Skip to content

Commit

Permalink
format code
Browse files Browse the repository at this point in the history
  • Loading branch information
@cofyc
cofyc committed Nov 27, 2013
1 parent d309ca4 commit 6c51ac3
Show file tree
Hide file tree
Showing 18 changed files with 446 additions and 354 deletions.
5 changes: 4 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,9 @@ all:: dnscrypt-wrapper

### Misc rules

fmt:
./format.sh

install: all
install -p -m 755 dnscrypt-wrapper $(BINDIR)

Expand All @@ -196,4 +199,4 @@ clean:
$(RM) dnscrypt-wrapper
$(RM) $(LIB_OBJS)

.PHONY: all install uninstall clean FORCE
.PHONY: all install uninstall clean FORCE fmt
41 changes: 29 additions & 12 deletions cert.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,13 @@ cert_build_cert(const uint8_t *crypt_publickey)
signed_cert->version_minor[0] = 0;
signed_cert->version_minor[1] = 0;

memcpy(signed_cert->server_publickey, crypt_publickey, crypto_box_PUBLICKEYBYTES);
memcpy(signed_cert->magic_query, CERT_MAGIC_HEADER, sizeof(signed_cert->magic_query));
memcpy(signed_cert->server_publickey, crypt_publickey,
crypto_box_PUBLICKEYBYTES);
memcpy(signed_cert->magic_query, CERT_MAGIC_HEADER,
sizeof(signed_cert->magic_query));
memcpy(signed_cert->serial, "0001", 4);
uint32_t ts_begin = (uint32_t)time(NULL);
uint32_t ts_end = ts_begin + 365*24*3600;
uint32_t ts_end = ts_begin + 365 * 24 * 3600;
ts_begin = htonl(ts_begin);
ts_end = htonl(ts_end);
memcpy(signed_cert->ts_begin, &ts_begin, 4);
Expand All @@ -31,8 +33,15 @@ int
cert_sign(struct SignedCert *signed_cert, const uint8_t *provider_secretkey)
{
size_t crypted_signed_data_len = 0;
size_t signed_data_len = sizeof(struct SignedCert) - offsetof(struct SignedCert, server_publickey) - sizeof(signed_cert->end);
if (crypto_sign_ed25519(signed_cert->server_publickey, (unsigned long long *)&crypted_signed_data_len, signed_cert->server_publickey, signed_data_len, provider_secretkey) != 0) {
size_t signed_data_len =
sizeof(struct SignedCert) - offsetof(struct SignedCert,
server_publickey) -
sizeof(signed_cert->end);
if (crypto_sign_ed25519
(signed_cert->server_publickey,
(unsigned long long *)&crypted_signed_data_len,
signed_cert->server_publickey, signed_data_len,
provider_secretkey) != 0) {
return -1;
}
return 0;
Expand All @@ -42,8 +51,15 @@ int
cert_unsign(struct SignedCert *signed_cert, const uint8_t *provider_secretkey)
{
size_t crypted_signed_data_len = 0;
size_t signed_data_len = sizeof(struct SignedCert) - offsetof(struct SignedCert, server_publickey) - sizeof(signed_cert->end);
if (crypto_sign_ed25519_open(signed_cert->server_publickey, (unsigned long long *)&crypted_signed_data_len, signed_cert->server_publickey, signed_data_len, provider_secretkey) != 0) {
size_t signed_data_len =
sizeof(struct SignedCert) - offsetof(struct SignedCert,
server_publickey) -
sizeof(signed_cert->end);
if (crypto_sign_ed25519_open
(signed_cert->server_publickey,
(unsigned long long *)&crypted_signed_data_len,
signed_cert->server_publickey, signed_data_len,
provider_secretkey) != 0) {
return -1;
}
return 0;
Expand All @@ -53,12 +69,13 @@ void
cert_display_txt_record_tinydns(struct SignedCert *signed_cert)
{
size_t i = (size_t) 0U;
int c;
int c;

