#include "quakedef.h"
#include "crypto.h"
#include "common.h"
#include "thread.h"
#include "hmac.h"
#include "libcurl.h"

Include dependency graph for crypto.c:

Data Structures
struct	crypto_data_t

struct	crypto_storedhostkey_t

struct	server_cryptoconnect_t

Macros
#define	CDATA ((crypto_data_t *) crypto->data)

#define	CLEAR_CDATA if(crypto->data) { if(CDATA->id) qd0_blind_id_free(CDATA->id); Z_Free(crypto->data); } crypto->data = NULL

#define	CRYPTOCONNECT_CONNECT 2

#define	CRYPTOCONNECT_DUPLICATE 4

#define	CRYPTOCONNECT_NONE 0

#define	CRYPTOCONNECT_PRECONNECT 1

#define	CRYPTOCONNECT_RECONNECT 3

#define	D0_BOOL int

#define	D0_EXPORT

#define	D0_RIJNDAEL_KEYLENGTH(keybits)

#define	D0_RIJNDAEL_NROUNDS(keybits)

#define	D0_RIJNDAEL_RKLENGTH(keybits)

#define	D0_WARN_UNUSED_RESULT

#define	FOURCC_D0ER (('d' << 0) \| ('0' << 8) \| ('e' << 16) \| ('r' << 24))

#define	FOURCC_D0IC (('d' << 0) \| ('0' << 8) \| ('i' << 16) \| ('c' << 24))

#define	FOURCC_D0IQ (('d' << 0) \| ('0' << 8) \| ('i' << 16) \| ('q' << 24))

#define	FOURCC_D0IR (('d' << 0) \| ('0' << 8) \| ('i' << 16) \| ('r' << 24))

#define	FOURCC_D0PI (('d' << 0) \| ('0' << 8) \| ('p' << 16) \| ('i' << 24))

#define	FOURCC_D0PK (('d' << 0) \| ('0' << 8) \| ('p' << 16) \| ('k' << 24))

#define	FOURCC_D0SI (('d' << 0) \| ('0' << 8) \| ('s' << 16) \| ('i' << 24))

#define	FOURCC_D0SK (('d' << 0) \| ('0' << 8) \| ('s' << 16) \| ('k' << 24))

#define	MAKE_CDATA if(!crypto->data) crypto->data = Z_Malloc(sizeof(crypto_data_t))

#define	MAX_CRYPTOCONNECTS 16

#define	MAX_PUBKEYS 16

#define	PROTOCOL_D0_BLIND_ID FOURCC_D0PK

#define	PROTOCOL_VLEN (('v' << 0) \| ('l' << 8) \| ('e' << 16) \| ('n' << 24))

#define	USE_AES

Typedefs
typedef struct d0_blind_id_s	d0_blind_id_t

typedef void *	d0_createmutex_t(void)

typedef void	d0_destroymutex_t(void *)

typedef D0_BOOL(*	d0_fastreject_function) (const d0_blind_id_t ctx, void pass)

typedef void	d0_free_t(void *p)

typedef int	d0_lockmutex_t(void *)

typedef void *	d0_malloc_t(size_t len)

typedef int	d0_unlockmutex_t(void *)

Functions
static void	aescpy (unsigned char key, const unsigned char iv, unsigned char dst, const unsigned char src, size_t len)

static qbool	Crypto_AddPrivateKey (d0_blind_id_t pk, char buf, size_t len)

qbool	Crypto_Available (void)

static void	Crypto_BuildChallengeAppend (void)

static void	Crypto_BuildIdString (void)

static qbool	Crypto_ClearHostKey (lhnetaddress_t *peeraddress)

static void	Crypto_ClearHostKeys (void)

static int	Crypto_ClientError (char data_out, size_t len_out, const char *msg)

int	Crypto_ClientParsePacket (const char data_in, size_t len_in, char data_out, size_t len_out, lhnetaddress_t peeraddress, const char *peeraddressstring)

static void	Crypto_CloseLibrary (void)

static void *	Crypto_d0_createmutex (void)

static void	Crypto_d0_destroymutex (void *m)

static void	Crypto_d0_free (void *p)

static int	Crypto_d0_lockmutex (void *m)

static void *	Crypto_d0_malloc (size_t len)

static int	Crypto_d0_unlockmutex (void *m)

const void *	Crypto_DecryptPacket (crypto_t crypto, const void data_src, size_t len_src, void data_dst, size_t len_dst, size_t len)

const void *	Crypto_EncryptPacket (crypto_t crypto, const void data_src, size_t len_src, void data_dst, size_t len_dst, size_t len)

qbool	Crypto_FinishInstance (crypto_t out, crypto_t crypto)

const char *	Crypto_GetInfoResponseDataString (void)

static void	Crypto_HostKey_Clear_f (cmd_state_t *cmd)

static void	Crypto_HostKeys_f (cmd_state_t *cmd)

void	Crypto_Init (void)

void	Crypto_Init_Commands (void)

static void	Crypto_InitHostKeys (void)

static void	Crypto_KeyGen_f (cmd_state_t *cmd)

static void	Crypto_KeyGen_Finished (int code, size_t length_received, unsigned char buffer, void cbdata)

static void	Crypto_Keys_f (cmd_state_t *cmd)

static unsigned long	Crypto_LittleLong (const char *data)

static size_t	Crypto_LoadFile (const char path, char buf, size_t nmax, qbool inuserdir)

void	Crypto_LoadKeys (void)

static qbool	Crypto_OpenLibrary (void)

static size_t	Crypto_ParsePack (const char buf, size_t len, unsigned long header, const char lumps, size_t lumpsize, size_t nlumps)

static d0_blind_id_t *	Crypto_ReadPublicKey (char *buf, size_t len)

static void	Crypto_Reload_f (cmd_state_t *cmd)

qbool	Crypto_RetrieveHostKey (lhnetaddress_t peeraddress, int keyid, char keyfp, size_t keyfplen, char idfp, size_t idfplen, int aeslevel, qbool issigned)

int	Crypto_RetrieveLocalKey (int keyid, char keyfp, size_t keyfplen, char idfp, size_t idfplen, qbool *issigned)

static void	Crypto_Rijndael_CloseLibrary (void)

static qbool	Crypto_Rijndael_OpenLibrary (void)

static qbool	Crypto_SavePubKeyTextFile (int i)

qbool	Crypto_ServerAppendToChallenge (const char data_in, size_t len_in, char data_out, size_t *len_out, size_t maxlen_out)

static int	Crypto_ServerError (char data_out, size_t len_out, const char msg, const char msg_client)

static crypto_t *	Crypto_ServerFindInstance (lhnetaddress_t *peeraddress, qbool allow_create)

crypto_t *	Crypto_ServerGetInstance (lhnetaddress_t *peeraddress)

int	Crypto_ServerParsePacket (const char data_in, size_t len_in, char data_out, size_t len_out, lhnetaddress_t peeraddress)

static int	Crypto_ServerParsePacket_Internal (const char data_in, size_t len_in, char data_out, size_t len_out, lhnetaddress_t peeraddress)

void	Crypto_Shutdown (void)

size_t	Crypto_SignData (const void data, size_t datasize, int keyid, void signed_data, size_t signed_size)

size_t	Crypto_SignDataDetached (const void data, size_t datasize, int keyid, void signed_data, size_t signed_size)

static int	Crypto_SoftClientError (char data_out, size_t len_out, const char *msg)

static int	Crypto_SoftServerError (char data_out, size_t len_out, const char *msg)

static void	Crypto_StoreHostKey (lhnetaddress_t peeraddress, const char keystring, qbool complain)

static void	Crypto_UnLittleLong (char *data, unsigned long l)

static void	Crypto_UnloadKeys (void)

static size_t	Crypto_UnParsePack (char buf, size_t len, unsigned long header, const char const lumps, const size_t lumpsize, size_t nlumps)

static const char *	GetUntilNul (const char *data, size_t len)

static qbool	PutWithNul (char *data, size_t len, const char *str)

static void	seacpy (unsigned char key, const unsigned char iv, unsigned char dst, const unsigned char src, size_t len)

void	sha256 (unsigned char out, const unsigned char in, int n)

Variables
static int	cdata_id = 0

static char	challenge_append [1400]

static size_t	challenge_append_length

cvar_t	crypto_aeslevel = {CF_CLIENT \| CF_SERVER \| CF_ARCHIVE, "crypto_aeslevel", "1", "whether to support AES encryption in authenticated connections (0 = no, 1 = supported, 2 = requested, 3 = required)"}

cvar_t	crypto_developer = {CF_CLIENT \| CF_SERVER \| CF_ARCHIVE, "crypto_developer", "0", "print extra info about crypto handshake"}

static const char *	crypto_idstring = NULL

static char	crypto_idstring_buf [512]

int	crypto_keyfp_recommended_length

static double	crypto_servercpu_accumulator = 0

static double	crypto_servercpu_lastrealtime = 0

cvar_t	crypto_servercpudebug = {CF_CLIENT \| CF_SERVER \| CF_ARCHIVE, "crypto_servercpudebug", "0", "print statistics about time usage by crypto"}

cvar_t	crypto_servercpumaxtime = {CF_CLIENT \| CF_SERVER \| CF_ARCHIVE, "crypto_servercpumaxtime", "0.01", "maximum allowed crypto CPU time per frame (0 = no limit)"}

cvar_t	crypto_servercpupercent = {CF_CLIENT \| CF_SERVER \| CF_ARCHIVE, "crypto_servercpupercent", "10", "allowed crypto CPU load in percent for server operation (0 = no limit, faster)"}

static crypto_storedhostkey_t *	crypto_storedhostkey_hashtable [CRYPTO_HOSTKEY_HASHSIZE]

static server_cryptoconnect_t	cryptoconnects [MAX_CRYPTOCONNECTS]

static mempool_t *	cryptomempool

static dllhandle_t	d0_blind_id_dll = NULL

static dllfunction_t	d0_blind_id_funcs []

static dllhandle_t	d0_rijndael_dll = NULL

static dllfunction_t	d0_rijndael_funcs []

static char	keygen_buf [8192]

static int	keygen_i = -1

cvar_t	net_sourceaddresscheck

static d0_blind_id_t *	pubkeys [MAX_PUBKEYS]

static char	pubkeys_fp64 [MAX_PUBKEYS][FP64_SIZE+1]

static qbool	pubkeys_havepriv [MAX_PUBKEYS]

static qbool	pubkeys_havesig [MAX_PUBKEYS]

static char	pubkeys_priv_fp64 [MAX_PUBKEYS][FP64_SIZE+1]

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_authenticate_with_private_id_challenge )(d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL recv_modulus, const char inbuf, size_t inbuflen, char outbuf, size_t outbuflen, D0_BOOL *status)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_authenticate_with_private_id_response )(d0_blind_id_t ctx, const char inbuf, size_t inbuflen, char outbuf, size_t outbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_authenticate_with_private_id_start )(d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char message, size_t msglen, char outbuf, size_t outbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_authenticate_with_private_id_verify )(d0_blind_id_t ctx, const char inbuf, size_t inbuflen, char msg, size_t msglen, D0_BOOL *status)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_copy )(d0_blind_id_t ctx, const d0_blind_id_t src)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_fingerprint64_public_id )(const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_fingerprint64_public_key )(const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_finish_private_id_request )(d0_blind_id_t ctx, const char inbuf, size_t inbuflen)

static D0_EXPORT void(*	qd0_blind_id_free )(d0_blind_id_t *a)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_generate_private_id_request )(d0_blind_id_t ctx, char outbuf, size_t *outbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_generate_private_id_start )(d0_blind_id_t *ctx)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_INITIALIZE )(void)

static D0_EXPORT D0_WARN_UNUSED_RESULT d0_blind_id_t (	qd0_blind_id_new )(void)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_read_private_id )(d0_blind_id_t ctx, const char inbuf, size_t inbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_read_private_id_modulus )(d0_blind_id_t ctx, const char inbuf, size_t inbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_read_public_key )(d0_blind_id_t ctx, const char inbuf, size_t inbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_sessionkey_public_id )(const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)

static D0_EXPORT void(*	qd0_blind_id_setmallocfuncs )(d0_malloc_t m, d0_free_t f)

static D0_EXPORT void(*	qd0_blind_id_setmutexfuncs )(d0_createmutex_t c, d0_destroymutex_t d, d0_lockmutex_t l, d0_unlockmutex_t u)

static D0_EXPORT void(*	qd0_blind_id_SHUTDOWN )(void)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_sign_with_private_id_sign )(d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char message, size_t msglen, char outbuf, size_t outbuflen)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_sign_with_private_id_sign_detached )(d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char message, size_t msglen, char outbuf, size_t outbuflen)

static D0_EXPORT void(*	qd0_blind_id_util_sha256 )(char out, const char in, size_t n)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_verify_private_id )(const d0_blind_id_t *ctx)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_verify_public_id )(const d0_blind_id_t ctx, D0_BOOL status)

static D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(*	qd0_blind_id_write_private_id )(const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)

D0_EXPORT void(*	qd0_rijndael_decrypt )(const unsigned long *rk, int nrounds, const unsigned char ciphertext[16], unsigned char plaintext[16])

D0_EXPORT void(*	qd0_rijndael_encrypt )(const unsigned long *rk, int nrounds, const unsigned char plaintext[16], unsigned char ciphertext[16])

D0_EXPORT int(*	qd0_rijndael_setup_decrypt )(unsigned long rk, const unsigned char key, int keybits)

D0_EXPORT int(*	qd0_rijndael_setup_encrypt )(unsigned long rk, const unsigned char key, int keybits)

Macro Definition Documentation

◆ CDATA

#define CDATA ((crypto_data_t *) crypto->data)

Definition at line 524 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ CLEAR_CDATA

#define CLEAR_CDATA if(crypto->data) { if(CDATA->id) qd0_blind_id_free(CDATA->id); Z_Free(crypto->data); } crypto->data = NULL

Definition at line 526 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), Crypto_FinishInstance(), Crypto_ServerFindInstance(), Crypto_ServerParsePacket_Internal(), and Crypto_Shutdown().

◆ CRYPTOCONNECT_CONNECT

#define CRYPTOCONNECT_CONNECT 2

Definition at line 496 of file crypto.c.

◆ CRYPTOCONNECT_DUPLICATE

#define CRYPTOCONNECT_DUPLICATE 4

Definition at line 498 of file crypto.c.

◆ CRYPTOCONNECT_NONE

#define CRYPTOCONNECT_NONE 0

Definition at line 494 of file crypto.c.

◆ CRYPTOCONNECT_PRECONNECT

#define CRYPTOCONNECT_PRECONNECT 1

Definition at line 495 of file crypto.c.

◆ CRYPTOCONNECT_RECONNECT

#define CRYPTOCONNECT_RECONNECT 3

Definition at line 497 of file crypto.c.

◆ D0_BOOL

#define D0_BOOL int

Definition at line 187 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), Crypto_KeyGen_Finished(), Crypto_LoadKeys(), Crypto_ServerParsePacket_Internal(), and main().

◆ D0_EXPORT

#define D0_EXPORT

Definition at line 181 of file crypto.c.

◆ D0_RIJNDAEL_KEYLENGTH

#define D0_RIJNDAEL_KEYLENGTH ( keybits )

Value:

((keybits)/8)

Definition at line 338 of file crypto.c.

◆ D0_RIJNDAEL_NROUNDS

#define D0_RIJNDAEL_NROUNDS ( keybits )

Value:

((keybits)/32+6)

Definition at line 340 of file crypto.c.

Referenced by aescpy(), and seacpy().

◆ D0_RIJNDAEL_RKLENGTH

#define D0_RIJNDAEL_RKLENGTH ( keybits )

Value:

((keybits)/8+28)

Definition at line 339 of file crypto.c.

Referenced by aescpy(), and seacpy().

◆ D0_WARN_UNUSED_RESULT

#define D0_WARN_UNUSED_RESULT

Definition at line 185 of file crypto.c.

◆ FOURCC_D0ER

#define FOURCC_D0ER (('d' << 0) | ('0' << 8) | ('e' << 16) | ('r' << 24))

Definition at line 56 of file crypto.c.

Referenced by Crypto_KeyGen_Finished().

◆ FOURCC_D0IC

#define FOURCC_D0IC (('d' << 0) | ('0' << 8) | ('i' << 16) | ('c' << 24))

Definition at line 57 of file crypto.c.

◆ FOURCC_D0IQ

#define FOURCC_D0IQ (('d' << 0) | ('0' << 8) | ('i' << 16) | ('q' << 24))

Definition at line 54 of file crypto.c.

Referenced by Crypto_KeyGen_f().

◆ FOURCC_D0IR

#define FOURCC_D0IR (('d' << 0) | ('0' << 8) | ('i' << 16) | ('r' << 24))

Definition at line 55 of file crypto.c.

Referenced by Crypto_KeyGen_Finished().

◆ FOURCC_D0PI

#define FOURCC_D0PI (('d' << 0) | ('0' << 8) | ('p' << 16) | ('i' << 24))

Definition at line 52 of file crypto.c.

◆ FOURCC_D0PK

#define FOURCC_D0PK (('d' << 0) | ('0' << 8) | ('p' << 16) | ('k' << 24))

Definition at line 50 of file crypto.c.

Referenced by Crypto_ReadPublicKey().

◆ FOURCC_D0SI

#define FOURCC_D0SI (('d' << 0) | ('0' << 8) | ('s' << 16) | ('i' << 24))

Definition at line 53 of file crypto.c.

Referenced by Crypto_AddPrivateKey(), Crypto_KeyGen_f(), and Crypto_KeyGen_Finished().

◆ FOURCC_D0SK

#define FOURCC_D0SK (('d' << 0) | ('0' << 8) | ('s' << 16) | ('k' << 24))

Definition at line 51 of file crypto.c.

◆ MAKE_CDATA

#define MAKE_CDATA if(!crypto->data) crypto->data = Z_Malloc(sizeof(crypto_data_t))

Definition at line 525 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ MAX_CRYPTOCONNECTS

#define MAX_CRYPTOCONNECTS 16

Definition at line 493 of file crypto.c.

Referenced by Crypto_ServerFindInstance(), and Crypto_Shutdown().

◆ MAX_PUBKEYS

#define MAX_PUBKEYS 16

Definition at line 481 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), Crypto_BuildIdString(), Crypto_ClientParsePacket(), Crypto_KeyGen_Finished(), Crypto_Keys_f(), Crypto_LoadKeys(), Crypto_RetrieveLocalKey(), Crypto_ServerParsePacket_Internal(), Crypto_SignData(), Crypto_SignDataDetached(), Crypto_StoreHostKey(), and Crypto_UnloadKeys().

◆ PROTOCOL_D0_BLIND_ID

#define PROTOCOL_D0_BLIND_ID FOURCC_D0PK

Definition at line 46 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), and Crypto_ClientParsePacket().

◆ PROTOCOL_VLEN

#define PROTOCOL_VLEN (('v' << 0) | ('l' << 8) | ('e' << 16) | ('n' << 24))

Definition at line 47 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), and Crypto_ClientParsePacket().

◆ USE_AES

#define USE_AES

Definition at line 128 of file crypto.c.

Typedef Documentation

◆ d0_blind_id_t

typedef struct d0_blind_id_s d0_blind_id_t

Definition at line 196 of file crypto.c.

◆ d0_createmutex_t

typedef void * d0_createmutex_t(void)

Definition at line 191 of file crypto.c.

◆ d0_destroymutex_t

typedef void d0_destroymutex_t(void *)

Definition at line 192 of file crypto.c.

◆ d0_fastreject_function

typedef D0_BOOL(* d0_fastreject_function) (const d0_blind_id_t *ctx, void *pass)

Definition at line 197 of file crypto.c.

◆ d0_free_t

typedef void d0_free_t(void *p)

Definition at line 190 of file crypto.c.

◆ d0_lockmutex_t

typedef int d0_lockmutex_t(void *)

Definition at line 193 of file crypto.c.

◆ d0_malloc_t

typedef void * d0_malloc_t(size_t len)

Definition at line 189 of file crypto.c.

◆ d0_unlockmutex_t

typedef int d0_unlockmutex_t(void *)

Definition at line 194 of file crypto.c.

Function Documentation

◆ aescpy()

static void aescpy	(	unsigned char *	key,
		const unsigned char *	iv,
		unsigned char *	dst,
		const unsigned char *	src,
		size_t	len )

static

Definition at line 1472 of file crypto.c.

{
    const unsigned char *xorpos = iv;
    unsigned char xorbuf[16];
    unsigned long rk[D0_RIJNDAEL_RKLENGTH(DHKEY_SIZE * 8)];
    size_t i;
    qd0_rijndael_setup_encrypt(rk, key, DHKEY_SIZE * 8);
    while(len > 16)
    {
        for(i = 0; i < 16; ++i)
            xorbuf[i] = src[i] ^ xorpos[i];
        qd0_rijndael_encrypt(rk, D0_RIJNDAEL_NROUNDS(DHKEY_SIZE * 8), xorbuf, dst);
        xorpos = dst;
        len -= 16;
        src += 16;
        dst += 16;
    }
    if(len > 0)
    {
        for(i = 0; i < len; ++i)
            xorbuf[i] = src[i] ^ xorpos[i];
        for(; i < 16; ++i)
            xorbuf[i] = xorpos[i];
        qd0_rijndael_encrypt(rk, D0_RIJNDAEL_NROUNDS(DHKEY_SIZE * 8), xorbuf, dst);
    }
}

References D0_RIJNDAEL_NROUNDS, D0_RIJNDAEL_RKLENGTH, DHKEY_SIZE, i, qd0_rijndael_encrypt, qd0_rijndael_setup_encrypt, and src.

Referenced by Crypto_EncryptPacket().

◆ Crypto_AddPrivateKey()

static qbool Crypto_AddPrivateKey	(	d0_blind_id_t *	pk,
		char *	buf,
		size_t	len )

static

Definition at line 469 of file crypto.c.

{
    const char *p[1];
    size_t l[1];
    if(Crypto_ParsePack(buf, len, FOURCC_D0SI, p, l, 1))
    {
        if(qd0_blind_id_read_private_id(pk, p[0], l[0]))
            return true;
    }
    return false;
}

References buf, Crypto_ParsePack(), FOURCC_D0SI, and qd0_blind_id_read_private_id.

Referenced by Crypto_LoadKeys().

◆ Crypto_Available()

qbool Crypto_Available ( void )

Definition at line 1097 of file crypto.c.

{
    if(!d0_blind_id_dll)
        return false;
    return true;
}

References d0_blind_id_dll.

Referenced by checkextension(), and VM_digest_hex().

◆ Crypto_BuildChallengeAppend()

static void Crypto_BuildChallengeAppend ( void )

static

Definition at line 785 of file crypto.c.

{
    char *p, *lengthptr, *startptr;
    size_t n;
    int i;
    p = challenge_append;
    n = sizeof(challenge_append);
    Crypto_UnLittleLong(p, PROTOCOL_VLEN);
    p += 4;
    n -= 4;
    lengthptr = p;
    Crypto_UnLittleLong(p, 0);
    p += 4;
    n -= 4;
    Crypto_UnLittleLong(p, PROTOCOL_D0_BLIND_ID);
    p += 4;
    n -= 4;
    startptr = p;
    for(i = 0; i < MAX_PUBKEYS; ++i)
        if(pubkeys_havepriv[i])
            PutWithNul(&p, &n, pubkeys_fp64[i]);
    PutWithNul(&p, &n, "");
    for(i = 0; i < MAX_PUBKEYS; ++i)
        if(!pubkeys_havepriv[i] && pubkeys[i])
            PutWithNul(&p, &n, pubkeys_fp64[i]);
    Crypto_UnLittleLong(lengthptr, p - startptr);
    challenge_append_length = p - challenge_append;
}

References challenge_append, challenge_append_length, Crypto_UnLittleLong(), i, MAX_PUBKEYS, n, PROTOCOL_D0_BLIND_ID, PROTOCOL_VLEN, pubkeys, pubkeys_fp64, pubkeys_havepriv, and PutWithNul().

Referenced by Crypto_KeyGen_f(), and Crypto_LoadKeys().

◆ Crypto_BuildIdString()

static void Crypto_BuildIdString ( void )

static

Definition at line 842 of file crypto.c.

{
    int i;
    char vabuf[1024];
 
    crypto_idstring = NULL;
    dpsnprintf(crypto_idstring_buf, sizeof(crypto_idstring_buf), "%d", d0_rijndael_dll ? crypto_aeslevel.integer : 0);
    for (i = 0; i < MAX_PUBKEYS; ++i)
        if (pubkeys[i])
            dp_strlcat(crypto_idstring_buf, va(vabuf, sizeof(vabuf), " %s@%s%s", pubkeys_priv_fp64[i], pubkeys_havesig[i] ? "" : "~", pubkeys_fp64[i]), sizeof(crypto_idstring_buf));
    crypto_idstring = crypto_idstring_buf;
}

References crypto_aeslevel, crypto_idstring, crypto_idstring_buf, d0_rijndael_dll, dp_strlcat, dpsnprintf(), i, cvar_t::integer, MAX_PUBKEYS, NULL, pubkeys, pubkeys_fp64, pubkeys_havesig, pubkeys_priv_fp64, and va().

Referenced by Crypto_KeyGen_Finished(), and Crypto_LoadKeys().

◆ Crypto_ClearHostKey()

static qbool Crypto_ClearHostKey ( lhnetaddress_t * peeraddress )

static

Definition at line 613 of file crypto.c.

{
    char buf[128];
    int hashindex;
    crypto_storedhostkey_t **hkp;
    qbool found = false;
 
    LHNETADDRESS_ToString(peeraddress, buf, sizeof(buf), 1);
    hashindex = CRC_Block((const unsigned char *) buf, strlen(buf)) % CRYPTO_HOSTKEY_HASHSIZE;
    for(hkp = &crypto_storedhostkey_hashtable[hashindex]; *hkp && LHNETADDRESS_Compare(&((*hkp)->addr), peeraddress); hkp = &((*hkp)->next));
 
    if(*hkp)
    {
        crypto_storedhostkey_t *hk = *hkp;
        *hkp = hk->next;
        Z_Free(hk);
        found = true;
    }
 
    return found;
}

References buf, CRC_Block(), CRYPTO_HOSTKEY_HASHSIZE, crypto_storedhostkey_hashtable, LHNETADDRESS_Compare(), LHNETADDRESS_ToString(), crypto_storedhostkey_t::next, strlen(), and Z_Free.

Referenced by Crypto_HostKey_Clear_f().

◆ Crypto_ClearHostKeys()

static void Crypto_ClearHostKeys ( void )

static

Definition at line 598 of file crypto.c.

{
    int i;
    crypto_storedhostkey_t *hk, *hkn;
    for(i = 0; i < CRYPTO_HOSTKEY_HASHSIZE; ++i)
    {
        for(hk = crypto_storedhostkey_hashtable[i]; hk; hk = hkn)
        {
            hkn = hk->next;
            Z_Free(hk);
        }
        crypto_storedhostkey_hashtable[i] = NULL;
    }
}

References CRYPTO_HOSTKEY_HASHSIZE, crypto_storedhostkey_hashtable, i, crypto_storedhostkey_t::next, NULL, and Z_Free.

Referenced by Crypto_Reload_f().

◆ Crypto_ClientError()

static int Crypto_ClientError	(	char *	data_out,
		size_t *	len_out,
		const char *	msg )

static

Definition at line 2093 of file crypto.c.

{
    dpsnprintf(data_out, *len_out, "reject %s", msg);
    *len_out = strlen(data_out);
    return CRYPTO_REPLACE;
}

References CRYPTO_REPLACE, dpsnprintf(), and strlen().

Referenced by Crypto_ClientParsePacket().

◆ Crypto_ClientParsePacket()

int Crypto_ClientParsePacket	(	const char *	data_in,
		size_t	len_in,
		char *	data_out,
		size_t *	len_out,
		lhnetaddress_t *	peeraddress,
		const char *	peeraddressstring )

Definition at line 2107 of file crypto.c.

{
    crypto_t *crypto = &cls.crypto;
    const char *string = data_in;
    D0_BOOL aes;
    char *data_out_p = data_out;
    D0_BOOL status;
    char infostringvalue[MAX_INPUTLINE];
    char vabuf[1024];
 
    if(!d0_blind_id_dll)
        return CRYPTO_NOMATCH; // no support
 
    // if "challenge": verify challenge, and discard message, send next crypto protocol message instead
    // otherwise, just handle actual protocol messages
 
    if (len_in == 6 && !memcmp(string, "accept", 6) && cls.connect_trying && d0_rijndael_dll)
    {
        int wantserverid = -1;
        Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL, NULL);
        if(!crypto || !crypto->authenticated) // we ALSO get here if we are using an encrypted connection, so let's rule this out
        {
            if(wantserverid >= 0)
                return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");
            if(crypto_aeslevel.integer >= 3)
                return Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)");
        }
        return CRYPTO_NOMATCH;
    }
    else if (len_in >= 1 && string[0] == 'j' && cls.connect_trying && d0_rijndael_dll)
    {
        int wantserverid = -1;
        Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL, NULL);
        //if(!crypto || !crypto->authenticated)
        {
            if(wantserverid >= 0)
                return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");
            if(crypto_aeslevel.integer >= 3)
                return Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)");
        }
        return CRYPTO_NOMATCH;
    }
    else if (len_in >= 5 && BuffLittleLong((unsigned char *) string) == ((int)NETFLAG_CTL | (int)len_in))
    {
        int wantserverid = -1;
 
        // these three are harmless
        if((unsigned char) string[4] == CCREP_SERVER_INFO)
            return CRYPTO_NOMATCH;
        if((unsigned char) string[4] == CCREP_PLAYER_INFO)
            return CRYPTO_NOMATCH;
        if((unsigned char) string[4] == CCREP_RULE_INFO)
            return CRYPTO_NOMATCH;
 
        Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, NULL, 0, NULL, NULL);
        //if(!crypto || !crypto->authenticated)
        {
            if(wantserverid >= 0)
                return Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present");
            if(crypto_aeslevel.integer >= 3)
                return Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)");
        }
        return CRYPTO_NOMATCH;
    }
    else if (len_in >= 13 && !memcmp(string, "infoResponse\x0A", 13))
    {
        if(InfoString_GetValue(string + 13, "d0_blind_id", infostringvalue, sizeof(infostringvalue)))
            Crypto_StoreHostKey(peeraddress, infostringvalue, true);
        return CRYPTO_NOMATCH;
    }
    else if (len_in >= 15 && !memcmp(string, "statusResponse\x0A", 15))
    {
        char save = 0;
        const char *p;
        p = strchr(string + 15, '\n');
        if(p)
        {
            save = *p;
            * (char *) p = 0; // cut off the string there
        }
        if(InfoString_GetValue(string + 15, "d0_blind_id", infostringvalue, sizeof(infostringvalue)))
            Crypto_StoreHostKey(peeraddress, infostringvalue, true);
        if(p)
        {
            * (char *) p = save;
            // invoking those nasal demons again (do not run this on the DS9k)
        }
        return CRYPTO_NOMATCH;
    }
    else if(len_in > 10 && !memcmp(string, "challenge ", 10) && cls.connect_trying)
    {
        const char *vlen_blind_id_ptr = NULL;
        size_t len_blind_id_ptr = 0;
        unsigned long k, v;
        const char *challenge = data_in + 10;
        const char *p;
        int i;
        int clientid = -1, serverid = -1, wantserverid = -1;
        qbool server_can_auth = true;
        char wantserver_idfp[FP64_SIZE+1];
        int wantserver_aeslevel = 0;
        qbool wantserver_issigned = false;
 
        // Must check the source IP here, if we want to prevent other servers' replies from falsely advancing the crypto state, preventing successful connect to the real server.
        if (net_sourceaddresscheck.integer && LHNETADDRESS_Compare(peeraddress, &cls.connect_address))
        {
            char warn_msg[128];
 
            dpsnprintf(warn_msg, sizeof(warn_msg), "ignoring challenge message from wrong server %s", peeraddressstring);
            return Crypto_SoftClientError(data_out, len_out, warn_msg);
        }
 
        // if we have a stored host key for the server, assume serverid to already be selected!
        // (the loop will refuse to overwrite this one then)
        wantserver_idfp[0] = 0;
        Crypto_RetrieveHostKey(&cls.connect_address, &wantserverid, NULL, 0, wantserver_idfp, sizeof(wantserver_idfp), &wantserver_aeslevel, &wantserver_issigned);
        // requirement: wantserver_idfp is a full ID if wantserverid set
 
        // if we leave, we have to consider the connection
        // unauthenticated; NOTE: this may be faked by a clever
        // attacker to force an unauthenticated connection; so we have
        // a safeguard check in place when encryption is required too
        // in place, or when authentication is required by the server
        crypto->authenticated = false;
 
        GetUntilNul(&data_in, &len_in);
        if(!data_in)
            return (wantserverid >= 0) ? Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though a host key is present") :
                (d0_rijndael_dll && crypto_aeslevel.integer >= 3) ? Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)") :
                CRYPTO_NOMATCH;
 
        // FTEQW extension protocol
        while(len_in >= 8)
        {
            k = Crypto_LittleLong(data_in);
            v = Crypto_LittleLong(data_in + 4);
            data_in += 8;
            len_in -= 8;
            switch(k)
            {
                case PROTOCOL_VLEN:
                    if(len_in >= 4 + v)
                    {
                        k = Crypto_LittleLong(data_in);
                        data_in += 4;
                        len_in -= 4;
                        switch(k)
                        {
                            case PROTOCOL_D0_BLIND_ID:
                                vlen_blind_id_ptr = data_in;
                                len_blind_id_ptr = v;
                                break;
                        }
                        data_in += v;
                        len_in -= v;
                    }
                    break;
                default:
                    break;
            }
        }
 
        if(!vlen_blind_id_ptr)
            return (wantserverid >= 0) ? Crypto_ClientError(data_out, len_out, "Server tried an unauthenticated connection even though authentication is required") :
                (d0_rijndael_dll && crypto_aeslevel.integer >= 3) ? Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)") :
                CRYPTO_NOMATCH;
 
        data_in = vlen_blind_id_ptr;
        len_in = len_blind_id_ptr;
 
        // parse fingerprints
        //   once we found a fingerprint we can auth to (ANY), select it as clientfp
        //   once we found a fingerprint in the first list that we know, select it as serverfp
 
        for(;;)
        {
            p = GetUntilNul(&data_in, &len_in);
            if(!p)
                break;
            if(!*p)
            {
                if(!server_can_auth)
                    break; // other protocol message may follow
                server_can_auth = false;
                if(clientid >= 0)
                    break;
                continue;
            }
            // Find the highest numbered matching key for p.
            for(i = 0; i < MAX_PUBKEYS; ++i)
            {
                if(pubkeys[i])
                if(!strcmp(p, pubkeys_fp64[i]))
                {
                    if(pubkeys_havepriv[i])
                        clientid = i;
                    if(server_can_auth)
                        if(wantserverid < 0 || i == wantserverid)
                            serverid = i;
                }
            }
            // Not breaking, as higher keys in the list always have priority.
        }
 
        // if stored host key is not found:
        if(wantserverid >= 0 && serverid < 0)
            return Crypto_ClientError(data_out, len_out, "Server CA does not match stored host key, refusing to connect");
 
        if(serverid >= 0 || clientid >= 0)
        {
            MAKE_CDATA;
            CDATA->cdata_id = ++cdata_id;
            CDATA->s = serverid;
            CDATA->c = clientid;
            memset(crypto->dhkey, 0, sizeof(crypto->dhkey));
            dp_strlcpy(CDATA->challenge, challenge, sizeof(CDATA->challenge));
            crypto->client_keyfp[0] = 0;
            crypto->client_idfp[0] = 0;
            crypto->server_keyfp[0] = 0;
            crypto->server_idfp[0] = 0;
            memcpy(CDATA->wantserver_idfp, wantserver_idfp, sizeof(crypto->server_idfp));
            CDATA->wantserver_issigned = wantserver_issigned;
 
            if(CDATA->wantserver_idfp[0]) // if we know a host key, honor its encryption setting
            switch(bound(0, d0_rijndael_dll ? crypto_aeslevel.integer : 0, 3))
            {
                default: // dummy, never happens, but to make gcc happy...
                case 0:
                    if(wantserver_aeslevel >= 3)
                        return Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)");
                    CDATA->wantserver_aes = false;
                    break;
                case 1:
                    CDATA->wantserver_aes = (wantserver_aeslevel >= 2);
                    break;
                case 2:
                    CDATA->wantserver_aes = (wantserver_aeslevel >= 1);
                    break;
                case 3:
                    if(wantserver_aeslevel <= 0)
                        return Crypto_ClientError(data_out, len_out, "This server requires encryption to be supported (crypto_aeslevel >= 1, and d0_rijndael library must be present)");
                    CDATA->wantserver_aes = true;
                    break;
            }
 
            // build outgoing message
            // append regular stuff
            PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\0\\id\\%d\\aeslevel\\%d\\challenge\\%s", CDATA->cdata_id, d0_rijndael_dll ? crypto_aeslevel.integer : 0, challenge));
            PutWithNul(&data_out_p, len_out, serverid >= 0 ? pubkeys_fp64[serverid] : "");
            PutWithNul(&data_out_p, len_out, clientid >= 0 ? pubkeys_fp64[clientid] : "");
 
            if(clientid >= 0)
            {
                // I am the client, and my key is ok... so let's set client_keyfp and client_idfp
                dp_strlcpy(crypto->client_keyfp, pubkeys_fp64[CDATA->c], sizeof(crypto->client_keyfp));
                dp_strlcpy(crypto->client_idfp, pubkeys_priv_fp64[CDATA->c], sizeof(crypto->client_idfp));
                crypto->client_issigned = pubkeys_havesig[CDATA->c];
            }
 
            if(serverid >= 0)
            {
                if(!CDATA->id)
                    CDATA->id = qd0_blind_id_new();
                if(!CDATA->id)
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "d0_blind_id_new failed");
                }
                if(!qd0_blind_id_copy(CDATA->id, pubkeys[CDATA->s]))
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "d0_blind_id_copy failed");
                }
                CDATA->next_step = 1;
                *len_out = data_out_p - data_out;
            }
            else // if(clientid >= 0) // guaranteed by condition one level outside
            {
                // skip over server auth, perform client auth only
                if(!CDATA->id)
                    CDATA->id = qd0_blind_id_new();
                if(!CDATA->id)
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "d0_blind_id_new failed");
                }
                if(!qd0_blind_id_copy(CDATA->id, pubkeys[CDATA->c]))
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "d0_blind_id_copy failed");
                }
                if(!qd0_blind_id_authenticate_with_private_id_start(CDATA->id, true, false, "XONOTIC", 8, data_out_p, len_out)) // len_out receives used size by this op
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_start failed");
                }
                CDATA->next_step = 5;
                data_out_p += *len_out;
                *len_out = data_out_p - data_out;
            }
            return CRYPTO_DISCARD;
        }
        else
        {
            if(wantserver_idfp[0]) // if we know a host key, honor its encryption setting
            if(wantserver_aeslevel >= 3)
                return Crypto_ClientError(data_out, len_out, "Server insists on encryption, but neither can authenticate to the other");
            return (d0_rijndael_dll && crypto_aeslevel.integer >= 3) ? Crypto_ClientError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)") :
                CRYPTO_NOMATCH;
        }
    }
    else if(len_in > 5 && !memcmp(string, "d0pk\\", 5) && cls.connect_trying)
    {
        const char *cnt;
        int id;
 
