diff options
Diffstat (limited to 'toxcore')
| -rw-r--r-- | toxcore/DHT.c | 6 | ||||
| -rw-r--r-- | toxcore/TCP_client.c | 2 | ||||
| -rw-r--r-- | toxcore/TCP_server.c | 2 | ||||
| -rw-r--r-- | toxcore/crypto_core.c | 6 | ||||
| -rw-r--r-- | toxcore/crypto_core.h | 3 | ||||
| -rw-r--r-- | toxcore/net_crypto.c | 8 | ||||
| -rw-r--r-- | toxcore/onion.c | 6 | ||||
| -rw-r--r-- | toxcore/onion_client.c | 2 | ||||
| -rw-r--r-- | toxcore/ping.c | 4 |
9 files changed, 15 insertions, 24 deletions
diff --git a/toxcore/DHT.c b/toxcore/DHT.c index ca9c17ea..3753c387 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c | |||
| @@ -196,7 +196,7 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke | |||
| 196 | } | 196 | } |
| 197 | 197 | ||
| 198 | uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; | 198 | uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; |
| 199 | new_nonce(nonce); | 199 | random_nonce(nonce); |
| 200 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function | 200 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function |
| 201 | memcpy(temp + 1, data, length); | 201 | memcpy(temp + 1, data, length); |
| 202 | temp[0] = request_id; | 202 | temp[0] = request_id; |
| @@ -1200,7 +1200,7 @@ static int getnodes(DHT *dht, IP_Port ip_port, const uint8_t *public_key, const | |||
| 1200 | DHT_get_shared_key_sent(dht, shared_key, public_key); | 1200 | DHT_get_shared_key_sent(dht, shared_key, public_key); |
| 1201 | 1201 | ||
| 1202 | uint8_t nonce[crypto_box_NONCEBYTES]; | 1202 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 1203 | new_nonce(nonce); | 1203 | random_nonce(nonce); |
| 1204 | 1204 | ||
| 1205 | int len = encrypt_data_symmetric(shared_key, | 1205 | int len = encrypt_data_symmetric(shared_key, |
| 1206 | nonce, | 1206 | nonce, |
| @@ -1243,7 +1243,7 @@ static int sendnodes_ipv6(const DHT *dht, IP_Port ip_port, const uint8_t *public | |||
| 1243 | uint8_t plain[1 + Node_format_size * MAX_SENT_NODES + length]; | 1243 | uint8_t plain[1 + Node_format_size * MAX_SENT_NODES + length]; |
| 1244 | uint8_t encrypt[sizeof(plain) + crypto_box_MACBYTES]; | 1244 | uint8_t encrypt[sizeof(plain) + crypto_box_MACBYTES]; |
| 1245 | uint8_t nonce[crypto_box_NONCEBYTES]; | 1245 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 1246 | new_nonce(nonce); | 1246 | random_nonce(nonce); |
| 1247 | 1247 | ||
| 1248 | int nodes_length = 0; | 1248 | int nodes_length = 0; |
| 1249 | 1249 | ||
diff --git a/toxcore/TCP_client.c b/toxcore/TCP_client.c index caa1b73d..372f034e 100644 --- a/toxcore/TCP_client.c +++ b/toxcore/TCP_client.c | |||
| @@ -228,7 +228,7 @@ static int generate_handshake(TCP_Client_Connection *TCP_conn) | |||
| 228 | random_nonce(TCP_conn->sent_nonce); | 228 | random_nonce(TCP_conn->sent_nonce); |
| 229 | memcpy(plain + crypto_box_PUBLICKEYBYTES, TCP_conn->sent_nonce, crypto_box_NONCEBYTES); | 229 | memcpy(plain + crypto_box_PUBLICKEYBYTES, TCP_conn->sent_nonce, crypto_box_NONCEBYTES); |
| 230 | memcpy(TCP_conn->last_packet, TCP_conn->self_public_key, crypto_box_PUBLICKEYBYTES); | 230 | memcpy(TCP_conn->last_packet, TCP_conn->self_public_key, crypto_box_PUBLICKEYBYTES); |
| 231 | new_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES); | 231 | random_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES); |
| 232 | int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain, | 232 | int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain, |
| 233 | sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); | 233 | sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); |
| 234 | 234 | ||
diff --git a/toxcore/TCP_server.c b/toxcore/TCP_server.c index 4b355a62..63c1577d 100644 --- a/toxcore/TCP_server.c +++ b/toxcore/TCP_server.c | |||
| @@ -565,7 +565,7 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, const uint8_t *data, | |||
| 565 | memcpy(con->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES); | 565 | memcpy(con->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES); |
| 566 | 566 | ||
| 567 | uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; | 567 | uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; |
| 568 | new_nonce(response); | 568 | random_nonce(response); |
| 569 | 569 | ||
| 570 | len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, | 570 | len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, |
| 571 | response + crypto_box_NONCEBYTES); | 571 | response + crypto_box_NONCEBYTES); |
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index 2ecac662..a71b3cb8 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
