diff options
author | irungentoo <irungentoo@gmail.com> | 2014-09-13 23:08:16 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2014-09-13 23:08:16 -0400 |
commit | 331efce602661e002c33199baa75ee767bbd802f (patch) | |
tree | a0ce044ac1c5ac643b367d23288453715031fe16 /toxencryptsave/toxencryptsave.c | |
parent | cbb526e83fcb0a1dd73228c8765ef29491caff2a (diff) |
Properly ported a toxencryptsave function to NaCl.
removed now useless files.
Diffstat (limited to 'toxencryptsave/toxencryptsave.c')
-rw-r--r-- | toxencryptsave/toxencryptsave.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/toxencryptsave/toxencryptsave.c b/toxencryptsave/toxencryptsave.c index 89c47a03..9ae66097 100644 --- a/toxencryptsave/toxencryptsave.c +++ b/toxencryptsave/toxencryptsave.c | |||
@@ -31,6 +31,7 @@ | |||
31 | #ifdef VANILLA_NACL | 31 | #ifdef VANILLA_NACL |
32 | #include "crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" | 32 | #include "crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" |
33 | #include "crypto_pwhash_scryptsalsa208sha256/utils.h" /* sodium_memzero */ | 33 | #include "crypto_pwhash_scryptsalsa208sha256/utils.h" /* sodium_memzero */ |
34 | #include <crypto_hash_sha256.h> | ||
34 | #endif | 35 | #endif |
35 | 36 | ||
36 | /* This "module" provides functions analogous to tox_load and tox_save in toxcore | 37 | /* This "module" provides functions analogous to tox_load and tox_save in toxcore |
@@ -57,6 +58,8 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
57 | if (pplength == 0) | 58 | if (pplength == 0) |
58 | return -1; | 59 | return -1; |
59 | 60 | ||
61 | uint8_t passkey[crypto_hash_sha256_BYTES]; | ||
62 | crypto_hash_sha256(passkey, passphrase, pplength); | ||
60 | /* First derive a key from the password */ | 63 | /* First derive a key from the password */ |
61 | /* http://doc.libsodium.org/key_derivation/README.html */ | 64 | /* http://doc.libsodium.org/key_derivation/README.html */ |
62 | /* note that, according to the documentation, a generic pwhash interface will be created | 65 | /* note that, according to the documentation, a generic pwhash interface will be created |
@@ -66,16 +69,14 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
66 | randombytes(salt, sizeof salt); | 69 | randombytes(salt, sizeof salt); |
67 | 70 | ||
68 | if (crypto_pwhash_scryptsalsa208sha256( | 71 | if (crypto_pwhash_scryptsalsa208sha256( |
69 | key, sizeof(key), passphrase, pplength, salt, | 72 | key, sizeof(key), passkey, sizeof(passkey), salt, |
70 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ | 73 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ |
71 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { | 74 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { |
72 | /* out of memory most likely */ | 75 | /* out of memory most likely */ |
73 | return -1; | 76 | return -1; |
74 | } | 77 | } |
75 | 78 | ||
76 | /* calling sodium_memzero segfaults, but printing passphrase works, so... libsodium bug? | 79 | sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ |
77 | * ...eh, it's not segfaulting anywhere else, so I'll assume pebkac... | ||
78 | sodium_memzero(passphrase, pplength); /* wipe plaintext pw */ | ||
79 | 80 | ||
80 | /* next get plain save data */ | 81 | /* next get plain save data */ |
81 | uint32_t temp_size = tox_size(tox); | 82 | uint32_t temp_size = tox_size(tox); |
@@ -131,6 +132,9 @@ int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t * | |||
131 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; | 132 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; |
132 | uint8_t nonce[crypto_box_NONCEBYTES]; | 133 | uint8_t nonce[crypto_box_NONCEBYTES]; |
133 | 134 | ||
135 | uint8_t passkey[crypto_hash_sha256_BYTES]; | ||
136 | crypto_hash_sha256(passkey, passphrase, pplength); | ||
137 | |||
134 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | 138 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); |
135 | data += crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | 139 | data += crypto_pwhash_scryptsalsa208sha256_SALTBYTES; |
136 | memcpy(nonce, data, crypto_box_NONCEBYTES); | 140 | memcpy(nonce, data, crypto_box_NONCEBYTES); |
@@ -140,14 +144,14 @@ int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t * | |||
140 | uint8_t key[crypto_box_KEYBYTES]; | 144 | uint8_t key[crypto_box_KEYBYTES]; |
141 | 145 | ||
142 | if (crypto_pwhash_scryptsalsa208sha256( | 146 | if (crypto_pwhash_scryptsalsa208sha256( |
143 | key, sizeof(key), passphrase, pplength, salt, | 147 | key, sizeof(key), passkey, sizeof(passkey), salt, |
144 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ | 148 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ |
145 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { | 149 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { |
146 | /* out of memory most likely */ | 150 | /* out of memory most likely */ |
147 | return -1; | 151 | return -1; |
148 | } | 152 | } |
149 | 153 | ||
150 | /* sodium_memzero(passphrase, pplength); /* wipe plaintext pw */ | 154 | sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ |
151 | 155 | ||
152 | /* decrypt the data */ | 156 | /* decrypt the data */ |
153 | uint8_t temp_data[decrypt_length]; | 157 | uint8_t temp_data[decrypt_length]; |