diff options
| author | irungentoo <irungentoo@gmail.com> | 2013-09-13 10:42:14 -0400 |
|---|---|---|
| committer | irungentoo <irungentoo@gmail.com> | 2013-09-13 10:42:14 -0400 |
| commit | 339dcd60707ea7b46f5c450569d32f852a1c0be7 (patch) | |
| tree | 37ab2079cd253a5aa9c7dbf79442325d81efc5a1 /toxcore | |
| parent | f8b979a92a8c316c49bed28e158a468a2f74346c (diff) | |
Nonce generation changes.
Nonces don't need to be random, only different.
also random_int now gives same quality random numbers for both NaCl and
libsodium.
Diffstat (limited to 'toxcore')
| -rw-r--r-- | toxcore/DHT.c | 4 | ||||
| -rw-r--r-- | toxcore/net_crypto.c | 24 | ||||
| -rw-r--r-- | toxcore/net_crypto.h | 3 | ||||
| -rw-r--r-- | toxcore/network.c | 5 | ||||
| -rw-r--r-- | toxcore/network.h | 2 | ||||
| -rw-r--r-- | toxcore/ping.c | 4 |
6 files changed, 29 insertions, 13 deletions
diff --git a/toxcore/DHT.c b/toxcore/DHT.c index e2d91256..a11f1aad 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c | |||
| @@ -498,7 +498,7 @@ static int getnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cli | |||
| 498 | uint8_t plain[sizeof(ping_id) + CLIENT_ID_SIZE]; | 498 | uint8_t plain[sizeof(ping_id) + CLIENT_ID_SIZE]; |
| 499 | uint8_t encrypt[sizeof(ping_id) + CLIENT_ID_SIZE + ENCRYPTION_PADDING]; | 499 | uint8_t encrypt[sizeof(ping_id) + CLIENT_ID_SIZE + ENCRYPTION_PADDING]; |
| 500 | uint8_t nonce[crypto_box_NONCEBYTES]; | 500 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 501 | random_nonce(nonce); | 501 | new_nonce(nonce); |
| 502 | 502 | ||
| 503 | memcpy(plain, &ping_id, sizeof(ping_id)); | 503 | memcpy(plain, &ping_id, sizeof(ping_id)); |
| 504 | memcpy(plain + sizeof(ping_id), client_id, CLIENT_ID_SIZE); | 504 | memcpy(plain + sizeof(ping_id), client_id, CLIENT_ID_SIZE); |
| @@ -540,7 +540,7 @@ static int sendnodes(DHT *dht, IP_Port ip_port, uint8_t *public_key, uint8_t *cl | |||
| 540 | uint8_t plain[sizeof(ping_id) + sizeof(Node_format) * MAX_SENT_NODES]; | 540 | uint8_t plain[sizeof(ping_id) + sizeof(Node_format) * MAX_SENT_NODES]; |
| 541 | uint8_t encrypt[sizeof(ping_id) + sizeof(Node_format) * MAX_SENT_NODES + ENCRYPTION_PADDING]; | 541 | uint8_t encrypt[sizeof(ping_id) + sizeof(Node_format) * MAX_SENT_NODES + ENCRYPTION_PADDING]; |
| 542 | uint8_t nonce[crypto_box_NONCEBYTES]; | 542 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 543 | random_nonce(nonce); | 543 | new_nonce(nonce); |
| 544 | 544 | ||
| 545 | memcpy(plain, &ping_id, sizeof(ping_id)); | 545 | memcpy(plain, &ping_id, sizeof(ping_id)); |
| 546 | memcpy(plain + sizeof(ping_id), nodes_list, num_nodes * sizeof(Node_format)); | 546 | memcpy(plain + sizeof(ping_id), nodes_list, num_nodes * sizeof(Node_format)); |
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index a182bb53..8163701e 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
| @@ -145,14 +145,26 @@ static void increment_nonce(uint8_t *nonce) | |||
| 145 | /* Fill the given nonce with random bytes. */ | 145 | /* Fill the given nonce with random bytes. */ |
| 146 | void random_nonce(uint8_t *nonce) | 146 | void random_nonce(uint8_t *nonce) |
| 147 | { | 147 | { |
| 148 | uint32_t i, temp; | 148 | randombytes(nonce, crypto_box_NONCEBYTES); |
| 149 | } | ||
| 150 | |||
| 151 | |||
| 152 | static uint8_t base_nonce[crypto_box_NONCEBYTES]; | ||
