diff options
author | Dubslow <bunslow@gmail.com> | 2015-03-31 18:15:59 -0500 |
---|---|---|
committer | Dubslow <bunslow@gmail.com> | 2015-03-31 18:31:23 -0500 |
commit | e998aca8f75e46cd360210ac588ee77af0106c6d (patch) | |
tree | 1b475ea960261fec87e963cf06243b956bc73b9b /toxencryptsave/toxencryptsave.c | |
parent | 1d583fa1118edeff48b5461a855b9d32c6aa0cb0 (diff) |
Fix toxencryptsave to be consistent with new_api
Upon my own decision, the two tox_encryped_new convenience functions were removed due to basically needing two different sets of error codes.
At iphydf's suggestion the corresponding tox_get_encrypted_savedata convenience functions were removed as well.
Diffstat (limited to 'toxencryptsave/toxencryptsave.c')
-rw-r--r-- | toxencryptsave/toxencryptsave.c | 235 |
1 files changed, 87 insertions, 148 deletions
diff --git a/toxencryptsave/toxencryptsave.c b/toxencryptsave/toxencryptsave.c index 874f0fd0..e7ec31f1 100644 --- a/toxencryptsave/toxencryptsave.c +++ b/toxencryptsave/toxencryptsave.c | |||
@@ -37,81 +37,68 @@ | |||
37 | #include <crypto_hash_sha256.h> | 37 | #include <crypto_hash_sha256.h> |
38 | #endif | 38 | #endif |
39 | 39 | ||
40 | #define TOX_PASS_ENCRYPTION_EXTRA_LENGTH (crypto_box_MACBYTES + crypto_box_NONCEBYTES \ | 40 | #if TOX_PASS_SALT_LENGTH != crypto_pwhash_scryptsalsa208sha256_SALTBYTES |
41 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) | 41 | #error TOX_PASS_SALT_LENGTH is assumed to be equal to crypto_pwhash_scryptsalsa208sha256_SALTBYTES |
42 | 42 | #endif | |
43 | #define TOX_PASS_KEY_LENGTH (crypto_pwhash_scryptsalsa208sha256_SALTBYTES + crypto_box_KEYBYTES) | ||
44 | |||
45 | int tox_pass_encryption_extra_length() | ||
46 | { | ||
47 | return TOX_PASS_ENCRYPTION_EXTRA_LENGTH; | ||
48 | } | ||
49 | 43 | ||
50 | int tox_pass_key_length() | 44 | #if TOX_PASS_KEY_LENGTH != (crypto_pwhash_scryptsalsa208sha256_SALTBYTES + crypto_box_KEYBYTES) |
51 | { | 45 | #error TOX_PASS_KEY_LENGTH is assumed to be equal to (crypto_pwhash_scryptsalsa208sha256_SALTBYTES + crypto_box_KEYBYTES) |
52 | return TOX_PASS_KEY_LENGTH; | 46 | #endif |
53 | } | ||
54 | 47 | ||
55 | int tox_pass_salt_length() | 48 | #if TOX_PASS_ENCRYPTION_EXTRA_LENGTH != (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) |
56 | { | 49 | #error TOX_PASS_ENCRYPTION_EXTRA_LENGTH is assumed to be equal to (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) |
57 | return crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | 50 | #endif |
58 | } | ||
59 | 51 | ||
60 | /* This "module" provides functions analogous to tox_load and tox_save in toxcore | 52 | /* Clients should consider alerting their users that, unlike plain data, if even one bit |
61 | * Clients should consider alerting their users that, unlike plain data, if even one bit | ||
62 | * becomes corrupted, the data will be entirely unrecoverable. | 53 | * becomes corrupted, the data will be entirely unrecoverable. |
63 | * Ditto if they forget their password, there is no way to recover the data. | 54 | * Ditto if they forget their password, there is no way to recover the data. |
64 | */ | 55 | */ |
65 | 56 | ||
66 | /* return size of the messenger data (for encrypted saving). */ | ||
67 | uint32_t tox_encrypted_size(const Tox *tox) | ||
68 | { | ||
69 | return tox_get_savedata_size(tox) + TOX_PASS_ENCRYPTION_EXTRA_LENGTH; | ||
70 | } | ||
71 | |||
72 | /* This retrieves the salt used to encrypt the given data, which can then be passed to | 57 | /* This retrieves the salt used to encrypt the given data, which can then be passed to |
