summaryrefslogtreecommitdiff
path: root/core/net_crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'core/net_crypto.c')
-rw-r--r--core/net_crypto.c56
1 files changed, 30 insertions, 26 deletions
diff --git a/core/net_crypto.c b/core/net_crypto.c
index 83cb20a2..31fb24be 100644
--- a/core/net_crypto.c
+++ b/core/net_crypto.c
@@ -48,6 +48,12 @@ typedef struct {
48 48
49static Crypto_Connection crypto_connections[MAX_CRYPTO_CONNECTIONS]; 49static Crypto_Connection crypto_connections[MAX_CRYPTO_CONNECTIONS];
50 50
51#define CONN_NO_CONNECTION 0
52#define CONN_HANDSHAKE_SENT 1
53#define CONN_NOT_CONFIRMED 2
54#define CONN_ESTABLISHED 3
55#define CONN_TIMED_OUT 4
56
51#define MAX_INCOMING 64 57#define MAX_INCOMING 64
52 58
53/* keeps track of the connection numbers for friends request so we can check later if they were sent */ 59/* keeps track of the connection numbers for friends request so we can check later if they were sent */
@@ -75,10 +81,9 @@ int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
75 uint32_t i; 81 uint32_t i;
76 uint32_t check = 0; 82 uint32_t check = 0;
77 for(i = 0; i < crypto_box_BOXZEROBYTES; ++i) { 83 for(i = 0; i < crypto_box_BOXZEROBYTES; ++i) {
78 if (temp_encrypted[i] != 0) 84 check |= temp_encrypted[i] ^ 0;
79 check = 1;
80 } 85 }
81 if(check == 1) 86 if(check != 0)
82 return -1; 87 return -1;
83 88
84 /* unpad the encrypted message */ 89 /* unpad the encrypted message */
@@ -110,10 +115,9 @@ int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
110 uint32_t i; 115 uint32_t i;
111 uint32_t check = 0; 116 uint32_t check = 0;
112 for(i = 0; i < crypto_box_ZEROBYTES; ++i) { 117 for(i = 0; i < crypto_box_ZEROBYTES; ++i) {
113 if (temp_plain[i] != 0) 118 check |= temp_plain[i] ^ 0;
114 check = 1;
115 } 119 }
116 if(check == 1) 120 if(check != 0)
117 return -1; 121 return -1;
118 122
119 /* unpad the plain message */ 123 /* unpad the plain message */
@@ -149,7 +153,7 @@ int read_cryptpacket(int crypt_connection_id, uint8_t *data)
149{ 153{
150 if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) 154 if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS)
151 return 0; 155 return 0;
152 if (crypto_connections[crypt_connection_id].status != 3) 156 if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED)
153 return 0; 157 return 0;
154 uint8_t temp_data[MAX_DATA_SIZE]; 158 uint8_t temp_data[MAX_DATA_SIZE];
155 int length = read_packet(crypto_connections[crypt_connection_id].number, temp_data); 159 int length = read_packet(crypto_connections[crypt_connection_id].number, temp_data);
@@ -175,7 +179,7 @@ int write_cryptpacket(int crypt_connection_id, uint8_t *data, uint32_t length)
175 return 0; 179 return 0;
176 if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1) 180 if (length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES > MAX_DATA_SIZE - 1)
177 return 0; 181 return 0;
178 if (crypto_connections[crypt_connection_id].status != 3) 182 if (crypto_connections[crypt_connection_id].status != CONN_ESTABLISHED)
179 return 0; 183 return 0;
180 uint8_t temp_data[MAX_DATA_SIZE]; 184 uint8_t temp_data[MAX_DATA_SIZE];
181 int len = encrypt_data(crypto_connections[crypt_connection_id].peersessionpublic_key, 185 int len = encrypt_data(crypto_connections[crypt_connection_id].peersessionpublic_key,
@@ -295,7 +299,7 @@ int getcryptconnection_id(uint8_t *public_key)
295{ 299{
296 uint32_t i; 300 uint32_t i;
297 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { 301 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) {
298 if (crypto_connections[i].status > 0) 302 if (crypto_connections[i].status != CONN_NO_CONNECTION)
299 if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) 303 if (memcmp(public_key, crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0)
300 return i; 304 return i;
301 } 305 }
@@ -315,12 +319,12 @@ int crypto_connect(uint8_t *public_key, IP_Port ip_port)
315 return -1; 319 return -1;
316 } 320 }
317 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { 321 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) {
