diff options
Diffstat (limited to 'toxcore')
-rw-r--r-- | toxcore/Messenger.c | 7 | ||||
-rw-r--r-- | toxcore/crypto_core.c | 14 | ||||
-rw-r--r-- | toxcore/crypto_core.h | 7 |
3 files changed, 28 insertions, 0 deletions
diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c index 07504988..3308b1ed 100644 --- a/toxcore/Messenger.c +++ b/toxcore/Messenger.c | |||
@@ -186,6 +186,10 @@ int32_t m_addfriend(Messenger *m, uint8_t *address, uint8_t *data, uint16_t leng | |||
186 | 186 | ||
187 | uint8_t client_id[crypto_box_PUBLICKEYBYTES]; | 187 | uint8_t client_id[crypto_box_PUBLICKEYBYTES]; |
188 | id_copy(client_id, address); | 188 | id_copy(client_id, address); |
189 | |||
190 | if (!public_key_valid(client_id)) | ||
191 | return FAERR_BADCHECKSUM; | ||
192 | |||
189 | uint16_t check, checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); | 193 | uint16_t check, checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); |
190 | memcpy(&check, address + crypto_box_PUBLICKEYBYTES + sizeof(uint32_t), sizeof(check)); | 194 | memcpy(&check, address + crypto_box_PUBLICKEYBYTES + sizeof(uint32_t), sizeof(check)); |
191 | 195 | ||
@@ -261,6 +265,9 @@ int32_t m_addfriend_norequest(Messenger *m, const uint8_t *client_id) | |||
261 | if (getfriend_id(m, client_id) != -1) | 265 | if (getfriend_id(m, client_id) != -1) |
262 | return -1; | 266 | return -1; |
263 | 267 | ||
268 | if (!public_key_valid(client_id)) | ||
269 | return -1; | ||
270 | |||
264 | /* Resize the friend list if necessary. */ | 271 | /* Resize the friend list if necessary. */ |
265 | if (realloc_friendlist(m, m->numfriends + 1) != 0) | 272 | if (realloc_friendlist(m, m->numfriends + 1) != 0) |
266 | return FAERR_NOMEM; | 273 | return FAERR_NOMEM; |
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index 87e276e7..1799b600 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
@@ -66,6 +66,20 @@ uint64_t random_64b(void) | |||
66 | return randnum; | 66 | return randnum; |
67 | } | 67 | } |
68 | 68 | ||
69 | /* Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. | ||
70 | * This should only be used for input validation. | ||
71 | * | ||
72 | * return 0 if it isn't. | ||
73 | * return 1 if it is. | ||
74 | */ | ||
75 | int public_key_valid(const uint8_t *public_key) | ||
76 | { | ||
77 | if (public_key[31] >= 128) /* Last bit of key is always zero. */ | ||
78 | return 0; | ||
79 | |||
80 | return 1; | ||
81 | } | ||
82 | |||
69 | /* Precomputes the shared key from their public_key and our secret_key. | 83 | /* Precomputes the shared key from their public_key and our secret_key. |
70 | * This way we can avoid an expensive elliptic curve scalar multiply for each | 84 | * This way we can avoid an expensive elliptic curve scalar multiply for each |
71 | * encrypt/decrypt operation. | 85 | * encrypt/decrypt operation. |
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index 814c4362..7362d49e 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h | |||
@@ -53,6 +53,13 @@ int crypto_cmp(const uint8_t *mem1, const uint8_t *mem2, uint32_t length); | |||
53 | uint32_t random_int(void); | 53 | uint32_t random_int(void); |
54 | uint64_t random_64b(void); | 54 | uint64_t random_64b(void); |
55 | 55 | ||
56 | /* Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. | ||
57 | * This should only be used for input validation. | ||
58 | * | ||
59 | * return 0 if it isn't. | ||
60 | * return 1 if it is. | ||
61 | */ | ||
62 | int public_key_valid(const uint8_t *public_key); | ||
56 | 63 | ||
57 | /* Encrypts plain of length length to encrypted of length + 16 using the | 64 | /* Encrypts plain of length length to encrypted of length + 16 using the |
58 | * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. | 65 | * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. |