summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--auto_tests/TCP_test.c22
-rw-r--r--testing/DHT_test.c4
-rw-r--r--toxcore/DHT.c17
-rw-r--r--toxcore/Messenger.c2
-rw-r--r--toxcore/TCP_client.c6
-rw-r--r--toxcore/TCP_connection.c6
-rw-r--r--toxcore/TCP_server.c14
-rw-r--r--toxcore/crypto_core.c95
-rw-r--r--toxcore/crypto_core.h2
-rw-r--r--toxcore/friend_connection.c10
-rw-r--r--toxcore/friend_requests.c2
-rw-r--r--toxcore/group.c16
-rw-r--r--toxcore/net_crypto.c10
-rw-r--r--toxcore/network.c32
-rw-r--r--toxcore/onion_announce.c8
-rw-r--r--toxcore/onion_client.c23
-rw-r--r--toxcore/ping.c2
-rw-r--r--toxcore/tox.c2
-rw-r--r--toxcore/util.c2
19 files changed, 149 insertions, 126 deletions
diff --git a/auto_tests/TCP_test.c b/auto_tests/TCP_test.c
index 0cf063f1..ba1d5232 100644
--- a/auto_tests/TCP_test.c
+++ b/auto_tests/TCP_test.c
@@ -117,7 +117,7 @@ START_TEST(test_basic)
117 increment_nonce(f_nonce_r); 117 increment_nonce(f_nonce_r);
118 ck_assert_msg(packet_resp_plain[0] == 1, "wrong packet id %u", packet_resp_plain[0]); 118 ck_assert_msg(packet_resp_plain[0] == 1, "wrong packet id %u", packet_resp_plain[0]);
119 ck_assert_msg(packet_resp_plain[1] == 0, "connection not refused %u", packet_resp_plain[1]); 119 ck_assert_msg(packet_resp_plain[1] == 0, "connection not refused %u", packet_resp_plain[1]);
120 ck_assert_msg(memcmp(packet_resp_plain + 2, f_public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong"); 120 ck_assert_msg(public_key_cmp(packet_resp_plain + 2, f_public_key) == 0, "key in packet wrong");
121 kill_TCP_server(tcp_s); 121 kill_TCP_server(tcp_s);
122} 122}
123END_TEST 123END_TEST
@@ -235,12 +235,12 @@ START_TEST(test_some)
235 ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len); 235 ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len);
236 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]); 236 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
237 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]); 237 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
238 ck_assert_msg(memcmp(data + 2, con3->public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong"); 238 ck_assert_msg(public_key_cmp(data + 2, con3->public_key) == 0, "key in packet wrong");
239 len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES); 239 len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES);
240 ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len); 240 ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len);
241 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]); 241 ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
242 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]); 242 ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
243 ck_assert_msg(memcmp(data + 2, con1->public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong"); 243 ck_assert_msg(public_key_cmp(data + 2, con1->public_key) == 0, "key in packet wrong");
244 244
245 uint8_t test_packet[512] = {16, 17, 16, 86, 99, 127, 255, 189, 78}; 245 uint8_t test_packet[512] = {16, 17, 16, 86, 99, 127, 255, 189, 78};
246 write_packet_TCP_secure_connection(con3, test_packet, sizeof(test_packet)); 246 write_packet_TCP_secure_connection(con3, test_packet, sizeof(test_packet));
@@ -363,7 +363,7 @@ static int oob_data_callback(void *object, const uint8_t *public_key, const uint
363 if (length != 5) 363 if (length != 5)
364 return 1; 364 return 1;
365 365
366 if (memcmp(public_key, oob_pubkey, crypto_box_PUBLICKEYBYTES) != 0) 366 if (public_key_cmp(public_key, oob_pubkey) != 0)
367 return 1; 367 return 1;
368 368
