/work/toxcore/net_crypto.h
Line | Count | Source |
1 | | /* SPDX-License-Identifier: GPL-3.0-or-later |
2 | | * Copyright © 2016-2018 The TokTok team. |
3 | | * Copyright © 2013 Tox project. |
4 | | */ |
5 | | |
6 | | /** |
7 | | * Functions for the core network crypto. |
8 | | */ |
9 | | #ifndef C_TOXCORE_TOXCORE_NET_CRYPTO_H |
10 | | #define C_TOXCORE_TOXCORE_NET_CRYPTO_H |
11 | | |
12 | | #include <pthread.h> |
13 | | |
14 | | #include "DHT.h" |
15 | | #include "LAN_discovery.h" |
16 | | #include "TCP_connection.h" |
17 | | #include "logger.h" |
18 | | |
19 | | /*** Crypto payloads. */ |
20 | | |
21 | | /*** Ranges. */ |
22 | | |
23 | | /** Packets in this range are reserved for net_crypto events_alloc use. */ |
24 | | #define PACKET_ID_RANGE_RESERVED_START 0 |
25 | | #define PACKET_ID_RANGE_RESERVED_END 15 |
26 | | /** Packets in this range are reserved for Messenger use. */ |
27 | 801k | #define PACKET_ID_RANGE_LOSSLESS_START 16 |
28 | | #define PACKET_ID_RANGE_LOSSLESS_NORMAL_START 16 |
29 | | #define PACKET_ID_RANGE_LOSSLESS_NORMAL_END 159 |
30 | | /** Packets in this range can be used for anything. */ |
31 | 19.8k | #define PACKET_ID_RANGE_LOSSLESS_CUSTOM_START 160 |
32 | 77.1k | #define PACKET_ID_RANGE_LOSSLESS_CUSTOM_END 191 |
33 | 400k | #define PACKET_ID_RANGE_LOSSLESS_END 191 |
34 | | /** Packets in this range are reserved for AV use. */ |
35 | 132k | #define PACKET_ID_RANGE_LOSSY_START 192 |
36 | 296 | #define PACKET_ID_RANGE_LOSSY_AV_START 192 |
37 | 11.2k | #define PACKET_ID_RANGE_LOSSY_AV_SIZE 8 |
38 | 11.0k | #define PACKET_ID_RANGE_LOSSY_AV_END 199 |
39 | | /** Packets in this range can be used for anything. */ |
40 | 2.33k | #define PACKET_ID_RANGE_LOSSY_CUSTOM_START 200 |
41 | | #define PACKET_ID_RANGE_LOSSY_CUSTOM_END 254 |
42 | 197k | #define PACKET_ID_RANGE_LOSSY_END 254 |
43 | | |
44 | | /*** Messages. */ |
45 | | |
46 | | typedef enum Packet_Id { |
47 | | PACKET_ID_REQUEST = 1, // Used to request unreceived packets |
48 | | PACKET_ID_KILL = 2, // Used to kill connection |
49 | | |
50 | | PACKET_ID_ONLINE = 24, |
51 | | PACKET_ID_OFFLINE = 25, |
52 | | PACKET_ID_NICKNAME = 48, |
53 | | PACKET_ID_STATUSMESSAGE = 49, |
54 | | PACKET_ID_USERSTATUS = 50, |
55 | | PACKET_ID_TYPING = 51, |
56 | | PACKET_ID_MESSAGE = 64, |
57 | | PACKET_ID_ACTION = 65, // PACKET_ID_MESSAGE + MESSAGE_ACTION |
58 | | PACKET_ID_MSI = 69, // Used by AV to setup calls and etc |
59 | | PACKET_ID_FILE_SENDREQUEST = 80, |
60 | | PACKET_ID_FILE_CONTROL = 81, |
61 | | PACKET_ID_FILE_DATA = 82, |
62 | | PACKET_ID_INVITE_GROUPCHAT = 95, |
63 | | PACKET_ID_INVITE_CONFERENCE = 96, |
64 | | PACKET_ID_ONLINE_PACKET = 97, |
65 | | PACKET_ID_DIRECT_CONFERENCE = 98, |
66 | | PACKET_ID_MESSAGE_CONFERENCE = 99, |
67 | | PACKET_ID_REJOIN_CONFERENCE = 100, |
68 | | PACKET_ID_LOSSY_CONFERENCE = 199, |
69 | | } Packet_Id; |
70 | | |
71 | | /** Maximum size of receiving and sending packet buffers. */ |
72 | 6.91M | #define CRYPTO_PACKET_BUFFER_SIZE 32768 // Must be a power of 2 |
73 | | |
74 | | /** Minimum packet rate per second. */ |
75 | 884k | #define CRYPTO_PACKET_MIN_RATE 4.0 |
76 | | |
77 | | /** Minimum packet queue max length. */ |
78 | 185k | #define CRYPTO_MIN_QUEUE_LENGTH 64 |
79 | | |
80 | | /** Maximum total size of packets that net_crypto sends. */ |
81 | 3.11M | #define MAX_CRYPTO_PACKET_SIZE (uint16_t)1400 |
82 | | |
83 | 1.84M | #define CRYPTO_DATA_PACKET_MIN_SIZE (uint16_t)(1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + CRYPTO_MAC_SIZE) |
84 | | |
85 | | /** Max size of data in packets */ |
86 | 1.63M | #define MAX_CRYPTO_DATA_SIZE (uint16_t)(MAX_CRYPTO_PACKET_SIZE - CRYPTO_DATA_PACKET_MIN_SIZE) |