| 153 | static uint8_t nonce_set = 0; | ||
| 149 | 154 | ||
| 150 | for (i = 0; i < crypto_box_NONCEBYTES / 4; ++i) { | 155 | /*Gives a nonce guaranteed to be different from previous ones.*/ |
| 151 | temp = random_int(); | 156 | void new_nonce(uint8_t *nonce) |
| 152 | memcpy(nonce + 4 * i, &temp, 4); | 157 | { |
| 158 | if (nonce_set == 0) { | ||
| 159 | random_nonce(base_nonce); | ||
| 160 | nonce_set = 1; | ||
| 153 | } | 161 | } |
| 162 | |||
| 163 | increment_nonce(base_nonce); | ||
| 164 | memcpy(nonce, base_nonce, crypto_box_NONCEBYTES); | ||
| 154 | } | 165 | } |
| 155 | 166 | ||
| 167 | |||
| 156 | /* return 0 if there is no received data in the buffer. | 168 | /* return 0 if there is no received data in the buffer. |
| 157 | * return -1 if the packet was discarded. | 169 | * return -1 if the packet was discarded. |
| 158 | * return length of received data if successful. | 170 | * return length of received data if successful. |
| @@ -237,7 +249,7 @@ int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t * | |||
| 237 | uint8_t temp[MAX_DATA_SIZE]; | 249 | uint8_t temp[MAX_DATA_SIZE]; |
| 238 | memcpy(temp + 1, data, length); | 250 | memcpy(temp + 1, data, length); |
| 239 | temp[0] = request_id; | 251 | temp[0] = request_id; |
| 240 | random_nonce(nonce); | 252 | new_nonce(nonce); |
| 241 | int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, | 253 | int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, |
| 242 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); | 254 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); |
| 243 | 255 | ||
| @@ -336,7 +348,7 @@ static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *publi | |||
| 336 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; | 348 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; |
| 337 | uint8_t nonce[crypto_box_NONCEBYTES]; | 349 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 338 | 350 | ||
| 339 | random_nonce(nonce); | 351 | new_nonce(nonce); |
| 340 | memcpy(temp, secret_nonce, crypto_box_NONCEBYTES); | 352 | memcpy(temp, secret_nonce, crypto_box_NONCEBYTES); |
| 341 | memcpy(temp + crypto_box_NONCEBYTES, session_key, crypto_box_PUBLICKEYBYTES); | 353 | memcpy(temp + crypto_box_NONCEBYTES, session_key, crypto_box_PUBLICKEYBYTES); |
| 342 | 354 | ||
diff --git a/toxcore/net_crypto.h b/toxcore/net_crypto.h index e5dfcae0..55c1e3e3 100644 --- a/toxcore/net_crypto.h +++ b/toxcore/net_crypto.h | |||
| @@ -115,6 +115,9 @@ int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce, | |||
| 115 | /* Fill the given nonce with random bytes. */ | 115 | /* Fill the given nonce with random bytes. */ |
| 116 | void random_nonce(uint8_t *nonce); | 116 | void random_nonce(uint8_t *nonce); |
| 117 | 117 | ||
| 118 | /*Gives a nonce guaranteed to be different from previous ones.*/ | ||
| 119 | void new_nonce(uint8_t *nonce); | ||
| 120 | |||
| 118 | /* return 0 if there is no received data in the buffer. | 121 | /* return 0 if there is no received data in the buffer. |
| 119 | * return -1 if the packet was discarded. | 122 | * return -1 if the packet was discarded. |
| 120 | * return length of received data if successful. | 123 | * return length of received data if successful. |
diff --git a/toxcore/network.c b/toxcore/network.c index ed3dff8a..c6c4965e 100644 --- a/toxcore/network.c +++ b/toxcore/network.c | |||
