diff options
author | Dubslow <bunslow@gmail.com> | 2014-09-11 19:29:18 -0500 |
---|---|---|
committer | Dubslow <bunslow@gmail.com> | 2014-09-11 19:29:18 -0500 |
commit | 61bfa596b67225282c0496a55cf3cd831d8321ec (patch) | |
tree | 11586d07cae28bd07a0e1b1cd2edb7ce8d33a7bd /toxencryptsave | |
parent | 74434c7798e0a8fc581ad15984e8b3f0abf3fa9d (diff) |
Add magic number, auto tests still required
Diffstat (limited to 'toxencryptsave')
-rw-r--r-- | toxencryptsave/toxencryptsave.c | 53 | ||||
-rw-r--r-- | toxencryptsave/toxencryptsave.h | 7 |
2 files changed, 44 insertions, 16 deletions
diff --git a/toxencryptsave/toxencryptsave.c b/toxencryptsave/toxencryptsave.c index 1f5aae35..390a5e5d 100644 --- a/toxencryptsave/toxencryptsave.c +++ b/toxencryptsave/toxencryptsave.c | |||
@@ -43,7 +43,7 @@ | |||
43 | uint32_t tox_encrypted_size(const Tox *tox) | 43 | uint32_t tox_encrypted_size(const Tox *tox) |
44 | { | 44 | { |
45 | return tox_size(tox) + crypto_box_MACBYTES + crypto_box_NONCEBYTES | 45 | return tox_size(tox) + crypto_box_MACBYTES + crypto_box_NONCEBYTES |
46 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | 46 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH; |
47 | } | 47 | } |
48 | 48 | ||
49 | /* Save the messenger data encrypted with the given password. | 49 | /* Save the messenger data encrypted with the given password. |
@@ -79,27 +79,30 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
79 | uint8_t temp_data[temp_size]; | 79 | uint8_t temp_data[temp_size]; |
80 | tox_save(tox, temp_data); | 80 | tox_save(tox, temp_data); |
81 | 81 | ||
82 | /* now encrypt. | 82 | /* the output data consists of, in order: |
83 | * the output data consists of, in order: | 83 | * magic number, salt, nonce, mac, enc_data |
84 | * salt, nonce, mac, enc_data | ||
85 | * where the mac is automatically prepended by the encrypt() | 84 | * where the mac is automatically prepended by the encrypt() |
86 | * the salt+nonce is called the prefix | 85 | * the magic+salt+nonce is called the prefix |
87 | * I'm not sure what else I'm supposed to do with the salt and nonce, since we | 86 | * I'm not sure what else I'm supposed to do with the salt and nonce, since we |
88 | * need them to decrypt the data | 87 | * need them to decrypt the data |
89 | */ | 88 | */ |
90 | uint32_t prefix_size = crypto_box_NONCEBYTES+crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | ||
91 | 89 | ||
90 | /* first add the prefix */ | ||
92 | uint8_t nonce[crypto_box_NONCEBYTES]; | 91 | uint8_t nonce[crypto_box_NONCEBYTES]; |
93 | random_nonce(nonce); | 92 | random_nonce(nonce); |
94 | 93 | ||
95 | if (encrypt_data_symmetric(key, nonce, temp_data, temp_size, data + prefix_size) | 94 | memcpy(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH); |
95 | data += TOX_ENC_SAVE_MAGIC_LENGTH; | ||
96 | memcpy(data, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | ||
97 | data += crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | ||
98 | memcpy(data, nonce, crypto_box_NONCEBYTES); | ||
99 | data += crypto_box_NONCEBYTES; | ||
100 | |||
101 | /* now encrypt */ | ||
102 | if (encrypt_data_symmetric(key, nonce, temp_data, temp_size, data) | ||
96 | != temp_size + crypto_box_MACBYTES) { | 103 | != temp_size + crypto_box_MACBYTES) { |
97 | return -1; | 104 | return -1; |
98 | } | 105 | } |
99 | |||
100 | /* add the prefix */ | ||
101 | memcpy(data, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | ||
102 | memcpy(data + crypto_pwhash_scryptsalsa208sha256_SALTBYTES, nonce, crypto_box_NONCEBYTES); | ||
103 | 106 | ||
104 | return 0; | 107 | return 0; |
105 | } | 108 | } |
@@ -111,16 +114,22 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