87 | | |
88 | | /** Interval in ms between sending cookie request/handshake packets. */ |
89 | 552k | #define CRYPTO_SEND_PACKET_INTERVAL 1000 |
90 | | |
91 | | /** |
92 | | * The maximum number of times we try to send the cookie request and handshake |
93 | | * before giving up. |
94 | | */ |
95 | 16.4k | #define MAX_NUM_SENDPACKET_TRIES 8 |
96 | | |
97 | | /** The timeout of no received UDP packets before the direct UDP connection is considered dead. */ |
98 | 1.65M | #define UDP_DIRECT_TIMEOUT 8 |
99 | | |
100 | | #define MAX_TCP_CONNECTIONS 64 |
101 | | #define MAX_TCP_RELAYS_PEER 4 |
102 | | |
103 | | /** All packets will be padded a number of bytes based on this number. */ |
104 | 414k | #define CRYPTO_MAX_PADDING 8 |
105 | | |
106 | | /** |
107 | | * Base current transfer speed on last CONGESTION_QUEUE_ARRAY_SIZE number of points taken |
108 | | * at the dT defined in net_crypto.c |
109 | | */ |
110 | 4.16M | #define CONGESTION_QUEUE_ARRAY_SIZE 12 |
111 | 1.83M | #define CONGESTION_LAST_SENT_ARRAY_SIZE (CONGESTION_QUEUE_ARRAY_SIZE * 2) |
112 | | |
113 | | /** Default connection ping in ms. */ |
114 | 2.01k | #define DEFAULT_PING_CONNECTION 1000 |
115 | 144 | #define DEFAULT_TCP_PING_CONNECTION 500 |
116 | | |
117 | | typedef struct Net_Crypto Net_Crypto; |
118 | | |
119 | | non_null() const uint8_t *nc_get_self_public_key(const Net_Crypto *c); |
120 | | non_null() const uint8_t *nc_get_self_secret_key(const Net_Crypto *c); |
121 | | non_null() TCP_Connections *nc_get_tcp_c(const Net_Crypto *c); |
122 | | non_null() DHT *nc_get_dht(const Net_Crypto *c); |
123 | | |
124 | | typedef struct New_Connection { |
125 | | IP_Port source; |
126 | | uint8_t public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The real public key of the peer. */ |
127 | | uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The dht public key of the peer. */ |
128 | | uint8_t recv_nonce[CRYPTO_NONCE_SIZE]; /* Nonce of received packets. */ |
129 | | uint8_t peersessionpublic_key[CRYPTO_PUBLIC_KEY_SIZE]; /* The public key of the peer. */ |
130 | | uint8_t *cookie; |
131 | | uint8_t cookie_length; |
132 | | } New_Connection; |
133 | | |
134 | | typedef int connection_status_cb(void *object, int id, bool status, void *userdata); |
135 | | typedef int connection_data_cb(void *object, int id, const uint8_t *data, uint16_t length, void *userdata); |
136 | | typedef int connection_lossy_data_cb(void *object, int id, const uint8_t *data, uint16_t length, void *userdata); |
137 | | typedef void dht_pk_cb(void *object, int32_t number, const uint8_t *dht_public_key, void *userdata); |
138 | | typedef int new_connection_cb(void *object, const New_Connection *n_c); |
139 | | |
140 | | /** @brief Set function to be called when someone requests a new connection to us. |
141 | | * |
142 | | * The set function should return -1 on failure and 0 on success. |
143 | | * |
144 | | * n_c is only valid for the duration of the function call. |
145 | | */ |
146 | | non_null() |
147 | | void new_connection_handler(Net_Crypto *c, new_connection_cb *new_connection_callback, void *object); |
148 | | |
149 | | /** @brief Accept a crypto connection. |
150 | | * |
151 | | * return -1 on failure. |
152 | | * return connection id on success. |
153 | | */ |
154 | | non_null() |
155 | | int accept_crypto_connection(Net_Crypto *c, const New_Connection *n_c); |
156 | | |
157 | | /** @brief Create a crypto connection. |
158 | | * If one to that real public key already exists, return it. |
159 | | * |
160 | | * return -1 on failure. |
161 | | * return connection id on success. |
162 | | */ |
163 | | non_null() |
