diff options
author | Roman Proskuryakov <humbug@deeptown.org> | 2016-01-24 19:16:40 +0300 |
---|---|---|
committer | Roman Proskuryakov <humbug@deeptown.org> | 2016-01-27 02:14:59 +0300 |
commit | ed3a794c9bf6380801ee21c816505f457b6a1348 (patch) | |
tree | 14e1b8fa1c8c1b7f45b08bae5e0b6169054c3751 /toxcore | |
parent | 61f8e65c0157049ac26bf9b081ba6842d7defdeb (diff) |
fix: compare sensitive data with sodium_memcmp
fix: make increment_nonce & increment_nonce_number independent of user-controlled input
fix: make crypto_core more stable agains null ptr dereference
Diffstat (limited to 'toxcore')
-rw-r--r-- | toxcore/DHT.c | 16 | ||||
-rw-r--r-- | toxcore/Messenger.c | 2 | ||||
-rw-r--r-- | toxcore/TCP_connection.c | 6 | ||||
-rw-r--r-- | toxcore/TCP_server.c | 6 | ||||
-rw-r--r-- | toxcore/crypto_core.c | 95 | ||||
-rw-r--r-- | toxcore/crypto_core.h | 2 | ||||
-rw-r--r-- | toxcore/friend_connection.c | 10 | ||||
-rw-r--r-- | toxcore/group.c | 12 | ||||
-rw-r--r-- | toxcore/net_crypto.c | 6 | ||||
-rw-r--r-- | toxcore/onion_announce.c | 8 | ||||
-rw-r--r-- | toxcore/onion_client.c | 18 | ||||
-rw-r--r-- | toxcore/ping.c | 2 | ||||
-rw-r--r-- | toxcore/tox.c | 2 | ||||
-rw-r--r-- | toxcore/util.c | 2 |
14 files changed, 104 insertions, 83 deletions
diff --git a/toxcore/DHT.c b/toxcore/DHT.c index 052b74ff..51f1e5ba 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c | |||
@@ -126,7 +126,7 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, const uint8_t | |||
126 | int index = public_key[30] * MAX_KEYS_PER_SLOT + i; | 126 | int index = public_key[30] * MAX_KEYS_PER_SLOT + i; |
127 | 127 | ||
128 | if (shared_keys->keys[index].stored) { | 128 | if (shared_keys->keys[index].stored) { |
129 | if (memcmp(public_key, shared_keys->keys[index].public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 129 | if (public_key_cmp(public_key, shared_keys->keys[index].public_key) == 0) { |
130 | memcpy(shared_key, shared_keys->keys[index].shared_key, crypto_box_BEFORENMBYTES); | 130 | memcpy(shared_key, shared_keys->keys[index].shared_key, crypto_box_BEFORENMBYTES); |
131 | ++shared_keys->keys[index].times_requested; | 131 | ++shared_keys->keys[index].times_requested; |
132 | shared_keys->keys[index].time_last_requested = unix_time(); | 132 | shared_keys->keys[index].time_last_requested = unix_time(); |
@@ -844,7 +844,7 @@ static _Bool is_pk_in_client_list(Client_data *list, unsigned int client_list_le | |||
844 | for (i = 0; i < client_list_length; ++i) { | 844 | for (i = 0; i < client_list_length; ++i) { |
845 | if ((ip_port.ip.family == AF_INET && !is_timeout(list[i].assoc4.timestamp, BAD_NODE_TIMEOUT)) | 845 | if ((ip_port.ip.family == AF_INET && !is_timeout(list[i].assoc4.timestamp, BAD_NODE_TIMEOUT)) |
846 | || (ip_port.ip.family == AF_INET6 && !is_timeout(list[i].assoc6.timestamp, BAD_NODE_TIMEOUT))) { | 846 | || (ip_port.ip.family == AF_INET6 && !is_timeout(list[i].assoc6.timestamp, BAD_NODE_TIMEOUT))) { |
847 | if (memcmp(list[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 847 | if (public_key_cmp(list[i].public_key, public_key) == 0) { |
848 | return 1; | 848 | return 1; |
849 | } | 849 | } |
850 | } | 850 | } |
@@ -944,7 +944,7 @@ int addto_lists(DHT *dht, IP_Port ip_port, const uint8_t *public_key) | |||
944 | 944 | ||
945 | DHT_Friend *friend = &dht->friends_list[i]; | 945 | DHT_Friend *friend = &dht->friends_list[i]; |
946 | 946 | ||
947 | if (memcmp(public_key, friend->public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 947 | if (public_key_cmp(public_key, friend->public_key) == 0) { |
948 | friend_foundip = friend; | 948 | friend_foundip = friend; |
949 | } | 949 | } |
950 | 950 | ||
@@ -953,7 +953,7 @@ int addto_lists(DHT *dht, IP_Port ip_port, const uint8_t *public_key) | |||
953 | } else { | 953 | } else { |
954 | DHT_Friend *friend = &dht->friends_list[i]; | 954 | DHT_Friend *friend = &dht->friends_list[i]; |
955 | 955 | ||
956 | if (memcmp(public_key, friend->public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 956 | if (public_key_cmp(public_key, friend->public_key) == 0) { |
957 | friend_foundip = friend; | 957 | friend_foundip = friend; |
958 | } | 958 | } |
959 | 959 | ||
@@ -1212,7 +1212,7 @@ static uint8_t sent_getnode_to_node(DHT *dht, const uint8_t *public_key, IP_Port | |||
1212 | Node_format test; | 1212 | Node_format test; |
1213 | memcpy(&test, data, sizeof(Node_format)); | 1213 | memcpy(&test, data, sizeof(Node_format)); |
1214 | 1214 | ||
1215 | if (!ipport_equal(&test.ip_port, &node_ip_port) || memcmp(test.public_key, public_key, crypto_box_PUBLICKEYBYTES) != 0) | 1215 | if (!ipport_equal(&test.ip_port, &node_ip_port) || public_key_cmp(test.public_key, public_key) != 0) |
1216 | return 0; | 1216 | return 0; |
1217 | 1217 | ||
1218 | return 1; | 1218 | return 1; |
@@ -2081,7 +2081,7 @@ static IPPTsPng *get_closelist_IPPTsPng(DHT *dht, const uint8_t *public_key, sa_ | |||
2081 | uint32_t i; | 2081 | uint32_t i; |
2082 | 2082 | ||
2083 | for (i = 0; i < LCLIENT_LIST; ++i) { | 2083 | for (i = 0; i < LCLIENT_LIST; ++i) { |