fputs("'2.dnscrypt-cert:", stdout);
while (i < sizeof(struct SignedCert)) {
c = (int) *(signed_cert->magic_cert + i);
if (isprint(c) && c != ':' && c != '\\' && c != '&' && c != '<' && c != '>') {
c = (int)*(signed_cert->magic_cert + i);
if (isprint(c) && c != ':' && c != '\\' && c != '&' && c != '<'
&& c != '>') {
putchar(c);
} else {
printf("\\%03o", c);
Expand All @@ -72,11 +89,11 @@ void
cert_display_txt_record(struct SignedCert *signed_cert)
{
size_t i = (size_t) 0U;
int c;
int c;

fputs("2.dnscrypt-cert\t86400\tIN\tTXT\t\"", stdout);
while (i < sizeof(struct SignedCert)) {
c = (int) *(signed_cert->magic_cert + i);
c = (int)*(signed_cert->magic_cert + i);
if (isprint(c) && c != '"' && c != '\\') {
putchar(c);
} else {
Expand Down
6 changes: 4 additions & 2 deletions cert.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,10 @@ struct SignedCert {
};

struct SignedCert *cert_build_cert(const uint8_t *crypt_publickey);
int cert_sign(struct SignedCert *signed_cert, const uint8_t *provider_secretkey);
int cert_unsign(struct SignedCert *signed_cert, const uint8_t *provider_secretkey);
int cert_sign(struct SignedCert *signed_cert,
const uint8_t *provider_secretkey);
int cert_unsign(struct SignedCert *signed_cert,
const uint8_t *provider_secretkey);
void cert_display_txt_record_tinydns(struct SignedCert *signed_cert);
void cert_display_txt_record(struct SignedCert *signed_cert);

Expand Down
82 changes: 47 additions & 35 deletions dnscrypt.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
int
dnscrypt_cmp_client_nonce(const uint8_t
client_nonce[crypto_box_HALF_NONCEBYTES],
const uint8_t * const buf, const size_t len)
const uint8_t *const buf, const size_t len)
{
const size_t client_nonce_offset = sizeof(DNSCRYPT_MAGIC_RESPONSE) - 1;

Expand All @@ -20,23 +20,23 @@ uint64_t
dnscrypt_hrtime(void)
{
struct timeval tv;
uint64_t ts = (uint64_t) 0U;
int ret;
uint64_t ts = (uint64_t)0U;
int ret;

ret = evutil_gettimeofday(&tv, NULL);
assert(ret == 0);
if (ret == 0) {
ts = (uint64_t) tv.tv_sec * 1000000U + (uint64_t) tv.tv_usec;
ts = (uint64_t)tv.tv_sec * 1000000U + (uint64_t)tv.tv_usec;
}
return ts;
}

void
dnscrypt_key_to_fingerprint(char fingerprint[80U], const uint8_t * const key)
dnscrypt_key_to_fingerprint(char fingerprint[80U], const uint8_t *const key)
{
const size_t fingerprint_size = 80U;
size_t fingerprint_pos = (size_t) 0U;
size_t key_pos = (size_t) 0U;
size_t fingerprint_pos = (size_t) 0U;
size_t key_pos = (size_t) 0U;

COMPILER_ASSERT(crypto_box_PUBLICKEYBYTES == 32U);
COMPILER_ASSERT(crypto_box_SECRETKEYBYTES == 32U);
Expand All @@ -56,8 +56,8 @@ dnscrypt_key_to_fingerprint(char fingerprint[80U], const uint8_t * const key)

static int
_dnscrypt_parse_char(uint8_t key[crypto_box_PUBLICKEYBYTES],
size_t * const key_pos_p, int * const state_p,
const int c, uint8_t * const val_p)
size_t * const key_pos_p, int *const state_p,
const int c, uint8_t *const val_p)
{
uint8_t c_val;

