diff options
Diffstat (limited to 'core/net_crypto.c')
-rw-r--r-- | core/net_crypto.c | 54 |
1 files changed, 36 insertions, 18 deletions
diff --git a/core/net_crypto.c b/core/net_crypto.c index 6c915f49..e3757ffb 100644 --- a/core/net_crypto.c +++ b/core/net_crypto.c | |||
@@ -212,7 +212,8 @@ int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uin | |||
212 | request_id is the id of the request (32 = friend request, 254 = ping request) | 212 | request_id is the id of the request (32 = friend request, 254 = ping request) |
213 | returns -1 on failure | 213 | returns -1 on failure |
214 | returns the length of the created packet on success */ | 214 | returns the length of the created packet on success */ |
215 | int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *packet, uint8_t *recv_public_key, uint8_t *data, uint32_t length, uint8_t request_id) | 215 | int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t *packet, uint8_t *recv_public_key, |
216 | uint8_t *data, uint32_t length, uint8_t request_id) | ||
216 | { | 217 | { |
217 | if (MAX_DATA_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING) | 218 | if (MAX_DATA_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING) |
218 | return -1; | 219 | return -1; |
@@ -240,7 +241,8 @@ int create_request(uint8_t *send_public_key, uint8_t *send_secret_key, uint8_t * | |||
240 | in data if a friend or ping request was sent to us and returns the length of the data. | 241 | in data if a friend or ping request was sent to us and returns the length of the data. |
241 | packet is the request packet and length is its length | 242 | packet is the request packet and length is its length |
242 | return -1 if not valid request. */ | 243 | return -1 if not valid request. */ |
243 | static int handle_request(Net_Crypto *c, uint8_t *public_key, uint8_t *data, uint8_t *request_id, uint8_t *packet, uint16_t length) | 244 | static int handle_request(Net_Crypto *c, uint8_t *public_key, uint8_t *data, uint8_t *request_id, uint8_t *packet, |
245 | uint16_t length) | ||
244 | { | 246 | { |
245 | 247 | ||
246 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && | 248 | if (length > crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING && |
@@ -274,6 +276,7 @@ void cryptopacket_registerhandler(Net_Crypto *c, uint8_t byte, cryptopacket_hand | |||
274 | static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, uint32_t length) | 276 | static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, uint32_t length) |
275 | { | 277 | { |
276 | DHT *dht = object; | 278 | DHT *dht = object; |
279 | |||
277 | if (packet[0] == 32) { | 280 | if (packet[0] == 32) { |
278 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING || | 281 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + ENCRYPTION_PADDING || |
279 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) | 282 | length > MAX_DATA_SIZE + ENCRYPTION_PADDING) |
@@ -290,7 +293,8 @@ static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, ui | |||
290 | 293 | ||
291 | if (!dht->c->cryptopackethandlers[number].function) return 1; | 294 | if (!dht->c->cryptopackethandlers[number].function) return 1; |
292 | 295 | ||
293 | dht->c->cryptopackethandlers[number].function(dht->c->cryptopackethandlers[number].object, source, public_key, data, len); | 296 | dht->c->cryptopackethandlers[number].function(dht->c->cryptopackethandlers[number].object, source, public_key, data, |
297 | len); | ||
294 | 298 | ||
295 | } else { /* if request is not for us, try routing it. */ | 299 | } else { /* if request is not for us, try routing it. */ |
296 | if (route_packet(dht, packet + 1, packet, length) == length) //NOTE | 300 | if (route_packet(dht, packet + 1, packet, length) == length) //NOTE |
@@ -304,7 +308,8 @@ static int cryptopacket_handle(void *object, IP_Port source, uint8_t *packet, ui | |||
304 | /* Send a crypto handshake packet containing an encrypted secret nonce and session public key | 308 | /* Send a crypto handshake packet containing an encrypted secret nonce and session public key |
305 | to peer with connection_id and public_key | 309 | to peer with connection_id and public_key |
306 | the packet is encrypted with a random nonce which is sent in plain text with the packet */ | 310 | the packet is encrypted with a random nonce which is sent in plain text with the packet */ |