73 | * derive_key_with_salt to produce the same key as was previously used. Any encrpyted | 58 | * derive_key_with_salt to produce the same key as was previously used. Any encrpyted |
74 | * data with this module can be used as input. | 59 | * data with this module can be used as input. |
75 | * | 60 | * |
76 | * returns -1 if the magic number is wrong | 61 | * returns true if magic number matches |
77 | * returns 0 otherwise (no guarantee about validity of data) | 62 | * success does not say anything about the validity of the data, only that data of |
63 | * the appropriate size was copied | ||
78 | */ | 64 | */ |
79 | int tox_get_salt(uint8_t *data, uint8_t *salt) | 65 | bool tox_get_salt(const uint8_t *data, uint8_t *salt) |
80 | { | 66 | { |
81 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) != 0) | 67 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) != 0) |
82 | return -1; | 68 | return 0; |
83 | 69 | ||
84 | data += TOX_ENC_SAVE_MAGIC_LENGTH; | 70 | data += TOX_ENC_SAVE_MAGIC_LENGTH; |
85 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | 71 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); |
86 | return 0; | 72 | return 1; |
87 | } | 73 | } |
88 | 74 | ||
89 | /* Generates a secret symmetric key from the given passphrase. out_key must be at least | 75 | /* Generates a secret symmetric key from the given passphrase. out_key must be at least |
90 | * TOX_PASS_KEY_LENGTH bytes long. | 76 | * TOX_PASS_KEY_LENGTH bytes long. |
91 | * Be sure to not compromise the key! Only keep it in memory, do not write to disk. | 77 | * Be sure to not compromise the key! Only keep it in memory, do not write to disk. |
92 | * This function is fairly cheap, but irungentoo insists that you be allowed to | ||
93 | * cache the result if you want, to minimize computation for repeated encryptions. | ||
94 | * The password is zeroed after key derivation. | 78 | * The password is zeroed after key derivation. |
95 | * The key should only be used with the other functions in this module, as it | 79 | * The key should only be used with the other functions in this module, as it |
96 | * includes a salt. | 80 | * includes a salt. |
81 | * Note that this function is not deterministic; to derive the same key from a | ||
82 | * password, you also must know the random salt that was used. See below. | ||
97 | * | 83 | * |
98 | * returns 0 on success | 84 | * returns true on success |
99 | * returns -1 on failure | ||
100 | */ | 85 | */ |
101 | int tox_derive_key_from_pass(uint8_t *passphrase, uint32_t pplength, uint8_t *out_key) | 86 | bool tox_derive_key_from_pass(uint8_t *passphrase, size_t pplength, uint8_t *out_key, TOX_ERR_KEY_DERIVATION *error) |
102 | { | 87 | { |
103 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; | 88 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; |
104 | randombytes(salt, sizeof salt); | 89 | randombytes(salt, sizeof salt); |
105 | return tox_derive_key_with_salt(passphrase, pplength, salt, out_key); | 90 | return tox_derive_key_with_salt(passphrase, pplength, salt, out_key, error); |
106 | } | 91 | } |
107 | 92 | ||
108 | /* Same as above, except with use the given salt for deterministic key derivation. | 93 | /* Same as above, except with use the given salt for deterministic key derivation. |
109 | * The salt must be tox_salt_length() bytes in length. | 94 | * The salt must be tox_salt_length() bytes in length. |
110 | */ | 95 | */ |
111 | int tox_derive_key_with_salt(uint8_t *passphrase, uint32_t pplength, uint8_t *salt, uint8_t *out_key) | 96 | bool tox_derive_key_with_salt(uint8_t *passphrase, size_t pplength, uint8_t *salt, uint8_t *out_key, TOX_ERR_KEY_DERIVATION *error) |
