From 19a4b1e443f015e38d04decbe8e042acb17d8ae8 Mon Sep 17 00:00:00 2001
From: irungentoo <irungentoo@gmail.com>
Date: Thu, 1 May 2014 08:06:24 -0400
Subject: [PATCH] Improved the crypto_cmp function.

It now uses the NaCl functions when the length is appropriate.

Moved crypto defines to crypto_core.h
---
 toxcore/crypto_core.c | 25 ++++++++++---------------
 toxcore/crypto_core.h | 18 +++++++++++++++---
 toxcore/network.h     | 13 -------------
 3 files changed, 25 insertions(+), 31 deletions(-)

diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c
index 6e8b747a..3f3e7b48 100644
--- a/toxcore/crypto_core.c
+++ b/toxcore/crypto_core.c
@@ -29,30 +29,25 @@
 
 #include "crypto_core.h"
 
-/* Use this instead of memcmp; not vulnerable to timing attacks. */
-uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
-{
-    uint8_t check = 0;
-    uint32_t i;
-
-    for (i = 0; i < length; ++i) {
-        check |= mem[i];
-    }
-
-    return check; // We return zero if mem is made out of zeroes.
-}
 
 /* Use this instead of memcmp; not vulnerable to timing attacks.
-   returns 0 if both mem locations of length are equal. */
+   returns 0 if both mem locations of length are equal,
+   return -1 if they are not. */
 unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length)
 {
-    unsigned int i, check = 0;;
+    if (length == 16) {
+        return crypto_verify_16(mem1, mem2);
+    } else if (length == 32) {
+        return crypto_verify_32(mem1, mem2);
+    }
+
+    unsigned int i, check = 0;
 
     for (i = 0; i < length; ++i) {
         check |= mem1[i] ^ mem2[i];
     }
 
-    return check;
+    return (1 & ((check - 1) >> 8)) - 1;
 }
 
 /* Precomputes the shared key from their public_key and our secret_key.
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h
index 1fca8078..7ee5f59e 100644
--- a/toxcore/crypto_core.h
+++ b/toxcore/crypto_core.h
@@ -25,12 +25,24 @@
 
 #include "network.h"
 
+#ifndef VANILLA_NACL
+/* We use libsodium by default. */
+#include <sodium.h>
+#else
+#include <crypto_box.h>
+#include <randombytes.h>
+#include <crypto_hash_sha256.h>
+#include <crypto_hash_sha512.h>
+#include <crypto_verify_16.h>
+#include <crypto_verify_32.h>
+#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
+#endif
 
-/* return zero if the buffer contains only zeros. */
-uint8_t crypto_iszero(uint8_t *buffer, uint32_t blen);
+#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)
 
 /* Use this instead of memcmp; not vulnerable to timing attacks.
-   returns 0 if both mem locations of length are equal. */
+   returns 0 if both mem locations of length are equal,
+   return -1 if they are not. */
 unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length);
 
 /* Encrypts plain of length length to encrypted of length + 16 using the
diff --git a/toxcore/network.h b/toxcore/network.h
index 21e225a0..d19f144c 100644
--- a/toxcore/network.h
+++ b/toxcore/network.h
@@ -97,19 +97,6 @@ typedef int sock_t;
 #endif
 #endif
 
-#ifndef VANILLA_NACL
-/* We use libsodium by default. */
-#include <sodium.h>
-#else
-#include <crypto_box.h>
-#include <randombytes.h>
-#include <crypto_hash_sha256.h>
-#include <crypto_hash_sha512.h>
-#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
-#endif
-
-#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)
-
 #ifndef IPV6_ADD_MEMBERSHIP
 #ifdef  IPV6_JOIN_GROUP
 #define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP