From ce29c8e7ec91d95167b2dea3aee9fd1ae1aac254 Mon Sep 17 00:00:00 2001 From: iphydf Date: Mon, 19 Dec 2016 02:47:42 +0000 Subject: [PATCH] Wrap all sodium/nacl functions in crypto_core.c. --- auto_tests/TCP_test.c | 190 ++++++++++---------- auto_tests/crypto_test.c | 88 ++++----- auto_tests/dht_test.c | 90 +++++----- auto_tests/encryptsave_test.c | 10 +- auto_tests/onion_test.c | 62 ++++--- other/DHT_bootstrap.c | 10 +- other/bootstrap_daemon/src/config.c | 2 +- other/bootstrap_daemon/src/tox-bootstrapd.c | 14 +- testing/DHT_test.c | 4 +- testing/hstox/binary_decode.c | 6 +- testing/hstox/binary_encode.c | 6 +- testing/hstox/methods.c | 28 +-- toxcore/DHT.c | 186 +++++++++---------- toxcore/DHT.h | 28 +-- toxcore/LAN_discovery.c | 10 +- toxcore/Messenger.c | 38 ++-- toxcore/Messenger.h | 6 +- toxcore/TCP_client.c | 60 +++---- toxcore/TCP_client.h | 14 +- toxcore/TCP_connection.c | 18 +- toxcore/TCP_connection.h | 4 +- toxcore/TCP_server.c | 72 ++++---- toxcore/TCP_server.h | 16 +- toxcore/crypto_core.api.h | 83 ++++++--- toxcore/crypto_core.c | 95 +++++++++- toxcore/crypto_core.h | 100 ++++++++--- toxcore/friend_connection.c | 10 +- toxcore/friend_connection.h | 4 +- toxcore/friend_requests.c | 2 +- toxcore/friend_requests.h | 2 +- toxcore/group.c | 66 +++---- toxcore/group.h | 14 +- toxcore/net_crypto.c | 180 +++++++++---------- toxcore/net_crypto.h | 36 ++-- toxcore/onion.c | 144 +++++++-------- toxcore/onion.h | 34 ++-- toxcore/onion_announce.c | 88 ++++----- toxcore/onion_announce.h | 22 +-- toxcore/onion_client.c | 106 +++++------ toxcore/onion_client.h | 22 +-- toxcore/ping.c | 44 ++--- toxcore/tox.c | 30 ++-- toxcore/util.c | 6 +- toxdns/toxdns.c | 33 ++-- toxencryptsave/toxencryptsave.c | 9 +- 45 files changed, 1142 insertions(+), 950 deletions(-) diff --git a/auto_tests/TCP_test.c b/auto_tests/TCP_test.c index 4fdb8a88bb..d9013378cd 100644 --- a/auto_tests/TCP_test.c +++ b/auto_tests/TCP_test.c @@ -29,9 +29,9 @@ static uint16_t ports[NUM_PORTS] = {1234, 33445, 25643}; START_TEST(test_basic) { - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(self_public_key, self_secret_key); + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(self_public_key, self_secret_key); TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server"); ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports"); @@ -45,23 +45,23 @@ START_TEST(test_basic) int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback)); ck_assert_msg(ret == 0, "Failed to connect to TCP relay server"); - uint8_t f_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; - uint8_t f_nonce[crypto_box_NONCEBYTES]; - crypto_box_keypair(f_public_key, f_secret_key); + uint8_t f_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE]; + uint8_t f_nonce[CRYPTO_NONCE_SIZE]; + crypto_new_keypair(f_public_key, f_secret_key); random_nonce(f_nonce); - uint8_t t_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t t_secret_key[CRYPTO_SECRET_KEY_SIZE]; uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE]; - crypto_box_keypair(handshake_plain, t_secret_key); - memcpy(handshake_plain + crypto_box_PUBLICKEYBYTES, f_nonce, crypto_box_NONCEBYTES); + crypto_new_keypair(handshake_plain, t_secret_key); + memcpy(handshake_plain + CRYPTO_PUBLIC_KEY_SIZE, f_nonce, CRYPTO_NONCE_SIZE); uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE]; - memcpy(handshake, f_public_key, crypto_box_PUBLICKEYBYTES); - random_nonce(handshake + crypto_box_PUBLICKEYBYTES); + memcpy(handshake, f_public_key, CRYPTO_PUBLIC_KEY_SIZE); + random_nonce(handshake + CRYPTO_PUBLIC_KEY_SIZE); - ret = encrypt_data(self_public_key, f_secret_key, handshake + crypto_box_PUBLICKEYBYTES, handshake_plain, - TCP_HANDSHAKE_PLAIN_SIZE, handshake + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); - ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES), + ret = encrypt_data(self_public_key, f_secret_key, handshake + CRYPTO_PUBLIC_KEY_SIZE, handshake_plain, + TCP_HANDSHAKE_PLAIN_SIZE, handshake + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE); + ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE), "Encrypt failed."); ck_assert_msg(send(sock, (const char *)handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1, "send Failed."); @@ -79,20 +79,20 @@ START_TEST(test_basic) uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE]; ck_assert_msg(recv(sock, (char *)response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed."); - ret = decrypt_data(self_public_key, f_secret_key, response, response + crypto_box_NONCEBYTES, - TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, response_plain); + ret = decrypt_data(self_public_key, f_secret_key, response, response + CRYPTO_NONCE_SIZE, + TCP_SERVER_HANDSHAKE_SIZE - CRYPTO_NONCE_SIZE, response_plain); ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed."); - uint8_t f_nonce_r[crypto_box_NONCEBYTES]; - uint8_t f_shared_key[crypto_box_BEFORENMBYTES]; + uint8_t f_nonce_r[CRYPTO_NONCE_SIZE]; + uint8_t f_shared_key[CRYPTO_SHARED_KEY_SIZE]; encrypt_precompute(response_plain, t_secret_key, f_shared_key); - memcpy(f_nonce_r, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES); + memcpy(f_nonce_r, response_plain + CRYPTO_SHARED_KEY_SIZE, CRYPTO_NONCE_SIZE); - uint8_t r_req_p[1 + crypto_box_PUBLICKEYBYTES] = {0}; - memcpy(r_req_p + 1, f_public_key, crypto_box_PUBLICKEYBYTES); - uint8_t r_req[2 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES]; - uint16_t size = 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES; + uint8_t r_req_p[1 + CRYPTO_PUBLIC_KEY_SIZE] = {0}; + memcpy(r_req_p + 1, f_public_key, CRYPTO_PUBLIC_KEY_SIZE); + uint8_t r_req[2 + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE]; + uint16_t size = 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE; size = htons(size); - encrypt_data_symmetric(f_shared_key, f_nonce, r_req_p, 1 + crypto_box_PUBLICKEYBYTES, r_req + 2); + encrypt_data_symmetric(f_shared_key, f_nonce, r_req_p, 1 + CRYPTO_PUBLIC_KEY_SIZE, r_req + 2); increment_nonce(f_nonce); memcpy(r_req, &size, 2); uint32_t i; @@ -107,11 +107,11 @@ START_TEST(test_basic) do_TCP_server(tcp_s); c_sleep(50); uint8_t packet_resp[4096]; - int recv_data_len = recv(sock, (char *)packet_resp, 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, 0); - ck_assert_msg(recv_data_len == 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, + int recv_data_len = recv(sock, (char *)packet_resp, 2 + 2 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE, 0); + ck_assert_msg(recv_data_len == 2 + 2 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE, "recv Failed. %u", recv_data_len); memcpy(&size, packet_resp, 2); - ck_assert_msg(ntohs(size) == 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, "Wrong packet size."); + ck_assert_msg(ntohs(size) == 2 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE, "Wrong packet size."); uint8_t packet_resp_plain[4096]; ret = decrypt_data_symmetric(f_shared_key, f_nonce_r, packet_resp + 2, recv_data_len - 2, packet_resp_plain); ck_assert_msg(ret != -1, "decryption failed"); @@ -125,10 +125,10 @@ END_TEST struct sec_TCP_con { sock_t sock; - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t recv_nonce[crypto_box_NONCEBYTES]; - uint8_t sent_nonce[crypto_box_NONCEBYTES]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; + uint8_t sent_nonce[CRYPTO_NONCE_SIZE]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; }; static struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s) @@ -143,21 +143,21 @@ static struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s) int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback)); ck_assert_msg(ret == 0, "Failed to connect to TCP relay server"); - uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(sec_c->public_key, f_secret_key); + uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(sec_c->public_key, f_secret_key); random_nonce(sec_c->sent_nonce); - uint8_t t_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t t_secret_key[CRYPTO_SECRET_KEY_SIZE]; uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE]; - crypto_box_keypair(handshake_plain, t_secret_key); - memcpy(handshake_plain + crypto_box_PUBLICKEYBYTES, sec_c->sent_nonce, crypto_box_NONCEBYTES); + crypto_new_keypair(handshake_plain, t_secret_key); + memcpy(handshake_plain + CRYPTO_PUBLIC_KEY_SIZE, sec_c->sent_nonce, CRYPTO_NONCE_SIZE); uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE]; - memcpy(handshake, sec_c->public_key, crypto_box_PUBLICKEYBYTES); - random_nonce(handshake + crypto_box_PUBLICKEYBYTES); + memcpy(handshake, sec_c->public_key, CRYPTO_PUBLIC_KEY_SIZE); + random_nonce(handshake + CRYPTO_PUBLIC_KEY_SIZE); - ret = encrypt_data(tcp_server_public_key(tcp_s), f_secret_key, handshake + crypto_box_PUBLICKEYBYTES, handshake_plain, - TCP_HANDSHAKE_PLAIN_SIZE, handshake + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); - ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES), + ret = encrypt_data(tcp_server_public_key(tcp_s), f_secret_key, handshake + CRYPTO_PUBLIC_KEY_SIZE, handshake_plain, + TCP_HANDSHAKE_PLAIN_SIZE, handshake + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE); + ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE), "Encrypt failed."); ck_assert_msg(send(sock, (const char *)handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1, "send Failed."); @@ -169,11 +169,11 @@ static struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s) uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE]; ck_assert_msg(recv(sock, (char *)response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed."); - ret = decrypt_data(tcp_server_public_key(tcp_s), f_secret_key, response, response + crypto_box_NONCEBYTES, - TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, response_plain); + ret = decrypt_data(tcp_server_public_key(tcp_s), f_secret_key, response, response + CRYPTO_NONCE_SIZE, + TCP_SERVER_HANDSHAKE_SIZE - CRYPTO_NONCE_SIZE, response_plain); ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed."); encrypt_precompute(response_plain, t_secret_key, sec_c->shared_key); - memcpy(sec_c->recv_nonce, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES); + memcpy(sec_c->recv_nonce, response_plain + CRYPTO_SHARED_KEY_SIZE, CRYPTO_NONCE_SIZE); sec_c->sock = sock; return sec_c; } @@ -186,9 +186,9 @@ static void kill_TCP_con(struct sec_TCP_con *con) static int write_packet_TCP_secure_connection(struct sec_TCP_con *con, uint8_t *data, uint16_t length) { - uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES]; + uint8_t packet[sizeof(uint16_t) + length + CRYPTO_MAC_SIZE]; - uint16_t c_length = htons(length + crypto_box_MACBYTES); + uint16_t c_length = htons(length + CRYPTO_MAC_SIZE); memcpy(packet, &c_length, sizeof(uint16_t)); int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t)); @@ -214,9 +214,9 @@ static int read_packet_sec_TCP(struct sec_TCP_con *con, uint8_t *data, uint16_t START_TEST(test_some) { - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(self_public_key, self_secret_key); + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(self_public_key, self_secret_key); TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server"); ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports"); @@ -225,22 +225,22 @@ START_TEST(test_some) struct sec_TCP_con *con2 = new_TCP_con(tcp_s); struct sec_TCP_con *con3 = new_TCP_con(tcp_s); - uint8_t requ_p[1 + crypto_box_PUBLICKEYBYTES]; + uint8_t requ_p[1 + CRYPTO_PUBLIC_KEY_SIZE]; requ_p[0] = 0; - memcpy(requ_p + 1, con3->public_key, crypto_box_PUBLICKEYBYTES); + memcpy(requ_p + 1, con3->public_key, CRYPTO_PUBLIC_KEY_SIZE); write_packet_TCP_secure_connection(con1, requ_p, sizeof(requ_p)); - memcpy(requ_p + 1, con1->public_key, crypto_box_PUBLICKEYBYTES); + memcpy(requ_p + 1, con1->public_key, CRYPTO_PUBLIC_KEY_SIZE); write_packet_TCP_secure_connection(con3, requ_p, sizeof(requ_p)); do_TCP_server(tcp_s); c_sleep(50); uint8_t data[2048]; - int len = read_packet_sec_TCP(con1, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES); - ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len); + int len = read_packet_sec_TCP(con1, data, 2 + 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE); + ck_assert_msg(len == 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE, "wrong len %u", len); ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]); ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]); ck_assert_msg(public_key_cmp(data + 2, con3->public_key) == 0, "key in packet wrong"); - len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES); - ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len); + len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE); + ck_assert_msg(len == 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE, "wrong len %u", len); ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]); ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]); ck_assert_msg(public_key_cmp(data + 2, con1->public_key) == 0, "key in packet wrong"); @@ -252,23 +252,23 @@ START_TEST(test_some) c_sleep(50); do_TCP_server(tcp_s); c_sleep(50); - len = read_packet_sec_TCP(con1, data, 2 + 2 + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con1, data, 2 + 2 + CRYPTO_MAC_SIZE); ck_assert_msg(len == 2, "wrong len %u", len); ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]); ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]); - len = read_packet_sec_TCP(con3, data, 2 + 2 + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con3, data, 2 + 2 + CRYPTO_MAC_SIZE); ck_assert_msg(len == 2, "wrong len %u", len); ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]); ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]); - len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE); ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); - len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE); ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); - len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE); ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); @@ -278,15 +278,15 @@ START_TEST(test_some) c_sleep(50); do_TCP_server(tcp_s); c_sleep(50); - len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE); ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); - len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE); ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); - len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con3, data, 2 + sizeof(test_packet) + CRYPTO_MAC_SIZE); ck_assert_msg(len == sizeof(test_packet), "wrong len %u", len); ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong %u %u %u %u", data[0], data[1], data[sizeof(test_packet) - 2], data[sizeof(test_packet) - 1]); @@ -296,7 +296,7 @@ START_TEST(test_some) c_sleep(50); do_TCP_server(tcp_s); c_sleep(50); - len = read_packet_sec_TCP(con1, data, 2 + sizeof(ping_packet) + crypto_box_MACBYTES); + len = read_packet_sec_TCP(con1, data, 2 + sizeof(ping_packet) + CRYPTO_MAC_SIZE); ck_assert_msg(len == sizeof(ping_packet), "wrong len %u", len); ck_assert_msg(data[0] == 5, "wrong packet id %u", data[0]); ck_assert_msg(memcmp(ping_packet + 1, data + 1, sizeof(uint64_t)) == 0, "wrong packet data"); @@ -309,7 +309,7 @@ END_TEST static int response_callback_good; static uint8_t response_callback_connection_id; -static uint8_t response_callback_public_key[crypto_box_PUBLICKEYBYTES]; +static uint8_t response_callback_public_key[CRYPTO_PUBLIC_KEY_SIZE]; static int response_callback(void *object, uint8_t connection_id, const uint8_t *public_key) { if (set_tcp_connection_number((TCP_Client_Connection *)((char *)object - 2), connection_id, 7) != 0) { @@ -317,7 +317,7 @@ static int response_callback(void *object, uint8_t connection_id, const uint8_t } response_callback_connection_id = connection_id; - memcpy(response_callback_public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(response_callback_public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); response_callback_good++; return 0; } @@ -364,7 +364,7 @@ static int data_callback(void *object, uint32_t number, uint8_t connection_id, c } static int oob_data_callback_good; -static uint8_t oob_pubkey[crypto_box_PUBLICKEYBYTES]; +static uint8_t oob_pubkey[CRYPTO_PUBLIC_KEY_SIZE]; static int oob_data_callback(void *object, const uint8_t *public_key, const uint8_t *data, uint16_t length, void *userdata) { @@ -391,16 +391,16 @@ static int oob_data_callback(void *object, const uint8_t *public_key, const uint START_TEST(test_client) { unix_time_update(); - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(self_public_key, self_secret_key); + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(self_public_key, self_secret_key); TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server"); ck_assert_msg(tcp_server_listen_count(tcp_s) == NUM_PORTS, "Failed to bind to all ports"); - uint8_t f_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(f_public_key, f_secret_key); + uint8_t f_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(f_public_key, f_secret_key); IP_Port ip_port_tcp_s; ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]); @@ -430,9 +430,9 @@ START_TEST(test_client) ck_assert_msg(conn->status == TCP_CLIENT_CONFIRMED, "Wrong status. Expected: %u, is: %u", TCP_CLIENT_CONFIRMED, conn->status); - uint8_t f2_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t f2_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(f2_public_key, f2_secret_key); + uint8_t f2_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t f2_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(f2_public_key, f2_secret_key); ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]); TCP_Client_Connection *conn2 = new_TCP_connection(ip_port_tcp_s, self_public_key, f2_public_key, f2_secret_key, 0); routing_response_handler(conn, response_callback, (char *)conn + 2); @@ -450,7 +450,7 @@ START_TEST(test_client) do_TCP_connection(conn2, NULL); c_sleep(50); uint8_t data[5] = {1, 2, 3, 4, 5}; - memcpy(oob_pubkey, f2_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(oob_pubkey, f2_public_key, CRYPTO_PUBLIC_KEY_SIZE); send_oob_packet(conn2, f_public_key, data, 5); send_routing_request(conn, f2_public_key); send_routing_request(conn2, f_public_key); @@ -492,13 +492,13 @@ END_TEST START_TEST(test_client_invalid) { unix_time_update(); - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(self_public_key, self_secret_key); + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(self_public_key, self_secret_key); - uint8_t f_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t f_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(f_public_key, f_secret_key); + uint8_t f_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t f_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(f_public_key, f_secret_key); IP_Port ip_port_tcp_s; ip_port_tcp_s.port = htons(ports[rand() % NUM_PORTS]); @@ -552,19 +552,19 @@ START_TEST(test_tcp_connection) { tcp_data_callback_called = 0; unix_time_update(); - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(self_public_key, self_secret_key); + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(self_public_key, self_secret_key); TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); ck_assert_msg(public_key_cmp(tcp_server_public_key(tcp_s), self_public_key) == 0, "Wrong public key"); TCP_Proxy_Info proxy_info; proxy_info.proxy_type = TCP_PROXY_NONE; - crypto_box_keypair(self_public_key, self_secret_key); + crypto_new_keypair(self_public_key, self_secret_key); TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info); ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_1), self_public_key) == 0, "Wrong public key"); - crypto_box_keypair(self_public_key, self_secret_key); + crypto_new_keypair(self_public_key, self_secret_key); TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info); ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_2), self_public_key) == 0, "Wrong public key"); @@ -661,19 +661,19 @@ START_TEST(test_tcp_connection2) tcp_data_callback_called = 0; unix_time_update(); - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(self_public_key, self_secret_key); + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(self_public_key, self_secret_key); TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); ck_assert_msg(public_key_cmp(tcp_server_public_key(tcp_s), self_public_key) == 0, "Wrong public key"); TCP_Proxy_Info proxy_info; proxy_info.proxy_type = TCP_PROXY_NONE; - crypto_box_keypair(self_public_key, self_secret_key); + crypto_new_keypair(self_public_key, self_secret_key); TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info); ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_1), self_public_key) == 0, "Wrong public key"); - crypto_box_keypair(self_public_key, self_secret_key); + crypto_new_keypair(self_public_key, self_secret_key); TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info); ck_assert_msg(public_key_cmp(tcp_connections_public_key(tc_2), self_public_key) == 0, "Wrong public key"); diff --git a/auto_tests/crypto_test.c b/auto_tests/crypto_test.c index ce2101cc28..c1003f8014 100644 --- a/auto_tests/crypto_test.c +++ b/auto_tests/crypto_test.c @@ -91,8 +91,8 @@ START_TEST(test_known) unsigned char m[131]; int clen, mlen; - ck_assert_msg(sizeof(c) == sizeof(m) + crypto_box_MACBYTES * sizeof(unsigned char), - "cyphertext should be crypto_box_MACBYTES bytes longer than plaintext"); + ck_assert_msg(sizeof(c) == sizeof(m) + CRYPTO_MAC_SIZE * sizeof(unsigned char), + "cyphertext should be CRYPTO_MAC_SIZE bytes longer than plaintext"); ck_assert_msg(sizeof(test_c) == sizeof(c), "sanity check failed"); ck_assert_msg(sizeof(test_m) == sizeof(m), "sanity check failed"); @@ -110,15 +110,15 @@ END_TEST START_TEST(test_fast_known) { - unsigned char k[crypto_box_BEFORENMBYTES]; + unsigned char k[CRYPTO_SHARED_KEY_SIZE]; unsigned char c[147]; unsigned char m[131]; int clen, mlen; encrypt_precompute(bobpk, alicesk, k); - ck_assert_msg(sizeof(c) == sizeof(m) + crypto_box_MACBYTES * sizeof(unsigned char), - "cyphertext should be crypto_box_MACBYTES bytes longer than plaintext"); + ck_assert_msg(sizeof(c) == sizeof(m) + CRYPTO_MAC_SIZE * sizeof(unsigned char), + "cyphertext should be CRYPTO_MAC_SIZE bytes longer than plaintext"); ck_assert_msg(sizeof(test_c) == sizeof(c), "sanity check failed"); ck_assert_msg(sizeof(test_m) == sizeof(m), "sanity check failed"); @@ -136,20 +136,20 @@ END_TEST START_TEST(test_endtoend) { - unsigned char pk1[crypto_box_PUBLICKEYBYTES]; - unsigned char sk1[crypto_box_SECRETKEYBYTES]; - unsigned char pk2[crypto_box_PUBLICKEYBYTES]; - unsigned char sk2[crypto_box_SECRETKEYBYTES]; - unsigned char k1[crypto_box_BEFORENMBYTES]; - unsigned char k2[crypto_box_BEFORENMBYTES]; + unsigned char pk1[CRYPTO_PUBLIC_KEY_SIZE]; + unsigned char sk1[CRYPTO_SECRET_KEY_SIZE]; + unsigned char pk2[CRYPTO_PUBLIC_KEY_SIZE]; + unsigned char sk2[CRYPTO_SECRET_KEY_SIZE]; + unsigned char k1[CRYPTO_SHARED_KEY_SIZE]; + unsigned char k2[CRYPTO_SHARED_KEY_SIZE]; - unsigned char n[crypto_box_NONCEBYTES]; + unsigned char n[CRYPTO_NONCE_SIZE]; unsigned char m[500]; - unsigned char c1[sizeof(m) + crypto_box_MACBYTES]; - unsigned char c2[sizeof(m) + crypto_box_MACBYTES]; - unsigned char c3[sizeof(m) + crypto_box_MACBYTES]; - unsigned char c4[sizeof(m) + crypto_box_MACBYTES]; + unsigned char c1[sizeof(m) + CRYPTO_MAC_SIZE]; + unsigned char c2[sizeof(m) + CRYPTO_MAC_SIZE]; + unsigned char c3[sizeof(m) + CRYPTO_MAC_SIZE]; + unsigned char c4[sizeof(m) + CRYPTO_MAC_SIZE]; unsigned char m1[sizeof(m)]; unsigned char m2[sizeof(m)]; unsigned char m3[sizeof(m)]; @@ -166,17 +166,17 @@ START_TEST(test_endtoend) //Generate random message (random length from 100 to 500) mlen = (rand() % 400) + 100; rand_bytes(m, mlen); - rand_bytes(n, crypto_box_NONCEBYTES); + rand_bytes(n, CRYPTO_NONCE_SIZE); //Generate keypairs - crypto_box_keypair(pk1, sk1); - crypto_box_keypair(pk2, sk2); + crypto_new_keypair(pk1, sk1); + crypto_new_keypair(pk2, sk2); //Precompute shared keys encrypt_precompute(pk2, sk1, k1); encrypt_precompute(pk1, sk2, k2); - ck_assert_msg(memcmp(k1, k2, crypto_box_BEFORENMBYTES) == 0, "encrypt_precompute: bad"); + ck_assert_msg(memcmp(k1, k2, CRYPTO_SHARED_KEY_SIZE) == 0, "encrypt_precompute: bad"); //Encrypt all four ways c1len = encrypt_data(pk2, sk1, n, m, mlen, c1); @@ -185,7 +185,7 @@ START_TEST(test_endtoend) c4len = encrypt_data_symmetric(k2, n, m, mlen, c4); ck_assert_msg(c1len == c2len && c1len == c3len && c1len == c4len, "cyphertext lengths differ"); - ck_assert_msg(c1len == mlen + (int)crypto_box_MACBYTES, "wrong cyphertext length"); + ck_assert_msg(c1len == mlen + (int)CRYPTO_MAC_SIZE, "wrong cyphertext length"); ck_assert_msg(memcmp(c1, c2, c1len) == 0 && memcmp(c1, c3, c1len) == 0 && memcmp(c1, c4, c1len) == 0, "crypertexts differ"); @@ -206,16 +206,16 @@ END_TEST START_TEST(test_large_data) { - unsigned char k[crypto_box_BEFORENMBYTES]; + unsigned char k[CRYPTO_SHARED_KEY_SIZE]; - unsigned char n[crypto_box_NONCEBYTES]; + unsigned char n[CRYPTO_NONCE_SIZE]; - unsigned char m1[MAX_CRYPTO_PACKET_SIZE - crypto_box_MACBYTES]; - unsigned char c1[sizeof(m1) + crypto_box_MACBYTES]; + unsigned char m1[MAX_CRYPTO_PACKET_SIZE - CRYPTO_MAC_SIZE]; + unsigned char c1[sizeof(m1) + CRYPTO_MAC_SIZE]; unsigned char m1prime[sizeof(m1)]; unsigned char m2[MAX_CRYPTO_PACKET_SIZE]; - unsigned char c2[sizeof(m2) + crypto_box_MACBYTES]; + unsigned char c2[sizeof(m2) + CRYPTO_MAC_SIZE]; int c1len, c2len; int m1plen; @@ -223,16 +223,16 @@ START_TEST(test_large_data) //Generate random messages rand_bytes(m1, sizeof(m1)); rand_bytes(m2, sizeof(m2)); - rand_bytes(n, crypto_box_NONCEBYTES); + rand_bytes(n, CRYPTO_NONCE_SIZE); //Generate key - rand_bytes(k, crypto_box_BEFORENMBYTES); + rand_bytes(k, CRYPTO_SHARED_KEY_SIZE); c1len = encrypt_data_symmetric(k, n, m1, sizeof(m1), c1); c2len = encrypt_data_symmetric(k, n, m2, sizeof(m2), c2); - ck_assert_msg(c1len == sizeof(m1) + crypto_box_MACBYTES, "could not encrypt"); - ck_assert_msg(c2len == sizeof(m2) + crypto_box_MACBYTES, "could not encrypt"); + ck_assert_msg(c1len == sizeof(m1) + CRYPTO_MAC_SIZE, "could not encrypt"); + ck_assert_msg(c2len == sizeof(m2) + CRYPTO_MAC_SIZE, "could not encrypt"); m1plen = decrypt_data_symmetric(k, n, c1, c1len, m1prime); @@ -243,12 +243,12 @@ END_TEST START_TEST(test_large_data_symmetric) { - unsigned char k[crypto_box_KEYBYTES]; + unsigned char k[CRYPTO_SYMMETRIC_KEY_SIZE]; - unsigned char n[crypto_box_NONCEBYTES]; + unsigned char n[CRYPTO_NONCE_SIZE]; unsigned char m1[16 * 16 * 16]; - unsigned char c1[sizeof(m1) + crypto_box_MACBYTES]; + unsigned char c1[sizeof(m1) + CRYPTO_MAC_SIZE]; unsigned char m1prime[sizeof(m1)]; int c1len; @@ -256,13 +256,13 @@ START_TEST(test_large_data_symmetric) //Generate random messages rand_bytes(m1, sizeof(m1)); - rand_bytes(n, crypto_box_NONCEBYTES); + rand_bytes(n, CRYPTO_NONCE_SIZE); //Generate key new_symmetric_key(k); c1len = encrypt_data_symmetric(k, n, m1, sizeof(m1), c1); - ck_assert_msg(c1len == sizeof(m1) + crypto_box_MACBYTES, "could not encrypt data"); + ck_assert_msg(c1len == sizeof(m1) + CRYPTO_MAC_SIZE, "could not encrypt data"); m1plen = decrypt_data_symmetric(k, n, c1, c1len, m1prime); @@ -274,14 +274,14 @@ END_TEST static void increment_nonce_number_cmp(uint8_t *nonce, uint32_t num) { uint32_t num1, num2; - memcpy(&num1, nonce + (crypto_box_NONCEBYTES - sizeof(num1)), sizeof(num1)); + memcpy(&num1, nonce + (CRYPTO_NONCE_SIZE - sizeof(num1)), sizeof(num1)); num1 = ntohl(num1); num2 = num + num1; if (num2 < num1) { uint32_t i; - for (i = crypto_box_NONCEBYTES - sizeof(num1); i != 0; --i) { + for (i = CRYPTO_NONCE_SIZE - sizeof(num1); i != 0; --i) { ++nonce[i - 1]; if (nonce[i - 1] != 0) { @@ -291,34 +291,34 @@ static void increment_nonce_number_cmp(uint8_t *nonce, uint32_t num) } num2 = htonl(num2); - memcpy(nonce + (crypto_box_NONCEBYTES - sizeof(num2)), &num2, sizeof(num2)); + memcpy(nonce + (CRYPTO_NONCE_SIZE - sizeof(num2)), &num2, sizeof(num2)); } START_TEST(test_increment_nonce) { long long unsigned int i; - uint8_t n[crypto_box_NONCEBYTES]; + uint8_t n[CRYPTO_NONCE_SIZE]; - for (i = 0; i < crypto_box_NONCEBYTES; ++i) { + for (i = 0; i < CRYPTO_NONCE_SIZE; ++i) { n[i] = rand(); } - uint8_t n1[crypto_box_NONCEBYTES]; + uint8_t n1[CRYPTO_NONCE_SIZE]; - memcpy(n1, n, crypto_box_NONCEBYTES); + memcpy(n1, n, CRYPTO_NONCE_SIZE); for (i = 0; i < (1 << 18); ++i) { increment_nonce_number_cmp(n, 1); increment_nonce(n1); - ck_assert_msg(memcmp(n, n1, crypto_box_NONCEBYTES) == 0, "Bad increment_nonce function"); + ck_assert_msg(memcmp(n, n1, CRYPTO_NONCE_SIZE) == 0, "Bad increment_nonce function"); } for (i = 0; i < (1 << 18); ++i) { uint32_t r = rand(); increment_nonce_number_cmp(n, r); increment_nonce_number(n1, r); - ck_assert_msg(memcmp(n, n1, crypto_box_NONCEBYTES) == 0, "Bad increment_nonce_number function"); + ck_assert_msg(memcmp(n, n1, CRYPTO_NONCE_SIZE) == 0, "Bad increment_nonce_number function"); } } END_TEST diff --git a/auto_tests/dht_test.c b/auto_tests/dht_test.c index 1140655481..7734e64a75 100644 --- a/auto_tests/dht_test.c +++ b/auto_tests/dht_test.c @@ -12,7 +12,8 @@ // These tests currently fail. -#if 0 +static bool enable_broken_tests = false; + #define swap(x,y) do \ { unsigned char swap_temp[sizeof(x) == sizeof(y) ? (signed)sizeof(x) : -1]; \ memcpy(swap_temp,&y,sizeof(x)); \ @@ -93,14 +94,14 @@ static void test_addto_lists_update(DHT *dht, { int used, test, test1, test2, found; IP_Port test_ipp; - uint8_t test_id[crypto_box_PUBLICKEYBYTES]; + uint8_t test_id[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; // check id update for existing ip_port test = rand() % length; ipport_copy(&test_ipp, ipv6 ? &list[test].assoc6.ip_port : &list[test].assoc4.ip_port); - randombytes(test_id, sizeof(test_id)); + random_bytes(test_id, sizeof(test_id)); used = addto_lists(dht, test_ipp, test_id); ck_assert_msg(used >= 1, "Wrong number of added clients"); // it is possible to have ip_port duplicates in the list, so ip_port @ found not always equal to ip_port @ test @@ -167,11 +168,11 @@ static void test_addto_lists_bad(DHT *dht, { // check "bad" clients replacement int used, test1, test2, test3; - uint8_t public_key[crypto_box_PUBLICKEYBYTES], test_id1[crypto_box_PUBLICKEYBYTES], test_id2[crypto_box_PUBLICKEYBYTES], - test_id3[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE], test_id1[CRYPTO_PUBLIC_KEY_SIZE], test_id2[CRYPTO_PUBLIC_KEY_SIZE], + test_id3[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; - randombytes(public_key, sizeof(public_key)); + random_bytes(public_key, sizeof(public_key)); mark_all_good(list, length, ipv6); test1 = rand() % (length / 3); @@ -211,11 +212,11 @@ static void test_addto_lists_possible_bad(DHT *dht, { // check "possibly bad" clients replacement int used, test1, test2, test3; - uint8_t public_key[crypto_box_PUBLICKEYBYTES], test_id1[crypto_box_PUBLICKEYBYTES], test_id2[crypto_box_PUBLICKEYBYTES], - test_id3[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE], test_id1[CRYPTO_PUBLIC_KEY_SIZE], test_id2[CRYPTO_PUBLIC_KEY_SIZE], + test_id3[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; - randombytes(public_key, sizeof(public_key)); + random_bytes(public_key, sizeof(public_key)); mark_all_good(list, length, ipv6); test1 = rand() % (length / 3); @@ -274,14 +275,14 @@ static void test_addto_lists_good(DHT *dht, IP_Port *ip_port, const uint8_t *comp_client_id) { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t ipv6 = ip_port->ip.family == AF_INET6 ? 