111 | */ | 114 | */ |
112 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength) | 115 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength) |
113 | { | 116 | { |
114 | if (length <= crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES) | 117 | if (length <= crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) |
118 | return -1; | ||
119 | |||
120 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) != 0) | ||
115 | return -1; | 121 | return -1; |
122 | data += TOX_ENC_SAVE_MAGIC_LENGTH; | ||
116 | 123 | ||
117 | uint32_t decrypt_length = length - crypto_box_MACBYTES - crypto_box_NONCEBYTES | 124 | uint32_t decrypt_length = length - crypto_box_MACBYTES - crypto_box_NONCEBYTES |
118 | - crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | 125 | - crypto_pwhash_scryptsalsa208sha256_SALTBYTES - TOX_ENC_SAVE_MAGIC_LENGTH; |
119 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; | 126 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; |
120 | uint8_t nonce[crypto_box_NONCEBYTES]; | 127 | uint8_t nonce[crypto_box_NONCEBYTES]; |
121 | 128 | ||
122 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | 129 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); |
123 | memcpy(nonce, data + crypto_pwhash_scryptsalsa208sha256_SALTBYTES, crypto_box_NONCEBYTES); | 130 | data += crypto_pwhash_scryptsalsa208sha256_SALTBYTES; |
131 | memcpy(nonce, data, crypto_box_NONCEBYTES); | ||
132 | data += crypto_box_NONCEBYTES; | ||
124 | 133 | ||
125 | /* derive the key */ | 134 | /* derive the key */ |
126 | uint8_t key[crypto_box_KEYBYTES]; | 135 | uint8_t key[crypto_box_KEYBYTES]; |
@@ -135,11 +144,23 @@ int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t * | |||
135 | 144 | ||
136 | /* decrypt the data */ | 145 | /* decrypt the data */ |
137 | uint8_t temp_data[decrypt_length]; | 146 | uint8_t temp_data[decrypt_length]; |
138 | if (decrypt_data_symmetric(key, nonce, data+crypto_pwhash_scryptsalsa208sha256_SALTBYTES+crypto_box_NONCEBYTES, | 147 | if (decrypt_data_symmetric(key, nonce, data, decrypt_length + crypto_box_MACBYTES, temp_data) |
139 | decrypt_length + crypto_box_MACBYTES, temp_data) | ||
140 | != decrypt_length) { | 148 | != decrypt_length) { |
141 | return -1; | 149 | return -1; |
142 | } | 150 | } |
143 | 151 | ||
144 | return tox_load(tox, temp_data, decrypt_length); | 152 | return tox_load(tox, temp_data, decrypt_length); |
145 | } | 153 | } |
154 | |||
155 | /* Determines whether or not the given data is encrypted (by checking the magic number) | ||
156 | * | ||
157 | * returns 1 if it is encrypted | ||
158 | * returns 0 otherwise | ||
159 | */ | ||
160 | int tox_is_data_encrypted(const uint8_t *data) | ||
161 | { | ||
162 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) | ||
163 | return 1; | ||
164 | else | ||
165 | return 0; | ||
166 | } | ||
diff --git a/toxencryptsave/toxencryptsave.h b/toxencryptsave/toxencryptsave.h index c32716f8..64617b27 100644 --- a/toxencryptsave/toxencryptsave.h +++ b/toxencryptsave/toxencryptsave.h | |||
@@ -54,6 +54,13 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
54 | */ | 54 | */ |
55 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength); | 55 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength); |
56 | 56 | ||
57 | /* Determines whether or not the given data is encrypted (by checking the magic number) | ||
58 | * | ||
59 | * returns 1 if it is encrypted | ||
60 | * returns 0 otherwise | ||
61 | */ | ||
62 | int tox_is_data_encrypted(const uint8_t *data); | ||
63 | |||
57 | #ifdef __cplusplus | 64 | #ifdef __cplusplus |
58 | } | 65 | } |
59 | #endif | 66 | #endif |