4 files changed, 89 insertions, 22 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7d6bfe4c..402b74e0 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -204,7 +204,11 @@ apidsl(
  toxcore/crypto_core.api.h)
 add_module(toxcrypto
  toxcore/crypto_core.c
-  toxcore/crypto_core.h)
+  toxcore/crypto_core.h
+  toxcore/crypto_core_mem.c)
+include(CheckFunctionExists)
+check_function_exists(explicit_bzero HAVE_EXPLICIT_BZERO)
+check_function_exists(memset_s HAVE_MEMSET_S)
 target_link_modules(toxcrypto ${LIBSODIUM_LIBRARIES})
 if(WIN32)
  target_link_modules(toxcrypto ws2_32) # for htonl
diff --git a/toxcore/Makefile.inc b/toxcore/Makefile.inc
index 84e24ebd..b81087f0 100644
--- a/toxcore/Makefile.inc
+++ b/toxcore/Makefile.inc
@@ -11,6 +11,7 @@ libtoxcore_la_SOURCES = ../toxcore/DHT.h \
                        ../toxcore/network.c \
                        ../toxcore/crypto_core.h \
                        ../toxcore/crypto_core.c \
+                        ../toxcore/crypto_core_mem.c \
                        ../toxcore/ping_array.h \
                        ../toxcore/ping_array.c \
                        ../toxcore/net_crypto.h \
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c
index d3a3e1fc..4d536cf7 100644
--- a/toxcore/crypto_core.c
+++ b/toxcore/crypto_core.c
@@ -268,27 +268,6 @@ void crypto_sha512(uint8_t *hash, const uint8_t *data, size_t length)
    crypto_hash_sha512(hash, data, length);
 }
-void crypto_memzero(void *data, size_t length)
-{
-#ifdef VANILLA_NACL
-    /* TODO(c-toxcore#347): this is insecure. We need to provide our own
-     * secure memzero/memcmp for NaCL. */
-    memset(data, 0, length);
-#else
-    sodium_memzero(data, length);
-#endif
-}
-int32_t crypto_memcmp(const void *p1, const void *p2, size_t length)
-{
-#ifdef VANILLA_NACL
-    /* TODO(c-toxcore#347): Implement secure memcmp. */
-    return memcmp(p1, p2, length);
-#else
-    return sodium_memcmp(p1, p2, length);
-#endif
-}
 void random_bytes(uint8_t *data, size_t length)
 {
    randombytes(data, length);
diff --git a/toxcore/crypto_core_mem.c b/toxcore/crypto_core_mem.c
new file mode 100644
index 00000000..8d469986
--- /dev/null
+++ b/toxcore/crypto_core_mem.c
@@ -0,0 +1,83 @@
+/*
+ * ISC License
+ *
+ * Copyright (c) 2013-2016
+ * Frank Denis <j at pureftpd dot org>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#include "crypto_core.h"
+#ifndef VANILLA_NACL
+/* We use libsodium by default. */
+#include <sodium.h>
+#else
+#if defined(_WIN32) || defined(__WIN32__) || defined(WIN32)
+#include <windows.h>
+#include <wincrypt.h>
+#endif
+#endif
+void crypto_memzero(void *data, size_t length)
+{
+#ifndef VANILLA_NACL
+    sodium_memzero(data, length);
+#else
+#ifdef _WIN32
+    SecureZeroMemory(pnt, len);
+#elif defined(HAVE_MEMSET_S)
+    errno_t code = memset_s(data, (rsize_t) length, 0, (rsize_t) length)
+    if (len > 0U && code != 0) {
+        abort(); /* LCOV_EXCL_LINE */
+    }
+#elif defined(HAVE_EXPLICIT_BZERO)
+    explicit_bzero(data, length);
+#else
+    volatile unsigned char *volatile pnt =
+        (volatile unsigned char *volatile) data;
+    size_t i = (size_t) 0U;
+    while (i < length) {
+        pnt[i++] = 0U;
+    }
+#endif
+#endif
+}
+int32_t crypto_memcmp(const void *p1, const void *p2, size_t length)
+{
+#ifndef VANILLA_NACL
+    return sodium_memcmp(p1, p2, length);
+#else
+    const volatile unsigned char *volatile b1 =
+        (const volatile unsigned char *volatile) p1;
+    const volatile unsigned char *volatile b2 =
+        (const volatile unsigned char *volatile) p2;
+    size_t i;
+    unsigned char d = (unsigned char) 0U;
+    for (i = 0U; i < length; i++) {
+        d |= b1[i] ^ b2[i];
+    }
+    return (1 & ((d - 1) >> 8)) - 1;
+#endif
+}

diff --git a/CMakeLists.txt b/CMakeLists.txt index 7d6bfe4c..402b74e0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt
@@ -204,7 +204,11 @@ apidsl(
204	toxcore/crypto_core.api.h)	204	toxcore/crypto_core.api.h)
205	add_module(toxcrypto	205	add_module(toxcrypto
206	toxcore/crypto_core.c	206	toxcore/crypto_core.c
207	toxcore/crypto_core.h)	207	toxcore/crypto_core.h
		208	toxcore/crypto_core_mem.c)
		209	include(CheckFunctionExists)
		210	check_function_exists(explicit_bzero HAVE_EXPLICIT_BZERO)
		211	check_function_exists(memset_s HAVE_MEMSET_S)
208	target_link_modules(toxcrypto ${LIBSODIUM_LIBRARIES})	212	target_link_modules(toxcrypto ${LIBSODIUM_LIBRARIES})
209	if(WIN32)	213	if(WIN32)
210	target_link_modules(toxcrypto ws2_32) # for htonl	214	target_link_modules(toxcrypto ws2_32) # for htonl