1 : 0; mark_all_good(list, length, ipv6); // check "good" client id replacement do { - randombytes(public_key, sizeof(public_key)); + random_bytes(public_key, sizeof(public_key)); } while (is_furthest(comp_client_id, list, length, public_key)); ip_port->port += 1; @@ -290,7 +291,7 @@ static void test_addto_lists_good(DHT *dht, // check "good" client id skip do { - randombytes(public_key, sizeof(public_key)); + random_bytes(public_key, sizeof(public_key)); } while (!is_furthest(comp_client_id, list, length, public_key)); ip_port->port += 1; @@ -307,12 +308,12 @@ static void test_addto_lists(IP ip) ck_assert_msg(dht != 0, "Failed to create DHT"); IP_Port ip_port = { .ip = ip, .port = TOX_PORT_DEFAULT }; - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; int i, used; // check lists filling for (i = 0; i < MAX(LCLIENT_LIST, MAX_FRIEND_CLIENTS); ++i) { - randombytes(public_key, sizeof(public_key)); + random_bytes(public_key, sizeof(public_key)); used = addto_lists(dht, ip_port, public_key); ck_assert_msg(used == dht->num_friends + 1, "Wrong number of added clients with existing ip_port"); } @@ -325,7 +326,7 @@ static void test_addto_lists(IP ip) for (i = 0; i < MAX(LCLIENT_LIST, MAX_FRIEND_CLIENTS); ++i) { ip_port.port += 1; - randombytes(public_key, sizeof(public_key)); + random_bytes(public_key, sizeof(public_key)); used = addto_lists(dht, ip_port, public_key); ck_assert_msg(used >= 1, "Wrong number of added clients"); } @@ -346,13 +347,15 @@ static void test_addto_lists(IP ip) } // check "possibly bad" entries - /* - test_addto_lists_possible_bad(dht, dht->close_clientlist, LCLIENT_LIST, &ip_port, dht->self_public_key); + if (enable_broken_tests) { + test_addto_lists_possible_bad(dht, dht->close_clientlist, LCLIENT_LIST, &ip_port, dht->self_public_key); + + for (i = 0; i < dht->num_friends; ++i) { + test_addto_lists_possible_bad(dht, dht->friends_list[i].client_list, MAX_FRIEND_CLIENTS, &ip_port, + dht->friends_list[i].public_key); + } + } - for (i = 0; i < dht->num_friends; ++i) - test_addto_lists_possible_bad(dht, dht->friends_list[i].client_list, MAX_FRIEND_CLIENTS, &ip_port, - dht->friends_list[i].public_key); - */ // check "good" entries test_addto_lists_good(dht, dht->close_clientlist, LCLIENT_LIST, &ip_port, dht->self_public_key); @@ -379,7 +382,6 @@ START_TEST(test_addto_lists_ipv6) test_addto_lists(ip); } END_TEST -#endif #define DHT_DEFAULT_PORT (TOX_PORT_DEFAULT + 20) @@ -389,36 +391,36 @@ static void print_pk(uint8_t *public_key) { uint32_t j; - for (j = 0; j < crypto_box_PUBLICKEYBYTES; j++) { + for (j = 0; j < CRYPTO_PUBLIC_KEY_SIZE; j++) { printf("%02hhX", public_key[j]); } printf("\n"); } -static void test_add_to_list(uint8_t cmp_list[][crypto_box_PUBLICKEYBYTES + 1], +static void test_add_to_list(uint8_t cmp_list[][CRYPTO_PUBLIC_KEY_SIZE + 1], unsigned int length, const uint8_t *pk, const uint8_t *cmp_pk) { - uint8_t p_b[crypto_box_PUBLICKEYBYTES]; + uint8_t p_b[CRYPTO_PUBLIC_KEY_SIZE]; unsigned int i; for (i = 0; i < length; ++i) { - if (!cmp_list[i][crypto_box_PUBLICKEYBYTES]) { - memcpy(cmp_list[i], pk, crypto_box_PUBLICKEYBYTES); - cmp_list[i][crypto_box_PUBLICKEYBYTES] = 1; + if (!cmp_list[i][CRYPTO_PUBLIC_KEY_SIZE]) { + memcpy(cmp_list[i], pk, CRYPTO_PUBLIC_KEY_SIZE); + cmp_list[i][CRYPTO_PUBLIC_KEY_SIZE] = 1; return; } - if (memcmp(cmp_list[i], pk, crypto_box_PUBLICKEYBYTES) == 0) { + if (memcmp(cmp_list[i], pk, CRYPTO_PUBLIC_KEY_SIZE) == 0) { return; } } for (i = 0; i < length; ++i) { if (id_closest(cmp_pk, cmp_list[i], pk) == 2) { - memcpy(p_b, cmp_list[i], crypto_box_PUBLICKEYBYTES); - memcpy(cmp_list[i], pk, crypto_box_PUBLICKEYBYTES); + memcpy(p_b, cmp_list[i], CRYPTO_PUBLIC_KEY_SIZE); + memcpy(cmp_list[i], pk, CRYPTO_PUBLIC_KEY_SIZE); test_add_to_list(cmp_list, length, p_b, cmp_pk); break; } @@ -431,7 +433,7 @@ static void test_list_main(void) { DHT *dhts[NUM_DHT]; - uint8_t cmp_list1[NUM_DHT][MAX_FRIEND_CLIENTS][crypto_box_PUBLICKEYBYTES + 1]; + uint8_t cmp_list1[NUM_DHT][MAX_FRIEND_CLIENTS][CRYPTO_PUBLIC_KEY_SIZE + 1]; memset(cmp_list1, 0, sizeof(cmp_list1)); unsigned int i, j, k, l; @@ -480,7 +482,7 @@ static void test_list_main(void) for (l = 0; l < NUM_DHT; ++l) { for (i = 0; i < MAX_FRIEND_CLIENTS; ++i) { for (j = 1; j < NUM_DHT; ++j) { - if (memcmp(cmp_list1[l][i], dhts[(l + j) % NUM_DHT]->self_public_key, crypto_box_PUBLICKEYBYTES) != 0) { + if (memcmp(cmp_list1[l][i], dhts[(l + j) % NUM_DHT]->self_public_key, CRYPTO_PUBLIC_KEY_SIZE) != 0) { continue; } @@ -488,7 +490,7 @@ static void test_list_main(void) for (k = 0; k < LCLIENT_LIST; ++k) { if (memcmp(dhts[l]->self_public_key, dhts[(l + j) % NUM_DHT]->close_clientlist[k].public_key, - crypto_box_PUBLICKEYBYTES) == 0) { + CRYPTO_PUBLIC_KEY_SIZE) == 0) { ++count; } } @@ -519,7 +521,7 @@ static void test_list_main(void) count = 0; for (k = 0; k < MAX_SENT_NODES; ++k) { - if (memcmp(dhts[l]->self_public_key, ln[k].public_key, crypto_box_PUBLICKEYBYTES) == 0) { + if (memcmp(dhts[l]->self_public_key, ln[k].public_key, CRYPTO_PUBLIC_KEY_SIZE) == 0) { ++count; } } @@ -653,16 +655,16 @@ END_TEST START_TEST(test_dht_create_packet) { uint8_t plain[100] = {0}; - uint8_t pkt[1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES]; + uint8_t pkt[1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE]; - uint8_t key[crypto_box_KEYBYTES]; + uint8_t key[CRYPTO_SYMMETRIC_KEY_SIZE]; new_symmetric_key(key); int length = DHT_create_packet(key, key, NET_PACKET_GET_NODES, plain, sizeof(plain), pkt); ck_assert_msg(pkt[0] == NET_PACKET_GET_NODES, "Malformed packet."); - ck_assert_msg(memcmp(pkt + 1, key, crypto_box_KEYBYTES) == 0, "Malformed packet."); - ck_assert_msg(length == 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES, + ck_assert_msg(memcmp(pkt + 1, key, CRYPTO_SYMMETRIC_KEY_SIZE) == 0, "Malformed packet."); + ck_assert_msg(length == 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE, "Invalid size. Should be %d got %d", sizeof(pkt), length); printf("Create Packet Successful!\n"); @@ -676,10 +678,12 @@ static Suite *dht_suite(void) DEFTESTCASE_SLOW(list, 20); DEFTESTCASE_SLOW(DHT_test, 50); -#if 0 - DEFTESTCASE(addto_lists_ipv4); - DEFTESTCASE(addto_lists_ipv6); -#endif + + if (enable_broken_tests) { + DEFTESTCASE(addto_lists_ipv4); + DEFTESTCASE(addto_lists_ipv6); + } + return s; } diff --git a/auto_tests/encryptsave_test.c b/auto_tests/encryptsave_test.c index 895d129b5f..ec98797c50 100644 --- a/auto_tests/encryptsave_test.c +++ b/auto_tests/encryptsave_test.c @@ -17,6 +17,8 @@ #include "../toxencryptsave/toxencryptsave.h" #ifdef VANILLA_NACL #include "../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" +#else +#include #endif static unsigned char test_salt[TOX_PASS_SALT_LENGTH] = {0xB1, 0xC2, 0x09, 0xEE, 0x50, 0x6C, 0xF0, 0x20, 0xC4, 0xD6, 0xEB, 0xC0, 0x44, 0x51, 0x3B, 0x60, 0x4B, 0x39, 0x4A, 0xCF, 0x09, 0x53, 0x4F, 0xEA, 0x08, 0x41, 0xFA, 0xCA, 0x66, 0xD2, 0x68, 0x7F}; @@ -24,7 +26,7 @@ static unsigned char known_key[TOX_PASS_KEY_LENGTH] = {0x29, 0x36, 0x1c, 0x9e, 0 static const char *pw = "hunter2"; static unsigned int pwlen = 7; -static unsigned char known_key2[crypto_box_BEFORENMBYTES] = {0x7a, 0xfa, 0x95, 0x45, 0x36, 0x8a, 0xa2, 0x5c, 0x40, 0xfd, 0xc0, 0xe2, 0x35, 0x8, 0x7, 0x88, 0xfa, 0xf9, 0x37, 0x86, 0xeb, 0xff, 0x50, 0x4f, 0x3, 0xe2, 0xf6, 0xd9, 0xef, 0x9, 0x17, 0x1}; +static unsigned char known_key2[CRYPTO_SHARED_KEY_SIZE] = {0x7a, 0xfa, 0x95, 0x45, 0x36, 0x8a, 0xa2, 0x5c, 0x40, 0xfd, 0xc0, 0xe2, 0x35, 0x8, 0x7, 0x88, 0xfa, 0xf9, 0x37, 0x86, 0xeb, 0xff, 0x50, 0x4f, 0x3, 0xe2, 0xf6, 0xd9, 0xef, 0x9, 0x17, 0x1}; // same as above, except standard opslimit instead of extra ops limit for test_known_kdf, and hash pw before kdf for compat /* cause I'm shameless */ @@ -41,16 +43,16 @@ static void accept_friend_request(Tox *m, const uint8_t *public_key, const uint8 START_TEST(test_known_kdf) { - unsigned char out[crypto_box_BEFORENMBYTES]; + unsigned char out[CRYPTO_SHARED_KEY_SIZE]; int res = crypto_pwhash_scryptsalsa208sha256(out, - crypto_box_BEFORENMBYTES, + CRYPTO_SHARED_KEY_SIZE, pw, pwlen, test_salt, crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 8, crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE); ck_assert_msg(res != -1, "crypto function failed"); - ck_assert_msg(memcmp(out, known_key, crypto_box_BEFORENMBYTES) == 0, "derived key is wrong"); + ck_assert_msg(memcmp(out, known_key, CRYPTO_SHARED_KEY_SIZE) == 0, "derived key is wrong"); } END_TEST diff --git a/auto_tests/onion_test.c b/auto_tests/onion_test.c index 329d7371c8..44ea9c7d1e 100644 --- a/auto_tests/onion_test.c +++ b/auto_tests/onion_test.c @@ -75,22 +75,24 @@ void print_client_id(uint8_t *client_id, uint32_t length) #endif static uint8_t sb_data[ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; static int handled_test_3; -static uint8_t test_3_pub_key[crypto_box_PUBLICKEYBYTES]; -static uint8_t test_3_ping_id[crypto_hash_sha256_BYTES]; +static uint8_t test_3_pub_key[CRYPTO_PUBLIC_KEY_SIZE]; +static uint8_t test_3_ping_id[CRYPTO_SHA256_SIZE]; static int handle_test_3(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) { Onion *onion = (Onion *)object; - if (length != (1 + crypto_box_NONCEBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + 1 + crypto_hash_sha256_BYTES + - crypto_box_MACBYTES)) { + if (length != (1 + CRYPTO_NONCE_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + 1 + CRYPTO_SHA256_SIZE + + CRYPTO_MAC_SIZE)) { return 1; } - uint8_t plain[1 + crypto_hash_sha256_BYTES]; - //print_client_id(packet, length); + uint8_t plain[1 + CRYPTO_SHA256_SIZE]; +#if 0 + print_client_id(packet, length); +#endif int len = decrypt_data(test_3_pub_key, onion->dht->self_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, - packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES, - 1 + crypto_hash_sha256_BYTES + crypto_box_MACBYTES, plain); + packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE, + 1 + CRYPTO_SHA256_SIZE + CRYPTO_MAC_SIZE, plain); if (len == -1) { return 1; @@ -101,31 +103,33 @@ static int handle_test_3(void *object, IP_Port source, const uint8_t *packet, ui return 1; } - memcpy(test_3_ping_id, plain + 1, crypto_hash_sha256_BYTES); - //print_client_id(test_3_ping_id, sizeof(test_3_ping_id)); + memcpy(test_3_ping_id, plain + 1, CRYPTO_SHA256_SIZE); +#if 0 + print_client_id(test_3_ping_id, sizeof(test_3_ping_id)); +#endif handled_test_3 = 1; return 0; } -static uint8_t nonce[crypto_box_NONCEBYTES]; +static uint8_t nonce[CRYPTO_NONCE_SIZE]; static int handled_test_4; static int handle_test_4(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) { Onion *onion = (Onion *)object; - if (length != (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + sizeof("Install gentoo") + - crypto_box_MACBYTES)) { + if (length != (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + sizeof("Install gentoo") + + CRYPTO_MAC_SIZE)) { return 1; } uint8_t plain[sizeof("Install gentoo")] = {0}; - if (memcmp(nonce, packet + 1, crypto_box_NONCEBYTES) != 0) { + if (memcmp(nonce, packet + 1, CRYPTO_NONCE_SIZE) != 0) { return 1; } - int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1, - packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, sizeof("Install gentoo") + crypto_box_MACBYTES, plain); + int len = decrypt_data(packet + 1 + CRYPTO_NONCE_SIZE, onion->dht->self_secret_key, packet + 1, + packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, sizeof("Install gentoo") + CRYPTO_MAC_SIZE, plain); if (len == -1) { return 1; @@ -151,12 +155,12 @@ START_TEST(test_basic) IP_Port on1 = {ip, onion1->net->port}; Node_format n1; - memcpy(n1.public_key, onion1->dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(n1.public_key, onion1->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); n1.ip_port = on1; IP_Port on2 = {ip, onion2->net->port}; Node_format n2; - memcpy(n2.public_key, onion2->dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(n2.public_key, onion2->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); n2.ip_port = on2; Node_format nodes[4]; @@ -190,10 +194,10 @@ START_TEST(test_basic) networking_registerhandler(onion1->net, NET_PACKET_ANNOUNCE_RESPONSE, &handle_test_3, onion1); ck_assert_msg((onion1_a != NULL) && (onion2_a != NULL), "Onion_Announce failed initializing."); uint8_t zeroes[64] = {0}; - randombytes(sb_data, sizeof(sb_data)); + random_bytes(sb_data, sizeof(sb_data)); uint64_t s; memcpy(&s, sb_data, sizeof(uint64_t)); - memcpy(test_3_pub_key, nodes[3].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(test_3_pub_key, nodes[3].public_key, CRYPTO_PUBLIC_KEY_SIZE); ret = send_announce_request(onion1->net, &path, nodes[3], onion1->dht->self_public_key, onion1->dht->self_secret_key, zeroes, onion1->dht->self_public_key, onion1->dht->self_public_key, s); @@ -206,16 +210,16 @@ START_TEST(test_basic) c_sleep(50); } - randombytes(sb_data, sizeof(sb_data)); + random_bytes(sb_data, sizeof(sb_data)); memcpy(&s, sb_data, sizeof(uint64_t)); - memcpy(onion2_a->entries[1].public_key, onion2->dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(onion2_a->entries[1].public_key, onion2->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); onion2_a->entries[1].time = unix_time(); networking_registerhandler(onion1->net, NET_PACKET_ONION_DATA_RESPONSE, &handle_test_4, onion1); send_announce_request(onion1->net, &path, nodes[3], onion1->dht->self_public_key, onion1->dht->self_secret_key, test_3_ping_id, onion1->dht->self_public_key, onion1->dht->self_public_key, s); while (memcmp(onion2_a->entries[ONION_ANNOUNCE_MAX_ENTRIES - 2].public_key, onion1->dht->self_public_key, - crypto_box_PUBLICKEYBYTES) != 0) { + CRYPTO_PUBLIC_KEY_SIZE) != 0) { do_onion(onion1); do_onion(onion2); c_sleep(50); @@ -340,8 +344,8 @@ static void dht_ip_callback(void *object, int32_t number, IP_Port ip_port) } static bool first, last; -static uint8_t first_dht_pk[crypto_box_PUBLICKEYBYTES]; -static uint8_t last_dht_pk[crypto_box_PUBLICKEYBYTES]; +static uint8_t first_dht_pk[CRYPTO_PUBLIC_KEY_SIZE]; +static uint8_t last_dht_pk[CRYPTO_PUBLIC_KEY_SIZE]; static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_public_key, void *userdata) { @@ -355,7 +359,7 @@ static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_pub if (NUM_FIRST == number && !first) { first = 1; - if (memcmp(dht_public_key, last_dht_pk, crypto_box_PUBLICKEYBYTES) != 0) { + if (memcmp(dht_public_key, last_dht_pk, CRYPTO_PUBLIC_KEY_SIZE) != 0) { ck_abort_msg("Error wrong dht key."); } @@ -365,7 +369,7 @@ static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_pub if (NUM_LAST == number && !last) { last = 1; - if (memcmp(dht_public_key, first_dht_pk, crypto_box_PUBLICKEYBYTES) != 0) { + if (memcmp(dht_public_key, first_dht_pk, CRYPTO_PUBLIC_KEY_SIZE) != 0) { ck_abort_msg("Error wrong dht key."); } @@ -422,8 +426,8 @@ START_TEST(test_announce) c_sleep(50); } - memcpy(first_dht_pk, onions[NUM_FIRST]->onion->dht->self_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(last_dht_pk, onions[NUM_LAST]->onion->dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(first_dht_pk, onions[NUM_FIRST]->onion->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(last_dht_pk, onions[NUM_LAST]->onion->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); printf("adding friend\n"); int frnum_f = onion_addfriend(onions[NUM_FIRST]->onion_c, onions[NUM_LAST]->onion_c->c->self_public_key); diff --git a/other/DHT_bootstrap.c b/other/DHT_bootstrap.c index 7a2f7d1325..e056de41de 100644 --- a/other/DHT_bootstrap.c +++ b/other/DHT_bootstrap.c @@ -61,7 +61,7 @@ static void manage_keys(DHT *dht) { - enum { KEYS_SIZE = crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES }; + enum { KEYS_SIZE = CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE }; uint8_t keys[KEYS_SIZE]; FILE *keys_file = fopen("key", "r"); @@ -76,12 +76,12 @@ static void manage_keys(DHT *dht) exit(1); } - memcpy(dht->self_public_key, keys, crypto_box_PUBLICKEYBYTES); - memcpy(dht->self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); + memcpy(dht->self_public_key, keys, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(dht->self_secret_key, keys + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_SECRET_KEY_SIZE); printf("Keys loaded successfully.\n"); } else { - memcpy(keys, dht->self_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(keys + crypto_box_PUBLICKEYBYTES, dht->self_secret_key, crypto_box_SECRETKEYBYTES); + memcpy(keys, dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(keys + CRYPTO_PUBLIC_KEY_SIZE, dht->self_secret_key, CRYPTO_SECRET_KEY_SIZE); keys_file = fopen("key", "w"); if (keys_file == NULL) { diff --git a/other/bootstrap_daemon/src/config.c b/other/bootstrap_daemon/src/config.c index 3e102af910..1dffc84364 100644 --- a/other/bootstrap_daemon/src/config.c +++ b/other/bootstrap_daemon/src/config.c @@ -392,7 +392,7 @@ int bootstrap_from_config(const char *cfg_file_path, DHT *dht, int enable_ipv6) } // Process settings - if (strlen(bs_public_key) != crypto_box_PUBLICKEYBYTES * 2) { + if (strlen(bs_public_key) != CRYPTO_PUBLIC_KEY_SIZE * 2) { write_log(LOG_LEVEL_WARNING, "Bootstrap node #%d: Invalid '%s': %s. Skipping the node.\n", i, NAME_PUBLIC_KEY, bs_public_key); goto next; diff --git a/other/bootstrap_daemon/src/tox-bootstrapd.c b/other/bootstrap_daemon/src/tox-bootstrapd.c index ce1ac5eb3c..4495f88e66 100644 --- a/other/bootstrap_daemon/src/tox-bootstrapd.c +++ b/other/bootstrap_daemon/src/tox-bootstrapd.c @@ -57,7 +57,7 @@ static int manage_keys(DHT *dht, char *keys_file_path) { - enum { KEYS_SIZE = crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES }; + enum { KEYS_SIZE = CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE }; uint8_t keys[KEYS_SIZE]; FILE *keys_file; @@ -72,12 +72,12 @@ static int manage_keys(DHT *dht, char *keys_file_path) return 0; } - memcpy(dht->self_public_key, keys, crypto_box_PUBLICKEYBYTES); - memcpy(dht->self_secret_key, keys + crypto_box_PUBLICKEYBYTES, crypto_box_SECRETKEYBYTES); + memcpy(dht->self_public_key, keys, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(dht->self_secret_key, keys + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_SECRET_KEY_SIZE); } else { // Otherwise save new keys - memcpy(keys, dht->self_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(keys + crypto_box_PUBLICKEYBYTES, dht->self_secret_key, crypto_box_SECRETKEYBYTES); + memcpy(keys, dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(keys + CRYPTO_PUBLIC_KEY_SIZE, dht->self_secret_key, CRYPTO_SECRET_KEY_SIZE); keys_file = fopen(keys_file_path, "w"); @@ -102,12 +102,12 @@ static int manage_keys(DHT *dht, char *keys_file_path) static void print_public_key(const uint8_t *public_key) { - char buffer[2 * crypto_box_PUBLICKEYBYTES + 1]; + char buffer[2 * CRYPTO_PUBLIC_KEY_SIZE + 1]; int index = 0; size_t i; - for (i = 0; i < crypto_box_PUBLICKEYBYTES; i++) { + for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; i++) { index += sprintf(buffer + index, "%02hhX", public_key[i]); } diff --git a/testing/DHT_test.c b/testing/DHT_test.c index 46e6ff7c82..c994f543bf 100644 --- a/testing/DHT_test.c +++ b/testing/DHT_test.c @@ -52,13 +52,13 @@ #define PORT 33445 -static uint8_t zeroes_cid[crypto_box_PUBLICKEYBYTES]; +static uint8_t zeroes_cid[CRYPTO_PUBLIC_KEY_SIZE]; static void print_client_id(uint8_t *public_key) { uint32_t j; - for (j = 0; j < crypto_box_PUBLICKEYBYTES; j++) { + for (j = 0; j < CRYPTO_PUBLIC_KEY_SIZE; j++) { printf("%02hhX", public_key[j]); } } diff --git a/testing/hstox/binary_decode.c b/testing/hstox/binary_decode.c index 49a5550a57..fb3bca43dd 100644 --- a/testing/hstox/binary_decode.c +++ b/testing/hstox/binary_decode.c @@ -52,7 +52,7 @@ static void decode_bytestring(msgpack_object_bin args, msgpack_packer *res, METHOD(bin, Binary_decode, CipherText) { - decode_bytestring(args, res, crypto_box_MACBYTES); + decode_bytestring(args, res, CRYPTO_MAC_SIZE); return 0; } @@ -130,8 +130,8 @@ METHOD(bin, Binary_decode, NodeInfo) } msgpack_pack_uint16(res, port); - msgpack_pack_bin(res, crypto_box_PUBLICKEYBYTES); - msgpack_pack_bin_body(res, &node.public_key, crypto_box_PUBLICKEYBYTES); + msgpack_pack_bin(res, CRYPTO_PUBLIC_KEY_SIZE); + msgpack_pack_bin_body(res, &node.public_key, CRYPTO_PUBLIC_KEY_SIZE); } else { msgpack_pack_nil(res); } diff --git a/testing/hstox/binary_encode.c b/testing/hstox/binary_encode.c index 99c9d4a10d..8809be28e1 100644 --- a/testing/hstox/binary_encode.c +++ b/testing/hstox/binary_encode.c @@ -60,7 +60,7 @@ METHOD(array, Binary_encode, KeyPair) return 0; } -#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES) +#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE) METHOD(array, Binary_encode, NodeInfo) { CHECK_SIZE(args, 3); @@ -85,7 +85,7 @@ METHOD(array, Binary_encode, NodeInfo) CHECK_TYPE(args.ptr[2], MSGPACK_OBJECT_BIN); msgpack_object_bin public_key = args.ptr[2].via.bin; - CHECK_SIZE(public_key, crypto_box_PUBLICKEYBYTES); + CHECK_SIZE(public_key, CRYPTO_PUBLIC_KEY_SIZE); IP_Port ipp; ipp.port = htons(port_number); @@ -131,7 +131,7 @@ METHOD(array, Binary_encode, NodeInfo) Node_format node; node.ip_port = ipp; - memcpy(&node.public_key, public_key.ptr, crypto_box_PUBLICKEYBYTES); + memcpy(&node.public_key, public_key.ptr, CRYPTO_PUBLIC_KEY_SIZE); /* We assume IP6 because it's bigger */ uint8_t packed_node[PACKED_NODE_SIZE_IP6]; diff --git a/testing/hstox/methods.c b/testing/hstox/methods.c index b24fb7c1ed..a242077613 100644 --- a/testing/hstox/methods.c +++ b/testing/hstox/methods.c @@ -26,18 +26,18 @@ METHOD(array, CombinedKey, precompute) METHOD(array, KeyPair, newKeyPair) { - uint8_t key1[crypto_box_PUBLICKEYBYTES]; - uint8_t key2[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(key1, key2); + uint8_t key1[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t key2[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(key1, key2); SUCCESS { // init array msgpack_pack_array(res, 2); - msgpack_pack_bin(res, crypto_box_PUBLICKEYBYTES); - msgpack_pack_bin_body(res, key1, crypto_box_PUBLICKEYBYTES); + msgpack_pack_bin(res, CRYPTO_PUBLIC_KEY_SIZE); + msgpack_pack_bin_body(res, key1, CRYPTO_PUBLIC_KEY_SIZE); - msgpack_pack_bin(res, crypto_box_SECRETKEYBYTES); - msgpack_pack_bin_body(res, key2, crypto_box_SECRETKEYBYTES); + msgpack_pack_bin(res, CRYPTO_SECRET_KEY_SIZE); + msgpack_pack_bin_body(res, key2, CRYPTO_SECRET_KEY_SIZE); } return 0; } @@ -46,20 +46,20 @@ METHOD(array, KeyPair, fromSecretKey) { CHECK_SIZE(args, 1); CHECK_TYPE(args.ptr[0], MSGPACK_OBJECT_BIN); - CHECK_SIZE(args.ptr[0].via.bin, crypto_box_SECRETKEYBYTES); + CHECK_SIZE(args.ptr[0].via.bin, CRYPTO_SECRET_KEY_SIZE); Net_Crypto c; - uint8_t secret_key[crypto_box_SECRETKEYBYTES]; - memcpy(secret_key, args.ptr[0].via.bin.ptr, crypto_box_SECRETKEYBYTES); + uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE]; + memcpy(secret_key, args.ptr[0].via.bin.ptr, CRYPTO_SECRET_KEY_SIZE); load_secret_key(&c, secret_key); SUCCESS { msgpack_pack_array(res, 2); - msgpack_pack_bin(res, crypto_box_PUBLICKEYBYTES); - msgpack_pack_bin_body(res, c.self_secret_key, crypto_box_PUBLICKEYBYTES); - msgpack_pack_bin(res, crypto_box_SECRETKEYBYTES); - msgpack_pack_bin_body(res, c.self_public_key, crypto_box_SECRETKEYBYTES); + msgpack_pack_bin(res, CRYPTO_PUBLIC_KEY_SIZE); + msgpack_pack_bin_body(res, c.self_secret_key, CRYPTO_PUBLIC_KEY_SIZE); + msgpack_pack_bin(res, CRYPTO_SECRET_KEY_SIZE); + msgpack_pack_bin_body(res, c.self_public_key, CRYPTO_SECRET_KEY_SIZE); } return 0; } diff --git a/toxcore/DHT.c b/toxcore/DHT.c index 5185353e14..e31405fd43 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c @@ -68,7 +68,7 @@ int id_closest(const uint8_t *pk, const uint8_t *pk1, const uint8_t *pk2) size_t i; uint8_t distance1, distance2; - for (i = 0; i < crypto_box_PUBLICKEYBYTES; ++i) { + for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; ++i) { distance1 = pk[i] ^ pk1[i]; distance2 = pk[i] ^ pk2[i]; @@ -91,7 +91,7 @@ static unsigned int bit_by_bit_cmp(const uint8_t *pk1, const uint8_t *pk2) { unsigned int i, j = 0; - for (i = 0; i < crypto_box_PUBLICKEYBYTES; ++i) { + for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; ++i) { if (pk1[i] == pk2[i]) { continue; } @@ -123,7 +123,7 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, const uint8_t if (shared_keys->keys[index].stored) { if (public_key_cmp(public_key, shared_keys->keys[index].public_key) == 0) { - memcpy(shared_key, shared_keys->keys[index].shared_key, crypto_box_BEFORENMBYTES); + memcpy(shared_key, shared_keys->keys[index].shared_key, CRYPTO_SHARED_KEY_SIZE); ++shared_keys->keys[index].times_requested; shared_keys->keys[index].time_last_requested = unix_time(); return; @@ -151,8 +151,8 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, const uint8_t if (num != (uint32_t)~0) { shared_keys->keys[curr].stored = 1; shared_keys->keys[curr].times_requested = 1; - memcpy(shared_keys->keys[curr].public_key, public_key, crypto_box_PUBLICKEYBYTES); - memcpy(shared_keys->keys[curr].shared_key, shared_key, crypto_box_BEFORENMBYTES); + memcpy(shared_keys->keys[curr].