diff options
author | irungentoo <irungentoo@gmail.com> | 2014-10-10 22:07:43 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2014-10-10 22:07:43 -0400 |
commit | 3f855b2445970fb32f06f4e8f5d07c89d617024f (patch) | |
tree | 33fb187e809166ee24853573631daa70f3c9b323 /toxencryptsave/toxencryptsave.h | |
parent | d80ee91ae77d0b852c685604b71774b6ee88cc2d (diff) | |
parent | 54fdf3bdd653ebf6e55d2cb93fcae41e68436e11 (diff) |
Merge branch 'master' of https://github.com/dubslow/toxcore
Diffstat (limited to 'toxencryptsave/toxencryptsave.h')
-rw-r--r-- | toxencryptsave/toxencryptsave.h | 53 |
1 files changed, 52 insertions, 1 deletions
diff --git a/toxencryptsave/toxencryptsave.h b/toxencryptsave/toxencryptsave.h index 75094a2b..527578a5 100644 --- a/toxencryptsave/toxencryptsave.h +++ b/toxencryptsave/toxencryptsave.h | |||
@@ -35,6 +35,10 @@ extern "C" { | |||
35 | typedef struct Tox Tox; | 35 | typedef struct Tox Tox; |
36 | #endif | 36 | #endif |
37 | 37 | ||
38 | #define TOX_PASS_ENCRYPTION_EXTRA_LENGTH (crypto_box_MACBYTES + crypto_box_NONCEBYTES \ | ||
39 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES) | ||
40 | |||
41 | #define TOX_PASS_KEY_LENGTH (crypto_box_KEYBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES) | ||
38 | 42 | ||
39 | /* This "module" provides functions analogous to tox_load and tox_save in toxcore | 43 | /* This "module" provides functions analogous to tox_load and tox_save in toxcore |
40 | * Clients should consider alerting their users that, unlike plain data, if even one bit | 44 | * Clients should consider alerting their users that, unlike plain data, if even one bit |
@@ -45,6 +49,43 @@ typedef struct Tox Tox; | |||
45 | /* return size of the messenger data (for encrypted saving). */ | 49 | /* return size of the messenger data (for encrypted saving). */ |
46 | uint32_t tox_encrypted_size(const Tox *tox); | 50 | uint32_t tox_encrypted_size(const Tox *tox); |
47 | 51 | ||
52 | /* Generates a secret symmetric key from the given passphrase. out_key must be at least | ||
53 | * TOX_PASS_KEY_LENGTH bytes long. | ||
54 | * Be sure to not compromise the key! Only keep it in memory, do not write to disk. | ||
55 | * This function is fairly cheap, but irungentoo insists that you be allowed to | ||
56 | * cache the result if you want, to minimize computation for repeated encryptions. | ||
57 | * The password is zeroed after key derivation. | ||
58 | * The key should only be used with the other functions in this module, as it | ||
59 | * includes a salt. | ||
60 | * | ||
61 | * returns 0 on success | ||
62 | * returns -1 on failure | ||
63 | */ | ||
64 | int tox_derive_key_from_pass(uint8_t *passphrase, uint32_t pplength, uint8_t *out_key); | ||
65 | |||
66 | /* Encrypt arbitrary with a key produced by tox_derive_key_from_pass. The output | ||
67 | * array must be at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. | ||
68 | * key must be TOX_PASS_KEY_LENGTH bytes. | ||
69 | * If you already have a symmetric key from somewhere besides this module, simply | ||
70 | * call encrypt_data_symmetric in toxcore/crypto_core directly. | ||
71 | * | ||
72 | * | ||
73 | * returns 0 on success | ||
74 | * returns -1 on failure | ||
75 | */ | ||
76 | int tox_pass_key_encrypt(uint8_t *data, uint32_t data_len, const uint8_t *key, uint8_t *out); | ||
77 | |||
78 | /* Encrypts the given data with the given passphrase. The output array must be | ||
79 | * at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. This delegates | ||
80 | * to tox_derive_key_from_pass and tox_pass_key_encrypt. | ||
81 | * | ||
82 | * tox_encrypted_save() is a good example of how to use this function. | ||
83 | * | ||
84 | * returns 0 on success | ||
85 | * returns -1 on failure | ||
86 | */ | ||
87 | int tox_pass_encrypt(uint8_t *data, uint32_t data_len, uint8_t *passphrase, uint32_t pplength, uint8_t *out); | ||
88 | |||
48 | /* Save the messenger data encrypted with the given password. | 89 | /* Save the messenger data encrypted with the given password. |
49 | * data must be at least tox_encrypted_size(). | 90 | * data must be at least tox_encrypted_size(). |
50 | * | 91 | * |
@@ -53,6 +94,16 @@ uint32_t tox_encrypted_size(const Tox *tox); | |||
53 | */ | 94 | */ |
54 | int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint32_t pplength); | 95 | int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint32_t pplength); |
55 | 96 | ||
97 | /* Decrypts the given data with the given passphrase. The output array must be | ||
98 | * at least data_len - TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. | ||
99 | * | ||
100 | * tox_encrypted_load() is a good example of how to use this function. | ||
101 | * | ||
102 | * returns the length of the output data (== data_len - TOX_PASS_ENCRYPTION_EXTRA_LENGTH) on success | ||
103 | * returns -1 on failure | ||
104 | */ | ||
105 | int tox_pass_decrypt(const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength, uint8_t *out); | ||
106 | |||
56 | /* Load the messenger from encrypted data of size length. | 107 | /* Load the messenger from encrypted data of size length. |
57 | * | 108 | * |
58 | * returns 0 on success | 109 | * returns 0 on success |
@@ -65,7 +116,7 @@ int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t * | |||
65 | * returns 1 if it is encrypted | 116 | * returns 1 if it is encrypted |
66 | * returns 0 otherwise | 117 | * returns 0 otherwise |
67 | */ | 118 | */ |
68 | int tox_is_data_encrypted(const uint8_t *data); | 119 | int tox_is_save_encrypted(const uint8_t *data); |
69 | 120 | ||
70 | #ifdef __cplusplus | 121 | #ifdef __cplusplus |
71 | } | 122 | } |