From 7458473dcac19b1aed0803b5f8649f905f5ce7fb Mon Sep 17 00:00:00 2001 From: irungentoo Date: Sat, 6 Jul 2013 10:57:49 -0400 Subject: Forward secrecy implemented into crypto. --- core/net_crypto.h | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'core/net_crypto.h') diff --git a/core/net_crypto.h b/core/net_crypto.h index 850bcd13..3de0eb2f 100644 --- a/core/net_crypto.h +++ b/core/net_crypto.h @@ -19,17 +19,19 @@ extern uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; //encrypts plain of length length to encrypted of length + 16 using the -//public key(32 bytes) of the reciever and a 24 byte nonce +//public key(32 bytes) of the reciever and the secret key of the sender and a 24 byte nonce //return -1 if there was a problem. //return length of encrypted data if everything was fine. -int encrypt_data(uint8_t * public_key, uint8_t * nonce, uint8_t * plain, uint32_t length, uint8_t * encrypted); +int encrypt_data(uint8_t * public_key, uint8_t * secret_key, uint8_t * nonce, + uint8_t * plain, uint32_t length, uint8_t * encrypted); //decrypts encrypted of length length to plain of length length - 16 using the -//public key(32 bytes) of the sender and a 24 byte nonce +//public key(32 bytes) of the sender, the secret key of the reciever and a 24 byte nonce //return -1 if there was a problem(decryption failed) //return length of plain data if everything was fine. -int decrypt_data(uint8_t * public_key, uint8_t * nonce, uint8_t * encrypted, uint32_t length, uint8_t * plain); +int decrypt_data(uint8_t * public_key, uint8_t * secret_key, uint8_t * nonce, + uint8_t * encrypted, uint32_t length, uint8_t * plain); //return 0 if there is no received data in the buffer @@ -76,16 +78,17 @@ int crypto_kill(int crypt_connection_id); //handle an incoming connection //return -1 if no crypto inbound connection //return incomming connection id (Lossless_UDP one) if there is an incomming crypto connection -//Put the public key of the peer in public_key and the secret_nonce from the handshake into secret_nonce +//Put the public key of the peer in public_key, the secret_nonce from the handshake into secret_nonce +//and the session public key for the connection in session_key //to accept it see: accept_crypto_inbound(...) //to refuse it just call kill_connection(...) on the connection id -int crypto_inbound(uint8_t * public_key, uint8_t * secret_nonce); +int crypto_inbound(uint8_t * public_key, uint8_t * secret_nonce, uint8_t * session_key); //accept an incoming connection using the parameters provided by crypto_inbound //return -1 if not successful //returns the crypt_connection_id if successful -int accept_crypto_inbound(int connection_id, uint8_t * public_key, uint8_t * secret_nonce); +int accept_crypto_inbound(int connection_id, uint8_t * public_key, uint8_t * secret_nonce, uint8_t * session_key); //return 0 if no connection, 1 we have sent a handshake, 2 if connexion is not confirmed yet //(we have recieved a hanshake but no empty data packet), 3 if the connection is established. -- cgit v1.2.3