Green Sky
aae086cc65
b03b571272 fix: flaky tcp test This only fixes the symptoms, not the real problem. Sometimes or consistently on some platforms a socket might need a moment before it can be written to. 32e67ab4c2 cleanup: use typedef for private message ID's in callback 7b1db6adc1 feat: add message IDs to private group messages 99e0bcc27d refactor: Observers/ignored peers can now send and receive custom packets b3c3c49d26 fix: Disable IPv6 in Windows cross-compilation tests e742deddff feat: Check hashes of Windows dependencies when cross-compiling dfb9a0b02b fix: Test the current Windows Dockerfile, not an old Dockerhub image 14de93ccec chore: Use WineHQ's Wine as Debian Bookworm's crashes ed37616249 docs: Update the Windows cross-compilation section 9bb79c174f cleanup: Remove a couple of unnecessary misc_tools dependencies 19475adb70 chore: Statically link OpenMP into the cracker fun util on Windows 1be311e51f feat: Build the fun utils when cross-compiling to Windows 88133f8446 chore: Strip Windows binaries 3cc0ae7535 refactor: Copy over all of the required static dependencies c4fa8f7fb1 feat: Generate .def, .exp and .lib files when building for Windows 74bbac5363 feat: Let CMake create the dll instead of doing so ourselves 246642e9ae feat: Harden Windows cross-compilation 8d431c0d11 chore: Bump Windows build dependency versions e519f7998b fix: Remove unnecessary wsock32 dependency on Windows ed2b60c217 chore: Use a specific non-broken slimcc version. d7f21010a1 chore: Update github actions. e71a68b7f2 docs: Update the list of CMake options 77e08876ff chore: Remove mod and founder from group API naming scheme 12bc042767 docs: add the experimental api build option to INSTALL.md e1fa5cae96 refactor: Rename Queries to Query to align with other enums. be82a3ea30 fix: Correct type for conference offline peer numbers. 0627c36716 test: Add pkgsrc build. 92578afe4b test: Add FreeBSD VM action on GitHub. 52ece0f57b test: Build toxcore on NetBSD (VM). 3fe8ee2c11 chore: Only install tox_private.h on request. 9a8dfa06ab fix: save_compatibility_test failing on big-endian systems 86f5e55578 fix: Don't serve files from websockify. 710eb674a5 fix: Correctly pass extended public keys to group moderation code. 021db7031c refactor: Use `struct`s for extended public/secret keys. a1e999fd80 chore: Compile libsodium reference implementation with compcert. fbe3c19cf5 cleanup: correct a few nullable annotations 623e3ee5c3 cleanup: Don't use `memcpy` to cast arbitrary `struct`s to `uint8_t[]`. c71567dc18 fix: Pass array, not array pointer, to `memcmp`. 9b46a08144 cleanup: Never pass `void*` directly to `memcpy`. 5d7b7a7bbc refactor: Use tox rng to seed the keypair generation. 961891d568 cleanup: Small improvements found by PVS Studio. 8201019f0d chore: Disable NGC saving by default, enable through Tox_Options. 5dd9ee3f65 cleanup: Replace pointer arithmetic with explicit `&arr[i]`. ca4606d49d refactor: Use strong typedef for NGC peer id. 442213b722 cleanup: Simplify custom packet length check in NGC. 08d3393def fix: Correct a few potential null derefs in bootstrap daemon. b9877b32b0 fix: Add missing memunlock of local variable when it goes out of scope. dab5fe44b9 fix: Zero out stack-allocated secret key before return. f058103299 refactor: Make prune_gc_sanctions_list more obviously correct. 3ba7a0dec9 docs: Add static analysis tool list to README. 8d0811a0f3 docs: Run prettier-markdown on markdown files. 969e3a2bfc refactor: Fix network test not using the strong typedef 93c83fbc7c refactor: Use strong typedef instead of struct for `Socket`. 9fe18b176f fix: Fix some false positive from PVS Studio. 