112 | { | 97 | { |
113 | if (pplength == 0) | 98 | if (pplength == 0 || !passphrase || !salt || !out_key) { |
114 | return -1; | 99 | SET_ERROR_PARAMETER(error, TOX_ERR_KEY_DERIVATION_NULL); |
100 | return 0; | ||
101 | } | ||
115 | 102 | ||
116 | uint8_t passkey[crypto_hash_sha256_BYTES]; | 103 | uint8_t passkey[crypto_hash_sha256_BYTES]; |
117 | crypto_hash_sha256(passkey, passphrase, pplength); | 104 | crypto_hash_sha256(passkey, passphrase, pplength); |
@@ -127,27 +114,32 @@ int tox_derive_key_with_salt(uint8_t *passphrase, uint32_t pplength, uint8_t *sa | |||
127 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ | 114 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ |
128 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { | 115 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { |
129 | /* out of memory most likely */ | 116 | /* out of memory most likely */ |
130 | return -1; | 117 | SET_ERROR_PARAMETER(error, TOX_ERR_KEY_DERIVATION_FAILED); |
118 | return 0; | ||
131 | } | 119 | } |
132 | 120 | ||
133 | sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ | 121 | sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ |
134 | memcpy(out_key, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | 122 | memcpy(out_key, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); |
135 | memcpy(out_key + crypto_pwhash_scryptsalsa208sha256_SALTBYTES, key, crypto_box_KEYBYTES); | 123 | memcpy(out_key + crypto_pwhash_scryptsalsa208sha256_SALTBYTES, key, crypto_box_KEYBYTES); |
136 | return 0; | 124 | SET_ERROR_PARAMETER(error, TOX_ERR_KEY_DERIVATION_OK); |
125 | return 1; | ||
137 | } | 126 | } |
138 | 127 | ||
139 | /* Encrypt arbitrary with a key produced by tox_derive_key_from_pass. The output | 128 | /* Encrypt arbitrary with a key produced by tox_derive_key_*. The output |
140 | * array must be at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. | 129 | * array must be at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. |
141 | * key must be TOX_PASS_KEY_LENGTH bytes. | 130 | * key must be TOX_PASS_KEY_LENGTH bytes. |
142 | * If you already have a symmetric key from somewhere besides this module, simply | 131 | * If you already have a symmetric key from somewhere besides this module, simply |
143 | * call encrypt_data_symmetric in toxcore/crypto_core directly. | 132 | * call encrypt_data_symmetric in toxcore/crypto_core directly. |
144 | * | 133 | * |
145 | * | 134 | * returns true on success |
146 | * returns 0 on success | ||
147 | * returns -1 on failure | ||
148 | */ | 135 | */ |
149 | int tox_pass_key_encrypt(const uint8_t *data, uint32_t data_len, const uint8_t *key, uint8_t *out) | 136 | bool tox_pass_key_encrypt(const uint8_t *data, size_t data_len, const uint8_t *key, uint8_t *out, TOX_ERR_ENCRYPTION *error) |
150 | { | 137 | { |
138 | if (data_len == 0 || !data || !key || !out) { | ||
139 | SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_NULL); | ||
140 | return 0; | ||
141 | } | ||
142 | |||
151 | /* the output data consists of, in order: | 143 | /* the output data consists of, in order: |
152 | * salt, nonce, mac, enc_data | 144 | * salt, nonce, mac, enc_data |
153 | * where the mac is automatically prepended by the encrypt() | 145 | * where the mac is automatically prepended by the encrypt() |
@@ -173,78 +165,58 @@ int tox_pass_key_encrypt(const uint8_t *data, uint32_t data_len, const uint8_t * | |||
173 | /* now encrypt */ | 165 | /* now encrypt */ |
174 | if (encrypt_data_symmetric(key, nonce, data, data_len, out) | 166 | if (encrypt_data_symmetric(key, nonce, data, data_len, out) |
175 | != data_len + crypto_box_MACBYTES) { | 167 | != data_len + crypto_box_MACBYTES) { |
176 | return -1; | 168 | SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_FAILED); |
169 | return 0; | ||
177 | } | 170 | } |
178 | 171 | ||
179 | return 0; | 172 | SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_OK); |
173 | return 1; | ||
180 | } | 174 | } |
181 | 175 | ||
182 | /* Encrypts the given data with the given passphrase. The output array must be | 176 | /* Encrypts the given data with the given passphrase. The output array must be |
183 | * at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. This delegates | 177 | * at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. This delegates |
184 | * to tox_derive_key_from_pass and tox_pass_key_encrypt. | 178 | * to tox_derive_key_from_pass and tox_pass_key_encrypt. |
185 | * | 179 | * |
186 | * returns 0 on success | 180 | * returns true on success |
187 | * returns -1 on failure | ||
188 | */ | 181 | */ |
189 | int tox_pass_encrypt(const uint8_t *data, uint32_t data_len, uint8_t *passphrase, uint32_t pplength, uint8_t *out) | 182 | bool tox_pass_encrypt(const uint8_t *data, size_t data_len, uint8_t *passphrase, size_t pplength, uint8_t *out, TOX_ERR_ENCRYPTION *error) |
190 | { | 183 | { |
191 | uint8_t key[TOX_PASS_KEY_LENGTH]; | 184 | uint8_t key[TOX_PASS_KEY_LENGTH]; |
185 | TOX_ERR_KEY_DERIVATION _error; | ||
186 | |||
187 | if (!tox_derive_key_from_pass(passphrase, pplength, key, &_error)) { | ||
188 | if (_error == TOX_ERR_KEY_DERIVATION_NULL) { | ||
189 | SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_NULL); | ||
190 | } else if (_error == TOX_ERR_KEY_DERIVATION_FAILED) { | ||
191 | SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_KEY_DERIVATION_FAILED); | ||
192 | } | ||
193 | return 0; | ||
194 | } | ||
192 | 195 | ||
193 | if (tox_derive_key_from_pass(passphrase, pplength, key) == -1) | 196 | return tox_pass_key_encrypt(data, data_len, key, out, error); |
194 | return -1; | ||
195 | |||
196 | return tox_pass_key_encrypt(data, data_len, key, out); | ||
197 | } | ||
198 | |||
199 | /* Save the messenger data encrypted with the given password. | ||
200 | * data must be at least tox_encrypted_size(). | ||
201 | * | ||
202 | * returns 0 on success | ||
203 | * returns -1 on failure | ||
204 | */ | ||
205 | int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint32_t pplength) | ||
206 | { | ||
207 | /* first get plain save data */ | ||
208 | uint32_t temp_size = tox_get_savedata_size(tox); | ||
209 | uint8_t temp_data[temp_size]; | ||
210 | tox_get_savedata(tox, temp_data); | ||
211 | |||
212 | /* now encrypt */ | ||
213 | return tox_pass_encrypt(temp_data, temp_size, passphrase, pplength, data); | ||
214 | } | ||
215 | |||
216 | /* Save the messenger data encrypted with the given key from tox_derive_key. | ||
217 | * data must be at least tox_encrypted_size(). | ||
218 | * | ||
219 | * returns 0 on success | ||
220 | * returns -1 on failure | ||
221 | */ | ||
222 | int tox_encrypted_key_save(const Tox *tox, uint8_t *data, uint8_t *key) | ||
223 | { | ||
224 | /* first get plain save data */ | ||
225 | uint32_t temp_size = tox_get_savedata_size(tox); | ||
226 | uint8_t temp_data[temp_size]; | ||
227 | tox_get_savedata(tox, temp_data); | ||
228 | |||
229 | /* encrypt */ | ||
230 | return tox_pass_key_encrypt(temp_data, temp_size, key, data); | ||
231 | } | 197 | } |
232 | 198 | ||
