diff options
author | irungentoo <irungentoo@gmail.com> | 2015-04-18 13:13:29 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2015-04-18 13:13:29 -0400 |
commit | b4fc0809a7b42ba5d104793e909aecf85951f100 (patch) | |
tree | 0e56a65760b37fc5f2323df512f8d21818e1e0c6 | |
parent | 453548f18149594af977dc63c8a1924d8a6bb2e6 (diff) |
The only secure compare function currently needed is one to compare 2 public keys.
-rw-r--r-- | toxcore/crypto_core.c | 22 | ||||
-rw-r--r-- | toxcore/crypto_core.h | 4 | ||||
-rw-r--r-- | toxcore/net_crypto.c | 2 |
3 files changed, 9 insertions, 19 deletions
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index a364084a..418edcad 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
@@ -29,26 +29,16 @@ | |||
29 | 29 | ||
30 | #include "crypto_core.h" | 30 | #include "crypto_core.h" |
31 | 31 | ||
32 | #if crypto_box_PUBLICKEYBYTES != 32 | ||
33 | #error crypto_box_PUBLICKEYBYTES is required to be 32 bytes for public_key_cmp to work, | ||
34 | #endif | ||
32 | 35 | ||
33 | /* Use this instead of memcmp; not vulnerable to timing attacks. | 36 | /* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. |
34 | returns 0 if both mem locations of length are equal, | 37 | returns 0 if both mem locations of length are equal, |
35 | return -1 if they are not. */ | 38 | return -1 if they are not. */ |
36 | int crypto_cmp(const uint8_t *mem1, const uint8_t *mem2, size_t length) | 39 | int public_key_cmp(const uint8_t *pk1, const uint8_t *pk2) |
37 | { | 40 | { |
38 | if (length == 16) { | 41 | return crypto_verify_32(pk1, pk2); |
39 | return crypto_verify_16(mem1, mem2); | ||
40 | } else if (length == 32) { | ||
41 | return crypto_verify_32(mem1, mem2); | ||
42 | } | ||
43 | |||
44 | unsigned int check = 0; | ||
45 | size_t i; | ||
46 | |||
47 | for (i = 0; i < length; ++i) { | ||
48 | check |= mem1[i] ^ mem2[i]; | ||
49 | } | ||
50 | |||
51 | return (1 & ((check - 1) >> 8)) - 1; | ||
52 | } | 42 | } |
53 | 43 | ||
54 | /* return a random number. | 44 | /* return a random number. |
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index decc7fb9..d7306a8a 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h | |||
@@ -40,10 +40,10 @@ | |||
40 | 40 | ||
41 | #define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) | 41 | #define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) |
42 | 42 | ||
43 | /* Use this instead of memcmp; not vulnerable to timing attacks. | 43 | /* compare 2 public keys of length crypto_box_PUBLICKEYBYTES, not vulnerable to timing attacks. |
44 | returns 0 if both mem locations of length are equal, | 44 | returns 0 if both mem locations of length are equal, |
45 | return -1 if they are not. */ | 45 | return -1 if they are not. */ |
46 | int crypto_cmp(const uint8_t *mem1, const uint8_t *mem2, size_t length); | 46 | int public_key_cmp(const uint8_t *pk1, const uint8_t *pk2); |
47 | 47 | ||
48 | /* return a random number. | 48 | /* return a random number. |
49 | * | 49 | * |
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index bd9969f5..38fd85b7 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -341,7 +341,7 @@ static int handle_crypto_handshake(const Net_Crypto *c, uint8_t *nonce, uint8_t | |||
341 | return -1; | 341 | return -1; |
342 | 342 | ||
343 | if (expected_real_pk) | 343 | if (expected_real_pk) |
344 | if (crypto_cmp(cookie_plain, expected_real_pk, crypto_box_PUBLICKEYBYTES) != 0) | 344 | if (public_key_cmp(cookie_plain, expected_real_pk) != 0) |
345 | return -1; | 345 | return -1; |
346 | 346 | ||
347 | uint8_t cookie_hash[crypto_hash_sha512_BYTES]; | 347 | uint8_t cookie_hash[crypto_hash_sha512_BYTES]; |