7c44379ccb cleanup: Check that WINXP macro exists before comparing it. 5c93231bef refactor: Make tox mutex non-recursive. aacff73939 docs: Fix up doxyfile. d55fc85ff5 docs: Add more documentation to crypto_core. 5bdaaaedb6 refactor: Remove `Tox *` from `tox_dispatch`. e202341e76 refactor: Don't rely on tox_dispatch passing tox in tests. 34df938f52 chore: Use C++ mode for clang-tidy. 8b05296a78 chore: Check that both gtest and gmock exist for tests. 42010660e1 test: Add slimcc compiler compatibility test. b473630321 chore: Add some comments to the astyle config. b7404f24f6 cleanup: Remove implicit bool conversions. 4e2dba4d9f chore: Reformat sources with astyle. 4359e3a6bc chore: Rename C++ headers to .hh suffixes. 0c05566e58 cleanup: Further `#include` cleanups. 8d29935b7a chore: Only check the bootstrap daemon checksum on release. f70e588bc6 cleanup: Add more `const` where possible. 511bfe39c8 cleanup: Use Bazel modules to enforce proper `#include` hygiene. 1710a0d091 refactor: Move pack/unpack `IP_Port` from DHT into network module. a975943564 chore: Really fix coverage docker image build. c08409390f chore: Fix post-submit coverage image. 39aadf8922 fix: Don't use `memcmp` to compare `IP_Port`s. d94246a906 fix: partially fix a bug that prevented group part messages from sending. eeaa039222 chore: Fix rpm build; add a CI check for it. 8328449c1a chore: Speed up docker builds a bit by reducing layer count. d6d67d56f3 cleanup: Add `const` where possible in auto tests. 6aa9e6850d cleanup: Minor cleanup of event unpack code. bdf460a3a9 refactor: Rename `system_{memory,...}` to `os_{memory,...}`. 203e1af81e fix: a few off by one errors in group autotests 5c093c4888 cleanup: Remove all uses of `SIZEOF_VLA`. 662c2140f3 test: Add goblint static analyser. 8f07755834 cleanup: Use `memzero(x, s)` instead of `memset(x, 0, s)`. a7258e40cf cleanup: Use explicit 0 instead of `PACKET_ID_PADDING`. 6370d0f15d cleanup: Expand the `Tox_Options` accessor macros. 14a1a0b9bd cleanup: Remove plan9 support. a05dccad13 test: Add a simple new/delete test for Tox. 1cdcf938b9 cleanup: Add comment after every `#endif`. ba99d4dc4b test: Fix comment I broke in the events test PR. e07248debb refactor: Migrate auto_tests to new events API. bdd42b5452 refactor: Add common msgpack array packer with callback. 3c659f5288 cleanup: Rename group to conference in groupav documentation. 89957be230 cleanup: Ensure handler params are named after callback params. c650d9d345 refactor: Pass `this` pointer as first param to s11n callbacks. e7fb91ddb8 refactor: Allow NULL pointers for byte arrays in events. 5e2c8cabc1 cleanup: make some improvements to group moderation test 259de4867e cleanup: Remove `bin_pack_{new,free}`. 21a8ff5895 cleanup: skip a do_gc iteration before removing peers marked for deletion 16809dc36e feat: Add dht_get_nodes_response event to the events system. git-subtree-dir: external/toxcore/c-toxcore git-subtree-split: b03b5712720de9a9901ea12fd741f177327a7021
509 lines
16 KiB
C
509 lines
16 KiB
C
/* SPDX-License-Identifier: GPL-3.0-or-later
|
|
* Copyright © 2016-2024 The TokTok team.
|
|
* Copyright © 2013 Tox project.
|
|
*/
|
|
|
|
/** @file
|
|
* @brief Functions for the core crypto.
|
|
*
|
|
* @note This code has to be perfect. We don't mess around with encryption.
|
|
*/
|
|
#ifndef C_TOXCORE_TOXCORE_CRYPTO_CORE_H
|
|
#define C_TOXCORE_TOXCORE_CRYPTO_CORE_H
|
|
|
|
#include <stdbool.h>
|
|
#include <stddef.h>
|
|
#include <stdint.h>
|
|
|
|
#include "attributes.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
/**
|
|
* @brief The number of bytes in a signature.
|
|
*/
|
|
#define CRYPTO_SIGNATURE_SIZE 64
|
|
|
|
/**
|
|
* @brief The number of bytes in a Tox public key used for signatures.
|
|
*/
|
|
#define CRYPTO_SIGN_PUBLIC_KEY_SIZE 32
|
|
|
|
/**
|
|
* @brief The number of bytes in a Tox secret key used for signatures.