233 | /* This is the inverse of tox_pass_key_encrypt, also using only keys produced by | 199 | /* This is the inverse of tox_pass_key_encrypt, also using only keys produced by |
234 | * tox_derive_key_from_pass. | 200 | * tox_derive_key_from_pass. |
235 | * | 201 | * |
236 | * returns the length of the output data (== data_len - TOX_PASS_ENCRYPTION_EXTRA_LENGTH) on success | 202 | * the output data has size data_length - TOX_PASS_ENCRYPTION_EXTRA_LENGTH |
237 | * returns -1 on failure | 203 | * |
204 | * returns true on success | ||
238 | */ | 205 | */ |
239 | int tox_pass_key_decrypt(const uint8_t *data, uint32_t length, const uint8_t *key, uint8_t *out) | 206 | bool tox_pass_key_decrypt(const uint8_t *data, size_t length, const uint8_t *key, uint8_t *out, TOX_ERR_DECRYPTION *error) |
240 | { | 207 | { |
241 | if (length <= TOX_PASS_ENCRYPTION_EXTRA_LENGTH | 208 | if (length <= TOX_PASS_ENCRYPTION_EXTRA_LENGTH) { |
242 | || 0 != memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH)) | 209 | SET_ERROR_PARAMETER(error, TOX_ERR_DECRYPTION_INVALID_LENGTH); |
243 | return -1; | 210 | return 0; |
211 | } | ||
212 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) != 0) { | ||
213 | SET_ERROR_PARAMETER(error, TOX_ERR_DECRYPTION_BAD_FORMAT); | ||
214 | return 0; | ||
215 | } | ||
244 | 216 | ||
245 | data += TOX_ENC_SAVE_MAGIC_LENGTH; | 217 | data += TOX_ENC_SAVE_MAGIC_LENGTH; |
246 | 218 | ||
247 | uint32_t decrypt_length = length - TOX_PASS_ENCRYPTION_EXTRA_LENGTH; | 219 | size_t decrypt_length = length - TOX_PASS_ENCRYPTION_EXTRA_LENGTH; |
248 | //uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; | 220 | //uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; |
249 | uint8_t nonce[crypto_box_NONCEBYTES]; | 221 | uint8_t nonce[crypto_box_NONCEBYTES]; |
250 | 222 | ||
@@ -257,20 +229,29 @@ int tox_pass_key_decrypt(const uint8_t *data, uint32_t length, const uint8_t *ke | |||
257 | /* decrypt the data */ | 229 | /* decrypt the data */ |
258 | if (decrypt_data_symmetric(key, nonce, data, decrypt_length + crypto_box_MACBYTES, out) | 230 | if (decrypt_data_symmetric(key, nonce, data, decrypt_length + crypto_box_MACBYTES, out) |
259 | != decrypt_length) { | 231 | != decrypt_length) { |
260 | return -1; | 232 | SET_ERROR_PARAMETER(error, TOX_ERR_DECRYPTION_FAILED); |
233 | return 0; | ||
261 | } | 234 | } |
262 | 235 | ||
263 | return decrypt_length; | 236 | SET_ERROR_PARAMETER(error, TOX_ERR_DECRYPTION_OK); |
237 | return 1; | ||
264 | } | 238 | } |
265 | 239 | ||
266 | /* Decrypts the given data with the given passphrase. The output array must be | 240 | /* Decrypts the given data with the given passphrase. The output array must be |
267 | * at least data_len - TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. | 241 | * at least data_len - TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. This delegates |
242 | * to tox_pass_key_decrypt. | ||
243 | * | ||
244 | * the output data has size data_length - TOX_PASS_ENCRYPTION_EXTRA_LENGTH | ||
268 | * | 245 | * |
269 | * returns the length of the output data (== data_len - TOX_PASS_ENCRYPTION_EXTRA_LENGTH) on success | 246 | * returns true on success |
270 | * returns -1 on failure | ||
271 | */ | 247 | */ |
272 | int tox_pass_decrypt(const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength, uint8_t *out) | 248 | bool tox_pass_decrypt(const uint8_t *data, size_t length, uint8_t *passphrase, size_t pplength, uint8_t *out, TOX_ERR_DECRYPTION *error) |
273 | { | 249 | { |
250 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) != 0) { | ||
251 | SET_ERROR_PARAMETER(error, TOX_ERR_DECRYPTION_BAD_FORMAT); | ||
252 | return 0; | ||