2084 | if (memcmp(dht->close_clientlist[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) != 0) | 2084 | if (public_key_cmp(dht->close_clientlist[i].public_key, public_key) != 0) |
2085 | continue; | 2085 | continue; |
2086 | 2086 | ||
2087 | if (sa_family == AF_INET) | 2087 | if (sa_family == AF_INET) |
@@ -2178,7 +2178,7 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_ | |||
2178 | if (is_timeout(temp->hardening.send_nodes_timestamp, HARDENING_INTERVAL)) | 2178 | if (is_timeout(temp->hardening.send_nodes_timestamp, HARDENING_INTERVAL)) |
2179 | return 1; | 2179 | return 1; |
2180 | 2180 | ||
2181 | if (memcmp(temp->hardening.send_nodes_pingedid, source_pubkey, crypto_box_PUBLICKEYBYTES) != 0) | 2181 | if (public_key_cmp(temp->hardening.send_nodes_pingedid, source_pubkey) != 0) |
2182 | return 1; | 2182 | return 1; |
2183 | 2183 | ||
2184 | /* If Nodes look good and the request checks out */ | 2184 | /* If Nodes look good and the request checks out */ |
@@ -2351,7 +2351,7 @@ static int cryptopacket_handle(void *object, IP_Port source, const uint8_t *pack | |||
2351 | length > MAX_CRYPTO_REQUEST_SIZE + crypto_box_MACBYTES) | 2351 | length > MAX_CRYPTO_REQUEST_SIZE + crypto_box_MACBYTES) |
2352 | return 1; | 2352 | return 1; |
2353 | 2353 | ||
2354 | if (memcmp(packet + 1, dht->self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { // Check if request is for us. | 2354 | if (public_key_cmp(packet + 1, dht->self_public_key) == 0) { // Check if request is for us. |
2355 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; | 2355 | uint8_t public_key[crypto_box_PUBLICKEYBYTES]; |
2356 | uint8_t data[MAX_CRYPTO_REQUEST_SIZE]; | 2356 | uint8_t data[MAX_CRYPTO_REQUEST_SIZE]; |
2357 | uint8_t number; | 2357 | uint8_t number; |
diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c index 6d45077a..34296c24 100644 --- a/toxcore/Messenger.c +++ b/toxcore/Messenger.c | |||
@@ -2660,7 +2660,7 @@ static int messenger_load_state_callback(void *outer, const uint8_t *data, uint3 | |||
2660 | set_nospam(&(m->fr), *(uint32_t *)data); | 2660 | set_nospam(&(m->fr), *(uint32_t *)data); |
2661 | load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + crypto_box_PUBLICKEYBYTES); | 2661 | load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + crypto_box_PUBLICKEYBYTES); |
2662 | 2662 | ||
2663 | if (memcmp((&data[sizeof(uint32_t)]), m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES) != 0) { | 2663 | if (public_key_cmp((&data[sizeof(uint32_t)]), m->net_crypto->self_public_key) != 0) { |
2664 | return -1; | 2664 | return -1; |
2665 | } | 2665 | } |
2666 | } else | 2666 | } else |
diff --git a/toxcore/TCP_connection.c b/toxcore/TCP_connection.c index 5f38b5dd..027779dd 100644 --- a/toxcore/TCP_connection.c +++ b/toxcore/TCP_connection.c | |||
@@ -384,7 +384,7 @@ static int find_tcp_connection_to(TCP_Connections *tcp_c, const uint8_t *public_ | |||
384 | TCP_Connection_to *con_to = get_connection(tcp_c, i); | 384 | TCP_Connection_to *con_to = get_connection(tcp_c, i); |
385 | 385 | ||
386 | if (con_to) { | 386 | if (con_to) { |
387 | if (memcmp(con_to->public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 387 | if (public_key_cmp(con_to->public_key, public_key) == 0) { |
388 | return i; | 388 | return i; |
389 | } | 389 | } |
390 | } | 390 | } |
@@ -407,11 +407,11 @@ static int find_tcp_connection_relay(TCP_Connections *tcp_c, const uint8_t *rela | |||
407 | 407 | ||
408 | if (tcp_con) { | 408 | if (tcp_con) { |
409 | if (tcp_con->status == TCP_CONN_SLEEPING) { | 409 | if (tcp_con->status == TCP_CONN_SLEEPING) { |
410 | if (memcmp(tcp_con->relay_pk, relay_pk, crypto_box_PUBLICKEYBYTES) == 0) { | 410 | if (public_key_cmp(tcp_con->relay_pk, relay_pk) == 0) { |
411 | return i; | 411 | return i; |
412 | } | 412 | } |
413 | } else { | 413 | } else { |
414 | if (memcmp(tcp_con->connection->public_key, relay_pk, crypto_box_PUBLICKEYBYTES) == 0) { | 414 | if (public_key_cmp(tcp_con->connection->public_key, relay_pk) == 0) { |
415 | return i; | 415 | return i; |
416 | } | 416 | } |
417 | } | 417 | } |
diff --git a/toxcore/TCP_server.c b/toxcore/TCP_server.c index cf997d34..79f59acd 100644 --- a/toxcore/TCP_server.c +++ b/toxcore/TCP_server.c | |||
@@ -583,7 +583,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const | |||
583 | TCP_Secure_Connection *con = &TCP_server->accepted_connection_array[con_id]; | 583 | TCP_Secure_Connection *con = &TCP_server->accepted_connection_array[con_id]; |
584 | 584 | ||
585 | /* If person tries to cennect to himself we deny the request*/ | 585 | /* If person tries to cennect to himself we deny the request*/ |
586 | if (memcmp(con->public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 586 | if (public_key_cmp(con->public_key, public_key) == 0) { |
587 | if (send_routing_response(con, 0, public_key) == -1) | 587 | if (send_routing_response(con, 0, public_key) == -1) |
588 | return -1; | 588 | return -1; |
589 | 589 | ||
@@ -592,7 +592,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const | |||