164 | | int new_crypto_connection(Net_Crypto *c, const uint8_t *real_public_key, const uint8_t *dht_public_key); |
165 | | |
166 | | /** @brief Set the direct ip of the crypto connection. |
167 | | * |
168 | | * Connected is 0 if we are not sure we are connected to that person, 1 if we are sure. |
169 | | * |
170 | | * return -1 on failure. |
171 | | * return 0 on success. |
172 | | */ |
173 | | non_null() |
174 | | int set_direct_ip_port(Net_Crypto *c, int crypt_connection_id, const IP_Port *ip_port, bool connected); |
175 | | |
176 | | /** @brief Set function to be called when connection with crypt_connection_id goes connects/disconnects. |
177 | | * |
178 | | * The set function should return -1 on failure and 0 on success. |
179 | | * Note that if this function is set, the connection will clear itself on disconnect. |
180 | | * Object and id will be passed to this function untouched. |
181 | | * status is 1 if the connection is going online, 0 if it is going offline. |
182 | | * |
183 | | * return -1 on failure. |
184 | | * return 0 on success. |
185 | | */ |
186 | | non_null() |
187 | | int connection_status_handler(const Net_Crypto *c, int crypt_connection_id, |
188 | | connection_status_cb *connection_status_callback, void *object, int id); |
189 | | |
190 | | /** @brief Set function to be called when connection with crypt_connection_id receives a lossless data packet of length. |
191 | | * |
192 | | * The set function should return -1 on failure and 0 on success. |
193 | | * Object and id will be passed to this function untouched. |
194 | | * |
195 | | * return -1 on failure. |
196 | | * return 0 on success. |
197 | | */ |
198 | | non_null() |
199 | | int connection_data_handler(const Net_Crypto *c, int crypt_connection_id, |
200 | | connection_data_cb *connection_data_callback, void *object, int id); |
201 | | |
202 | | |
203 | | /** @brief Set function to be called when connection with crypt_connection_id receives a lossy data packet of length. |
204 | | * |
205 | | * The set function should return -1 on failure and 0 on success. |
206 | | * Object and id will be passed to this function untouched. |
207 | | * |
208 | | * return -1 on failure. |
209 | | * return 0 on success. |
210 | | */ |
211 | | non_null() |
212 | | int connection_lossy_data_handler(const Net_Crypto *c, int crypt_connection_id, |
213 | | connection_lossy_data_cb *connection_lossy_data_callback, void *object, int id); |
214 | | |
215 | | /** @brief Set the function for this friend that will be callbacked with object and number if |
216 | | * the friend sends us a different dht public key than we have associated to him. |
217 | | * |
218 | | * If this function is called, the connection should be recreated with the new public key. |
219 | | * |
220 | | * object and number will be passed as argument to this function. |
221 | | * |
222 | | * return -1 on failure. |
223 | | * return 0 on success. |
224 | | */ |
225 | | non_null() |
226 | | int nc_dht_pk_callback(const Net_Crypto *c, int crypt_connection_id, |
227 | | dht_pk_cb *function, void *object, uint32_t number); |
228 | | |
229 | | /** |
230 | | * @return the number of packet slots left in the sendbuffer. |
231 | | * @retval 0 if failure. |
232 | | */ |
233 | | non_null() |
234 | | uint32_t crypto_num_free_sendqueue_slots(const Net_Crypto *c, int crypt_connection_id); |
235 | | |
236 | | /** |
237 | | * @retval 1 if max speed was reached for this connection (no more data can be physically through the pipe). |
238 | | * @retval 0 if it wasn't reached. |
239 | | */ |
240 | | non_null() |
241 | | bool max_speed_reached(Net_Crypto *c, int crypt_connection_id); |
242 | | |