Expand All @@ -74,7 +74,7 @@ _dnscrypt_parse_char(uint8_t key[crypto_box_PUBLICKEYBYTES],
if (!isxdigit(c)) {
return -1;
}
c_val = (uint8_t) ((c >= '0' && c <= '9') ? c - '0' : c - 'a' + 10);
c_val = (uint8_t)((c >= '0' && c <= '9') ? c - '0' : c - 'a' + 10);
assert(c_val < 16U);
if (*state_p == 0) {
*val_p = c_val * 16U;
Expand All @@ -97,20 +97,20 @@ _dnscrypt_parse_char(uint8_t key[crypto_box_PUBLICKEYBYTES],
}

int
dnscrypt_fingerprint_to_key(const char * const fingerprint,
dnscrypt_fingerprint_to_key(const char *const fingerprint,
uint8_t key[crypto_box_PUBLICKEYBYTES])
{
const char *p = fingerprint;
size_t key_pos = (size_t) 0U;
int c;
int ret;
int state = 0;
uint8_t val = 0U;
size_t key_pos = (size_t) 0U;
int c;
int ret;
int state = 0;
uint8_t val = 0U;

if (fingerprint == NULL) {
return -1;
}
while ((c = tolower((int) (unsigned char) *p)) != 0) {
while ((c = tolower((int)(unsigned char)*p)) != 0) {
ret = _dnscrypt_parse_char(key, &key_pos, &state, c, &val);
if (ret <= 0) {
return ret;
Expand All @@ -132,8 +132,8 @@ dnscrypt_fingerprint_to_key(const char * const fingerprint,
* @return the new size, after padding
*/
size_t
dnscrypt_pad(uint8_t *buf, const size_t len, const size_t max_len, const uint8_t *nonce,
const uint8_t *secretkey)
dnscrypt_pad(uint8_t *buf, const size_t len, const size_t max_len,
const uint8_t *nonce, const uint8_t *secretkey)
{
uint8_t *buf_padding_area = buf + len;
size_t padded_len;
Expand All @@ -145,8 +145,11 @@ dnscrypt_pad(uint8_t *buf, const size_t len, const size_t max_len, const uint8_t

assert(nonce[crypto_box_HALF_NONCEBYTES] == nonce[0]);

crypto_stream((unsigned char*)&rnd, (unsigned long long)sizeof(rnd), nonce, secretkey);
padded_len = len + DNSCRYPT_MIN_PAD_LEN + rnd % (max_len - len - DNSCRYPT_MIN_PAD_LEN + 1);
crypto_stream((unsigned char *)&rnd, (unsigned long long)sizeof(rnd), nonce,
secretkey);
padded_len =
len + DNSCRYPT_MIN_PAD_LEN + rnd % (max_len - len -
DNSCRYPT_MIN_PAD_LEN + 1);
padded_len += DNSCRYPT_BLOCK_SIZE - padded_len % DNSCRYPT_BLOCK_SIZE;
if (padded_len > max_len)
padded_len = max_len;
Expand All @@ -169,15 +172,16 @@ int
dnscrypt_server_uncurve(struct context *c,
uint8_t client_nonce[crypto_box_HALF_NONCEBYTES],
uint8_t nmkey[crypto_box_BEFORENMBYTES],
uint8_t * const buf, size_t * const lenp)
uint8_t *const buf, size_t * const lenp)
{
size_t len = *lenp;

if (len <= DNSCRYPT_QUERY_HEADER_SIZE) {
return -1;
}

struct dnscrypt_query_header *query_header = (struct dnscrypt_query_header *)buf;
struct dnscrypt_query_header *query_header =
(struct dnscrypt_query_header *)buf;
memcpy(nmkey, query_header->publickey, crypto_box_PUBLICKEYBYTES);
if (crypto_box_beforenm(nmkey, nmkey, c->crypt_secretkey) != 0) {
return -1;
Expand All @@ -187,13 +191,13 @@ dnscrypt_server_uncurve(struct context *c,
memcpy(nonce, query_header->nonce, crypto_box_HALF_NONCEBYTES);
memset(nonce + crypto_box_HALF_NONCEBYTES, 0, crypto_box_HALF_NONCEBYTES);

