diff options
-rw-r--r-- | toxcore/crypto_core.c | 25 | ||||
-rw-r--r-- | toxcore/crypto_core.h | 18 | ||||
-rw-r--r-- | toxcore/network.h | 13 |
3 files changed, 25 insertions, 31 deletions
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index 6e8b747a..3f3e7b48 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
@@ -29,30 +29,25 @@ | |||
29 | 29 | ||
30 | #include "crypto_core.h" | 30 | #include "crypto_core.h" |
31 | 31 | ||
32 | /* Use this instead of memcmp; not vulnerable to timing attacks. */ | ||
33 | uint8_t crypto_iszero(uint8_t *mem, uint32_t length) | ||
34 | { | ||
35 | uint8_t check = 0; | ||
36 | uint32_t i; | ||
37 | |||
38 | for (i = 0; i < length; ++i) { | ||
39 | check |= mem[i]; | ||
40 | } | ||
41 | |||
42 | return check; // We return zero if mem is made out of zeroes. | ||
43 | } | ||
44 | 32 | ||
45 | /* Use this instead of memcmp; not vulnerable to timing attacks. | 33 | /* Use this instead of memcmp; not vulnerable to timing attacks. |
46 | returns 0 if both mem locations of length are equal. */ | 34 | returns 0 if both mem locations of length are equal, |
35 | return -1 if they are not. */ | ||
47 | unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length) | 36 | unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length) |
48 | { | 37 | { |
49 | unsigned int i, check = 0;; | 38 | if (length == 16) { |
39 | return crypto_verify_16(mem1, mem2); | ||
40 | } else if (length == 32) { | ||
41 | return crypto_verify_32(mem1, mem2); | ||
42 | } | ||
43 | |||
44 | unsigned int i, check = 0; | ||
50 | 45 | ||
51 | for (i = 0; i < length; ++i) { | 46 | for (i = 0; i < length; ++i) { |
52 | check |= mem1[i] ^ mem2[i]; | 47 | check |= mem1[i] ^ mem2[i]; |
53 | } | 48 | } |
54 | 49 | ||
55 | return check; | 50 | return (1 & ((check - 1) >> 8)) - 1; |
56 | } | 51 | } |
57 | 52 | ||
58 | /* Precomputes the shared key from their public_key and our secret_key. | 53 | /* Precomputes the shared key from their public_key and our secret_key. |
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index 1fca8078..7ee5f59e 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h | |||
@@ -25,12 +25,24 @@ | |||
25 | 25 | ||
26 | #include "network.h" | 26 | #include "network.h" |
27 | 27 | ||
28 | #ifndef VANILLA_NACL | ||
29 | /* We use libsodium by default. */ | ||
30 | #include <sodium.h> | ||
31 | #else | ||
32 | #include <crypto_box.h> | ||
33 | #include <randombytes.h> | ||
34 | #include <crypto_hash_sha256.h> | ||
35 | #include <crypto_hash_sha512.h> | ||
36 | #include <crypto_verify_16.h> | ||
37 | #include <crypto_verify_32.h> | ||
38 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) | ||
39 | #endif | ||
28 | 40 | ||
29 | /* return zero if the buffer contains only zeros. */ | 41 | #define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) |
30 | uint8_t crypto_iszero(uint8_t *buffer, uint32_t blen); | ||
31 | 42 | ||
32 | /* Use this instead of memcmp; not vulnerable to timing attacks. | 43 | /* Use this instead of memcmp; not vulnerable to timing attacks. |
33 | returns 0 if both mem locations of length are equal. */ | 44 | returns 0 if both mem locations of length are equal, |
45 | return -1 if they are not. */ | ||
34 | unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length); | 46 | unsigned int crypto_cmp(uint8_t *mem1, uint8_t *mem2, uint32_t length); |
35 | 47 | ||
36 | /* Encrypts plain of length length to encrypted of length + 16 using the | 48 | /* Encrypts plain of length length to encrypted of length + 16 using the |
diff --git a/toxcore/network.h b/toxcore/network.h index 21e225a0..d19f144c 100644 --- a/toxcore/network.h +++ b/toxcore/network.h | |||
@@ -97,19 +97,6 @@ typedef int sock_t; | |||
97 | #endif | 97 | #endif |
98 | #endif | 98 | #endif |
99 | 99 | ||
100 | #ifndef VANILLA_NACL | ||
101 | /* We use libsodium by default. */ | ||
102 | #include <sodium.h> | ||
103 | #else | ||
104 | #include <crypto_box.h> | ||
105 | #include <randombytes.h> | ||
106 | #include <crypto_hash_sha256.h> | ||
107 | #include <crypto_hash_sha512.h> | ||
108 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) | ||
109 | #endif | ||
110 | |||
111 | #define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) | ||
112 | |||
113 | #ifndef IPV6_ADD_MEMBERSHIP | 100 | #ifndef IPV6_ADD_MEMBERSHIP |
114 | #ifdef IPV6_JOIN_GROUP | 101 | #ifdef IPV6_JOIN_GROUP |
115 | #define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP | 102 | #define IPV6_ADD_MEMBERSHIP IPV6_JOIN_GROUP |