|
|
*/
|
|
#define CRYPTO_SIGN_SECRET_KEY_SIZE 64
|
|
|
|
/**
|
|
* @brief The number of bytes in a Tox public key used for encryption.
|
|
*/
|
|
#define CRYPTO_PUBLIC_KEY_SIZE 32
|
|
|
|
/**
|
|
* @brief The number of bytes in a Tox secret key used for encryption.
|
|
*/
|
|
#define CRYPTO_SECRET_KEY_SIZE 32
|
|
|
|
/**
|
|
* @brief The number of bytes in a shared key computed from public and secret keys.
|
|
*/
|
|
#define CRYPTO_SHARED_KEY_SIZE 32
|
|
|
|
/**
|
|
* @brief The number of bytes in a symmetric key.
|
|
*/
|
|
#define CRYPTO_SYMMETRIC_KEY_SIZE CRYPTO_SHARED_KEY_SIZE
|
|
|
|
/**
|
|
* @brief The number of bytes needed for the MAC (message authentication code) in an
|
|
* encrypted message.
|
|
*/
|
|
#define CRYPTO_MAC_SIZE 16
|
|
|
|
/**
|
|
* @brief The number of bytes in a nonce used for encryption/decryption.
|
|
*/
|
|
#define CRYPTO_NONCE_SIZE 24
|
|
|
|
/**
|
|
* @brief The number of bytes in a SHA256 hash.
|
|
*/
|
|
#define CRYPTO_SHA256_SIZE 32
|
|
|
|
/**
|
|
* @brief The number of bytes in a SHA512 hash.
|
|
*/
|
|
#define CRYPTO_SHA512_SIZE 64
|
|
|
|
/** @brief Fill a byte array with random bytes.
|
|
*
|
|
* This is the key generator callback and as such must be a cryptographically
|
|
* secure pseudo-random number generator (CSPRNG). The security of Tox heavily
|
|
* depends on the security of this RNG.
|
|
*/
|
|
typedef void crypto_random_bytes_cb(void *obj, uint8_t *bytes, size_t length);
|
|
|
|
/** @brief Generate a random integer between 0 and @p upper_bound.
|
|
*
|
|
* Should produce a uniform random distribution, but Tox security does not
|
|
* depend on this being correct. In principle, it could even be a non-CSPRNG.
|
|
*/
|
|
typedef uint32_t crypto_random_uniform_cb(void *obj, uint32_t upper_bound);
|
|
|
|
/** @brief Virtual function table for Random. */
|
|
typedef struct Random_Funcs {
|
|
crypto_random_bytes_cb *random_bytes;
|
|
crypto_random_uniform_cb *random_uniform;
|
|
} Random_Funcs;
|
|
|
|
/** @brief Random number generator object.
|
|
*
|
|
* Can be used by test code and fuzzers to make toxcore behave in specific
|
|
* well-defined (non-random) ways. Production code ought to use libsodium's
|
|
* CSPRNG and use `os_random` below.
|
|
*/
|
|
typedef struct Random {
|
|
const Random_Funcs *funcs;
|
|
void *obj;
|
|
} Random;
|
|
|
|
/** @brief System random number generator.
|
|
*
|
|
* Uses libsodium's CSPRNG (on Linux, `/dev/urandom`).
|
|
*/
|
|
const Random *os_random(void);
|
|
|
|
/**
|
|
* @brief The number of bytes in an encryption public key used by DHT group chats.
|
|
*/
|
|
#define ENC_PUBLIC_KEY_SIZE CRYPTO_PUBLIC_KEY_SIZE
|
|
|
|
/**
|
|
* @brief The number of bytes in an encryption secret key used by DHT group chats.
|
|
*/
|
|
#define ENC_SECRET_KEY_SIZE CRYPTO_SECRET_KEY_SIZE
|
|
|
|
/**
|
|
* @brief The number of bytes in a signature public key.
|
|
*/
|
|
#define SIG_PUBLIC_KEY_SIZE CRYPTO_SIGN_PUBLIC_KEY_SIZE
|
|
|
|
/**
|
|
* @brief The number of bytes in a signature secret key.
