Improved the crypto_cmp function.

It now uses the NaCl functions when the length is appropriate. Moved crypto defines to crypto_core.h
2024-03-22 13:30:51 +08:00 · 2014-05-01 08:06:24 -04:00 · 2014-05-01 08:06:24 -04:00 · 19a4b1e443
commit 19a4b1e443
parent 509edb983f
3 changed files with 25 additions and 31 deletions
--- a/toxcore/crypto_core.c
+++ b/toxcore/crypto_core.c
@ -29,30 +29,25 @@

 #include "crypto_core.h"

-/* Use this instead of memcmp; not vulnerable to timing attacks. */
-uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
-{
-    uint8_t check = 0;
-    uint32_t i;
-
-    for (i = 0; i < length; ++i) {
-        check |= mem[i];
-    }
-
-    return check; // We return zero if mem is made out of zeroes.
-}

 /* Use this instead of memcmp; not vulnerable to timing attacks.
-   returns 0 if both mem locations of length are equal. */
+   returns 0 if both mem locations of length are equal,
+   return -1 if they are not. */
 unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length)
 {
-    unsigned int i, check = 0;;
+    if (length == 16) {
+        return crypto_verify_16(mem1, mem2);
+    } else if (length == 32) {
+        return crypto_verify_32(mem1, mem2);
+    }
+
+    unsigned int i, check = 0;

    for (i = 0; i < length; ++i) {
        check |= mem1[i] ^ mem2[i];
    }

-    return check;
+    return (1 & ((check - 1) >> 8)) - 1;
 }

 /* Precomputes the shared key from their public_key and our secret_key.
--- a/toxcore/crypto_core.h
+++ b/toxcore/crypto_core.h
@ -25,12 +25,24 @@

 #include "network.h"

+#ifndef VANILLA_NACL
+/* We use libsodium by default. */
+#include <sodium.h>
+#else
+#include <crypto_box.h>
+#include <randombytes.h>
+#include <crypto_hash_sha256.h>
+#include <crypto_hash_sha512.h>
+#include <crypto_verify_16.h>
+#include <crypto_verify_32.h>
+#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
+#endif

-/* return zero if the buffer contains only zeros. */
-uint8_t crypto_iszero(uint8_t *buffer, uint32_t blen);
+#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)

 /* Use this instead of memcmp; not vulnerable to timing attacks.
-   returns 0 if both mem locations of length are equal. */
+   returns 0 if both mem locations of length are equal,
+   return -1 if they are not. */
 unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length);

 /* Encrypts plain of length length to encrypted of length + 16 using the
--- a/toxcore/network.h
+++ b/toxcore/network.h
@ -97,19 +97,6 @@ typedef int sock_t;
 #endif
 #endif

-#ifndef VANILLA_NACL
-/* We use libsodium by default. */
-#include <sodium.h>
-#else
-#include <crypto_box.h>
-#include <randombytes.h>
-#include <crypto_hash_sha256.h>
-#include <crypto_hash_sha512.h>
-#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
-#endif
-
-#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)
-
 #ifndef IPV6_ADD_MEMBERSHIP
 #ifdef  IPV6_JOIN_GROUP
 #define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP