | }*/ | 547 | * } |
548 | */ | ||
532 | if (realloc_cryptoconnection(c, c->crypto_connections_length + 1) == -1) | 549 | if (realloc_cryptoconnection(c, c->crypto_connections_length + 1) == -1) |
533 | return -1; | 550 | return -1; |
534 | 551 | ||
@@ -558,22 +575,25 @@ int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, | |||
558 | c->crypto_connections[i].sessionsecret_key, | 575 | c->crypto_connections[i].sessionsecret_key, |
559 | c->crypto_connections[i].shared_key); | 576 | c->crypto_connections[i].shared_key); |
560 | c->crypto_connections[i].status = | 577 | c->crypto_connections[i].status = |
561 | CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 578 | CONN_ESTABLISHED; /* Connection status needs to be 3 for write_cryptpacket() to work. */ |
562 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); | 579 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); |
563 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ | 580 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* Set it to its proper value right after. */ |
564 | return i; | 581 | return i; |
565 | } | 582 | } |
566 | 583 | ||
567 | return -1; /* this should never happen. */ | 584 | return -1; /* This should never happen. */ |
568 | } | 585 | } |
569 | } | 586 | } |
570 | 587 | ||
571 | return -1; | 588 | return -1; |
572 | } | 589 | } |
573 | 590 | ||
574 | /* return 0 if no connection, 1 we have sent a handshake, 2 if connection is not confirmed yet | 591 | /* return 0 if no connection. |
575 | (we have received a handshake but no empty data packet), 3 if the connection is established. | 592 | * return 1 we have sent a handshake. |
576 | 4 if the connection is timed out and waiting to be killed */ | 593 | * return 2 if connection is not confirmed yet (we have received a handshake but no empty data packet). |
594 | * return 3 if the connection is established. | ||
595 | * return 4 if the connection is timed out and waiting to be killed. | ||
596 | */ | ||
577 | int is_cryptoconnected(Net_Crypto *c, int crypt_connection_id) | 597 | int is_cryptoconnected(Net_Crypto *c, int crypt_connection_id) |
578 | { | 598 | { |
579 | if (crypt_connection_id >= 0 && crypt_connection_id < c->crypto_connections_length) | 599 | if (crypt_connection_id >= 0 && crypt_connection_id < c->crypto_connections_length) |
@@ -587,26 +607,29 @@ void new_keys(Net_Crypto *c) | |||
587 | crypto_box_keypair(c->self_public_key, c->self_secret_key); | 607 | crypto_box_keypair(c->self_public_key, c->self_secret_key); |
588 | } | 608 | } |
589 | 609 | ||
590 | /* save the public and private keys to the keys array | 610 | /* Save the public and private keys to the keys array. |
591 | Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES */ | 611 | * Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES. |
612 | */ | ||
592 | void save_keys(Net_Crypto *c, uint8_t *keys) | 613 | void save_keys(Net_Crypto *c, uint8_t *keys) |
593 | { | 614 | { |
594 | memcpy(keys, c->self_public_key, crypto_box_PUBLICKEYBYTES); | 615 | memcpy(keys, c->self_public_key, crypto_box_PUBLICKEYBYTES); |
595 | memcpy(keys + crypto_box_PUBLICKEYBYTES, c->self_secret_key, crypto_box_SECRETKEYBYTES); | 616 | memcpy(keys + crypto_box_PUBLICKEYBYTES, c->self_secret_key, crypto_box_SECRETKEYBYTES); |
596 | } | 617 | } |
597 | 618 | ||
598 | /* load the public and private keys from the keys array | 619 | /* Load the public and private keys from the keys array. |
599 | Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES */ | 620 | * Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES. |
621 | */ | ||
600 | void load_keys(Net_Crypto *c, uint8_t *keys) | 622 | void load_keys(Net_Crypto *c, uint8_t *keys) |
601 | { | 623 | { |
602 | memcpy(c->self_public_key, keys, crypto_box_PUBLICKEYBYTES); | 624 | memcpy(c->self_public_key, keys, crypto_box_PUBLICKEYBYTES); |
603 | memcpy(c->self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); | 625 | memcpy(c->self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); |
604 | } | 626 | } |
605 | 627 | ||
606 | /* TODO: optimize this | 628 | /* Adds an incoming connection to the incoming_connection list. |
607 | adds an incoming connection to the incoming_connection list. | 629 | * returns 0 if successful |
608 | returns 0 if successful | 630 | * returns 1 if failure. |
609 | returns 1 if failure */ | 631 | * TODO: Optimize this. |
632 | */ | ||
610 | static int new_incoming(Net_Crypto *c, int id) | 633 | static int new_incoming(Net_Crypto *c, int id) |
611 | { | 634 | { |
612 | uint32_t i; | 635 | uint32_t i; |
@@ -621,8 +644,9 @@ static int new_incoming(Net_Crypto *c, int id) | |||
621 | return 1; | 644 | return 1; |
622 | } | 645 | } |
623 | 646 | ||
624 | /* TODO: optimize this | 647 | /* Handle all new incoming connections. |
625 | handle all new incoming connections. */ | 648 | * TODO: Optimize this. |
649 | */ | ||