        // Must check the source IP here, if we want to prevent other servers' replies from falsely advancing the crypto state, preventing successful connect to the real server.
        if (net_sourceaddresscheck.integer && LHNETADDRESS_Compare(peeraddress, &cls.connect_address))
        {
            char warn_msg[128];
 
            dpsnprintf(warn_msg, sizeof(warn_msg), "ignoring d0pk\\ message from wrong server %s", peeraddressstring);
            return Crypto_SoftClientError(data_out, len_out, warn_msg);
        }
 
        id = (InfoString_GetValue(string + 4, "id", infostringvalue, sizeof(infostringvalue)) ? atoi(infostringvalue) : -1);
        cnt = (InfoString_GetValue(string + 4, "cnt", infostringvalue, sizeof(infostringvalue)) ? infostringvalue : NULL);
        if(!cnt)
            return Crypto_ClientError(data_out, len_out, "d0pk\\ message without cnt");
        GetUntilNul(&data_in, &len_in);
        if(!data_in)
            return Crypto_ClientError(data_out, len_out, "d0pk\\ message without attachment");
 
        if(!strcmp(cnt, "1"))
        {
            if(id >= 0)
                if(CDATA->cdata_id != id)
                    return Crypto_SoftClientError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\id\\%d when expecting %d", id, CDATA->cdata_id));
            if(CDATA->next_step != 1)
                return Crypto_SoftClientError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\cnt\\%s when expecting %d", cnt, CDATA->next_step));
 
            cls.connect_nextsendtime = max(cls.connect_nextsendtime, host.realtime + 1); // prevent "hammering"
 
            if(InfoString_GetValue(string + 4, "aes", infostringvalue, sizeof(infostringvalue)))
                aes = atoi(infostringvalue);
            else
                aes = false;
            // we CANNOT toggle the AES status any more!
            // as the server already decided
            if(CDATA->wantserver_idfp[0]) // if we know a host key, honor its encryption setting
            if(!aes && CDATA->wantserver_aes)
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "Stored host key requires encryption, but server did not enable encryption");
            }
            if(aes && (!d0_rijndael_dll || crypto_aeslevel.integer <= 0))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "Server insists on encryption too hard");
            }
            if(!aes && (d0_rijndael_dll && crypto_aeslevel.integer >= 3))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "Server insists on plaintext too hard");
            }
            crypto->use_aes = aes != 0;
 
            PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\2\\id\\%d", CDATA->cdata_id));
            if(!qd0_blind_id_authenticate_with_private_id_challenge(CDATA->id, true, false, data_in, len_in, data_out_p, len_out, &status))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_challenge failed");
            }
            CDATA->next_step = 3;
            data_out_p += *len_out;
            *len_out = data_out_p - data_out;
            return CRYPTO_DISCARD;
        }
        else if(!strcmp(cnt, "3"))
        {
            static char msgbuf[32];
            size_t msgbuflen = sizeof(msgbuf);
            size_t fpbuflen;
 
            if(id >= 0)
                if(CDATA->cdata_id != id)
                    return Crypto_SoftClientError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\id\\%d when expecting %d", id, CDATA->cdata_id));
            if(CDATA->next_step != 3)
                return Crypto_SoftClientError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\cnt\\%s when expecting %d", cnt, CDATA->next_step));
 
            cls.connect_nextsendtime = max(cls.connect_nextsendtime, host.realtime + 1); // prevent "hammering"
 
            if(!qd0_blind_id_authenticate_with_private_id_verify(CDATA->id, data_in, len_in, msgbuf, &msgbuflen, &status))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_verify failed (server authentication error)");
            }
 
            dp_strlcpy(crypto->server_keyfp, pubkeys_fp64[CDATA->s], sizeof(crypto->server_keyfp));
            if (!status && CDATA->wantserver_issigned)
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "Stored host key requires a valid signature, but server did not provide any");
            }
            crypto->server_issigned = status;
 
            memset(crypto->server_idfp, 0, sizeof(crypto->server_idfp));
            fpbuflen = FP64_SIZE;
            if(!qd0_blind_id_fingerprint64_public_id(CDATA->id, crypto->server_idfp, &fpbuflen))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "d0_blind_id_fingerprint64_public_id failed");
            }
            if(CDATA->wantserver_idfp[0])
            if(memcmp(CDATA->wantserver_idfp, crypto->server_idfp, sizeof(crypto->server_idfp)))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "Server ID does not match stored host key, refusing to connect");
            }
            fpbuflen = DHKEY_SIZE;
            if(!qd0_blind_id_sessionkey_public_id(CDATA->id, (char *) crypto->dhkey, &fpbuflen))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "d0_blind_id_sessionkey_public_id failed");
            }
 
            // cache the server key
            Crypto_StoreHostKey(&cls.connect_address, va(vabuf, sizeof(vabuf), "%d %s@%s%s", crypto->use_aes ? 1 : 0, crypto->server_idfp, crypto->server_issigned ? "" : "~", pubkeys_fp64[CDATA->s]), false);
 
            if(CDATA->c >= 0)
            {
                // client will auth next
                PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\4\\id\\%d", CDATA->cdata_id));
                if(!qd0_blind_id_copy(CDATA->id, pubkeys[CDATA->c]))
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "d0_blind_id_copy failed");
                }
                if(!qd0_blind_id_authenticate_with_private_id_start(CDATA->id, true, false, "XONOTIC", 8, data_out_p, len_out)) // len_out receives used size by this op
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_start failed");
                }
                CDATA->next_step = 5;
                data_out_p += *len_out;
                *len_out = data_out_p - data_out;
                return CRYPTO_DISCARD;
            }
            else
            {
                // session key is FINISHED (no server part is to be expected)! By this, all keys are set up
                crypto->authenticated = true;
                CDATA->next_step = 0;
                // assume we got the empty challenge to finish the protocol
                PutWithNul(&data_out_p, len_out, "challenge ");
                *len_out = data_out_p - data_out;
                --*len_out; // remove NUL terminator
                return CRYPTO_REPLACE;
            }
        }
        else if(!strcmp(cnt, "5"))
        {
            size_t fpbuflen;
            unsigned char dhkey[DHKEY_SIZE];
            int i;
 
            if(id >= 0)
                if(CDATA->cdata_id != id)
                    return Crypto_SoftClientError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\id\\%d when expecting %d", id, CDATA->cdata_id));
            if(CDATA->next_step != 5)
                return Crypto_SoftClientError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\cnt\\%s when expecting %d", cnt, CDATA->next_step));
 
            cls.connect_nextsendtime = max(cls.connect_nextsendtime, host.realtime + 1); // prevent "hammering"
 
            if(CDATA->s < 0) // only if server didn't auth
            {
                if(InfoString_GetValue(string + 4, "aes", infostringvalue, sizeof(infostringvalue)))
                    aes = atoi(infostringvalue);
                else
                    aes = false;
                if(CDATA->wantserver_idfp[0]) // if we know a host key, honor its encryption setting
                if(!aes && CDATA->wantserver_aes)
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "Stored host key requires encryption, but server did not enable encryption");
                }
                if(aes && (!d0_rijndael_dll || crypto_aeslevel.integer <= 0))
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "Server insists on encryption too hard");
                }
                if(!aes && (d0_rijndael_dll && crypto_aeslevel.integer >= 3))
                {
                    CLEAR_CDATA;
                    return Crypto_ClientError(data_out, len_out, "Server insists on plaintext too hard");
                }
                crypto->use_aes = aes != 0;
            }
 
            PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\6\\id\\%d", CDATA->cdata_id));
            if(!qd0_blind_id_authenticate_with_private_id_response(CDATA->id, data_in, len_in, data_out_p, len_out))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_response failed");
            }
            fpbuflen = DHKEY_SIZE;
            if(!qd0_blind_id_sessionkey_public_id(CDATA->id, (char *) dhkey, &fpbuflen))
            {
                CLEAR_CDATA;
                return Crypto_ClientError(data_out, len_out, "d0_blind_id_sessionkey_public_id failed");
            }
            // XOR the two DH keys together to make one
            for(i = 0; i < DHKEY_SIZE; ++i)
                crypto->dhkey[i] ^= dhkey[i];
            // session key is FINISHED! By this, all keys are set up
            crypto->authenticated = true;
            CDATA->next_step = 0;
            data_out_p += *len_out;
            *len_out = data_out_p - data_out;
            return CRYPTO_DISCARD;
        }
        return Crypto_SoftClientError(data_out, len_out, "Got unknown d0_blind_id message from server");
    }
 
    return CRYPTO_NOMATCH;
}

References crypto_t::authenticated, bound, BuffLittleLong(), CCREP_PLAYER_INFO, CCREP_RULE_INFO, CCREP_SERVER_INFO, CDATA, cdata_id, CLEAR_CDATA, crypto_t::client_idfp, crypto_t::client_issigned, crypto_t::client_keyfp, cls, client_static_t::connect_address, client_static_t::connect_nextsendtime, client_static_t::connect_trying, client_static_t::crypto, crypto_aeslevel, Crypto_ClientError(), CRYPTO_DISCARD, Crypto_LittleLong(), CRYPTO_NOMATCH, CRYPTO_REPLACE, Crypto_RetrieveHostKey(), Crypto_SoftClientError(), Crypto_StoreHostKey(), d0_blind_id_dll, D0_BOOL, d0_rijndael_dll, crypto_t::dhkey, DHKEY_SIZE, dp_strlcpy, dpsnprintf(), FP64_SIZE, GetUntilNul(), host, i, id, InfoString_GetValue(), cvar_t::integer, LHNETADDRESS_Compare(), MAKE_CDATA, max, MAX_INPUTLINE, MAX_PUBKEYS, net_sourceaddresscheck, NETFLAG_CTL, NULL, PROTOCOL_D0_BLIND_ID, PROTOCOL_VLEN, pubkeys, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, pubkeys_priv_fp64, PutWithNul(), qd0_blind_id_authenticate_with_private_id_challenge, qd0_blind_id_authenticate_with_private_id_response, qd0_blind_id_authenticate_with_private_id_start, qd0_blind_id_authenticate_with_private_id_verify, qd0_blind_id_copy, qd0_blind_id_fingerprint64_public_id, qd0_blind_id_new, qd0_blind_id_sessionkey_public_id, host_static_t::realtime, crypto_t::server_idfp, crypto_t::server_issigned, crypto_t::server_keyfp, crypto_t::use_aes, v, and va().

Referenced by NetConn_ClientParsePacket().

◆ Crypto_CloseLibrary()

static void Crypto_CloseLibrary ( void )

static

Definition at line 306 of file crypto.c.

{
    Sys_FreeLibrary (&d0_blind_id_dll);
}

References d0_blind_id_dll, and Sys_FreeLibrary().

Referenced by Crypto_Init(), and Crypto_Shutdown().

◆ Crypto_d0_createmutex()

static void * Crypto_d0_createmutex ( void )

static

Definition at line 1020 of file crypto.c.

{
    return Thread_CreateMutex();
}

References Thread_CreateMutex.

Referenced by Crypto_Init().

◆ Crypto_d0_destroymutex()

static void Crypto_d0_destroymutex ( void * m )

static

Definition at line 1025 of file crypto.c.

{
    Thread_DestroyMutex(m);
}

References Thread_DestroyMutex.

Referenced by Crypto_Init().

◆ Crypto_d0_free()

static void Crypto_d0_free ( void * p )

static

Definition at line 1015 of file crypto.c.

{
    Mem_Free(p);
}

References Mem_Free.

Referenced by Crypto_Init().

◆ Crypto_d0_lockmutex()

static int Crypto_d0_lockmutex ( void * m )

static

Definition at line 1030 of file crypto.c.

{
    return Thread_LockMutex(m);
}

References Thread_LockMutex.

Referenced by Crypto_Init().

◆ Crypto_d0_malloc()

static void * Crypto_d0_malloc ( size_t len )

static

Definition at line 1010 of file crypto.c.

{
    return Mem_Alloc(cryptomempool, len);
}

References cryptomempool, and Mem_Alloc.

Referenced by Crypto_Init().

◆ Crypto_d0_unlockmutex()

static int Crypto_d0_unlockmutex ( void * m )

static

Definition at line 1035 of file crypto.c.

{
    return Thread_UnlockMutex(m);
}

References Thread_UnlockMutex.

Referenced by Crypto_Init().

◆ Crypto_DecryptPacket()

const void * Crypto_DecryptPacket	(	crypto_t *	crypto,
		const void *	data_src,
		size_t	len_src,
		void *	data_dst,
		size_t *	len_dst,
		size_t	len )

Definition at line 1584 of file crypto.c.

{
    unsigned char h[32];
    int i;
 
    // silently handle non-crypto packets
    i = BuffBigLong((unsigned char *) data_src);
    if(
        (i == (int)0xFFFFFFFF) // avoid QW control packet
        ||
        (i == (int)0x80000000 + (int)len_src) // avoid NQ control packet
    )
        return NULL;
 
    if(crypto->authenticated)
    {
        if(crypto->use_aes)
        {
            if(len_src < 16 || ((len_src - 16) % 16))
            {
                Con_Printf("Crypto_DecryptPacket failed (not enough space: %d bytes in, %d bytes out)\n", (int) len_src, (int) len);
                return NULL;
            }
            *len_dst = len_src - ((unsigned char *) data_src)[0];
            if(len < *len_dst || *len_dst > len_src - 16)
            {
                Con_Printf("Crypto_DecryptPacket failed (not enough space: %d bytes in, %d->%d bytes out)\n", (int) len_src, (int) *len_dst, (int) len);
                return NULL;
            }
            seacpy(crypto->dhkey, (unsigned char *) data_src, (unsigned char *) data_dst, ((const unsigned char *) data_src) + 16, *len_dst);
            //                    IV                          dst                         src                                      len
            if(!HMAC_SHA256_32BYTES(h, (const unsigned char *) data_dst, (int)*len_dst, crypto->dhkey, DHKEY_SIZE))
            {
                Con_Printf("HMAC fail\n");
                return NULL;
            }
            if(memcmp(((const unsigned char *) data_src)+1, h, 15)) // ignore first byte, used for length
            {
                Con_Printf("HMAC mismatch\n");
                return NULL;
            }
            if(developer_networking.integer)
            {
                Con_Print("Decrypted:\n");
                Com_HexDumpToConsole((const unsigned char *) data_dst, (int)*len_dst);
            }
            return data_dst; // no need to copy
        }
        else
        {
            if(len_src < 16)
            {
                Con_Printf("Crypto_DecryptPacket failed (not enough space: %d bytes in, %d bytes out)\n", (int) len_src, (int) len);
                return NULL;
            }
            *len_dst = len_src - 16;
            if(len < *len_dst)
            {
                Con_Printf("Crypto_DecryptPacket failed (not enough space: %d bytes in, %d->%d bytes out)\n", (int) len_src, (int) *len_dst, (int) len);
                return NULL;
            }
            //memcpy(data_dst, data_src + 16, *len_dst);
            if(!HMAC_SHA256_32BYTES(h, ((const unsigned char *) data_src) + 16, (int)*len_dst, crypto->dhkey, DHKEY_SIZE))
            {
                Con_Printf("HMAC fail\n");
                Com_HexDumpToConsole((const unsigned char *) data_src, (int)len_src);
                return NULL;
            }
 
            if(memcmp((const unsigned char *) data_src, h, 16)) // ignore first byte, used for length
            {
                // undo the "avoid conditions"
                if(
                        (i == (int)0x7FFFFFFF) // avoided QW control packet
                        ||
                        (i == (int)0x00000000 + (int)len_src) // avoided NQ control packet
                  )
                {
                    // do the avoidance on the hash too
                    h[0] ^= 0x80;
                    if(memcmp((const unsigned char *) data_src, h, 16)) // ignore first byte, used for length
                    {
                        Con_Printf("HMAC mismatch\n");
                        Com_HexDumpToConsole((const unsigned char *) data_src, (int)len_src);
                        return NULL;
                    }
                }
                else
                {
                    Con_Printf("HMAC mismatch\n");
                    Com_HexDumpToConsole((const unsigned char *) data_src, (int)len_src);
                    return NULL;
                }
            }
            return ((const unsigned char *) data_src) + 16; // no need to copy, so data_dst is not used
        }
    }
    else
    {
        *len_dst = len_src;
        return data_src;
    }
}

References crypto_t::authenticated, BuffBigLong(), Com_HexDumpToConsole(), Con_Print(), Con_Printf(), developer_networking, crypto_t::dhkey, DHKEY_SIZE, HMAC_SHA256_32BYTES, i, cvar_t::integer, NULL, seacpy(), and crypto_t::use_aes.

Referenced by NetConn_ReceivedMessage().

◆ Crypto_EncryptPacket()

const void * Crypto_EncryptPacket	(	crypto_t *	crypto,
		const void *	data_src,
		size_t	len_src,
		void *	data_dst,
		size_t *	len_dst,
		size_t	len )

Definition at line 1527 of file crypto.c.

{
    unsigned char h[32];
    int i;
    if(crypto->authenticated)
    {
        if(crypto->use_aes)
        {
            // AES packet = 1 byte length overhead, 15 bytes from HMAC-SHA-256, data, 0..15 bytes padding
            // 15 bytes HMAC-SHA-256 (112bit) suffice as the attacker can't do more than forge a random-looking packet
            // HMAC is needed to not leak information about packet content
            if(developer_networking.integer)
            {
                Con_Print("To be encrypted:\n");
                Com_HexDumpToConsole((const unsigned char *) data_src, (int)len_src);
            }
            if(len_src + 32 > len || !HMAC_SHA256_32BYTES(h, (const unsigned char *) data_src, (int)len_src, crypto->dhkey, DHKEY_SIZE))
            {
                Con_Printf("Crypto_EncryptPacket failed (not enough space: %d bytes in, %d bytes out)\n", (int) len_src, (int) len);
                return NULL;
            }
            *len_dst = ((len_src + 15) / 16) * 16 + 16; // add 16 for HMAC, then round to 16-size for AES
            ((unsigned char *) data_dst)[0] = (unsigned char)(*len_dst - len_src);
            memcpy(((unsigned char *) data_dst)+1, h, 15);
            aescpy(crypto->dhkey, (const unsigned char *) data_dst, ((unsigned char *) data_dst) + 16, (const unsigned char *) data_src, len_src);
            //                    IV                                dst                                src                               len
        }
        else
        {
            // HMAC packet = 16 bytes HMAC-SHA-256 (truncated to 128 bits), data
            if(len_src + 16 > len || !HMAC_SHA256_32BYTES(h, (const unsigned char *) data_src, (int)len_src, crypto->dhkey, DHKEY_SIZE))
            {
                Con_Printf("Crypto_EncryptPacket failed (not enough space: %d bytes in, %d bytes out)\n", (int) len_src, (int) len);
                return NULL;
            }
            *len_dst = len_src + 16;
            memcpy(data_dst, h, 16);
            memcpy(((unsigned char *) data_dst) + 16, (unsigned char *) data_src, len_src);
 
            // handle the "avoid" conditions:
            i = BuffBigLong((unsigned char *) data_dst);
            if(
                (i == (int)0xFFFFFFFF) // avoid QW control packet
                ||
                (i == (int)0x80000000 + (int)*len_dst) // avoid NQ control packet
            )
                *(unsigned char *)data_dst ^= 0x80; // this will ALWAYS fix it
        }
        return data_dst;
    }
    else
    {
        *len_dst = len_src;
        return data_src;
    }
}

References aescpy(), crypto_t::authenticated, BuffBigLong(), Com_HexDumpToConsole(), Con_Print(), Con_Printf(), developer_networking, crypto_t::dhkey, DHKEY_SIZE, HMAC_SHA256_32BYTES, i, cvar_t::integer, NULL, and crypto_t::use_aes.

Referenced by NetConn_ReceivedMessage(), and NetConn_SendUnreliableMessage().

◆ Crypto_FinishInstance()

qbool Crypto_FinishInstance	(	crypto_t *	out,
		crypto_t *	crypto )

Definition at line 558 of file crypto.c.

{
    // no check needed here (returned pointers are only used in prefilled fields)
    if(!crypto || !crypto->authenticated)
    {
        Con_Printf("Passed an invalid crypto connect instance\n");
        memset(out, 0, sizeof(*out));
        return false;
    }
    CLEAR_CDATA;
    memcpy(out, crypto, sizeof(*out));
    memset(crypto, 0, sizeof(*crypto));
    return true;
}

References crypto_t::authenticated, CLEAR_CDATA, and Con_Printf().