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(shared_keys->keys[curr].shared_key, shared_key, CRYPTO_SHARED_KEY_SIZE); shared_keys->keys[curr].time_last_requested = unix_time(); } } @@ -190,28 +190,28 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke return -1; } - if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + - crypto_box_MACBYTES) { + if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1 + + CRYPTO_MAC_SIZE) { return -1; } - uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; + uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2; random_nonce(nonce); uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function memcpy(temp + 1, data, length); temp[0] = request_id; int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, - 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + packet); if (len == -1) { return -1; } packet[0] = NET_PACKET_CRYPTO; - memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(packet + 1, recv_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, send_public_key, CRYPTO_PUBLIC_KEY_SIZE); - return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; + return len + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE; } /* Puts the senders public key in the request in public_key, the data from the request @@ -227,7 +227,7 @@ int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_ke return -1; } - if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || + if (length <= CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1 + CRYPTO_MAC_SIZE || length > MAX_CRYPTO_REQUEST_SIZE) { return -1; } @@ -236,12 +236,12 @@ int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_ke return -1; } - memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); - const uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; + memcpy(public_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE); + const uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2; uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): sodium_memzero before exit function int len1 = decrypt_data(public_key, self_secret_key, nonce, - packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, - length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE, + length - (CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1), temp); if (len1 == -1 || len1 == 0) { return -1; @@ -277,8 +277,8 @@ int to_host_family(IP *ip) return -1; } -#define PACKED_NODE_SIZE_IP4 (1 + SIZE_IP4 + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES) -#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES) +#define PACKED_NODE_SIZE_IP4 (1 + SIZE_IP4 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE) +#define PACKED_NODE_SIZE_IP6 (1 + SIZE_IP6 + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE) /* Return packet size of packed node with ip_family on success. * Return -1 on failure. @@ -365,11 +365,11 @@ static int pack_ip_port(uint8_t *data, uint16_t length, const IP_Port *ip_port) return -1; } -static int DHT_create_packet(const uint8_t public_key[crypto_box_PUBLICKEYBYTES], +static int DHT_create_packet(const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE], const uint8_t *shared_key, const uint8_t type, uint8_t *plain, size_t plain_length, uint8_t *packet) { - uint8_t encrypted[plain_length + crypto_box_MACBYTES]; - uint8_t nonce[crypto_box_NONCEBYTES]; + uint8_t encrypted[plain_length + CRYPTO_MAC_SIZE]; + uint8_t nonce[CRYPTO_NONCE_SIZE]; random_nonce(nonce); @@ -381,11 +381,11 @@ static int DHT_create_packet(const uint8_t public_key[crypto_box_PUBLICKEYBYTES] } packet[0] = type; - memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, encrypted, encrypted_length); + memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE); + memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, encrypted, encrypted_length); - return 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + encrypted_length; + return 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + encrypted_length; } /* Unpack IP_Port structure from data of max size length into ip_port. @@ -473,14 +473,14 @@ int pack_nodes(uint8_t *data, uint16_t length, const Node_format *nodes, uint16_ packed_length += ipp_size; - if (packed_length + crypto_box_PUBLICKEYBYTES > length) { + if (packed_length + CRYPTO_PUBLIC_KEY_SIZE > length) { return -1; } - memcpy(data + packed_length, nodes[i].public_key, crypto_box_PUBLICKEYBYTES); - packed_length += crypto_box_PUBLICKEYBYTES; + memcpy(data + packed_length, nodes[i].public_key, CRYPTO_PUBLIC_KEY_SIZE); + packed_length += CRYPTO_PUBLIC_KEY_SIZE; - uint32_t increment = ipp_size + crypto_box_PUBLICKEYBYTES; + uint32_t increment = ipp_size + CRYPTO_PUBLIC_KEY_SIZE; assert(increment == PACKED_NODE_SIZE_IP4 || increment == PACKED_NODE_SIZE_IP6); } @@ -508,15 +508,15 @@ int unpack_nodes(Node_format *nodes, uint16_t max_num_nodes, uint16_t *processed len_processed += ipp_size; - if (len_processed + crypto_box_PUBLICKEYBYTES > length) { + if (len_processed + CRYPTO_PUBLIC_KEY_SIZE > length) { return -1; } - memcpy(nodes[num].public_key, data + len_processed, crypto_box_PUBLICKEYBYTES); - len_processed += crypto_box_PUBLICKEYBYTES; + memcpy(nodes[num].public_key, data + len_processed, CRYPTO_PUBLIC_KEY_SIZE); + len_processed += CRYPTO_PUBLIC_KEY_SIZE; ++num; - uint32_t increment = ipp_size + crypto_box_PUBLICKEYBYTES; + uint32_t increment = ipp_size + CRYPTO_PUBLIC_KEY_SIZE; assert(increment == PACKED_NODE_SIZE_IP4 || increment == PACKED_NODE_SIZE_IP6); } @@ -589,7 +589,7 @@ static int client_or_ip_port_in_list(Logger *log, Client_data *list, uint16_t le if ((ip_port.ip.family == AF_INET) && ipport_equal(&list[i].assoc4.ip_port, &ip_port)) { /* Initialize client timestamp. */ list[i].assoc4.timestamp = temp_time; - memcpy(list[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(list[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); LOGGER_DEBUG(log, "coipil[%u]: switching public_key (ipv4)", i); @@ -601,7 +601,7 @@ static int client_or_ip_port_in_list(Logger *log, Client_data *list, uint16_t le if ((ip_port.ip.family == AF_INET6) && ipport_equal(&list[i].assoc6.ip_port, &ip_port)) { /* Initialize client timestamp. */ list[i].assoc6.timestamp = temp_time; - memcpy(list[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(list[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); LOGGER_DEBUG(log, "coipil[%u]: switching public_key (ipv6)", i); @@ -653,16 +653,16 @@ static int friend_number(const DHT *dht, const uint8_t *public_key) bool add_to_list(Node_format *nodes_list, unsigned int length, const uint8_t *pk, IP_Port ip_port, const uint8_t *cmp_pk) { - uint8_t pk_bak[crypto_box_PUBLICKEYBYTES]; + uint8_t pk_bak[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ip_port_bak; unsigned int i; for (i = 0; i < length; ++i) { if (id_closest(cmp_pk, nodes_list[i].public_key, pk) == 2) { - memcpy(pk_bak, nodes_list[i].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(pk_bak, nodes_list[i].public_key, CRYPTO_PUBLIC_KEY_SIZE); ip_port_bak = nodes_list[i].ip_port; - memcpy(nodes_list[i].public_key, pk, crypto_box_PUBLICKEYBYTES); + memcpy(nodes_list[i].public_key, pk, CRYPTO_PUBLIC_KEY_SIZE); nodes_list[i].ip_port = ip_port; if (i != (length - 1)) { @@ -742,7 +742,7 @@ static void get_close_nodes_inner(const uint8_t *public_key, Node_format *nodes_ if (num_nodes < MAX_SENT_NODES) { memcpy(nodes_list[num_nodes].public_key, client->public_key, - crypto_box_PUBLICKEYBYTES); + CRYPTO_PUBLIC_KEY_SIZE); nodes_list[num_nodes].ip_port = ipptp->ip_port; num_nodes++; @@ -796,7 +796,7 @@ int get_close_nodes(const DHT *dht, const uint8_t *public_key, Node_format *node return get_somewhat_close_nodes(dht, public_key, nodes_list, sa_family, is_LAN, want_good); } -static uint8_t cmp_public_key[crypto_box_PUBLICKEYBYTES]; +static uint8_t cmp_public_key[CRYPTO_PUBLIC_KEY_SIZE]; static int cmp_dht_entry(const void *a, const void *b) { Client_data entry1, entry2; @@ -862,7 +862,7 @@ static unsigned int store_node_ok(const Client_data *client, const uint8_t *publ static void sort_client_list(Client_data *list, unsigned int length, const uint8_t *comp_public_key) { - memcpy(cmp_public_key, comp_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(cmp_public_key, comp_public_key, CRYPTO_PUBLIC_KEY_SIZE); qsort(list, length, sizeof(Client_data), cmp_dht_entry); } @@ -1018,7 +1018,7 @@ static unsigned int ping_node_from_getnodes_ok(DHT *dht, const uint8_t *public_k if (ret && !client_in_nodelist(dht->to_bootstrap, dht->num_to_bootstrap, public_key)) { if (dht->num_to_bootstrap < MAX_CLOSE_TO_BOOTSTRAP_NODES) { - memcpy(dht->to_bootstrap[dht->num_to_bootstrap].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(dht->to_bootstrap[dht->num_to_bootstrap].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); dht->to_bootstrap[dht->num_to_bootstrap].ip_port = ip_port; ++dht->num_to_bootstrap; } else { @@ -1045,7 +1045,7 @@ static unsigned int ping_node_from_getnodes_ok(DHT *dht, const uint8_t *public_k if (store_ok && !client_in_nodelist(dht_friend->to_bootstrap, dht_friend->num_to_bootstrap, public_key) && !is_pk_in_client_list(dht_friend->client_list, MAX_FRIEND_CLIENTS, public_key, ip_port)) { if (dht_friend->num_to_bootstrap < MAX_SENT_NODES) { - memcpy(dht_friend->to_bootstrap[dht_friend->num_to_bootstrap].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(dht_friend->to_bootstrap[dht_friend->num_to_bootstrap].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); dht_friend->to_bootstrap[dht_friend->num_to_bootstrap].ip_port = ip_port; ++dht_friend->num_to_bootstrap; } else { @@ -1195,7 +1195,7 @@ static int getnodes(DHT *dht, IP_Port ip_port, const uint8_t *public_key, const uint8_t plain_message[sizeof(Node_format) * 2] = {0}; Node_format receiver; - memcpy(receiver.public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(receiver.public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); receiver.ip_port = ip_port; memcpy(plain_message, &receiver, sizeof(receiver)); @@ -1212,13 +1212,13 @@ static int getnodes(DHT *dht, IP_Port ip_port, const uint8_t *public_key, const return -1; } - uint8_t plain[crypto_box_PUBLICKEYBYTES + sizeof(ping_id)]; - uint8_t data[1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES]; + uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + sizeof(ping_id)]; + uint8_t data[1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE]; - memcpy(plain, client_id, crypto_box_PUBLICKEYBYTES); - memcpy(plain + crypto_box_PUBLICKEYBYTES, &ping_id, sizeof(ping_id)); + memcpy(plain, client_id, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(plain + CRYPTO_PUBLIC_KEY_SIZE, &ping_id, sizeof(ping_id)); - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; DHT_get_shared_key_sent(dht, shared_key, public_key); int len = DHT_create_packet(dht->self_public_key, shared_key, NET_PACKET_GET_NODES, @@ -1264,8 +1264,8 @@ static int sendnodes_ipv6(const DHT *dht, IP_Port ip_port, const uint8_t *public plain[0] = num_nodes; memcpy(plain + 1 + nodes_length, sendback_data, length); - uint8_t data[1 + nodes_length + length + 1 + crypto_box_PUBLICKEYBYTES - + crypto_box_NONCEBYTES + crypto_box_MACBYTES]; + uint8_t data[1 + nodes_length + length + 1 + CRYPTO_PUBLIC_KEY_SIZE + + CRYPTO_NONCE_SIZE + CRYPTO_MAC_SIZE]; int len = DHT_create_packet(dht->self_public_key, shared_encryption_key, NET_PACKET_SEND_NODES_IPV6, plain, 1 + nodes_length + length, data); @@ -1279,8 +1279,8 @@ static int sendnodes_ipv6(const DHT *dht, IP_Port ip_port, const uint8_t *public static int handle_getnodes(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) { - if (length != (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + sizeof( - uint64_t) + crypto_box_MACBYTES)) { + if (length != (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + sizeof( + uint64_t) + CRYPTO_MAC_SIZE)) { return 1; } @@ -1291,21 +1291,21 @@ static int handle_getnodes(void *object, IP_Port source, const uint8_t *packet, return 1; } - uint8_t plain[crypto_box_PUBLICKEYBYTES + sizeof(uint64_t)]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t)]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; DHT_get_shared_key_recv(dht, shared_key, packet + 1); int len = decrypt_data_symmetric(shared_key, - packet + 1 + crypto_box_PUBLICKEYBYTES, - packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, - crypto_box_PUBLICKEYBYTES + sizeof(uint64_t) + crypto_box_MACBYTES, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, + CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t) + CRYPTO_MAC_SIZE, plain); - if (len != crypto_box_PUBLICKEYBYTES + sizeof(uint64_t)) { + if (len != CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint64_t)) { return 1; } - sendnodes_ipv6(dht, source, packet + 1, plain, plain + crypto_box_PUBLICKEYBYTES, sizeof(uint64_t), shared_key); + sendnodes_ipv6(dht, source, packet + 1, plain, plain + CRYPTO_PUBLIC_KEY_SIZE, sizeof(uint64_t), shared_key); add_to_ping(dht->ping, packet + 1, source); @@ -1344,7 +1344,7 @@ static int handle_sendnodes_core(void *object, IP_Port source, const uint8_t *pa Node_format *plain_nodes, uint16_t size_plain_nodes, uint32_t *num_nodes_out) { DHT *dht = (DHT *)object; - uint32_t cid_size = 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + 1 + sizeof(uint64_t) + crypto_box_MACBYTES; + uint32_t cid_size = 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + 1 + sizeof(uint64_t) + CRYPTO_MAC_SIZE; if (length < cid_size) { /* too short */ return 1; @@ -1361,13 +1361,13 @@ static int handle_sendnodes_core(void *object, IP_Port source, const uint8_t *pa } uint8_t plain[1 + data_size + sizeof(uint64_t)]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; DHT_get_shared_key_sent(dht, shared_key, packet + 1); int len = decrypt_data_symmetric( shared_key, - packet + 1 + crypto_box_PUBLICKEYBYTES, - packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, - 1 + data_size + sizeof(uint64_t) + crypto_box_MACBYTES, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, + 1 + data_size + sizeof(uint64_t) + CRYPTO_MAC_SIZE, plain); if ((unsigned int)len != sizeof(plain)) { @@ -1477,7 +1477,7 @@ int DHT_addfriend(DHT *dht, const uint8_t *public_key, void (*ip_callback)(void dht->friends_list = temp; DHT_Friend *dht_friend = &dht->friends_list[dht->num_friends]; memset(dht_friend, 0, sizeof(DHT_Friend)); - memcpy(dht_friend->public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(dht_friend->public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); dht_friend->nat.NATping_id = random_64b(); ++dht->num_friends; @@ -2216,10 +2216,10 @@ static int send_hardening_req(DHT *dht, Node_format *sendto, uint8_t type, uint8 /* Send a get node hardening request */ static int send_hardening_getnode_req(DHT *dht, Node_format *dest, Node_format *node_totest, uint8_t *search_id) { - uint8_t data[sizeof(Node_format) + crypto_box_PUBLICKEYBYTES]; + uint8_t data[sizeof(Node_format) + CRYPTO_PUBLIC_KEY_SIZE]; memcpy(data, node_totest, sizeof(Node_format)); - memcpy(data + sizeof(Node_format), search_id, crypto_box_PUBLICKEYBYTES); - return send_hardening_req(dht, dest, CHECK_TYPE_GETNODE_REQ, data, sizeof(Node_format) + crypto_box_PUBLICKEYBYTES); + memcpy(data + sizeof(Node_format), search_id, CRYPTO_PUBLIC_KEY_SIZE); + return send_hardening_req(dht, dest, CHECK_TYPE_GETNODE_REQ, data, sizeof(Node_format) + CRYPTO_PUBLIC_KEY_SIZE); } #endif @@ -2232,10 +2232,10 @@ static int send_hardening_getnode_res(const DHT *dht, const Node_format *sendto, } uint8_t packet[MAX_CRYPTO_REQUEST_SIZE]; - uint8_t data[1 + crypto_box_PUBLICKEYBYTES + nodes_data_length]; + uint8_t data[1 + CRYPTO_PUBLIC_KEY_SIZE + nodes_data_length]; data[0] = CHECK_TYPE_GETNODE_RES; - memcpy(data + 1, queried_client_id, crypto_box_PUBLICKEYBYTES); - memcpy(data + 1 + crypto_box_PUBLICKEYBYTES, nodes_data, nodes_data_length); + memcpy(data + 1, queried_client_id, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(data + 1 + CRYPTO_PUBLIC_KEY_SIZE, nodes_data, nodes_data_length); int len = create_request(dht->self_public_key, dht->self_secret_key, packet, sendto->public_key, data, sizeof(data), CRYPTO_PACKET_HARDENING); @@ -2317,7 +2317,7 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_ Node_format node, tocheck_node; node.ip_port = source; - memcpy(node.public_key, source_pubkey, crypto_box_PUBLICKEYBYTES); + memcpy(node.public_key, source_pubkey, CRYPTO_PUBLIC_KEY_SIZE); memcpy(&tocheck_node, packet + 1, sizeof(Node_format)); if (getnodes(dht, tocheck_node.ip_port, tocheck_node.public_key, packet + 1 + sizeof(Node_format), &node) == -1) { @@ -2328,17 +2328,17 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_ } case CHECK_TYPE_GETNODE_RES: { - if (length <= crypto_box_PUBLICKEYBYTES + 1) { + if (length <= CRYPTO_PUBLIC_KEY_SIZE + 1) { return 1; } - if (length > 1 + crypto_box_PUBLICKEYBYTES + sizeof(Node_format) * MAX_SENT_NODES) { + if (length > 1 + CRYPTO_PUBLIC_KEY_SIZE + sizeof(Node_format) * MAX_SENT_NODES) { return 1; } - uint16_t length_nodes = length - 1 - crypto_box_PUBLICKEYBYTES; + uint16_t length_nodes = length - 1 - CRYPTO_PUBLIC_KEY_SIZE; Node_format nodes[MAX_SENT_NODES]; - int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, packet + 1 + crypto_box_PUBLICKEYBYTES, length_nodes, 0); + int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, length_nodes, 0); /* TODO(irungentoo): MAX_SENT_NODES nodes should be returned at all times (right now we have a small network size so it could cause problems for testing and etc..) */ @@ -2380,10 +2380,10 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_ */ static Node_format random_node(DHT *dht, sa_family_t sa_family) { - uint8_t id[crypto_box_PUBLICKEYBYTES]; + uint8_t id[CRYPTO_PUBLIC_KEY_SIZE]; uint32_t i; - for (i = 0; i < crypto_box_PUBLICKEYBYTES / 4; ++i) { /* populate the id with pseudorandom bytes.*/ + for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE / 4; ++i) { /* populate the id with pseudorandom bytes.*/ uint32_t t = rand(); memcpy(id + i * sizeof(t), &t, sizeof(t)); } @@ -2430,7 +2430,7 @@ static uint16_t list_nodes(Client_data *list, unsigned int length, Node_format * } if (assoc != NULL) { - memcpy(nodes[count].public_key, list[i - 1].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(nodes[count].public_key, list[i - 1].public_key, CRYPTO_PUBLIC_KEY_SIZE); nodes[count].ip_port = assoc->ip_port; ++count; @@ -2513,11 +2513,11 @@ static void do_hardening(DHT *dht) Node_format to_test; to_test.ip_port = cur_iptspng->ip_port; - memcpy(to_test.public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(to_test.public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); // TODO(irungentoo): The search id should maybe not be ours? if (send_hardening_getnode_req(dht, &rand_node, &to_test, dht->self_public_key) > 0) { - memcpy(cur_iptspng->hardening.send_nodes_pingedid, rand_node.public_key, crypto_box_PUBLICKEYBYTES); + memcpy(cur_iptspng->hardening.send_nodes_pingedid, rand_node.public_key, CRYPTO_PUBLIC_KEY_SIZE); cur_iptspng->hardening.send_nodes_timestamp = unix_time(); } } @@ -2545,13 +2545,13 @@ static int cryptopacket_handle(void *object, IP_Port source, const uint8_t *pack DHT *dht = (DHT *)object; if (packet[0] == NET_PACKET_CRYPTO) { - if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || - length > MAX_CRYPTO_REQUEST_SIZE + crypto_box_MACBYTES) { + if (length <= CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1 + CRYPTO_MAC_SIZE || + length > MAX_CRYPTO_REQUEST_SIZE + CRYPTO_MAC_SIZE) { return 1; } if (public_key_cmp(packet + 1, dht->self_public_key) == 0) { // Check if request is for us. - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t data[MAX_CRYPTO_REQUEST_SIZE]; uint8_t number; int len = handle_request(dht->self_public_key, dht->self_secret_key, public_key, data, &number, packet, length); @@ -2615,15 +2615,15 @@ DHT *new_DHT(Logger *log, Networking_Core *net, bool holepunching_enabled) cryptopacket_registerhandler(dht, CRYPTO_PACKET_HARDENING, &handle_hardening, dht); new_symmetric_key(dht->secret_symmetric_key); - crypto_box_keypair(dht->self_public_key, dht->self_secret_key); + crypto_new_keypair(dht->self_public_key, dht->self_secret_key); ping_array_init(&dht->dht_ping_array, DHT_PING_ARRAY_SIZE, PING_TIMEOUT); ping_array_init(&dht->dht_harden_ping_array, DHT_PING_ARRAY_SIZE, PING_TIMEOUT); uint32_t i; for (i = 0; i < DHT_FAKE_FRIEND_NUMBER; ++i) { - uint8_t random_key_bytes[crypto_box_PUBLICKEYBYTES]; - randombytes(random_key_bytes, sizeof(random_key_bytes)); + uint8_t random_key_bytes[CRYPTO_PUBLIC_KEY_SIZE]; + random_bytes(random_key_bytes, sizeof(random_key_bytes)); if (DHT_addfriend(dht, random_key_bytes, 0, 0, 0, 0) != 0) { kill_DHT(dht); @@ -2730,13 +2730,13 @@ void DHT_save(DHT *dht, uint8_t *data) for (num = 0, i = 0; i < LCLIENT_LIST; ++i) { if (dht->close_clientlist[i].assoc4.timestamp != 0) { - memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, CRYPTO_PUBLIC_KEY_SIZE); clients[num].ip_port = dht->close_clientlist[i].assoc4.ip_port; ++num; } if (dht->close_clientlist[i].assoc6.timestamp != 0) { - memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(clients[num].public_key, dht->close_clientlist[i].public_key, CRYPTO_PUBLIC_KEY_SIZE); clients[num].ip_port = dht->close_clientlist[i].assoc6.ip_port; ++num; } @@ -2747,13 +2747,13 @@ void DHT_save(DHT *dht, uint8_t *data) for (j = 0; j < MAX_FRIEND_CLIENTS; ++j) { if (fr->client_list[j].assoc4.timestamp != 0) { - memcpy(clients[num].public_key, fr->client_list[j].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(clients[num].public_key, fr->client_list[j].public_key, CRYPTO_PUBLIC_KEY_SIZE); clients[num].ip_port = fr->client_list[j].assoc4.ip_port; ++num; } if (fr->client_list[j].assoc6.timestamp != 0) { - memcpy(clients[num].public_key, fr->client_list[j].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(clients[num].public_key, fr->client_list[j].public_key, CRYPTO_PUBLIC_KEY_SIZE); clients[num].ip_port = fr->client_list[j].assoc6.ip_port; ++num; } diff --git a/toxcore/DHT.h b/toxcore/DHT.h index db05fecc86..c9b859beed 100644 --- a/toxcore/DHT.h +++ b/toxcore/DHT.h @@ -111,17 +111,17 @@ typedef struct { uint8_t routes_requests_ok; /* Time which we last checked this.*/ uint64_t routes_requests_timestamp; - uint8_t routes_requests_pingedid[crypto_box_PUBLICKEYBYTES]; + uint8_t routes_requests_pingedid[CRYPTO_PUBLIC_KEY_SIZE]; /* Node sends correct send_node (true (1) or false/didn't check (0)) */ uint8_t send_nodes_ok; /* Time which we last checked this.*/ uint64_t send_nodes_timestamp; - uint8_t send_nodes_pingedid[crypto_box_PUBLICKEYBYTES]; + uint8_t send_nodes_pingedid[CRYPTO_PUBLIC_KEY_SIZE]; /* Node can be used to test other nodes (true (1) or false/didn't check (0)) */ uint8_t testing_requests; /* Time which we last checked this.*/ uint64_t testing_timestamp; - uint8_t testing_pingedid[crypto_box_PUBLICKEYBYTES]; + uint8_t testing_pingedid[CRYPTO_PUBLIC_KEY_SIZE]; } Hardening; typedef struct { @@ -136,7 +136,7 @@ typedef struct { } IPPTsPng; typedef struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; IPPTsPng assoc4; IPPTsPng assoc6; } Client_data; @@ -159,13 +159,13 @@ typedef struct { #define DHT_FRIEND_MAX_LOCKS 32 typedef struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ip_port; } Node_format; typedef struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; Client_data client_list[MAX_FRIEND_CLIENTS]; /* Time at which the last get_nodes request was sent. */ @@ -216,8 +216,8 @@ int unpack_nodes(Node_format *nodes, uint16_t max_num_nodes, uint16_t *processed #define KEYS_TIMEOUT 600 typedef struct { struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; uint32_t times_requested; uint8_t stored; /* 0 if not, 1 if is */ uint64_t time_last_requested; @@ -245,10 +245,10 @@ typedef struct { uint32_t close_bootstrap_times; /* Note: this key should not be/is not used to transmit any sensitive materials */ - uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; + uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE]; /* DHT keypair */ - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; DHT_Friend *friends_list; uint16_t num_friends; @@ -294,7 +294,7 @@ void DHT_get_shared_key_sent(DHT *dht, uint8_t *shared_key, const uint8_t *publi void DHT_getnodes(DHT *dht, const IP_Port *from_ipp, const uint8_t *from_id, const uint8_t *which_id); /* Add a new friend to the friends list. - * public_key must be crypto_box_PUBLICKEYBYTES bytes long. + * public_key must be CRYPTO_PUBLIC_KEY_SIZE bytes long. * * ip_callback is the callback of a function that will be called when the ip address * is found along with arguments data and number. @@ -309,7 +309,7 @@ int DHT_addfriend(DHT *dht, const uint8_t *public_key, void (*ip_callback)(void void *data, int32_t number, uint16_t *lock_count); /* Delete a friend from the friends list. - * public_key must be crypto_box_PUBLICKEYBYTES bytes long. + * public_key must be CRYPTO_PUBLIC_KEY_SIZE bytes long. * * return 0 if success. * return -1 if failure (public_key not in friends list). @@ -317,7 +317,7 @@ int DHT_addfriend(DHT *dht, const uint8_t *public_key, void (*ip_callback)(void int DHT_delfriend(DHT *dht, const uint8_t *public_key, uint16_t lock_count); /* Get ip of friend. - * public_key must be crypto_box_PUBLICKEYBYTES bytes long. + * public_key must be CRYPTO_PUBLIC_KEY_SIZE bytes long. * ip must be 4 bytes long. * port must be 2 bytes long. * diff --git a/toxcore/LAN_discovery.c b/toxcore/LAN_discovery.c index 48e0e7bb58..6778e93208 100644 --- a/toxcore/LAN_discovery.c +++ b/toxcore/LAN_discovery.c @@ -329,7 +329,7 @@ static int handle_LANdiscovery(void *object, IP_Port source, const uint8_t *pack return 1; } - if (length != crypto_box_PUBLICKEYBYTES + 1) { + if (length != CRYPTO_PUBLIC_KEY_SIZE + 1) { return 1; } @@ -340,11 +340,11 @@ static int handle_LANdiscovery(void *object, IP_Port source, const uint8_t *pack int send_LANdiscovery(uint16_t port, DHT *dht) { - uint8_t data[crypto_box_PUBLICKEYBYTES + 1]; + uint8_t data[CRYPTO_PUBLIC_KEY_SIZE + 1]; data[0] = NET_PACKET_LAN_DISCOVERY; id_copy(data + 1, dht->self_public_key); - send_broadcasts(dht->net, port, data, 1 + crypto_box_PUBLICKEYBYTES); + send_broadcasts(dht->net, port, data, 1 + CRYPTO_PUBLIC_KEY_SIZE); int res = -1; IP_Port ip_port; @@ -355,7 +355,7 @@ int send_LANdiscovery(uint16_t port, DHT *dht) ip_port.ip = broadcast_ip(AF_INET6, AF_INET6); if (ip_isset(&ip_port.ip)) { - if (sendpacket(dht->net, ip_port, data, 1 + crypto_box_PUBLICKEYBYTES) > 0) { + if (sendpacket(dht->net, ip_port, data, 1 + CRYPTO_PUBLIC_KEY_SIZE) > 0) { res = 1; } } @@ -365,7 +365,7 @@ int send_LANdiscovery(uint16_t port, DHT *dht) ip_port.ip = broadcast_ip(dht->net->family, AF_INET); if (ip_isset(&ip_port.ip)) { - if (sendpacket(dht->net, ip_port, data, 1 + crypto_box_PUBLICKEYBYTES)) { + if (sendpacket(dht->net, ip_port, data, 1 + CRYPTO_PUBLIC_KEY_SIZE)) { res = 1; } } diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c index 8bd9cd0ce6..fa11704c96 100644 --- a/toxcore/Messenger.c +++ b/toxcore/Messenger.c @@ -93,7 +93,7 @@ int32_t getfriend_id(const Messenger *m, const uint8_t *real_pk) } /* Copies the public key associated to that friend id into real_pk buffer. - * Make sure that real_pk is of size crypto_box_PUBLICKEYBYTES. + * Make sure that real_pk is of size CRYPTO_PUBLIC_KEY_SIZE. * * return 0 if success. * return -1 if failure. @@ -104,7 +104,7 @@ int get_real_pk(const Messenger *m, int32_t friendnumber, uint8_t *real_pk) return -1; } - memcpy(real_pk, m->friendlist[friendnumber].real_pk, crypto_box_PUBLICKEYBYTES); + memcpy(real_pk, m->friendlist[friendnumber].real_pk, CRYPTO_PUBLIC_KEY_SIZE); return 0; } @@ -145,9 +145,9 @@ void getaddress(const Messenger *m, uint8_t *address) { id_copy(address, m->net_crypto->self_public_key); uint32_t nospam = get_nospam(&(m->fr)); - memcpy(address + crypto_box_PUBLICKEYBYTES, &nospam, sizeof(nospam)); + memcpy(address + CRYPTO_PUBLIC_KEY_SIZE, &nospam, sizeof(nospam)); uint16_t checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); - memcpy(address + crypto_box_PUBLICKEYBYTES + sizeof(nospam), &checksum, sizeof(checksum)); + memcpy(address + CRYPTO_PUBLIC_KEY_SIZE + sizeof(nospam), &checksum, sizeof(checksum)); } static int send_online_packet(Messenger *m, int32_t friendnumber) @@ -240,7 +240,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u return FAERR_TOOLONG; } - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; id_copy(real_pk, address); if (!public_key_valid(real_pk)) { @@ -248,7 +248,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u } uint16_t check, checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); - memcpy(&check, address + crypto_box_PUBLICKEYBYTES + sizeof(uint32_t), sizeof(check)); + memcpy(&check, address + CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t), sizeof(check)); if (check != checksum) { return FAERR_BADCHECKSUM; @@ -270,7 +270,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u } uint32_t nospam; - memcpy(&nospam, address + crypto_box_PUBLICKEYBYTES, sizeof(nospam)); + memcpy(&nospam, address + CRYPTO_PUBLIC_KEY_SIZE, sizeof(nospam)); if (m->friendlist[friend_id].friendrequest_nospam == nospam) { return FAERR_ALREADYSENT; @@ -289,7 +289,7 @@ int32_t m_addfriend(Messenger *m, const uint8_t *address, const uint8_t *data, u m->friendlist[ret].friendrequest_timeout = FRIENDREQUEST_TIMEOUT; memcpy(m->friendlist[ret].info, data, length); m->friendlist[ret].info_size = length; - memcpy(&(m->friendlist[ret].friendrequest_nospam), address + crypto_box_PUBLICKEYBYTES, sizeof(uint32_t)); + memcpy(&(m->friendlist[ret].friendrequest_nospam), address + CRYPTO_PUBLIC_KEY_SIZE, sizeof(uint32_t)); return ret; } @@ -2440,16 +2440,16 @@ static void connection_status_cb(Messenger *m, void *userdata) #define DUMPING_CLIENTS_FRIENDS_EVERY_N_SECONDS 60UL static time_t lastdump = 0; -static char IDString[crypto_box_PUBLICKEYBYTES * 2 + 1]; +static char IDString[CRYPTO_PUBLIC_KEY_SIZE * 2 + 1]; static char *ID2String(const uint8_t *pk) { uint32_t i; - for (i = 0; i < crypto_box_PUBLICKEYBYTES; i++) { + for (i = 0; i < CRYPTO_PUBLIC_KEY_SIZE; i++) { sprintf(&IDString[i * 2], "%02X", pk[i]); } - IDString[crypto_box_PUBLICKEYBYTES * 2] = 0; + IDString[CRYPTO_PUBLIC_KEY_SIZE * 2] = 0; return IDString; } @@ -2636,7 +2636,7 @@ void do_messenger(Messenger *m, void *userdata) struct SAVED_FRIEND { uint8_t status; - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t info[SAVED_FRIEND_REQUEST_SIZE]; // the data that is sent during the friend requests we do. uint16_t info_size; // Length of the info. uint8_t name[MAX_NAME_LENGTH]; @@ -2725,7 +2725,7 @@ static uint32_t friends_list_save(const Messenger *m, uint8_t *data) if (m->friendlist[i].status > 0) { struct SAVED_FRIEND temp = { 0 }; temp.status = m->friendlist[i].status; - memcpy(temp.real_pk, m->friendlist[i].real_pk, crypto_box_PUBLICKEYBYTES); + memcpy(temp.real_pk, m->friendlist[i].real_pk, CRYPTO_PUBLIC_KEY_SIZE); if (temp.status < 3) { const size_t friendrequest_length = @@ -2837,9 +2837,9 @@ static int friends_list_load(Messenger *m, const uint8_t *data, uint32_t length) /* TODO(irungentoo): This is not a good way to do this. */ uint8_t address[FRIEND_ADDRESS_SIZE]; id_copy(address, temp.real_pk); - memcpy(address + crypto_box_PUBLICKEYBYTES, &(temp.friendrequest_nospam), sizeof(uint32_t)); + memcpy(address + CRYPTO_PUBLIC_KEY_SIZE, &(temp.friendrequest_nospam), sizeof(uint32_t)); uint16_t checksum = address_checksum(address, FRIEND_ADDRESS_SIZE - sizeof(checksum)); - memcpy(address + crypto_box_PUBLICKEYBYTES + sizeof(uint32_t), &checksum, sizeof(checksum)); + memcpy(address + CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t), &checksum, sizeof(checksum)); m_addfriend(m, address, temp.info, ntohs(temp.info_size)); } } @@ -2852,7 +2852,7 @@ uint32_t messenger_size(const Messenger *m) { uint32_t size32 = sizeof(uint32_t), sizesubhead = size32 * 2; return size32 * 2 // global cookie - + sizesubhead + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES + + sizesubhead + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE + sizesubhead + DHT_size(m->dht) // DHT + sizesubhead + saved_friendslist_size(m) // Friendlist itself. + sizesubhead + m->name_length // Own nickname. @@ -2889,7 +2889,7 @@ void messenger_save(const Messenger *m, uint8_t *data) #ifdef TOX_DEBUG assert(sizeof(get_nospam(&(m->fr))) == sizeof(uint32_t)); #endif - len = size32 + crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES; + len = size32 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE; type = MESSENGER_STATE_TYPE_NOSPAMKEYS; data = z_state_save_subheader(data, len, type); *(uint32_t *)data = get_nospam(&(m->fr)); @@ -2962,9 +2962,9 @@ static int messenger_load_state_callback(void *outer, const uint8_t *data, uint3 switch (type) { case MESSENGER_STATE_TYPE_NOSPAMKEYS: - if (length == crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES + sizeof(uint32_t)) { + if (length == CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE + sizeof(uint32_t)) { set_nospam(&(m->fr), *(const uint32_t *)data); - load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + crypto_box_PUBLICKEYBYTES); + load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + CRYPTO_PUBLIC_KEY_SIZE); if (public_key_cmp((&data[sizeof(uint32_t)]), m->net_crypto->self_public_key) != 0) { return -1; diff --git a/toxcore/Messenger.h b/toxcore/Messenger.h index bd66739b6f..16220ebee8 100644 --- a/toxcore/Messenger.h +++ b/toxcore/Messenger.h @@ -39,7 +39,7 @@ #define MAX_CONCURRENT_FILE_PIPES 256 -#define FRIEND_ADDRESS_SIZE (crypto_box_PUBLICKEYBYTES + sizeof(uint32_t) + sizeof(uint16_t)) +#define FRIEND_ADDRESS_SIZE (CRYPTO_PUBLIC_KEY_SIZE + sizeof(uint32_t) + sizeof(uint16_t)) enum { MESSAGE_NORMAL, @@ -179,7 +179,7 @@ enum { typedef struct Messenger Messenger; typedef struct { - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; int friendcon_id; uint64_t friendrequest_lastsent; // Time at which the last friend request was sent. @@ -316,7 +316,7 @@ int32_t m_addfriend_norequest(Messenger *m, const uint8_t *real_pk); int32_t getfriend_id(const Messenger *m, const uint8_t *real_pk); /* Copies the public key associated to that friend id into real_pk buffer. - * Make sure that real_pk is of size crypto_box_PUBLICKEYBYTES. + * Make sure that real_pk is of size CRYPTO_PUBLIC_KEY_SIZE. * * return 0 if success * return -1 if failure diff --git a/toxcore/TCP_client.c b/toxcore/TCP_client.c index 372f034e09..14e75845ea 100644 --- a/toxcore/TCP_client.c +++ b/toxcore/TCP_client.c @@ -223,20 +223,20 @@ static int proxy_socks5_read_connection_response(TCP_Client_Connection *TCP_conn */ static int generate_handshake(TCP_Client_Connection *TCP_conn) { - uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES]; - crypto_box_keypair(plain, TCP_conn->temp_secret_key); + uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE]; + crypto_new_keypair(plain, TCP_conn->temp_secret_key); random_nonce(TCP_conn->sent_nonce); - memcpy(plain + crypto_box_PUBLICKEYBYTES, TCP_conn->sent_nonce, crypto_box_NONCEBYTES); - memcpy(TCP_conn->last_packet, TCP_conn->self_public_key, crypto_box_PUBLICKEYBYTES); - random_nonce(TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES); - int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES, plain, - sizeof(plain), TCP_conn->last_packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); + memcpy(plain + CRYPTO_PUBLIC_KEY_SIZE, TCP_conn->sent_nonce, CRYPTO_NONCE_SIZE); + memcpy(TCP_conn->last_packet, TCP_conn->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + random_nonce(TCP_conn->last_packet + CRYPTO_PUBLIC_KEY_SIZE); + int len = encrypt_data_symmetric(TCP_conn->shared_key, TCP_conn->last_packet + CRYPTO_PUBLIC_KEY_SIZE, plain, + sizeof(plain), TCP_conn->last_packet + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE); - if (len != sizeof(plain) + crypto_box_MACBYTES) { + if (len != sizeof(plain) + CRYPTO_MAC_SIZE) { return -1; } - TCP_conn->last_packet_length = crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + sizeof(plain) + crypto_box_MACBYTES; + TCP_conn->last_packet_length = CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + sizeof(plain) + CRYPTO_MAC_SIZE; TCP_conn->last_packet_sent = 0; return 0; } @@ -248,17 +248,17 @@ static int generate_handshake(TCP_Client_Connection *TCP_conn) */ static int handle_handshake(TCP_Client_Connection *TCP_conn, const uint8_t *data) { - uint8_t plain[crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES]; - int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + crypto_box_NONCEBYTES, - TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, plain); + uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE]; + int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + CRYPTO_NONCE_SIZE, + TCP_SERVER_HANDSHAKE_SIZE - CRYPTO_NONCE_SIZE, plain); if (len != sizeof(plain)) { return -1; } - memcpy(TCP_conn->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES); + memcpy(TCP_conn->recv_nonce, plain + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_NONCE_SIZE); encrypt_precompute(plain, TCP_conn->temp_secret_key, TCP_conn->shared_key); - sodium_memzero(TCP_conn->temp_secret_key, crypto_box_SECRETKEYBYTES); + crypto_memzero(TCP_conn->temp_secret_key, CRYPTO_SECRET_KEY_SIZE); return 0; } @@ -372,7 +372,7 @@ static void wipe_priority_list(TCP_Client_Connection *con) static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, const uint8_t *data, uint16_t length, bool priority) { - if (length + crypto_box_MACBYTES > MAX_PACKET_SIZE) { + if (length + CRYPTO_MAC_SIZE > MAX_PACKET_SIZE) { return -1; } @@ -386,9 +386,9 @@ static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, const } } - uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES]; + uint8_t packet[sizeof(uint16_t) + length + CRYPTO_MAC_SIZE]; - uint16_t c_length = htons(length + crypto_box_MACBYTES); + uint16_t c_length = htons(length + CRYPTO_MAC_SIZE); memcpy(packet, &c_length, sizeof(uint16_t)); int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t)); @@ -436,9 +436,9 @@ static int write_packet_TCP_secure_connection(TCP_Client_Connection *con, const */ int send_routing_request(TCP_Client_Connection *con, uint8_t *public_key) { - uint8_t packet[1 + crypto_box_PUBLICKEYBYTES]; + uint8_t packet[1 + CRYPTO_PUBLIC_KEY_SIZE]; packet[0] = TCP_PACKET_ROUTING_REQUEST; - memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE); return write_packet_TCP_secure_connection(con, packet, sizeof(packet), 1); } @@ -493,10 +493,10 @@ int send_oob_packet(TCP_Client_Connection *con, const uint8_t *public_key, const return -1; } - uint8_t packet[1 + crypto_box_PUBLICKEYBYTES + length]; + uint8_t packet[1 + CRYPTO_PUBLIC_KEY_SIZE + length]; packet[0] = TCP_PACKET_OOB_SEND; - memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, data, length); + memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, data, length); return write_packet_TCP_secure_connection(con, packet, sizeof(packet), 0); } @@ -676,8 +676,8 @@ TCP_Client_Connection *new_TCP_connection(IP_Port ip_port, const uint8_t *public } temp->sock = sock; - memcpy(temp->public_key, public_key, crypto_box_PUBLICKEYBYTES); - memcpy(temp->self_public_key, self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(temp->public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(temp->self_public_key, self_public_key, CRYPTO_PUBLIC_KEY_SIZE); encrypt_precompute(temp->public_key, self_secret_key, temp->shared_key); temp->ip_port = ip_port; temp->proxy_info = *proxy_info; @@ -721,7 +721,7 @@ static int handle_TCP_packet(TCP_Client_Connection *conn, const uint8_t *data, u switch (data[0]) { case TCP_PACKET_ROUTING_RESPONSE: { - if (length != 1 + 1 + crypto_box_PUBLICKEYBYTES) { + if (length != 1 + 1 + CRYPTO_PUBLIC_KEY_SIZE) { return -1; } @@ -737,7 +737,7 @@ static int handle_TCP_packet(TCP_Client_Connection *conn, const uint8_t *data, u conn->connections[con_id].status = 1; conn->connections[con_id].number = ~0; - memcpy(conn->connections[con_id].public_key, data + 2, crypto_box_PUBLICKEYBYTES); + memcpy(conn->connections[con_id].public_key, data + 2, CRYPTO_PUBLIC_KEY_SIZE); if (conn->response_callback) { conn->response_callback(conn->response_callback_object, con_id, conn->connections[con_id].public_key); @@ -832,13 +832,13 @@ static int handle_TCP_packet(TCP_Client_Connection *conn, const uint8_t *data, u } case TCP_PACKET_OOB_RECV: { - if (length <= 1 + crypto_box_PUBLICKEYBYTES) { + if (length <= 1 + CRYPTO_PUBLIC_KEY_SIZE) { return -1; } if (conn->oob_data_callback) { - conn->oob_data_callback(conn->oob_data_callback_object, data + 1, data + 1 + crypto_box_PUBLICKEYBYTES, - length - (1 + crypto_box_PUBLICKEYBYTES), userdata); + conn->oob_data_callback(conn->oob_data_callback_object, data + 1, data + 1 + CRYPTO_PUBLIC_KEY_SIZE, + length - (1 + CRYPTO_PUBLIC_KEY_SIZE), userdata); } return 0; @@ -1006,6 +1006,6 @@ void kill_TCP_connection(TCP_Client_Connection *TCP_connection) wipe_priority_list(TCP_connection); kill_sock(TCP_connection->sock); - sodium_memzero(TCP_connection, sizeof(TCP_Client_Connection)); + crypto_memzero(TCP_connection, sizeof(TCP_Client_Connection)); free(TCP_connection); } diff --git a/toxcore/TCP_client.h b/toxcore/TCP_client.h index 44049698ed..5b29f1dbda 100644 --- a/toxcore/TCP_client.h +++ b/toxcore/TCP_client.h @@ -53,16 +53,16 @@ enum { typedef struct { uint8_t status; sock_t sock; - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; /* our public key */ - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* public key of the server */ + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* our public key */ + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* public key of the server */ IP_Port ip_port; /* The ip and port of the server */ TCP_Proxy_Info proxy_info; - uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ - uint8_t sent_nonce[crypto_box_NONCEBYTES]; /* Nonce of sent packets. */ - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */ + uint8_t sent_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of sent packets. */ + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; uint16_t next_packet_length; - uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE]; uint8_t last_packet[2 + MAX_PACKET_SIZE]; uint16_t last_packet_length; @@ -80,7 +80,7 @@ typedef struct { struct { uint8_t status; /* 0 if not used, 1 if other is offline, 2 if other is online. */ - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint32_t number; } connections[NUM_CLIENT_CONNECTIONS]; int (*response_callback)(void *object, uint8_t connection_id, const uint8_t *public_key); diff --git a/toxcore/TCP_connection.c b/toxcore/TCP_connection.c index 234a8d79cb..e8f5127356 100644 --- a/toxcore/TCP_connection.c +++ b/toxcore/TCP_connection.c @@ -33,8 +33,8 @@ struct TCP_Connections { DHT *dht; - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; TCP_Connection_to *connections; uint32_t connections_length; /* Length of connections array. */ @@ -509,7 +509,7 @@ int new_tcp_connection_to(TCP_Connections *tcp_c, const uint8_t *public_key, int TCP_Connection_to *con_to = &tcp_c->connections[connections_number]; con_to->status = TCP_CONN_VALID; - memcpy(con_to->public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(con_to->public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); con_to->id = id; return connections_number; @@ -767,8 +767,8 @@ static int reconnect_tcp_relay_connection(TCP_Connections *tcp_c, int tcp_connec } IP_Port ip_port = tcp_con->connection->ip_port; - uint8_t relay_pk[crypto_box_PUBLICKEYBYTES]; - memcpy(relay_pk, tcp_con->connection->public_key, crypto_box_PUBLICKEYBYTES); + uint8_t relay_pk[CRYPTO_PUBLIC_KEY_SIZE]; + memcpy(relay_pk, tcp_con->connection->public_key, CRYPTO_PUBLIC_KEY_SIZE); kill_TCP_connection(tcp_con->connection); tcp_con->connection = new_TCP_connection(ip_port, relay_pk, tcp_c->self_public_key, tcp_c->self_secret_key, &tcp_c->proxy_info); @@ -819,7 +819,7 @@ static int sleep_tcp_relay_connection(TCP_Connections *tcp_c, int tcp_connection } tcp_con->ip_port = tcp_con->connection->ip_port; - memcpy(tcp_con->relay_pk, tcp_con->connection->public_key, crypto_box_PUBLICKEYBYTES); + memcpy(tcp_con->relay_pk, tcp_con->connection->public_key, CRYPTO_PUBLIC_KEY_SIZE); kill_TCP_connection(tcp_con->connection); tcp_con->connection = NULL; @@ -1271,7 +1271,7 @@ unsigned int tcp_copy_connected_relays(TCP_Connections *tcp_c, Node_format *tcp_ } if (tcp_con->status == TCP_CONN_CONNECTED) { - memcpy(tcp_relays[copied].public_key, tcp_con->connection->public_key, crypto_box_PUBLICKEYBYTES); + memcpy(tcp_relays[copied].public_key, tcp_con->connection->public_key, CRYPTO_PUBLIC_KEY_SIZE); tcp_relays[copied].ip_port = tcp_con->connection->ip_port; if (tcp_relays[copied].ip_port.ip.family == AF_INET) { @@ -1376,8 +1376,8 @@ TCP_Connections *new_tcp_connections(const uint8_t *secret_key, TCP_Proxy_Info * return NULL; } - memcpy(temp->self_secret_key, secret_key, crypto_box_SECRETKEYBYTES); - crypto_scalarmult_curve25519_base(temp->self_public_key, temp->self_secret_key); + memcpy(temp->self_secret_key, secret_key, CRYPTO_SECRET_KEY_SIZE); + crypto_derive_public_key(temp->self_public_key, temp->self_secret_key); temp->proxy_info = *proxy_info; return temp; diff --git a/toxcore/TCP_connection.h b/toxcore/TCP_connection.h index e87196f092..0532c36f5b 100644 --- a/toxcore/TCP_connection.h +++ b/toxcore/TCP_connection.h @@ -53,7 +53,7 @@ typedef struct { uint8_t status; - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The dht public key of the peer */ + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer */ struct { uint32_t tcp_connection; @@ -74,7 +74,7 @@ typedef struct { /* Only used when connection is sleeping. */ IP_Port ip_port; - uint8_t relay_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t relay_pk[CRYPTO_PUBLIC_KEY_SIZE]; bool unsleep; /* set to 1 to unsleep connection. */ } TCP_con; diff --git a/toxcore/TCP_server.c b/toxcore/TCP_server.c index 63c1577dd7..0e2d0085db 100644 --- a/toxcore/TCP_server.c +++ b/toxcore/TCP_server.c @@ -42,8 +42,8 @@ struct TCP_Server { sock_t *socks_listening; unsigned int num_listening_socks; - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE]; TCP_Secure_Connection incomming_connection_queue[MAX_INCOMMING_CONNECTIONS]; uint16_t incomming_connection_queue_index; TCP_Secure_Connection unconfirmed_connection_queue[MAX_INCOMMING_CONNECTIONS]; @@ -212,7 +212,7 @@ static int del_accepted(TCP_Server *TCP_server, int index) return -1; } - sodium_memzero(&TCP_server->accepted_connection_array[index], sizeof(TCP_Secure_Connection)); + crypto_memzero(&TCP_server->accepted_connection_array[index], sizeof(TCP_Secure_Connection)); --TCP_server->num_accepted_connections; if (TCP_server->num_accepted_connections == 0) { @@ -314,7 +314,7 @@ int read_packet_TCP_secure_connection(sock_t sock, uint16_t *next_packet_length, *next_packet_length = len; } - if (max_len + crypto_box_MACBYTES < *next_packet_length) { + if (max_len + CRYPTO_MAC_SIZE < *next_packet_length) { return -1; } @@ -329,7 +329,7 @@ int read_packet_TCP_secure_connection(sock_t sock, uint16_t *next_packet_length, int len = decrypt_data_symmetric(shared_key, recv_nonce, data_encrypted, len_packet, data); - if (len + crypto_box_MACBYTES != len_packet) { + if (len + CRYPTO_MAC_SIZE != len_packet) { return -1; } @@ -437,7 +437,7 @@ static bool add_priority(TCP_Secure_Connection *con, const uint8_t *packet, uint static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const uint8_t *data, uint16_t length, bool priority) { - if (length + crypto_box_MACBYTES > MAX_PACKET_SIZE) { + if (length + CRYPTO_MAC_SIZE > MAX_PACKET_SIZE) { return -1; } @@ -451,9 +451,9 @@ static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const } } - uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES]; + uint8_t packet[sizeof(uint16_t) + length + CRYPTO_MAC_SIZE]; - uint16_t c_length = htons(length + crypto_box_MACBYTES); + uint16_t c_length = htons(length + CRYPTO_MAC_SIZE); memcpy(packet, &c_length, sizeof(uint16_t)); int len = encrypt_data_symmetric(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t)); @@ -500,7 +500,7 @@ static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const static void kill_TCP_connection(TCP_Secure_Connection *con) { kill_sock(con->sock); - sodium_memzero(con, sizeof(TCP_Secure_Connection)); + crypto_memzero(con, sizeof(TCP_Secure_Connection)); } static int rm_connection_index(TCP_Server *TCP_server, TCP_Secure_Connection *con, uint8_t con_number); @@ -546,31 +546,31 @@ static int handle_TCP_handshake(TCP_Secure_Connection *con, const uint8_t *data, return -1; } - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; encrypt_precompute(data, self_secret_key, shared_key); uint8_t plain[TCP_HANDSHAKE_PLAIN_SIZE]; - int len = decrypt_data_symmetric(shared_key, data + crypto_box_PUBLICKEYBYTES, - data + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES, plain); + int len = decrypt_data_symmetric(shared_key, data + CRYPTO_PUBLIC_KEY_SIZE, + data + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, TCP_HANDSHAKE_PLAIN_SIZE + CRYPTO_MAC_SIZE, plain); if (len != TCP_HANDSHAKE_PLAIN_SIZE) { return -1; } - memcpy(con->public_key, data, crypto_box_PUBLICKEYBYTES); - uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; + memcpy(con->public_key, data, CRYPTO_PUBLIC_KEY_SIZE); + uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE]; uint8_t resp_plain[TCP_HANDSHAKE_PLAIN_SIZE]; - crypto_box_keypair(resp_plain, temp_secret_key); + crypto_new_keypair(resp_plain, temp_secret_key); random_nonce(con->sent_nonce); - memcpy(resp_plain + crypto_box_PUBLICKEYBYTES, con->sent_nonce, crypto_box_NONCEBYTES); - memcpy(con->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES); + memcpy(resp_plain + CRYPTO_PUBLIC_KEY_SIZE, con->sent_nonce, CRYPTO_NONCE_SIZE); + memcpy(con->recv_nonce, plain + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_NONCE_SIZE); uint8_t response[TCP_SERVER_HANDSHAKE_SIZE]; random_nonce(response); len = encrypt_data_symmetric(shared_key, response, resp_plain, TCP_HANDSHAKE_PLAIN_SIZE, - response + crypto_box_NONCEBYTES); + response + CRYPTO_NONCE_SIZE); - if (len != TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES) { + if (len != TCP_HANDSHAKE_PLAIN_SIZE + CRYPTO_MAC_SIZE) { return -1; } @@ -605,10 +605,10 @@ static int read_connection_handshake(TCP_Secure_Connection *con, const uint8_t * */ static int send_routing_response(TCP_Secure_Connection *con, uint8_t rpid, const uint8_t *public_key) { - uint8_t data[1 + 1 + crypto_box_PUBLICKEYBYTES]; + uint8_t data[1 + 1 + CRYPTO_PUBLIC_KEY_SIZE]; data[0] = TCP_PACKET_ROUTING_RESPONSE; data[1] = rpid; - memcpy(data + 2, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(data + 2, public_key, CRYPTO_PUBLIC_KEY_SIZE); return write_packet_TCP_secure_connection(con, data, sizeof(data), 1); } @@ -684,7 +684,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const } con->connections[index].status = 1; - memcpy(con->connections[index].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(con->connections[index].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); int other_index = get_TCP_connection_index(TCP_server, public_key); if (other_index != -1) { @@ -730,10 +730,10 @@ static int handle_TCP_oob_send(TCP_Server *TCP_server, uint32_t con_id, const ui int other_index = get_TCP_connection_index(TCP_server, public_key); if (other_index != -1) { - uint8_t resp_packet[1 + crypto_box_PUBLICKEYBYTES + length]; + uint8_t resp_packet[1 + CRYPTO_PUBLIC_KEY_SIZE + length]; resp_packet[0] = TCP_PACKET_OOB_RECV; - memcpy(resp_packet + 1, con->public_key, crypto_box_PUBLICKEYBYTES); - memcpy(resp_packet + 1 + crypto_box_PUBLICKEYBYTES, data, length); + memcpy(resp_packet + 1, con->public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(resp_packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, data, length); write_packet_TCP_secure_connection(&TCP_server->accepted_connection_array[other_index], resp_packet, sizeof(resp_packet), 0); } @@ -817,7 +817,7 @@ static int handle_TCP_packet(TCP_Server *TCP_server, uint32_t con_id, const uint switch (data[0]) { case TCP_PACKET_ROUTING_REQUEST: { - if (length != 1 + crypto_box_PUBLICKEYBYTES) { + if (length != 1 + CRYPTO_PUBLIC_KEY_SIZE) { return -1; } @@ -872,17 +872,17 @@ static int handle_TCP_packet(TCP_Server *TCP_server, uint32_t con_id, const uint } case TCP_PACKET_OOB_SEND: { - if (length <= 1 + crypto_box_PUBLICKEYBYTES) { + if (length <= 1 + CRYPTO_PUBLIC_KEY_SIZE) { return -1; } - return handle_TCP_oob_send(TCP_server, con_id, data + 1, data + 1 + crypto_box_PUBLICKEYBYTES, - length - (1 + crypto_box_PUBLICKEYBYTES)); + return handle_TCP_oob_send(TCP_server, con_id, data + 1, data + 1 + CRYPTO_PUBLIC_KEY_SIZE, + length - (1 + CRYPTO_PUBLIC_KEY_SIZE)); } case TCP_PACKET_ONION_REQUEST: { if (TCP_server->onion) { - if (length <= 1 + crypto_box_NONCEBYTES + ONION_SEND_BASE * 2) { + if (length <= 1 + CRYPTO_NONCE_SIZE + ONION_SEND_BASE * 2) { return -1; } @@ -892,7 +892,7 @@ static int handle_TCP_packet(TCP_Server *TCP_server, uint32_t con_id, const uint source.ip.ip6.uint32[0] = con_id; source.ip.ip6.uint32[1] = 0; source.ip.ip6.uint64[1] = con->identifier; - onion_send_1(TCP_server->onion, data + 1 + crypto_box_NONCEBYTES, length - (1 + crypto_box_NONCEBYTES), source, + onion_send_1(TCP_server->onion, data + 1 + CRYPTO_NONCE_SIZE, length - (1 + CRYPTO_NONCE_SIZE), source, data + 1); } @@ -951,7 +951,7 @@ static int confirm_TCP_connection(TCP_Server *TCP_server, TCP_Secure_Connection return -1; } - sodium_memzero(con, sizeof(TCP_Secure_Connection)); + crypto_memzero(con, sizeof(TCP_Secure_Connection)); if (handle_TCP_packet(TCP_server, index, data, length) == -1) { kill_accepted(TCP_server, index); @@ -1102,10 +1102,10 @@ TCP_Server *new_TCP_server(uint8_t ipv6_enabled, uint16_t num_sockets, const uin set_callback_handle_recv_1(onion, &handle_onion_recv_1, temp); } - memcpy(temp->secret_key, secret_key, crypto_box_SECRETKEYBYTES); - crypto_scalarmult_curve25519_base(temp->public_key, temp->secret_key); + memcpy(temp->secret_key, secret_key, CRYPTO_SECRET_KEY_SIZE); + crypto_derive_public_key(temp->public_key, temp->secret_key); - bs_list_init(&temp->accepted_key_list, crypto_box_PUBLICKEYBYTES, 8); + bs_list_init(&temp->accepted_key_list, CRYPTO_PUBLIC_KEY_SIZE, 8); return temp; } @@ -1145,7 +1145,7 @@ static int do_incoming(TCP_Server *TCP_server, uint32_t i) } memcpy(conn_new, conn_old, sizeof(TCP_Secure_Connection)); - sodium_memzero(conn_old, sizeof(TCP_Secure_Connection)); + crypto_memzero(conn_old, sizeof(TCP_Secure_Connection)); ++TCP_server->unconfirmed_connection_queue_index; return index_new; diff --git a/toxcore/TCP_server.h b/toxcore/TCP_server.h index 4dcfe126f2..f2618330fe 100644 --- a/toxcore/TCP_server.h +++ b/toxcore/TCP_server.h @@ -41,9 +41,9 @@ #define MAX_PACKET_SIZE 2048 -#define TCP_HANDSHAKE_PLAIN_SIZE (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES) -#define TCP_SERVER_HANDSHAKE_SIZE (crypto_box_NONCEBYTES + TCP_HANDSHAKE_PLAIN_SIZE + crypto_box_MACBYTES) -#define TCP_CLIENT_HANDSHAKE_SIZE (crypto_box_PUBLICKEYBYTES + TCP_SERVER_HANDSHAKE_SIZE) +#define TCP_HANDSHAKE_PLAIN_SIZE (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE) +#define TCP_SERVER_HANDSHAKE_SIZE (CRYPTO_NONCE_SIZE + TCP_HANDSHAKE_PLAIN_SIZE + CRYPTO_MAC_SIZE) +#define TCP_CLIENT_HANDSHAKE_SIZE (CRYPTO_PUBLIC_KEY_SIZE + TCP_SERVER_HANDSHAKE_SIZE) #define TCP_MAX_OOB_DATA_LENGTH 1024 #define NUM_RESERVED_PORTS 16 @@ -90,13 +90,13 @@ struct TCP_Priority_List { typedef struct TCP_Secure_Connection { sock_t sock; - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ - uint8_t sent_nonce[crypto_box_NONCEBYTES]; /* Nonce of sent packets. */ - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */ + uint8_t sent_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of sent packets. */ + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; uint16_t next_packet_length; struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint32_t index; uint8_t status; /* 0 if not used, 1 if other is offline, 2 if other is online. */ uint8_t other_id; diff --git a/toxcore/crypto_core.api.h b/toxcore/crypto_core.api.h index 0c72471cb7..78a172808e 100644 --- a/toxcore/crypto_core.api.h +++ b/toxcore/crypto_core.api.h @@ -25,29 +25,59 @@ #define CORE_CRYPTO_H #include "network.h" +%} -#ifndef VANILLA_NACL -/* We use libsodium by default. */ -#include -#else -#include -#include -#include -#include -#include -#include -#include -#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) -/* I know */ -#define sodium_memcmp(a, b, c) memcmp(a, b, c) -#define sodium_memzero(a, c) memset(a, 0, c) -#endif +/** + * The number of bytes in a Tox public key. + */ +const CRYPTO_PUBLIC_KEY_SIZE = 32; -#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) -%} +/** + * The number of bytes in a Tox secret key. + */ +const CRYPTO_SECRET_KEY_SIZE = 32; + +/** + * The number of bytes in a shared key computed from public and secret key. + */ +const CRYPTO_SHARED_KEY_SIZE = 32; + +/** + * The number of bytes in a random symmetric key. + */ +const CRYPTO_SYMMETRIC_KEY_SIZE = CRYPTO_SHARED_KEY_SIZE; + +/** + * The number of bytes needed for the MAC (message authentication code) in an + * encrypted message. + */ +const CRYPTO_MAC_SIZE = 16; /** - * compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. + * The number of bytes in a nonce used for encryption/decryption. + */ +const CRYPTO_NONCE_SIZE = 24; + +/** + * The number of bytes in a SHA256 hash. + */ +const CRYPTO_SHA256_SIZE = 32; + +/** + * The number of bytes in a SHA512 hash. + */ +const CRYPTO_SHA512_SIZE = 64; + +static int32_t crypto_memcmp(const void *p1, const void *p2, size_t length); +static void crypto_memzero(void *data, size_t length); + +static void crypto_sha256(uint8_t *hash, const uint8_t[length] data); +static void crypto_sha512(uint8_t *hash, const uint8_t[length] data); + +static void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key); + +/** + * compare 2 public keys of length CRYPTO_PUBLIC_KEY_SIZE, not vulnerable to timing attacks. * returns 0 if both mem locations of length are equal, * return -1 if they are not. */ @@ -64,7 +94,7 @@ static uint32_t random_int(); static uint64_t random_64b(); /** - * Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. + * Check if a Tox public key CRYPTO_PUBLIC_KEY_SIZE is valid or not. * This should only be used for input validation. * * return 0 if it isn't. @@ -72,6 +102,8 @@ static uint64_t random_64b(); */ static int32_t public_key_valid(const uint8_t *public_key); +static int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key); + /** * Encrypts plain of length length to encrypted of length + 16 using the * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. @@ -105,7 +137,7 @@ static int32_t encrypt_precompute( /** * Encrypts plain of length length to encrypted of length + 16 using a - * secret key crypto_box_KEYBYTES big and a 24 byte nonce. + * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce. * * return -1 if there was a problem. * return length of encrypted data if everything was fine. @@ -116,7 +148,7 @@ static int32_t encrypt_data_symmetric( /** * Decrypts encrypted of length length to plain of length length - 16 using a - * secret key crypto_box_KEYBYTES big and a 24 byte nonce. + * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce. * * return -1 if there was a problem (decryption failed). * return length of plain data if everything was fine. @@ -141,10 +173,15 @@ static void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num); static void random_nonce(uint8_t *nonce); /** - * Fill a key crypto_box_KEYBYTES big with random bytes. + * Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes. */ static void new_symmetric_key(uint8_t *key); +/** + * Fill an array of bytes with random values. + */ +static void random_bytes(uint8_t[length] bytes); + %{ #endif %} diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index a71b3cb867..d4f7c5625d 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c @@ -29,8 +29,53 @@ #include "crypto_core.h" -#if crypto_box_PUBLICKEYBYTES != 32 -#error crypto_box_PUBLICKEYBYTES is required to be 32 bytes for public_key_cmp to work, +#ifndef VANILLA_NACL +/* We use libsodium by default. */ +#include +#else +#include +#include +#include +#include +#include +#include +#include +#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) +/* I know */ +#define sodium_memcmp(a, b, c) memcmp(a, b, c) +#define sodium_memzero(a, c) memset(a, 0, c) +#endif + +#if CRYPTO_PUBLIC_KEY_SIZE != crypto_box_PUBLICKEYBYTES +#error CRYPTO_PUBLIC_KEY_SIZE should be equal to crypto_box_PUBLICKEYBYTES +#endif + +#if CRYPTO_SECRET_KEY_SIZE != crypto_box_SECRETKEYBYTES +#error CRYPTO_SECRET_KEY_SIZE should be equal to crypto_box_SECRETKEYBYTES +#endif + +#if CRYPTO_SHARED_KEY_SIZE != crypto_box_BEFORENMBYTES +#error CRYPTO_SHARED_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES +#endif + +#if CRYPTO_SYMMETRIC_KEY_SIZE != crypto_box_BEFORENMBYTES +#error CRYPTO_SYMMETRIC_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES +#endif + +#if CRYPTO_MAC_SIZE != crypto_box_MACBYTES +#error CRYPTO_MAC_SIZE should be equal to crypto_box_MACBYTES +#endif + +#if CRYPTO_NONCE_SIZE != crypto_box_NONCEBYTES +#error CRYPTO_NONCE_SIZE should be equal to crypto_box_NONCEBYTES +#endif + +#if CRYPTO_SHA256_SIZE != crypto_hash_sha256_BYTES +#error CRYPTO_SHA256_SIZE should be equal to crypto_hash_sha256_BYTES +#endif + +#if CRYPTO_SHA512_SIZE != crypto_hash_sha512_BYTES +#error CRYPTO_SHA512_SIZE should be equal to crypto_hash_sha512_BYTES #endif /* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. @@ -38,6 +83,9 @@ return -1 if they are not. */ int public_key_cmp(const uint8_t *pk1, const uint8_t *pk2) { +#if crypto_box_PUBLICKEYBYTES != 32 +#error crypto_box_PUBLICKEYBYTES is required to be 32 bytes for public_key_cmp to work, +#endif return crypto_verify_32(pk1, pk2); } @@ -135,7 +183,7 @@ int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uin uint8_t k[crypto_box_BEFORENMBYTES]; encrypt_precompute(public_key, secret_key, k); int ret = encrypt_data_symmetric(k, nonce, plain, length, encrypted); - sodium_memzero(k, sizeof k); + crypto_memzero(k, sizeof k); return ret; } @@ -149,7 +197,7 @@ int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uin uint8_t k[crypto_box_BEFORENMBYTES]; encrypt_precompute(public_key, secret_key, k); int ret = decrypt_data_symmetric(k, nonce, encrypted, length, plain); - sodium_memzero(k, sizeof k); + crypto_memzero(k, sizeof k); return ret; } @@ -204,8 +252,43 @@ void random_nonce(uint8_t *nonce) randombytes(nonce, crypto_box_NONCEBYTES); } -/* Fill a key crypto_box_KEYBYTES big with random bytes */ +/* Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes */ void new_symmetric_key(uint8_t *key) { - randombytes(key, crypto_box_KEYBYTES); + randombytes(key, CRYPTO_SYMMETRIC_KEY_SIZE); +} + +int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key) +{ + return crypto_box_keypair(public_key, secret_key); +} + +void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key) +{ + crypto_scalarmult_curve25519_base(public_key, secret_key); +} + +void crypto_sha256(uint8_t *hash, const uint8_t *data, size_t length) +{ + crypto_hash_sha256(hash, data, length); +} + +void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length) +{ + crypto_hash_sha512(hash, data, length); +} + +void crypto_memzero(void *data, size_t length) +{ + sodium_memzero(data, length); +} + +int32_t crypto_memcmp(const void *p1, const void *p2, size_t length) +{ + return sodium_memcmp(p1, p2, length); +} + +void random_bytes(uint8_t *data, size_t length) +{ + randombytes(data, length); } diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index 5a1b153a22..a5cea0190d 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h @@ -25,27 +25,75 @@ #include "network.h" -#ifndef VANILLA_NACL -/* We use libsodium by default. */ -#include -#else -#include -#include -#include -#include -#include -#include -#include -#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) -/* I know */ -#define sodium_memcmp(a, b, c) memcmp(a, b, c) -#define sodium_memzero(a, c) memset(a, 0, c) -#endif +/** + * The number of bytes in a Tox public key. + */ +#define CRYPTO_PUBLIC_KEY_SIZE 32 + +uint32_t crypto_public_key_size(void); + +/** + * The number of bytes in a Tox secret key. + */ +#define CRYPTO_SECRET_KEY_SIZE 32 + +uint32_t crypto_secret_key_size(void); + +/** + * The number of bytes in a shared key computed from public and secret key. + */ +#define CRYPTO_SHARED_KEY_SIZE 32 -#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) +uint32_t crypto_shared_key_size(void); /** - * compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. + * The number of bytes in a random symmetric key. + */ +#define CRYPTO_SYMMETRIC_KEY_SIZE CRYPTO_SHARED_KEY_SIZE + +uint32_t crypto_symmetric_key_size(void); + +/** + * The number of bytes needed for the MAC (message authentication code) in an + * encrypted message. + */ +#define CRYPTO_MAC_SIZE 16 + +uint32_t crypto_mac_size(void); + +/** + * The number of bytes in a nonce used for encryption/decryption. + */ +#define CRYPTO_NONCE_SIZE 24 + +uint32_t crypto_nonce_size(void); + +/** + * The number of bytes in a SHA256 hash. + */ +#define CRYPTO_SHA256_SIZE 32 + +uint32_t crypto_sha256_size(void); + +/** + * The number of bytes in a SHA512 hash. + */ +#define CRYPTO_SHA512_SIZE 64 + +uint32_t crypto_sha512_size(void); + +int32_t crypto_memcmp(const void *p1, const void *p2, size_t length); + +void crypto_memzero(void *data, size_t length); + +void crypto_sha256(uint8_t *hash, const uint8_t *data, size_t length); + +void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length); + +void crypto_derive_public_key(uint8_t *public_key, uint8_t *secret_key); + +/** + * compare 2 public keys of length CRYPTO_PUBLIC_KEY_SIZE, not vulnerable to timing attacks. * returns 0 if both mem locations of length are equal, * return -1 if they are not. */ @@ -62,7 +110,7 @@ uint32_t random_int(void); uint64_t random_64b(void); /** - * Check if a Tox public key crypto_box_PUBLICKEYBYTES is valid or not. + * Check if a Tox public key CRYPTO_PUBLIC_KEY_SIZE is valid or not. * This should only be used for input validation. * * return 0 if it isn't. @@ -70,6 +118,8 @@ uint64_t random_64b(void); */ int32_t public_key_valid(const uint8_t *public_key); +int32_t crypto_new_keypair(uint8_t *public_key, uint8_t *secret_key); + /** * Encrypts plain of length length to encrypted of length + 16 using the * public key(32 bytes) of the receiver and the secret key of the sender and a 24 byte nonce. @@ -99,7 +149,7 @@ int32_t encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, /** * Encrypts plain of length length to encrypted of length + 16 using a - * secret key crypto_box_KEYBYTES big and a 24 byte nonce. + * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce. * * return -1 if there was a problem. * return length of encrypted data if everything was fine. @@ -109,7 +159,7 @@ int32_t encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, /** * Decrypts encrypted of length length to plain of length length - 16 using a - * secret key crypto_box_KEYBYTES big and a 24 byte nonce. + * secret key CRYPTO_SYMMETRIC_KEY_SIZE big and a 24 byte nonce. * * return -1 if there was a problem (decryption failed). * return length of plain data if everything was fine. @@ -133,8 +183,14 @@ void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num); void random_nonce(uint8_t *nonce); /** - * Fill a key crypto_box_KEYBYTES big with random bytes. + * Fill a key CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes. */ void new_symmetric_key(uint8_t *key); +/** + * Fill an array of bytes with random values. + */ +void random_bytes(uint8_t *bytes, size_t length); + #endif + diff --git a/toxcore/friend_connection.c b/toxcore/friend_connection.c index 2a99070bcf..d4f36c9669 100644 --- a/toxcore/friend_connection.c +++ b/toxcore/friend_connection.c @@ -190,7 +190,7 @@ int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_ } friend_con->tcp_relays[index].ip_port = ip_port; - memcpy(friend_con->tcp_relays[index].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(friend_con->tcp_relays[index].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); ++friend_con->tcp_relay_counter; return add_tcp_relay_peer(fr_c->net_crypto, friend_con->crypt_connection_id, ip_port, public_key); @@ -320,7 +320,7 @@ static void change_dht_pk(Friend_Connections *fr_c, int friendcon_id, const uint } DHT_addfriend(fr_c->dht, dht_public_key, dht_ip_callback, fr_c, friendcon_id, &friend_con->dht_lock); - memcpy(friend_con->dht_temp_pk, dht_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(friend_con->dht_temp_pk, dht_public_key, CRYPTO_PUBLIC_KEY_SIZE); } static int handle_status(void *object, int number, uint8_t status, void *userdata) @@ -626,11 +626,11 @@ int get_friendcon_public_keys(uint8_t *real_pk, uint8_t *dht_temp_pk, Friend_Con } if (real_pk) { - memcpy(real_pk, friend_con->real_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(real_pk, friend_con->real_public_key, CRYPTO_PUBLIC_KEY_SIZE); } if (dht_temp_pk) { - memcpy(dht_temp_pk, friend_con->dht_temp_pk, crypto_box_PUBLICKEYBYTES); + memcpy(dht_temp_pk, friend_con->dht_temp_pk, CRYPTO_PUBLIC_KEY_SIZE); } return 0; @@ -722,7 +722,7 @@ int new_friend_connection(Friend_Connections *fr_c, const uint8_t *real_public_k friend_con->crypt_connection_id = -1; friend_con->status = FRIENDCONN_STATUS_CONNECTING; - memcpy(friend_con->real_public_key, real_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(friend_con->real_public_key, real_public_key, CRYPTO_PUBLIC_KEY_SIZE); friend_con->onion_friendnum = onion_friendnum; recv_tcp_relay_handler(fr_c->onion_c, onion_friendnum, &tcp_relay_node_callback, fr_c, friendcon_id); diff --git a/toxcore/friend_connection.h b/toxcore/friend_connection.h index 4d6f841c55..13ea476db8 100644 --- a/toxcore/friend_connection.h +++ b/toxcore/friend_connection.h @@ -65,8 +65,8 @@ enum { typedef struct { uint8_t status; - uint8_t real_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; uint16_t dht_lock; IP_Port dht_ip_port; uint64_t dht_pk_lastrecv, dht_ip_port_lastrecv; diff --git a/toxcore/friend_requests.c b/toxcore/friend_requests.c index f0281d3aa4..a2979b46e1 100644 --- a/toxcore/friend_requests.c +++ b/toxcore/friend_requests.c @@ -96,7 +96,7 @@ int remove_request_received(Friend_Requests *fr, const uint8_t *real_pk) for (i = 0; i < MAX_RECEIVED_STORED; ++i) { if (id_equal(fr->received_requests[i], real_pk)) { - sodium_memzero(fr->received_requests[i], crypto_box_PUBLICKEYBYTES); + crypto_memzero(fr->received_requests[i], CRYPTO_PUBLIC_KEY_SIZE); return 0; } } diff --git a/toxcore/friend_requests.h b/toxcore/friend_requests.h index 4a9d06def7..9fb06d008e 100644 --- a/toxcore/friend_requests.h +++ b/toxcore/friend_requests.h @@ -42,7 +42,7 @@ typedef struct { #define MAX_RECEIVED_STORED 32 - uint8_t received_requests[MAX_RECEIVED_STORED][crypto_box_PUBLICKEYBYTES]; + uint8_t received_requests[MAX_RECEIVED_STORED][CRYPTO_PUBLIC_KEY_SIZE]; uint16_t received_requests_index; } Friend_Requests; diff --git a/toxcore/group.c b/toxcore/group.c index f1c160c909..e733d550a7 100644 --- a/toxcore/group.c +++ b/toxcore/group.c @@ -113,7 +113,7 @@ static int wipe_group_chat(Group_Chats *g_c, int groupnumber) } uint32_t i; - sodium_memzero(&(g_c->chats[groupnumber]), sizeof(Group_c)); + crypto_memzero(&(g_c->chats[groupnumber]), sizeof(Group_c)); for (i = g_c->num_chats; i != 0; --i) { if (g_c->chats[i - 1].status != GROUPCHAT_STATUS_NONE) { @@ -173,7 +173,7 @@ static int get_group_num(const Group_Chats *g_c, const uint8_t *identifier) uint32_t i; for (i = 0; i < g_c->num_chats; ++i) { - if (sodium_memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0) { + if (crypto_memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0) { return i; } } @@ -284,19 +284,19 @@ static int add_to_closest(Group_Chats *g_c, int groupnumber, const uint8_t *real return -1; } - uint8_t old_real_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t old_temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t old_real_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t old_temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t old = 0; if (g->closest_peers[index].entry) { - memcpy(old_real_pk, g->closest_peers[index].real_pk, crypto_box_PUBLICKEYBYTES); - memcpy(old_temp_pk, g->closest_peers[index].temp_pk, crypto_box_PUBLICKEYBYTES); + memcpy(old_real_pk, g->closest_peers[index].real_pk, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(old_temp_pk, g->closest_peers[index].temp_pk, CRYPTO_PUBLIC_KEY_SIZE); old = 1; } g->closest_peers[index].entry = 1; - memcpy(g->closest_peers[index].real_pk, real_pk, crypto_box_PUBLICKEYBYTES); - memcpy(g->closest_peers[index].temp_pk, temp_pk, crypto_box_PUBLICKEYBYTES); + memcpy(g->closest_peers[index].real_pk, real_pk, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(g->closest_peers[index].temp_pk, temp_pk, CRYPTO_PUBLIC_KEY_SIZE); if (old) { add_to_closest(g_c, groupnumber, old_real_pk, old_temp_pk); @@ -357,8 +357,8 @@ static int connect_to_closest(Group_Chats *g_c, int groupnumber, void *userdata) continue; } - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[i].number); if (!pk_in_closest_peers(g, real_pk)) { @@ -743,7 +743,7 @@ int add_groupchat(Group_Chats *g_c, uint8_t type) new_symmetric_key(g->identifier + 1); g->identifier[0] = type; g->peer_number = 0; /* Founder is peer 0. */ - memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); int peer_index = addpeer(g_c, groupnumber, g->real_pk, g_c->m->dht->self_public_key, 0, NULL, false); if (peer_index == -1) { @@ -798,7 +798,7 @@ int del_groupchat(Group_Chats *g_c, int groupnumber) } /* Copy the public key of peernumber who is in groupnumber to pk. - * pk must be crypto_box_PUBLICKEYBYTES long. + * pk must be CRYPTO_PUBLIC_KEY_SIZE long. * * return 0 on success * return -1 if groupnumber is invalid. @@ -816,7 +816,7 @@ int group_peer_pubkey(const Group_Chats *g_c, int groupnumber, int peernumber, u return -2; } - memcpy(pk, g->group[peernumber].real_pk, crypto_box_PUBLICKEYBYTES); + memcpy(pk, g->group[peernumber].real_pk, CRYPTO_PUBLIC_KEY_SIZE); return 0; } @@ -1077,7 +1077,7 @@ int join_groupchat(Group_Chats *g_c, int32_t friendnumber, uint8_t expected_type uint16_t group_num = htons(groupnumber); g->status = GROUPCHAT_STATUS_VALID; g->number_joined = -1; - memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(g->real_pk, g_c->m->net_crypto->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); uint8_t response[INVITE_RESPONSE_PACKET_SIZE]; response[0] = INVITE_RESPONSE_ID; @@ -1231,7 +1231,7 @@ static int group_ping_send(const Group_Chats *g_c, int groupnumber) } #define GROUP_MESSAGE_NEW_PEER_ID 16 -#define GROUP_MESSAGE_NEW_PEER_LENGTH (sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES * 2) +#define GROUP_MESSAGE_NEW_PEER_LENGTH (sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE * 2) /* send a new_peer message * return 0 on success * return -1 on failure @@ -1243,8 +1243,8 @@ static int group_new_peer_send(const Group_Chats *g_c, int groupnumber, uint16_t peer_num = htons(peer_num); memcpy(packet, &peer_num, sizeof(uint16_t)); - memcpy(packet + sizeof(uint16_t), real_pk, crypto_box_PUBLICKEYBYTES); - memcpy(packet + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES, temp_pk, crypto_box_PUBLICKEYBYTES); + memcpy(packet + sizeof(uint16_t), real_pk, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(packet + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE, temp_pk, CRYPTO_PUBLIC_KEY_SIZE); if (send_message_group(g_c, groupnumber, GROUP_MESSAGE_NEW_PEER_ID, packet, sizeof(packet)) > 0) { return 0; @@ -1420,7 +1420,7 @@ static void handle_friend_invite_packet(Messenger *m, uint32_t friendnumber, con return; } - if (sodium_memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0) { + if (crypto_memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0) { return; } @@ -1443,7 +1443,7 @@ static void handle_friend_invite_packet(Messenger *m, uint32_t friendnumber, con other_groupnum = ntohs(other_groupnum); int friendcon_id = getfriendcon_id(m, friendnumber); - uint8_t real_pk[crypto_box_PUBLICKEYBYTES], temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE], temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; get_friendcon_public_keys(real_pk, temp_pk, g_c->fr_c, friendcon_id); addpeer(g_c, groupnum, real_pk, temp_pk, peer_number, userdata, true); @@ -1616,7 +1616,7 @@ static unsigned int send_peers(Group_Chats *g_c, int groupnumber, int friendcon_ unsigned int i; for (i = 0; i < g->numpeers; ++i) { - if ((p - packet) + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES * 2 + 1 + g->group[i].nick_len > sizeof(packet)) { + if ((p - packet) + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE * 2 + 1 + g->group[i].nick_len > sizeof(packet)) { if (send_packet_group_peer(g_c->fr_c, friendcon_id, PACKET_ID_DIRECT_CONFERENCE, group_num, packet, (p - packet))) { sent = i; } else { @@ -1629,10 +1629,10 @@ static unsigned int send_peers(Group_Chats *g_c, int groupnumber, int friendcon_ uint16_t peer_num = htons(g->group[i].peer_number); memcpy(p, &peer_num, sizeof(peer_num)); p += sizeof(peer_num); - memcpy(p, g->group[i].real_pk, crypto_box_PUBLICKEYBYTES); - p += crypto_box_PUBLICKEYBYTES; - memcpy(p, g->group[i].temp_pk, crypto_box_PUBLICKEYBYTES); - p += crypto_box_PUBLICKEYBYTES; + memcpy(p, g->group[i].real_pk, CRYPTO_PUBLIC_KEY_SIZE); + p += CRYPTO_PUBLIC_KEY_SIZE; + memcpy(p, g->group[i].temp_pk, CRYPTO_PUBLIC_KEY_SIZE); + p += CRYPTO_PUBLIC_KEY_SIZE; *p = g->group[i].nick_len; p += 1; memcpy(p, g->group[i].nick, g->group[i].nick_len); @@ -1669,12 +1669,12 @@ static int handle_send_peers(Group_Chats *g_c, int groupnumber, const uint8_t *d const uint8_t *d = data; - while ((unsigned int)(length - (d - data)) >= sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES * 2 + 1) { + while ((unsigned int)(length - (d - data)) >= sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE * 2 + 1) { uint16_t peer_num; memcpy(&peer_num, d, sizeof(peer_num)); peer_num = ntohs(peer_num); d += sizeof(uint16_t); - int peer_index = addpeer(g_c, groupnumber, d, d + crypto_box_PUBLICKEYBYTES, peer_num, userdata, true); + int peer_index = addpeer(g_c, groupnumber, d, d + CRYPTO_PUBLIC_KEY_SIZE, peer_num, userdata, true); if (peer_index == -1) { return -1; @@ -1687,7 +1687,7 @@ static int handle_send_peers(Group_Chats *g_c, int groupnumber, const uint8_t *d group_name_send(g_c, groupnumber, g_c->m->name, g_c->m->name_length); } - d += crypto_box_PUBLICKEYBYTES * 2; + d += CRYPTO_PUBLIC_KEY_SIZE * 2; uint8_t name_length = *d; d += 1; @@ -1832,8 +1832,8 @@ static unsigned int send_lossy_all_close(const Group_Chats *g_c, int groupnumber uint64_t comp_val_old = ~0; for (i = 0; i < num_connected_closest; ++i) { - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[connected_closest[i]].number); uint64_t comp_val = calculate_comp_value(g->real_pk, real_pk); @@ -1852,8 +1852,8 @@ static unsigned int send_lossy_all_close(const Group_Chats *g_c, int groupnumber comp_val_old = ~0; for (i = 0; i < num_connected_closest; ++i) { - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t dht_temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t dht_temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; get_friendcon_public_keys(real_pk, dht_temp_pk, g_c->fr_c, g->close[connected_closest[i]].number); uint64_t comp_val = calculate_comp_value(real_pk, g->real_pk); @@ -2046,7 +2046,7 @@ static void handle_message_packet_group(Group_Chats *g_c, int groupnumber, const uint16_t new_peer_number; memcpy(&new_peer_number, msg_data, sizeof(uint16_t)); new_peer_number = ntohs(new_peer_number); - addpeer(g_c, groupnumber, msg_data + sizeof(uint16_t), msg_data + sizeof(uint16_t) + crypto_box_PUBLICKEYBYTES, + addpeer(g_c, groupnumber, msg_data + sizeof(uint16_t), msg_data + sizeof(uint16_t) + CRYPTO_PUBLIC_KEY_SIZE, new_peer_number, userdata, true); } break; @@ -2212,7 +2212,7 @@ static unsigned int lossy_packet_not_received(Group_c *g, int peer_index, uint16 uint16_t top_distance = message_number - g->group[peer_index].top_lossy_number; if (top_distance >= MAX_LOSSY_COUNT) { - sodium_memzero(g->group[peer_index].recv_lossy, sizeof(g->group[peer_index].recv_lossy)); + crypto_memzero(g->group[peer_index].recv_lossy, sizeof(g->group[peer_index].recv_lossy)); g->group[peer_index].top_lossy_number = message_number; g->group[peer_index].bottom_lossy_number = (message_number - MAX_LOSSY_COUNT) + 1; g->group[peer_index].recv_lossy[message_number % MAX_LOSSY_COUNT] = 1; diff --git a/toxcore/group.h b/toxcore/group.h index 54d750281d..f9cc13625d 100644 --- a/toxcore/group.h +++ b/toxcore/group.h @@ -41,8 +41,8 @@ enum { #define MAX_LOSSY_COUNT 256 typedef struct { - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; uint64_t last_recv; uint32_t last_message_number; @@ -60,7 +60,7 @@ typedef struct { #define DESIRED_CLOSE_CONNECTIONS 4 #define MAX_GROUP_CONNECTIONS 16 -#define GROUP_IDENTIFIER_LENGTH (1 + crypto_box_KEYBYTES) /* type + crypto_box_KEYBYTES so we can use new_symmetric_key(...) to fill it */ +#define GROUP_IDENTIFIER_LENGTH (1 + CRYPTO_SYMMETRIC_KEY_SIZE) /* type + CRYPTO_SYMMETRIC_KEY_SIZE so we can use new_symmetric_key(...) to fill it */ enum { GROUPCHAT_CLOSE_NONE, @@ -81,11 +81,11 @@ typedef struct { uint16_t group_number; } close[MAX_GROUP_CONNECTIONS]; - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; struct { uint8_t entry; - uint8_t real_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t temp_pk[crypto_box_PUBLICKEYBYTES]; + uint8_t real_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; } closest_peers[DESIRED_CLOSE_CONNECTIONS]; uint8_t changed; @@ -180,7 +180,7 @@ int add_groupchat(Group_Chats *g_c, uint8_t type); int del_groupchat(Group_Chats *g_c, int groupnumber); /* Copy the public key of peernumber who is in groupnumber to pk. - * pk must be crypto_box_PUBLICKEYBYTES long. + * pk must be CRYPTO_PUBLIC_KEY_SIZE long. * * return 0 on success * return -1 if groupnumber is invalid. diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index 269d03a3a3..d4dd5ff89c 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c @@ -53,13 +53,13 @@ static uint8_t crypt_connection_id_not_valid(const Net_Crypto *c, int crypt_conn /* cookie timeout in seconds */ #define COOKIE_TIMEOUT 15 -#define COOKIE_DATA_LENGTH (crypto_box_PUBLICKEYBYTES * 2) +#define COOKIE_DATA_LENGTH (CRYPTO_PUBLIC_KEY_SIZE * 2) #define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_DATA_LENGTH) -#define COOKIE_LENGTH (crypto_box_NONCEBYTES + COOKIE_CONTENTS_LENGTH + crypto_box_MACBYTES) +#define COOKIE_LENGTH (CRYPTO_NONCE_SIZE + COOKIE_CONTENTS_LENGTH + CRYPTO_MAC_SIZE) #define COOKIE_REQUEST_PLAIN_LENGTH (COOKIE_DATA_LENGTH + sizeof(uint64_t)) -#define COOKIE_REQUEST_LENGTH (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES) -#define COOKIE_RESPONSE_LENGTH (1 + crypto_box_NONCEBYTES + COOKIE_LENGTH + sizeof(uint64_t) + crypto_box_MACBYTES) +#define COOKIE_REQUEST_LENGTH (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE) +#define COOKIE_RESPONSE_LENGTH (1 + CRYPTO_NONCE_SIZE + COOKIE_LENGTH + sizeof(uint64_t) + CRYPTO_MAC_SIZE) /* Create a cookie request packet and put it in packet. * dht_public_key is the dht public key of the other @@ -73,26 +73,26 @@ static int create_cookie_request(const Net_Crypto *c, uint8_t *packet, uint8_t * uint8_t *shared_key) { uint8_t plain[COOKIE_REQUEST_PLAIN_LENGTH]; - uint8_t padding[crypto_box_PUBLICKEYBYTES] = {0}; + uint8_t padding[CRYPTO_PUBLIC_KEY_SIZE] = {0}; - memcpy(plain, c->self_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(plain + crypto_box_PUBLICKEYBYTES, padding, crypto_box_PUBLICKEYBYTES); - memcpy(plain + (crypto_box_PUBLICKEYBYTES * 2), &number, sizeof(uint64_t)); + memcpy(plain, c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(plain + CRYPTO_PUBLIC_KEY_SIZE, padding, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(plain + (CRYPTO_PUBLIC_KEY_SIZE * 2), &number, sizeof(uint64_t)); DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); - uint8_t nonce[crypto_box_NONCEBYTES]; + uint8_t nonce[CRYPTO_NONCE_SIZE]; random_nonce(nonce); packet[0] = NET_PACKET_COOKIE_REQUEST; - memcpy(packet + 1, c->dht->self_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); + memcpy(packet + 1, c->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE); int len = encrypt_data_symmetric(shared_key, nonce, plain, sizeof(plain), - packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE); - if (len != COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES) { + if (len != COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE) { return -1; } - return (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + len); + return (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + len); } /* Create cookie of length COOKIE_LENGTH from bytes of length COOKIE_DATA_LENGTH using encryption_key @@ -107,9 +107,9 @@ static int create_cookie(uint8_t *cookie, const uint8_t *bytes, const