diff options
author | irungentoo <irungentoo@gmail.com> | 2014-01-19 13:53:24 -0500 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2014-01-19 13:53:24 -0500 |
commit | 639b37de672b26daae6bdb4119c0eb677cde0b54 (patch) | |
tree | 229d0b8fec4e3519fca29d95012cd6e8f447650b /toxcore/onion_announce.h | |
parent | cdcb8b86007b6490557f1329f42c08732282c500 (diff) |
Small protocol change for more replay attack prevention.
see the changes to Prevent_Tracking.txt
Diffstat (limited to 'toxcore/onion_announce.h')
-rw-r--r-- | toxcore/onion_announce.h | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/toxcore/onion_announce.h b/toxcore/onion_announce.h index 01cd7243..27b25bd4 100644 --- a/toxcore/onion_announce.h +++ b/toxcore/onion_announce.h | |||
@@ -31,15 +31,20 @@ | |||
31 | 31 | ||
32 | #define ONION_ANNOUNCE_SENDBACK_DATA_LENGTH (crypto_secretbox_NONCEBYTES + sizeof(uint32_t) + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + crypto_secretbox_MACBYTES) | 32 | #define ONION_ANNOUNCE_SENDBACK_DATA_LENGTH (crypto_secretbox_NONCEBYTES + sizeof(uint32_t) + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + crypto_secretbox_MACBYTES) |
33 | 33 | ||
34 | #define ONION_ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + ONION_PING_ID_SIZE + crypto_box_MACBYTES) | 34 | #define ONION_ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + 1 + ONION_PING_ID_SIZE + crypto_box_MACBYTES) |
35 | #define ONION_ANNOUNCE_RESPONSE_MAX_SIZE (ONION_ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES) | 35 | #define ONION_ANNOUNCE_RESPONSE_MAX_SIZE (ONION_ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES) |
36 | 36 | ||
37 | #define ONION_DATA_RESPONSE_MIN_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) | 37 | #define ONION_DATA_RESPONSE_MIN_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) |
38 | 38 | ||
39 | #if ONION_PING_ID_SIZE != crypto_box_PUBLICKEYBYTES | ||
40 | #error announce response packets assume that ONION_PING_ID_SIZE is equal to crypto_box_PUBLICKEYBYTES | ||
41 | #endif | ||
42 | |||
39 | typedef struct { | 43 | typedef struct { |
40 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 44 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
41 | IP_Port ret_ip_port; | 45 | IP_Port ret_ip_port; |
42 | uint8_t ret[ONION_RETURN_3]; | 46 | uint8_t ret[ONION_RETURN_3]; |
47 | uint8_t data_public_key[crypto_box_PUBLICKEYBYTES]; | ||
43 | uint64_t time; | 48 | uint64_t time; |
44 | } Onion_Announce_Entry; | 49 | } Onion_Announce_Entry; |
45 | 50 | ||
@@ -59,6 +64,7 @@ typedef struct { | |||
59 | * public_key and secret_key is the kepair which will be used to encrypt the request. | 64 | * public_key and secret_key is the kepair which will be used to encrypt the request. |
60 | * ping_id is the ping id that will be sent in the request. | 65 | * ping_id is the ping id that will be sent in the request. |
61 | * client_id is the client id of the node we are searching for. | 66 | * client_id is the client id of the node we are searching for. |
67 | * data_public_key is the public key we want others to encrypt their data packets with. | ||
62 | * sendback_data is the data of ONION_ANNOUNCE_SENDBACK_DATA_LENGTH length that we expect to | 68 | * sendback_data is the data of ONION_ANNOUNCE_SENDBACK_DATA_LENGTH length that we expect to |
63 | * receive back in the response. | 69 | * receive back in the response. |
64 | * | 70 | * |
@@ -66,7 +72,7 @@ typedef struct { | |||
66 | * return 0 on success. | 72 | * return 0 on success. |
67 | */ | 73 | */ |
68 | int send_announce_request(DHT *dht, Node_format *nodes, uint8_t *public_key, uint8_t *secret_key, uint8_t *ping_id, | 74 | int send_announce_request(DHT *dht, Node_format *nodes, uint8_t *public_key, uint8_t *secret_key, uint8_t *ping_id, |
69 | uint8_t *client_id, uint8_t *sendback_data); | 75 | uint8_t *client_id, uint8_t *data_public_key, uint8_t *sendback_data); |
70 | 76 | ||
71 | /* Create and send an onion data request packet. | 77 | /* Create and send an onion data request packet. |
72 | * | 78 | * |
@@ -75,13 +81,15 @@ int send_announce_request(DHT *dht, Node_format *nodes, uint8_t *public_key, uin | |||
75 | * send the packet to that person in the form of a response) | 81 | * send the packet to that person in the form of a response) |
76 | * | 82 | * |
77 | * public_key is the real public key of the node which we want to send the data of length length to. | 83 | * public_key is the real public key of the node which we want to send the data of length length to. |
84 | * encrypt_public_key is the public key used to encrypt the data packet. | ||
85 | * | ||
78 | * nonce is the nonce to encrypt this packet with | 86 | * nonce is the nonce to encrypt this packet with |
79 | * | 87 | * |
80 | * return -1 on failure. | 88 | * return -1 on failure. |
81 | * return 0 on success. | 89 | * return 0 on success. |
82 | */ | 90 | */ |
83 | int send_data_request(DHT *dht, Node_format *nodes, uint8_t *public_key, uint8_t *nonce, uint8_t *data, | 91 | int send_data_request(DHT *dht, Node_format *nodes, uint8_t *public_key, uint8_t *encrypt_public_key, uint8_t *nonce, |
84 | uint16_t length); | 92 | uint8_t *data, uint16_t length); |
85 | 93 | ||
86 | 94 | ||
87 | Onion_Announce *new_onion_announce(DHT *dht); | 95 | Onion_Announce *new_onion_announce(DHT *dht); |