1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
%{
/* crypto_core.h
*
* Functions for the core crypto.
*
* Copyright (C) 2013 Tox project All Rights Reserved.
*
* This file is part of Tox.
*
* Tox is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Tox is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Tox. If not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef CORE_CRYPTO_H
#define CORE_CRYPTO_H
#include "network.h"
#ifndef VANILLA_NACL
/* We use libsodium by default. */
#include <sodium.h>
#else
#include <crypto_box.h>
#include <crypto_hash_sha256.h>
#include <crypto_hash_sha512.h>
#include <crypto_scalarmult_curve25519.h>
#include <crypto_verify_16.h>
#include <crypto_verify_32.h>
#include <randombytes.h>
#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
/* I know */
#define sodium_memcmp(a, b, c) memcmp(a, b, c)
#define sodium_memzero(a, c) memset(a, 0, c)
#endif
#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)
%}
/**
* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks.
* returns 0 if both mem locations of length are equal,
* return -1 if they are not.
*/
static int32_t public_key_cmp(const uint8_t *pk1, const uint8_t *pk2);
/**
* Return a random 32 bit integer.
*/
static uint32_t random_int();
/**
* Return a random 64 bit integer.
*/
static uint64_t random_64b();
/**
* Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not.
* This should only be used for input validation.
*
* return 0 if it isn't.
* return 1 if it is.
*/
static int32_t public_key_valid(const uint8_t *public_key);
/**
* Encrypts plain of length length to encrypted of length + 16 using the
* public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce.
*
* return -1 if there was a problem.
* return length of encrypted data if everything was fine.
*/
static int32_t encrypt_data(
const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
const uint8_t *plain, uint32_t length, uint8_t *encrypted);
/**
* Decrypts encrypted of length length to plain of length length - 16 using the
* public key(32 bytes) of the sender, the secret key of the receiver and a 24 byte nonce.
*
* return -1 if there was a problem (decryption failed).
* return length of plain data if everything was fine.
*/
static int32_t decrypt_data(
const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
const uint8_t *encrypted, uint32_t length, uint8_t *plain);
/**
* Fast encrypt/decrypt operations. Use if this is not a one-time communication.
* encrypt_precompute does the shared-key generation once so it does not have
* to be preformed on every encrypt/decrypt.
*/
static int32_t encrypt_precompute(
const uint8_t *public_key, const uint8_t *secret_key, uint8_t *enc_key);
/**
* Encrypts plain of length length to encrypted of length + 16 using a
* secret key crypto_box_KEYBYTES big and a 24 byte nonce.
*
* return -1 if there was a problem.
* return length of encrypted data if everything was fine.
*/
static int32_t encrypt_data_symmetric(
const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain,
uint32_t length, uint8_t *encrypted);
/**
* Decrypts encrypted of length length to plain of length length - 16 using a
* secret key crypto_box_KEYBYTES big and a 24 byte nonce.
*
* return -1 if there was a problem (decryption failed).
* return length of plain data if everything was fine.
*/
static int32_t decrypt_data_symmetric(
const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted,
uint32_t length, uint8_t *plain);
/**
* Increment the given nonce by 1.
*/
static void increment_nonce(uint8_t *nonce);
/**
* Increment the given nonce by num.
*/
static void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num);
/**
* Fill the given nonce with random bytes.
*/
static void random_nonce(uint8_t *nonce);
/**
* Fill a key crypto_box_KEYBYTES big with random bytes.
*/
static void new_symmetric_key(uint8_t *key);
%{
#endif
%}
|