369 if (data[0] == 1 && data[1] == 2 && data[2] == 3 && data[3] == 4 && data[4] == 5) { 369 if (data[0] == 1 && data[1] == 2 && data[2] == 3 && data[3] == 4 && data[4] == 5) {
@@ -447,7 +447,7 @@ START_TEST(test_client)
447 do_TCP_connection(conn2); 447 do_TCP_connection(conn2);
448 ck_assert_msg(oob_data_callback_good == 1, "oob callback not called"); 448 ck_assert_msg(oob_data_callback_good == 1, "oob callback not called");
449 ck_assert_msg(response_callback_good == 1, "response callback not called"); 449 ck_assert_msg(response_callback_good == 1, "response callback not called");
450 ck_assert_msg(memcmp(response_callback_public_key, f2_public_key, crypto_box_PUBLICKEYBYTES) == 0, "wrong public key"); 450 ck_assert_msg(public_key_cmp(response_callback_public_key, f2_public_key) == 0, "wrong public key");
451 ck_assert_msg(status_callback_good == 1, "status callback not called"); 451 ck_assert_msg(status_callback_good == 1, "status callback not called");
452 ck_assert_msg(status_callback_status == 2, "wrong status"); 452 ck_assert_msg(status_callback_status == 2, "wrong status");
453 ck_assert_msg(status_callback_connection_id == response_callback_connection_id, "connection ids not equal"); 453 ck_assert_msg(status_callback_connection_id == response_callback_connection_id, "connection ids not equal");
@@ -538,17 +538,17 @@ START_TEST(test_tcp_connection)
538 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 538 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
539 crypto_box_keypair(self_public_key, self_secret_key); 539 crypto_box_keypair(self_public_key, self_secret_key);
540 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); 540 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL);
541 ck_assert_msg(memcmp(tcp_s->public_key, self_public_key, crypto_box_PUBLICKEYBYTES) == 0, "Wrong public key"); 541 ck_assert_msg(public_key_cmp(tcp_s->public_key, self_public_key) == 0, "Wrong public key");
542 542
543 TCP_Proxy_Info proxy_info; 543 TCP_Proxy_Info proxy_info;
544 proxy_info.proxy_type = TCP_PROXY_NONE; 544 proxy_info.proxy_type = TCP_PROXY_NONE;
545 crypto_box_keypair(self_public_key, self_secret_key); 545 crypto_box_keypair(self_public_key, self_secret_key);
546 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info); 546 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info);
547 ck_assert_msg(memcmp(tc_1->self_public_key, self_public_key, crypto_box_PUBLICKEYBYTES) == 0, "Wrong public key"); 547 ck_assert_msg(public_key_cmp(tc_1->self_public_key, self_public_key) == 0, "Wrong public key");
548 548
549 crypto_box_keypair(self_public_key, self_secret_key); 549 crypto_box_keypair(self_public_key, self_secret_key);
550 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info); 550 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info);
551 ck_assert_msg(memcmp(tc_2->self_public_key, self_public_key, crypto_box_PUBLICKEYBYTES) == 0, "Wrong public key"); 551 ck_assert_msg(public_key_cmp(tc_2->self_public_key, self_public_key) == 0, "Wrong public key");
552 552
553 IP_Port ip_port_tcp_s; 553 IP_Port ip_port_tcp_s;
554 554
@@ -641,17 +641,17 @@ START_TEST(test_tcp_connection2)
641 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES]; 641 uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
642 crypto_box_keypair(self_public_key, self_secret_key); 642 crypto_box_keypair(self_public_key, self_secret_key);
643 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL); 643 TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_secret_key, NULL);
644 ck_assert_msg(memcmp(tcp_s->public_key, self_public_key, crypto_box_PUBLICKEYBYTES) == 0, "Wrong public key"); 644 ck_assert_msg(public_key_cmp(tcp_s->public_key, self_public_key) == 0, "Wrong public key");
645 645