Referenced by NetConn_ConnectionEstablished(), and NetConn_ServerParsePacket().

◆ Crypto_GetInfoResponseDataString()

const char * Crypto_GetInfoResponseDataString ( void )

Definition at line 1689 of file crypto.c.

{
    crypto_idstring_buf[0] = '0' + crypto_aeslevel.integer;
    return crypto_idstring;
}

References crypto_aeslevel, crypto_idstring, crypto_idstring_buf, and cvar_t::integer.

Referenced by NetConn_BuildStatusResponse().

◆ Crypto_HostKey_Clear_f()

static void Crypto_HostKey_Clear_f ( cmd_state_t * cmd )

static

Definition at line 1428 of file crypto.c.

{
    lhnetaddress_t addr;
    int i;
 
    if(!d0_blind_id_dll)
    {
        Con_Print("libd0_blind_id DLL not found, this command is inactive.\n");
        return;
    }
 
    for(i = 1; i < Cmd_Argc(cmd); ++i)
    {
        LHNETADDRESS_FromString(&addr, Cmd_Argv(cmd, i), 26000);
        if(Crypto_ClearHostKey(&addr))
        {
            Con_Printf("cleared host key for %s\n", Cmd_Argv(cmd, i));
        }
    }
}

References addr, cmd(), Cmd_Argc(), Cmd_Argv(), Con_Print(), Con_Printf(), Crypto_ClearHostKey(), d0_blind_id_dll, i, and LHNETADDRESS_FromString().

Referenced by Crypto_Init_Commands().

◆ Crypto_HostKeys_f()

static void Crypto_HostKeys_f ( cmd_state_t * cmd )

static

Definition at line 1403 of file crypto.c.

{
    int i;
    crypto_storedhostkey_t *hk;
    char buf[128];
 
    if(!d0_blind_id_dll)
    {
        Con_Print("libd0_blind_id DLL not found, this command is inactive.\n");
        return;
    }
    for(i = 0; i < CRYPTO_HOSTKEY_HASHSIZE; ++i)
    {
        for(hk = crypto_storedhostkey_hashtable[i]; hk; hk = hk->next)
        {
            LHNETADDRESS_ToString(&hk->addr, buf, sizeof(buf), 1);
            Con_Printf("%d %s@%.*s %s\n",
                    hk->aeslevel,
                    hk->idfp,
                    crypto_keyfp_recommended_length, pubkeys_fp64[hk->keyid],
                    buf);
        }
    }
}

References crypto_storedhostkey_t::addr, crypto_storedhostkey_t::aeslevel, buf, Con_Print(), Con_Printf(), CRYPTO_HOSTKEY_HASHSIZE, crypto_keyfp_recommended_length, crypto_storedhostkey_hashtable, d0_blind_id_dll, i, crypto_storedhostkey_t::idfp, crypto_storedhostkey_t::keyid, LHNETADDRESS_ToString(), crypto_storedhostkey_t::next, and pubkeys_fp64.

Referenced by Crypto_Init_Commands().

◆ Crypto_Init()

void Crypto_Init ( void )

Definition at line 1072 of file crypto.c.

{
    cryptomempool = Mem_AllocPool("crypto", 0, NULL);
 
    if(!Crypto_OpenLibrary())
        return;
 
    qd0_blind_id_setmallocfuncs(Crypto_d0_malloc, Crypto_d0_free);
    if (Thread_HasThreads())
        qd0_blind_id_setmutexfuncs(Crypto_d0_createmutex, Crypto_d0_destroymutex, Crypto_d0_lockmutex, Crypto_d0_unlockmutex);
 
    if(!qd0_blind_id_INITIALIZE())
    {
        Crypto_Rijndael_CloseLibrary();
        Crypto_CloseLibrary();
        Con_Printf("libd0_blind_id initialization FAILED, cryptography support has been disabled\n");
        return;
    }
 
    (void) Crypto_Rijndael_OpenLibrary(); // if this fails, it's uncritical
 
    Crypto_InitHostKeys();
}

References Con_Printf(), Crypto_CloseLibrary(), Crypto_d0_createmutex(), Crypto_d0_destroymutex(), Crypto_d0_free(), Crypto_d0_lockmutex(), Crypto_d0_malloc(), Crypto_d0_unlockmutex(), Crypto_InitHostKeys(), Crypto_OpenLibrary(), Crypto_Rijndael_CloseLibrary(), Crypto_Rijndael_OpenLibrary(), cryptomempool, Mem_AllocPool, NULL, qd0_blind_id_INITIALIZE, qd0_blind_id_setmallocfuncs, qd0_blind_id_setmutexfuncs, Thread_HasThreads(), and void().

Referenced by Host_Init().

◆ Crypto_Init_Commands()

void Crypto_Init_Commands ( void )

Definition at line 1449 of file crypto.c.

{
    if(d0_blind_id_dll)
    {
        Cmd_AddCommand(CF_SHARED, "crypto_reload", Crypto_Reload_f, "reloads cryptographic keys");
        Cmd_AddCommand(CF_SHARED, "crypto_keygen", Crypto_KeyGen_f, "generates and saves a cryptographic key");
        Cmd_AddCommand(CF_SHARED, "crypto_keys", Crypto_Keys_f, "lists the loaded keys");
        Cmd_AddCommand(CF_SHARED, "crypto_hostkeys", Crypto_HostKeys_f, "lists the cached host keys");
        Cmd_AddCommand(CF_SHARED, "crypto_hostkey_clear", Crypto_HostKey_Clear_f, "clears a cached host key");
 
        Cvar_RegisterVariable(&crypto_developer);
        if(d0_rijndael_dll)
            Cvar_RegisterVariable(&crypto_aeslevel);
        else
            crypto_aeslevel.integer = 0; // make sure
        Cvar_RegisterVariable(&crypto_servercpupercent);
        Cvar_RegisterVariable(&crypto_servercpumaxtime);
        Cvar_RegisterVariable(&crypto_servercpudebug);
    }
}

References CF_SHARED, Cmd_AddCommand(), crypto_aeslevel, crypto_developer, Crypto_HostKey_Clear_f(), Crypto_HostKeys_f(), Crypto_KeyGen_f(), Crypto_Keys_f(), Crypto_Reload_f(), crypto_servercpudebug, crypto_servercpumaxtime, crypto_servercpupercent, Cvar_RegisterVariable(), d0_blind_id_dll, d0_rijndael_dll, and cvar_t::integer.

Referenced by Host_Init().

◆ Crypto_InitHostKeys()

static void Crypto_InitHostKeys ( void )

static

Definition at line 591 of file crypto.c.

{
    int i;
    for(i = 0; i < CRYPTO_HOSTKEY_HASHSIZE; ++i)
        crypto_storedhostkey_hashtable[i] = NULL;
}

References CRYPTO_HOSTKEY_HASHSIZE, crypto_storedhostkey_hashtable, i, and NULL.

Referenced by Crypto_Init().

◆ Crypto_KeyGen_f()

static void Crypto_KeyGen_f ( cmd_state_t * cmd )

static

Definition at line 1217 of file crypto.c.

{
    int i;
    const char *p[1];
    size_t l[1];
    static char buf[8192];
    static char buf2[8192];
    size_t buf2size;
    size_t buf2l, buf2pos;
    char vabuf[1024];
    size_t len2;
    qfile_t *f = NULL;
 
    if(!d0_blind_id_dll)
    {
        Con_Print("libd0_blind_id DLL not found, this command is inactive.\n");
        return;
    }
    if(Cmd_Argc(cmd) != 3)
    {
        Con_Printf("usage:\n%s id url\n", Cmd_Argv(cmd, 0));
        return;
    }
    SV_LockThreadMutex();
    Crypto_LoadKeys();
    i = atoi(Cmd_Argv(cmd, 1));
    if(!pubkeys[i])
    {
        Con_Printf("there is no public key %d\n", i);
        SV_UnlockThreadMutex();
        return;
    }
    if(keygen_i >= 0)
    {
        Con_Printf("there is already a keygen run on the way\n");
        SV_UnlockThreadMutex();
        return;
    }
    keygen_i = i;
 
    // how to START the keygenning...
    if(pubkeys_havepriv[keygen_i])
    {
        if(pubkeys_havesig[keygen_i])
        {
            Con_Printf("there is already a signed private key for %d\n", i);
            keygen_i = -1;
            SV_UnlockThreadMutex();
            return;
        }
        // if we get here, we only need a signature, no new keygen run needed
        Con_Printf("Only need a signature for an existing key...\n");
    }
    else
    {
        // we also need a new ID itself
        if(!qd0_blind_id_generate_private_id_start(pubkeys[keygen_i]))
        {
            Con_Printf("d0_blind_id_start failed\n");
            keygen_i = -1;
            SV_UnlockThreadMutex();
            return;
        }
        // verify the key we just got (just in case)
        if(!qd0_blind_id_verify_private_id(pubkeys[keygen_i]))
        {
            Con_Printf("d0_blind_id_verify_private_id failed\n");
            keygen_i = -1;
            SV_UnlockThreadMutex();
            return;
        }
        // we have a valid key now!
        // make the rest of crypto.c know that
        len2 = FP64_SIZE;
        if(qd0_blind_id_fingerprint64_public_id(pubkeys[keygen_i], pubkeys_priv_fp64[keygen_i], &len2)) // keeps final NUL
        {
            Con_Printf("Generated private ID key_%d.d0pk (public key fingerprint: %s)\n", keygen_i, pubkeys_priv_fp64[keygen_i]);
            pubkeys_havepriv[keygen_i] = true;
            dp_strlcat(crypto_idstring_buf, va(vabuf, sizeof(vabuf), " %s@%s", pubkeys_priv_fp64[keygen_i], pubkeys_fp64[keygen_i]), sizeof(crypto_idstring_buf));
            crypto_idstring = crypto_idstring_buf;
            Crypto_BuildChallengeAppend();
        }
        // write the key to disk
        p[0] = buf;
        l[0] = sizeof(buf);
        if(!qd0_blind_id_write_private_id(pubkeys[keygen_i], buf, &l[0]))
        {
            Con_Printf("d0_blind_id_write_private_id failed\n");
            keygen_i = -1;
            SV_UnlockThreadMutex();
            return;
        }
        if(!(buf2size = Crypto_UnParsePack(buf2, sizeof(buf2), FOURCC_D0SI, p, l, 1)))
        {
            Con_Printf("Crypto_UnParsePack failed\n");
            keygen_i = -1;
            SV_UnlockThreadMutex();
            return;
        }
 
        FS_CreatePath(va(vabuf, sizeof(vabuf), "%skey_%d.d0si%s", *fs_userdir ? fs_userdir : fs_basedir, keygen_i, sessionid.string));
        f = FS_SysOpen(va(vabuf, sizeof(vabuf), "%skey_%d.d0si%s", *fs_userdir ? fs_userdir : fs_basedir, keygen_i, sessionid.string), "wb", false);
        if(!f)
        {
            Con_Printf("Cannot open key_%d.d0si%s\n", keygen_i, sessionid.string);
            keygen_i = -1;
            SV_UnlockThreadMutex();
            return;
        }
        FS_Write(f, buf2, buf2size);
        FS_Close(f);
 
        Crypto_SavePubKeyTextFile(keygen_i);
 
        Con_Printf("Saved unsigned key to key_%d.d0si%s\n", keygen_i, sessionid.string);
    }
    p[0] = buf;
    l[0] = sizeof(buf);
    if(!qd0_blind_id_generate_private_id_request(pubkeys[keygen_i], buf, &l[0]))
    {
        Con_Printf("d0_blind_id_generate_private_id_request failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    buf2pos = strlen(Cmd_Argv(cmd, 2));
    memcpy(buf2, Cmd_Argv(cmd, 2), buf2pos);
    if(!(buf2l = Crypto_UnParsePack(buf2 + buf2pos, sizeof(buf2) - buf2pos - 1, FOURCC_D0IQ, p, l, 1)))
    {
        Con_Printf("Crypto_UnParsePack failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    if(!(buf2l = base64_encode((unsigned char *) (buf2 + buf2pos), buf2l, sizeof(buf2) - buf2pos - 1)))
    {
        Con_Printf("base64_encode failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    buf2l += buf2pos;
    buf2[buf2l] = 0;
    if(!Curl_Begin_ToMemory(buf2, 0, (unsigned char *) keygen_buf, sizeof(keygen_buf), Crypto_KeyGen_Finished, NULL))
    {
        Con_Printf("curl failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    Con_Printf("Signature generation in progress...\n");
    SV_UnlockThreadMutex();
}

References base64_encode(), buf, cmd(), Cmd_Argc(), Cmd_Argv(), Con_Print(), Con_Printf(), Crypto_BuildChallengeAppend(), crypto_idstring, crypto_idstring_buf, Crypto_KeyGen_Finished(), Crypto_LoadKeys(), Crypto_SavePubKeyTextFile(), Crypto_UnParsePack(), Curl_Begin_ToMemory(), d0_blind_id_dll, dp_strlcat, f, FOURCC_D0IQ, FOURCC_D0SI, FP64_SIZE, fs_basedir, FS_Close(), FS_CreatePath(), FS_SysOpen(), fs_userdir, FS_Write(), i, keygen_buf, keygen_i, NULL, pubkeys, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, pubkeys_priv_fp64, qd0_blind_id_fingerprint64_public_id, qd0_blind_id_generate_private_id_request, qd0_blind_id_generate_private_id_start, qd0_blind_id_verify_private_id, qd0_blind_id_write_private_id, sessionid, cvar_t::string, strlen(), SV_LockThreadMutex, SV_UnlockThreadMutex, and va().

Referenced by Crypto_Init_Commands().

◆ Crypto_KeyGen_Finished()

static void Crypto_KeyGen_Finished	(	int	code,
		size_t	length_received,
		unsigned char *	buffer,
		void *	cbdata )

static

Definition at line 1105 of file crypto.c.

{
    const char *p[1];
    size_t l[1];
    static char buf[8192];
    static char buf2[8192];
    size_t buf2size;
    qfile_t *f = NULL;
    D0_BOOL status;
    char vabuf[1024];
 
    SV_LockThreadMutex();
 
    if(!d0_blind_id_dll)
    {
        Con_Print("libd0_blind_id DLL not found, this command is inactive.\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
 
    if(keygen_i < 0)
    {
        Con_Printf("Unexpected response from keygen server:\n");
        Com_HexDumpToConsole(buffer, (int)length_received);
        SV_UnlockThreadMutex();
        return;
    }
    if(keygen_i >= MAX_PUBKEYS || !pubkeys[keygen_i])
    {
        Con_Printf("overflow of keygen_i\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    if(!Crypto_ParsePack((const char *) buffer, length_received, FOURCC_D0IR, p, l, 1))
    {
        if(length_received >= 5 && Crypto_LittleLong((const char *) buffer) == FOURCC_D0ER)
        {
            Con_Printf(CON_ERROR "Error response from keygen server: %.*s\n", (int)(length_received - 5), buffer + 5);
        }
        else
        {
            Con_Printf(CON_ERROR "Invalid response from keygen server:\n");
            Com_HexDumpToConsole(buffer, (int)length_received);
        }
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    if(!qd0_blind_id_finish_private_id_request(pubkeys[keygen_i], p[0], l[0]))
    {
        Con_Printf("d0_blind_id_finish_private_id_request failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
 
    // verify the key we just got (just in case)
    if(!qd0_blind_id_verify_public_id(pubkeys[keygen_i], &status) || !status)
    {
        Con_Printf("d0_blind_id_verify_public_id failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
 
    // we have a valid key now!
    // make the rest of crypto.c know that
    Con_Printf("Received signature for private ID key_%d.d0pk (public key fingerprint: %s)\n", keygen_i, pubkeys_priv_fp64[keygen_i]);
    pubkeys_havesig[keygen_i] = true;
 
    // write the key to disk
    p[0] = buf;
    l[0] = sizeof(buf);
    if(!qd0_blind_id_write_private_id(pubkeys[keygen_i], buf, &l[0]))
    {
        Con_Printf("d0_blind_id_write_private_id failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    if(!(buf2size = Crypto_UnParsePack(buf2, sizeof(buf2), FOURCC_D0SI, p, l, 1)))
    {
        Con_Printf("Crypto_UnParsePack failed\n");
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
 
    FS_CreatePath(va(vabuf, sizeof(vabuf), "%skey_%d.d0si%s", *fs_userdir ? fs_userdir : fs_basedir, keygen_i, sessionid.string));
    f = FS_SysOpen(va(vabuf, sizeof(vabuf), "%skey_%d.d0si%s", *fs_userdir ? fs_userdir : fs_basedir, keygen_i, sessionid.string), "wb", false);
    if(!f)
    {
        Con_Printf("Cannot open key_%d.d0si%s\n", keygen_i, sessionid.string);
        keygen_i = -1;
        SV_UnlockThreadMutex();
        return;
    }
    FS_Write(f, buf2, buf2size);
    FS_Close(f);
 
    Crypto_SavePubKeyTextFile(keygen_i);
 
    Con_Printf("Saved to key_%d.d0si%s\n", keygen_i, sessionid.string);
 
    Crypto_BuildIdString();
 
    keygen_i = -1;
    SV_UnlockThreadMutex();
}

References buf, buffer, Com_HexDumpToConsole(), CON_ERROR, Con_Print(), Con_Printf(), Crypto_BuildIdString(), Crypto_LittleLong(), Crypto_ParsePack(), Crypto_SavePubKeyTextFile(), Crypto_UnParsePack(), d0_blind_id_dll, D0_BOOL, f, FOURCC_D0ER, FOURCC_D0IR, FOURCC_D0SI, fs_basedir, FS_Close(), FS_CreatePath(), FS_SysOpen(), fs_userdir, FS_Write(), keygen_i, MAX_PUBKEYS, NULL, pubkeys, pubkeys_havesig, pubkeys_priv_fp64, qd0_blind_id_finish_private_id_request, qd0_blind_id_verify_public_id, qd0_blind_id_write_private_id, sessionid, cvar_t::string, SV_LockThreadMutex, SV_UnlockThreadMutex, and va().

Referenced by Crypto_KeyGen_f().

◆ Crypto_Keys_f()

static void Crypto_Keys_f ( cmd_state_t * cmd )

static

Definition at line 1380 of file crypto.c.

{
    int i;
    if(!d0_blind_id_dll)
    {
        Con_Print("libd0_blind_id DLL not found, this command is inactive.\n");
        return;
    }
    for(i = 0; i < MAX_PUBKEYS; ++i)
    {
        if(pubkeys[i])
        {
            Con_Printf("%2d: public key key_%d.d0pk (fingerprint: %s)\n", i, i, pubkeys_fp64[i]);
            if(pubkeys_havepriv[i])
            {
                Con_Printf("    private ID key_%d.d0si%s (public key fingerprint: %s)\n", i, sessionid.string, pubkeys_priv_fp64[i]);
                if(!pubkeys_havesig[i])
                    Con_Printf("    NOTE: this ID has not yet been signed!\n");
            }
        }
    }
}

References Con_Print(), Con_Printf(), d0_blind_id_dll, i, MAX_PUBKEYS, pubkeys, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, pubkeys_priv_fp64, sessionid, and cvar_t::string.

Referenced by Crypto_Init_Commands().

◆ Crypto_LittleLong()

static unsigned long Crypto_LittleLong ( const char * data )

static

Definition at line 59 of file crypto.c.

{
    return
        ((unsigned char) data[0]) |
        (((unsigned char) data[1]) << 8) |
        (((unsigned char) data[2]) << 16) |
        (((unsigned char) data[3]) << 24);
}

References data.

Referenced by Crypto_ClientParsePacket(), Crypto_KeyGen_Finished(), and Crypto_ParsePack().

◆ Crypto_LoadFile()

static size_t Crypto_LoadFile	(	const char *	path,
		char *	buf,
		size_t	nmax,
		qbool	inuserdir )

static

Definition at line 388 of file crypto.c.

{
    char vabuf[1024];
    qfile_t *f = NULL;
    fs_offset_t n;
    if(inuserdir)
        f = FS_SysOpen(va(vabuf, sizeof(vabuf), "%s%s", *fs_userdir ? fs_userdir : fs_basedir, path), "rb", false);
    else
        f = FS_SysOpen(va(vabuf, sizeof(vabuf), "%s%s", fs_basedir, path), "rb", false);
    if(!f)
        return 0;
    n = FS_Read(f, buf, nmax);
    if(n < 0)
        n = 0;
    FS_Close(f);
    return (size_t) n;
}

References buf, f, fs_basedir, FS_Close(), FS_Read(), FS_SysOpen(), fs_userdir, n, NULL, and va().

Referenced by Crypto_LoadKeys().

◆ Crypto_LoadKeys()

void Crypto_LoadKeys ( void )

Definition at line 855 of file crypto.c.

{
    char buf[8192];
    size_t len, len2;
    int i;
    char vabuf[1024];
 
    if(!d0_blind_id_dll) // don't if we can't
        return;
 
    if(crypto_idstring) // already loaded? then not
        return;
 
    Host_LockSession(); // we use the session ID here
 
    // load keys
    // note: we are just a CLIENT
    // so we load:
    //   PUBLIC KEYS to accept (including modulus)
    //   PRIVATE KEY of user
 
    for(i = 0; i < MAX_PUBKEYS; ++i)
    {
        memset(pubkeys_fp64[i], 0, sizeof(pubkeys_fp64[i]));
        memset(pubkeys_priv_fp64[i], 0, sizeof(pubkeys_fp64[i]));
        pubkeys_havepriv[i] = false;
        pubkeys_havesig[i] = false;
        len = Crypto_LoadFile(va(vabuf, sizeof(vabuf), "key_%d.d0pk", i), buf, sizeof(buf), false);
        if((pubkeys[i] = Crypto_ReadPublicKey(buf, len)))
        {
            len2 = FP64_SIZE;
            if(qd0_blind_id_fingerprint64_public_key(pubkeys[i], pubkeys_fp64[i], &len2)) // keeps final NUL
            {
                Con_Printf("Loaded public key key_%d.d0pk (fingerprint: %s)\n", i, pubkeys_fp64[i]);
                len = Crypto_LoadFile(va(vabuf, sizeof(vabuf), "key_%d.d0si%s", i, sessionid.string), buf, sizeof(buf), true);
                if(len)
                {
                    if(Crypto_AddPrivateKey(pubkeys[i], buf, len))
                    {
                        len2 = FP64_SIZE;
                        if(qd0_blind_id_fingerprint64_public_id(pubkeys[i], pubkeys_priv_fp64[i], &len2)) // keeps final NUL
                        {
                            D0_BOOL status = 0;
 
                            Con_Printf("Loaded private ID key_%d.d0si%s for key_%d.d0pk (public key fingerprint: %s)\n", i, sessionid.string, i, pubkeys_priv_fp64[i]);
 
                            // verify the key we just loaded (just in case)
                            if(qd0_blind_id_verify_private_id(pubkeys[i]) && qd0_blind_id_verify_public_id(pubkeys[i], &status))
                            {
                                pubkeys_havepriv[i] = true;
                                pubkeys_havesig[i] = status;
 
                                // verify the key we just got (just in case)
                                if(!status)
                                    Con_Printf("NOTE: this ID has not yet been signed!\n");
 
                                Crypto_SavePubKeyTextFile(i);
                            }
                            else
                            {
                                Con_Printf("d0_blind_id_verify_private_id failed, this is not a valid key!\n");
                                qd0_blind_id_free(pubkeys[i]);
                                pubkeys[i] = NULL;
                            }
                        }
                        else
                        {
                            Con_Printf("d0_blind_id_fingerprint64_public_id failed\n");
                            qd0_blind_id_free(pubkeys[i]);
                            pubkeys[i] = NULL;
                        }
                    }
                }
            }
            else
            {
                // can't really happen
                qd0_blind_id_free(pubkeys[i]);
                pubkeys[i] = NULL;
            }
        }
    }
 
    keygen_i = -1;
    Crypto_BuildIdString();
    Crypto_BuildChallengeAppend();
 
    // find a good prefix length for all the keys we know (yes, algorithm is not perfect yet, may yield too long prefix length)
    crypto_keyfp_recommended_length = 0;
    memset(buf+256, 0, MAX_PUBKEYS + MAX_PUBKEYS);
    while(crypto_keyfp_recommended_length < FP64_SIZE)
    {
        memset(buf, 0, 256);
        for(i = 0; i < MAX_PUBKEYS; ++i)
            if(pubkeys[i])
            {
                if(!buf[256 + i])
                    ++buf[(unsigned char) pubkeys_fp64[i][crypto_keyfp_recommended_length]];
                if(pubkeys_havepriv[i])
                    if(!buf[256 + MAX_PUBKEYS + i])
                        ++buf[(unsigned char) pubkeys_priv_fp64[i][crypto_keyfp_recommended_length]];
            }
        for(i = 0; i < MAX_PUBKEYS; ++i)
            if(pubkeys[i])
            {
                if(!buf[256 + i])
                    if(buf[(unsigned char) pubkeys_fp64[i][crypto_keyfp_recommended_length]] < 2)
                        buf[256 + i] = 1;
                if(pubkeys_havepriv[i])
                    if(!buf[256 + MAX_PUBKEYS + i])
                        if(buf[(unsigned char) pubkeys_priv_fp64[i][crypto_keyfp_recommended_length]] < 2)
                            buf[256 + MAX_PUBKEYS + i] = 1;
            }
        ++crypto_keyfp_recommended_length;
        for(i = 0; i < MAX_PUBKEYS; ++i)
            if(pubkeys[i])
            {
                if(!buf[256 + i])
                    break;
                if(pubkeys_havepriv[i])
                    if(!buf[256 + MAX_PUBKEYS + i])
                        break;
            }
        if(i >= MAX_PUBKEYS)
            break;
    }
    if(crypto_keyfp_recommended_length < 7)
        crypto_keyfp_recommended_length = 7;
}

References buf, Con_Printf(), Crypto_AddPrivateKey(), Crypto_BuildChallengeAppend(), Crypto_BuildIdString(), crypto_idstring, crypto_keyfp_recommended_length, Crypto_LoadFile(), Crypto_ReadPublicKey(), Crypto_SavePubKeyTextFile(), d0_blind_id_dll, D0_BOOL, FP64_SIZE, Host_LockSession(), i, keygen_i, MAX_PUBKEYS, NULL, pubkeys, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, pubkeys_priv_fp64, qd0_blind_id_fingerprint64_public_id, qd0_blind_id_fingerprint64_public_key, qd0_blind_id_free, qd0_blind_id_verify_private_id, qd0_blind_id_verify_public_id, sessionid, cvar_t::string, and va().

Referenced by Crypto_KeyGen_f(), Crypto_Reload_f(), NetConn_OpenClientPorts(), NetConn_OpenServerPorts(), and PRVM_Prog_Load().

◆ Crypto_OpenLibrary()

static qbool Crypto_OpenLibrary ( void )

static

Definition at line 283 of file crypto.c.

{
    const char* dllnames [] =
    {
#if defined(WIN32)
        "libd0_blind_id-0.dll",
#elif defined(MACOSX)
        "libd0_blind_id.0.dylib",
#else
        "libd0_blind_id.so.0",
        "libd0_blind_id.so", // FreeBSD
#endif
        NULL
    };
 
    // Already loaded?
    if (d0_blind_id_dll)
        return true;
 
    // Load the DLL
    return Sys_LoadDependency (dllnames, &d0_blind_id_dll, d0_blind_id_funcs);
}

References d0_blind_id_dll, d0_blind_id_funcs, NULL, and Sys_LoadDependency().

Referenced by Crypto_Init().

◆ Crypto_ParsePack()

static size_t Crypto_ParsePack	(	const char *	buf,
		size_t	len,
		unsigned long	header,
		const char **	lumps,
		size_t *	lumpsize,
		size_t	nlumps )

static

Definition at line 76 of file crypto.c.

{
    size_t i;
    size_t pos;
    pos = 0;
    if(header)
    {
        if(len < 4)
            return 0;
        if(Crypto_LittleLong(buf) != header)
            return 0;
        pos += 4;
    }
    for(i = 0; i < nlumps; ++i)
    {
        if(pos + 4 > len)
            return 0;
        lumpsize[i] = Crypto_LittleLong(&buf[pos]);
        pos += 4;
        if(pos + lumpsize[i] > len)
            return 0;
        lumps[i] = &buf[pos];
        pos += lumpsize[i];
    }
    return pos;
}

References buf, Crypto_LittleLong(), and i.

Referenced by Crypto_AddPrivateKey(), Crypto_KeyGen_Finished(), and Crypto_ReadPublicKey().

◆ Crypto_ReadPublicKey()

static d0_blind_id_t * Crypto_ReadPublicKey	(	char *	buf,
		size_t	len )

static

Definition at line 450 of file crypto.c.

{
    d0_blind_id_t *pk = NULL;
    const char *p[2];
    size_t l[2];
    if(Crypto_ParsePack(buf, len, FOURCC_D0PK, p, l, 2))
    {
        pk = qd0_blind_id_new();
        if(pk)
            if(qd0_blind_id_read_public_key(pk, p[0], l[0]))
                if(qd0_blind_id_read_private_id_modulus(pk, p[1], l[1]))
                    return pk;
    }
    if(pk)
        qd0_blind_id_free(pk);
    return NULL;
}

References buf, Crypto_ParsePack(), FOURCC_D0PK, NULL, qd0_blind_id_free, qd0_blind_id_new, qd0_blind_id_read_private_id_modulus, and qd0_blind_id_read_public_key.

Referenced by Crypto_LoadKeys().

◆ Crypto_Reload_f()

static void Crypto_Reload_f ( cmd_state_t * cmd )

static

Definition at line 1373 of file crypto.c.

{
    Crypto_ClearHostKeys();
    Crypto_UnloadKeys();
    Crypto_LoadKeys();
}

References Crypto_ClearHostKeys(), Crypto_LoadKeys(), and Crypto_UnloadKeys().

Referenced by Crypto_Init_Commands().

◆ Crypto_RetrieveHostKey()

qbool Crypto_RetrieveHostKey	(	lhnetaddress_t *	peeraddress,
		int *	keyid,
		char *	keyfp,
		size_t	keyfplen,
		char *	idfp,
		size_t	idfplen,
		int *	aeslevel,
		qbool *	issigned )

Definition at line 734 of file crypto.c.

{
    char buf[128];
    int hashindex;
    crypto_storedhostkey_t *hk;
 
    if(!d0_blind_id_dll)
        return false;
 
    LHNETADDRESS_ToString(peeraddress, buf, sizeof(buf), 1);
    hashindex = CRC_Block((const unsigned char *) buf, strlen(buf)) % CRYPTO_HOSTKEY_HASHSIZE;
    for(hk = crypto_storedhostkey_hashtable[hashindex]; hk && LHNETADDRESS_Compare(&hk->addr, peeraddress); hk = hk->next);
 
    if(!hk)
        return false;
 
    if(keyid)
        *keyid = hk->keyid;
    if(keyfp)
        dp_strlcpy(keyfp, pubkeys_fp64[hk->keyid], keyfplen);
    if(idfp)
        dp_strlcpy(idfp, hk->idfp, idfplen);
    if(aeslevel)
        *aeslevel = hk->aeslevel;
    if(issigned)
        *issigned = hk->issigned;
 
    return true;
}

References crypto_storedhostkey_t::addr, crypto_storedhostkey_t::aeslevel, buf, CRC_Block(), CRYPTO_HOSTKEY_HASHSIZE, crypto_storedhostkey_hashtable, d0_blind_id_dll, dp_strlcpy, crypto_storedhostkey_t::idfp, crypto_storedhostkey_t::issigned, crypto_storedhostkey_t::keyid, LHNETADDRESS_Compare(), LHNETADDRESS_ToString(), crypto_storedhostkey_t::next, pubkeys_fp64, and strlen().

Referenced by Crypto_ClientParsePacket(), VM_M_crypto_getencryptlevel(), VM_M_crypto_getidfp(), VM_M_crypto_getidstatus(), and VM_M_crypto_getkeyfp().

◆ Crypto_RetrieveLocalKey()

int Crypto_RetrieveLocalKey	(	int	keyid,
		char *	keyfp,
		size_t	keyfplen,
		char *	idfp,
		size_t	idfplen,
		qbool *	issigned )

Definition at line 763 of file crypto.c.

{
    if(keyid < 0 || keyid >= MAX_PUBKEYS)
        return 0;
    if(keyfp)
        *keyfp = 0;
    if(idfp)
        *idfp = 0;
    if(!pubkeys[keyid])
        return -1;
    if(keyfp)
        dp_strlcpy(keyfp, pubkeys_fp64[keyid], keyfplen);
    if(idfp)
        if(pubkeys_havepriv[keyid])
            dp_strlcpy(idfp, pubkeys_priv_fp64[keyid], idfplen);
    if(issigned)
        *issigned = pubkeys_havesig[keyid];
    return 1;
}

References dp_strlcpy, MAX_PUBKEYS, pubkeys, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, and pubkeys_priv_fp64.

Referenced by VM_M_crypto_getmyidfp(), VM_M_crypto_getmyidstatus(), and VM_M_crypto_getmykeyfp().

◆ Crypto_Rijndael_CloseLibrary()

static void Crypto_Rijndael_CloseLibrary ( void )

static

Definition at line 375 of file crypto.c.

{
    Sys_FreeLibrary (&d0_rijndael_dll);
}

References d0_rijndael_dll, and Sys_FreeLibrary().

Referenced by Crypto_Init(), and Crypto_Shutdown().

◆ Crypto_Rijndael_OpenLibrary()

static qbool Crypto_Rijndael_OpenLibrary ( void )

static

Definition at line 352 of file crypto.c.

{
    const char* dllnames [] =
    {
#if defined(WIN32)
        "libd0_rijndael-0.dll",
#elif defined(MACOSX)
        "libd0_rijndael.0.dylib",
#else
        "libd0_rijndael.so.0",
        "libd0_rijndael.so", // FreeBSD
#endif
        NULL
    };
 
    // Already loaded?
    if (d0_rijndael_dll)
        return true;
 
    // Load the DLL
    return Sys_LoadDependency (dllnames, &d0_rijndael_dll, d0_rijndael_funcs);
}

References d0_rijndael_dll, d0_rijndael_funcs, NULL, and Sys_LoadDependency().

Referenced by Crypto_Init().

◆ Crypto_SavePubKeyTextFile()

static qbool Crypto_SavePubKeyTextFile ( int i )

static

Definition at line 814 of file crypto.c.

{
    qfile_t *f;
    char vabuf[1024];
 
    if(!pubkeys_havepriv[i])
        return false;
    f = FS_SysOpen(va(vabuf, sizeof(vabuf), "%skey_%d-public-fp%s.txt", *fs_userdir ? fs_userdir : fs_basedir, i, sessionid.string), "w", false);
    if(!f)
        return false;
 
    // we ignore errors for this file, as it's not necessary to have
    FS_Printf(f, "ID-Fingerprint: %s\n", pubkeys_priv_fp64[i]);
    FS_Printf(f, "ID-Is-Signed: %s\n", pubkeys_havesig[i] ? "yes" : "no");
    FS_Printf(f, "ID-Is-For-Key: %s\n", pubkeys_fp64[i]);
    FS_Printf(f, "\n");
    FS_Printf(f, "This is a PUBLIC ID file for DarkPlaces.\n");
    FS_Printf(f, "You are free to share this file or its contents.\n");
    FS_Printf(f, "\n");
    FS_Printf(f, "This file will be automatically generated again if deleted.\n");
    FS_Printf(f, "\n");
    FS_Printf(f, "However, NEVER share the accompanying SECRET ID file called\n");
    FS_Printf(f, "key_%d.d0si%s, as doing so would compromise security!\n", i, sessionid.string);
    FS_Close(f);
 
    return true;
}

References f, fs_basedir, FS_Close(), FS_Printf(), FS_SysOpen(), fs_userdir, i, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, pubkeys_priv_fp64, sessionid, cvar_t::string, and va().

Referenced by Crypto_KeyGen_f(), Crypto_KeyGen_Finished(), and Crypto_LoadKeys().

◆ Crypto_ServerAppendToChallenge()

qbool Crypto_ServerAppendToChallenge	(	const char *	data_in,
		size_t	len_in,
		char *	data_out,
		size_t *	len_out,
		size_t	maxlen_out )

Definition at line 1696 of file crypto.c.

{
    // cheap op, all is precomputed
    if(!d0_blind_id_dll)
        return false; // no support
    // append challenge
    if(maxlen_out <= *len_out + challenge_append_length)
        return false;
    memcpy(data_out + *len_out, challenge_append, challenge_append_length);
    *len_out += challenge_append_length;
    return false;
}

References challenge_append, challenge_append_length, and d0_blind_id_dll.

Referenced by NetConn_ServerParsePacket().

◆ Crypto_ServerError()

static int Crypto_ServerError	(	char *	data_out,
		size_t *	len_out,
		const char *	msg,
		const char *	msg_client )

static

Definition at line 1709 of file crypto.c.

{
    if(!msg_client)
        msg_client = msg;
    Con_DPrintf("rejecting client: %s\n", msg);
    if(*msg_client)
        dpsnprintf(data_out, *len_out, "reject %s", msg_client);
    *len_out = strlen(data_out);
    return CRYPTO_DISCARD;
}

References Con_DPrintf(), CRYPTO_DISCARD, dpsnprintf(), and strlen().

Referenced by Crypto_ServerParsePacket_Internal().

◆ Crypto_ServerFindInstance()

static crypto_t * Crypto_ServerFindInstance	(	lhnetaddress_t *	peeraddress,
		qbool	allow_create )

static

Definition at line 528 of file crypto.c.

{
    crypto_t *crypto; 
    int i, best;
 
    if(!d0_blind_id_dll)
        return NULL; // no support
 
    for(i = 0; i < MAX_CRYPTOCONNECTS; ++i)
        if(LHNETADDRESS_Compare(peeraddress, &cryptoconnects[i].address))
            break;
    if(i < MAX_CRYPTOCONNECTS && (allow_create || cryptoconnects[i].crypto.data))
    {
        crypto = &cryptoconnects[i].crypto;
        cryptoconnects[i].lasttime = host.realtime;
        return crypto;
    }
    if(!allow_create)
        return NULL;
    best = 0;
    for(i = 1; i < MAX_CRYPTOCONNECTS; ++i)
        if(cryptoconnects[i].lasttime < cryptoconnects[best].lasttime)
            best = i;
    crypto = &cryptoconnects[best].crypto;
    cryptoconnects[best].lasttime = host.realtime;
    memcpy(&cryptoconnects[best].address, peeraddress, sizeof(cryptoconnects[best].address));
    CLEAR_CDATA;
    return crypto;
}

References CLEAR_CDATA, server_cryptoconnect_t::crypto, cryptoconnects, d0_blind_id_dll, crypto_t::data, host, i, server_cryptoconnect_t::lasttime, LHNETADDRESS_Compare(), MAX_CRYPTOCONNECTS, NULL, and host_static_t::realtime.

Referenced by Crypto_ServerGetInstance(), and Crypto_ServerParsePacket_Internal().

◆ Crypto_ServerGetInstance()

crypto_t * Crypto_ServerGetInstance ( lhnetaddress_t * peeraddress )

Definition at line 573 of file crypto.c.

{
    // no check needed here (returned pointers are only used in prefilled fields)
    return Crypto_ServerFindInstance(peeraddress, false);
}

References Crypto_ServerFindInstance().

Referenced by NetConn_ServerParsePacket().

◆ Crypto_ServerParsePacket()

int Crypto_ServerParsePacket	(	const char *	data_in,
		size_t	len_in,
		char *	data_out,
		size_t *	len_out,
		lhnetaddress_t *	peeraddress )

Definition at line 2036 of file crypto.c.