592 | 592 | ||
593 | for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) { | 593 | for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) { |
594 | if (con->connections[i].status != 0) { | 594 | if (con->connections[i].status != 0) { |
595 | if (memcmp(public_key, con->connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 595 | if (public_key_cmp(public_key, con->connections[i].public_key) == 0) { |
596 | if (send_routing_response(con, i + NUM_RESERVED_PORTS, public_key) == -1) { | 596 | if (send_routing_response(con, i + NUM_RESERVED_PORTS, public_key) == -1) { |
597 | return -1; | 597 | return -1; |
598 | } else { | 598 | } else { |
@@ -629,7 +629,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const | |||
629 | 629 | ||
630 | for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) { | 630 | for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) { |
631 | if (other_conn->connections[i].status == 1 | 631 | if (other_conn->connections[i].status == 1 |
632 | && memcmp(other_conn->connections[i].public_key, con->public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 632 | && public_key_cmp(other_conn->connections[i].public_key, con->public_key) == 0) { |
633 | other_id = i; | 633 | other_id = i; |
634 | break; | 634 | break; |
635 | } | 635 | } |
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index d1549b2a..679ba669 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
@@ -84,7 +84,7 @@ void encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, ui | |||
84 | int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, | 84 | int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, |
85 | uint8_t *encrypted) | 85 | uint8_t *encrypted) |
86 | { | 86 | { |
87 | if (length == 0) | 87 | if (length == 0 || !secret_key || !nonce || !plain || !encrypted) |
88 | return -1; | 88 | return -1; |
89 | 89 | ||
90 | uint8_t temp_plain[length + crypto_box_ZEROBYTES]; | 90 | uint8_t temp_plain[length + crypto_box_ZEROBYTES]; |
@@ -104,7 +104,7 @@ int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons | |||
104 | int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length, | 104 | int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length, |
105 | uint8_t *plain) | 105 | uint8_t *plain) |
106 | { | 106 | { |
107 | if (length <= crypto_box_BOXZEROBYTES) | 107 | if (length <= crypto_box_BOXZEROBYTES || !secret_key || !nonce || !encrypted || !plain) |
108 | return -1; | 108 | return -1; |
109 | 109 | ||
110 | uint8_t temp_plain[length + crypto_box_ZEROBYTES]; | 110 | uint8_t temp_plain[length + crypto_box_ZEROBYTES]; |
@@ -123,53 +123,70 @@ int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons | |||
123 | int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, | 123 | int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, |
124 | const uint8_t *plain, uint32_t length, uint8_t *encrypted) | 124 | const uint8_t *plain, uint32_t length, uint8_t *encrypted) |
125 | { | 125 | { |
126 | if (!public_key || !secret_key) | ||
127 | return -1; | ||
128 | |||
126 | uint8_t k[crypto_box_BEFORENMBYTES]; | 129 | uint8_t k[crypto_box_BEFORENMBYTES]; |
127 | encrypt_precompute(public_key, secret_key, k); | 130 | encrypt_precompute(public_key, secret_key, k); |
128 | return encrypt_data_symmetric(k, nonce, plain, length, encrypted); | 131 | int ret = encrypt_data_symmetric(k, nonce, plain, length, encrypted); |
132 | sodium_memzero(k, sizeof k); | ||
133 | return ret; | ||
129 | } | 134 | } |
130 | 135 | ||
131 | int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, | 136 | int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, |
132 | const uint8_t *encrypted, uint32_t length, uint8_t *plain) | 137 | const uint8_t *encrypted, uint32_t length, uint8_t *plain) |
133 | { | 138 | { |
139 | if (!public_key || !secret_key) | ||
140 | return -1; | ||
141 | |||
134 | uint8_t k[crypto_box_BEFORENMBYTES]; | 142 | uint8_t k[crypto_box_BEFORENMBYTES]; |
135 | encrypt_precompute(public_key, secret_key, k); | 143 | encrypt_precompute(public_key, secret_key, k); |
136 | return decrypt_data_symmetric(k, nonce, encrypted, length, plain); | 144 | int ret = decrypt_data_symmetric(k, nonce, encrypted, length, plain); |
145 | sodium_memzero(k, sizeof k); | ||
146 | return ret; | ||
137 | } | 147 | } |
138 | 148 | ||
139 | 149 | ||
140 | /* Increment the given nonce by 1. */ | 150 | /* Increment the given nonce by 1. */ |
141 | void increment_nonce(uint8_t *nonce) | 151 | void increment_nonce(uint8_t *nonce) |
142 | { | 152 | { |
143 | uint32_t i; | 153 | /* FIXME use increment_nonce_number(nonce, 1) or sodium_increment (change to little endian) |
144 | 154 | * NOTE don't use breaks inside this loop | |
145 | for (i = crypto_box_NONCEBYTES; i != 0; --i) { | 155 | * In particular, make sure, as far as possible, |
146 | ++nonce[i - 1]; | 156 | * that loop bounds and their potential underflow or overflow |
147 | 157 | * are independent of user-controlled input (you may have heard of the Heartbleed bug). | |
148 | if (nonce[i - 1] != 0) | 158 | */ |