318 if (crypto_connections[i].status == 0) { 322 if (crypto_connections[i].status == CONN_NO_CONNECTION) {
319 int id = new_connection(ip_port); 323 int id = new_connection(ip_port);
320 if (id == -1) 324 if (id == -1)
321 return -1; 325 return -1;
322 crypto_connections[i].number = id; 326 crypto_connections[i].number = id;
323 crypto_connections[i].status = 1; 327 crypto_connections[i].status = CONN_HANDSHAKE_SENT;
324 random_nonce(crypto_connections[i].recv_nonce); 328 random_nonce(crypto_connections[i].recv_nonce);
325 memcpy(crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); 329 memcpy(crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES);
326 crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key); 330 crypto_box_keypair(crypto_connections[i].sessionpublic_key, crypto_connections[i].sessionsecret_key);
@@ -374,8 +378,8 @@ int crypto_kill(int crypt_connection_id)
374{ 378{
375 if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS) 379 if (crypt_connection_id < 0 || crypt_connection_id >= MAX_CRYPTO_CONNECTIONS)
376 return 1; 380 return 1;
377 if (crypto_connections[crypt_connection_id].status != 0) { 381 if (crypto_connections[crypt_connection_id].status != CONN_NO_CONNECTION) {
378 crypto_connections[crypt_connection_id].status = 0; 382 crypto_connections[crypt_connection_id].status = CONN_NO_CONNECTION;
379 kill_connection(crypto_connections[crypt_connection_id].number); 383 kill_connection(crypto_connections[crypt_connection_id].number);
380 memset(&crypto_connections[crypt_connection_id], 0 ,sizeof(Crypto_Connection)); 384 memset(&crypto_connections[crypt_connection_id], 0 ,sizeof(Crypto_Connection));
381 crypto_connections[crypt_connection_id].number = ~0; 385 crypto_connections[crypt_connection_id].number = ~0;
@@ -398,9 +402,9 @@ int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secre
398 return -1; 402 return -1;
399 }*/ 403 }*/
400 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { 404 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) {
401 if(crypto_connections[i].status == 0) { 405 if(crypto_connections[i].status == CONN_NO_CONNECTION) {
402 crypto_connections[i].number = connection_id; 406 crypto_connections[i].number = connection_id;
403 crypto_connections[i].status = 2; 407 crypto_connections[i].status = CONN_NOT_CONFIRMED;
404 random_nonce(crypto_connections[i].recv_nonce); 408 random_nonce(crypto_connections[i].recv_nonce);
405 memcpy(crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); 409 memcpy(crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES);
406 memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); 410 memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES);
@@ -413,9 +417,9 @@ int accept_crypto_inbound(int connection_id, uint8_t *public_key, uint8_t *secre
413 crypto_connections[i].sessionpublic_key) == 1) { 417 crypto_connections[i].sessionpublic_key) == 1) {
414 increment_nonce(crypto_connections[i].recv_nonce); 418 increment_nonce(crypto_connections[i].recv_nonce);
415 uint32_t zero = 0; 419 uint32_t zero = 0;
416 crypto_connections[i].status = 3; /* connection status needs to be 3 for write_cryptpacket() to work */ 420 crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */
417 write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); 421 write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero));
418 crypto_connections[i].status = 2; /* set it to its proper value right after. */ 422 crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */
419 return i; 423 return i;
420 } 424 }
421 return -1; /* this should never happen. */ 425 return -1; /* this should never happen. */
@@ -431,7 +435,7 @@ int is_cryptoconnected(int crypt_connection_id)
431{ 435{
432 if (crypt_connection_id >= 0 && crypt_connection_id < MAX_CRYPTO_CONNECTIONS) 436 if (crypt_connection_id >= 0 && crypt_connection_id < MAX_CRYPTO_CONNECTIONS)
433 return crypto_connections[crypt_connection_id].status; 437 return crypto_connections[crypt_connection_id].status;
434 return 0; 438 return CONN_NO_CONNECTION;
435} 439}
436 440