{
    int ret;
    double t = 0;
    static double complain_time = 0;
    const char *cnt;
    qbool do_time = false;
    qbool do_reject = false;
    char infostringvalue[MAX_INPUTLINE];
    if(crypto_servercpupercent.value > 0 || crypto_servercpumaxtime.value > 0)
        if(len_in > 5 && !memcmp(data_in, "d0pk\\", 5))
        {
            do_time = true;
            cnt = (InfoString_GetValue(data_in + 4, "cnt", infostringvalue, sizeof(infostringvalue)) ? infostringvalue : NULL);
            if(cnt)
                if(!strcmp(cnt, "0"))
                    do_reject = true;
        }
    if(do_time)
    {
        // check if we may perform crypto...
        if(crypto_servercpupercent.value > 0)
        {
            crypto_servercpu_accumulator += (host.realtime - crypto_servercpu_lastrealtime) * crypto_servercpupercent.value * 0.01;
            if(crypto_servercpumaxtime.value)
                if(crypto_servercpu_accumulator > crypto_servercpumaxtime.value)
                    crypto_servercpu_accumulator = crypto_servercpumaxtime.value;
        }
        else
        {
            if(crypto_servercpumaxtime.value > 0)
                if(host.realtime != crypto_servercpu_lastrealtime)
                    crypto_servercpu_accumulator = crypto_servercpumaxtime.value;
        }
        crypto_servercpu_lastrealtime = host.realtime;
        if(do_reject && crypto_servercpu_accumulator < 0)
        {
            if(host.realtime > complain_time + 5)
                Con_Printf("crypto: cannot perform requested crypto operations; denial service attack or crypto_servercpupercent/crypto_servercpumaxtime are too low\n");
            *len_out = 0;
            return CRYPTO_DISCARD;
        }
        t = Sys_DirtyTime();
    }
    ret = Crypto_ServerParsePacket_Internal(data_in, len_in, data_out, len_out, peeraddress);
    if(do_time)
    {
        t = Sys_DirtyTime() - t;if (t < 0.0) t = 0.0; // dirtytime can step backwards
        if(crypto_servercpudebug.integer)
            Con_Printf("crypto: accumulator was %.1f ms, used %.1f ms for crypto, ", crypto_servercpu_accumulator * 1000, t * 1000);
        crypto_servercpu_accumulator -= t;
        if(crypto_servercpudebug.integer)
            Con_Printf("is %.1f ms\n", crypto_servercpu_accumulator * 1000);
    }
    return ret;
}

References Con_Printf(), CRYPTO_DISCARD, crypto_servercpu_accumulator, crypto_servercpu_lastrealtime, crypto_servercpudebug, crypto_servercpumaxtime, crypto_servercpupercent, Crypto_ServerParsePacket_Internal(), host, InfoString_GetValue(), cvar_t::integer, MAX_INPUTLINE, NULL, host_static_t::realtime, ret, Sys_DirtyTime(), and cvar_t::value.

Referenced by NetConn_ServerParsePacket().

◆ Crypto_ServerParsePacket_Internal()

static int Crypto_ServerParsePacket_Internal	(	const char *	data_in,
		size_t	len_in,
		char *	data_out,
		size_t *	len_out,
		lhnetaddress_t *	peeraddress )

static

Definition at line 1727 of file crypto.c.

{
    // if "connect": reject if in the middle of crypto handshake
    crypto_t *crypto = NULL;
    char *data_out_p = data_out;
    const char *string = data_in;
    int aeslevel;
    D0_BOOL aes;
    D0_BOOL status;
    char infostringvalue[MAX_INPUTLINE];
    char vabuf[1024];
 
    if(!d0_blind_id_dll)
        return CRYPTO_NOMATCH; // no support
 
    if (len_in > 8 && !memcmp(string, "connect\\", 8) && d0_rijndael_dll && crypto_aeslevel.integer >= 3)
    {
        int i;
        // sorry, we have to verify the challenge here to not reflect network spam
 
        if (!InfoString_GetValue(string + 4, "challenge", infostringvalue, sizeof(infostringvalue)))
            return CRYPTO_NOMATCH; // will be later accepted if encryption was set up
        // validate the challenge
        for (i = 0;i < MAX_CHALLENGES;i++)
            if(challenges[i].time > 0)
                if (!LHNETADDRESS_Compare(peeraddress, &challenges[i].address) && !strcmp(challenges[i].string, infostringvalue))
                    break;
        // if the challenge is not recognized, drop the packet
        if (i == MAX_CHALLENGES) // challenge mismatch is silent
            return Crypto_SoftServerError(data_out, len_out, "missing challenge in connect");
 
        crypto = Crypto_ServerFindInstance(peeraddress, false);
        if(!crypto || !crypto->authenticated)
            return Crypto_ServerError(data_out, len_out, "This server requires authentication and encryption to be supported by your client", NULL);
    }
    else if(len_in > 5 && !memcmp(string, "d0pk\\", 5) && ((LHNETADDRESS_GetAddressType(peeraddress) == LHNETADDRESSTYPE_LOOP) || sv_public.integer > -3))
    {
        const char *cnt, *p;
        int id;
        int clientid = -1, serverid = -1;
        id = (InfoString_GetValue(string + 4, "id", infostringvalue, sizeof(infostringvalue)) ? atoi(infostringvalue) : -1);
        cnt = (InfoString_GetValue(string + 4, "cnt", infostringvalue, sizeof(infostringvalue)) ? infostringvalue : NULL);
        if(!cnt)
            return Crypto_SoftServerError(data_out, len_out, "missing cnt in d0pk");
        GetUntilNul(&data_in, &len_in);
        if(!data_in)
            return Crypto_SoftServerError(data_out, len_out, "missing appended data in d0pk");
        if(!strcmp(cnt, "0"))
        {
            int i;
            if (!InfoString_GetValue(string + 4, "challenge", infostringvalue, sizeof(infostringvalue)))
                return Crypto_SoftServerError(data_out, len_out, "missing challenge in d0pk\\0");
            // validate the challenge
            for (i = 0;i < MAX_CHALLENGES;i++)
                if(challenges[i].time > 0)
                    if (!LHNETADDRESS_Compare(peeraddress, &challenges[i].address) && !strcmp(challenges[i].string, infostringvalue))
                        break;
            // if the challenge is not recognized, drop the packet
            if (i == MAX_CHALLENGES)
                return Crypto_SoftServerError(data_out, len_out, "invalid challenge in d0pk\\0");
 
            if (!InfoString_GetValue(string + 4, "aeslevel", infostringvalue, sizeof(infostringvalue)))
                aeslevel = 0; // not supported
            else
                aeslevel = bound(0, atoi(infostringvalue), 3);
            switch(bound(0, d0_rijndael_dll ? crypto_aeslevel.integer : 0, 3))
            {
                default: // dummy, never happens, but to make gcc happy...
                case 0:
                    if(aeslevel >= 3)
                        return Crypto_ServerError(data_out, len_out, "This server requires encryption to be not required (crypto_aeslevel <= 2)", NULL);
                    aes = false;
                    break;
                case 1:
                    aes = (aeslevel >= 2);
                    break;
                case 2:
                    aes = (aeslevel >= 1);
                    break;
                case 3:
                    if(aeslevel <= 0)
                        return Crypto_ServerError(data_out, len_out, "This server requires encryption to be supported (crypto_aeslevel >= 1, and d0_rijndael library must be present)", NULL);
                    aes = true;
                    break;
            }
 
            p = GetUntilNul(&data_in, &len_in);
            if(p && *p)
            {
                // Find the highest numbered matching key for p.
                for(i = 0; i < MAX_PUBKEYS; ++i)
                {
                    if(pubkeys[i])
                        if(!strcmp(p, pubkeys_fp64[i]))
                            if(pubkeys_havepriv[i])
                                serverid = i;
                }
                if(serverid < 0)
                    return Crypto_ServerError(data_out, len_out, "Invalid server key", NULL);
            }
            p = GetUntilNul(&data_in, &len_in);
            if(p && *p)
            {
                // Find the highest numbered matching key for p.
                for(i = 0; i < MAX_PUBKEYS; ++i)
                {
                    if(pubkeys[i])
                        if(!strcmp(p, pubkeys_fp64[i]))
                            clientid = i;
                }
                if(clientid < 0)
                    return Crypto_ServerError(data_out, len_out, "Invalid client key", NULL);
            }
 
            crypto = Crypto_ServerFindInstance(peeraddress, true);
            if(!crypto)
                return Crypto_ServerError(data_out, len_out, "Could not create a crypto connect instance", NULL);
            MAKE_CDATA;
            CDATA->cdata_id = id;
            CDATA->s = serverid;
            CDATA->c = clientid;
            memset(crypto->dhkey, 0, sizeof(crypto->dhkey));
            CDATA->challenge[0] = 0;
            crypto->client_keyfp[0] = 0;
            crypto->client_idfp[0] = 0;
            crypto->server_keyfp[0] = 0;
            crypto->server_idfp[0] = 0;
            crypto->use_aes = aes != 0;
 
            if(CDATA->s >= 0)
            {
                // I am the server, and my key is ok... so let's set server_keyfp and server_idfp
                dp_strlcpy(crypto->server_keyfp, pubkeys_fp64[CDATA->s], sizeof(crypto->server_keyfp));
                dp_strlcpy(crypto->server_idfp, pubkeys_priv_fp64[CDATA->s], sizeof(crypto->server_idfp));
                crypto->server_issigned = pubkeys_havesig[CDATA->s];
 
                if(!CDATA->id)
                    CDATA->id = qd0_blind_id_new();
                if(!CDATA->id)
                {
                    CLEAR_CDATA;
                    return Crypto_ServerError(data_out, len_out, "d0_blind_id_new failed", "Internal error");
                }
                if(!qd0_blind_id_copy(CDATA->id, pubkeys[CDATA->s]))
                {
                    CLEAR_CDATA;
                    return Crypto_ServerError(data_out, len_out, "d0_blind_id_copy failed", "Internal error");
                }
                PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\1\\id\\%d\\aes\\%d", CDATA->cdata_id, crypto->use_aes));
                if(!qd0_blind_id_authenticate_with_private_id_start(CDATA->id, true, false, "XONOTIC", 8, data_out_p, len_out)) // len_out receives used size by this op
                {
                    CLEAR_CDATA;
                    return Crypto_ServerError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_start failed", "Internal error");
                }
                CDATA->next_step = 2;
                data_out_p += *len_out;
                *len_out = data_out_p - data_out;
                return CRYPTO_DISCARD;
            }
            else if(CDATA->c >= 0)
            {
                if(!CDATA->id)
                    CDATA->id = qd0_blind_id_new();
                if(!CDATA->id)
                {
                    CLEAR_CDATA;
                    return Crypto_ServerError(data_out, len_out, "d0_blind_id_new failed", "Internal error");
                }
                if(!qd0_blind_id_copy(CDATA->id, pubkeys[CDATA->c]))
                {
                    CLEAR_CDATA;
                    return Crypto_ServerError(data_out, len_out, "d0_blind_id_copy failed", "Internal error");
                }
                PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\5\\id\\%d\\aes\\%d", CDATA->cdata_id, crypto->use_aes));
                if(!qd0_blind_id_authenticate_with_private_id_challenge(CDATA->id, true, false, data_in, len_in, data_out_p, len_out, &status))
                {
                    CLEAR_CDATA;
                    return Crypto_ServerError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_challenge failed", "Internal error");
                }
                CDATA->next_step = 6;
                data_out_p += *len_out;
                *len_out = data_out_p - data_out;
                return CRYPTO_DISCARD;
            }
            else
            {
                CLEAR_CDATA;
                return Crypto_ServerError(data_out, len_out, "Missing client and server key", NULL);
            }
        }
        else if(!strcmp(cnt, "2"))
        {
            size_t fpbuflen;
            crypto = Crypto_ServerFindInstance(peeraddress, false);
            if(!crypto)
                return CRYPTO_NOMATCH; // pre-challenge, rather be silent
            if(id >= 0)
                if(CDATA->cdata_id != id)
                    return Crypto_SoftServerError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\id\\%d when expecting %d", id, CDATA->cdata_id));
            if(CDATA->next_step != 2)
                return Crypto_SoftServerError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\cnt\\%s when expecting %d", cnt, CDATA->next_step));
 
            PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\3\\id\\%d", CDATA->cdata_id));
            if(!qd0_blind_id_authenticate_with_private_id_response(CDATA->id, data_in, len_in, data_out_p, len_out))
            {
                CLEAR_CDATA;
                return Crypto_ServerError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_response failed", "Internal error");
            }
            fpbuflen = DHKEY_SIZE;
            if(!qd0_blind_id_sessionkey_public_id(CDATA->id, (char *) crypto->dhkey, &fpbuflen))
            {
                CLEAR_CDATA;
                return Crypto_ServerError(data_out, len_out, "d0_blind_id_sessionkey_public_id failed", "Internal error");
            }
            if(CDATA->c >= 0)
            {
                if(!qd0_blind_id_copy(CDATA->id, pubkeys[CDATA->c]))
                {
                    CLEAR_CDATA;
                    return Crypto_ServerError(data_out, len_out, "d0_blind_id_copy failed", "Internal error");
                }
                CDATA->next_step = 4;
            }
            else
            {
                // session key is FINISHED (no server part is to be expected)! By this, all keys are set up
                crypto->authenticated = true;
                CDATA->next_step = 0;
            }
            data_out_p += *len_out;
            *len_out = data_out_p - data_out;
            return CRYPTO_DISCARD;
        }
        else if(!strcmp(cnt, "4"))
        {
            crypto = Crypto_ServerFindInstance(peeraddress, false);
            if(!crypto)
                return CRYPTO_NOMATCH; // pre-challenge, rather be silent
            if(id >= 0)
                if(CDATA->cdata_id != id)
                    return Crypto_SoftServerError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\id\\%d when expecting %d", id, CDATA->cdata_id));
            if(CDATA->next_step != 4)
                return Crypto_SoftServerError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\cnt\\%s when expecting %d", cnt, CDATA->next_step));
            PutWithNul(&data_out_p, len_out, va(vabuf, sizeof(vabuf), "d0pk\\cnt\\5\\id\\%d", CDATA->cdata_id));
            if(!qd0_blind_id_authenticate_with_private_id_challenge(CDATA->id, true, false, data_in, len_in, data_out_p, len_out, &status))
            {
                CLEAR_CDATA;
                return Crypto_ServerError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_challenge failed", "Internal error");
            }
            CDATA->next_step = 6;
            data_out_p += *len_out;
            *len_out = data_out_p - data_out;
            return CRYPTO_DISCARD;
        }
        else if(!strcmp(cnt, "6"))
        {
            static char msgbuf[32];
            size_t msgbuflen = sizeof(msgbuf);
            size_t fpbuflen;
            int i;
            unsigned char dhkey[DHKEY_SIZE];
            crypto = Crypto_ServerFindInstance(peeraddress, false);
            if(!crypto)
                return CRYPTO_NOMATCH; // pre-challenge, rather be silent
            if(id >= 0)
                if(CDATA->cdata_id != id)
                    return Crypto_SoftServerError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\id\\%d when expecting %d", id, CDATA->cdata_id));
            if(CDATA->next_step != 6)
                return Crypto_SoftServerError(data_out, len_out, va(vabuf, sizeof(vabuf), "Got d0pk\\cnt\\%s when expecting %d", cnt, CDATA->next_step));
 
            if(!qd0_blind_id_authenticate_with_private_id_verify(CDATA->id, data_in, len_in, msgbuf, &msgbuflen, &status))
            {
                CLEAR_CDATA;
                return Crypto_ServerError(data_out, len_out, "d0_blind_id_authenticate_with_private_id_verify failed (authentication error)", "Authentication error");
            }
            dp_strlcpy(crypto->client_keyfp, pubkeys_fp64[CDATA->c], sizeof(crypto->client_keyfp));
            crypto->client_issigned = status;
 
            memset(crypto->client_idfp, 0, sizeof(crypto->client_idfp));
            fpbuflen = FP64_SIZE;
            if(!qd0_blind_id_fingerprint64_public_id(CDATA->id, crypto->client_idfp, &fpbuflen))
            {
                CLEAR_CDATA;
                return Crypto_ServerError(data_out, len_out, "d0_blind_id_fingerprint64_public_id failed", "Internal error");
            }
            fpbuflen = DHKEY_SIZE;
            if(!qd0_blind_id_sessionkey_public_id(CDATA->id, (char *) dhkey, &fpbuflen))
            {
                CLEAR_CDATA;
                return Crypto_ServerError(data_out, len_out, "d0_blind_id_sessionkey_public_id failed", "Internal error");
            }
            // XOR the two DH keys together to make one
            for(i = 0; i < DHKEY_SIZE; ++i)
                crypto->dhkey[i] ^= dhkey[i];
 
            // session key is FINISHED (no server part is to be expected)! By this, all keys are set up
            crypto->authenticated = true;
            CDATA->next_step = 0;
            // send a challenge-less challenge
            PutWithNul(&data_out_p, len_out, "challenge ");
            *len_out = data_out_p - data_out;
            --*len_out; // remove NUL terminator
            return CRYPTO_MATCH;
        }
        return CRYPTO_NOMATCH; // pre-challenge, rather be silent
    }
    return CRYPTO_NOMATCH;
}

References crypto_t::authenticated, bound, CDATA, challenges, CLEAR_CDATA, crypto_t::client_idfp, crypto_t::client_issigned, crypto_t::client_keyfp, crypto_aeslevel, CRYPTO_DISCARD, CRYPTO_MATCH, CRYPTO_NOMATCH, Crypto_ServerError(), Crypto_ServerFindInstance(), Crypto_SoftServerError(), d0_blind_id_dll, D0_BOOL, d0_rijndael_dll, crypto_t::dhkey, DHKEY_SIZE, dp_strlcpy, FP64_SIZE, GetUntilNul(), i, id, InfoString_GetValue(), cvar_t::integer, LHNETADDRESS_Compare(), LHNETADDRESS_GetAddressType(), LHNETADDRESSTYPE_LOOP, MAKE_CDATA, MAX_CHALLENGES, MAX_INPUTLINE, MAX_PUBKEYS, NULL, pubkeys, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, pubkeys_priv_fp64, PutWithNul(), qd0_blind_id_authenticate_with_private_id_challenge, qd0_blind_id_authenticate_with_private_id_response, qd0_blind_id_authenticate_with_private_id_start, qd0_blind_id_authenticate_with_private_id_verify, qd0_blind_id_copy, qd0_blind_id_fingerprint64_public_id, qd0_blind_id_new, qd0_blind_id_sessionkey_public_id, crypto_t::server_idfp, crypto_t::server_issigned, crypto_t::server_keyfp, sv_public, time, crypto_t::use_aes, and va().

Referenced by Crypto_ServerParsePacket().

◆ Crypto_Shutdown()

void Crypto_Shutdown ( void )

Definition at line 1043 of file crypto.c.

{
    crypto_t *crypto;
    int i;
 
    Crypto_Rijndael_CloseLibrary();
 
    if(d0_blind_id_dll)
    {
        // free memory
        for(i = 0; i < MAX_CRYPTOCONNECTS; ++i)
        {
            crypto = &cryptoconnects[i].crypto;
            CLEAR_CDATA;
        }
        memset(cryptoconnects, 0, sizeof(cryptoconnects));
        crypto = &cls.crypto;
        CLEAR_CDATA;
 
        Crypto_UnloadKeys();
 
        qd0_blind_id_SHUTDOWN();
 
        Crypto_CloseLibrary();
    }
 
    Mem_FreePool(&cryptomempool);
}

References CLEAR_CDATA, cls, client_static_t::crypto, server_cryptoconnect_t::crypto, Crypto_CloseLibrary(), Crypto_Rijndael_CloseLibrary(), Crypto_UnloadKeys(), cryptoconnects, cryptomempool, d0_blind_id_dll, i, MAX_CRYPTOCONNECTS, Mem_FreePool, and qd0_blind_id_SHUTDOWN.

Referenced by Host_Shutdown().

◆ Crypto_SignData()

size_t Crypto_SignData	(	const void *	data,
		size_t	datasize,
		int	keyid,
		void *	signed_data,
		size_t	signed_size )

Definition at line 2634 of file crypto.c.