|
|
*/
|
|
#define SIG_SECRET_KEY_SIZE CRYPTO_SIGN_SECRET_KEY_SIZE
|
|
|
|
/**
|
|
* @brief The number of bytes in a DHT group chat public key identifier.
|
|
*/
|
|
#define CHAT_ID_SIZE SIG_PUBLIC_KEY_SIZE
|
|
|
|
/**
|
|
* @brief The number of bytes in an extended public key used by DHT group chats.
|
|
*/
|
|
#define EXT_PUBLIC_KEY_SIZE (ENC_PUBLIC_KEY_SIZE + SIG_PUBLIC_KEY_SIZE)
|
|
|
|
/**
|
|
* @brief The number of bytes in an extended secret key used by DHT group chats.
|
|
*/
|
|
#define EXT_SECRET_KEY_SIZE (ENC_SECRET_KEY_SIZE + SIG_SECRET_KEY_SIZE)
|
|
|
|
/**
|
|
* @brief The number of bytes in an HMAC authenticator.
|
|
*/
|
|
#define CRYPTO_HMAC_SIZE 32
|
|
|
|
/**
|
|
* @brief The number of bytes in an HMAC secret key.
|
|
*/
|
|
#define CRYPTO_HMAC_KEY_SIZE 32
|
|
|
|
/**
|
|
* @brief A `bzero`-like function which won't be optimised away by the compiler.
|
|
*
|
|
* Some compilers will inline `bzero` or `memset` if they can prove that there
|
|
* will be no reads to the written data. Use this function if you want to be
|
|
* sure the memory is indeed zeroed.
|
|
*/
|
|
non_null()
|
|
void crypto_memzero(void *data, size_t length);
|
|
|
|
/**
|
|
* @brief Compute a SHA256 hash (32 bytes).
|
|
*
|
|
* @param[out] hash The SHA256 hash of @p data will be written to this byte array.
|
|
*/
|
|
non_null()
|
|
void crypto_sha256(uint8_t hash[CRYPTO_SHA256_SIZE], const uint8_t *data, size_t length);
|
|
|
|
/**
|
|
* @brief Compute a SHA512 hash (64 bytes).
|
|
*
|
|
* @param[out] hash The SHA512 hash of @p data will be written to this byte array.
|
|
*/
|
|
non_null()
|
|
void crypto_sha512(uint8_t hash[CRYPTO_SHA512_SIZE], const uint8_t *data, size_t length);
|
|
|
|
/**
|
|
* @brief Compute an HMAC authenticator (32 bytes).
|
|
*
|
|
* @param[out] auth Resulting authenticator.
|
|
* @param key Secret key, as generated by `new_hmac_key()`.
|
|
*/
|
|
non_null()
|
|
void crypto_hmac(uint8_t auth[CRYPTO_HMAC_SIZE], const uint8_t key[CRYPTO_HMAC_KEY_SIZE],
|
|
const uint8_t *data, size_t length);
|
|
|
|
/**
|
|
* @brief Verify an HMAC authenticator.
|
|
*/
|
|
non_null()
|
|
bool crypto_hmac_verify(const uint8_t auth[CRYPTO_HMAC_SIZE], const uint8_t key[CRYPTO_HMAC_KEY_SIZE],
|
|
const uint8_t *data, size_t length);
|
|
|
|
/**
|
|
* @brief Compare 2 public keys of length @ref CRYPTO_PUBLIC_KEY_SIZE, not vulnerable to
|
|
* timing attacks.
|
|
*
|
|
* @retval true if both mem locations of length are equal
|
|
* @retval false if they are not
|
|
*/
|
|
non_null()
|
|
bool pk_equal(const uint8_t pk1[CRYPTO_PUBLIC_KEY_SIZE], const uint8_t pk2[CRYPTO_PUBLIC_KEY_SIZE]);
|
|
|
|
/**
|
|
* @brief Copy a public key from `src` to `dest`.
|
|
*/
|
|
non_null()
|
|
void pk_copy(uint8_t dest[CRYPTO_PUBLIC_KEY_SIZE], const uint8_t src[CRYPTO_PUBLIC_KEY_SIZE]);
|
|
|
|
/**
|
|
* @brief Compare 2 SHA512 checksums of length CRYPTO_SHA512_SIZE, not vulnerable to
|
|
* timing attacks.