253 | } | ||
254 | |||
274 | uint8_t passkey[crypto_hash_sha256_BYTES]; | 255 | uint8_t passkey[crypto_hash_sha256_BYTES]; |
275 | crypto_hash_sha256(passkey, passphrase, pplength); | 256 | crypto_hash_sha256(passkey, passphrase, pplength); |
276 | 257 | ||
@@ -286,60 +267,18 @@ int tox_pass_decrypt(const uint8_t *data, uint32_t length, uint8_t *passphrase, | |||
286 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ | 267 | crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ |
287 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { | 268 | crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE) != 0) { |
288 | /* out of memory most likely */ | 269 | /* out of memory most likely */ |
289 | return -1; | 270 | SET_ERROR_PARAMETER(error, TOX_ERR_DECRYPTION_KEY_DERIVATION_FAILED); |
271 | return 0; | ||
290 | } | 272 | } |
291 | 273 | ||
292 | sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ | 274 | sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ |
293 | 275 | ||
294 | return tox_pass_key_decrypt(data, length, key, out); | 276 | return tox_pass_key_decrypt(data, length, key, out, error); |
295 | } | ||
296 | |||
297 | /* Load the new messenger from encrypted data of size length. | ||
298 | * All other arguments are like toxcore/tox_new(). | ||
299 | * | ||
300 | * returns NULL on failure; see the documentation in toxcore/tox.h. | ||
301 | */ | ||
302 | Tox *tox_encrypted_new(const struct Tox_Options *options, const uint8_t *data, size_t length, uint8_t *passphrase, | ||
303 | size_t pplength, TOX_ERR_ENCRYPTED_NEW *error) | ||
304 | { | ||
305 | uint32_t decrypt_length = length - TOX_PASS_ENCRYPTION_EXTRA_LENGTH; | ||
306 | uint8_t temp_data[decrypt_length]; | ||
307 | |||
308 | if (tox_pass_decrypt(data, length, passphrase, pplength, temp_data) | ||
309 | != decrypt_length) { | ||
310 | SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTED_NEW_LOAD_DECRYPTION_FAILED); | ||
311 | return NULL; | ||
312 | } | ||
313 | |||
314 | return tox_new(options, temp_data, decrypt_length, error); | ||
315 | } | ||
316 | |||
317 | /* Load the messenger from encrypted data of size length, with key from tox_derive_key. | ||
318 | * All other arguments are like toxcore/tox_new(). | ||
319 | * | ||
320 | * returns NULL on failure; see the documentation in toxcore/tox.h. | ||
321 | */ | ||
322 | Tox *tox_encrypted_key_new(const struct Tox_Options *options, const uint8_t *data, size_t length, uint8_t *key, | ||
323 | TOX_ERR_ENCRYPTED_NEW *error) | ||
324 | { | ||
325 | uint32_t decrypt_length = length - TOX_PASS_ENCRYPTION_EXTRA_LENGTH; | ||
326 | uint8_t temp_data[decrypt_length]; | ||
327 | |||
328 | if (tox_pass_key_decrypt(data, length, key, temp_data) | ||
329 | != decrypt_length) { | ||
330 | SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTED_NEW_LOAD_DECRYPTION_FAILED); | ||
331 | return NULL; | ||
332 | } | ||
333 | |||
334 | return tox_new(options, temp_data, decrypt_length, error); | ||
335 | } | 277 | } |
336 | 278 | ||
337 | /* Determines whether or not the given data is encrypted (by checking the magic number) | 279 | /* Determines whether or not the given data is encrypted (by checking the magic number) |
338 | * | ||
339 | * returns 1 if it is encrypted | ||
340 | * returns 0 otherwise | ||
341 | */ | 280 | */ |
342 | int tox_is_data_encrypted(const uint8_t *data) | 281 | bool tox_is_data_encrypted(const uint8_t *data) |
343 | { | 282 | { |
344 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) | 283 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) |
345 | return 1; | 284 | return 1; |