memset(buf + DNSCRYPT_QUERY_BOX_OFFSET - crypto_box_BOXZEROBYTES, 0, crypto_box_BOXZEROBYTES);
if (crypto_box_open_afternm(
buf + DNSCRYPT_QUERY_BOX_OFFSET - crypto_box_BOXZEROBYTES,
buf + DNSCRYPT_QUERY_BOX_OFFSET - crypto_box_BOXZEROBYTES,
len - DNSCRYPT_QUERY_BOX_OFFSET + crypto_box_BOXZEROBYTES,
nonce,
nmkey) != 0) {
memset(buf + DNSCRYPT_QUERY_BOX_OFFSET - crypto_box_BOXZEROBYTES, 0,
crypto_box_BOXZEROBYTES);
if (crypto_box_open_afternm
(buf + DNSCRYPT_QUERY_BOX_OFFSET - crypto_box_BOXZEROBYTES,
buf + DNSCRYPT_QUERY_BOX_OFFSET - crypto_box_BOXZEROBYTES,
len - DNSCRYPT_QUERY_BOX_OFFSET + crypto_box_BOXZEROBYTES, nonce,
nmkey) != 0) {
return -1;
}

Expand Down Expand Up @@ -223,7 +227,8 @@ add_server_nonce(struct context *c, uint8_t *nonce)
c->nonce_ts_last = ts;
tsn = (ts << 10) | (randombytes_random() & 0x3ff);
#if (BYTE_ORDER == LITTLE_ENDIAN)
tsn = (((uint64_t)htonl((uint32_t)tsn)) << 32) | htonl((uint32_t)(tsn >> 32));
tsn =
(((uint64_t)htonl((uint32_t)tsn)) << 32) | htonl((uint32_t)(tsn >> 32));
#endif
memcpy(nonce + crypto_box_HALF_NONCEBYTES, &tsn, 8);
suffix = randombytes_random();
Expand All @@ -242,24 +247,31 @@ int
dnscrypt_server_curve(struct context *c,
uint8_t client_nonce[crypto_box_HALF_NONCEBYTES],
uint8_t nmkey[crypto_box_BEFORENMBYTES],
uint8_t * const buf, size_t * const lenp, const size_t max_len)
uint8_t *const buf, size_t * const lenp,
const size_t max_len)
{
uint8_t nonce[crypto_box_NONCEBYTES];
uint8_t *boxed;
size_t len = *lenp;

memcpy(nonce, client_nonce, crypto_box_HALF_NONCEBYTES);
memcpy(nonce + crypto_box_HALF_NONCEBYTES, client_nonce, crypto_box_HALF_NONCEBYTES);
memcpy(nonce + crypto_box_HALF_NONCEBYTES, client_nonce,
crypto_box_HALF_NONCEBYTES);

boxed = buf + DNSCRYPT_REPLY_BOX_OFFSET;
memmove(boxed + crypto_box_MACBYTES, buf, len);
len = dnscrypt_pad(boxed + crypto_box_MACBYTES, len, max_len - DNSCRYPT_REPLY_HEADER_SIZE, nonce, c->crypt_secretkey);
len =
dnscrypt_pad(boxed + crypto_box_MACBYTES, len,
max_len - DNSCRYPT_REPLY_HEADER_SIZE, nonce,
c->crypt_secretkey);
memset(boxed - crypto_box_BOXZEROBYTES, 0, crypto_box_ZEROBYTES);

// add server nonce extension
add_server_nonce(c, nonce);

if (crypto_box_afternm(boxed - crypto_box_BOXZEROBYTES, boxed - crypto_box_BOXZEROBYTES, len + crypto_box_ZEROBYTES, nonce, nmkey) != 0) {
if (crypto_box_afternm
(boxed - crypto_box_BOXZEROBYTES, boxed - crypto_box_BOXZEROBYTES,
len + crypto_box_ZEROBYTES, nonce, nmkey) != 0) {
return -1;
}

Expand Down
Loading

0 comments on commit 6c51ac3

Please sign in to comment.