149 | break; | 159 | uint32_t i = crypto_box_NONCEBYTES; |
160 | uint_fast16_t carry = 1U; | ||
161 | for (; i != 0; --i) { | ||
162 | carry += (uint_fast16_t) nonce[i - 1]; | ||
163 | nonce[i - 1] = (uint8_t) carry; | ||
164 | carry >>= 8; | ||
150 | } | 165 | } |
151 | } | 166 | } |
152 | /* increment the given nonce by num */ | 167 | /* increment the given nonce by num */ |
153 | void increment_nonce_number(uint8_t *nonce, uint32_t num) | 168 | void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num) |
154 | { | 169 | { |
155 | uint32_t num1, num2; | 170 | /* NOTE don't use breaks inside this loop |
156 | memcpy(&num1, nonce + (crypto_box_NONCEBYTES - sizeof(num1)), sizeof(num1)); | 171 | * In particular, make sure, as far as possible, |
157 | num1 = ntohl(num1); | 172 | * that loop bounds and their potential underflow or overflow |
158 | num2 = num + num1; | 173 | * are independent of user-controlled input (you may have heard of the Heartbleed bug). |
159 | 174 | */ | |
160 | if (num2 < num1) { | 175 | const uint32_t big_endian_num = htonl(host_order_num); |
161 | uint32_t i; | 176 | const uint8_t* const num_vec = (const uint8_t*) &big_endian_num; |
162 | 177 | uint8_t num_as_nonce[crypto_box_NONCEBYTES] = {0}; | |
163 | for (i = crypto_box_NONCEBYTES - sizeof(num1); i != 0; --i) { | 178 | num_as_nonce[crypto_box_NONCEBYTES - 4] = num_vec[0]; |
164 | ++nonce[i - 1]; | 179 | num_as_nonce[crypto_box_NONCEBYTES - 3] = num_vec[1]; |
165 | 180 | num_as_nonce[crypto_box_NONCEBYTES - 2] = num_vec[2]; | |
166 | if (nonce[i - 1] != 0) | 181 | num_as_nonce[crypto_box_NONCEBYTES - 1] = num_vec[3]; |
167 | break; | 182 | |
168 | } | 183 | uint32_t i = crypto_box_NONCEBYTES; |
184 | uint_fast16_t carry = 0U; | ||
185 | for (; i != 0; --i) { | ||
186 | carry += (uint_fast16_t) nonce[i] + (uint_fast16_t) num_as_nonce[i]; | ||
187 | nonce[i] = (unsigned char) carry; | ||
188 | carry >>= 8; | ||
169 | } | 189 | } |
170 | |||
171 | num2 = htonl(num2); | ||
172 | memcpy(nonce + (crypto_box_NONCEBYTES - sizeof(num2)), &num2, sizeof(num2)); | ||
173 | } | 190 | } |
174 | 191 | ||
175 | /* Fill the given nonce with random bytes. */ | 192 | /* Fill the given nonce with random bytes. */ |
@@ -203,15 +220,18 @@ void new_nonce(uint8_t *nonce) | |||
203 | int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, | 220 | int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, |
204 | const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id) | 221 | const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id) |
205 | { | 222 | { |
223 | if (!send_public_key || !packet || !recv_public_key || !data) | ||
224 | return -1; | ||
225 | |||
206 | if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + | 226 | if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + |
207 | crypto_box_MACBYTES) | 227 | crypto_box_MACBYTES) |
208 | return -1; | 228 | return -1; |
209 | 229 | ||
210 | uint8_t nonce[crypto_box_NONCEBYTES]; | 230 | uint8_t* nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; |
211 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; | 231 | new_nonce(nonce); |
232 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function | ||
212 | memcpy(temp + 1, data, length); | 233 | memcpy(temp + 1, data, length); |
213 | temp[0] = request_id; | 234 | temp[0] = request_id; |
214 | new_nonce(nonce); | ||
215 | int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, | 235 | int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, |
216 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); | 236 | 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); |
217 | 237 | ||
@@ -221,7 +241,6 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke | |||
221 | packet[0] = NET_PACKET_CRYPTO; | 241 | packet[0] = NET_PACKET_CRYPTO; |
222 | memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); | 242 | memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); |
223 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); | 243 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); |
224 | memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES * 2, nonce, crypto_box_NONCEBYTES); | ||
225 | 244 | ||
226 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; | 245 | return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; |
227 | } | 246 | } |
@@ -235,17 +254,19 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke | |||
235 | int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data, | 254 | int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data, |
236 | uint8_t *request_id, const uint8_t *packet, uint16_t length) | 255 | uint8_t *request_id, const uint8_t *packet, uint16_t length) |
237 | { | 256 | { |
257 | if (!self_public_key || !public_key || !data || !request_id || !packet) | ||
258 | return -1; | ||
259 | |||
238 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || | 260 | if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || |
239 | length > MAX_CRYPTO_REQUEST_SIZE) | 261 | length > MAX_CRYPTO_REQUEST_SIZE) |
