From 9c6a8432ce7298766669d1e6a966b5493971afb7 Mon Sep 17 00:00:00 2001
From: irungentoo <irungentoo@gmail.com>
Date: Mon, 21 Apr 2014 16:51:36 -0400
Subject: Crypto related cleanups.

Moved Bunch of functions from net_crypto to crypto_core.

decrypt_data_fast and decrypt_data_symmetric were the same thing
therefore, removed decrypt_data_fast.

Replaced all the crypto_secretbox_* defines with the equivalent
crypto_box_* one.

New define: crypto_box_KEYBYTES that is equal to
crypto_box_BEFORENMBYTES.
---
 toxcore/net_crypto.c | 200 +--------------------------------------------------
 1 file changed, 2 insertions(+), 198 deletions(-)

(limited to 'toxcore/net_crypto.c')

diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c
index ae3a69a1..d0212d11 100644
--- a/toxcore/net_crypto.c
+++ b/toxcore/net_crypto.c
@@ -35,202 +35,6 @@ static uint8_t crypt_connection_id_not_valid(Net_Crypto *c, int crypt_connection
     return (uint32_t)crypt_connection_id >= c->crypto_connections_length;
 }
 
-/* Use this instead of memcmp; not vulnerable to timing attacks. */
-uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
-{
-    uint8_t check = 0;
-    uint32_t i;
-
-    for (i = 0; i < length; ++i) {
-        check |= mem[i];
-    }
-
-    return check; // We return zero if mem is made out of zeroes.
-}
-
-/* Precomputes the shared key from their public_key and our secret_key.
- * This way we can avoid an expensive elliptic curve scalar multiply for each
- * encrypt/decrypt operation.
- * enc_key has to be crypto_box_BEFORENMBYTES bytes long.
- */
-void encrypt_precompute(uint8_t *public_key, uint8_t *secret_key, uint8_t *enc_key)
-{
-    crypto_box_beforenm(enc_key, public_key, secret_key);
-}
-
-/* Fast encrypt. Depends on enc_key from encrypt_precompute. */
-int encrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
-                      uint8_t *plain, uint32_t length, uint8_t *encrypted)
-{
-    if (length + crypto_box_MACBYTES > MAX_DATA_SIZE || length == 0)
-        return -1;
-
-    uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES] = {0};
-    uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES];
-
-    memcpy(temp_plain + crypto_box_ZEROBYTES, plain, length); // Pad the message with 32 0 bytes.
-
-    crypto_box_afternm(temp_encrypted, temp_plain, length + crypto_box_ZEROBYTES, nonce, enc_key);
-
-    if (crypto_iszero(temp_encrypted, crypto_box_BOXZEROBYTES) != 0)
-        return -1;
-
-    /* Unpad the encrypted message. */
-    memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length + crypto_box_MACBYTES);
-    return length + crypto_box_MACBYTES;
-}
-
-/* Fast decrypt. Depends on enc_ley from encrypt_precompute. */
-int decrypt_data_fast(uint8_t *enc_key, uint8_t *nonce,
-                      uint8_t *encrypted, uint32_t length, uint8_t *plain)
-{
-    if (length > MAX_DATA_SIZE || length <= crypto_box_BOXZEROBYTES)
-        return -1;
-
-    uint8_t temp_plain[MAX_DATA_SIZE + crypto_box_ZEROBYTES];
-    uint8_t temp_encrypted[MAX_DATA_SIZE + crypto_box_BOXZEROBYTES] = {0};
-
-    memcpy(temp_encrypted + crypto_box_BOXZEROBYTES, encrypted, length); // Pad the message with 16 0 bytes.
-
-    if (crypto_box_open_afternm(temp_plain, temp_encrypted, length + crypto_box_BOXZEROBYTES,
-                                nonce, enc_key) == -1)
-        return -1;
-
-    /* If decryption is successful the first crypto_box_ZEROBYTES of the message will be zero.
-     * Apparently memcmp should not be used so we do this instead:
-     */
-    if (crypto_iszero(temp_plain, crypto_box_ZEROBYTES) != 0)
-        return -1;
-
-    /* Unpad the plain message. */
-    memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_MACBYTES);
-    return length - crypto_box_MACBYTES;
-}
-
-int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
-                 uint8_t *plain, uint32_t length, uint8_t *encrypted)
-{
-    uint8_t k[crypto_box_BEFORENMBYTES];
-    encrypt_precompute(public_key, secret_key, k);
-    return encrypt_data_fast(k, nonce, plain, length, encrypted);
-}
-
-int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
-                 uint8_t *encrypted, uint32_t length, uint8_t *plain)
-{
-    uint8_t k[crypto_box_BEFORENMBYTES];
-    encrypt_precompute(public_key, secret_key, k);
-    return decrypt_data_fast(k, nonce, encrypted, length, plain);
-}
-
-int encrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *plain, uint32_t length, uint8_t *encrypted)
-{
-    if (length == 0)
-        return -1;
-