626 | static void handle_incomings(Net_Crypto *c) | 650 | static void handle_incomings(Net_Crypto *c) |
627 | { | 651 | { |
628 | int income; | 652 | int income; |
@@ -635,7 +659,7 @@ static void handle_incomings(Net_Crypto *c) | |||
635 | } | 659 | } |
636 | } | 660 | } |
637 | 661 | ||
638 | /* handle received packets for not yet established crypto connections. */ | 662 | /* Handle received packets for not yet established crypto connections. */ |
639 | static void receive_crypto(Net_Crypto *c) | 663 | static void receive_crypto(Net_Crypto *c) |
640 | { | 664 | { |
641 | uint32_t i; | 665 | uint32_t i; |
@@ -648,7 +672,7 @@ static void receive_crypto(Net_Crypto *c) | |||
648 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; | 672 | uint8_t session_key[crypto_box_PUBLICKEYBYTES]; |
649 | uint16_t len; | 673 | uint16_t len; |
650 | 674 | ||
651 | if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 2) { /* handle handshake packet. */ | 675 | if (id_packet(c->lossless_udp, c->crypto_connections[i].number) == 2) { /* Handle handshake packet. */ |
652 | len = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data); | 676 | len = read_packet(c->lossless_udp, c->crypto_connections[i].number, temp_data); |
653 | 677 | ||
654 | if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) { | 678 | if (handle_cryptohandshake(c, public_key, secret_nonce, session_key, temp_data, len)) { |
@@ -661,13 +685,13 @@ static void receive_crypto(Net_Crypto *c) | |||
661 | c->crypto_connections[i].sessionsecret_key, | 685 | c->crypto_connections[i].sessionsecret_key, |
662 | c->crypto_connections[i].shared_key); | 686 | c->crypto_connections[i].shared_key); |
663 | c->crypto_connections[i].status = | 687 | c->crypto_connections[i].status = |
664 | CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 688 | CONN_ESTABLISHED; /* Connection status needs to be 3 for write_cryptpacket() to work. */ |
665 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); | 689 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); |
666 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ | 690 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* Set it to its proper value right after. */ |
667 | } | 691 | } |
668 | } | 692 | } |
669 | } else if (id_packet(c->lossless_udp, | 693 | } else if (id_packet(c->lossless_udp, |
670 | c->crypto_connections[i].number) != -1) { // This should not happen kill the connection if it does | 694 | c->crypto_connections[i].number) != -1) { // This should not happen, kill the connection if it does. |
671 | crypto_kill(c, i); | 695 | crypto_kill(c, i); |
672 | return; | 696 | return; |
673 | } | 697 | } |
@@ -690,15 +714,15 @@ static void receive_crypto(Net_Crypto *c) | |||
690 | c->crypto_connections[i].shared_key); | 714 | c->crypto_connections[i].shared_key); |
691 | c->crypto_connections[i].status = CONN_ESTABLISHED; | 715 | c->crypto_connections[i].status = CONN_ESTABLISHED; |
692 | 716 | ||
693 | /* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */ | 717 | /* Connection is accepted so we disable the auto kill by setting it to about 1 month from now. */ |
694 | kill_connection_in(c->lossless_udp, c->crypto_connections[i].number, 3000000); | 718 | kill_connection_in(c->lossless_udp, c->crypto_connections[i].number, 3000000); |
695 | } else { | 719 | } else { |
696 | crypto_kill(c, i); // This should not happen kill the connection if it does | 720 | /* This should not happen, kill the connection if it does. */ |
721 | crypto_kill(c, i); | ||
697 | return; | 722 | return; |
698 | } | 723 | } |
699 | } else if (id_packet(c->lossless_udp, c->crypto_connections[i].number) != -1) | 724 | } else if (id_packet(c->lossless_udp, c->crypto_connections[i].number) != -1) |
700 | /* This should not happen | 725 | /* This should not happen, kill the connection if it does. */ |
701 | kill the connection if it does */ | ||
702 | crypto_kill(c, i); | 726 | crypto_kill(c, i); |
703 | 727 | ||
704 | return; | 728 | return; |
@@ -706,8 +730,9 @@ static void receive_crypto(Net_Crypto *c) | |||
706 | } | 730 | } |
707 | } | 731 | } |
708 | 732 | ||
709 | /* run this to (re)initialize net_crypto | 733 | /* Run this to (re)initialize net_crypto. |
710 | sets all the global connection variables to their default values. */ | 734 | * Sets all the global connection variables to their default values. |
735 | */ | ||
711 | Net_Crypto *new_net_crypto(Networking_Core *net) | 736 | Net_Crypto *new_net_crypto(Networking_Core *net) |
712 | { | 737 | { |
713 | if (net == NULL) | 738 | if (net == NULL) |
@@ -748,7 +773,7 @@ static void kill_timedout(Net_Crypto *c) | |||
748 | } | 773 | } |
749 | } | 774 | } |
750 | 775 | ||
751 | /* main loop */ | 776 | /* Main loop. */ |
752 | void do_net_crypto(Net_Crypto *c) | 777 | void do_net_crypto(Net_Crypto *c) |
753 | { | 778 | { |
754 | do_lossless_udp(c->lossless_udp); | 779 | do_lossless_udp(c->lossless_udp); |