240 | return -1; | 262 | return -1; |
241 | 263 | ||
242 | if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) != 0) | 264 | if (public_key_cmp(packet + 1, self_public_key) != 0) |
243 | return -1; | 265 | return -1; |
244 | 266 | ||
245 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); | 267 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); |
246 | uint8_t nonce[crypto_box_NONCEBYTES]; | 268 | const uint8_t* nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; |
247 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; | 269 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function |
248 | memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES); | ||
249 | int len1 = decrypt_data(public_key, self_secret_key, nonce, | 270 | int len1 = decrypt_data(public_key, self_secret_key, nonce, |
250 | packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, | 271 | packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, |
251 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); | 272 | length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); |
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index eefb1d90..41a5a045 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h | |||
@@ -108,7 +108,7 @@ int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons | |||
108 | void increment_nonce(uint8_t *nonce); | 108 | void increment_nonce(uint8_t *nonce); |
109 | 109 | ||
110 | /* increment the given nonce by num */ | 110 | /* increment the given nonce by num */ |
111 | void increment_nonce_number(uint8_t *nonce, uint32_t num); | 111 | void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num); |
112 | 112 | ||
113 | /* Fill the given nonce with random bytes. */ | 113 | /* Fill the given nonce with random bytes. */ |
114 | void random_nonce(uint8_t *nonce); | 114 | void random_nonce(uint8_t *nonce); |
diff --git a/toxcore/friend_connection.c b/toxcore/friend_connection.c index 04deaf81..e7c8432b 100644 --- a/toxcore/friend_connection.c +++ b/toxcore/friend_connection.c | |||
@@ -138,7 +138,7 @@ int getfriend_conn_id_pk(Friend_Connections *fr_c, const uint8_t *real_pk) | |||
138 | Friend_Conn *friend_con = get_conn(fr_c, i); | 138 | Friend_Conn *friend_con = get_conn(fr_c, i); |
139 | 139 | ||
140 | if (friend_con) { | 140 | if (friend_con) { |
141 | if (memcmp(friend_con->real_public_key, real_pk, crypto_box_PUBLICKEYBYTES) == 0) | 141 | if (public_key_cmp(friend_con->real_public_key, real_pk) == 0) |
142 | return i; | 142 | return i; |
143 | } | 143 | } |
144 | } | 144 | } |
@@ -159,7 +159,7 @@ int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_ | |||
159 | return -1; | 159 | return -1; |
160 | 160 | ||
161 | /* Local ip and same pk means that they are hosting a TCP relay. */ | 161 | /* Local ip and same pk means that they are hosting a TCP relay. */ |
162 | if (Local_ip(ip_port.ip) && memcmp(friend_con->dht_temp_pk, public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 162 | if (Local_ip(ip_port.ip) && public_key_cmp(friend_con->dht_temp_pk, public_key) == 0) { |
163 | if (friend_con->dht_ip_port.ip.family != 0) { | 163 | if (friend_con->dht_ip_port.ip.family != 0) { |
164 | ip_port.ip = friend_con->dht_ip_port.ip; | 164 | ip_port.ip = friend_con->dht_ip_port.ip; |
165 | } else { | 165 | } else { |
@@ -173,7 +173,7 @@ int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_ | |||
173 | 173 | ||
174 | for (i = 0; i < FRIEND_MAX_STORED_TCP_RELAYS; ++i) { | 174 | for (i = 0; i < FRIEND_MAX_STORED_TCP_RELAYS; ++i) { |
175 | if (friend_con->tcp_relays[i].ip_port.ip.family != 0 | 175 | if (friend_con->tcp_relays[i].ip_port.ip.family != 0 |
176 | && memcmp(friend_con->tcp_relays[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 176 | && public_key_cmp(friend_con->tcp_relays[i].public_key, public_key) == 0) { |
177 | memset(&friend_con->tcp_relays[i], 0, sizeof(Node_format)); | 177 | memset(&friend_con->tcp_relays[i], 0, sizeof(Node_format)); |
178 | } | 178 | } |
179 | } | 179 | } |
@@ -356,7 +356,7 @@ static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_pub | |||
356 | if (!friend_con) | 356 | if (!friend_con) |
357 | return; | 357 | return; |
358 | 358 | ||
359 | if (memcmp(friend_con->dht_temp_pk, dht_public_key, crypto_box_PUBLICKEYBYTES) == 0) | 359 | if (public_key_cmp(friend_con->dht_temp_pk, dht_public_key) == 0) |
360 | return; | 360 | return; |
361 | 361 | ||
362 | change_dht_pk(fr_c, number, dht_public_key); | 362 | change_dht_pk(fr_c, number, dht_public_key); |
@@ -479,7 +479,7 @@ static int handle_new_connections(void *object, New_Connection *n_c) | |||
479 | friend_con->dht_ip_port_lastrecv = unix_time(); | 479 | friend_con->dht_ip_port_lastrecv = unix_time(); |
480 | } | 480 | } |
481 | 481 | ||
482 | if (memcmp(friend_con->dht_temp_pk, n_c->dht_public_key, crypto_box_PUBLICKEYBYTES) != 0) { | 482 | if (public_key_cmp(friend_con->dht_temp_pk, n_c->dht_public_key) != 0) { |
483 | change_dht_pk(fr_c, friendcon_id, n_c->dht_public_key); | 483 | change_dht_pk(fr_c, friendcon_id, n_c->dht_public_key); |