|
|
*
|
|
* @return true if both mem locations of length are equal, false if they are not.
|
|
*/
|
|
non_null()
|
|
bool crypto_sha512_eq(const uint8_t cksum1[CRYPTO_SHA512_SIZE], const uint8_t cksum2[CRYPTO_SHA512_SIZE]);
|
|
|
|
/**
|
|
* @brief Compare 2 SHA256 checksums of length CRYPTO_SHA256_SIZE, not vulnerable to
|
|
* timing attacks.
|
|
*
|
|
* @return true if both mem locations of length are equal, false if they are not.
|
|
*/
|
|
non_null()
|
|
bool crypto_sha256_eq(const uint8_t cksum1[CRYPTO_SHA256_SIZE], const uint8_t cksum2[CRYPTO_SHA256_SIZE]);
|
|
|
|
/**
|
|
* @brief Return a random 8 bit integer.
|
|
*/
|
|
non_null()
|
|
uint8_t random_u08(const Random *rng);
|
|
|
|
/**
|
|
* @brief Return a random 16 bit integer.
|
|
*/
|
|
non_null()
|
|
uint16_t random_u16(const Random *rng);
|
|
|
|
/**
|
|
* @brief Return a random 32 bit integer.
|
|
*/
|
|
non_null()
|
|
uint32_t random_u32(const Random *rng);
|
|
|
|
/**
|
|
* @brief Return a random 64 bit integer.
|
|
*/
|
|
non_null()
|
|
uint64_t random_u64(const Random *rng);
|
|
|
|
/**
|
|
* @brief Return a random 32 bit integer between 0 and upper_bound (excluded).
|
|
*
|
|
* This function guarantees a uniform distribution of possible outputs.
|
|
*/
|
|
non_null()
|
|
uint32_t random_range_u32(const Random *rng, uint32_t upper_bound);
|
|
|
|
/**
|
|
* @brief Cryptographically signs a message using the supplied secret key and puts the resulting signature
|
|
* in the supplied buffer.
|
|
*
|
|
* @param[out] signature The buffer for the resulting signature, which must have room for at
|
|
* least CRYPTO_SIGNATURE_SIZE bytes.
|
|
* @param message The message being signed.
|
|
* @param message_length The length in bytes of the message being signed.
|
|
* @param secret_key The secret key used to create the signature. The key should be
|
|
* produced by either `create_extended_keypair` or the libsodium function `crypto_sign_keypair`.
|
|
*
|
|
* @retval true on success.
|
|
*/
|
|
non_null()
|
|
bool crypto_signature_create(uint8_t signature[CRYPTO_SIGNATURE_SIZE],
|
|
const uint8_t *message, uint64_t message_length,
|
|
const uint8_t secret_key[SIG_SECRET_KEY_SIZE]);
|
|
|
|
/** @brief Verifies that the given signature was produced by a given message and public key.
|
|
*
|
|
* @param signature The signature we wish to verify.
|
|
* @param message The message we wish to verify.
|
|
* @param message_length The length of the message.
|
|
* @param public_key The public key counterpart of the secret key that was used to
|
|
* create the signature.
|
|
*
|
|
* @retval true on success.
|
|
*/
|
|
non_null()
|
|
bool crypto_signature_verify(const uint8_t signature[CRYPTO_SIGNATURE_SIZE],
|
|
const uint8_t *message, uint64_t message_length,
|
|
const uint8_t public_key[SIG_PUBLIC_KEY_SIZE]);
|
|
|
|
/**
|
|
* @brief Fill the given nonce with random bytes.
|
|
*/
|
|
non_null()
|
|
void random_nonce(const Random *rng, uint8_t nonce[CRYPTO_NONCE_SIZE]);
|
|
|
|
/**
|
|
* @brief Fill an array of bytes with random values.
|
|
*/
|
|
non_null()
|
|
void random_bytes(const Random *rng, uint8_t *bytes, size_t length);
|
|
|
|
/**
|
|
* @brief Check if a Tox public key CRYPTO_PUBLIC_KEY_SIZE is valid or not.
|
|
*
|
|
* This should only be used for input validation.
|
|
*
|
|
* @return false if it isn't, true if it is.
