Improved the crypto_cmp function.

It now uses the NaCl functions when the length is appropriate. Moved crypto defines to crypto_core.h
author: irungentoo <irungentoo@gmail.com> 2014-05-01 08:06:24 -0400
committer: irungentoo <irungentoo@gmail.com> 2014-05-01 08:06:24 -0400
commit: 19a4b1e443f015e38d04decbe8e042acb17d8ae8 (patch)
tree: 6c9a662a90349bcb8155542e8a8a9e1deff80be5 /toxcore
parent: 509edb983f384ea62191f1c68129b3942e55fa65 (diff)
3 files changed, 25 insertions, 31 deletions
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c
index 6e8b747a..3f3e7b48 100644
--- a/toxcore/crypto_core.c
+++ b/toxcore/crypto_core.c
@@ -29,30 +29,25 @@
 #include "crypto_core.h"
-/* Use this instead of memcmp; not vulnerable to timing attacks. */
-uint8_t crypto_iszero(uint8_t *mem, uint32_t length)
-{
-    uint8_t check = 0;
-    uint32_t i;
-    for (i = 0; i < length; ++i) {
-        check |= mem[i];
-    }
-    return check; // We return zero if mem is made out of zeroes.
-}
 /* Use this instead of memcmp; not vulnerable to timing attacks.
-   returns 0 if both mem locations of length are equal. */
+   returns 0 if both mem locations of length are equal,
+   return -1 if they are not. */
 unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length)
 {
-    unsigned int i, check = 0;;
+    if (length == 16) {
+        return crypto_verify_16(mem1, mem2);
+    } else if (length == 32) {
+        return crypto_verify_32(mem1, mem2);
+    }
+    unsigned int i, check = 0;
    for (i = 0; i < length; ++i) {
        check |= mem1[i] ^ mem2[i];
    }
-    return check;
+    return (1 & ((check - 1) >> 8)) - 1;
 }
 /* Precomputes the shared key from their public_key and our secret_key.
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h
index 1fca8078..7ee5f59e 100644
--- a/toxcore/crypto_core.h
+++ b/toxcore/crypto_core.h
@@ -25,12 +25,24 @@
 #include "network.h"
+#ifndef VANILLA_NACL
+/* We use libsodium by default. */
+#include <sodium.h>
+#else
+#include <crypto_box.h>
+#include <randombytes.h>
+#include <crypto_hash_sha256.h>
+#include <crypto_hash_sha512.h>
+#include <crypto_verify_16.h>
+#include <crypto_verify_32.h>
+#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
+#endif
-/* return zero if the buffer contains only zeros. */
+#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)
-uint8_t crypto_iszero(uint8_t *buffer, uint32_t blen);
 /* Use this instead of memcmp; not vulnerable to timing attacks.
-   returns 0 if both mem locations of length are equal. */
+   returns 0 if both mem locations of length are equal,
+   return -1 if they are not. */
 unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length);
 /* Encrypts plain of length length to encrypted of length + 16 using the
diff --git a/toxcore/network.h b/toxcore/network.h
index 21e225a0..d19f144c 100644
--- a/toxcore/network.h
+++ b/toxcore/network.h
@@ -97,19 +97,6 @@ typedef int sock_t;
 #endif
 #endif
-#ifndef VANILLA_NACL
-/* We use libsodium by default. */
-#include <sodium.h>
-#else
-#include <crypto_box.h>
-#include <randombytes.h>
-#include <crypto_hash_sha256.h>
-#include <crypto_hash_sha512.h>
-#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
-#endif
-#define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES)
 #ifndef IPV6_ADD_MEMBERSHIP
 #ifdef  IPV6_JOIN_GROUP
 #define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP
author	irungentoo <irungentoo@gmail.com>	2014-05-01 08:06:24 -0400
committer	irungentoo <irungentoo@gmail.com>	2014-05-01 08:06:24 -0400
commit	19a4b1e443f015e38d04decbe8e042acb17d8ae8 (patch)
tree	6c9a662a90349bcb8155542e8a8a9e1deff80be5 /toxcore
parent	509edb983f384ea62191f1c68129b3942e55fa65 (diff)