uint8_t *e memcpy(contents, &temp_time, sizeof(temp_time)); memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH); random_nonce(cookie); - int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + crypto_box_NONCEBYTES); + int len = encrypt_data_symmetric(encryption_key, cookie, contents, sizeof(contents), cookie + CRYPTO_NONCE_SIZE); - if (len != COOKIE_LENGTH - crypto_box_NONCEBYTES) { + if (len != COOKIE_LENGTH - CRYPTO_NONCE_SIZE) { return -1; } @@ -124,8 +124,8 @@ static int create_cookie(uint8_t *cookie, const uint8_t *bytes, const uint8_t *e static int open_cookie(uint8_t *bytes, const uint8_t *cookie, const uint8_t *encryption_key) { uint8_t contents[COOKIE_CONTENTS_LENGTH]; - int len = decrypt_data_symmetric(encryption_key, cookie, cookie + crypto_box_NONCEBYTES, - COOKIE_LENGTH - crypto_box_NONCEBYTES, contents); + int len = decrypt_data_symmetric(encryption_key, cookie, cookie + CRYPTO_NONCE_SIZE, + COOKIE_LENGTH - CRYPTO_NONCE_SIZE, contents); if (len != sizeof(contents)) { return -1; @@ -155,8 +155,8 @@ static int create_cookie_response(const Net_Crypto *c, uint8_t *packet, const ui const uint8_t *shared_key, const uint8_t *dht_public_key) { uint8_t cookie_plain[COOKIE_DATA_LENGTH]; - memcpy(cookie_plain, request_plain, crypto_box_PUBLICKEYBYTES); - memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, dht_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(cookie_plain, request_plain, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(cookie_plain + CRYPTO_PUBLIC_KEY_SIZE, dht_public_key, CRYPTO_PUBLIC_KEY_SIZE); uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; if (create_cookie(plain, cookie_plain, c->secret_symmetric_key) != 0) { @@ -166,9 +166,9 @@ static int create_cookie_response(const Net_Crypto *c, uint8_t *packet, const ui memcpy(plain + COOKIE_LENGTH, request_plain + COOKIE_DATA_LENGTH, sizeof(uint64_t)); packet[0] = NET_PACKET_COOKIE_RESPONSE; random_nonce(packet + 1); - int len = encrypt_data_symmetric(shared_key, packet + 1, plain, sizeof(plain), packet + 1 + crypto_box_NONCEBYTES); + int len = encrypt_data_symmetric(shared_key, packet + 1, plain, sizeof(plain), packet + 1 + CRYPTO_NONCE_SIZE); - if (len != COOKIE_RESPONSE_LENGTH - (1 + crypto_box_NONCEBYTES)) { + if (len != COOKIE_RESPONSE_LENGTH - (1 + CRYPTO_NONCE_SIZE)) { return -1; } @@ -177,7 +177,7 @@ static int create_cookie_response(const Net_Crypto *c, uint8_t *packet, const ui /* Handle the cookie request packet of length length. * Put what was in the request in request_plain (must be of size COOKIE_REQUEST_PLAIN_LENGTH) - * Put the key used to decrypt the request into shared_key (of size crypto_box_BEFORENMBYTES) for use in the response. + * Put the key used to decrypt the request into shared_key (of size CRYPTO_SHARED_KEY_SIZE) for use in the response. * * return -1 on failure. * return 0 on success. @@ -189,10 +189,10 @@ static int handle_cookie_request(const Net_Crypto *c, uint8_t *request_plain, ui return -1; } - memcpy(dht_public_key, packet + 1, crypto_box_PUBLICKEYBYTES); + memcpy(dht_public_key, packet + 1, CRYPTO_PUBLIC_KEY_SIZE); DHT_get_shared_key_sent(c->dht, shared_key, dht_public_key); - int len = decrypt_data_symmetric(shared_key, packet + 1 + crypto_box_PUBLICKEYBYTES, - packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, COOKIE_REQUEST_PLAIN_LENGTH + crypto_box_MACBYTES, + int len = decrypt_data_symmetric(shared_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE, request_plain); if (len != COOKIE_REQUEST_PLAIN_LENGTH) { @@ -209,8 +209,8 @@ static int udp_handle_cookie_request(void *object, IP_Port source, const uint8_t { Net_Crypto *c = (Net_Crypto *)object; uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; - uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; + uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) { return 1; @@ -234,8 +234,8 @@ static int udp_handle_cookie_request(void *object, IP_Port source, const uint8_t static int tcp_handle_cookie_request(Net_Crypto *c, int connections_number, const uint8_t *packet, uint16_t length) { uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; - uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; + uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; if (handle_cookie_request(c, request_plain, shared_key, dht_public_key, packet, length) != 0) { return -1; @@ -257,8 +257,8 @@ static int tcp_oob_handle_cookie_request(const Net_Crypto *c, unsigned int tcp_c const uint8_t *dht_public_key, const uint8_t *packet, uint16_t length) { uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; - uint8_t dht_public_key_temp[crypto_box_PUBLICKEYBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; + uint8_t dht_public_key_temp[CRYPTO_PUBLIC_KEY_SIZE]; if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0) { return -1; @@ -294,8 +294,8 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, const uint8 } uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; - int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, - length - (1 + crypto_box_NONCEBYTES), plain); + int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE, + length - (1 + CRYPTO_NONCE_SIZE), plain); if (len != sizeof(plain)) { return -1; @@ -306,7 +306,7 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, const uint8 return COOKIE_LENGTH; } -#define HANDSHAKE_PACKET_LENGTH (1 + COOKIE_LENGTH + crypto_box_NONCEBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH + crypto_box_MACBYTES) +#define HANDSHAKE_PACKET_LENGTH (1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE + COOKIE_LENGTH + CRYPTO_MAC_SIZE) /* Create a handshake packet and put it in packet. * cookie must be COOKIE_LENGTH bytes. @@ -318,24 +318,24 @@ static int handle_cookie_response(uint8_t *cookie, uint64_t *number, const uint8 static int create_crypto_handshake(const Net_Crypto *c, uint8_t *packet, const uint8_t *cookie, const uint8_t *nonce, const uint8_t *session_pk, const uint8_t *peer_real_pk, const uint8_t *peer_dht_pubkey) { - uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH]; - memcpy(plain, nonce, crypto_box_NONCEBYTES); - memcpy(plain + crypto_box_NONCEBYTES, session_pk, crypto_box_PUBLICKEYBYTES); - crypto_hash_sha512(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, cookie, COOKIE_LENGTH); + uint8_t plain[CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE + COOKIE_LENGTH]; + memcpy(plain, nonce, CRYPTO_NONCE_SIZE); + memcpy(plain + CRYPTO_NONCE_SIZE, session_pk, CRYPTO_PUBLIC_KEY_SIZE); + crypto_sha512(plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, cookie, COOKIE_LENGTH); uint8_t cookie_plain[COOKIE_DATA_LENGTH]; - memcpy(cookie_plain, peer_real_pk, crypto_box_PUBLICKEYBYTES); - memcpy(cookie_plain + crypto_box_PUBLICKEYBYTES, peer_dht_pubkey, crypto_box_PUBLICKEYBYTES); + memcpy(cookie_plain, peer_real_pk, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(cookie_plain + CRYPTO_PUBLIC_KEY_SIZE, peer_dht_pubkey, CRYPTO_PUBLIC_KEY_SIZE); - if (create_cookie(plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, cookie_plain, + if (create_cookie(plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE, cookie_plain, c->secret_symmetric_key) != 0) { return -1; } random_nonce(packet + 1 + COOKIE_LENGTH); int len = encrypt_data(peer_real_pk, c->self_secret_key, packet + 1 + COOKIE_LENGTH, plain, sizeof(plain), - packet + 1 + COOKIE_LENGTH + crypto_box_NONCEBYTES); + packet + 1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE); - if (len != HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + crypto_box_NONCEBYTES)) { + if (len != HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE)) { return -1; } @@ -355,9 +355,9 @@ static int create_crypto_handshake(const Net_Crypto *c, uint8_t *packet, const u * if expected_real_pk isn't NULL it denotes the real public key * the packet should be from. * - * nonce must be at least crypto_box_NONCEBYTES - * session_pk must be at least crypto_box_PUBLICKEYBYTES - * peer_real_pk must be at least crypto_box_PUBLICKEYBYTES + * nonce must be at least CRYPTO_NONCE_SIZE + * session_pk must be at least CRYPTO_PUBLIC_KEY_SIZE + * peer_real_pk must be at least CRYPTO_PUBLIC_KEY_SIZE * cookie must be at least COOKIE_LENGTH * * return -1 on failure. @@ -382,28 +382,28 @@ static int handle_crypto_handshake(const Net_Crypto *c, uint8_t *nonce, uint8_t } } - uint8_t cookie_hash[crypto_hash_sha512_BYTES]; - crypto_hash_sha512(cookie_hash, packet + 1, COOKIE_LENGTH); + uint8_t cookie_hash[CRYPTO_SHA512_SIZE]; + crypto_sha512(cookie_hash, packet + 1, COOKIE_LENGTH); - uint8_t plain[crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES + COOKIE_LENGTH]; + uint8_t plain[CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE + COOKIE_LENGTH]; int len = decrypt_data(cookie_plain, c->self_secret_key, packet + 1 + COOKIE_LENGTH, - packet + 1 + COOKIE_LENGTH + crypto_box_NONCEBYTES, - HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + crypto_box_NONCEBYTES), plain); + packet + 1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE, + HANDSHAKE_PACKET_LENGTH - (1 + COOKIE_LENGTH + CRYPTO_NONCE_SIZE), plain); if (len != sizeof(plain)) { return -1; } - if (sodium_memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, - crypto_hash_sha512_BYTES) != 0) { + if (crypto_memcmp(cookie_hash, plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, + CRYPTO_SHA512_SIZE) != 0) { return -1; } - memcpy(nonce, plain, crypto_box_NONCEBYTES); - memcpy(session_pk, plain + crypto_box_NONCEBYTES, crypto_box_PUBLICKEYBYTES); - memcpy(cookie, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_hash_sha512_BYTES, COOKIE_LENGTH); - memcpy(peer_real_pk, cookie_plain, crypto_box_PUBLICKEYBYTES); - memcpy(dht_public_key, cookie_plain + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); + memcpy(nonce, plain, CRYPTO_NONCE_SIZE); + memcpy(session_pk, plain + CRYPTO_NONCE_SIZE, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(cookie, plain + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SHA512_SIZE, COOKIE_LENGTH); + memcpy(peer_real_pk, cookie_plain, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(dht_public_key, cookie_plain + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE); return 0; } @@ -884,7 +884,7 @@ static int handle_request_packet(Packets_Array *send_array, const uint8_t *data, /** END: Array Related functions **/ -#define MAX_DATA_DATA_PACKET_SIZE (MAX_CRYPTO_PACKET_SIZE - (1 + sizeof(uint16_t) + crypto_box_MACBYTES)) +#define MAX_DATA_DATA_PACKET_SIZE (MAX_CRYPTO_PACKET_SIZE - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE)) /* Creates and sends a data packet to the peer using the fastest route. * @@ -893,7 +893,7 @@ static int handle_request_packet(Packets_Array *send_array, const uint8_t *data, */ static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length) { - if (length == 0 || length + (1 + sizeof(uint16_t) + crypto_box_MACBYTES) > MAX_CRYPTO_PACKET_SIZE) { + if (length == 0 || length + (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) > MAX_CRYPTO_PACKET_SIZE) { return -1; } @@ -904,9 +904,9 @@ static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_ } pthread_mutex_lock(&conn->mutex); - uint8_t packet[1 + sizeof(uint16_t) + length + crypto_box_MACBYTES]; + uint8_t packet[1 + sizeof(uint16_t) + length + CRYPTO_MAC_SIZE]; packet[0] = NET_PACKET_CRYPTO_DATA; - memcpy(packet + 1, conn->sent_nonce + (crypto_box_NONCEBYTES - sizeof(uint16_t)), sizeof(uint16_t)); + memcpy(packet + 1, conn->sent_nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t)); int len = encrypt_data_symmetric(conn->shared_key, conn->sent_nonce, data, length, packet + 1 + sizeof(uint16_t)); if (len + 1 + sizeof(uint16_t) != sizeof(packet)) { @@ -1042,7 +1042,7 @@ static int64_t send_lossless_packet(Net_Crypto *c, int crypt_connection_id, cons static uint16_t get_nonce_uint16(const uint8_t *nonce) { uint16_t num; - memcpy(&num, nonce + (crypto_box_NONCEBYTES - sizeof(uint16_t)), sizeof(uint16_t)); + memcpy(&num, nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t)); return ntohs(num); } @@ -1058,7 +1058,7 @@ static uint16_t get_nonce_uint16(const uint8_t *nonce) static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint8_t *data, const uint8_t *packet, uint16_t length) { - if (length <= (1 + sizeof(uint16_t) + crypto_box_MACBYTES) || length > MAX_CRYPTO_PACKET_SIZE) { + if (length <= (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) || length > MAX_CRYPTO_PACKET_SIZE) { return -1; } @@ -1068,8 +1068,8 @@ static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint return -1; } - uint8_t nonce[crypto_box_NONCEBYTES]; - memcpy(nonce, conn->recv_nonce, crypto_box_NONCEBYTES); + uint8_t nonce[CRYPTO_NONCE_SIZE]; + memcpy(nonce, conn->recv_nonce, CRYPTO_NONCE_SIZE); uint16_t num_cur_nonce = get_nonce_uint16(nonce); uint16_t num; memcpy(&num, packet + 1, sizeof(uint16_t)); @@ -1079,7 +1079,7 @@ static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint int len = decrypt_data_symmetric(conn->shared_key, nonce, packet + 1 + sizeof(uint16_t), length - (1 + sizeof(uint16_t)), data); - if ((unsigned int)len != length - (1 + sizeof(uint16_t) + crypto_box_MACBYTES)) { + if ((unsigned int)len != length - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE)) { return -1; } @@ -1509,8 +1509,8 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, cons case NET_PACKET_CRYPTO_HS: { if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT || conn->status == CRYPTO_CONN_NOT_CONFIRMED) { - uint8_t peer_real_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t peer_real_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t cookie[COOKIE_LENGTH]; if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, dht_public_key, cookie, @@ -1636,7 +1636,7 @@ static int wipe_crypto_connection(Net_Crypto *c, int crypt_connection_id) /* Keep mutex, only destroy it when connection is realloced out. */ pthread_mutex_t mutex = c->crypto_connections[crypt_connection_id].mutex; - sodium_memzero(&(c->crypto_connections[crypt_connection_id]), sizeof(Crypto_Connection)); + crypto_memzero(&(c->crypto_connections[crypt_connection_id]), sizeof(Crypto_Connection)); c->crypto_connections[crypt_connection_id].mutex = mutex; for (i = c->crypto_connections_length; i != 0; --i) { @@ -1763,8 +1763,8 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, const int ret = -1; if (conn && (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT)) { - memcpy(conn->recv_nonce, n_c.recv_nonce, crypto_box_NONCEBYTES); - memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, crypto_box_PUBLICKEYBYTES); + memcpy(conn->recv_nonce, n_c.recv_nonce, CRYPTO_NONCE_SIZE); + memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE); encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); crypto_connection_add_source(c, crypt_connection_id, source); @@ -1817,11 +1817,11 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c) } conn->connection_number_tcp = connection_number_tcp; - memcpy(conn->public_key, n_c->public_key, crypto_box_PUBLICKEYBYTES); - memcpy(conn->recv_nonce, n_c->recv_nonce, crypto_box_NONCEBYTES); - memcpy(conn->peersessionpublic_key, n_c->peersessionpublic_key, crypto_box_PUBLICKEYBYTES); + memcpy(conn->public_key, n_c->public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(conn->recv_nonce, n_c->recv_nonce, CRYPTO_NONCE_SIZE); + memcpy(conn->peersessionpublic_key, n_c->peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE); random_nonce(conn->sent_nonce); - crypto_box_keypair(conn->sessionpublic_key, conn->sessionsecret_key); + crypto_new_keypair(conn->sessionpublic_key, conn->sessionsecret_key); encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); conn->status = CRYPTO_CONN_NOT_CONFIRMED; @@ -1833,7 +1833,7 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c) return -1; } - memcpy(conn->dht_public_key, n_c->dht_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(conn->dht_public_key, n_c->dht_public_key, CRYPTO_PUBLIC_KEY_SIZE); conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; conn->packet_send_rate_requested = CRYPTO_PACKET_MIN_RATE; conn->packets_left = CRYPTO_MIN_QUEUE_LENGTH; @@ -1877,15 +1877,15 @@ int new_crypto_connection(Net_Crypto *c, const uint8_t *real_public_key, const u } conn->connection_number_tcp = connection_number_tcp; - memcpy(conn->public_key, real_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(conn->public_key, real_public_key, CRYPTO_PUBLIC_KEY_SIZE); random_nonce(conn->sent_nonce); - crypto_box_keypair(conn->sessionpublic_key, conn->sessionsecret_key); + crypto_new_keypair(conn->sessionpublic_key, conn->sessionsecret_key); conn->status = CRYPTO_CONN_COOKIE_REQUESTING; conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; conn->packet_send_rate_requested = CRYPTO_PACKET_MIN_RATE; conn->packets_left = CRYPTO_MIN_QUEUE_LENGTH; conn->rtt_time = DEFAULT_PING_CONNECTION; - memcpy(conn->dht_public_key, dht_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(conn->dht_public_key, dht_public_key, CRYPTO_PUBLIC_KEY_SIZE); conn->cookie_request_number = random_64b(); uint8_t cookie_request[COOKIE_REQUEST_LENGTH]; @@ -2221,7 +2221,7 @@ static int crypto_id_ip_port(const Net_Crypto *c, IP_Port ip_port) return bs_list_find(&c->ip_port_list, (uint8_t *)&ip_port); } -#define CRYPTO_MIN_PACKET_SIZE (1 + sizeof(uint16_t) + crypto_box_MACBYTES) +#define CRYPTO_MIN_PACKET_SIZE (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) /* Handle raw UDP packets coming directly from the socket. * @@ -2752,27 +2752,27 @@ unsigned int crypto_connection_status(const Net_Crypto *c, int crypt_connection_ void new_keys(Net_Crypto *c) { - crypto_box_keypair(c->self_public_key, c->self_secret_key); + crypto_new_keypair(c->self_public_key, c->self_secret_key); } /* Save the public and private keys to the keys array. - * Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES. + * Length must be CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE. * * TODO(irungentoo): Save only secret key. */ void save_keys(const Net_Crypto *c, uint8_t *keys) { - memcpy(keys, c->self_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(keys + crypto_box_PUBLICKEYBYTES, c->self_secret_key, crypto_box_SECRETKEYBYTES); + memcpy(keys, c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(keys + CRYPTO_PUBLIC_KEY_SIZE, c->self_secret_key, CRYPTO_SECRET_KEY_SIZE); } /* Load the secret key. - * Length must be crypto_box_SECRETKEYBYTES. + * Length must be CRYPTO_SECRET_KEY_SIZE. */ void load_secret_key(Net_Crypto *c, const uint8_t *sk) { - memcpy(c->self_secret_key, sk, crypto_box_SECRETKEYBYTES); - crypto_scalarmult_curve25519_base(c->self_public_key, c->self_secret_key); + memcpy(c->self_secret_key, sk, CRYPTO_SECRET_KEY_SIZE); + crypto_derive_public_key(c->self_public_key, c->self_secret_key); } /* Run this to (re)initialize net_crypto. @@ -2896,6 +2896,6 @@ void kill_net_crypto(Net_Crypto *c) networking_registerhandler(c->dht->net, NET_PACKET_COOKIE_RESPONSE, NULL, NULL); networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_HS, NULL, NULL); networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_DATA, NULL, NULL); - sodium_memzero(c, sizeof(Net_Crypto)); + crypto_memzero(c, sizeof(Net_Crypto)); free(c); } diff --git a/toxcore/net_crypto.h b/toxcore/net_crypto.h index b27a05e7ce..818853386e 100644 --- a/toxcore/net_crypto.h +++ b/toxcore/net_crypto.h @@ -49,7 +49,7 @@ /* Maximum total size of packets that net_crypto sends. */ #define MAX_CRYPTO_PACKET_SIZE 1400 -#define CRYPTO_DATA_PACKET_MIN_SIZE (1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + crypto_box_MACBYTES) +#define CRYPTO_DATA_PACKET_MIN_SIZE (1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + CRYPTO_MAC_SIZE) /* Max size of data in packets */ #define MAX_CRYPTO_DATA_SIZE (MAX_CRYPTO_PACKET_SIZE - CRYPTO_DATA_PACKET_MIN_SIZE) @@ -102,20 +102,20 @@ typedef struct { } Packets_Array; typedef struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The real public key of the peer. */ - uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ - uint8_t sent_nonce[crypto_box_NONCEBYTES]; /* Nonce of sent packets. */ - uint8_t sessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* Our public key for this session. */ - uint8_t sessionsecret_key[crypto_box_SECRETKEYBYTES]; /* Our private key for this session. */ - uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ - uint8_t shared_key[crypto_box_BEFORENMBYTES]; /* The precomputed shared key from encrypt_precompute. */ + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The real public key of the peer. */ + uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */ + uint8_t sent_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of sent packets. */ + uint8_t sessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* Our public key for this session. */ + uint8_t sessionsecret_key[CRYPTO_SECRET_KEY_SIZE]; /* Our private key for this session. */ + uint8_t peersessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The public key of the peer. */ + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; /* The precomputed shared key from encrypt_precompute. */ uint8_t status; /* 0 if no connection, 1 we are sending cookie request packets, * 2 if we are sending handshake packets * 3 if connection is not confirmed yet (we have received a handshake but no data packets yet), * 4 if the connection is established. */ uint64_t cookie_request_number; /* number used in the cookie request packets for this connection */ - uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; /* The dht public key of the peer */ + uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer */ uint8_t *temp_packet; /* Where the cookie request/handshake packet is stored while it is being sent. */ uint16_t temp_packet_length; @@ -182,10 +182,10 @@ typedef struct { typedef struct { IP_Port source; - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; /* The real public key of the peer. */ - uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; /* The dht public key of the peer. */ - uint8_t recv_nonce[crypto_box_NONCEBYTES]; /* Nonce of received packets. */ - uint8_t peersessionpublic_key[crypto_box_PUBLICKEYBYTES]; /* The public key of the peer. */ + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The real public key of the peer. */ + uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer. */ + uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */ + uint8_t peersessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The public key of the peer. */ uint8_t *cookie; uint8_t cookie_length; } New_Connection; @@ -205,11 +205,11 @@ typedef struct { uint32_t crypto_connections_length; /* Length of connections array. */ /* Our public and secret keys. */ - uint8_t self_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t self_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t self_secret_key[CRYPTO_SECRET_KEY_SIZE]; /* The secret key used for cookies */ - uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; + uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE]; int (*new_connection_callback)(void *object, New_Connection *n_c); void *new_connection_callback_object; @@ -400,12 +400,12 @@ unsigned int crypto_connection_status(const Net_Crypto *c, int crypt_connection_ void new_keys(Net_Crypto *c); /* Save the public and private keys to the keys array. - * Length must be crypto_box_PUBLICKEYBYTES + crypto_box_SECRETKEYBYTES. + * Length must be CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE. */ void save_keys(const Net_Crypto *c, uint8_t *keys); /* Load the secret key. - * Length must be crypto_box_SECRETKEYBYTES. + * Length must be CRYPTO_SECRET_KEY_SIZE. */ void load_secret_key(Net_Crypto *c, const uint8_t *sk); diff --git a/toxcore/onion.c b/toxcore/onion.c index 06ff719be0..07908f2e66 100644 --- a/toxcore/onion.c +++ b/toxcore/onion.c @@ -122,26 +122,26 @@ int create_onion_path(const DHT *dht, Onion_Path *new_path, const Node_format *n } encrypt_precompute(nodes[0].public_key, dht->self_secret_key, new_path->shared_key1); - memcpy(new_path->public_key1, dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(new_path->public_key1, dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); - uint8_t random_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t random_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t random_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t random_secret_key[CRYPTO_SECRET_KEY_SIZE]; - crypto_box_keypair(random_public_key, random_secret_key); + crypto_new_keypair(random_public_key, random_secret_key); encrypt_precompute(nodes[1].public_key, random_secret_key, new_path->shared_key2); - memcpy(new_path->public_key2, random_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(new_path->public_key2, random_public_key, CRYPTO_PUBLIC_KEY_SIZE); - crypto_box_keypair(random_public_key, random_secret_key); + crypto_new_keypair(random_public_key, random_secret_key); encrypt_precompute(nodes[2].public_key, random_secret_key, new_path->shared_key3); - memcpy(new_path->public_key3, random_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(new_path->public_key3, random_public_key, CRYPTO_PUBLIC_KEY_SIZE); new_path->ip_port1 = nodes[0].ip_port; new_path->ip_port2 = nodes[1].ip_port; new_path->ip_port3 = nodes[2].ip_port; - memcpy(new_path->node_public_key1, nodes[0].public_key, crypto_box_PUBLICKEYBYTES); - memcpy(new_path->node_public_key2, nodes[1].public_key, crypto_box_PUBLICKEYBYTES); - memcpy(new_path->node_public_key3, nodes[2].public_key, crypto_box_PUBLICKEYBYTES); + memcpy(new_path->node_public_key1, nodes[0].public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(new_path->node_public_key2, nodes[1].public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(new_path->node_public_key3, nodes[2].public_key, CRYPTO_PUBLIC_KEY_SIZE); return 0; } @@ -161,9 +161,9 @@ int onion_path_to_nodes(Node_format *nodes, unsigned int num_nodes, const Onion_ nodes[1].ip_port = path->ip_port2; nodes[2].ip_port = path->ip_port3; - memcpy(nodes[0].public_key, path->node_public_key1, crypto_box_PUBLICKEYBYTES); - memcpy(nodes[1].public_key, path->node_public_key2, crypto_box_PUBLICKEYBYTES); - memcpy(nodes[2].public_key, path->node_public_key3, crypto_box_PUBLICKEYBYTES); + memcpy(nodes[0].public_key, path->node_public_key1, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(nodes[1].public_key, path->node_public_key2, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(nodes[2].public_key, path->node_public_key3, CRYPTO_PUBLIC_KEY_SIZE); return 0; } @@ -188,42 +188,42 @@ int create_onion_packet(uint8_t *packet, uint16_t max_packet_length, const Onion ipport_pack(step1, &dest); memcpy(step1 + SIZE_IPPORT, data, length); - uint8_t nonce[crypto_box_NONCEBYTES]; + uint8_t nonce[CRYPTO_NONCE_SIZE]; random_nonce(nonce); uint8_t step2[SIZE_IPPORT + SEND_BASE + length]; ipport_pack(step2, &path->ip_port3); - memcpy(step2 + SIZE_IPPORT, path->public_key3, crypto_box_PUBLICKEYBYTES); + memcpy(step2 + SIZE_IPPORT, path->public_key3, CRYPTO_PUBLIC_KEY_SIZE); int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1), - step2 + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); + step2 + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE); - if (len != SIZE_IPPORT + length + crypto_box_MACBYTES) { + if (len != SIZE_IPPORT + length + CRYPTO_MAC_SIZE) { return -1; } uint8_t step3[SIZE_IPPORT + SEND_BASE * 2 + length]; ipport_pack(step3, &path->ip_port2); - memcpy(step3 + SIZE_IPPORT, path->public_key2, crypto_box_PUBLICKEYBYTES); + memcpy(step3 + SIZE_IPPORT, path->public_key2, CRYPTO_PUBLIC_KEY_SIZE); len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2), - step3 + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); + step3 + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE); - if (len != SIZE_IPPORT + SEND_BASE + length + crypto_box_MACBYTES) { + if (len != SIZE_IPPORT + SEND_BASE + length + CRYPTO_MAC_SIZE) { return -1; } packet[0] = NET_PACKET_ONION_SEND_INITIAL; - memcpy(packet + 1, nonce, crypto_box_NONCEBYTES); - memcpy(packet + 1 + crypto_box_NONCEBYTES, path->public_key1, crypto_box_PUBLICKEYBYTES); + memcpy(packet + 1, nonce, CRYPTO_NONCE_SIZE); + memcpy(packet + 1 + CRYPTO_NONCE_SIZE, path->public_key1, CRYPTO_PUBLIC_KEY_SIZE); len = encrypt_data_symmetric(path->shared_key1, nonce, step3, sizeof(step3), - packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); + packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE); - if (len != SIZE_IPPORT + SEND_BASE * 2 + length + crypto_box_MACBYTES) { + if (len != SIZE_IPPORT + SEND_BASE * 2 + length + CRYPTO_MAC_SIZE) { return -1; } - return 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + len; + return 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + len; } /* Create a onion packet to be sent over tcp. @@ -238,7 +238,7 @@ int create_onion_packet(uint8_t *packet, uint16_t max_packet_length, const Onion int create_onion_packet_tcp(uint8_t *packet, uint16_t max_packet_length, const Onion_Path *path, IP_Port dest, const uint8_t *data, uint16_t length) { - if (crypto_box_NONCEBYTES + SIZE_IPPORT + SEND_BASE * 2 + length > max_packet_length || length == 0) { + if (CRYPTO_NONCE_SIZE + SIZE_IPPORT + SEND_BASE * 2 + length > max_packet_length || length == 0) { return -1; } @@ -247,32 +247,32 @@ int create_onion_packet_tcp(uint8_t *packet, uint16_t max_packet_length, const O ipport_pack(step1, &dest); memcpy(step1 + SIZE_IPPORT, data, length); - uint8_t nonce[crypto_box_NONCEBYTES]; + uint8_t nonce[CRYPTO_NONCE_SIZE]; random_nonce(nonce); uint8_t step2[SIZE_IPPORT + SEND_BASE + length]; ipport_pack(step2, &path->ip_port3); - memcpy(step2 + SIZE_IPPORT, path->public_key3, crypto_box_PUBLICKEYBYTES); + memcpy(step2 + SIZE_IPPORT, path->public_key3, CRYPTO_PUBLIC_KEY_SIZE); int len = encrypt_data_symmetric(path->shared_key3, nonce, step1, sizeof(step1), - step2 + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); + step2 + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE); - if (len != SIZE_IPPORT + length + crypto_box_MACBYTES) { + if (len != SIZE_IPPORT + length + CRYPTO_MAC_SIZE) { return -1; } - ipport_pack(packet + crypto_box_NONCEBYTES, &path->ip_port2); - memcpy(packet + crypto_box_NONCEBYTES + SIZE_IPPORT, path->public_key2, crypto_box_PUBLICKEYBYTES); + ipport_pack(packet + CRYPTO_NONCE_SIZE, &path->ip_port2); + memcpy(packet + CRYPTO_NONCE_SIZE + SIZE_IPPORT, path->public_key2, CRYPTO_PUBLIC_KEY_SIZE); len = encrypt_data_symmetric(path->shared_key2, nonce, step2, sizeof(step2), - packet + crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES); + packet + CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE); - if (len != SIZE_IPPORT + SEND_BASE + length + crypto_box_MACBYTES) { + if (len != SIZE_IPPORT + SEND_BASE + length + CRYPTO_MAC_SIZE) { return -1; } - memcpy(packet, nonce, crypto_box_NONCEBYTES); + memcpy(packet, nonce, CRYPTO_NONCE_SIZE); - return crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_PUBLICKEYBYTES + len; + return CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_PUBLIC_KEY_SIZE + len; } /* Create and send a onion packet. @@ -338,12 +338,12 @@ static int handle_send_initial(void *object, IP_Port source, const uint8_t *pack change_symmetric_key(onion); uint8_t plain[ONION_MAX_PACKET_SIZE]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; - get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); - int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, - length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), plain); + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; + get_shared_key(&onion->shared_keys_1, shared_key, onion->dht->self_secret_key, packet + 1 + CRYPTO_NONCE_SIZE); + int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, + length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE), plain); - if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES)) { + if (len != length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE)) { return 1; } @@ -352,7 +352,7 @@ static int handle_send_initial(void *object, IP_Port source, const uint8_t *pack int onion_send_1(const Onion *onion, const uint8_t *plain, uint16_t len, IP_Port source, const uint8_t *nonce) { - if (len > ONION_MAX_PACKET_SIZE + SIZE_IPPORT - (1 + crypto_box_NONCEBYTES + ONION_RETURN_1)) { + if (len > ONION_MAX_PACKET_SIZE + SIZE_IPPORT - (1 + CRYPTO_NONCE_SIZE + ONION_RETURN_1)) { return 1; } @@ -371,19 +371,19 @@ int onion_send_1(const Onion *onion, const uint8_t *plain, uint16_t len, IP_Port uint8_t data[ONION_MAX_PACKET_SIZE]; data[0] = NET_PACKET_ONION_SEND_1; - memcpy(data + 1, nonce, crypto_box_NONCEBYTES); - memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); - uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); + memcpy(data + 1, nonce, CRYPTO_NONCE_SIZE); + memcpy(data + 1 + CRYPTO_NONCE_SIZE, plain + SIZE_IPPORT, len - SIZE_IPPORT); + uint16_t data_len = 1 + CRYPTO_NONCE_SIZE + (len - SIZE_IPPORT); uint8_t *ret_part = data + data_len; random_nonce(ret_part); len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ip_port, SIZE_IPPORT, - ret_part + crypto_box_NONCEBYTES); + ret_part + CRYPTO_NONCE_SIZE); - if (len != SIZE_IPPORT + crypto_box_MACBYTES) { + if (len != SIZE_IPPORT + CRYPTO_MAC_SIZE) { return 1; } - data_len += crypto_box_NONCEBYTES + len; + data_len += CRYPTO_NONCE_SIZE + len; if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len) { return 1; @@ -407,12 +407,12 @@ static int handle_send_1(void *object, IP_Port source, const uint8_t *packet, ui change_symmetric_key(onion); uint8_t plain[ONION_MAX_PACKET_SIZE]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; - get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); - int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, - length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1), plain); + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; + get_shared_key(&onion->shared_keys_2, shared_key, onion->dht->self_secret_key, packet + 1 + CRYPTO_NONCE_SIZE); + int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, + length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_1), plain); - if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_1 + crypto_box_MACBYTES)) { + if (len != length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_1 + CRYPTO_MAC_SIZE)) { return 1; } @@ -424,22 +424,22 @@ static int handle_send_1(void *object, IP_Port source, const uint8_t *packet, ui uint8_t data[ONION_MAX_PACKET_SIZE]; data[0] = NET_PACKET_ONION_SEND_2; - memcpy(data + 1, packet + 1, crypto_box_NONCEBYTES); - memcpy(data + 1 + crypto_box_NONCEBYTES, plain + SIZE_IPPORT, len - SIZE_IPPORT); - uint16_t data_len = 1 + crypto_box_NONCEBYTES + (len - SIZE_IPPORT); + memcpy(data + 1, packet + 1, CRYPTO_NONCE_SIZE); + memcpy(data + 1 + CRYPTO_NONCE_SIZE, plain + SIZE_IPPORT, len - SIZE_IPPORT); + uint16_t data_len = 1 + CRYPTO_NONCE_SIZE + (len - SIZE_IPPORT); uint8_t *ret_part = data + data_len; random_nonce(ret_part); uint8_t ret_data[RETURN_1 + SIZE_IPPORT]; ipport_pack(ret_data, &source); memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_1), RETURN_1); len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data), - ret_part + crypto_box_NONCEBYTES); + ret_part + CRYPTO_NONCE_SIZE); - if (len != RETURN_2 - crypto_box_NONCEBYTES) { + if (len != RETURN_2 - CRYPTO_NONCE_SIZE) { return 1; } - data_len += crypto_box_NONCEBYTES + len; + data_len += CRYPTO_NONCE_SIZE + len; if ((uint32_t)sendpacket(onion->net, send_to, data, data_len) != data_len) { return 1; @@ -463,12 +463,12 @@ static int handle_send_2(void *object, IP_Port source, const uint8_t *packet, ui change_symmetric_key(onion); uint8_t plain[ONION_MAX_PACKET_SIZE]; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; - get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + crypto_box_NONCEBYTES); - int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, - length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2), plain); + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; + get_shared_key(&onion->shared_keys_3, shared_key, onion->dht->self_secret_key, packet + 1 + CRYPTO_NONCE_SIZE); + int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, + length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_2), plain); - if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES)) { + if (len != length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + RETURN_2 + CRYPTO_MAC_SIZE)) { return 1; } @@ -487,9 +487,9 @@ static int handle_send_2(void *object, IP_Port source, const uint8_t *packet, ui ipport_pack(ret_data, &source); memcpy(ret_data + SIZE_IPPORT, packet + (length - RETURN_2), RETURN_2); len = encrypt_data_symmetric(onion->secret_symmetric_key, ret_part, ret_data, sizeof(ret_data), - ret_part + crypto_box_NONCEBYTES); + ret_part + CRYPTO_NONCE_SIZE); - if (len != RETURN_3 - crypto_box_NONCEBYTES) { + if (len != RETURN_3 - CRYPTO_NONCE_SIZE) { return 1; } @@ -518,8 +518,8 @@ static int handle_recv_3(void *object, IP_Port source, const uint8_t *packet, ui change_symmetric_key(onion); uint8_t plain[SIZE_IPPORT + RETURN_2]; - int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, - SIZE_IPPORT + RETURN_2 + crypto_box_MACBYTES, plain); + int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE, + SIZE_IPPORT + RETURN_2 + CRYPTO_MAC_SIZE, plain); if ((uint32_t)len != sizeof(plain)) { return 1; @@ -559,8 +559,8 @@ static int handle_recv_2(void *object, IP_Port source, const uint8_t *packet, ui change_symmetric_key(onion); uint8_t plain[SIZE_IPPORT + RETURN_1]; - int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, - SIZE_IPPORT + RETURN_1 + crypto_box_MACBYTES, plain); + int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE, + SIZE_IPPORT + RETURN_1 + CRYPTO_MAC_SIZE, plain); if ((uint32_t)len != sizeof(plain)) { return 1; @@ -600,8 +600,8 @@ static int handle_recv_1(void *object, IP_Port source, const uint8_t *packet, ui change_symmetric_key(onion); uint8_t plain[SIZE_IPPORT]; - int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, - SIZE_IPPORT + crypto_box_MACBYTES, plain); + int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE, + SIZE_IPPORT + CRYPTO_MAC_SIZE, plain); if ((uint32_t)len != SIZE_IPPORT) { return 1; diff --git a/toxcore/onion.h b/toxcore/onion.h index 2b270ea962..0c2dcc04c7 100644 --- a/toxcore/onion.h +++ b/toxcore/onion.h @@ -28,7 +28,7 @@ typedef struct { DHT *dht; Networking_Core *net; - uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; + uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE]; uint64_t timestamp; Shared_Keys shared_keys_1; @@ -41,14 +41,14 @@ typedef struct { #define ONION_MAX_PACKET_SIZE 1400 -#define ONION_RETURN_1 (crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_MACBYTES) -#define ONION_RETURN_2 (crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_MACBYTES + ONION_RETURN_1) -#define ONION_RETURN_3 (crypto_box_NONCEBYTES + SIZE_IPPORT + crypto_box_MACBYTES + ONION_RETURN_2) +#define ONION_RETURN_1 (CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE) +#define ONION_RETURN_2 (CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE + ONION_RETURN_1) +#define ONION_RETURN_3 (CRYPTO_NONCE_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE + ONION_RETURN_2) -#define ONION_SEND_BASE (crypto_box_PUBLICKEYBYTES + SIZE_IPPORT + crypto_box_MACBYTES) -#define ONION_SEND_3 (crypto_box_NONCEBYTES + ONION_SEND_BASE + ONION_RETURN_2) -#define ONION_SEND_2 (crypto_box_NONCEBYTES + ONION_SEND_BASE*2 + ONION_RETURN_1) -#define ONION_SEND_1 (crypto_box_NONCEBYTES + ONION_SEND_BASE*3) +#define ONION_SEND_BASE (CRYPTO_PUBLIC_KEY_SIZE + SIZE_IPPORT + CRYPTO_MAC_SIZE) +#define ONION_SEND_3 (CRYPTO_NONCE_SIZE + ONION_SEND_BASE + ONION_RETURN_2) +#define ONION_SEND_2 (CRYPTO_NONCE_SIZE + ONION_SEND_BASE*2 + ONION_RETURN_1) +#define ONION_SEND_1 (CRYPTO_NONCE_SIZE + ONION_SEND_BASE*3) #define ONION_MAX_DATA_SIZE (ONION_MAX_PACKET_SIZE - (ONION_SEND_1 + 1)) #define ONION_RESPONSE_MAX_DATA_SIZE (ONION_MAX_PACKET_SIZE - (1 + ONION_RETURN_3)) @@ -56,22 +56,22 @@ typedef struct { #define ONION_PATH_LENGTH 3 typedef struct { - uint8_t shared_key1[crypto_box_BEFORENMBYTES]; - uint8_t shared_key2[crypto_box_BEFORENMBYTES]; - uint8_t shared_key3[crypto_box_BEFORENMBYTES]; + uint8_t shared_key1[CRYPTO_SHARED_KEY_SIZE]; + uint8_t shared_key2[CRYPTO_SHARED_KEY_SIZE]; + uint8_t shared_key3[CRYPTO_SHARED_KEY_SIZE]; - uint8_t public_key1[crypto_box_PUBLICKEYBYTES]; - uint8_t public_key2[crypto_box_PUBLICKEYBYTES]; - uint8_t public_key3[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key1[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t public_key2[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t public_key3[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ip_port1; - uint8_t node_public_key1[crypto_box_PUBLICKEYBYTES]; + uint8_t node_public_key1[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ip_port2; - uint8_t node_public_key2[crypto_box_PUBLICKEYBYTES]; + uint8_t node_public_key2[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ip_port3; - uint8_t node_public_key3[crypto_box_PUBLICKEYBYTES]; + uint8_t node_public_key3[CRYPTO_PUBLIC_KEY_SIZE]; uint32_t path_num; } Onion_Path; diff --git a/toxcore/onion_announce.c b/toxcore/onion_announce.c index acde04a710..5d371a991f 100644 --- a/toxcore/onion_announce.c +++ b/toxcore/onion_announce.c @@ -56,25 +56,25 @@ int create_announce_request(uint8_t *packet, uint16_t max_packet_length, const u return -1; } - uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + + uint8_t plain[ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; memcpy(plain, ping_id, ONION_PING_ID_SIZE); - memcpy(plain + ONION_PING_ID_SIZE, client_id, crypto_box_PUBLICKEYBYTES); - memcpy(plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES, data_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES, &sendback_data, + memcpy(plain + ONION_PING_ID_SIZE, client_id, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE, data_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE, &sendback_data, sizeof(sendback_data)); packet[0] = NET_PACKET_ANNOUNCE_REQUEST; random_nonce(packet + 1); int len = encrypt_data(dest_client_id, secret_key, packet + 1, plain, sizeof(plain), - packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); + packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE); - if ((uint32_t)len + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES != ONION_ANNOUNCE_REQUEST_SIZE) { + if ((uint32_t)len + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE != ONION_ANNOUNCE_REQUEST_SIZE) { return -1; } - memcpy(packet + 1 + crypto_box_NONCEBYTES, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(packet + 1 + CRYPTO_NONCE_SIZE, public_key, CRYPTO_PUBLIC_KEY_SIZE); return ONION_ANNOUNCE_REQUEST_SIZE; } @@ -101,19 +101,19 @@ int create_data_request(uint8_t *packet, uint16_t max_packet_length, const uint8 } packet[0] = NET_PACKET_ONION_DATA_REQUEST; - memcpy(packet + 1, public_key, crypto_box_PUBLICKEYBYTES); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); + memcpy(packet + 1, public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE); - uint8_t random_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t random_secret_key[crypto_box_SECRETKEYBYTES]; - crypto_box_keypair(random_public_key, random_secret_key); + uint8_t random_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t random_secret_key[CRYPTO_SECRET_KEY_SIZE]; + crypto_new_keypair(random_public_key, random_secret_key); - memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, random_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, random_public_key, CRYPTO_PUBLIC_KEY_SIZE); - int len = encrypt_data(encrypt_public_key, random_secret_key, packet + 1 + crypto_box_PUBLICKEYBYTES, data, length, - packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES); + int len = encrypt_data(encrypt_public_key, random_secret_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, data, length, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE); - if (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + len != DATA_REQUEST_MIN_SIZE + + if (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + len != DATA_REQUEST_MIN_SIZE + length) { return -1; } @@ -204,12 +204,12 @@ static void generate_ping_id(const Onion_Announce *onion_a, uint64_t time, const IP_Port ret_ip_port, uint8_t *ping_id) { time /= PING_ID_TIMEOUT; - uint8_t data[crypto_box_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES + sizeof(ret_ip_port)]; - memcpy(data, onion_a->secret_bytes, crypto_box_KEYBYTES); - memcpy(data + crypto_box_KEYBYTES, &time, sizeof(time)); - memcpy(data + crypto_box_KEYBYTES + sizeof(time), public_key, crypto_box_PUBLICKEYBYTES); - memcpy(data + crypto_box_KEYBYTES + sizeof(time) + crypto_box_PUBLICKEYBYTES, &ret_ip_port, sizeof(ret_ip_port)); - crypto_hash_sha256(ping_id, data, sizeof(data)); + uint8_t data[CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(ret_ip_port)]; + memcpy(data, onion_a->secret_bytes, CRYPTO_SYMMETRIC_KEY_SIZE); + memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE, &time, sizeof(time)); + memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time), public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(data + CRYPTO_SYMMETRIC_KEY_SIZE + sizeof(time) + CRYPTO_PUBLIC_KEY_SIZE, &ret_ip_port, sizeof(ret_ip_port)); + crypto_sha256(ping_id, data, sizeof(data)); } /* check if public key is in entries list @@ -231,7 +231,7 @@ static int in_entries(const Onion_Announce *onion_a, const uint8_t *public_key) return -1; } -static uint8_t cmp_public_key[crypto_box_PUBLICKEYBYTES]; +static uint8_t cmp_public_key[CRYPTO_PUBLIC_KEY_SIZE]; static int cmp_entry(const void *a, const void *b) { Onion_Announce_Entry entry1, entry2; @@ -296,13 +296,13 @@ static int add_to_entries(Onion_Announce *onion_a, IP_Port ret_ip_port, const ui return -1; } - memcpy(onion_a->entries[pos].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(onion_a->entries[pos].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); onion_a->entries[pos].ret_ip_port = ret_ip_port; memcpy(onion_a->entries[pos].ret, ret, ONION_RETURN_3); - memcpy(onion_a->entries[pos].data_public_key, data_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(onion_a->entries[pos].data_public_key, data_public_key, CRYPTO_PUBLIC_KEY_SIZE); onion_a->entries[pos].time = unix_time(); - memcpy(cmp_public_key, onion_a->dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(cmp_public_key, onion_a->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); qsort(onion_a->entries, ONION_ANNOUNCE_MAX_ENTRIES, sizeof(Onion_Announce_Entry), cmp_entry); return in_entries(onion_a, public_key); } @@ -315,15 +315,15 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * return 1; } - const uint8_t *packet_public_key = packet + 1 + crypto_box_NONCEBYTES; - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + const uint8_t *packet_public_key = packet + 1 + CRYPTO_NONCE_SIZE; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; get_shared_key(&onion_a->shared_keys_recv, shared_key, onion_a->dht->self_secret_key, packet_public_key); - uint8_t plain[ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + + uint8_t plain[ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH]; - int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, - ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + - crypto_box_MACBYTES, plain); + int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + + CRYPTO_MAC_SIZE, plain); if ((uint32_t)len != sizeof(plain)) { return 1; @@ -337,10 +337,10 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * int index = -1; - uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES; + uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE; - if (sodium_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 - || sodium_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { + if (crypto_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 + || crypto_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { index = add_to_entries(onion_a, source, packet_public_key, data_public_key, packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)); } else { @@ -351,7 +351,7 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * Node_format nodes_list[MAX_SENT_NODES]; unsigned int num_nodes = get_close_nodes(onion_a->dht, plain + ONION_PING_ID_SIZE, nodes_list, 0, LAN_ip(source.ip) == 0, 1); - uint8_t nonce[crypto_box_NONCEBYTES]; + uint8_t nonce[CRYPTO_NONCE_SIZE]; random_nonce(nonce); uint8_t pl[1 + ONION_PING_ID_SIZE + sizeof(nodes_list)]; @@ -370,7 +370,7 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * } } else { pl[0] = 1; - memcpy(pl + 1, onion_a->entries[index].data_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(pl + 1, onion_a->entries[index].data_public_key, CRYPTO_PUBLIC_KEY_SIZE); } } @@ -386,19 +386,19 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * uint8_t data[ONION_ANNOUNCE_RESPONSE_MAX_SIZE]; len = encrypt_data_symmetric(shared_key, nonce, pl, 1 + ONION_PING_ID_SIZE + nodes_length, - data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES); + data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE); - if (len != 1 + ONION_PING_ID_SIZE + nodes_length + crypto_box_MACBYTES) { + if (len != 1 + ONION_PING_ID_SIZE + nodes_length + CRYPTO_MAC_SIZE) { return 1; } data[0] = NET_PACKET_ANNOUNCE_RESPONSE; - memcpy(data + 1, plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES, + memcpy(data + 1, plain + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE, ONION_ANNOUNCE_SENDBACK_DATA_LENGTH); - memcpy(data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, nonce, crypto_box_NONCEBYTES); + memcpy(data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, nonce, CRYPTO_NONCE_SIZE); if (send_onion_response(onion_a->net, source, data, - 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + len, + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE + len, packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)) == -1) { return 1; } @@ -424,9 +424,9 @@ static int handle_data_request(void *object, IP_Port source, const uint8_t *pack return 1; } - uint8_t data[length - (crypto_box_PUBLICKEYBYTES + ONION_RETURN_3)]; + uint8_t data[length - (CRYPTO_PUBLIC_KEY_SIZE + ONION_RETURN_3)]; data[0] = NET_PACKET_ONION_DATA_RESPONSE; - memcpy(data + 1, packet + 1 + crypto_box_PUBLICKEYBYTES, length - (1 + crypto_box_PUBLICKEYBYTES + ONION_RETURN_3)); + memcpy(data + 1, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, length - (1 + CRYPTO_PUBLIC_KEY_SIZE + ONION_RETURN_3)); if (send_onion_response(onion_a->net, onion_a->entries[index].ret_ip_port, data, sizeof(data), onion_a->entries[index].ret) == -1) { diff --git a/toxcore/onion_announce.h b/toxcore/onion_announce.h index a9128be89d..821e0c1523 100644 --- a/toxcore/onion_announce.h +++ b/toxcore/onion_announce.h @@ -27,29 +27,29 @@ #define ONION_ANNOUNCE_MAX_ENTRIES 160 #define ONION_ANNOUNCE_TIMEOUT 300 -#define ONION_PING_ID_SIZE crypto_hash_sha256_BYTES +#define ONION_PING_ID_SIZE CRYPTO_SHA256_SIZE #define ONION_ANNOUNCE_SENDBACK_DATA_LENGTH (sizeof(uint64_t)) -#define ONION_ANNOUNCE_REQUEST_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_MACBYTES) +#define ONION_ANNOUNCE_REQUEST_SIZE (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_PING_ID_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_PUBLIC_KEY_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_MAC_SIZE) -#define ONION_ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + 1 + ONION_PING_ID_SIZE + crypto_box_MACBYTES) +#define ONION_ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE + 1 + ONION_PING_ID_SIZE + CRYPTO_MAC_SIZE) #define ONION_ANNOUNCE_RESPONSE_MAX_SIZE (ONION_ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES) -#define ONION_DATA_RESPONSE_MIN_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) +#define ONION_DATA_RESPONSE_MIN_SIZE (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE) -#if ONION_PING_ID_SIZE != crypto_box_PUBLICKEYBYTES -#error announce response packets assume that ONION_PING_ID_SIZE is equal to crypto_box_PUBLICKEYBYTES +#if ONION_PING_ID_SIZE != CRYPTO_PUBLIC_KEY_SIZE +#error announce response packets assume that ONION_PING_ID_SIZE is equal to CRYPTO_PUBLIC_KEY_SIZE #endif -#define ONION_DATA_REQUEST_MIN_SIZE (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) +#define ONION_DATA_REQUEST_MIN_SIZE (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE) #define MAX_DATA_REQUEST_SIZE (ONION_MAX_DATA_SIZE - ONION_DATA_REQUEST_MIN_SIZE) typedef struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ret_ip_port; uint8_t ret[ONION_RETURN_3]; - uint8_t data_public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t data_public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint64_t time; } Onion_Announce_Entry; @@ -57,8 +57,8 @@ typedef struct { DHT *dht; Networking_Core *net; Onion_Announce_Entry entries[ONION_ANNOUNCE_MAX_ENTRIES]; - /* This is crypto_box_KEYBYTES long just so we can use new_symmetric_key() to fill it */ - uint8_t secret_bytes[crypto_box_KEYBYTES]; + /* This is CRYPTO_SYMMETRIC_KEY_SIZE long just so we can use new_symmetric_key() to fill it */ + uint8_t secret_bytes[CRYPTO_SYMMETRIC_KEY_SIZE]; Shared_Keys shared_keys_recv; } Onion_Announce; diff --git a/toxcore/onion_client.c b/toxcore/onion_client.c index c03036ac4d..6ef22314b3 100644 --- a/toxcore/onion_client.c +++ b/toxcore/onion_client.c @@ -55,7 +55,7 @@ int onion_add_bs_path_node(Onion_Client *onion_c, IP_Port ip_port, const uint8_t onion_c->path_nodes_bs[onion_c->path_nodes_index_bs % MAX_PATH_NODES].ip_port = ip_port; memcpy(onion_c->path_nodes_bs[onion_c->path_nodes_index_bs % MAX_PATH_NODES].public_key, public_key, - crypto_box_PUBLICKEYBYTES); + CRYPTO_PUBLIC_KEY_SIZE); uint16_t last = onion_c->path_nodes_index_bs; ++onion_c->path_nodes_index_bs; @@ -88,7 +88,7 @@ static int onion_add_path_node(Onion_Client *onion_c, IP_Port ip_port, const uin onion_c->path_nodes[onion_c->path_nodes_index % MAX_PATH_NODES].ip_port = ip_port; memcpy(onion_c->path_nodes[onion_c->path_nodes_index % MAX_PATH_NODES].public_key, public_key, - crypto_box_PUBLICKEYBYTES); + CRYPTO_PUBLIC_KEY_SIZE); uint16_t last = onion_c->path_nodes_index; ++onion_c->path_nodes_index; @@ -376,11 +376,11 @@ static int send_onion_packet_tcp_udp(const Onion_Client *onion_c, const Onion_Pa static int new_sendback(Onion_Client *onion_c, uint32_t num, const uint8_t *public_key, IP_Port ip_port, uint32_t path_num, uint64_t *sendback) { - uint8_t data[sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + sizeof(uint32_t)]; + uint8_t data[sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port) + sizeof(uint32_t)]; memcpy(data, &num, sizeof(uint32_t)); - memcpy(data + sizeof(uint32_t), public_key, crypto_box_PUBLICKEYBYTES); - memcpy(data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES, &ip_port, sizeof(IP_Port)); - memcpy(data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port), &path_num, sizeof(uint32_t)); + memcpy(data + sizeof(uint32_t), public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE, &ip_port, sizeof(IP_Port)); + memcpy(data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port), &path_num, sizeof(uint32_t)); *sendback = ping_array_add(&onion_c->announce_ping_array, data, sizeof(data)); if (*sendback == 0) { @@ -394,7 +394,7 @@ static int new_sendback(Onion_Client *onion_c, uint32_t num, const uint8_t *publ * ip contained in it in ret_ip_port * * sendback is the sendback ONION_ANNOUNCE_SENDBACK_DATA_LENGTH big - * ret_pubkey must be at least crypto_box_PUBLICKEYBYTES big + * ret_pubkey must be at least CRYPTO_PUBLIC_KEY_SIZE big * ret_ip_port must be at least 1 big * * return ~0 on failure @@ -405,15 +405,15 @@ static uint32_t check_sendback(Onion_Client *onion_c, const uint8_t *sendback, u { uint64_t sback; memcpy(&sback, sendback, sizeof(uint64_t)); - uint8_t data[sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port) + sizeof(uint32_t)]; + uint8_t data[sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port) + sizeof(uint32_t)]; if (ping_array_check(data, sizeof(data), &onion_c->announce_ping_array, sback) != sizeof(data)) { return ~0; } - memcpy(ret_pubkey, data + sizeof(uint32_t), crypto_box_PUBLICKEYBYTES); - memcpy(ret_ip_port, data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES, sizeof(IP_Port)); - memcpy(path_num, data + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + sizeof(IP_Port), sizeof(uint32_t)); + memcpy(ret_pubkey, data + sizeof(uint32_t), CRYPTO_PUBLIC_KEY_SIZE); + memcpy(ret_ip_port, data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE, sizeof(IP_Port)); + memcpy(path_num, data + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port), sizeof(uint32_t)); uint32_t num; memcpy(&num, data, sizeof(uint32_t)); @@ -469,7 +469,7 @@ static int client_send_announce_request(Onion_Client *onion_c, uint32_t num, IP_ return send_onion_packet_tcp_udp(onion_c, &path, dest, request, len); } -static uint8_t cmp_public_key[crypto_box_PUBLICKEYBYTES]; +static uint8_t cmp_public_key[CRYPTO_PUBLIC_KEY_SIZE]; static int cmp_entry(const void *a, const void *b) { Onion_Node entry1, entry2; @@ -532,7 +532,7 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t list_length = MAX_ONION_CLIENTS; } - memcpy(cmp_public_key, reference_id, crypto_box_PUBLICKEYBYTES); + memcpy(cmp_public_key, reference_id, CRYPTO_PUBLIC_KEY_SIZE); qsort(list_nodes, list_length, sizeof(Onion_Node), cmp_entry); int index = -1, stored = 0; @@ -555,14 +555,14 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t return 0; } - memcpy(list_nodes[index].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(list_nodes[index].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); list_nodes[index].ip_port = ip_port; // TODO(irungentoo): remove this and find a better source of nodes to use for paths. onion_add_path_node(onion_c, ip_port, public_key); if (is_stored == 1) { - memcpy(list_nodes[index].data_public_key, pingid_or_key, crypto_box_PUBLICKEYBYTES); + memcpy(list_nodes[index].data_public_key, pingid_or_key, CRYPTO_PUBLIC_KEY_SIZE); } else { memcpy(list_nodes[index].ping_id, pingid_or_key, ONION_PING_ID_SIZE); } @@ -590,7 +590,7 @@ static int good_to_ping(Last_Pinged *last_pinged, uint8_t *last_pinged_index, co } } - memcpy(last_pinged[*last_pinged_index % MAX_STORED_PINGED_NODES].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(last_pinged[*last_pinged_index % MAX_STORED_PINGED_NODES].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); last_pinged[*last_pinged_index % MAX_STORED_PINGED_NODES].timestamp = unix_time(); ++*last_pinged_index; return 1; @@ -670,7 +670,7 @@ static int handle_announce_response(void *object, IP_Port source, const uint8_t uint16_t len_nodes = length - ONION_ANNOUNCE_RESPONSE_MIN_SIZE; - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ip_port; uint32_t path_num; uint32_t num = check_sendback(onion_c, packet + 1, public_key, &ip_port, &path_num); @@ -684,8 +684,8 @@ static int handle_announce_response(void *object, IP_Port source, const uint8_t if (num == 0) { len = decrypt_data(public_key, onion_c->c->self_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, - packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES, - length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES), plain); + packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE, + length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE), plain); } else { if (onion_c->friends_list[num - 1].status == 0) { return 1; @@ -693,8 +693,8 @@ static int handle_announce_response(void *object, IP_Port source, const uint8_t len = decrypt_data(public_key, onion_c->friends_list[num - 1].temp_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, - packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES, - length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES), plain); + packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE, + length - (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + CRYPTO_NONCE_SIZE), plain); } if ((uint32_t)len != sizeof(plain)) { @@ -738,17 +738,17 @@ static int handle_data_response(void *object, IP_Port source, const uint8_t *pac } uint8_t temp_plain[length - ONION_DATA_RESPONSE_MIN_SIZE]; - int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion_c->temp_secret_key, packet + 1, - packet + 1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, - length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES), temp_plain); + int len = decrypt_data(packet + 1 + CRYPTO_NONCE_SIZE, onion_c->temp_secret_key, packet + 1, + packet + 1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE, + length - (1 + CRYPTO_NONCE_SIZE + CRYPTO_PUBLIC_KEY_SIZE), temp_plain); if ((uint32_t)len != sizeof(temp_plain)) { return 1; } uint8_t plain[sizeof(temp_plain) - DATA_IN_RESPONSE_MIN_SIZE]; - len = decrypt_data(temp_plain, onion_c->c->self_secret_key, packet + 1, temp_plain + crypto_box_PUBLICKEYBYTES, - sizeof(temp_plain) - crypto_box_PUBLICKEYBYTES, plain); + len = decrypt_data(temp_plain, onion_c->c->self_secret_key, packet + 1, temp_plain + CRYPTO_PUBLIC_KEY_SIZE, + sizeof(temp_plain) - CRYPTO_PUBLIC_KEY_SIZE, plain); if ((uint32_t)len != sizeof(plain)) { return 1; @@ -762,7 +762,7 @@ static int handle_data_response(void *object, IP_Port source, const uint8_t *pac sizeof(plain), userdata); } -#define DHTPK_DATA_MIN_LENGTH (1 + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES) +#define DHTPK_DATA_MIN_LENGTH (1 + sizeof(uint64_t) + CRYPTO_PUBLIC_KEY_SIZE) #define DHTPK_DATA_MAX_LENGTH (DHTPK_DATA_MIN_LENGTH + sizeof(Node_format)*MAX_SENT_NODES) static int handle_dhtpk_announce(void *object, const uint8_t *source_pubkey, const uint8_t *data, uint16_t length, void *userdata) @@ -805,7 +805,7 @@ static int handle_dhtpk_announce(void *object, const uint8_t *source_pubkey, con if (len_nodes != 0) { Node_format nodes[MAX_SENT_NODES]; - int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, data + 1 + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES, + int num_nodes = unpack_nodes(nodes, MAX_SENT_NODES, 0, data + 1 + sizeof(uint64_t) + CRYPTO_PUBLIC_KEY_SIZE, len_nodes, 1); if (num_nodes <= 0) { @@ -894,15 +894,15 @@ int send_onion_data(Onion_Client *onion_c, int friend_num, const uint8_t *data, return -1; } - uint8_t nonce[crypto_box_NONCEBYTES]; + uint8_t nonce[CRYPTO_NONCE_SIZE]; random_nonce(nonce); uint8_t packet[DATA_IN_RESPONSE_MIN_SIZE + length]; - memcpy(packet, onion_c->c->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(packet, onion_c->c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); int len = encrypt_data(onion_c->friends_list[friend_num].real_public_key, onion_c->c->self_secret_key, nonce, data, - length, packet + crypto_box_PUBLICKEYBYTES); + length, packet + CRYPTO_PUBLIC_KEY_SIZE); - if ((uint32_t)len + crypto_box_PUBLICKEYBYTES != sizeof(packet)) { + if ((uint32_t)len + CRYPTO_PUBLIC_KEY_SIZE != sizeof(packet)) { return -1; } @@ -948,16 +948,16 @@ static int send_dht_dhtpk(const Onion_Client *onion_c, int friend_num, const uin return -1; } - uint8_t nonce[crypto_box_NONCEBYTES]; + uint8_t nonce[CRYPTO_NONCE_SIZE]; random_nonce(nonce); - uint8_t temp[DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES + length]; - memcpy(temp, onion_c->c->self_public_key, crypto_box_PUBLICKEYBYTES); - memcpy(temp + crypto_box_PUBLICKEYBYTES, nonce, crypto_box_NONCEBYTES); + uint8_t temp[DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE + length]; + memcpy(temp, onion_c->c->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); + memcpy(temp + CRYPTO_PUBLIC_KEY_SIZE, nonce, CRYPTO_NONCE_SIZE); int len = encrypt_data(onion_c->friends_list[friend_num].real_public_key, onion_c->c->self_secret_key, nonce, data, - length, temp + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); + length, temp + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE); - if ((uint32_t)len + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES != sizeof(temp)) { + if ((uint32_t)len + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE != sizeof(temp)) { return -1; } @@ -977,20 +977,20 @@ static int handle_dht_dhtpk(void *object, IP_Port source, const uint8_t *source_ { Onion_Client *onion_c = (Onion_Client *)object; - if (length < DHTPK_DATA_MIN_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES) { + if (length < DHTPK_DATA_MIN_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE) { return 1; } - if (length > DHTPK_DATA_MAX_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES) { + if (length > DHTPK_DATA_MAX_LENGTH + DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE) { return 1; } uint8_t plain[DHTPK_DATA_MAX_LENGTH]; - int len = decrypt_data(packet, onion_c->c->self_secret_key, packet + crypto_box_PUBLICKEYBYTES, - packet + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, - length - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES), plain); + int len = decrypt_data(packet, onion_c->c->self_secret_key, packet + CRYPTO_PUBLIC_KEY_SIZE, + packet + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, + length - (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE), plain); - if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES)) { + if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + CRYPTO_NONCE_SIZE)) { return 1; } @@ -1020,7 +1020,7 @@ static int send_dhtpk_announce(Onion_Client *onion_c, uint16_t friend_num, uint8 uint64_t no_replay = unix_time(); host_to_net((uint8_t *)&no_replay, sizeof(no_replay)); memcpy(data + 1, &no_replay, sizeof(no_replay)); - memcpy(data + 1 + sizeof(uint64_t), onion_c->dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(data + 1 + sizeof(uint64_t), onion_c->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); Node_format nodes[MAX_SENT_NODES]; uint16_t num_relays = copy_connected_tcp_relays(onion_c->c, nodes, (MAX_SENT_NODES / 2)); uint16_t num_nodes = closelist_nodes(onion_c->dht, &nodes[num_relays], MAX_SENT_NODES - num_relays); @@ -1135,8 +1135,8 @@ int onion_addfriend(Onion_Client *onion_c, const uint8_t *public_key) } onion_c->friends_list[index].status = 1; - memcpy(onion_c->friends_list[index].real_public_key, public_key, crypto_box_PUBLICKEYBYTES); - crypto_box_keypair(onion_c->friends_list[index].temp_public_key, onion_c->friends_list[index].temp_secret_key); + memcpy(onion_c->friends_list[index].real_public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); + crypto_new_keypair(onion_c->friends_list[index].temp_public_key, onion_c->friends_list[index].temp_secret_key); return index; } @@ -1154,7 +1154,7 @@ int onion_delfriend(Onion_Client *onion_c, int friend_num) //if (onion_c->friends_list[friend_num].know_dht_public_key) // DHT_delfriend(onion_c->dht, onion_c->friends_list[friend_num].dht_public_key, 0); - sodium_memzero(&(onion_c->friends_list[friend_num]), sizeof(Onion_Friend)); + crypto_memzero(&(onion_c->friends_list[friend_num]), sizeof(Onion_Friend)); unsigned int i; for (i = onion_c->num_friends; i != 0; --i) { @@ -1238,7 +1238,7 @@ int onion_set_friend_DHT_pubkey(Onion_Client *onion_c, int friend_num, const uin onion_c->friends_list[friend_num].last_seen = unix_time(); onion_c->friends_list[friend_num].know_dht_public_key = 1; - memcpy(onion_c->friends_list[friend_num].dht_public_key, dht_key, crypto_box_PUBLICKEYBYTES); + memcpy(onion_c->friends_list[friend_num].dht_public_key, dht_key, CRYPTO_PUBLIC_KEY_SIZE); return 0; } @@ -1262,7 +1262,7 @@ unsigned int onion_getfriend_DHT_pubkey(const Onion_Client *onion_c, int friend_ return 0; } - memcpy(dht_key, onion_c->friends_list[friend_num].dht_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(dht_key, onion_c->friends_list[friend_num].dht_public_key, CRYPTO_PUBLIC_KEY_SIZE); return 1; } @@ -1275,7 +1275,7 @@ unsigned int onion_getfriend_DHT_pubkey(const Onion_Client *onion_c, int friend_ */ int onion_getfriendip(const Onion_Client *onion_c, int friend_num, IP_Port *ip_port) { - uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; if (onion_getfriend_DHT_pubkey(onion_c, friend_num, dht_public_key) == 0) { return -1; @@ -1620,7 +1620,7 @@ Onion_Client *new_onion_client(Net_Crypto *c) onion_c->net = c->dht->net; onion_c->c = c; new_symmetric_key(onion_c->secret_symmetric_key); - crypto_box_keypair(onion_c->temp_public_key, onion_c->temp_secret_key); + crypto_new_keypair(onion_c->temp_public_key, onion_c->temp_secret_key); networking_registerhandler(onion_c->net, NET_PACKET_ANNOUNCE_RESPONSE, &handle_announce_response, onion_c); networking_registerhandler(onion_c->net, NET_PACKET_ONION_DATA_RESPONSE, &handle_data_response, onion_c); oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, &handle_dhtpk_announce, onion_c); @@ -1643,7 +1643,7 @@ void kill_onion_client(Onion_Client *onion_c) oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, NULL, NULL); cryptopacket_registerhandler(onion_c->dht, CRYPTO_PACKET_DHTPK, NULL, NULL); set_onion_packet_tcp_connection_callback(onion_c->c->tcp_c, NULL, NULL); - sodium_memzero(onion_c, sizeof(Onion_Client)); + crypto_memzero(onion_c, sizeof(Onion_Client)); free(onion_c); } diff --git a/toxcore/onion_client.h b/toxcore/onion_client.h index 47d08ecadd..afe72ca1be 100644 --- a/toxcore/onion_client.h +++ b/toxcore/onion_client.h @@ -61,10 +61,10 @@ #define ONION_DATA_DHTPK CRYPTO_PACKET_DHTPK typedef struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; IP_Port ip_port; uint8_t ping_id[ONION_PING_ID_SIZE]; - uint8_t data_public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t data_public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint8_t is_stored; uint64_t timestamp; @@ -84,7 +84,7 @@ typedef struct { } Onion_Client_Paths; typedef struct { - uint8_t public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; uint64_t timestamp; } Last_Pinged; @@ -93,12 +93,12 @@ typedef struct { uint8_t is_online; /* Set by the onion_set_friend_status function. */ uint8_t know_dht_public_key; /* 0 if we don't know the dht public key of the other, 1 if we do. */ - uint8_t dht_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t real_public_key[crypto_box_PUBLICKEYBYTES]; + uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t real_public_key[CRYPTO_PUBLIC_KEY_SIZE]; Onion_Node clients_list[MAX_ONION_CLIENTS]; - uint8_t temp_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t temp_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE]; uint64_t last_dht_pk_onion_sent; uint64_t last_dht_pk_dht_sent; @@ -136,11 +136,11 @@ typedef struct { Onion_Client_Paths onion_paths_self; Onion_Client_Paths onion_paths_friends; - uint8_t secret_symmetric_key[crypto_box_KEYBYTES]; + uint8_t secret_symmetric_key[CRYPTO_SYMMETRIC_KEY_SIZE]; uint64_t last_run, first_run; - uint8_t temp_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES]; + uint8_t temp_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t temp_secret_key[CRYPTO_SECRET_KEY_SIZE]; Last_Pinged last_pinged[MAX_STORED_PINGED_NODES]; @@ -257,7 +257,7 @@ int onion_set_friend_DHT_pubkey(Onion_Client *onion_c, int friend_num, const uin */ unsigned int onion_getfriend_DHT_pubkey(const Onion_Client *onion_c, int friend_num, uint8_t *dht_key); -#define ONION_DATA_IN_RESPONSE_MIN_SIZE (crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) +#define ONION_DATA_IN_RESPONSE_MIN_SIZE (CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_MAC_SIZE) #define ONION_CLIENT_MAX_DATA_SIZE (MAX_DATA_REQUEST_SIZE - ONION_DATA_IN_RESPONSE_MIN_SIZE) /* Send data of length length to friendnum. diff --git a/toxcore/ping.c b/toxcore/ping.c index bde28b5999..bf61b0955e 100644 --- a/toxcore/ping.c +++ b/toxcore/ping.c @@ -55,8 +55,8 @@ struct PING { #define PING_PLAIN_SIZE (1 + sizeof(uint64_t)) -#define DHT_PING_SIZE (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + PING_PLAIN_SIZE + crypto_box_MACBYTES) -#define PING_DATA_SIZE (crypto_box_PUBLICKEYBYTES + sizeof(IP_Port)) +#define DHT_PING_SIZE (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + PING_PLAIN_SIZE + CRYPTO_MAC_SIZE) +#define PING_DATA_SIZE (CRYPTO_PUBLIC_KEY_SIZE + sizeof(IP_Port)) int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key) { @@ -68,14 +68,14 @@ int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key) return 1; } - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; // generate key to encrypt ping_id with recipient privkey DHT_get_shared_key_sent(ping->dht, shared_key, public_key); // Generate random ping_id. uint8_t data[PING_DATA_SIZE]; id_copy(data, public_key); - memcpy(data + crypto_box_PUBLICKEYBYTES, &ipp, sizeof(IP_Port)); + memcpy(data + CRYPTO_PUBLIC_KEY_SIZE, &ipp, sizeof(IP_Port)); ping_id = ping_array_add(&ping->ping_array, data, sizeof(data)); if (ping_id == 0) { @@ -88,15 +88,15 @@ int send_ping_request(PING *ping, IP_Port ipp, const uint8_t *public_key) pk[0] = NET_PACKET_PING_REQUEST; id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey - random_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce + random_nonce(pk + 1 + CRYPTO_PUBLIC_KEY_SIZE); // Generate new nonce rc = encrypt_data_symmetric(shared_key, - pk + 1 + crypto_box_PUBLICKEYBYTES, + pk + 1 + CRYPTO_PUBLIC_KEY_SIZE, ping_plain, sizeof(ping_plain), - pk + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); + pk + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE); - if (rc != PING_PLAIN_SIZE + crypto_box_MACBYTES) { + if (rc != PING_PLAIN_SIZE + CRYPTO_MAC_SIZE) { return 1; } @@ -119,15 +119,15 @@ static int send_ping_response(PING *ping, IP_Port ipp, const uint8_t *public_key pk[0] = NET_PACKET_PING_RESPONSE; id_copy(pk + 1, ping->dht->self_public_key); // Our pubkey - random_nonce(pk + 1 + crypto_box_PUBLICKEYBYTES); // Generate new nonce + random_nonce(pk + 1 + CRYPTO_PUBLIC_KEY_SIZE); // Generate new nonce // Encrypt ping_id using recipient privkey rc = encrypt_data_symmetric(shared_encryption_key, - pk + 1 + crypto_box_PUBLICKEYBYTES, + pk + 1 + CRYPTO_PUBLIC_KEY_SIZE, ping_plain, sizeof(ping_plain), - pk + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES); + pk + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE); - if (rc != PING_PLAIN_SIZE + crypto_box_MACBYTES) { + if (rc != PING_PLAIN_SIZE + CRYPTO_MAC_SIZE) { return 1; } @@ -149,15 +149,15 @@ static int handle_ping_request(void *object, IP_Port source, const uint8_t *pack return 1; } - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; uint8_t ping_plain[PING_PLAIN_SIZE]; // Decrypt ping_id DHT_get_shared_key_recv(dht, shared_key, packet + 1); rc = decrypt_data_symmetric(shared_key, - packet + 1 + crypto_box_PUBLICKEYBYTES, - packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, - PING_PLAIN_SIZE + crypto_box_MACBYTES, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, + PING_PLAIN_SIZE + CRYPTO_MAC_SIZE, ping_plain); if (rc != sizeof(ping_plain)) { @@ -192,7 +192,7 @@ static int handle_ping_response(void *object, IP_Port source, const uint8_t *pac return 1; } - uint8_t shared_key[crypto_box_BEFORENMBYTES]; + uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]; // generate key to encrypt ping_id with recipient privkey DHT_get_shared_key_sent(ping->dht, shared_key, packet + 1); @@ -200,9 +200,9 @@ static int handle_ping_response(void *object, IP_Port source, const uint8_t *pac uint8_t ping_plain[PING_PLAIN_SIZE]; // Decrypt ping_id rc = decrypt_data_symmetric(shared_key, - packet + 1 + crypto_box_PUBLICKEYBYTES, - packet + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES, - PING_PLAIN_SIZE + crypto_box_MACBYTES, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, + packet + 1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE, + PING_PLAIN_SIZE + CRYPTO_MAC_SIZE, ping_plain); if (rc != sizeof(ping_plain)) { @@ -226,7 +226,7 @@ static int handle_ping_response(void *object, IP_Port source, const uint8_t *pac } IP_Port ipp; - memcpy(&ipp, data + crypto_box_PUBLICKEYBYTES, sizeof(IP_Port)); + memcpy(&ipp, data + CRYPTO_PUBLIC_KEY_SIZE, sizeof(IP_Port)); if (!ipport_equal(&ipp, &source)) { return 1; @@ -299,7 +299,7 @@ int add_to_ping(PING *ping, const uint8_t *public_key, IP_Port ip_port) for (i = 0; i < MAX_TO_PING; ++i) { if (!ip_isset(&ping->to_ping[i].ip_port.ip)) { - memcpy(ping->to_ping[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); + memcpy(ping->to_ping[i].public_key, public_key, CRYPTO_PUBLIC_KEY_SIZE); ipport_copy(&ping->to_ping[i].ip_port, &ip_port); return 0; } diff --git a/toxcore/tox.c b/toxcore/tox.c index 37ea484912..7a9a708cfd 100644 --- a/toxcore/tox.c +++ b/toxcore/tox.c @@ -37,28 +37,28 @@ typedef struct Messenger Tox; #define SET_ERROR_PARAMETER(param, x) {if(param) {*param = x;}} -#if TOX_HASH_LENGTH != crypto_hash_sha256_BYTES -#error TOX_HASH_LENGTH is assumed to be equal to crypto_hash_sha256_BYTES +#if TOX_HASH_LENGTH != CRYPTO_SHA256_SIZE +#error TOX_HASH_LENGTH is assumed to be equal to CRYPTO_SHA256_SIZE #endif -#if FILE_ID_LENGTH != crypto_box_KEYBYTES -#error FILE_ID_LENGTH is assumed to be equal to crypto_box_KEYBYTES +#if FILE_ID_LENGTH != CRYPTO_SYMMETRIC_KEY_SIZE +#error FILE_ID_LENGTH is assumed to be equal to CRYPTO_SYMMETRIC_KEY_SIZE #endif -#if TOX_FILE_ID_LENGTH != crypto_box_KEYBYTES -#error TOX_FILE_ID_LENGTH is assumed to be equal to crypto_box_KEYBYTES +#if TOX_FILE_ID_LENGTH != CRYPTO_SYMMETRIC_KEY_SIZE +#error TOX_FILE_ID_LENGTH is assumed to be equal to CRYPTO_SYMMETRIC_KEY_SIZE #endif #if TOX_FILE_ID_LENGTH != TOX_HASH_LENGTH #error TOX_FILE_ID_LENGTH is assumed to be equal to TOX_HASH_LENGTH #endif -#if TOX_PUBLIC_KEY_SIZE != crypto_box_PUBLICKEYBYTES -#error TOX_PUBLIC_KEY_SIZE is assumed to be equal to crypto_box_PUBLICKEYBYTES +#if TOX_PUBLIC_KEY_SIZE != CRYPTO_PUBLIC_KEY_SIZE +#error TOX_PUBLIC_KEY_SIZE is assumed to be equal to CRYPTO_PUBLIC_KEY_SIZE #endif -#if TOX_SECRET_KEY_SIZE != crypto_box_SECRETKEYBYTES -#error TOX_SECRET_KEY_SIZE is assumed to be equal to crypto_box_SECRETKEYBYTES +#if TOX_SECRET_KEY_SIZE != CRYPTO_SECRET_KEY_SIZE +#error TOX_SECRET_KEY_SIZE is assumed to be equal to CRYPTO_SECRET_KEY_SIZE #endif #if TOX_MAX_NAME_LENGTH != MAX_NAME_LENGTH @@ -206,7 +206,7 @@ Tox *tox_new(const struct Tox_Options *options, TOX_ERR_NEW *error) return NULL; } - if (sodium_memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) { + if (crypto_memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) { SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_ENCRYPTED); return NULL; } @@ -495,7 +495,7 @@ void tox_self_get_public_key(const Tox *tox, uint8_t *public_key) const Messenger *m = tox; if (public_key) { - memcpy(public_key, m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(public_key, m->net_crypto->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); } } @@ -504,7 +504,7 @@ void tox_self_get_secret_key(const Tox *tox, uint8_t *secret_key) const Messenger *m = tox; if (secret_key) { - memcpy(secret_key, m->net_crypto->self_secret_key, crypto_box_SECRETKEYBYTES); + memcpy(secret_key, m->net_crypto->self_secret_key, CRYPTO_SECRET_KEY_SIZE); } } @@ -972,7 +972,7 @@ bool tox_hash(uint8_t *hash, const uint8_t *data, size_t length) return 0; } - crypto_hash_sha256(hash, data, length); + crypto_sha256(hash, data, length); return 1; } @@ -1645,7 +1645,7 @@ void tox_self_get_dht_id(const Tox *tox, uint8_t *dht_id) { if (dht_id) { const Messenger *m = tox; - memcpy(dht_id , m->dht->self_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(dht_id , m->dht->self_public_key, CRYPTO_PUBLIC_KEY_SIZE); } } diff --git a/toxcore/util.c b/toxcore/util.c index 25068db6bd..2dfa360e85 100644 --- a/toxcore/util.c +++ b/toxcore/util.c @@ -28,7 +28,7 @@ #include "util.h" -#include "crypto_core.h" /* for crypto_box_PUBLICKEYBYTES */ +#include "crypto_core.h" /* for CRYPTO_PUBLIC_KEY_SIZE */ #include @@ -65,8 +65,8 @@ bool id_equal(const uint8_t *dest, const uint8_t *src) uint32_t id_copy(uint8_t *dest, const uint8_t *src) { - memcpy(dest, src, crypto_box_PUBLICKEYBYTES); - return crypto_box_PUBLICKEYBYTES; + memcpy(dest, src, CRYPTO_PUBLIC_KEY_SIZE); + return CRYPTO_PUBLIC_KEY_SIZE; } void host_to_net(uint8_t *num, uint16_t numbytes) diff --git a/toxdns/toxdns.c b/toxdns/toxdns.c index 0138077286..3f0101181d 100644 --- a/toxdns/toxdns.c +++ b/toxdns/toxdns.c @@ -50,10 +50,10 @@ static const char base32[32] = { } typedef struct { - uint8_t temp_pk[crypto_box_PUBLICKEYBYTES]; - uint8_t temp_sk[crypto_box_SECRETKEYBYTES]; - uint8_t server_public_key[crypto_box_PUBLICKEYBYTES]; - uint8_t shared_key[crypto_box_KEYBYTES]; + uint8_t temp_pk[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t temp_sk[CRYPTO_SECRET_KEY_SIZE]; + uint8_t server_public_key[CRYPTO_PUBLIC_KEY_SIZE]; + uint8_t shared_key[CRYPTO_SYMMETRIC_KEY_SIZE]; uint32_t nonce; uint32_t nonce_start; } DNS_Object; @@ -61,7 +61,7 @@ typedef struct { static void dns_new_temp_keys(DNS_Object *d) { d->nonce = d->nonce_start = random_int(); - crypto_box_keypair(d->temp_pk, d->temp_sk); + crypto_new_keypair(d->temp_pk, d->temp_sk); encrypt_precompute(d->server_public_key, d->temp_sk, d->shared_key); } @@ -78,7 +78,7 @@ void *tox_dns3_new(uint8_t *server_public_key) return NULL; } - memcpy(d->server_public_key, server_public_key, crypto_box_PUBLICKEYBYTES); + memcpy(d->server_public_key, server_public_key, CRYPTO_PUBLIC_KEY_SIZE); dns_new_temp_keys(d); return d; } @@ -107,7 +107,7 @@ int tox_generate_dns3_string(void *dns3_object, uint8_t *string, uint16_t string uint8_t *name, uint8_t name_len) { #define DOT_INTERVAL (6 * 5) - int base = (sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES + name_len + crypto_box_MACBYTES); + int base = (sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE + name_len + CRYPTO_MAC_SIZE); int end_len = ((base * 8) / 5) + (base / DOT_INTERVAL) + !!(base % 5); end_len -= !(base % DOT_INTERVAL); @@ -117,18 +117,18 @@ int tox_generate_dns3_string(void *dns3_object, uint8_t *string, uint16_t string DNS_Object *d = (DNS_Object *)dns3_object; uint8_t buffer[1024]; - uint8_t nonce[crypto_box_NONCEBYTES] = {0}; + uint8_t nonce[CRYPTO_NONCE_SIZE] = {0}; memcpy(nonce, &d->nonce, sizeof(uint32_t)); memcpy(buffer, &d->nonce, sizeof(uint32_t)); - memcpy(buffer + sizeof(uint32_t), d->temp_pk, crypto_box_PUBLICKEYBYTES); + memcpy(buffer + sizeof(uint32_t), d->temp_pk, CRYPTO_PUBLIC_KEY_SIZE); int len = encrypt_data_symmetric(d->shared_key, nonce, name, name_len, - buffer + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES); + buffer + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE); if (len == -1) { return -1; } - int total_len = len + sizeof(uint32_t) + crypto_box_PUBLICKEYBYTES; + int total_len = len + sizeof(uint32_t) + CRYPTO_PUBLIC_KEY_SIZE; uint8_t *buff = buffer, *old_str = string; buffer[total_len] = 0; uint8_t bits = 0; @@ -212,8 +212,13 @@ int tox_decrypt_dns3_TXT(void *dns3_object, uint8_t *tox_id, uint8_t *id_record, return -1; } - /*if (id_record_len > 255 || id_record_len <= (sizeof(uint32_t) + crypto_box_MACBYTES)) - return -1;*/ +#if 0 + + if (id_record_len > 255 || id_record_len <= (sizeof(uint32_t) + CRYPTO_MAC_SIZE)) { + return -1; + } + +#endif uint8_t id_record_null[id_record_len + 1]; memcpy(id_record_null, id_record, id_record_len); @@ -225,7 +230,7 @@ int tox_decrypt_dns3_TXT(void *dns3_object, uint8_t *tox_id, uint8_t *id_record, return -1; } - uint8_t nonce[crypto_box_NONCEBYTES] = {0}; + uint8_t nonce[CRYPTO_NONCE_SIZE] = {0}; memcpy(nonce, &request_id, sizeof(uint32_t)); nonce[sizeof(uint32_t)] = 1; int len = decrypt_data_symmetric(d->shared_key, nonce, data, length, tox_id); diff --git a/toxencryptsave/toxencryptsave.c b/toxencryptsave/toxencryptsave.c index 8d4cf6fa44..360952adcb 100644 --- a/toxencryptsave/toxencryptsave.c +++ b/toxencryptsave/toxencryptsave.c @@ -34,13 +34,14 @@ #include #include "crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" #endif +#include #if TOX_PASS_SALT_LENGTH != crypto_pwhash_scryptsalsa208sha256_SALTBYTES #error TOX_PASS_SALT_LENGTH is assumed to be equal to crypto_pwhash_scryptsalsa208sha256_SALTBYTES #endif -#if TOX_PASS_KEY_LENGTH != crypto_box_KEYBYTES -#error TOX_PASS_KEY_LENGTH is assumed to be equal to crypto_box_KEYBYTES +#if TOX_PASS_KEY_LENGTH != CRYPTO_SHARED_KEY_SIZE +#error TOX_PASS_KEY_LENGTH is assumed to be equal to CRYPTO_SHARED_KEY_SIZE #endif #if TOX_PASS_ENCRYPTION_EXTRA_LENGTH != (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) @@ -126,7 +127,7 @@ bool tox_pass_key_derive_with_salt(Tox_Pass_Key *out_key, const uint8_t *passphr uint8_t passkey[crypto_hash_sha256_BYTES]; crypto_hash_sha256(passkey, passphrase, pplength); - uint8_t key[crypto_box_KEYBYTES]; + uint8_t key[CRYPTO_SHARED_KEY_SIZE]; /* Derive a key from the password */ /* http://doc.libsodium.org/key_derivation/README.html */ @@ -143,7 +144,7 @@ bool tox_pass_key_derive_with_salt(Tox_Pass_Key *out_key, const uint8_t *passphr sodium_memzero(passkey, crypto_hash_sha256_BYTES); /* wipe plaintext pw */ memcpy(out_key->salt, salt, crypto_pwhash_scryptsalsa208sha256_SALTBYTES); - memcpy(out_key->key, key, crypto_box_KEYBYTES); + memcpy(out_key->key, key, CRYPTO_SHARED_KEY_SIZE); SET_ERROR_PARAMETER(error, TOX_ERR_KEY_DERIVATION_OK); return 1; }