diff options
| author | Dubslow <bunslow@gmail.com> | 2014-09-11 19:29:18 -0500 |
|---|---|---|
| committer | Dubslow <bunslow@gmail.com> | 2014-09-11 19:29:18 -0500 |
| commit | 61bfa596b67225282c0496a55cf3cd831d8321ec (patch) | |
| tree | 11586d07cae28bd07a0e1b1cd2edb7ce8d33a7bd /toxencryptsave | |
| parent | 74434c7798e0a8fc581ad15984e8b3f0abf3fa9d (diff) | |
Add magic number, auto tests still required
Diffstat (limited to 'toxencryptsave')
| -rw-r--r-- | toxencryptsave/toxencryptsave.c | 53 | ||||
| -rw-r--r-- | toxencryptsave/toxencryptsave.h | 7 |
2 files changed, 44 insertions, 16 deletions
diff --git a/toxencryptsave/toxencryptsave.c b/toxencryptsave/toxencryptsave.c index 1f5aae35..390a5e5d 100644 --- a/toxencryptsave/toxencryptsave.c +++ b/toxencryptsave/toxencryptsave.c | |||
| @@ -43,7 +43,7 @@ | |||
| 43 | uint32_t tox_encrypted_size(const Tox *tox) | 43 | uint32_t tox_encrypted_size(const Tox *tox) |
| 44 | { | 44 | { |
| 45 | return tox_size(tox) + crypto_box_MACBYTES + crypto_box_NONCEBYTES | 45 | return tox_size(tox) + crypto_box_MACBYTES + crypto_box_NONCEBYTES |
| 46 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | 46 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH; |
| 47 | } | 47 | } |
| 48 | 48 | ||
| 49 | /* Save the messenger data encrypted with the given password. | 49 | /* Save the messenger data encrypted with the given password. |
| @@ -79,27 +79,30 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
| 79 | uint8_t temp_data[temp_size]; | 79 | uint8_t temp_data[temp_size]; |
| 80 | tox_save(tox, temp_data); | 80 | tox_save(tox, temp_data); |
| 81 | 81 | ||
| 82 | /* now encrypt. | 82 | /* the output data consists of, in order: |
| 83 | * the output data consists of, in order: | 83 | * magic number, salt, nonce, mac, enc_data |
| 84 | * salt, nonce, mac, enc_data | ||
| 85 | * where the mac is automatically prepended by the encrypt() | 84 | * where the mac is automatically prepended by the encrypt() |
| 86 | * the salt+nonce is called the prefix | 85 | * the magic+salt+nonce is called the prefix |
| 87 | * I'm not sure what else I'm supposed to do with the salt and nonce, since we | 86 | * I'm not sure what else I'm supposed to do with the salt and nonce, since we |
| 88 | * need them to decrypt the data | 87 | * need them to decrypt the data |
| 89 | */ | 88 | */ |
| 90 | uint32_t prefix_size = crypto_box_NONCEBYTES+crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | ||
| 91 | 89 | ||
| 90 | /* first add the prefix */ | ||
| 92 | uint8_t nonce[crypto_box_NONCEBYTES]; | 91 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 93 | random_nonce(nonce); | 92 | random_nonce(nonce); |
| 94 | 93 | ||
| 95 | if (encrypt_data_symmetric(key, nonce, temp_data, temp_size, data + prefix_size) | 94 | memcpy(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH); |
| 95 | data += TOX_ENC_SAVE_MAGIC_LENGTH; | ||
| 96 | memcpy(data, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | ||
| 97 | data += crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | ||
| 98 | memcpy(data, nonce, crypto_box_NONCEBYTES); | ||
| 99 | data += crypto_box_NONCEBYTES; | ||
| 100 | |||
| 101 | /* now encrypt */ | ||
| 102 | if (encrypt_data_symmetric(key, nonce, temp_data, temp_size, data) | ||
| 96 | != temp_size + crypto_box_MACBYTES) { | 103 | != temp_size + crypto_box_MACBYTES) { |
| 97 | return -1; | 104 | return -1; |
| 98 | } | 105 | } |
| 99 | |||
| 100 | /* add the prefix */ | ||
| 101 | memcpy(data, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | ||
| 102 | memcpy(data + crypto_pwhash_scryptsalsa208sha256_SALTBYTES, nonce, crypto_box_NONCEBYTES); | ||
| 103 | 106 | ||
| 104 | return 0; | 107 | return 0; |
| 105 | } | 108 | } |
| @@ -111,16 +114,22 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
| 111 | */ | 114 | */ |
| 112 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength) | 115 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength) |
| 113 | { | 116 | { |
| 114 | if (length <= crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES) | 117 | if (length <= crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) |
| 118 | return -1; | ||
| 119 | |||
| 120 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) != 0) | ||
| 115 | return -1; | 121 | return -1; |
| 122 | data += TOX_ENC_SAVE_MAGIC_LENGTH; | ||
| 116 | 123 | ||
| 117 | uint32_t decrypt_length = length - crypto_box_MACBYTES - crypto_box_NONCEBYTES | 124 | uint32_t decrypt_length = length - crypto_box_MACBYTES - crypto_box_NONCEBYTES |
| 118 | - crypto_pwhash_scryptsalsa208sha256_SALTBYTES; | 125 | - crypto_pwhash_scryptsalsa208sha256_SALTBYTES - TOX_ENC_SAVE_MAGIC_LENGTH; |
| 119 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; | 126 | uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; |
| 120 | uint8_t nonce[crypto_box_NONCEBYTES]; | 127 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 121 | 128 | ||
| 122 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); | 129 | memcpy(salt, data, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); |
| 123 | memcpy(nonce, data + crypto_pwhash_scryptsalsa208sha256_SALTBYTES, crypto_box_NONCEBYTES); | 130 | data += crypto_pwhash_scryptsalsa208sha256_SALTBYTES; |
| 131 | memcpy(nonce, data, crypto_box_NONCEBYTES); | ||
| 132 | data += crypto_box_NONCEBYTES; | ||
| 124 | 133 | ||
| 125 | /* derive the key */ | 134 | /* derive the key */ |
| 126 | uint8_t key[crypto_box_KEYBYTES]; | 135 | uint8_t key[crypto_box_KEYBYTES]; |
| @@ -135,11 +144,23 @@ int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t * | |||
| 135 | 144 | ||
| 136 | /* decrypt the data */ | 145 | /* decrypt the data */ |
| 137 | uint8_t temp_data[decrypt_length]; | 146 | uint8_t temp_data[decrypt_length]; |
| 138 | if (decrypt_data_symmetric(key, nonce, data+crypto_pwhash_scryptsalsa208sha256_SALTBYTES+crypto_box_NONCEBYTES, | 147 | if (decrypt_data_symmetric(key, nonce, data, decrypt_length + crypto_box_MACBYTES, temp_data) |
| 139 | decrypt_length + crypto_box_MACBYTES, temp_data) | ||
| 140 | != decrypt_length) { | 148 | != decrypt_length) { |
| 141 | return -1; | 149 | return -1; |
| 142 | } | 150 | } |
| 143 | 151 | ||
| 144 | return tox_load(tox, temp_data, decrypt_length); | 152 | return tox_load(tox, temp_data, decrypt_length); |
| 145 | } | 153 | } |
| 154 | |||
| 155 | /* Determines whether or not the given data is encrypted (by checking the magic number) | ||
| 156 | * | ||
| 157 | * returns 1 if it is encrypted | ||
| 158 | * returns 0 otherwise | ||
| 159 | */ | ||
| 160 | int tox_is_data_encrypted(const uint8_t *data) | ||
| 161 | { | ||
| 162 | if (memcmp(data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) | ||
| 163 | return 1; | ||
| 164 | else | ||
| 165 | return 0; | ||
| 166 | } | ||
diff --git a/toxencryptsave/toxencryptsave.h b/toxencryptsave/toxencryptsave.h index c32716f8..64617b27 100644 --- a/toxencryptsave/toxencryptsave.h +++ b/toxencryptsave/toxencryptsave.h | |||
| @@ -54,6 +54,13 @@ int tox_encrypted_save(const Tox *tox, uint8_t *data, uint8_t *passphrase, uint3 | |||
| 54 | */ | 54 | */ |
| 55 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength); | 55 | int tox_encrypted_load(Tox *tox, const uint8_t *data, uint32_t length, uint8_t *passphrase, uint32_t pplength); |
| 56 | 56 | ||
| 57 | /* Determines whether or not the given data is encrypted (by checking the magic number) | ||
| 58 | * | ||
| 59 | * returns 1 if it is encrypted | ||
| 60 | * returns 0 otherwise | ||
| 61 | */ | ||
| 62 | int tox_is_data_encrypted(const uint8_t *data); | ||
| 63 | |||
| 57 | #ifdef __cplusplus | 64 | #ifdef __cplusplus |
| 58 | } | 65 | } |
| 59 | #endif | 66 | #endif |