243 | | /** @brief Sends a lossless cryptopacket. |
244 | | * |
245 | | * return -1 if data could not be put in packet queue. |
246 | | * return positive packet number if data was put into the queue. |
247 | | * |
248 | | * The first byte of data must be in the PACKET_ID_RANGE_LOSSLESS. |
249 | | * |
250 | | * congestion_control: should congestion control apply to this packet? |
251 | | */ |
252 | | non_null() |
253 | | int64_t write_cryptpacket(Net_Crypto *c, int crypt_connection_id, |
254 | | const uint8_t *data, uint16_t length, bool congestion_control); |
255 | | |
256 | | /** @brief Check if packet_number was received by the other side. |
257 | | * |
258 | | * packet_number must be a valid packet number of a packet sent on this connection. |
259 | | * |
260 | | * return -1 on failure. |
261 | | * return 0 on success. |
262 | | * |
263 | | * Note: The condition `buffer_end - buffer_start < packet_number - buffer_start` is |
264 | | * a trick which handles situations `buffer_end >= buffer_start` and |
265 | | * `buffer_end < buffer_start` (when buffer_end overflowed) both correctly. |
266 | | * |
267 | | * It CANNOT be simplified to `packet_number < buffer_start`, as it will fail |
268 | | * when `buffer_end < buffer_start`. |
269 | | */ |
270 | | non_null() |
271 | | int cryptpacket_received(const Net_Crypto *c, int crypt_connection_id, uint32_t packet_number); |
272 | | |
273 | | /** @brief Sends a lossy cryptopacket. |
274 | | * |
275 | | * return -1 on failure. |
276 | | * return 0 on success. |
277 | | * |
278 | | * The first byte of data must be in the PACKET_ID_RANGE_LOSSY. |
279 | | */ |
280 | | non_null() |
281 | | int send_lossy_cryptpacket(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length); |
282 | | |
283 | | /** @brief Add a tcp relay, associating it to a crypt_connection_id. |
284 | | * |
285 | | * return 0 if it was added. |
286 | | * return -1 if it wasn't. |
287 | | */ |
288 | | non_null() |
289 | | int add_tcp_relay_peer(Net_Crypto *c, int crypt_connection_id, const IP_Port *ip_port, |
290 | | const uint8_t *public_key); |
291 | | |
292 | | /** @brief Add a tcp relay to the array. |
293 | | * |
294 | | * return 0 if it was added. |
295 | | * return -1 if it wasn't. |
296 | | */ |
297 | | non_null() |
298 | | int add_tcp_relay(Net_Crypto *c, const IP_Port *ip_port, const uint8_t *public_key); |
299 | | |
300 | | /** @brief Return a random TCP connection number for use in send_tcp_onion_request. |
301 | | * |
302 | | * TODO(irungentoo): This number is just the index of an array that the elements can |
303 | | * change without warning. |
304 | | * |
305 | | * return TCP connection number on success. |
306 | | * return -1 on failure. |
307 | | */ |
308 | | non_null() |
309 | | int get_random_tcp_con_number(Net_Crypto *c); |
310 | | |
311 | | /** @brief Put IP_Port of a random onion TCP connection in ip_port. |
312 | | * |
313 | | * return true on success. |
314 | | * return false on failure. |
315 | | */ |
316 | | non_null() |
317 | | bool get_random_tcp_conn_ip_port(Net_Crypto *c, IP_Port *ip_port); |
318 | | |
319 | | /** @brief Send an onion packet via the TCP relay corresponding to tcp_connections_number. |
320 | | * |
321 | | * return 0 on success. |
322 | | * return -1 on failure. |
323 | | */ |
324 | | non_null() |
325 | | int send_tcp_onion_request(Net_Crypto *c, unsigned int tcp_connections_number, |
326 | | const uint8_t *data, uint16_t length); |
327 | | |
328 | | /** |
329 | | * Send a forward request to the TCP relay with IP_Port tcp_forwarder, |
330 | | * requesting to forward data via a chain of dht nodes starting with dht_node. |