{
    if(keyid < 0 || keyid >= MAX_PUBKEYS)
        return 0;
    if(!pubkeys_havepriv[keyid])
        return 0;
    if(qd0_blind_id_sign_with_private_id_sign(pubkeys[keyid], true, false, (const char *)data, datasize, (char *)signed_data, &signed_size))
        return signed_size;
    return 0;
}

References data, MAX_PUBKEYS, pubkeys, pubkeys_havepriv, and qd0_blind_id_sign_with_private_id_sign.

◆ Crypto_SignDataDetached()

size_t Crypto_SignDataDetached	(	const void *	data,
		size_t	datasize,
		int	keyid,
		void *	signed_data,
		size_t	signed_size )

Definition at line 2645 of file crypto.c.

{
    if(keyid < 0 || keyid >= MAX_PUBKEYS)
        return 0;
    if(!pubkeys_havepriv[keyid])
        return 0;
    if(qd0_blind_id_sign_with_private_id_sign_detached(pubkeys[keyid], true, false, (const char *)data, datasize, (char *)signed_data, &signed_size))
        return signed_size;
    return 0;
}

References data, MAX_PUBKEYS, pubkeys, pubkeys_havepriv, and qd0_blind_id_sign_with_private_id_sign_detached.

Referenced by VM_uri_get().

◆ Crypto_SoftClientError()

static int Crypto_SoftClientError	(	char *	data_out,
		size_t *	len_out,
		const char *	msg )

static

Definition at line 2100 of file crypto.c.

{
    *len_out = 0;
    Con_DPrintf("%s\n", msg);
    return CRYPTO_DISCARD;
}

References Con_DPrintf(), and CRYPTO_DISCARD.

Referenced by Crypto_ClientParsePacket().

◆ Crypto_SoftServerError()

static int Crypto_SoftServerError	(	char *	data_out,
		size_t *	len_out,
		const char *	msg )

static

Definition at line 1720 of file crypto.c.

{
    *len_out = 0;
    Con_DPrintf("%s\n", msg);
    return CRYPTO_DISCARD;
}

References Con_DPrintf(), and CRYPTO_DISCARD.

Referenced by Crypto_ServerParsePacket_Internal().

◆ Crypto_StoreHostKey()

static void Crypto_StoreHostKey	(	lhnetaddress_t *	peeraddress,
		const char *	keystring,
		qbool	complain )

static

Definition at line 635 of file crypto.c.

{
    char buf[128];
    int hashindex;
    crypto_storedhostkey_t *hk;
    int keyid;
    char idfp[FP64_SIZE+1];
    int aeslevel;
    qbool issigned;
 
    if(!d0_blind_id_dll)
        return;
    
    // syntax of keystring:
    // aeslevel id@key id@key ...
 
    if(!*keystring)
        return;
    aeslevel = bound(0, *keystring - '0', 3);
    while(*keystring && *keystring != ' ')
        ++keystring;
 
    keyid = -1;
    issigned = false;
    while(*keystring && keyid < 0)
    {
        // id@key
        const char *idstart, *idend, *keystart, *keyend;
        qbool thisissigned = true;
        ++keystring; // skip the space
        idstart = keystring;
        while(*keystring && *keystring != ' ' && *keystring != '@')
            ++keystring;
        idend = keystring;
        if(!*keystring)
            break;
        ++keystring;
        keystart = keystring;
        while(*keystring && *keystring != ' ')
            ++keystring;
        keyend = keystring;
 
        if (keystart[0] == '~')
        {
            thisissigned = false;
            ++keystart;
        }
 
        if(idend - idstart == FP64_SIZE && keyend - keystart == FP64_SIZE)
        {
            int thiskeyid;
            for(thiskeyid = MAX_PUBKEYS - 1; thiskeyid >= 0; --thiskeyid)
                if(pubkeys[thiskeyid])
                    if(!memcmp(pubkeys_fp64[thiskeyid], keystart, FP64_SIZE))
                    {
                        memcpy(idfp, idstart, FP64_SIZE);
                        idfp[FP64_SIZE] = 0;
                        keyid = thiskeyid;
                        issigned = thisissigned;
                        break;
                    }
            // If this failed, keyid will be -1.
        }
    }
 
    if(keyid < 0)
        return;
 
    LHNETADDRESS_ToString(peeraddress, buf, sizeof(buf), 1);
    hashindex = CRC_Block((const unsigned char *) buf, strlen(buf)) % CRYPTO_HOSTKEY_HASHSIZE;
    for(hk = crypto_storedhostkey_hashtable[hashindex]; hk && LHNETADDRESS_Compare(&hk->addr, peeraddress); hk = hk->next);
 
    if(hk)
    {
        if(complain)
        {
            if(hk->keyid != keyid || memcmp(hk->idfp, idfp, FP64_SIZE+1))
                Con_Printf("Server %s tried to change the host key to a value not in the host cache. Connecting to it will fail. To accept the new host key, do crypto_hostkey_clear %s\n", buf, buf);
            if(hk->aeslevel > aeslevel)
                Con_Printf("Server %s tried to reduce encryption status, not accepted. Connecting to it will fail. To accept, do crypto_hostkey_clear %s\n", buf, buf);
            if(hk->issigned > issigned)
                Con_Printf("Server %s tried to reduce signature status, not accepted. Connecting to it will fail. To accept, do crypto_hostkey_clear %s\n", buf, buf);
        }
        hk->aeslevel = max(aeslevel, hk->aeslevel);
        hk->issigned = issigned;
        return;
    }
 
    // great, we did NOT have it yet
    hk = (crypto_storedhostkey_t *) Z_Malloc(sizeof(*hk));
    memcpy(&hk->addr, peeraddress, sizeof(hk->addr));
    hk->keyid = keyid;
    memcpy(hk->idfp, idfp, FP64_SIZE+1);
    hk->next = crypto_storedhostkey_hashtable[hashindex];
    hk->aeslevel = aeslevel;
    hk->issigned = issigned;
    crypto_storedhostkey_hashtable[hashindex] = hk;
}

References crypto_storedhostkey_t::addr, crypto_storedhostkey_t::aeslevel, bound, buf, Con_Printf(), CRC_Block(), CRYPTO_HOSTKEY_HASHSIZE, crypto_storedhostkey_hashtable, d0_blind_id_dll, FP64_SIZE, crypto_storedhostkey_t::idfp, crypto_storedhostkey_t::issigned, crypto_storedhostkey_t::keyid, LHNETADDRESS_Compare(), LHNETADDRESS_ToString(), max, MAX_PUBKEYS, crypto_storedhostkey_t::next, pubkeys, pubkeys_fp64, strlen(), and Z_Malloc.

Referenced by Crypto_ClientParsePacket().

◆ Crypto_UnLittleLong()

static void Crypto_UnLittleLong	(	char *	data,
		unsigned long	l )

static

Definition at line 68 of file crypto.c.

{
    data[0] = l & 0xFF;
    data[1] = (l >> 8) & 0xFF;
    data[2] = (l >> 16) & 0xFF;
    data[3] = (l >> 24) & 0xFF;
}

References data.

Referenced by Crypto_BuildChallengeAppend(), and Crypto_UnParsePack().

◆ Crypto_UnloadKeys()

static void Crypto_UnloadKeys ( void )

static

Definition at line 985 of file crypto.c.

{
    int i;
 
    keygen_i = -1;
    for(i = 0; i < MAX_PUBKEYS; ++i)
    {
        if(pubkeys[i])
            qd0_blind_id_free(pubkeys[i]);
        pubkeys[i] = NULL;
        pubkeys_havepriv[i] = false;
        pubkeys_havesig[i] = false;
        memset(pubkeys_fp64[i], 0, sizeof(pubkeys_fp64[i]));
        memset(pubkeys_priv_fp64[i], 0, sizeof(pubkeys_fp64[i]));
        challenge_append_length = 0;
    }
    crypto_idstring = NULL;
}

References challenge_append_length, crypto_idstring, i, keygen_i, MAX_PUBKEYS, NULL, pubkeys, pubkeys_fp64, pubkeys_havepriv, pubkeys_havesig, pubkeys_priv_fp64, and qd0_blind_id_free.

Referenced by Crypto_Reload_f(), and Crypto_Shutdown().

◆ Crypto_UnParsePack()

static size_t Crypto_UnParsePack	(	char *	buf,
		size_t	len,
		unsigned long	header,
		const char const	lumps,
		const size_t *	lumpsize,
		size_t	nlumps )

static

Definition at line 103 of file crypto.c.

{
    size_t i;
    size_t pos;
    pos = 0;
    if(header)
    {
        if(len < 4)
            return 0;
        Crypto_UnLittleLong(buf, header);
        pos += 4;
    }
    for(i = 0; i < nlumps; ++i)
    {
        if(pos + 4 + lumpsize[i] > len)
            return 0;
        Crypto_UnLittleLong(&buf[pos], (unsigned long)lumpsize[i]);
        pos += 4;
        memcpy(&buf[pos], lumps[i], lumpsize[i]);
        pos += lumpsize[i];
    }
    return pos;
}

References buf, Crypto_UnLittleLong(), and i.

Referenced by Crypto_KeyGen_f(), and Crypto_KeyGen_Finished().

◆ GetUntilNul()

static const char * GetUntilNul	(	const char **	data,
		size_t *	len )

static

Definition at line 418 of file crypto.c.

{
    // invariant: data points to next character to take
    const char *data_save = *data;
    size_t n;
    const char *p;
 
    if(!*data)
        return NULL;
 
    if(!*len)
    {
        *data = NULL;
        return NULL;
    }
 
    p = (const char *) memchr(*data, 0, *len);
    if(!p) // no terminating NUL
    {
        *data = NULL;
        *len = 0;
        return NULL;
    }
    n = (p - *data) + 1;
    *len -= n;
    *data += n;
    if(*len == 0)
        *data = NULL;
    return (const char *) data_save;
}

References data, n, and NULL.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ PutWithNul()

static qbool PutWithNul	(	char **	data,
		size_t *	len,
		const char *	str )

static

Definition at line 406 of file crypto.c.

{
    // invariant: data points to insertion point
    size_t l = strlen(str);
    if(l >= *len)
        return false;
    memcpy(*data, str, l+1);
    *data += l+1;
    *len -= l+1;
    return true;
}

References data, and strlen().

Referenced by Crypto_BuildChallengeAppend(), Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ seacpy()

static void seacpy	(	unsigned char *	key,
		const unsigned char *	iv,
		unsigned char *	dst,
		const unsigned char *	src,
		size_t	len )

static

Definition at line 1498 of file crypto.c.

{
    const unsigned char *xorpos = iv;
    unsigned char xorbuf[16];
    unsigned long rk[D0_RIJNDAEL_RKLENGTH(DHKEY_SIZE * 8)];
    size_t i;
    qd0_rijndael_setup_decrypt(rk, key, DHKEY_SIZE * 8);
    while(len > 16)
    {
        qd0_rijndael_decrypt(rk, D0_RIJNDAEL_NROUNDS(DHKEY_SIZE * 8), src, xorbuf);
        for(i = 0; i < 16; ++i)
            dst[i] = xorbuf[i] ^ xorpos[i];
        xorpos = src;
        len -= 16;
        src += 16;
        dst += 16;
    }
    if(len > 0)
    {
        qd0_rijndael_decrypt(rk, D0_RIJNDAEL_NROUNDS(DHKEY_SIZE * 8), src, xorbuf);
        for(i = 0; i < len; ++i)
            dst[i] = xorbuf[i] ^ xorpos[i];
    }
}

References D0_RIJNDAEL_NROUNDS, D0_RIJNDAEL_RKLENGTH, DHKEY_SIZE, i, qd0_rijndael_decrypt, qd0_rijndael_setup_decrypt, and src.

Referenced by Crypto_DecryptPacket().

◆ sha256()

void sha256	(	unsigned char *	out,
		const unsigned char *	in,
		int	n )

Definition at line 383 of file crypto.c.

{
    qd0_blind_id_util_sha256((char *) out, (const char *) in, n);
}

References n, and qd0_blind_id_util_sha256.

Referenced by VM_digest_hex().

Variable Documentation

◆ cdata_id

int cdata_id = 0

static

Definition at line 509 of file crypto.c.

Referenced by Crypto_ClientParsePacket().

◆ challenge_append

char challenge_append[1400]

static

Definition at line 487 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), and Crypto_ServerAppendToChallenge().

◆ challenge_append_length

size_t challenge_append_length

static

Definition at line 488 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), Crypto_ServerAppendToChallenge(), and Crypto_UnloadKeys().

◆ crypto_aeslevel

cvar_t crypto_aeslevel = {CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_aeslevel", "1", "whether to support AES encryption in authenticated connections (0 = no, 1 = supported, 2 = requested, 3 = required)"}

Definition at line 31 of file crypto.c.

31{CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_aeslevel", "1", "whether to support AES encryption in authenticated connections (0 = no, 1 = supported, 2 = requested, 3 = required)"};

CF_SERVER

#define CF_SERVER

cvar/command that only the server can change/execute

Definition cmd.h:49

CF_CLIENT

#define CF_CLIENT

cvar/command that only the client can change/execute

Definition cmd.h:48

CF_ARCHIVE

#define CF_ARCHIVE

cvar should have its set value saved to config.cfg and persist across sessions

Definition cmd.h:53

Referenced by Crypto_BuildIdString(), Crypto_ClientParsePacket(), Crypto_GetInfoResponseDataString(), Crypto_Init_Commands(), and Crypto_ServerParsePacket_Internal().

◆ crypto_developer

cvar_t crypto_developer = {CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_developer", "0", "print extra info about crypto handshake"}

Definition at line 30 of file crypto.c.

30{CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_developer", "0", "print extra info about crypto handshake"};

Referenced by Crypto_Init_Commands(), and NetConn_ServerParsePacket().

◆ crypto_idstring

const char* crypto_idstring = NULL

static

Definition at line 42 of file crypto.c.

Referenced by Crypto_BuildIdString(), Crypto_GetInfoResponseDataString(), Crypto_KeyGen_f(), Crypto_LoadKeys(), Crypto_UnloadKeys(), and NetConn_BuildStatusResponse().

◆ crypto_idstring_buf

char crypto_idstring_buf[512]

static

Definition at line 43 of file crypto.c.

Referenced by Crypto_BuildIdString(), Crypto_GetInfoResponseDataString(), and Crypto_KeyGen_f().

◆ crypto_keyfp_recommended_length

int crypto_keyfp_recommended_length

Definition at line 41 of file crypto.c.

Referenced by Crypto_HostKeys_f(), Crypto_LoadKeys(), NetConn_ConnectionEstablished(), NetConn_ServerParsePacket(), and SV_ConnectClient().

◆ crypto_servercpu_accumulator

double crypto_servercpu_accumulator = 0

static

Definition at line 36 of file crypto.c.

Referenced by Crypto_ServerParsePacket().

◆ crypto_servercpu_lastrealtime

double crypto_servercpu_lastrealtime = 0

static

Definition at line 37 of file crypto.c.

Referenced by Crypto_ServerParsePacket().

◆ crypto_servercpudebug

cvar_t crypto_servercpudebug = {CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_servercpudebug", "0", "print statistics about time usage by crypto"}

Definition at line 35 of file crypto.c.

35{CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_servercpudebug", "0", "print statistics about time usage by crypto"};

Referenced by Crypto_Init_Commands(), and Crypto_ServerParsePacket().

◆ crypto_servercpumaxtime

cvar_t crypto_servercpumaxtime = {CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_servercpumaxtime", "0.01", "maximum allowed crypto CPU time per frame (0 = no limit)"}

Definition at line 34 of file crypto.c.

34{CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_servercpumaxtime", "0.01", "maximum allowed crypto CPU time per frame (0 = no limit)"};

Referenced by Crypto_Init_Commands(), and Crypto_ServerParsePacket().

◆ crypto_servercpupercent

cvar_t crypto_servercpupercent = {CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_servercpupercent", "10", "allowed crypto CPU load in percent for server operation (0 = no limit, faster)"}

Definition at line 33 of file crypto.c.

33{CF_CLIENT | CF_SERVER | CF_ARCHIVE, "crypto_servercpupercent", "10", "allowed crypto CPU load in percent for server operation (0 = no limit, faster)"};

Referenced by Crypto_Init_Commands(), and Crypto_ServerParsePacket().

◆ crypto_storedhostkey_hashtable

crypto_storedhostkey_t* crypto_storedhostkey_hashtable[CRYPTO_HOSTKEY_HASHSIZE]

static

Definition at line 589 of file crypto.c.

Referenced by Crypto_ClearHostKey(), Crypto_ClearHostKeys(), Crypto_HostKeys_f(), Crypto_InitHostKeys(), Crypto_RetrieveHostKey(), and Crypto_StoreHostKey().

◆ cryptoconnects

server_cryptoconnect_t cryptoconnects[MAX_CRYPTOCONNECTS]

static

Definition at line 507 of file crypto.c.

Referenced by Crypto_ServerFindInstance(), and Crypto_Shutdown().

◆ cryptomempool

mempool_t* cryptomempool

static

Definition at line 1004 of file crypto.c.

Referenced by Crypto_d0_malloc(), Crypto_Init(), and Crypto_Shutdown().

◆ d0_blind_id_dll

dllhandle_t d0_blind_id_dll = NULL

static

Definition at line 282 of file crypto.c.

Referenced by Crypto_Available(), Crypto_ClientParsePacket(), Crypto_CloseLibrary(), Crypto_HostKey_Clear_f(), Crypto_HostKeys_f(), Crypto_Init_Commands(), Crypto_KeyGen_f(), Crypto_KeyGen_Finished(), Crypto_Keys_f(), Crypto_LoadKeys(), Crypto_OpenLibrary(), Crypto_RetrieveHostKey(), Crypto_ServerAppendToChallenge(), Crypto_ServerFindInstance(), Crypto_ServerParsePacket_Internal(), Crypto_Shutdown(), and Crypto_StoreHostKey().

◆ d0_blind_id_funcs

dllfunction_t d0_blind_id_funcs[]

static

Definition at line 237 of file crypto.c.

