quicktun: src/proto.nacltai.c comparison

comparison src/proto.nacltai.c @ 24:dfac56805c77

Fixed support for shared NaCl library, explicitly refer to cryptographic primitives

author	Ivo Smits <Ivo@UCIS.nl>
date	Mon, 28 Feb 2011 19:28:18 +0100
parents	38d495566d1c
children	24e09485a8a3

comparison

equal deleted inserted replaced

-:bd4259de8459
+:dfac56805c77
 The views and conclusions contained in the software and documentation are those of the
 authors and should not be interpreted as representing official policies, either expressed
 or implied, of Ivo Smits.*/
 #include "common.c"
-#include "crypto_box.h"
+#include "crypto_box_curve25519xsalsa20poly1305.h"
 #include "crypto_scalarmult_curve25519.h"
 #include <sys/types.h>
 #include <sys/time.h>
 #define uint64 unsigned long long //typedef unsigned long long uint64;
 unsigned long nano; /* 0...999999999 */
 unsigned long atto; /* 0...999999999 */
 };
 struct qt_proto_data_nacltai {
-	unsigned char cenonce[crypto_box_NONCEBYTES], cdnonce[crypto_box_NONCEBYTES];
+	unsigned char cenonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES], cdnonce[crypto_box_curve25519xsalsa20poly1305_NONCEBYTES];
-	unsigned char cbefore[crypto_box_BEFORENMBYTES];
+	unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
 	struct taia cdtaip, cdtaic;
 };
 #define noncelength 16
-#define nonceoffset (crypto_box_NONCEBYTES - noncelength)
+#define nonceoffset (crypto_box_curve25519xsalsa20poly1305_NONCEBYTES - noncelength)
-/*static unsigned char cbefore[crypto_box_BEFORENMBYTES];
+/*static unsigned char cbefore[crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES];
-static unsigned char buffer1[MAX_PACKET_LEN+crypto_box_ZEROBYTES], buffer2[MAX_PACKET_LEN+crypto_box_ZEROBYTES];
+static unsigned char buffer1[MAX_PACKET_LEN+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES], buffer2[MAX_PACKET_LEN+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES];
-static const unsigned char* buffer1offset = buffer1 + crypto_box_ZEROBYTES;
+static const unsigned char* buffer1offset = buffer1 + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES;
-static const unsigned char* buffer2offset = buffer2 + crypto_box_BOXZEROBYTES - noncelength;*/
+static const unsigned char* buffer2offset = buffer2 + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength;*/
-static const int overhead                 = crypto_box_BOXZEROBYTES + noncelength;
+static const int overhead                 = crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES + noncelength;
 void tai_pack(char *s, struct tai *t) {
 uint64 x;
 x = t->x;
 s[7] = x & 255; x >>= 8;
 }
 static int encode(struct qtsession* sess, char* raw, char* enc, int len) {
 	if (debug) fprintf(stderr, "Encoding packet of %d bytes from %d to %d\n", len, raw, enc);
 	struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data;
-	memset(raw, 0, crypto_box_ZEROBYTES);
+	memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES);
 	taia_now(&d->cdtaic);
 	taia_pack(d->cenonce + nonceoffset, &(d->cdtaic));
-	if (crypto_box_afternm(enc, raw, len + crypto_box_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed");
+	if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed");
-	memcpy((void*)(enc + crypto_box_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength);
+	memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength);
 	len += overhead;
 	if (debug) fprintf(stderr, "Encoded packet of %d bytes from %d to %d\n", len, raw, enc);
 	return len;
 }
 	if (len < overhead) {
 		fprintf(stderr, "Short packet received: %d\n", len);
 		return 0;
 	}
 	len -= overhead;
-	taia_unpack((char*)(enc + crypto_box_BOXZEROBYTES - noncelength), &d->cdtaic);
+	taia_unpack((char*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), &d->cdtaic);
 	if (d->cdtaic.sec.x <= d->cdtaip.sec.x && d->cdtaic.nano <= d->cdtaip.nano && d->cdtaic.atto <= d->cdtaip.atto) {
 		fprintf(stderr, "Timestamp going back, ignoring packet\n");
 		return 0;
 	}
-	memcpy(d->cdnonce + nonceoffset, enc + crypto_box_BOXZEROBYTES - noncelength, noncelength);
+	memcpy(d->cdnonce + nonceoffset, enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength, noncelength);
-	memset(enc, 0, crypto_box_BOXZEROBYTES);
+	memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES);
-	if (i = crypto_box_open_afternm(raw, enc, len + crypto_box_ZEROBYTES, d->cdnonce, d->cbefore)) {
+	if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) {
 		fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i);
 		return 0;
 	}
 	d->cdtaip = d->cdtaic;
 	if (debug) fprintf(stderr, "Decoded packet of %d bytes from %d to %d\n", len, enc, raw);
 static int init(struct qtsession* sess) {
 	struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data;
 	char* envval;
 	printf("Initializing cryptography...\n");
-	unsigned char cownpublickey[crypto_box_PUBLICKEYBYTES], cpublickey[crypto_box_PUBLICKEYBYTES], csecretkey[crypto_box_SECRETKEYBYTES];
+	unsigned char cownpublickey[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES], cpublickey[crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES], csecretkey[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES];
 	if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY");
-	if (strlen(envval) != 2*crypto_box_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length");
+	if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length");
-	hex2bin(cpublickey, envval, crypto_box_PUBLICKEYBYTES);
+	hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES);
 	if (!(envval = getconf("PRIVATE_KEY"))) return errorexit("Missing PRIVATE_KEY");
-	if (strlen(envval) != 2*crypto_box_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length");
+	if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length");
-	hex2bin(csecretkey, envval, crypto_box_SECRETKEYBYTES);
+	hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
-	crypto_box_beforenm(d->cbefore, cpublickey, csecretkey);
+	crypto_box_curve25519xsalsa20poly1305_beforenm(d->cbefore, cpublickey, csecretkey);
-	memset(d->cenonce, 0, crypto_box_NONCEBYTES);
+	memset(d->cenonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES);
-	memset(d->cdnonce, 0, crypto_box_NONCEBYTES);
+	memset(d->cdnonce, 0, crypto_box_curve25519xsalsa20poly1305_NONCEBYTES);
 	crypto_scalarmult_curve25519_base(cownpublickey, csecretkey);
 	if (envval = getenv("TIME_WINDOW")) {
 		taia_now(&d->cdtaip);
 		fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n");
 	}
 	if (envval = getenv("ROLE")) {
 		d->cenonce[nonceoffset-1] = atoi(envval) ? 1 : 0;
 	} else {
-		d->cenonce[nonceoffset-1] = memcmp(cownpublickey, cpublickey, crypto_box_PUBLICKEYBYTES) > 0 ? 1 : 0;
+		d->cenonce[nonceoffset-1] = memcmp(cownpublickey, cpublickey, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) > 0 ? 1 : 0;
 	}
 	d->cdnonce[nonceoffset-1] = d->cenonce[nonceoffset-1] ? 0 : 1;
 	return 0;
 }
 #else
 	int tunmain() {
 #endif
 	struct qtproto p = {
 		1,
-		MAX_PACKET_LEN + crypto_box_ZEROBYTES,
+		MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES,
-		MAX_PACKET_LEN + crypto_box_ZEROBYTES,
+		MAX_PACKET_LEN + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES,
-		crypto_box_ZEROBYTES,
+		crypto_box_curve25519xsalsa20poly1305_ZEROBYTES,
-		crypto_box_BOXZEROBYTES - noncelength,
+		crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength,
 		encode,
 		decode,
 		init,
 		sizeof(struct qt_proto_data_nacltai),
 	};

Mercurial > hg > quicktun

comparison src/proto.nacltai.c @ 24:dfac56805c77