|
|
*/
|
|
non_null()
|
|
bool public_key_valid(const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]);
|
|
|
|
typedef struct Extended_Public_Key {
|
|
uint8_t enc[CRYPTO_PUBLIC_KEY_SIZE];
|
|
uint8_t sig[CRYPTO_SIGN_PUBLIC_KEY_SIZE];
|
|
} Extended_Public_Key;
|
|
|
|
typedef struct Extended_Secret_Key {
|
|
uint8_t enc[CRYPTO_SECRET_KEY_SIZE];
|
|
uint8_t sig[CRYPTO_SIGN_SECRET_KEY_SIZE];
|
|
} Extended_Secret_Key;
|
|
|
|
/**
|
|
* @brief Creates an extended keypair: curve25519 and ed25519 for encryption and signing
|
|
* respectively. The Encryption keys are derived from the signature keys.
|
|
*
|
|
* NOTE: This does *not* use Random, so any code using this will not be fuzzable.
|
|
* TODO: Make it use Random.
|
|
*
|
|
* @param[out] pk The buffer where the public key will be stored. Must have room for EXT_PUBLIC_KEY_SIZE bytes.
|
|
* @param[out] sk The buffer where the secret key will be stored. Must have room for EXT_SECRET_KEY_SIZE bytes.
|
|
* @param rng The random number generator to use for the key generator seed.
|
|
*
|
|
* @retval true on success.
|
|
*/
|
|
non_null()
|
|
bool create_extended_keypair(Extended_Public_Key *pk, Extended_Secret_Key *sk, const Random *rng);
|
|
|
|
/** Functions for groupchat extended keys */
|
|
non_null() const uint8_t *get_enc_key(const Extended_Public_Key *key);
|
|
non_null() const uint8_t *get_sig_pk(const Extended_Public_Key *key);
|
|
non_null() void set_sig_pk(Extended_Public_Key *key, const uint8_t *sig_pk);
|
|
non_null() const uint8_t *get_sig_sk(const Extended_Secret_Key *key);
|
|
non_null() const uint8_t *get_chat_id(const Extended_Public_Key *key);
|
|
|
|
/**
|
|
* @brief Generate a new random keypair.
|
|
*
|
|
* Every call to this function is likely to generate a different keypair.
|
|
*/
|
|
non_null()
|
|
int32_t crypto_new_keypair(const Random *rng,
|
|
uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
|
|
uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE]);
|
|
|
|
/**
|
|
* @brief Derive the public key from a given secret key.
|
|
*/
|
|
non_null()
|
|
void crypto_derive_public_key(uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
|
|
const uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE]);
|
|
|
|
/**
|
|
* @brief Encrypt message to send from secret key to public key.
|
|
*
|
|
* Encrypt plain text of the given length to encrypted of
|
|
* `length + CRYPTO_MAC_SIZE` using the public key (@ref CRYPTO_PUBLIC_KEY_SIZE
|
|
* bytes) of the receiver and the secret key of the sender and a
|
|
* @ref CRYPTO_NONCE_SIZE byte nonce.
|
|
*
|
|
* @retval -1 if there was a problem.
|
|
* @return length of encrypted data if everything was fine.
|
|
*/
|
|
non_null()
|
|
int32_t encrypt_data(const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
|
|
const uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE],
|
|
const uint8_t nonce[CRYPTO_NONCE_SIZE],
|
|
const uint8_t *plain, size_t length, uint8_t *encrypted);
|
|
|
|
/**
|
|
* @brief Decrypt message from public key to secret key.
|
|
*
|
|
* Decrypt encrypted text of the given @p length to plain text of the given
|
|
* `length - CRYPTO_MAC_SIZE` using the public key (@ref CRYPTO_PUBLIC_KEY_SIZE
|
|
* bytes) of the sender, the secret key of the receiver and a
|
|
* @ref CRYPTO_NONCE_SIZE byte nonce.
|
|
*
|
|
* @retval -1 if there was a problem (decryption failed).
|
|
* @return length of plain text data if everything was fine.
|
|
*/
|
|
non_null()
|
|
int32_t decrypt_data(const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
|
|
const uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE],
|
|
const uint8_t nonce[CRYPTO_NONCE_SIZE],
|
|
const uint8_t *encrypted, size_t length, uint8_t *plain);
|
|
|
|
/**
|
|
* @brief Fast encrypt/decrypt operations.