437/* Generate our public and private keys 441/* Generate our public and private keys
@@ -490,7 +494,7 @@ static void receive_crypto()
490{ 494{
491 uint32_t i; 495 uint32_t i;
492 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { 496 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) {
493 if (crypto_connections[i].status == 1) { 497 if (crypto_connections[i].status == CONN_HANDSHAKE_SENT) {
494 uint8_t temp_data[MAX_DATA_SIZE]; 498 uint8_t temp_data[MAX_DATA_SIZE];
495 uint8_t secret_nonce[crypto_box_NONCEBYTES]; 499 uint8_t secret_nonce[crypto_box_NONCEBYTES];
496 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 500 uint8_t public_key[crypto_box_PUBLICKEYBYTES];
@@ -507,17 +511,17 @@ static void receive_crypto()
507 memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); 511 memcpy(crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES);
508 increment_nonce(crypto_connections[i].sent_nonce); 512 increment_nonce(crypto_connections[i].sent_nonce);
509 uint32_t zero = 0; 513 uint32_t zero = 0;
510 crypto_connections[i].status = 3; /* connection status needs to be 3 for write_cryptpacket() to work */ 514 crypto_connections[i].status = CONN_ESTABLISHED; /* connection status needs to be 3 for write_cryptpacket() to work */
511 write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero)); 515 write_cryptpacket(i, ((uint8_t *)&zero), sizeof(zero));
512 crypto_connections[i].status = 2; /* set it to its proper value right after. */ 516 crypto_connections[i].status = CONN_NOT_CONFIRMED; /* set it to its proper value right after. */
513 } 517 }
514 } 518 }
515 } else if (id_packet(crypto_connections[i].number) != -1) // This should not happen kill the connection if it does 519 } else if (id_packet(crypto_connections[i].number) != -1) // This should not happen kill the connection if it does
516 crypto_kill(crypto_connections[i].number); 520 crypto_kill(crypto_connections[i].number);
517 521
518 } 522 }
519 if (crypto_connections[i].status == 2) { 523 if (crypto_connections[i].status == CONN_NOT_CONFIRMED) {
520 if (id_packet(crypto_connections[i].number) == 3) { 524 if (id_packet(crypto_connections[i].number) == CONN_ESTABLISHED) {
521 uint8_t temp_data[MAX_DATA_SIZE]; 525 uint8_t temp_data[MAX_DATA_SIZE];
522 uint8_t data[MAX_DATA_SIZE]; 526 uint8_t data[MAX_DATA_SIZE];
523 int length = read_packet(crypto_connections[i].number, temp_data); 527 int length = read_packet(crypto_connections[i].number, temp_data);
@@ -527,7 +531,7 @@ static void receive_crypto()
527 uint32_t zero = 0; 531 uint32_t zero = 0;
528 if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) { 532 if (len == sizeof(uint32_t) && memcmp(((uint8_t *)&zero), data, sizeof(uint32_t)) == 0) {
529 increment_nonce(crypto_connections[i].recv_nonce); 533 increment_nonce(crypto_connections[i].recv_nonce);
530 crypto_connections[i].status = 3; 534 crypto_connections[i].status = CONN_ESTABLISHED;
531 535
532 /* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */ 536 /* connection is accepted so we disable the auto kill by setting it to about 1 month from now. */
533 kill_connection_in(crypto_connections[i].number, 3000000); 537 kill_connection_in(crypto_connections[i].number, 3000000);
@@ -556,8 +560,8 @@ static void killTimedout()
556{ 560{
557 uint32_t i; 561 uint32_t i;
558 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) { 562 for (i = 0; i < MAX_CRYPTO_CONNECTIONS; ++i) {
559 if (crypto_connections[i].status != 0 && is_connected(crypto_connections[i].number) == 4) 563 if (crypto_connections[i].status != CONN_NO_CONNECTION && is_connected(crypto_connections[i].number) == 4)
560 crypto_connections[i].status = 4; 564 crypto_connections[i].status = CONN_TIMED_OUT;
561 else if (is_connected(crypto_connections[i].number) == 4) { 565 else if (is_connected(crypto_connections[i].number) == 4) {
562 kill_connection(crypto_connections[i].number); 566 kill_connection(crypto_connections[i].number);
563 crypto_connections[i].number = ~0; 567 crypto_connections[i].number = ~0;
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-02 09:59:36 +0000