484 | } | 484 | } |
485 | 485 | ||
diff --git a/toxcore/group.c b/toxcore/group.c index 2eadaf74..1d733479 100644 --- a/toxcore/group.c +++ b/toxcore/group.c | |||
@@ -162,7 +162,7 @@ static int get_group_num(const Group_Chats *g_c, const uint8_t *identifier) | |||
162 | uint32_t i; | 162 | uint32_t i; |
163 | 163 | ||
164 | for (i = 0; i < g_c->num_chats; ++i) | 164 | for (i = 0; i < g_c->num_chats; ++i) |
165 | if (memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0) | 165 | if (sodium_memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0) |
166 | return i; | 166 | return i; |
167 | 167 | ||
168 | return -1; | 168 | return -1; |
@@ -218,14 +218,14 @@ static int add_to_closest(Group_Chats *g_c, int groupnumber, const uint8_t *real | |||
218 | if (!g) | 218 | if (!g) |
219 | return -1; | 219 | return -1; |
220 | 220 | ||
221 | if (memcmp(g->real_pk, real_pk, crypto_box_PUBLICKEYBYTES) == 0) | 221 | if (public_key_cmp(g->real_pk, real_pk) == 0) |
222 | return -1; | 222 | return -1; |
223 | 223 | ||
224 | unsigned int i; | 224 | unsigned int i; |
225 | unsigned int index = DESIRED_CLOSE_CONNECTIONS; | 225 | unsigned int index = DESIRED_CLOSE_CONNECTIONS; |
226 | 226 | ||
227 | for (i = 0; i < DESIRED_CLOSE_CONNECTIONS; ++i) { | 227 | for (i = 0; i < DESIRED_CLOSE_CONNECTIONS; ++i) { |
228 | if (g->closest_peers[i].entry && memcmp(real_pk, g->closest_peers[i].real_pk, crypto_box_PUBLICKEYBYTES) == 0) { | 228 | if (g->closest_peers[i].entry && public_key_cmp(real_pk, g->closest_peers[i].real_pk) == 0) { |
229 | return 0; | 229 | return 0; |
230 | } | 230 | } |
231 | } | 231 | } |
@@ -299,7 +299,7 @@ static unsigned int pk_in_closest_peers(Group_c *g, uint8_t *real_pk) | |||
299 | if (!g->closest_peers[i].entry) | 299 | if (!g->closest_peers[i].entry) |
300 | continue; | 300 | continue; |
301 | 301 | ||
302 | if (memcmp(g->closest_peers[i].real_pk, real_pk, crypto_box_PUBLICKEYBYTES) == 0) | 302 | if (public_key_cmp(g->closest_peers[i].real_pk, real_pk) == 0) |
303 | return 1; | 303 | return 1; |
304 | 304 | ||
305 | } | 305 | } |
@@ -1277,7 +1277,7 @@ static void handle_friend_invite_packet(Messenger *m, uint32_t friendnumber, con | |||
1277 | if (!g) | 1277 | if (!g) |
1278 | return; | 1278 | return; |
1279 | 1279 | ||
1280 | if (memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0) | 1280 | if (sodium_memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0) |
1281 | return; | 1281 | return; |
1282 | 1282 | ||
1283 | uint16_t peer_number = rand(); /* TODO: what if two people enter the group at the same time and | 1283 | uint16_t peer_number = rand(); /* TODO: what if two people enter the group at the same time and |
@@ -1525,7 +1525,7 @@ static int handle_send_peers(Group_Chats *g_c, int groupnumber, const uint8_t *d | |||
1525 | return -1; | 1525 | return -1; |
1526 | 1526 | ||
1527 | if (g->status == GROUPCHAT_STATUS_VALID | 1527 | if (g->status == GROUPCHAT_STATUS_VALID |
1528 | && memcmp(d, g_c->m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 1528 | && public_key_cmp(d, g_c->m->net_crypto->self_public_key) == 0) { |
1529 | g->peer_number = peer_num; | 1529 | g->peer_number = peer_num; |
1530 | g->status = GROUPCHAT_STATUS_CONNECTED; | 1530 | g->status = GROUPCHAT_STATUS_CONNECTED; |
1531 | group_name_send(g_c, groupnumber, g_c->m->name, g_c->m->name_length); | 1531 | group_name_send(g_c, groupnumber, g_c->m->name, g_c->m->name_length); |
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index 8e53143f..1d6fa02e 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -244,7 +244,7 @@ static int tcp_oob_handle_cookie_request(const Net_Crypto *c, unsigned int tcp_c | |||
244 | if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0) | 244 | if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0) |
245 | return -1; | 245 | return -1; |
246 | 246 | ||
247 | if (memcmp(dht_public_key, dht_public_key_temp, crypto_box_PUBLICKEYBYTES) != 0) | 247 | if (public_key_cmp(dht_public_key, dht_public_key_temp) != 0) |
248 | return -1; | 248 | return -1; |
249 | 249 | ||
250 | uint8_t data[COOKIE_RESPONSE_LENGTH]; | 250 | uint8_t data[COOKIE_RESPONSE_LENGTH]; |
@@ -363,7 +363,7 @@ static int handle_crypto_handshake(const Net_Crypto *c, uint8_t *nonce, uint8_t | |||
363 | if (len != sizeof(plain)) | 363 | if (len != sizeof(plain)) |
364 | return -1; | 364 | return -1; |
365 | 365 | ||
366 | if (memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, crypto_hash_sha512_BYTES) != 0) | 366 | if (sodium_memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, crypto_hash_sha512_BYTES) != 0) |
367 | return -1; | 367 | return -1; |
368 | 368 | ||
369 | memcpy(nonce, plain, crypto_box_NONCEBYTES); | 369 | memcpy(nonce, plain, crypto_box_NONCEBYTES); |
@@ -1548,7 +1548,7 @@ static int getcryptconnection_id(const Net_Crypto *c, const uint8_t *public_key) | |||
1548 | 1548 | ||
1549 | for (i = 0; i < c->crypto_connections_length; ++i) { | 1549 | for (i = 0; i < c->crypto_connections_length; ++i) { |