|
|
*
|
|
* Use if this is not a one-time communication. `encrypt_precompute` does the
|
|
* shared-key generation once so it does not have to be performed on every
|
|
* encrypt/decrypt.
|
|
*/
|
|
non_null()
|
|
int32_t encrypt_precompute(const uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE],
|
|
const uint8_t secret_key[CRYPTO_SECRET_KEY_SIZE],
|
|
uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE]);
|
|
|
|
/**
|
|
* @brief Encrypt message with precomputed shared key.
|
|
*
|
|
* Encrypts plain of length length to encrypted of length + @ref CRYPTO_MAC_SIZE
|
|
* using a shared key @ref CRYPTO_SHARED_KEY_SIZE big and a @ref CRYPTO_NONCE_SIZE
|
|
* byte nonce.
|
|
*
|
|
* @retval -1 if there was a problem.
|
|
* @return length of encrypted data if everything was fine.
|
|
*/
|
|
non_null()
|
|
int32_t encrypt_data_symmetric(const uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE],
|
|
const uint8_t nonce[CRYPTO_NONCE_SIZE],
|
|
const uint8_t *plain, size_t length, uint8_t *encrypted);
|
|
|
|
/**
|
|
* @brief Decrypt message with precomputed shared key.
|
|
*
|
|
* Decrypts encrypted of length length to plain of length
|
|
* `length - CRYPTO_MAC_SIZE` using a shared key @ref CRYPTO_SHARED_KEY_SIZE
|
|
* big and a @ref CRYPTO_NONCE_SIZE byte nonce.
|
|
*
|
|
* @retval -1 if there was a problem (decryption failed).
|
|
* @return length of plain data if everything was fine.
|
|
*/
|
|
non_null()
|
|
int32_t decrypt_data_symmetric(const uint8_t shared_key[CRYPTO_SHARED_KEY_SIZE],
|
|
const uint8_t nonce[CRYPTO_NONCE_SIZE],
|
|
const uint8_t *encrypted, size_t length, uint8_t *plain);
|
|
|
|
/**
|
|
* @brief Increment the given nonce by 1 in big endian (rightmost byte incremented first).
|
|
*/
|
|
non_null()
|
|
void increment_nonce(uint8_t nonce[CRYPTO_NONCE_SIZE]);
|
|
|
|
/**
|
|
* @brief Increment the given nonce by a given number.
|
|
*
|
|
* The number should be in host byte order.
|
|
*/
|
|
non_null()
|
|
void increment_nonce_number(uint8_t nonce[CRYPTO_NONCE_SIZE], uint32_t increment);
|
|
|
|
/**
|
|
* @brief Fill a key @ref CRYPTO_SYMMETRIC_KEY_SIZE big with random bytes.
|
|
*/
|
|
non_null()
|
|
void new_symmetric_key(const Random *rng, uint8_t key[CRYPTO_SYMMETRIC_KEY_SIZE]);
|
|
|
|
/**
|
|
* @brief Locks `length` bytes of memory pointed to by `data`.
|
|
*
|
|
* This will attempt to prevent the specified memory region from being swapped
|
|
* to disk.
|
|
*
|
|
* @return true on success.
|
|
*/
|
|
non_null()
|
|
bool crypto_memlock(void *data, size_t length);
|
|
|
|
/**
|
|
* @brief Unlocks `length` bytes of memory pointed to by `data`.
|
|
*
|
|
* This allows the specified memory region to be swapped to disk.
|
|
*
|
|
* This function call has the side effect of zeroing the specified memory region
|
|
* whether or not it succeeds. Therefore it should only be used once the memory
|
|
* is no longer in use.
|
|
*
|
|
* @return true on success.
|
|
*/
|
|
non_null()
|
|
bool crypto_memunlock(void *data, size_t length);
|
|
|
|
/**
|
|
* @brief Generate a random secret HMAC key.
|
|
*/
|
|
non_null()
|
|
void new_hmac_key(const Random *rng, uint8_t key[CRYPTO_HMAC_KEY_SIZE]);
|
|
|
|
#ifdef __cplusplus
|
|
} /* extern "C" */
|
|
#endif
|
|
|
|
#endif /* C_TOXCORE_TOXCORE_CRYPTO_CORE_H */
|