1 /* SPDX-License-Identifier: GPL-3.0-or-later 2 * Copyright © 2016-2018 The TokTok team. 3 * Copyright © 2013 Tox project. 4 */ 5 6 /* 7 * Functions for the core network crypto. 8 */ 9 #ifndef C_TOXCORE_TOXCORE_NET_CRYPTO_H 10 #define C_TOXCORE_TOXCORE_NET_CRYPTO_H 11 12 #include "DHT.h" 13 #include "LAN_discovery.h" 14 #include "TCP_connection.h" 15 #include "logger.h" 16 17 #include <pthread.h> 18 19 /** Crypto payloads. */ 20 21 /** Ranges. */ 22 23 /* Packets in this range are reserved for net_crypto internal use. */ 24 #define PACKET_ID_RANGE_RESERVED_START 0 25 #define PACKET_ID_RANGE_RESERVED_END 15 26 /* Packets in this range are reserved for Messenger use. */ 27 #define PACKET_ID_RANGE_LOSSLESS_START 16 28 #define PACKET_ID_RANGE_LOSSLESS_NORMAL_START 16 29 #define PACKET_ID_RANGE_LOSSLESS_NORMAL_END 159 30 /* Packets in this range can be used for anything. */ 31 #define PACKET_ID_RANGE_LOSSLESS_CUSTOM_START 160 32 #define PACKET_ID_RANGE_LOSSLESS_CUSTOM_END 191 33 #define PACKET_ID_RANGE_LOSSLESS_END 191 34 /* Packets in this range are reserved for AV use. */ 35 #define PACKET_ID_RANGE_LOSSY_START 192 36 #define PACKET_ID_RANGE_LOSSY_AV_START 192 37 #define PACKET_ID_RANGE_LOSSY_AV_SIZE 8 38 #define PACKET_ID_RANGE_LOSSY_AV_END 199 39 /* Packets in this range can be used for anything. */ 40 #define PACKET_ID_RANGE_LOSSY_CUSTOM_START 200 41 #define PACKET_ID_RANGE_LOSSY_CUSTOM_END 254 42 #define PACKET_ID_RANGE_LOSSY_END 254 43 44 /** Messages. */ 45 46 #define PACKET_ID_PADDING 0 // Denotes padding 47 #define PACKET_ID_REQUEST 1 // Used to request unreceived packets 48 #define PACKET_ID_KILL 2 // Used to kill connection 49 50 #define PACKET_ID_ONLINE 24 51 #define PACKET_ID_OFFLINE 25 52 #define PACKET_ID_NICKNAME 48 53 #define PACKET_ID_STATUSMESSAGE 49 54 #define PACKET_ID_USERSTATUS 50 55 #define PACKET_ID_TYPING 51 56 #define PACKET_ID_MESSAGE 64 57 #define PACKET_ID_ACTION 65 // PACKET_ID_MESSAGE + MESSAGE_ACTION 58 #define PACKET_ID_MSI 69 // Used by AV to setup calls and etc 59 #define PACKET_ID_FILE_SENDREQUEST 80 60 #define PACKET_ID_FILE_CONTROL 81 61 #define PACKET_ID_FILE_DATA 82 62 #define PACKET_ID_INVITE_CONFERENCE 96 63 #define PACKET_ID_ONLINE_PACKET 97 64 #define PACKET_ID_DIRECT_CONFERENCE 98 65 #define PACKET_ID_MESSAGE_CONFERENCE 99 66 #define PACKET_ID_REJOIN_CONFERENCE 100 67 #define PACKET_ID_LOSSY_CONFERENCE 199 68 69 /* Maximum size of receiving and sending packet buffers. */ 70 #define CRYPTO_PACKET_BUFFER_SIZE 32768 // Must be a power of 2 71 72 /* Minimum packet rate per second. */ 73 #define CRYPTO_PACKET_MIN_RATE 4.0 74 75 /* Minimum packet queue max length. */ 76 #define CRYPTO_MIN_QUEUE_LENGTH 64 77 78 /* Maximum total size of packets that net_crypto sends. */ 79 #define MAX_CRYPTO_PACKET_SIZE (uint16_t)1400 80 81 #define CRYPTO_DATA_PACKET_MIN_SIZE (uint16_t)(1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + CRYPTO_MAC_SIZE) 82 83 /* Max size of data in packets */ 84 #define MAX_CRYPTO_DATA_SIZE (uint16_t)(MAX_CRYPTO_PACKET_SIZE - CRYPTO_DATA_PACKET_MIN_SIZE) 85 86 /* Interval in ms between sending cookie request/handshake packets. */ 87 #define CRYPTO_SEND_PACKET_INTERVAL 1000 88 89 /* The maximum number of times we try to send the cookie request and handshake 90 * before giving up. */ 91 #define MAX_NUM_SENDPACKET_TRIES 8 92 93 /* The timeout of no received UDP packets before the direct UDP connection is considered dead. */ 94 #define UDP_DIRECT_TIMEOUT 8 95 96 #define MAX_TCP_CONNECTIONS 64 97 #define MAX_TCP_RELAYS_PEER 4 98 99 /* All packets will be padded a number of bytes based on this number. */ 100 #define CRYPTO_MAX_PADDING 8 101 102 /* Base current transfer speed on last CONGESTION_QUEUE_ARRAY_SIZE number of points taken 103 * at the dT defined in net_crypto.c */ 104 #define CONGESTION_QUEUE_ARRAY_SIZE 12 105 #define CONGESTION_LAST_SENT_ARRAY_SIZE (CONGESTION_QUEUE_ARRAY_SIZE * 2) 106 107 /* Default connection ping in ms. */ 108 #define DEFAULT_PING_CONNECTION 1000 109 #define DEFAULT_TCP_PING_CONNECTION 500 110 111 typedef struct Net_Crypto Net_Crypto; 112 113 const uint8_t *nc_get_self_public_key(const Net_Crypto *c); 114 const uint8_t *nc_get_self_secret_key(const Net_Crypto *c); 115 TCP_Connections *nc_get_tcp_c(const Net_Crypto *c); 116 DHT *nc_get_dht(const Net_Crypto *c); 117 118 typedef struct New_Connection { 119 IP_Port source; 120 uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The real public key of the peer. */ 121 uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer. */ 122 uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */ 123 uint8_t peersessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The public key of the peer. */ 124 uint8_t *cookie; 125 uint8_t cookie_length; 126 } New_Connection; 127 128 typedef int connection_status_cb(void *object, int id, uint8_t status, void *userdata); 129 typedef int connection_data_cb(void *object, int id, const uint8_t *data, uint16_t length, void *userdata); 130 typedef int connection_lossy_data_cb(void *object, int id, const uint8_t *data, uint16_t length, void *userdata); 131 typedef void dht_pk_cb(void *data, int32_t number, const uint8_t *dht_public_key, void *userdata); 132 typedef int new_connection_cb(void *object, New_Connection *n_c); 133 134 /* Set function to be called when someone requests a new connection to us. 135 * 136 * The set function should return -1 on failure and 0 on success. 137 * 138 * n_c is only valid for the duration of the function call. 139 */ 140 void new_connection_handler(Net_Crypto *c, new_connection_cb *new_connection_callback, void *object); 141 142 /* Accept a crypto connection. 143 * 144 * return -1 on failure. 145 * return connection id on success. 146 */ 147 int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c); 148 149 /* Create a crypto connection. 150 * If one to that real public key already exists, return it. 151 * 152 * return -1 on failure. 153 * return connection id on success. 154 */ 155 int new_crypto_connection(Net_Crypto *c, const uint8_t *real_public_key, const uint8_t *dht_public_key); 156 157 /* Set the direct ip of the crypto connection. 158 * 159 * Connected is 0 if we are not sure we are connected to that person, 1 if we are sure. 160 * 161 * return -1 on failure. 162 * return 0 on success. 163 */ 164 int set_direct_ip_port(Net_Crypto *c, int crypt_connection_id, IP_Port ip_port, bool connected); 165 166 /* Set function to be called when connection with crypt_connection_id goes connects/disconnects. 167 * 168 * The set function should return -1 on failure and 0 on success. 169 * Note that if this function is set, the connection will clear itself on disconnect. 170 * Object and id will be passed to this function untouched. 171 * status is 1 if the connection is going online, 0 if it is going offline. 172 * 173 * return -1 on failure. 174 * return 0 on success. 175 */ 176 int connection_status_handler(const Net_Crypto *c, int crypt_connection_id, 177 connection_status_cb *connection_status_callback, void *object, int id); 178 179 /* Set function to be called when connection with crypt_connection_id receives a lossless data packet of length. 180 * 181 * The set function should return -1 on failure and 0 on success. 182 * Object and id will be passed to this function untouched. 183 * 184 * return -1 on failure. 185 * return 0 on success. 186 */ 187 int connection_data_handler(const Net_Crypto *c, int crypt_connection_id, 188 connection_data_cb *connection_data_callback, void *object, int id); 189 190 191 /* Set function to be called when connection with crypt_connection_id receives a lossy data packet of length. 192 * 193 * The set function should return -1 on failure and 0 on success. 194 * Object and id will be passed to this function untouched. 195 * 196 * return -1 on failure. 197 * return 0 on success. 198 */ 199 int connection_lossy_data_handler(Net_Crypto *c, int crypt_connection_id, 200 connection_lossy_data_cb *connection_lossy_data_callback, void *object, int id); 201 202 /* Set the function for this friend that will be callbacked with object and number if 203 * the friend sends us a different dht public key than we have associated to him. 204 * 205 * If this function is called, the connection should be recreated with the new public key. 206 * 207 * object and number will be passed as argument to this function. 208 * 209 * return -1 on failure. 210 * return 0 on success. 211 */ 212 int nc_dht_pk_callback(Net_Crypto *c, int crypt_connection_id, dht_pk_cb *function, void *object, uint32_t number); 213 214 /* returns the number of packet slots left in the sendbuffer. 