307 | static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 311 | static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, |
312 | uint8_t *session_key) | ||
308 | { | 313 | { |
309 | uint8_t temp_data[MAX_DATA_SIZE]; | 314 | uint8_t temp_data[MAX_DATA_SIZE]; |
310 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; | 315 | uint8_t temp[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES]; |
@@ -323,7 +328,8 @@ static int send_cryptohandshake(Net_Crypto *c, int connection_id, uint8_t *publi | |||
323 | temp_data[0] = 2; | 328 | temp_data[0] = 2; |
324 | memcpy(temp_data + 1, c->self_public_key, crypto_box_PUBLICKEYBYTES); | 329 | memcpy(temp_data + 1, c->self_public_key, crypto_box_PUBLICKEYBYTES); |
325 | memcpy(temp_data + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); | 330 | memcpy(temp_data + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); |
326 | return write_packet(c->lossless_udp, connection_id, temp_data, len + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); | 331 | return write_packet(c->lossless_udp, connection_id, temp_data, |
332 | len + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); | ||
327 | } | 333 | } |
328 | 334 | ||
329 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length | 335 | /* Extract secret nonce, session public key and public_key from a packet(data) with length length |
@@ -431,7 +437,7 @@ int crypto_connect(Net_Crypto *c, uint8_t *public_key, IP_Port ip_port) | |||
431 | ++c->crypto_connections_length; | 437 | ++c->crypto_connections_length; |
432 | 438 | ||
433 | if (send_cryptohandshake(c, id, public_key, c->crypto_connections[i].recv_nonce, | 439 | if (send_cryptohandshake(c, id, public_key, c->crypto_connections[i].recv_nonce, |
434 | c->crypto_connections[i].sessionpublic_key) == 1) { | 440 | c->crypto_connections[i].sessionpublic_key) == 1) { |
435 | increment_nonce(c->crypto_connections[i].recv_nonce); | 441 | increment_nonce(c->crypto_connections[i].recv_nonce); |
436 | return i; | 442 | return i; |
437 | } | 443 | } |
@@ -456,7 +462,8 @@ int crypto_inbound(Net_Crypto *c, uint8_t *public_key, uint8_t *secret_nonce, ui | |||
456 | 462 | ||
457 | for (i = 0; i < MAX_INCOMING; ++i) { | 463 | for (i = 0; i < MAX_INCOMING; ++i) { |
458 | if (c->incoming_connections[i] != -1) { | 464 | if (c->incoming_connections[i] != -1) { |
459 | if (is_connected(c->lossless_udp, c->incoming_connections[i]) == 4 || is_connected(c->lossless_udp, c->incoming_connections[i]) == 0) { | 465 | if (is_connected(c->lossless_udp, c->incoming_connections[i]) == 4 |
466 | || is_connected(c->lossless_udp, c->incoming_connections[i]) == 0) { | ||
460 | kill_connection(c->lossless_udp, c->incoming_connections[i]); | 467 | kill_connection(c->lossless_udp, c->incoming_connections[i]); |
461 | c->incoming_connections[i] = -1; | 468 | c->incoming_connections[i] = -1; |
462 | continue; | 469 | continue; |
@@ -509,7 +516,8 @@ int crypto_kill(Net_Crypto *c, int crypt_connection_id) | |||
509 | /* accept an incoming connection using the parameters provided by crypto_inbound | 516 | /* accept an incoming connection using the parameters provided by crypto_inbound |
510 | return -1 if not successful | 517 | return -1 if not successful |
511 | returns the crypt_connection_id if successful */ | 518 | returns the crypt_connection_id if successful */ |
512 | int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, uint8_t *session_key) | 519 | int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, uint8_t *secret_nonce, |
520 | uint8_t *session_key) | ||
513 | { | 521 | { |
514 | uint32_t i; | 522 | uint32_t i; |
515 | 523 | ||
@@ -549,7 +557,8 @@ int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, | |||
549 | encrypt_precompute(c->crypto_connections[i].peersessionpublic_key, | 557 | encrypt_precompute(c->crypto_connections[i].peersessionpublic_key, |
550 | c->crypto_connections[i].sessionsecret_key, | 558 | c->crypto_connections[i].sessionsecret_key, |
551 | c->crypto_connections[i].shared_key); | 559 | c->crypto_connections[i].shared_key); |
552 | c->crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 560 | c->crypto_connections[i].status = |
561 | CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | ||