{
    {"d0_blind_id_new", (void **) &qd0_blind_id_new},
    {"d0_blind_id_free", (void **) &qd0_blind_id_free},
    //{"d0_blind_id_clear", (void **) &qd0_blind_id_clear},
    {"d0_blind_id_copy", (void **) &qd0_blind_id_copy},
    //{"d0_blind_id_generate_private_key", (void **) &qd0_blind_id_generate_private_key},
    //{"d0_blind_id_generate_private_key_fastreject", (void **) &qd0_blind_id_generate_private_key_fastreject},
    //{"d0_blind_id_read_private_key", (void **) &qd0_blind_id_read_private_key},
    {"d0_blind_id_read_public_key", (void **) &qd0_blind_id_read_public_key},
    //{"d0_blind_id_write_private_key", (void **) &qd0_blind_id_write_private_key},
    //{"d0_blind_id_write_public_key", (void **) &qd0_blind_id_write_public_key},
    {"d0_blind_id_fingerprint64_public_key", (void **) &qd0_blind_id_fingerprint64_public_key},
    //{"d0_blind_id_generate_private_id_modulus", (void **) &qd0_blind_id_generate_private_id_modulus},
    {"d0_blind_id_read_private_id_modulus", (void **) &qd0_blind_id_read_private_id_modulus},
    //{"d0_blind_id_write_private_id_modulus", (void **) &qd0_blind_id_write_private_id_modulus},
    {"d0_blind_id_generate_private_id_start", (void **) &qd0_blind_id_generate_private_id_start},
    {"d0_blind_id_generate_private_id_request", (void **) &qd0_blind_id_generate_private_id_request},
    //{"d0_blind_id_answer_private_id_request", (void **) &qd0_blind_id_answer_private_id_request},
    {"d0_blind_id_finish_private_id_request", (void **) &qd0_blind_id_finish_private_id_request},
    //{"d0_blind_id_read_private_id_request_camouflage", (void **) &qd0_blind_id_read_private_id_request_camouflage},
    //{"d0_blind_id_write_private_id_request_camouflage", (void **) &qd0_blind_id_write_private_id_request_camouflage},
    {"d0_blind_id_read_private_id", (void **) &qd0_blind_id_read_private_id},
    //{"d0_blind_id_read_public_id", (void **) &qd0_blind_id_read_public_id},
    {"d0_blind_id_write_private_id", (void **) &qd0_blind_id_write_private_id},
    //{"d0_blind_id_write_public_id", (void **) &qd0_blind_id_write_public_id},
    {"d0_blind_id_authenticate_with_private_id_start", (void **) &qd0_blind_id_authenticate_with_private_id_start},
    {"d0_blind_id_authenticate_with_private_id_challenge", (void **) &qd0_blind_id_authenticate_with_private_id_challenge},
    {"d0_blind_id_authenticate_with_private_id_response", (void **) &qd0_blind_id_authenticate_with_private_id_response},
    {"d0_blind_id_authenticate_with_private_id_verify", (void **) &qd0_blind_id_authenticate_with_private_id_verify},
    {"d0_blind_id_fingerprint64_public_id", (void **) &qd0_blind_id_fingerprint64_public_id},
    {"d0_blind_id_sessionkey_public_id", (void **) &qd0_blind_id_sessionkey_public_id},
    {"d0_blind_id_INITIALIZE", (void **) &qd0_blind_id_INITIALIZE},
    {"d0_blind_id_SHUTDOWN", (void **) &qd0_blind_id_SHUTDOWN},
    {"d0_blind_id_util_sha256", (void **) &qd0_blind_id_util_sha256},
    {"d0_blind_id_sign_with_private_id_sign", (void **) &qd0_blind_id_sign_with_private_id_sign},
    {"d0_blind_id_sign_with_private_id_sign_detached", (void **) &qd0_blind_id_sign_with_private_id_sign_detached},
    {"d0_blind_id_setmallocfuncs", (void **) &qd0_blind_id_setmallocfuncs},
    {"d0_blind_id_setmutexfuncs", (void **) &qd0_blind_id_setmutexfuncs},
    {"d0_blind_id_verify_public_id", (void **) &qd0_blind_id_verify_public_id},
    {"d0_blind_id_verify_private_id", (void **) &qd0_blind_id_verify_private_id},
    {NULL, NULL}
};

Referenced by Crypto_OpenLibrary().

◆ d0_rijndael_dll

dllhandle_t d0_rijndael_dll = NULL

static

Definition at line 351 of file crypto.c.

Referenced by Crypto_BuildIdString(), Crypto_ClientParsePacket(), Crypto_Init_Commands(), Crypto_Rijndael_CloseLibrary(), Crypto_Rijndael_OpenLibrary(), and Crypto_ServerParsePacket_Internal().

◆ d0_rijndael_funcs

dllfunction_t d0_rijndael_funcs[]

static

Initial value:

=
{
    {"d0_rijndael_setup_decrypt", (void **) &qd0_rijndael_setup_decrypt},
    {"d0_rijndael_setup_encrypt", (void **) &qd0_rijndael_setup_encrypt},
    {"d0_rijndael_decrypt", (void **) &qd0_rijndael_decrypt},
    {"d0_rijndael_encrypt", (void **) &qd0_rijndael_encrypt},
    {NULL, NULL}
}

Definition at line 341 of file crypto.c.

{
    {"d0_rijndael_setup_decrypt", (void **) &qd0_rijndael_setup_decrypt},
    {"d0_rijndael_setup_encrypt", (void **) &qd0_rijndael_setup_encrypt},
    {"d0_rijndael_decrypt", (void **) &qd0_rijndael_decrypt},
    {"d0_rijndael_encrypt", (void **) &qd0_rijndael_encrypt},
    {NULL, NULL}
};

Referenced by Crypto_Rijndael_OpenLibrary().

◆ keygen_buf

char keygen_buf[8192]

static

Definition at line 491 of file crypto.c.

Referenced by Crypto_KeyGen_f().

◆ keygen_i

int keygen_i = -1

static

Definition at line 490 of file crypto.c.

Referenced by Crypto_KeyGen_f(), Crypto_KeyGen_Finished(), Crypto_LoadKeys(), and Crypto_UnloadKeys().

◆ net_sourceaddresscheck

cvar_t net_sourceaddresscheck

extern

Definition at line 87 of file netconn.c.

87{CF_CLIENT, "net_sourceaddresscheck", "1", "compare the source IP address for replies (more secure, may break some bad multihoming setups"};

Referenced by Crypto_ClientParsePacket(), NetConn_ClientParsePacket(), and NetConn_Init().

◆ pubkeys

d0_blind_id_t* pubkeys[MAX_PUBKEYS]

static

Definition at line 482 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), Crypto_BuildIdString(), Crypto_ClientParsePacket(), Crypto_KeyGen_f(), Crypto_KeyGen_Finished(), Crypto_Keys_f(), Crypto_LoadKeys(), Crypto_RetrieveLocalKey(), Crypto_ServerParsePacket_Internal(), Crypto_SignData(), Crypto_SignDataDetached(), Crypto_StoreHostKey(), and Crypto_UnloadKeys().

◆ pubkeys_fp64

char pubkeys_fp64[MAX_PUBKEYS][FP64_SIZE+1]

static

Definition at line 483 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), Crypto_BuildIdString(), Crypto_ClientParsePacket(), Crypto_HostKeys_f(), Crypto_KeyGen_f(), Crypto_Keys_f(), Crypto_LoadKeys(), Crypto_RetrieveHostKey(), Crypto_RetrieveLocalKey(), Crypto_SavePubKeyTextFile(), Crypto_ServerParsePacket_Internal(), Crypto_StoreHostKey(), and Crypto_UnloadKeys().

◆ pubkeys_havepriv

qbool pubkeys_havepriv[MAX_PUBKEYS]

static

Definition at line 484 of file crypto.c.

Referenced by Crypto_BuildChallengeAppend(), Crypto_ClientParsePacket(), Crypto_KeyGen_f(), Crypto_Keys_f(), Crypto_LoadKeys(), Crypto_RetrieveLocalKey(), Crypto_SavePubKeyTextFile(), Crypto_ServerParsePacket_Internal(), Crypto_SignData(), Crypto_SignDataDetached(), and Crypto_UnloadKeys().

◆ pubkeys_havesig

qbool pubkeys_havesig[MAX_PUBKEYS]

static

Definition at line 485 of file crypto.c.

Referenced by Crypto_BuildIdString(), Crypto_ClientParsePacket(), Crypto_KeyGen_f(), Crypto_KeyGen_Finished(), Crypto_Keys_f(), Crypto_LoadKeys(), Crypto_RetrieveLocalKey(), Crypto_SavePubKeyTextFile(), Crypto_ServerParsePacket_Internal(), and Crypto_UnloadKeys().

◆ pubkeys_priv_fp64

char pubkeys_priv_fp64[MAX_PUBKEYS][FP64_SIZE+1]

static

Definition at line 486 of file crypto.c.

Referenced by Crypto_BuildIdString(), Crypto_ClientParsePacket(), Crypto_KeyGen_f(), Crypto_KeyGen_Finished(), Crypto_Keys_f(), Crypto_LoadKeys(), Crypto_RetrieveLocalKey(), Crypto_SavePubKeyTextFile(), Crypto_ServerParsePacket_Internal(), and Crypto_UnloadKeys().

◆ qd0_blind_id_authenticate_with_private_id_challenge

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_authenticate_with_private_id_challenge) (d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL recv_modulus, const char inbuf, size_t inbuflen, char outbuf, size_t outbuflen, D0_BOOL *status)	(	d0_blind_id_t *	ctx,
		D0_BOOL	is_first,
		D0_BOOL	recv_modulus,
		const char *	inbuf,
		size_t	inbuflen,
		char *	outbuf,
		size_t *	outbuflen,
		D0_BOOL *	status )

static

Definition at line 223 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_authenticate_with_private_id_response

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_authenticate_with_private_id_response) (d0_blind_id_t ctx, const char inbuf, size_t inbuflen, char outbuf, size_t outbuflen)	(	d0_blind_id_t *	ctx,
		const char *	inbuf,
		size_t	inbuflen,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 224 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_authenticate_with_private_id_start

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_authenticate_with_private_id_start) (d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char message, size_t msglen, char outbuf, size_t outbuflen)	(	d0_blind_id_t *	ctx,
		D0_BOOL	is_first,
		D0_BOOL	send_modulus,
		const char *	message,
		size_t	msglen,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 222 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_authenticate_with_private_id_verify

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_authenticate_with_private_id_verify) (d0_blind_id_t ctx, const char inbuf, size_t inbuflen, char msg, size_t msglen, D0_BOOL *status)	(	d0_blind_id_t *	ctx,
		const char *	inbuf,
		size_t	inbuflen,
		char *	msg,
		size_t *	msglen,
		D0_BOOL *	status )

static

Definition at line 225 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_copy

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_copy) (d0_blind_id_t ctx, const d0_blind_id_t src)	(	d0_blind_id_t *	ctx,
		const d0_blind_id_t *	src )

static

Definition at line 201 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_fingerprint64_public_id

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_fingerprint64_public_id) (const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)	(	const d0_blind_id_t *	ctx,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 226 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), Crypto_KeyGen_f(), Crypto_LoadKeys(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_fingerprint64_public_key

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_fingerprint64_public_key) (const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)	(	const d0_blind_id_t *	ctx,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 208 of file crypto.c.

Referenced by Crypto_LoadKeys().

◆ qd0_blind_id_finish_private_id_request

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_finish_private_id_request) (d0_blind_id_t ctx, const char inbuf, size_t inbuflen)	(	d0_blind_id_t *	ctx,
		const char *	inbuf,
		size_t	inbuflen )

static

Definition at line 215 of file crypto.c.

Referenced by Crypto_KeyGen_Finished().

◆ qd0_blind_id_free

D0_EXPORT void(* qd0_blind_id_free) (d0_blind_id_t *a) ( d0_blind_id_t * a )

static

Definition at line 199 of file crypto.c.

Referenced by Crypto_LoadKeys(), Crypto_ReadPublicKey(), and Crypto_UnloadKeys().

◆ qd0_blind_id_generate_private_id_request

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_generate_private_id_request) (d0_blind_id_t ctx, char outbuf, size_t *outbuflen)	(	d0_blind_id_t *	ctx,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 213 of file crypto.c.

Referenced by Crypto_KeyGen_f().

◆ qd0_blind_id_generate_private_id_start

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_generate_private_id_start) (d0_blind_id_t *ctx) ( d0_blind_id_t * ctx )

static

Definition at line 212 of file crypto.c.

Referenced by Crypto_KeyGen_f().

◆ qd0_blind_id_INITIALIZE

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_INITIALIZE) (void) ( void )

static

Definition at line 228 of file crypto.c.

Referenced by Crypto_Init().

◆ qd0_blind_id_new

D0_EXPORT D0_WARN_UNUSED_RESULT d0_blind_id_t *(* qd0_blind_id_new) (void) ( void )

static

Definition at line 198 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), Crypto_ReadPublicKey(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_read_private_id

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_read_private_id) (d0_blind_id_t ctx, const char inbuf, size_t inbuflen)	(	d0_blind_id_t *	ctx,
		const char *	inbuf,
		size_t	inbuflen )

static

Definition at line 218 of file crypto.c.

Referenced by Crypto_AddPrivateKey().

◆ qd0_blind_id_read_private_id_modulus

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_read_private_id_modulus) (d0_blind_id_t ctx, const char inbuf, size_t inbuflen)	(	d0_blind_id_t *	ctx,
		const char *	inbuf,
		size_t	inbuflen )

static

Definition at line 210 of file crypto.c.

Referenced by Crypto_ReadPublicKey().

◆ qd0_blind_id_read_public_key

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_read_public_key) (d0_blind_id_t ctx, const char inbuf, size_t inbuflen)	(	d0_blind_id_t *	ctx,
		const char *	inbuf,
		size_t	inbuflen )

static

Definition at line 205 of file crypto.c.

Referenced by Crypto_ReadPublicKey().

◆ qd0_blind_id_sessionkey_public_id

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_sessionkey_public_id) (const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)	(	const d0_blind_id_t *	ctx,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 227 of file crypto.c.

Referenced by Crypto_ClientParsePacket(), and Crypto_ServerParsePacket_Internal().

◆ qd0_blind_id_setmallocfuncs

D0_EXPORT void(* qd0_blind_id_setmallocfuncs) (d0_malloc_t m, d0_free_t f)	(	d0_malloc_t *	m,
		d0_free_t *	f )

static

Definition at line 233 of file crypto.c.

Referenced by Crypto_Init().

◆ qd0_blind_id_setmutexfuncs

D0_EXPORT void(* qd0_blind_id_setmutexfuncs) (d0_createmutex_t c, d0_destroymutex_t d, d0_lockmutex_t l, d0_unlockmutex_t u)	(	d0_createmutex_t *	c,
		d0_destroymutex_t *	d,
		d0_lockmutex_t *	l,
		d0_unlockmutex_t *	u )

static

Definition at line 234 of file crypto.c.

Referenced by Crypto_Init().

◆ qd0_blind_id_SHUTDOWN

D0_EXPORT void(* qd0_blind_id_SHUTDOWN) (void) ( void )

static

Definition at line 229 of file crypto.c.

Referenced by Crypto_Shutdown().

◆ qd0_blind_id_sign_with_private_id_sign

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_sign_with_private_id_sign) (d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char message, size_t msglen, char outbuf, size_t outbuflen)	(	d0_blind_id_t *	ctx,
		D0_BOOL	is_first,
		D0_BOOL	send_modulus,
		const char *	message,
		size_t	msglen,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 231 of file crypto.c.

Referenced by Crypto_SignData().

◆ qd0_blind_id_sign_with_private_id_sign_detached

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_sign_with_private_id_sign_detached) (d0_blind_id_t ctx, D0_BOOL is_first, D0_BOOL send_modulus, const char message, size_t msglen, char outbuf, size_t outbuflen)	(	d0_blind_id_t *	ctx,
		D0_BOOL	is_first,
		D0_BOOL	send_modulus,
		const char *	message,
		size_t	msglen,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 232 of file crypto.c.

Referenced by Crypto_SignDataDetached().

◆ qd0_blind_id_util_sha256

D0_EXPORT void(* qd0_blind_id_util_sha256) (char out, const char in, size_t n)	(	char *	out,
		const char *	in,
		size_t	n )

static

Definition at line 230 of file crypto.c.

Referenced by sha256().

◆ qd0_blind_id_verify_private_id

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_verify_private_id) (const d0_blind_id_t *ctx) ( const d0_blind_id_t * ctx )

static

Definition at line 236 of file crypto.c.

Referenced by Crypto_KeyGen_f(), and Crypto_LoadKeys().

◆ qd0_blind_id_verify_public_id

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_verify_public_id) (const d0_blind_id_t ctx, D0_BOOL status)	(	const d0_blind_id_t *	ctx,
		D0_BOOL *	status )

static

Definition at line 235 of file crypto.c.

Referenced by Crypto_KeyGen_Finished(), and Crypto_LoadKeys().

◆ qd0_blind_id_write_private_id

D0_EXPORT D0_WARN_UNUSED_RESULT D0_BOOL(* qd0_blind_id_write_private_id) (const d0_blind_id_t ctx, char outbuf, size_t *outbuflen)	(	const d0_blind_id_t *	ctx,
		char *	outbuf,
		size_t *	outbuflen )

static

Definition at line 220 of file crypto.c.

Referenced by Crypto_KeyGen_f(), and Crypto_KeyGen_Finished().

◆ qd0_rijndael_decrypt

D0_EXPORT void(* qd0_rijndael_decrypt) (const unsigned long *rk, int nrounds, const unsigned char ciphertext[16], unsigned char plaintext[16])	(	const unsigned long *	rk,
		int	nrounds,
		const unsigned char	ciphertext[16],
		unsigned char	plaintext[16] )

Definition at line 336 of file crypto.c.

Referenced by seacpy().

◆ qd0_rijndael_encrypt

D0_EXPORT void(* qd0_rijndael_encrypt) (const unsigned long *rk, int nrounds, const unsigned char plaintext[16], unsigned char ciphertext[16])	(	const unsigned long *	rk,
		int	nrounds,
		const unsigned char	plaintext[16],
		unsigned char	ciphertext[16] )

Definition at line 334 of file crypto.c.

Referenced by aescpy().

◆ qd0_rijndael_setup_decrypt

D0_EXPORT int(* qd0_rijndael_setup_decrypt) (unsigned long rk, const unsigned char key, int keybits)	(	unsigned long *	rk,
		const unsigned char *	key,
		int	keybits )

Definition at line 332 of file crypto.c.

Referenced by seacpy().

◆ qd0_rijndael_setup_encrypt

D0_EXPORT int(* qd0_rijndael_setup_encrypt) (unsigned long rk, const unsigned char key, int keybits)	(	unsigned long *	rk,
		const unsigned char *	key,
		int	keybits )

Definition at line 330 of file crypto.c.

Referenced by aescpy().

Data Structures

Macros

Typedefs

Functions

Variables

Macro Definition Documentation

◆ CDATA

◆ CLEAR_CDATA

◆ CRYPTOCONNECT_CONNECT

◆ CRYPTOCONNECT_DUPLICATE

◆ CRYPTOCONNECT_NONE

◆ CRYPTOCONNECT_PRECONNECT

◆ CRYPTOCONNECT_RECONNECT

◆ D0_BOOL

◆ D0_EXPORT

◆ D0_RIJNDAEL_KEYLENGTH

◆ D0_RIJNDAEL_NROUNDS

◆ D0_RIJNDAEL_RKLENGTH

◆ D0_WARN_UNUSED_RESULT

◆ FOURCC_D0ER

◆ FOURCC_D0IC

◆ FOURCC_D0IQ

◆ FOURCC_D0IR

◆ FOURCC_D0PI

◆ FOURCC_D0PK

◆ FOURCC_D0SI

◆ FOURCC_D0SK

◆ MAKE_CDATA

◆ MAX_CRYPTOCONNECTS

◆ MAX_PUBKEYS

◆ PROTOCOL_D0_BLIND_ID

◆ PROTOCOL_VLEN

◆ USE_AES

Typedef Documentation

◆ d0_blind_id_t

◆ d0_createmutex_t

◆ d0_destroymutex_t

◆ d0_fastreject_function

◆ d0_free_t

◆ d0_lockmutex_t

◆ d0_malloc_t

◆ d0_unlockmutex_t

Function Documentation

◆ aescpy()

◆ Crypto_AddPrivateKey()

◆ Crypto_Available()

◆ Crypto_BuildChallengeAppend()

◆ Crypto_BuildIdString()

◆ Crypto_ClearHostKey()

◆ Crypto_ClearHostKeys()

◆ Crypto_ClientError()

◆ Crypto_ClientParsePacket()

◆ Crypto_CloseLibrary()

◆ Crypto_d0_createmutex()

◆ Crypto_d0_destroymutex()

◆ Crypto_d0_free()

◆ Crypto_d0_lockmutex()

◆ Crypto_d0_malloc()

◆ Crypto_d0_unlockmutex()

◆ Crypto_DecryptPacket()

◆ Crypto_EncryptPacket()

◆ Crypto_FinishInstance()

◆ Crypto_GetInfoResponseDataString()

◆ Crypto_HostKey_Clear_f()

◆ Crypto_HostKeys_f()

◆ Crypto_Init()

◆ Crypto_Init_Commands()

◆ Crypto_InitHostKeys()

◆ Crypto_KeyGen_f()

◆ Crypto_KeyGen_Finished()

◆ Crypto_Keys_f()

◆ Crypto_LittleLong()

◆ Crypto_LoadFile()

◆ Crypto_LoadKeys()

◆ Crypto_OpenLibrary()

◆ Crypto_ParsePack()

◆ Crypto_ReadPublicKey()

◆ Crypto_Reload_f()

◆ Crypto_RetrieveHostKey()

◆ Crypto_RetrieveLocalKey()