-    uint8_t temp_plain[length + crypto_secretbox_ZEROBYTES];
-    uint8_t temp_encrypted[length + crypto_secretbox_MACBYTES + crypto_secretbox_BOXZEROBYTES];
-
-    memset(temp_plain, 0, crypto_secretbox_ZEROBYTES);
-    memcpy(temp_plain + crypto_secretbox_ZEROBYTES, plain, length); // Pad the message with 32 0 bytes.
-
-    crypto_secretbox(temp_encrypted, temp_plain, length + crypto_secretbox_ZEROBYTES, nonce, secret_key);
-    /* Unpad the encrypted message. */
-    memcpy(encrypted, temp_encrypted + crypto_secretbox_BOXZEROBYTES, length + crypto_secretbox_MACBYTES);
-    return length + crypto_secretbox_MACBYTES;
-}
-
-int decrypt_data_symmetric(uint8_t *secret_key, uint8_t *nonce, uint8_t *encrypted, uint32_t length, uint8_t *plain)
-{
-    if (length <= crypto_secretbox_BOXZEROBYTES)
-        return -1;
-
-    uint8_t temp_plain[length + crypto_secretbox_ZEROBYTES];
-    uint8_t temp_encrypted[length + crypto_secretbox_BOXZEROBYTES];
-
-    memset(temp_plain, 0, crypto_secretbox_BOXZEROBYTES);
-    memcpy(temp_encrypted + crypto_secretbox_BOXZEROBYTES, encrypted, length); // Pad the message with 16 0 bytes.
-
-    if (crypto_secretbox_open(temp_plain, temp_encrypted, length + crypto_secretbox_BOXZEROBYTES, nonce, secret_key) == -1)
-        return -1;
-
-    memcpy(plain, temp_plain + crypto_secretbox_ZEROBYTES, length - crypto_secretbox_MACBYTES);
-    return length - crypto_secretbox_MACBYTES;
-}
-
-/* Increment the given nonce by 1. */
-void increment_nonce(uint8_t *nonce)
-{
-    uint32_t i;
-
-    for (i = crypto_box_NONCEBYTES; i != 0; --i) {
-        ++nonce[i - 1];
-
-        if (nonce[i - 1] != 0)
-            break;
-    }
-}
-/* increment the given nonce by num */
-void increment_nonce_number(uint8_t *nonce, uint32_t num)
-{
-    uint32_t num1, num2;
-    memcpy(&num1, nonce + (crypto_box_NONCEBYTES - sizeof(num1)), sizeof(num1));
-    num1 = ntohl(num1);
-    num2 = num + num1;
-
-    if (num2 < num1) {
-        uint32_t i;
-
-        for (i = crypto_box_NONCEBYTES - sizeof(num1); i != 0; --i) {
-            ++nonce[i - 1];
-
-            if (nonce[i - 1] != 0)
-                break;
-        }
-    }
-
-    num2 = htonl(num2);
-    memcpy(nonce + (crypto_box_NONCEBYTES - sizeof(num2)), &num2, sizeof(num2));
-}
-
-#if crypto_box_NONCEBYTES != crypto_secretbox_NONCEBYTES
-/*if they no longer equal each other, this function and the previous ones
- *must be split into two.
- */
-#error random_nonce(): crypto_box_NONCEBYTES must equal crypto_secretbox_NONCEBYTES.
-#endif
-/* Fill the given nonce with random bytes. */
-void random_nonce(uint8_t *nonce)
-{
-    randombytes(nonce, crypto_box_NONCEBYTES);
-}
-
-/* Fill a key crypto_secretbox_KEYBYTES big with random bytes */
-void new_symmetric_key(uint8_t *key)
-{
-    randombytes(key, crypto_secretbox_KEYBYTES);
-}
-
-static uint8_t base_nonce[crypto_box_NONCEBYTES];
-static uint8_t nonce_set = 0;
-
-#if crypto_box_NONCEBYTES != crypto_secretbox_NONCEBYTES
-/*if they no longer equal each other, this function must be split into two.*/
-#error new_nonce(): crypto_box_NONCEBYTES must equal crypto_secretbox_NONCEBYTES.
-#endif
-/* Gives a nonce guaranteed to be different from previous ones.*/
-void new_nonce(uint8_t *nonce)
-{
-    if (nonce_set == 0) {
-        random_nonce(base_nonce);
-        nonce_set = 1;
-    }
-
-    increment_nonce(base_nonce);
-    memcpy(nonce, base_nonce, crypto_box_NONCEBYTES);
-}
-
-
 /*  return 0 if there is no received data in the buffer.
  *  return -1  if the packet was discarded.
  *  return length of received data if successful.
@@ -252,7 +56,7 @@ int read_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data)
     if (temp_data[0] != 3)
         return -1;
 
-    int len = decrypt_data_fast(c->crypto_connections[crypt_connection_id].shared_key,
+    int len = decrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key,
                                 c->crypto_connections[crypt_connection_id].recv_nonce,
                                 temp_data + 1, length - 1, data);
 
@@ -290,7 +94,7 @@ int write_cryptpacket(Net_Crypto *c, int crypt_connection_id, uint8_t *data, uin
         return 0;
 
     uint8_t temp_data[MAX_DATA_SIZE];
-    int len = encrypt_data_fast(c->crypto_connections[crypt_connection_id].shared_key,
+    int len = encrypt_data_symmetric(c->crypto_connections[crypt_connection_id].shared_key,
                                 c->crypto_connections[crypt_connection_id].sent_nonce,
                                 data, length, temp_data + 1);
 
-- 
cgit v1.2.3