summaryrefslogtreecommitdiff
path: root/toxcore/net_crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'toxcore/net_crypto.c')
-rw-r--r--toxcore/net_crypto.c77
1 files changed, 45 insertions, 32 deletions
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c
index 6b975fe2..35cf21cd 100644
--- a/toxcore/net_crypto.c
+++ b/toxcore/net_crypto.c
@@ -62,20 +62,20 @@ static int is_alive(uint8_t status)
62 62
63/* Create a cookie request packet and put it in packet. 63/* Create a cookie request packet and put it in packet.
64 * dht_public_key is the dht public key of the other 64 * dht_public_key is the dht public key of the other
65 * real_public_key is the real public key of the other.
66 * 65 *
67 * packet must be of size COOKIE_REQUEST_LENGTH or bigger. 66 * packet must be of size COOKIE_REQUEST_LENGTH or bigger.
68 * 67 *
69 * return -1 on failure. 68 * return -1 on failure.
70 * return COOKIE_REQUEST_LENGTH on success. 69 * return COOKIE_REQUEST_LENGTH on success.
71 */ 70 */
72static int create_cookie_request(Net_Crypto *c, uint8_t *packet, uint8_t *dht_public_key, uint8_t *real_public_key, 71static int create_cookie_request(Net_Crypto *c, uint8_t *packet, uint8_t *dht_public_key, uint64_t number,
73 uint64_t number, uint8_t *shared_key) 72 uint8_t *shared_key)
74{ 73{
75 uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH]; 74 uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH];
75 uint8_t padding[crypto_box_PUBLICKEYBYTES] = {0};
76 76
77 memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES); 77 memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES);
78 memcpy(plain + crypto_box_PUBLICKEYBYTES, real_public_key, crypto_box_PUBLICKEYBYTES); 78 memcpy(plain + crypto_box_PUBLICKEYBYTES, padding, crypto_box_PUBLICKEYBYTES);
79 memcpy(plain + (crypto_box_PUBLICKEYBYTES * 2), &number, sizeof(uint64_t)); 79 memcpy(plain + (crypto_box_PUBLICKEYBYTES * 2), &number, sizeof(uint64_t));
80 80
81 DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); 81 DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key);
@@ -146,11 +146,15 @@ static int open_cookie(uint8_t *bytes, uint8_t *cookie, uint8_t *encryption_key)
146 * return -1 on failure. 146 * return -1 on failure.
147 * return COOKIE_RESPONSE_LENGTH on success. 147 * return COOKIE_RESPONSE_LENGTH on success.
148 */ 148 */
149static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *request_plain, uint8_t *shared_key) 149static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *request_plain, uint8_t *shared_key,
150 uint8_t *dht_public_key)
150{ 151{
152 uint8_t cookie_plain[COOKIE_DATA_LENGTH];
153 memcpy(cookie_plain, request_plain, crypto_box_PUBLICKEYBYTES);
154 memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, dht_public_key, crypto_box_PUBLICKEYBYTES);
151 uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; 155 uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)];
152 156
153 if (create_cookie(plain, request_plain, c->secret_symmetric_key) != 0) 157 if (create_cookie(plain, cookie_plain, c->secret_symmetric_key) != 0)
154 return -1; 158 return -1;
155 159
156 memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t)); 160 memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t));
@@ -171,13 +175,14 @@ static int create_cookie_response(Net_Crypto *c, uint8_t *packet, uint8_t *reque
171 * return -1 on failure. 175 * return -1 on failure.
172 * return 0 on success. 176 * return 0 on success.
173 */ 177 */
174static int handle_cookie_request(Net_Crypto *c, uint8_t *request_plain, uint8_t *shared_key, uint8_t *packet, 178static int handle_cookie_request(Net_Crypto *c, uint8_t *request_plain, uint8_t *shared_key, uint8_t *dht_public_key,
175 uint16_t length) 179 uint8_t *packet, uint16_t length)
176{ 180{
177 if (length != COOKIE_REQUEST_LENGTH) 181 if (length != COOKIE_REQUEST_LENGTH)
178 return -1; 182 return -1;
179 183
180 DHT_get_shared_key_sent(c->dht, shared_key, packet + 1); 184 memcpy(dht_public_key, packet + 1, crypto_box_PUBLICKEYBYTES);
185 DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key);
181 int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES, 186 int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES,
182 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES, 187 packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES,
183 request_plain); 188 request_plain);
@@ -195,13 +200,14 @@ static int udp_handle_cookie_request(void *object, IP_Port source, uint8_t *pack
195 Net_Crypto *c = object; 200 Net_Crypto *c = object;
196 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; 201 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH];
197 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 202 uint8_t shared_key[crypto_box_BEFORENMBYTES];
203 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES];
198 204
199 if (handle_cookie_request(c, request_plain, shared_key, packet, length) != 0) 205 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0)
200 return 1; 206 return 1;
201 207
202 uint8_t data[COOKIE_RESPONSE_LENGTH]; 208 uint8_t data[COOKIE_RESPONSE_LENGTH];
203 209
204 if (create_cookie_response(c, data, request_plain, shared_key) != sizeof(data)) 210 if (create_cookie_response(c, data, request_plain, shared_key, dht_public_key) != sizeof(data))
205 return 1; 211 return 1;
206 212
207 if ((uint32_t)sendpacket(c->dht->net, source, data, sizeof(data)) != sizeof(data)) 213 if ((uint32_t)sendpacket(c->dht->net, source, data, sizeof(data)) != sizeof(data))
@@ -217,13 +223,14 @@ static int tcp_handle_cookie_request(Net_Crypto *c, TCP_Client_Connection *TCP_c
217{ 223{
218 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; 224 uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH];
219 uint8_t shared_key[crypto_box_BEFORENMBYTES]; 225 uint8_t shared_key[crypto_box_BEFORENMBYTES];
226 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES];
220 227
221 if (handle_cookie_request(c, request_plain, shared_key, packet, length) != 0) 228 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0)
222 return -1; 229 return -1;
223 230
224 uint8_t data[COOKIE_RESPONSE_LENGTH]; 231 uint8_t data[COOKIE_RESPONSE_LENGTH];
225 232
226 if (create_cookie_response(c, data, request_plain, shared_key) != sizeof(data)) 233 if (create_cookie_response(c, data, request_plain, shared_key, dht_public_key) != sizeof(data))
227 return -1; 234 return -1;
228 235
229 if ((uint32_t)send_data(TCP_con, conn_id, data, sizeof(data)) != 1) 236 if ((uint32_t)send_data(TCP_con, conn_id, data, sizeof(data)) != 1)
@@ -268,7 +275,7 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, uint8_t *pa
268 * return HANDSHAKE_PACKET_LENGTH on success. 275 * return HANDSHAKE_PACKET_LENGTH on success.
269 */ 276 */
270static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cookie, uint8_t *nonce, uint8_t *session_pk, 277static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cookie, uint8_t *nonce, uint8_t *session_pk,
271 uint8_t *peer_real_pk) 278 uint8_t *peer_real_pk, uint8_t *peer_dht_pubkey)
272{ 279{
273 uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH]; 280 uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH];
274 memcpy(plain, nonce, crypto_box_NONCEBYTES); 281 memcpy(plain, nonce, crypto_box_NONCEBYTES);
@@ -276,7 +283,7 @@ static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cook
276 crypto_hash_sha512(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, cookie, COOKIE_LENGTH); 283 crypto_hash_sha512(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, cookie, COOKIE_LENGTH);
277 uint8_t cookie_plain[COOKIE_DATA_LENGTH]; 284 uint8_t cookie_plain[COOKIE_DATA_LENGTH];
278 memcpy(cookie_plain, peer_real_pk, crypto_box_PUBLICKEYBYTES); 285 memcpy(cookie_plain, peer_real_pk, crypto_box_PUBLICKEYBYTES);
279 memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, c->self_public_key, crypto_box_PUBLICKEYBYTES); 286 memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, peer_dht_pubkey, crypto_box_PUBLICKEYBYTES);
280 287
281 if (create_cookie(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, cookie_plain, 288 if (create_cookie(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, cookie_plain,
282 c->secret_symmetric_key) != 0) 289 c->secret_symmetric_key) != 0)
@@ -298,7 +305,8 @@ static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cook
298/* Handle a crypto handshake packet of length. 305/* Handle a crypto handshake packet of length.
299 * put the nonce contained in the packet in nonce, 306 * put the nonce contained in the packet in nonce,
300 * the session public key in session_pk 307 * the session public key in session_pk
301 * the real public key of the peer in peer_real_pk and 308 * the real public key of the peer in peer_real_pk
309 * the dht public key of the peer in dht_public_key and
302 * the cookie inside the encrypted part of the packet in cookie. 310 * the cookie inside the encrypted part of the packet in cookie.
303 * 311 *
304 * if expected_real_pk isn't NULL it denotes the real public key 312 * if expected_real_pk isn't NULL it denotes the real public key
@@ -313,7 +321,7 @@ static int create_crypto_handshake(Net_Crypto *c, uint8_t *packet, uint8_t *cook
313 * return 0 on success. 321 * return 0 on success.
314 */ 322 */
315static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *session_pk, uint8_t *peer_real_pk, 323static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *session_pk, uint8_t *peer_real_pk,
316 uint8_t *cookie, uint8_t *packet, uint32_t length, uint8_t *expected_real_pk) 324 uint8_t *dht_public_key, uint8_t *cookie, uint8_t *packet, uint32_t length, uint8_t *expected_real_pk)
317{ 325{
318 if (length != HANDSHAKE_PACKET_LENGTH) 326 if (length != HANDSHAKE_PACKET_LENGTH)
319 return -1; 327 return -1;
@@ -327,9 +335,6 @@ static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *sessi
327 if (crypto_cmp(cookie_plain, expected_real_pk, crypto_box_PUBLICKEYBYTES) != 0) 335 if (crypto_cmp(cookie_plain, expected_real_pk, crypto_box_PUBLICKEYBYTES) != 0)
328 return -1; 336 return -1;
329 337
330 if (crypto_cmp(cookie_plain + crypto_box_PUBLICKEYBYTES, c->self_public_key, crypto_box_PUBLICKEYBYTES) != 0)
331 return -1;
332
333 uint8_t cookie_hash[crypto_hash_sha512_BYTES]; 338 uint8_t cookie_hash[crypto_hash_sha512_BYTES];
334 crypto_hash_sha512(cookie_hash, packet + 1, COOKIE_LENGTH); 339 crypto_hash_sha512(cookie_hash, packet + 1, COOKIE_LENGTH);
335 340
@@ -348,6 +353,7 @@ static int handle_crypto_handshake(Net_Crypto *c, uint8_t *nonce, uint8_t *sessi
348 memcpy(session_pk, plain + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES); 353 memcpy(session_pk, plain + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES);
349 memcpy(cookie, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, COOKIE_LENGTH); 354 memcpy(cookie, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, COOKIE_LENGTH);
350 memcpy(peer_real_pk, cookie_plain, crypto_box_PUBLICKEYBYTES); 355 memcpy(peer_real_pk, cookie_plain, crypto_box_PUBLICKEYBYTES);
356 memcpy(dht_public_key, cookie_plain + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
351 return 0; 357 return 0;
352} 358}
353 359
@@ -933,7 +939,7 @@ static int send_temp_packet(Net_Crypto *c, int crypt_connection_id)
933 * return -1 on failure. 939 * return -1 on failure.
934 * return 0 on success. 940 * return 0 on success.
935 */ 941 */
936static int create_send_handshake(Net_Crypto *c, int crypt_connection_id, uint8_t *cookie) 942static int create_send_handshake(Net_Crypto *c, int crypt_connection_id, uint8_t *cookie, uint8_t *dht_public_key)
937{ 943{
938 Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); 944 Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id);
939 945
@@ -943,7 +949,7 @@ static int create_send_handshake(Net_Crypto *c, int crypt_connection_id, uint8_t
943 uint8_t handshake_packet[HANDSHAKE_PACKET_LENGTH]; 949 uint8_t handshake_packet[HANDSHAKE_PACKET_LENGTH];
944 950
945 if (create_crypto_handshake(c, handshake_packet, cookie, conn->sent_nonce, conn->sessionpublic_key, 951 if (create_crypto_handshake(c, handshake_packet, cookie, conn->sent_nonce, conn->sessionpublic_key,
946 conn->public_key) != sizeof(handshake_packet)) 952 conn->public_key, dht_public_key) != sizeof(handshake_packet))
947 return -1; 953 return -1;
948 954
949 if (new_temp_packet(c, crypt_connection_id, handshake_packet, sizeof(handshake_packet)) != 0) 955 if (new_temp_packet(c, crypt_connection_id, handshake_packet, sizeof(handshake_packet)) != 0)
@@ -1083,7 +1089,7 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, uint
1083 if (number != conn->cookie_request_number) 1089 if (number != conn->cookie_request_number)
1084 return -1; 1090 return -1;
1085 1091
1086 if (create_send_handshake(c, crypt_connection_id, cookie) != 0) 1092 if (create_send_handshake(c, crypt_connection_id, cookie, conn->dht_public_key) != 0)
1087 return -1; 1093 return -1;
1088 1094
1089 conn->status = CRYPTO_CONN_HANDSHAKE_SENT; 1095 conn->status = CRYPTO_CONN_HANDSHAKE_SENT;
@@ -1093,20 +1099,23 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, uint
1093 case NET_PACKET_CRYPTO_HS: { 1099 case NET_PACKET_CRYPTO_HS: {
1094 if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT) { 1100 if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT) {
1095 uint8_t peer_real_pk[crypto_box_PUBLICKEYBYTES]; 1101 uint8_t peer_real_pk[crypto_box_PUBLICKEYBYTES];
1102 uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES];
1096 uint8_t cookie[COOKIE_LENGTH]; 1103 uint8_t cookie[COOKIE_LENGTH];
1097 1104
1098 if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, cookie, packet, length, 1105 if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, dht_public_key, cookie,
1099 conn->public_key) != 0) 1106 packet, length, conn->public_key) != 0)
1100 return -1; 1107 return -1;
1101 1108
1102 encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); 1109 encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key);
1103 1110
1104 if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) { 1111 if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) {
1105 if (create_send_handshake(c, crypt_connection_id, cookie) != 0) 1112 if (create_send_handshake(c, crypt_connection_id, cookie, dht_public_key) != 0)
1106 return -1; 1113 return -1;
1107 } 1114 }
1108 1115
1109 conn->status = CRYPTO_CONN_NOT_CONFIRMED; 1116 conn->status = CRYPTO_CONN_NOT_CONFIRMED;
1117 /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */
1118 set_connection_dht_public_key(c, crypt_connection_id, dht_public_key);
1110 } else { 1119 } else {
1111 return -1; 1120 return -1;
1112 } 1121 }
@@ -1295,8 +1304,8 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, uint8_
1295 n_c.source = source; 1304 n_c.source = source;
1296 n_c.cookie_length = COOKIE_LENGTH; 1305 n_c.cookie_length = COOKIE_LENGTH;
1297 1306
1298 if (handle_crypto_handshake(c, n_c.recv_nonce, n_c.peersessionpublic_key, n_c.public_key, n_c.cookie, data, length, 1307 if (handle_crypto_handshake(c, n_c.recv_nonce, n_c.peersessionpublic_key, n_c.public_key, n_c.dht_public_key,
1299 0) != 0) { 1308 n_c.cookie, data, length, 0) != 0) {
1300 free(n_c.cookie); 1309 free(n_c.cookie);
1301 return -1; 1310 return -1;
1302 } 1311 }
@@ -1314,8 +1323,10 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, uint8_
1314 1323
1315 crypto_connection_add_source(c, crypt_connection_id, source); 1324 crypto_connection_add_source(c, crypt_connection_id, source);
1316 1325
1317 if (create_send_handshake(c, crypt_connection_id, n_c.cookie) == 0) { 1326 if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) == 0) {
1318 conn->status = CRYPTO_CONN_NOT_CONFIRMED; 1327 conn->status = CRYPTO_CONN_NOT_CONFIRMED;
1328 /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */
1329 set_connection_dht_public_key(c, crypt_connection_id, n_c.dht_public_key);
1319 ret = 0; 1330 ret = 0;
1320 } 1331 }
1321 } 1332 }
@@ -1359,10 +1370,12 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c)
1359 if (n_c->cookie_length != COOKIE_LENGTH) 1370 if (n_c->cookie_length != COOKIE_LENGTH)
1360 return -1; 1371 return -1;
1361 1372
1362 if (create_send_handshake(c, crypt_connection_id, n_c->cookie) != 0) 1373 if (create_send_handshake(c, crypt_connection_id, n_c->cookie, n_c->dht_public_key) != 0)
1363 return -1; 1374 return -1;
1364 1375
1365 conn->status = CRYPTO_CONN_NOT_CONFIRMED; 1376 conn->status = CRYPTO_CONN_NOT_CONFIRMED;
1377 /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */
1378 set_connection_dht_public_key(c, crypt_connection_id, n_c->dht_public_key);
1366 conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; 1379 conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE;
1367 crypto_connection_add_source(c, crypt_connection_id, n_c->source); 1380 crypto_connection_add_source(c, crypt_connection_id, n_c->source);
1368 return crypt_connection_id; 1381 return crypt_connection_id;
@@ -1475,8 +1488,8 @@ int set_connection_dht_public_key(Net_Crypto *c, int crypt_connection_id, uint8_
1475 conn->cookie_request_number = random_64b(); 1488 conn->cookie_request_number = random_64b();
1476 uint8_t cookie_request[COOKIE_REQUEST_LENGTH]; 1489 uint8_t cookie_request[COOKIE_REQUEST_LENGTH];
1477 1490
1478 if (create_cookie_request(c, cookie_request, conn->dht_public_key, conn->public_key, 1491 if (create_cookie_request(c, cookie_request, conn->dht_public_key, conn->cookie_request_number,
1479 conn->cookie_request_number, conn->shared_key) != sizeof(cookie_request)) 1492 conn->shared_key) != sizeof(cookie_request))
1480 return -1; 1493 return -1;
1481 1494
1482 if (new_temp_packet(c, crypt_connection_id, cookie_request, sizeof(cookie_request)) != 0) 1495 if (new_temp_packet(c, crypt_connection_id, cookie_request, sizeof(cookie_request)) != 0)
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-06 11:51:03 +0000