331 | | * A chain_length of 0 means that dht_node is the final destination of data. |
332 | | * |
333 | | * return 0 on success. |
334 | | * return -1 on failure. |
335 | | */ |
336 | | non_null() |
337 | | int send_tcp_forward_request(const Logger *logger, Net_Crypto *c, const IP_Port *tcp_forwarder, const IP_Port *dht_node, |
338 | | const uint8_t *chain_keys, uint16_t chain_length, |
339 | | const uint8_t *data, uint16_t data_length); |
340 | | |
341 | | /** @brief Copy a maximum of num random TCP relays we are connected to to tcp_relays. |
342 | | * |
343 | | * NOTE that the family of the copied ip ports will be set to TCP_INET or TCP_INET6. |
344 | | * |
345 | | * return number of relays copied to tcp_relays on success. |
346 | | * return 0 on failure. |
347 | | */ |
348 | | non_null() |
349 | | unsigned int copy_connected_tcp_relays(Net_Crypto *c, Node_format *tcp_relays, uint16_t num); |
350 | | |
351 | | /** |
352 | | * Copy a maximum of `max_num` TCP relays we are connected to starting at the index in the TCP relay array |
353 | | * for `tcp_c` designated by `idx`. If idx is greater than the array length a modulo operation is performed. |
354 | | * |
355 | | * Returns the number of relays successfully copied. |
356 | | */ |
357 | | non_null() |
358 | | uint32_t copy_connected_tcp_relays_index(Net_Crypto *c, Node_format *tcp_relays, uint16_t num, uint32_t idx); |
359 | | |
360 | | /** @brief Kill a crypto connection. |
361 | | * |
362 | | * return -1 on failure. |
363 | | * return 0 on success. |
364 | | */ |
365 | | non_null() |
366 | | int crypto_kill(Net_Crypto *c, int crypt_connection_id); |
367 | | |
368 | | /** |
369 | | * @retval true if connection is valid, false otherwise |
370 | | * |
371 | | * sets direct_connected to 1 if connection connects directly to other, 0 if it isn't. |
372 | | * sets online_tcp_relays to the number of connected tcp relays this connection has. |
373 | | */ |
374 | | non_null(1, 3) nullable(4) |
375 | | bool crypto_connection_status( |
376 | | const Net_Crypto *c, int crypt_connection_id, bool *direct_connected, uint32_t *online_tcp_relays); |
377 | | |
378 | | /** @brief Generate our public and private keys. |
379 | | * Only call this function the first time the program starts. |
380 | | */ |
381 | | non_null() |
382 | | void new_keys(Net_Crypto *c); |
383 | | |
384 | | /** @brief Save the public and private keys to the keys array. |
385 | | * Length must be CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_SECRET_KEY_SIZE. |
386 | | * |
387 | | * TODO(irungentoo): Save only secret key. |
388 | | */ |
389 | | non_null() |
390 | | void save_keys(const Net_Crypto *c, uint8_t *keys); |
391 | | |
392 | | /** @brief Load the secret key. |
393 | | * Length must be CRYPTO_SECRET_KEY_SIZE. |
394 | | */ |
395 | | non_null() |
396 | | void load_secret_key(Net_Crypto *c, const uint8_t *sk); |
397 | | |
398 | | /** @brief Create new instance of Net_Crypto. |
399 | | * Sets all the global connection variables to their default values. |
400 | | */ |
401 | | non_null() |
402 | | Net_Crypto *new_net_crypto(const Logger *log, const Memory *mem, const Random *rng, const Network *ns, |
403 | | Mono_Time *mono_time, DHT *dht, const TCP_Proxy_Info *proxy_info); |
404 | | |
405 | | /** return the optimal interval in ms for running do_net_crypto. */ |
406 | | non_null() |
407 | | uint32_t crypto_run_interval(const Net_Crypto *c); |
408 | | |
409 | | /** Main loop. */ |
410 | | non_null(1) nullable(2) |
411 | | void do_net_crypto(Net_Crypto *c, void *userdata); |
412 | | |
413 | | nullable(1) |
414 | | void kill_net_crypto(Net_Crypto *c); |
415 | | |
416 | | #endif /* C_TOXCORE_TOXCORE_NET_CRYPTO_H */ |