diff options
Diffstat (limited to 'toxencryptsave/toxencryptsave.h')
-rw-r--r-- | toxencryptsave/toxencryptsave.h | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/toxencryptsave/toxencryptsave.h b/toxencryptsave/toxencryptsave.h index e3f998af..b85d945c 100644 --- a/toxencryptsave/toxencryptsave.h +++ b/toxencryptsave/toxencryptsave.h | |||
@@ -38,6 +38,8 @@ typedef struct Tox Tox; | |||
38 | #define TOX_PASS_ENCRYPTION_EXTRA_LENGTH (crypto_box_MACBYTES + crypto_box_NONCEBYTES \ | 38 | #define TOX_PASS_ENCRYPTION_EXTRA_LENGTH (crypto_box_MACBYTES + crypto_box_NONCEBYTES \ |
39 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES) | 39 | + crypto_pwhash_scryptsalsa208sha256_SALTBYTES) |
40 | 40 | ||
41 | #define TOX_PASS_KEY_LENGTH (crypto_box_KEYBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES) | ||
42 | |||
41 | /* This "module" provides functions analogous to tox_load and tox_save in toxcore | 43 | /* This "module" provides functions analogous to tox_load and tox_save in toxcore |
42 | * Clients should consider alerting their users that, unlike plain data, if even one bit | 44 | * Clients should consider alerting their users that, unlike plain data, if even one bit |
43 | * becomes corrupted, the data will be entirely unrecoverable. | 45 | * becomes corrupted, the data will be entirely unrecoverable. |
@@ -47,8 +49,35 @@ typedef struct Tox Tox; | |||
47 | /* return size of the messenger data (for encrypted saving). */ | 49 | /* return size of the messenger data (for encrypted saving). */ |
48 | uint32_t tox_encrypted_size(const Tox *tox); | 50 | uint32_t tox_encrypted_size(const Tox *tox); |
49 | 51 | ||
52 | /* Generates a secret symmetric key from the given passphrase. out_key must be at least | ||
53 | * TOX_PASS_KEY_LENGTH bytes long. | ||
54 | * Be sure to not compromise the key! Only keep it in memory, do not write to disk. | ||
55 | * This function is fairly cheap, but irungentoo insists that you be allowed to | ||
56 | * cache the result if you want, to minimize computation for repeated encryptions. | ||
57 | * The password is zeroed after key derivation. | ||
58 | * The key should only be used with the other functions in this module, as it | ||
59 | * includes a salt. | ||
60 | * | ||
61 | * returns 0 on success | ||
62 | * returns -1 on failure | ||
63 | */ | ||
64 | int tox_derive_key_from_pass(uint8_t* passphrase, uint32_t pplength, uint8_t* out_key); | ||
65 | |||
66 | /* Encrypt arbitrary with a key produced by tox_derive_key_from_pass. The output | ||
67 | * array must be at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. | ||
68 | * key must be TOX_PASS_KEY_LENGTH bytes. | ||
69 | * If you already have a symmetric key from somewhere besides this module, simply | ||
70 | * call encrypt_data_symmetric in toxcore/crypto_core directly. | ||
71 | * | ||
72 | * | ||
73 | * returns 0 on success | ||
74 | * returns -1 on failure | ||
75 | */ | ||
76 | int tox_pass_key_encrypt(uint8_t* data, uint32_t data_len, const uint8_t* key, uint8_t* out); | ||
77 | |||
50 | /* Encrypts the given data with the given passphrase. The output array must be | 78 | /* Encrypts the given data with the given passphrase. The output array must be |
51 | * at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. | 79 | * at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. This delegates |
80 | * to tox_derive_key_from_pass and tox_pass_key_encrypt. | ||
52 | * | 81 | * |
53 | * tox_encrypted_save() is a good example of how to use this function. | 82 | * tox_encrypted_save() is a good example of how to use this function. |
54 | * | 83 | * |