1550 | if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION) | 1550 | if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION) |
1551 | if (memcmp(public_key, c->crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) | 1551 | if (public_key_cmp(public_key, c->crypto_connections[i].public_key) == 0) |
1552 | return i; | 1552 | return i; |
1553 | } | 1553 | } |
1554 | 1554 | ||
diff --git a/toxcore/onion_announce.c b/toxcore/onion_announce.c index 25f3e0f8..82c3dc96 100644 --- a/toxcore/onion_announce.c +++ b/toxcore/onion_announce.c | |||
@@ -211,7 +211,7 @@ static int in_entries(const Onion_Announce *onion_a, const uint8_t *public_key) | |||
211 | 211 | ||
212 | for (i = 0; i < ONION_ANNOUNCE_MAX_ENTRIES; ++i) { | 212 | for (i = 0; i < ONION_ANNOUNCE_MAX_ENTRIES; ++i) { |
213 | if (!is_timeout(onion_a->entries[i].time, ONION_ANNOUNCE_TIMEOUT) | 213 | if (!is_timeout(onion_a->entries[i].time, ONION_ANNOUNCE_TIMEOUT) |
214 | && memcmp(onion_a->entries[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) | 214 | && public_key_cmp(onion_a->entries[i].public_key, public_key) == 0) |
215 | return i; | 215 | return i; |
216 | } | 216 | } |
217 | 217 | ||
@@ -316,7 +316,7 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * | |||
316 | 316 | ||
317 | uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES; | 317 | uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES; |
318 | 318 | ||
319 | if (memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 || memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { | 319 | if (sodium_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 || sodium_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { |
320 | index = add_to_entries(onion_a, source, packet_public_key, data_public_key, | 320 | index = add_to_entries(onion_a, source, packet_public_key, data_public_key, |
321 | packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)); | 321 | packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)); |
322 | } else { | 322 | } else { |
@@ -336,8 +336,8 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * | |||
336 | pl[0] = 0; | 336 | pl[0] = 0; |
337 | memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE); | 337 | memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE); |
338 | } else { | 338 | } else { |
339 | if (memcmp(onion_a->entries[index].public_key, packet_public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 339 | if (public_key_cmp(onion_a->entries[index].public_key, packet_public_key) == 0) { |
340 | if (memcmp(onion_a->entries[index].data_public_key, data_public_key, crypto_box_PUBLICKEYBYTES) != 0) { | 340 | if (public_key_cmp(onion_a->entries[index].data_public_key, data_public_key) != 0) { |
341 | pl[0] = 0; | 341 | pl[0] = 0; |
342 | memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE); | 342 | memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE); |
343 | } else { | 343 | } else { |
diff --git a/toxcore/onion_client.c b/toxcore/onion_client.c index d6d078e1..41efc363 100644 --- a/toxcore/onion_client.c +++ b/toxcore/onion_client.c | |||
@@ -46,7 +46,7 @@ int onion_add_bs_path_node(Onion_Client *onion_c, IP_Port ip_port, const uint8_t | |||
46 | unsigned int i; | 46 | unsigned int i; |
47 | 47 | ||
48 | for (i = 0; i < MAX_PATH_NODES; ++i) { | 48 | for (i = 0; i < MAX_PATH_NODES; ++i) { |
49 | if (memcmp(public_key, onion_c->path_nodes_bs[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) | 49 | if (public_key_cmp(public_key, onion_c->path_nodes_bs[i].public_key) == 0) |
50 | return -1; | 50 | return -1; |
51 | } | 51 | } |
52 | 52 | ||
@@ -76,7 +76,7 @@ static int onion_add_path_node(Onion_Client *onion_c, IP_Port ip_port, const uin | |||
76 | unsigned int i; | 76 | unsigned int i; |
77 | 77 | ||
78 | for (i = 0; i < MAX_PATH_NODES; ++i) { | 78 | for (i = 0; i < MAX_PATH_NODES; ++i) { |
79 | if (memcmp(public_key, onion_c->path_nodes[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) | 79 | if (public_key_cmp(public_key, onion_c->path_nodes[i].public_key) == 0) |
80 | return -1; | 80 | return -1; |
81 | } | 81 | } |
82 | 82 | ||
@@ -484,7 +484,7 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t | |||
484 | reference_id = onion_c->c->self_public_key; | 484 | reference_id = onion_c->c->self_public_key; |
485 | list_length = MAX_ONION_CLIENTS_ANNOUNCE; | 485 | list_length = MAX_ONION_CLIENTS_ANNOUNCE; |
486 | 486 | ||
487 | if (is_stored == 1 && memcmp(pingid_or_key, onion_c->temp_public_key, crypto_box_PUBLICKEYBYTES) != 0) { | 487 | if (is_stored == 1 && public_key_cmp(pingid_or_key, onion_c->temp_public_key) != 0) { |
488 | is_stored = 0; | 488 | is_stored = 0; |
489 | } | 489 | } |
490 | 490 | ||
@@ -509,7 +509,7 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t | |||
509 | } | 509 | } |
510 | 510 | ||
511 | for (i = 0; i < list_length; ++i) { | 511 | for (i = 0; i < list_length; ++i) { |
512 | if (memcmp(list_nodes[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 512 | if (public_key_cmp(list_nodes[i].public_key, public_key) == 0) { |
513 | index = i; | 513 | index = i; |