| @@ -209,9 +209,3 @@ void new_symmetric_key(uint8_t *key) | |||
| 209 | { | 209 | { |
| 210 | randombytes(key, crypto_box_KEYBYTES); | 210 | randombytes(key, crypto_box_KEYBYTES); |
| 211 | } | 211 | } |
| 212 | |||
| 213 | /* Gives a nonce guaranteed to be different from previous ones.*/ | ||
| 214 | void new_nonce(uint8_t *nonce) | ||
| 215 | { | ||
| 216 | random_nonce(nonce); | ||
| 217 | } | ||
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index 90bd122e..a3463c38 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h | |||
| @@ -119,7 +119,4 @@ void random_nonce(uint8_t *nonce); | |||
| 119 | /* Fill a key crypto_box_KEYBYTES big with random bytes */ | 119 | /* Fill a key crypto_box_KEYBYTES big with random bytes */ |
| 120 | void new_symmetric_key(uint8_t *key); | 120 | void new_symmetric_key(uint8_t *key); |
| 121 | 121 | ||
| 122 | /*Gives a nonce guaranteed to be different from previous ones.*/ | ||
| 123 | void new_nonce(uint8_t *nonce); | ||
| 124 | |||
| 125 | #endif | 122 | #endif |
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index 13f73550..84276c62 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
| @@ -81,7 +81,7 @@ static int create_cookie_request(const Net_Crypto *c, uint8_t *packet, uint8_t * | |||
| 81 | 81 | ||
| 82 | DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); | 82 | DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); |
| 83 | uint8_t nonce[crypto_box_NONCEBYTES]; | 83 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 84 | new_nonce(nonce); | 84 | random_nonce(nonce); |
| 85 | packet[0] = NET_PACKET_COOKIE_REQUEST; | 85 | packet[0] = NET_PACKET_COOKIE_REQUEST; |
| 86 | memcpy(packet + 1, c->dht->self_public_key, crypto_box_PUBLICKEYBYTES); | 86 | memcpy(packet + 1, c->dht->self_public_key, crypto_box_PUBLICKEYBYTES); |
| 87 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); | 87 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); |
| @@ -106,7 +106,7 @@ static int create_cookie(uint8_t *cookie, const uint8_t *bytes, const uint8_t *e | |||
| 106 | uint64_t temp_time = unix_time(); | 106 | uint64_t temp_time = unix_time(); |
| 107 | memcpy(contents, &temp_time, sizeof(temp_time)); | 107 | memcpy(contents, &temp_time, sizeof(temp_time)); |
| 108 | memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH); | 108 | memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH); |
| 109 | new_nonce(cookie); | 109 | random_nonce(cookie); |
| 110 | int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + crypto_box_NONCEBYTES); | 110 | int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + crypto_box_NONCEBYTES); |
| 111 | 111 | ||
| 112 | if (len != COOKIE_LENGTH - crypto_box_NONCEBYTES) { | 112 | if (len != COOKIE_LENGTH - crypto_box_NONCEBYTES) { |
| @@ -165,7 +165,7 @@ static int create_cookie_response(const Net_Crypto *c, uint8_t *packet, const ui | |||
| 165 | 165 | ||
| 166 | memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t)); | 166 | memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t)); |
| 167 | packet[0] = NET_PACKET_COOKIE_RESPONSE; | 167 | packet[0] = NET_PACKET_COOKIE_RESPONSE; |
| 168 | new_nonce(packet + 1); | 168 | random_nonce(packet + 1); |
| 169 | int len = encrypt_data_symmetric(shared_key, packet + 1, plain, sizeof(plain), packet + 1 + crypto_box_NONCEBYTES); | 169 | int len = encrypt_data_symmetric(shared_key, packet + 1, plain, sizeof(plain), packet + 1 + crypto_box_NONCEBYTES); |
| 170 | 170 | ||
| 171 | if (len != COOKIE_RESPONSE_LENGTH - (1 + crypto_box_NONCEBYTES)) { | 171 | if (len != COOKIE_RESPONSE_LENGTH - (1 + crypto_box_NONCEBYTES)) { |
| @@ -331,7 +331,7 @@ static int create_crypto_handshake(const Net_Crypto *c, uint8_t *packet, const u | |||
| 331 | return -1; | 331 | return -1; |
| 332 | } | 332 | } |
| 333 | 333 | ||
| 334 | new_nonce(packet + 1 + COOKIE_LENGTH); | 334 | random_nonce(packet + 1 + COOKIE_LENGTH); |
| 335 | int len = encrypt_data(peer_real_pk, c->self_secret_key, packet + 1 + COOKIE_LENGTH, plain, sizeof(plain), | 335 | int len = encrypt_data(peer_real_pk, c->self_secret_key, packet + 1 + COOKIE_LENGTH, plain, sizeof(plain), |
| 336 | packet + 1 + COOKIE_LENGTH + crypto_box_NONCEBYTES); | 336 | packet + 1 + COOKIE_LENGTH + crypto_box_NONCEBYTES); |
| 337 | 337 | ||
diff --git a/toxcore/onion.c b/toxcore/onion.c index 5705c14f..06ff719b 100644 --- a/toxcore/onion.c +++ b/toxcore/onion.c | |||
| @@ -375,7 +375,7 @@ int onion_send_1(const Onion *onion, const uint8_t *plain, uint16_t len, IP_Port | |||
| 375 | memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); | 375 | memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); |
| 376 | uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); | 376 | uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); |
| 377 | uint8_t *ret_part = data + data_len; | 377 | uint8_t *ret_part = data + data_len; |
| 378 | new_nonce(ret_part); | 378 | random_nonce(ret_part); |
| 379 | len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ip_port, SIZE_IPPORT, | 379 | len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ip_port, SIZE_IPPORT, |
| 380 | ret_part + crypto_box_NONCEBYTES); | 380 | ret_part + crypto_box_NONCEBYTES); |
| 381 | 381 | ||
| @@ -428,7 +428,7 @@ static int handle_send_1(void *object, IP_Port source, const uint8_t *packet, ui | |||
| 428 | memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); | 428 | memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); |
| 429 | uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); | 429 | uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); |
| 430 | uint8_t *ret_part = data + data_len; | 430 | uint8_t *ret_part = data + data_len; |
| 431 | new_nonce(ret_part); | 431 | random_nonce(ret_part); |
| 432 | uint8_t ret_data[RETURN_1 + SIZE_IPPORT]; | 432 | uint8_t ret_data[RETURN_1 + SIZE_IPPORT]; |
| 433 | ipport_pack(ret_data, &source); | 433 | ipport_pack(ret_data, &source); |
| 434 | memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_1), RETURN_1); | 434 | memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_1), RETURN_1); |
| @@ -482,7 +482,7 @@ static int handle_send_2(void *object, IP_Port source, const uint8_t *packet, ui | |||
| 482 | memcpy(data, plain + SIZE_IPPORT, len - SIZE_IPPORT); | 482 | memcpy(data, plain + SIZE_IPPORT, len - SIZE_IPPORT); |
| 483 | uint16_t data_len = (len - SIZE_IPPORT); | 483 | uint16_t data_len = (len - SIZE_IPPORT); |
| 484 | uint8_t *ret_part = data + (len - SIZE_IPPORT); | 484 | uint8_t *ret_part = data + (len - SIZE_IPPORT); |
| 485 | new_nonce(ret_part); | 485 | random_nonce(ret_part); |
| 486 | uint8_t ret_data[RETURN_2 + SIZE_IPPORT]; | 486 | uint8_t ret_data[RETURN_2 + SIZE_IPPORT]; |
| 487 | ipport_pack(ret_data, &source); | 487 | ipport_pack(ret_data, &source); |
| 488 | memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_2), RETURN_2); | 488 | memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_2), RETURN_2); |
diff --git a/toxcore/onion_client.c b/toxcore/onion_client.c index 86f4de72..c03036ac 100644 --- a/toxcore/onion_client.c +++ b/toxcore/onion_client.c | |||
| @@ -949,7 +949,7 @@ static int send_dht_dhtpk(const Onion_Client *onion_c, int friend_num, const uin | |||
| 949 | } | 949 | } |
| 950 | 950 | ||
| 951 | uint8_t nonce[crypto_box_NONCEBYTES]; | 951 | uint8_t nonce[crypto_box_NONCEBYTES]; |
| 952 | new_nonce(nonce); | 952 | random_nonce(nonce); |
| 953 | 953 | ||
| 954 | uint8_t temp[DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES + length]; | 954 | uint8_t temp[DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES + length]; |
| 955 | memcpy(temp, onion_c->c->self_public_key, crypto_box_PUBLICKEYBYTES); | 955 | memcpy(temp, onion_c->c->self_public_key, crypto_box_PUBLICKEYBYTES); |
diff --git a/toxcore/ping.c b/toxcore/ping.c index 052650e3..bde28b59 100644 --- a/toxcore/ping.c +++ b/toxcore/ping.c | |||
| @@ -88,7 +88,7 @@ int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key) | |||
| 88 | 88 | ||
| 89 | pk[0] = NET_PACKET_PING_REQUEST; | 89 | pk[0] = NET_PACKET_PING_REQUEST; |
| 90 | id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey | 90 | id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey |
| 91 | new_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce | 91 | random_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce |
| 92 | 92 | ||
| 93 | 93 | ||
| 94 | rc = encrypt_data_symmetric(shared_key, | 94 | rc = encrypt_data_symmetric(shared_key, |
| @@ -119,7 +119,7 @@ static int send_ping_response(PING *ping, IP_Port ipp, const uint8_t *public_key | |||
| 119 | 119 | ||
| 120 | pk[0] = NET_PACKET_PING_RESPONSE; | 120 | pk[0] = NET_PACKET_PING_RESPONSE; |
| 121 | id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey | 121 | id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey |
| 122 | new_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce | 122 | random_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce |
| 123 | 123 | ||
| 124 | // Encrypt ping_id using recipient privkey | 124 | // Encrypt ping_id using recipient privkey |
| 125 | rc = encrypt_data_symmetric(shared_encryption_key, | 125 | rc = encrypt_data_symmetric(shared_encryption_key, |