215 * return 0 if failure. 216 */ 217 uint32_t crypto_num_free_sendqueue_slots(const Net_Crypto *c, int crypt_connection_id); 218 219 /* Return 1 if max speed was reached for this connection (no more data can be physically through the pipe). 220 * Return 0 if it wasn't reached. 221 */ 222 bool max_speed_reached(Net_Crypto *c, int crypt_connection_id); 223 224 /* Sends a lossless cryptopacket. 225 * 226 * return -1 if data could not be put in packet queue. 227 * return positive packet number if data was put into the queue. 228 * 229 * The first byte of data must be in the PACKET_ID_RANGE_LOSSLESS. 230 * 231 * congestion_control: should congestion control apply to this packet? 232 */ 233 int64_t write_cryptpacket(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length, 234 uint8_t congestion_control); 235 236 /* Check if packet_number was received by the other side. 237 * 238 * packet_number must be a valid packet number of a packet sent on this connection. 239 * 240 * return -1 on failure. 241 * return 0 on success. 242 */ 243 int cryptpacket_received(Net_Crypto *c, int crypt_connection_id, uint32_t packet_number); 244 245 /* Sends a lossy cryptopacket. 246 * 247 * return -1 on failure. 248 * return 0 on success. 249 * 250 * The first byte of data must be in the PACKET_ID_RANGE_LOSSY. 251 */ 252 int send_lossy_cryptpacket(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length); 253 254 /* Add a tcp relay, associating it to a crypt_connection_id. 255 * 256 * return 0 if it was added. 257 * return -1 if it wasn't. 258 */ 259 int add_tcp_relay_peer(Net_Crypto *c, int crypt_connection_id, IP_Port ip_port, const uint8_t *public_key); 260 261 /* Add a tcp relay to the array. 262 * 263 * return 0 if it was added. 264 * return -1 if it wasn't. 265 */ 266 int add_tcp_relay(Net_Crypto *c, IP_Port ip_port, const uint8_t *public_key); 267 268 /* Return a random TCP connection number for use in send_tcp_onion_request. 269 * 270 * return TCP connection number on success. 271 * return -1 on failure. 272 */ 273 int get_random_tcp_con_number(Net_Crypto *c); 274 275 /* Send an onion packet via the TCP relay corresponding to TCP_conn_number. 276 * 277 * return 0 on success. 278 * return -1 on failure. 279 */ 280 int send_tcp_onion_request(Net_Crypto *c, unsigned int tcp_connections_number, const uint8_t *data, uint16_t length); 281 282 /* Copy a maximum of num TCP relays we are connected to to tcp_relays. 283 * NOTE that the family of the copied ip ports will be set to TCP_INET or TCP_INET6. 284 * 285 * return number of relays copied to tcp_relays on success. 286 * return 0 on failure. 287 */ 288 unsigned int copy_connected_tcp_relays(Net_Crypto *c, Node_format *tcp_relays, uint16_t num); 289 290 /* Kill a crypto connection. 291 * 292 * return -1 on failure. 293 * return 0 on success. 294 */ 295 int crypto_kill(Net_Crypto *c, int crypt_connection_id); 296 297 /* return true if connection is valid, false otherwise 298 * 299 * sets direct_connected to 1 if connection connects directly to other, 0 if it isn't. 300 * sets online_tcp_relays to the number of connected tcp relays this connection has. 301 */ 302 bool crypto_connection_status(const Net_Crypto *c, int crypt_connection_id, bool *direct_connected, 303 unsigned int *online_tcp_relays); 304 305 /* Generate our public and private keys. 306 * Only call this function the first time the program starts. 307 */ 308 void new_keys(Net_Crypto *c); 309 310 /* Save the public and private keys to the keys array. 311 * Length must be CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE. 312 */ 313 void save_keys(const Net_Crypto *c, uint8_t *keys); 314 315 /* Load the secret key. 316 * Length must be CRYPTO_SECRET_KEY_SIZE. 317 */ 318 void load_secret_key(Net_Crypto *c, const uint8_t *sk); 319 320 /* Create new instance of Net_Crypto. 321 * Sets all the global connection variables to their default values. 322 */ 323 Net_Crypto *new_net_crypto(const Logger *log, Mono_Time *mono_time, DHT *dht, TCP_Proxy_Info *proxy_info); 324 325 /* return the optimal interval in ms for running do_net_crypto. 326 */ 327 uint32_t crypto_run_interval(const Net_Crypto *c); 328 329 /* Main loop. */ 330 void do_net_crypto(Net_Crypto *c, void *userdata); 331 332 void kill_net_crypto(Net_Crypto *c); 333 334 335 336 #endif 337