514 | stored = 1; | 514 | stored = 1; |
515 | break; | 515 | break; |
@@ -547,7 +547,7 @@ static int good_to_ping(Last_Pinged *last_pinged, uint8_t *last_pinged_index, co | |||
547 | 547 | ||
548 | for (i = 0; i < MAX_STORED_PINGED_NODES; ++i) { | 548 | for (i = 0; i < MAX_STORED_PINGED_NODES; ++i) { |
549 | if (!is_timeout(last_pinged[i].timestamp, MIN_NODE_PING_TIME)) | 549 | if (!is_timeout(last_pinged[i].timestamp, MIN_NODE_PING_TIME)) |
550 | if (memcmp(last_pinged[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) | 550 | if (public_key_cmp(last_pinged[i].public_key, public_key) == 0) |
551 | return 0; | 551 | return 0; |
552 | } | 552 | } |
553 | 553 | ||
@@ -602,7 +602,7 @@ static int client_ping_nodes(Onion_Client *onion_c, uint32_t num, const Node_for | |||
602 | || id_closest(reference_id, list_nodes[1].public_key, nodes[i].public_key) == 2 ) { | 602 | || id_closest(reference_id, list_nodes[1].public_key, nodes[i].public_key) == 2 ) { |
603 | /* check if node is already in list. */ | 603 | /* check if node is already in list. */ |
604 | for (j = 0; j < list_length; ++j) { | 604 | for (j = 0; j < list_length; ++j) { |
605 | if (memcmp(list_nodes[j].public_key, nodes[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 605 | if (public_key_cmp(list_nodes[j].public_key, nodes[i].public_key) == 0) { |
606 | break; | 606 | break; |
607 | } | 607 | } |
608 | } | 608 | } |
@@ -912,7 +912,7 @@ static int handle_dht_dhtpk(void *object, IP_Port source, const uint8_t *source_ | |||
912 | if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES)) | 912 | if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES)) |
913 | return 1; | 913 | return 1; |
914 | 914 | ||
915 | if (memcmp(source_pubkey, plain + 1 + sizeof(uint64_t), crypto_box_PUBLICKEYBYTES) != 0) | 915 | if (public_key_cmp(source_pubkey, plain + 1 + sizeof(uint64_t)) != 0) |
916 | return 1; | 916 | return 1; |
917 | 917 | ||
918 | return handle_dhtpk_announce(onion_c, packet, plain, len); | 918 | return handle_dhtpk_announce(onion_c, packet, plain, len); |
@@ -981,7 +981,7 @@ int onion_friend_num(const Onion_Client *onion_c, const uint8_t *public_key) | |||
981 | if (onion_c->friends_list[i].status == 0) | 981 | if (onion_c->friends_list[i].status == 0) |
982 | continue; | 982 | continue; |
983 | 983 | ||
984 | if (memcmp(public_key, onion_c->friends_list[i].real_public_key, crypto_box_PUBLICKEYBYTES) == 0) | 984 | if (public_key_cmp(public_key, onion_c->friends_list[i].real_public_key) == 0) |
985 | return i; | 985 | return i; |
986 | } | 986 | } |
987 | 987 | ||
@@ -1129,7 +1129,7 @@ int onion_set_friend_DHT_pubkey(Onion_Client *onion_c, int friend_num, const uin | |||
1129 | return -1; | 1129 | return -1; |
1130 | 1130 | ||
1131 | if (onion_c->friends_list[friend_num].know_dht_public_key) { | 1131 | if (onion_c->friends_list[friend_num].know_dht_public_key) { |
1132 | if (memcmp(dht_key, onion_c->friends_list[friend_num].dht_public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 1132 | if (public_key_cmp(dht_key, onion_c->friends_list[friend_num].dht_public_key) == 0) { |
1133 | return -1; | 1133 | return -1; |
1134 | } | 1134 | } |
1135 | 1135 | ||
diff --git a/toxcore/ping.c b/toxcore/ping.c index 2c6125e8..f81766cb 100644 --- a/toxcore/ping.c +++ b/toxcore/ping.c | |||
@@ -284,7 +284,7 @@ int add_to_ping(PING *ping, const uint8_t *public_key, IP_Port ip_port) | |||
284 | return 0; | 284 | return 0; |
285 | } | 285 | } |
286 | 286 | ||
287 | if (memcmp(ping->to_ping[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { | 287 | if (public_key_cmp(ping->to_ping[i].public_key, public_key) == 0) { |
288 | return -1; | 288 | return -1; |
289 | } | 289 | } |
290 | } | 290 | } |
diff --git a/toxcore/tox.c b/toxcore/tox.c index 3e9db766..c28c5178 100644 --- a/toxcore/tox.c +++ b/toxcore/tox.c | |||
@@ -153,7 +153,7 @@ Tox *tox_new(const struct Tox_Options *options, TOX_ERR_NEW *error) | |||
153 | return NULL; | 153 | return NULL; |
154 | } | 154 | } |
155 | 155 | ||
156 | if (memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) { | 156 | if (sodium_memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) { |
157 | SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_ENCRYPTED); | 157 | SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_ENCRYPTED); |
158 | return NULL; | 158 | return NULL; |
159 | } | 159 | } |
diff --git a/toxcore/util.c b/toxcore/util.c index 28d8721c..ea1988e4 100644 --- a/toxcore/util.c +++ b/toxcore/util.c | |||
@@ -60,7 +60,7 @@ int is_timeout(uint64_t timestamp, uint64_t timeout) | |||
60 | /* id functions */ | 60 | /* id functions */ |
61 | bool id_equal(const uint8_t *dest, const uint8_t *src) | 61 | bool id_equal(const uint8_t *dest, const uint8_t *src) |
62 | { | 62 | { |
63 | return memcmp(dest, src, crypto_box_PUBLICKEYBYTES) == 0; | 63 | return public_key_cmp(dest, src) == 0; |
64 | } | 64 | } |
65 | 65 | ||
66 | uint32_t id_copy(uint8_t *dest, const uint8_t *src) | 66 | uint32_t id_copy(uint8_t *dest, const uint8_t *src) |