diff --git a/toxcore/Makefile.inc b/toxcore/Makefile.inc index 84e24ebd..b81087f0 100644 --- a/toxcore/Makefile.inc +++ b/toxcore/Makefile.inc
@@ -11,6 +11,7 @@ libtoxcore_la_SOURCES = ../toxcore/DHT.h \
11	../toxcore/network.c \	11	../toxcore/network.c \
12	../toxcore/crypto_core.h \	12	../toxcore/crypto_core.h \
13	../toxcore/crypto_core.c \	13	../toxcore/crypto_core.c \
		14	../toxcore/crypto_core_mem.c \
14	../toxcore/ping_array.h \	15	../toxcore/ping_array.h \
15	../toxcore/ping_array.c \	16	../toxcore/ping_array.c \
16	../toxcore/net_crypto.h \	17	../toxcore/net_crypto.h \


diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index d3a3e1fc..4d536cf7 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c
@@ -268,27 +268,6 @@ void crypto_sha512(uint8_t hash, const uint8_t data, size_t length)
268	crypto_hash_sha512(hash, data, length);	268	crypto_hash_sha512(hash, data, length);
269	}	269	}
270		270
271	void crypto_memzero(void *data, size_t length)
272	{
273	#ifdef VANILLA_NACL
274	/* TODO(c-toxcore#347): this is insecure. We need to provide our own
275	* secure memzero/memcmp for NaCL. */
276	memset(data, 0, length);
277	#else
278	sodium_memzero(data, length);
279	#endif
280	}
281
282	int32_t crypto_memcmp(const void p1, const void p2, size_t length)
283	{
284	#ifdef VANILLA_NACL
285	/* TODO(c-toxcore#347): Implement secure memcmp. */
286	return memcmp(p1, p2, length);
287	#else
288	return sodium_memcmp(p1, p2, length);
289	#endif
290	}
291
292	void random_bytes(uint8_t *data, size_t length)	271	void random_bytes(uint8_t *data, size_t length)
293	{	272	{
294	randombytes(data, length);	273	randombytes(data, length);


diff --git a/toxcore/crypto_core_mem.c b/toxcore/crypto_core_mem.c new file mode 100644 index 00000000..8d469986 --- /dev/null +++ b/toxcore/crypto_core_mem.c
@@ -0,0 +1,83 @@
		1	/*
		2	* ISC License
		3	*
		4	* Copyright (c) 2013-2016
		5	* Frank Denis <j at pureftpd dot org>
		6	*
		7	* Permission to use, copy, modify, and/or distribute this software for any
		8	* purpose with or without fee is hereby granted, provided that the above
		9	* copyright notice and this permission notice appear in all copies.
		10	*
		11	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		12	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		13	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		14	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		15	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		16	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		17	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		18	*/
		19
		20
		21	#include "crypto_core.h"
		22
		23	#ifndef VANILLA_NACL
		24	/* We use libsodium by default. */
		25	#include <sodium.h>
		26	#else
		27	#if defined(_WIN32) \|\| defined(__WIN32__) \|\| defined(WIN32)
		28	#include <windows.h>
		29	#include <wincrypt.h>
		30	#endif
		31	#endif
		32
		33
		34	void crypto_memzero(void *data, size_t length)
		35	{
		36	#ifndef VANILLA_NACL
		37	sodium_memzero(data, length);
		38	#else
		39	#ifdef _WIN32
		40	SecureZeroMemory(pnt, len);
		41	#elif defined(HAVE_MEMSET_S)
		42
		43	errno_t code = memset_s(data, (rsize_t) length, 0, (rsize_t) length)
		44
		45	if (len > 0U && code != 0) {
		46	abort(); /* LCOV_EXCL_LINE */
		47	}
		48
		49	#elif defined(HAVE_EXPLICIT_BZERO)
		50	explicit_bzero(data, length);
		51	#else
		52	volatile unsigned char *volatile pnt =
		53	(volatile unsigned char *volatile) data;
		54	size_t i = (size_t) 0U;
		55
		56	while (i < length) {
		57	pnt[i++] = 0U;
		58	}
		59
		60	#endif
		61	#endif
		62	}
		63
		64	int32_t crypto_memcmp(const void p1, const void p2, size_t length)
		65	{
		66	#ifndef VANILLA_NACL
		67	return sodium_memcmp(p1, p2, length);
		68	#else
		69	const volatile unsigned char *volatile b1 =
		70	(const volatile unsigned char *volatile) p1;
		71	const volatile unsigned char *volatile b2 =
		72	(const volatile unsigned char *volatile) p2;
		73
		74	size_t i;
		75	unsigned char d = (unsigned char) 0U;
		76
		77	for (i = 0U; i < length; i++) {
		78	d \|= b1[i] ^ b2[i];
		79	}
		80
		81	return (1 & ((d - 1) >> 8)) - 1;
		82	#endif
		83	}