646 TCP_Proxy_Info proxy_info; 646 TCP_Proxy_Info proxy_info;
647 proxy_info.proxy_type = TCP_PROXY_NONE; 647 proxy_info.proxy_type = TCP_PROXY_NONE;
648 crypto_box_keypair(self_public_key, self_secret_key); 648 crypto_box_keypair(self_public_key, self_secret_key);
649 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info); 649 TCP_Connections *tc_1 = new_tcp_connections(self_secret_key, &proxy_info);
650 ck_assert_msg(memcmp(tc_1->self_public_key, self_public_key, crypto_box_PUBLICKEYBYTES) == 0, "Wrong public key"); 650 ck_assert_msg(public_key_cmp(tc_1->self_public_key, self_public_key) == 0, "Wrong public key");
651 651
652 crypto_box_keypair(self_public_key, self_secret_key); 652 crypto_box_keypair(self_public_key, self_secret_key);
653 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info); 653 TCP_Connections *tc_2 = new_tcp_connections(self_secret_key, &proxy_info);
654 ck_assert_msg(memcmp(tc_2->self_public_key, self_public_key, crypto_box_PUBLICKEYBYTES) == 0, "Wrong public key"); 654 ck_assert_msg(public_key_cmp(tc_2->self_public_key, self_public_key) == 0, "Wrong public key");
655 655
656 IP_Port ip_port_tcp_s; 656 IP_Port ip_port_tcp_s;
657 657
diff --git a/testing/DHT_test.c b/testing/DHT_test.c
index d07e3959..1078ce6f 100644
--- a/testing/DHT_test.c
+++ b/testing/DHT_test.c
@@ -108,7 +108,7 @@ void print_clientlist(DHT *dht)
108 for (i = 0; i < LCLIENT_LIST; i++) { 108 for (i = 0; i < LCLIENT_LIST; i++) {
109 Client_data *client = &dht->close_clientlist[i]; 109 Client_data *client = &dht->close_clientlist[i];
110 110
111 if (memcmp(client->public_key, zeroes_cid, crypto_box_PUBLICKEYBYTES) == 0) 111 if (public_key_cmp(client->public_key, zeroes_cid) == 0)
112 continue; 112 continue;
113 113
114 printf("ClientID: "); 114 printf("ClientID: ");
@@ -139,7 +139,7 @@ void print_friendlist(DHT *dht)
139 for (i = 0; i < MAX_FRIEND_CLIENTS; i++) { 139 for (i = 0; i < MAX_FRIEND_CLIENTS; i++) {
140 Client_data *client = &dht->friends_list[k].client_list[i]; 140 Client_data *client = &dht->friends_list[k].client_list[i];
141 141
142 if (memcmp(client->public_key, zeroes_cid, crypto_box_PUBLICKEYBYTES) == 0) 142 if (public_key_cmp(client->public_key, zeroes_cid) == 0)
143 continue; 143 continue;
144 144
145 printf("ClientID: "); 145 printf("ClientID: ");
diff --git a/toxcore/DHT.c b/toxcore/DHT.c
index 052b74ff..6d9479a6 100644
--- a/toxcore/DHT.c
+++ b/toxcore/DHT.c
@@ -126,7 +126,7 @@ void get_shared_key(Shared_Keys *shared_keys, uint8_t *shared_key, const uint8_t
126 int index = public_key[30] * MAX_KEYS_PER_SLOT + i; 126 int index = public_key[30] * MAX_KEYS_PER_SLOT + i;
127 127
128 if (shared_keys->keys[index].stored) { 128 if (shared_keys->keys[index].stored) {
129 if (memcmp(public_key, shared_keys->keys[index].public_key, crypto_box_PUBLICKEYBYTES) == 0) { 129 if (public_key_cmp(public_key, shared_keys->keys[index].public_key) == 0) {
130 memcpy(shared_key, shared_keys->keys[index].shared_key, crypto_box_BEFORENMBYTES); 130 memcpy(shared_key, shared_keys->keys[index].shared_key, crypto_box_BEFORENMBYTES);
131 ++shared_keys->keys[index].times_requested; 131 ++shared_keys->keys[index].times_requested;
132 shared_keys->keys[index].time_last_requested = unix_time(); 132 shared_keys->keys[index].time_last_requested = unix_time();
@@ -233,6 +233,7 @@ int pack_nodes(uint8_t *data, uint16_t length, const Node_format *nodes, uint16_
233 int ipv6 = -1; 233 int ipv6 = -1;
234 uint8_t net_family; 234 uint8_t net_family;
235 235
236 // FIXME use functions to convert endianness
236 if (nodes[i].ip_port.ip.family == AF_INET) { 237 if (nodes[i].ip_port.ip.family == AF_INET) {
237 ipv6 = 0; 238 ipv6 = 0;