553 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); | 562 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); |
554 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ | 563 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ |
555 | return i; | 564 | return i; |
@@ -651,12 +660,14 @@ static void receive_crypto(Net_Crypto *c) | |||
651 | encrypt_precompute(c->crypto_connections[i].peersessionpublic_key, | 660 | encrypt_precompute(c->crypto_connections[i].peersessionpublic_key, |
652 | c->crypto_connections[i].sessionsecret_key, | 661 | c->crypto_connections[i].sessionsecret_key, |
653 | c->crypto_connections[i].shared_key); | 662 | c->crypto_connections[i].shared_key); |
654 | c->crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | 663 | c->crypto_connections[i].status = |
664 | CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */ | ||
655 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); | 665 | write_cryptpacket(c, i, ((uint8_t *)&zero), sizeof(zero)); |
656 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ | 666 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */ |
657 | } | 667 | } |
658 | } | 668 | } |
659 | } else if (id_packet(c->lossless_udp, c->crypto_connections[i].number) != -1) { // This should not happen kill the connection if it does | 669 | } else if (id_packet(c->lossless_udp, |
670 | c->crypto_connections[i].number) != -1) { // This should not happen kill the connection if it does | ||
660 | crypto_kill(c, i); | 671 | crypto_kill(c, i); |
661 | return; | 672 | return; |
662 | } | 673 | } |
@@ -697,16 +708,21 @@ static void receive_crypto(Net_Crypto *c) | |||
697 | 708 | ||
698 | /* run this to (re)initialize net_crypto | 709 | /* run this to (re)initialize net_crypto |
699 | sets all the global connection variables to their default values. */ | 710 | sets all the global connection variables to their default values. */ |
700 | Net_Crypto * new_net_crypto(Networking_Core * net) | 711 | Net_Crypto *new_net_crypto(Networking_Core *net) |
701 | { | 712 | { |
702 | if (net == NULL) | 713 | if (net == NULL) |
703 | return NULL; | 714 | return NULL; |
704 | Net_Crypto * temp = calloc(1, sizeof(Net_Crypto)); | 715 | |
716 | Net_Crypto *temp = calloc(1, sizeof(Net_Crypto)); | ||
717 | |||
705 | if (temp == NULL) | 718 | if (temp == NULL) |
706 | return NULL; | 719 | return NULL; |
720 | |||
707 | temp->lossless_udp = new_lossless_udp(net); | 721 | temp->lossless_udp = new_lossless_udp(net); |
722 | |||
708 | if (temp->lossless_udp == NULL) | 723 | if (temp->lossless_udp == NULL) |
709 | return NULL; | 724 | return NULL; |
725 | |||
710 | memset(temp->incoming_connections, -1 , sizeof(int) * MAX_INCOMING); | 726 | memset(temp->incoming_connections, -1 , sizeof(int) * MAX_INCOMING); |
711 | return temp; | 727 | return temp; |
712 | } | 728 | } |
@@ -722,7 +738,8 @@ static void kill_timedout(Net_Crypto *c) | |||
722 | uint32_t i; | 738 | uint32_t i; |
723 | 739 | ||
724 | for (i = 0; i < c->crypto_connections_length; ++i) { | 740 | for (i = 0; i < c->crypto_connections_length; ++i) { |
725 | if (c->crypto_connections[i].status != CONN_NO_CONNECTION && is_connected(c->lossless_udp, c->crypto_connections[i].number) == 4) | 741 | if (c->crypto_connections[i].status != CONN_NO_CONNECTION |
742 | && is_connected(c->lossless_udp, c->crypto_connections[i].number) == 4) | ||
726 | c->crypto_connections[i].status = CONN_TIMED_OUT; | 743 | c->crypto_connections[i].status = CONN_TIMED_OUT; |
727 | else if (is_connected(c->lossless_udp, c->crypto_connections[i].number) == 4) { | 744 | else if (is_connected(c->lossless_udp, c->crypto_connections[i].number) == 4) { |
728 | kill_connection(c->lossless_udp, c->crypto_connections[i].number); | 745 | kill_connection(c->lossless_udp, c->crypto_connections[i].number); |
@@ -745,9 +762,10 @@ void kill_net_crypto(Net_Crypto *c) | |||
745 | uint32_t i; | 762 | uint32_t i; |
746 | 763 | ||
747 | for (i = 0; i < c->crypto_connections_length; ++i) { | 764 | for (i = 0; i < c->crypto_connections_length; ++i) { |
748 | crypto_kill(c, i); | 765 | crypto_kill(c, i); |
749 | } | 766 | } |
767 | |||
750 | kill_lossless_udp(c->lossless_udp); | 768 | kill_lossless_udp(c->lossless_udp); |
751 | memset(c, 0, sizeof(Net_Crypto)); | 769 | memset(c, 0, sizeof(Net_Crypto)); |
752 | free(c); | 770 | free(c); |
753 | } | 771 | } |