ssize_t curve25519_encode(struct curve25519_struct *c, struct curve25519_proto *p, unsigned char *plaintext, size_t size, unsigned char **chipertext) { int ret, i; ssize_t done = size; struct taia packet_taia; spinlock_lock(&c->enc_lock); if (unlikely(size > c->enc_buf_size)) { spinlock_unlock(&c->enc_lock); return -ENOMEM; } taia_now(&packet_taia); taia_pack(p->enonce + NONCE_OFFSET, &packet_taia); memset(c->enc_buf, 0, c->enc_buf_size); ret = crypto_box_afternm(c->enc_buf, plaintext, size, p->enonce, p->key); if (unlikely(ret)) { spinlock_unlock(&c->enc_lock); return -EIO; } memcpy(c->enc_buf + crypto_box_boxzerobytes - NONCE_LENGTH, p->enonce + NONCE_OFFSET, NONCE_LENGTH); for (i = 0; i < crypto_box_boxzerobytes - NONCE_LENGTH; ++i) c->enc_buf[i] = (uint8_t) mt_rand_int32(); (*chipertext) = c->enc_buf; spinlock_unlock(&c->enc_lock); return done; }
static void notify_init(int fd, int udp, struct curve25519_proto *p, struct curve25519_struct *c, char *home) { int fd2, i; ssize_t err, clen; size_t us_len, msg_len, pad; struct ct_proto hdr; char username[256], path[PATH_MAX], *us, *cbuff, *msg; unsigned char auth[crypto_auth_hmacsha512256_BYTES], *token; mt_init_by_random_device(); memset(&hdr, 0, sizeof(hdr)); hdr.flags |= PROTO_FLAG_INIT; memset(path, 0, sizeof(path)); slprintf(path, sizeof(path), "%s/%s", home, FILE_USERNAM); fd2 = open_or_die(path, O_RDONLY); memset(username, 0, sizeof(username)); err = read(fd2, username, sizeof(username)); username[sizeof(username) - 1] = 0; close(fd2); token = get_serv_store_entry_auth_token(); if (!token) syslog_panic("Cannot find auth token for server!\n"); us_len = sizeof(struct username_struct) + crypto_box_zerobytes; us = xzmalloc(us_len); err = username_msg(username, strlen(username) + 1, us + crypto_box_zerobytes, us_len - crypto_box_zerobytes); if (unlikely(err)) syslog_panic("Cannot create init message!\n"); clen = curve25519_encode(c, p, (unsigned char *) us, us_len, (unsigned char **) &cbuff); if (unlikely(clen <= 0)) syslog_panic("Init encrypt error!\n"); err = crypto_auth_hmacsha512256(auth, (unsigned char *) cbuff, clen, token); if (unlikely(err)) syslog_panic("Cannot create init hmac message!\n"); pad = mt_rand_int32() % 200; msg_len = clen + sizeof(auth) + pad; msg = xzmalloc(msg_len); memcpy(msg, auth, sizeof(auth)); memcpy(msg + sizeof(auth), cbuff, clen); for (i = sizeof(auth) + clen; i < msg_len; ++i) msg[i] = (uint8_t) mt_rand_int32(); hdr.payload = htons((uint16_t) msg_len); set_sock_cork(fd, udp); write_exact(fd, &hdr, sizeof(struct ct_proto), 0); write_exact(fd, msg, msg_len, 0); set_sock_uncork(fd, udp); xfree(msg); xfree(us); }