| @@ -49,7 +49,6 @@ uint64_t current_time(void) | |||
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | /* return a random number. | 51 | /* return a random number. |
| 52 | * NOTE: This function should probably not be used where cryptographic randomness is absolutely necessary. | ||
| 53 | */ | 52 | */ |
| 54 | uint32_t random_int(void) | 53 | uint32_t random_int(void) |
| 55 | { | 54 | { |
| @@ -57,7 +56,9 @@ uint32_t random_int(void) | |||
| 57 | /* NOTE: this function comes from libsodium. */ | 56 | /* NOTE: this function comes from libsodium. */ |
| 58 | return randombytes_random(); | 57 | return randombytes_random(); |
| 59 | #else | 58 | #else |
| 60 | return random(); | 59 | uint32_t randnum; |
| 60 | randombytes((uint8_t *)&randnum , sizeof(randnum)); | ||
| 61 | return randnum; | ||
| 61 | #endif | 62 | #endif |
| 62 | } | 63 | } |
| 63 | 64 | ||
diff --git a/toxcore/network.h b/toxcore/network.h index 98307e5b..e1f9b212 100644 --- a/toxcore/network.h +++ b/toxcore/network.h | |||
| @@ -57,6 +57,7 @@ | |||
| 57 | #include <sodium.h> | 57 | #include <sodium.h> |
| 58 | #else | 58 | #else |
| 59 | #include <crypto_box.h> | 59 | #include <crypto_box.h> |
| 60 | #include <randombytes.h> | ||
| 60 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) | 61 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) |
| 61 | #endif | 62 | #endif |
| 62 | 63 | ||
| @@ -130,7 +131,6 @@ typedef struct { | |||
| 130 | uint64_t current_time(void); | 131 | uint64_t current_time(void); |
| 131 | 132 | ||
| 132 | /* return a random number. | 133 | /* return a random number. |
| 133 | * NOTE: this function should probably not be used where cryptographic randomness is absolutely necessary. | ||
| 134 | */ | 134 | */ |
| 135 | uint32_t random_int(void); | 135 | uint32_t random_int(void); |
| 136 | 136 | ||
diff --git a/toxcore/ping.c b/toxcore/ping.c index 3b39d911..3a189f23 100644 --- a/toxcore/ping.c +++ b/toxcore/ping.c | |||
| @@ -135,7 +135,7 @@ int send_ping_request(void *ping, Net_Crypto *c, IP_Port ipp, uint8_t *client_id | |||
| 135 | 135 | ||
| 136 | pk[0] = NET_PACKET_PING_REQUEST; | 136 | pk[0] = NET_PACKET_PING_REQUEST; |
| 137 | id_cpy(pk + 1, c->self_public_key); // Our pubkey | 137 | id_cpy(pk + 1, c->self_public_key); // Our pubkey |
| 138 | random_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate random nonce | 138 | new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce |
| 139 | 139 | ||
| 140 | // Encrypt ping_id using recipient privkey | 140 | // Encrypt ping_id using recipient privkey |
| 141 | rc = encrypt_data(client_id, | 141 | rc = encrypt_data(client_id, |
| @@ -160,7 +160,7 @@ int send_ping_response(Net_Crypto *c, IP_Port ipp, uint8_t *client_id, uint64_t | |||
| 160 | 160 | ||
| 161 | pk[0] = NET_PACKET_PING_RESPONSE; | 161 | pk[0] = NET_PACKET_PING_RESPONSE; |
| 162 | id_cpy(pk + 1, c->self_public_key); // Our pubkey | 162 | id_cpy(pk + 1, c->self_public_key); // Our pubkey |
| 163 | random_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate random nonce | 163 | new_nonce(pk + 1 + CLIENT_ID_SIZE); // Generate new nonce |
| 164 | 164 | ||
| 165 | // Encrypt ping_id using recipient privkey | 165 | // Encrypt ping_id using recipient privkey |
| 166 | rc = encrypt_data(client_id, | 166 | rc = encrypt_data(client_id, |