238 net_family = TOX_AF_INET; 239 net_family = TOX_AF_INET;
@@ -844,7 +845,7 @@ static _Bool is_pk_in_client_list(Client_data *list, unsigned int client_list_le
844 for (i = 0; i < client_list_length; ++i) { 845 for (i = 0; i < client_list_length; ++i) {
845 if ((ip_port.ip.family == AF_INET && !is_timeout(list[i].assoc4.timestamp, BAD_NODE_TIMEOUT)) 846 if ((ip_port.ip.family == AF_INET && !is_timeout(list[i].assoc4.timestamp, BAD_NODE_TIMEOUT))
846 || (ip_port.ip.family == AF_INET6 && !is_timeout(list[i].assoc6.timestamp, BAD_NODE_TIMEOUT))) { 847 || (ip_port.ip.family == AF_INET6 && !is_timeout(list[i].assoc6.timestamp, BAD_NODE_TIMEOUT))) {
847 if (memcmp(list[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { 848 if (public_key_cmp(list[i].public_key, public_key) == 0) {
848 return 1; 849 return 1;
849 } 850 }
850 } 851 }
@@ -944,7 +945,7 @@ int addto_lists(DHT *dht, IP_Port ip_port, const uint8_t *public_key)
944 945
945 DHT_Friend *friend = &dht->friends_list[i]; 946 DHT_Friend *friend = &dht->friends_list[i];
946 947
947 if (memcmp(public_key, friend->public_key, crypto_box_PUBLICKEYBYTES) == 0) { 948 if (public_key_cmp(public_key, friend->public_key) == 0) {
948 friend_foundip = friend; 949 friend_foundip = friend;
949 } 950 }
950 951
@@ -953,7 +954,7 @@ int addto_lists(DHT *dht, IP_Port ip_port, const uint8_t *public_key)
953 } else { 954 } else {
954 DHT_Friend *friend = &dht->friends_list[i]; 955 DHT_Friend *friend = &dht->friends_list[i];
955 956
956 if (memcmp(public_key, friend->public_key, crypto_box_PUBLICKEYBYTES) == 0) { 957 if (public_key_cmp(public_key, friend->public_key) == 0) {
957 friend_foundip = friend; 958 friend_foundip = friend;
958 } 959 }
959 960
@@ -1212,7 +1213,7 @@ static uint8_t sent_getnode_to_node(DHT *dht, const uint8_t *public_key, IP_Port
1212 Node_format test; 1213 Node_format test;
1213 memcpy(&test, data, sizeof(Node_format)); 1214 memcpy(&test, data, sizeof(Node_format));
1214 1215
1215 if (!ipport_equal(&test.ip_port, &node_ip_port) || memcmp(test.public_key, public_key, crypto_box_PUBLICKEYBYTES) != 0) 1216 if (!ipport_equal(&test.ip_port, &node_ip_port) || public_key_cmp(test.public_key, public_key) != 0)
1216 return 0; 1217 return 0;
1217 1218
1218 return 1; 1219 return 1;
@@ -2081,7 +2082,7 @@ static IPPTsPng *get_closelist_IPPTsPng(DHT *dht, const uint8_t *public_key, sa_
2081 uint32_t i; 2082 uint32_t i;
2082 2083
2083 for (i = 0; i < LCLIENT_LIST; ++i) { 2084 for (i = 0; i < LCLIENT_LIST; ++i) {
2084 if (memcmp(dht->close_clientlist[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) != 0) 2085 if (public_key_cmp(dht->close_clientlist[i].public_key, public_key) != 0)
2085 continue; 2086 continue;
2086 2087
2087 if (sa_family == AF_INET) 2088 if (sa_family == AF_INET)
@@ -2178,7 +2179,7 @@ static int handle_hardening(void *object, IP_Port source, const uint8_t *source_
2178 if (is_timeout(temp->hardening.send_nodes_timestamp, HARDENING_INTERVAL)) 2179 if (is_timeout(temp->hardening.send_nodes_timestamp, HARDENING_INTERVAL))
2179 return 1; 2180 return 1;
2180 2181
2181 if (memcmp(temp->hardening.send_nodes_pingedid, source_pubkey, crypto_box_PUBLICKEYBYTES) != 0) 2182 if (public_key_cmp(temp->hardening.send_nodes_pingedid, source_pubkey) != 0)
2182 return 1; 2183 return 1;
2183 2184
2184 /* If Nodes look good and the request checks out */ 2185 /* If Nodes look good and the request checks out */
@@ -2351,7 +2352,7 @@ static int cryptopacket_handle(void *object, IP_Port source, const uint8_t *pack
2351 length > MAX_CRYPTO_REQUEST_SIZE + crypto_box_MACBYTES) 2352 length > MAX_CRYPTO_REQUEST_SIZE + crypto_box_MACBYTES)
2352 return 1; 2353 return 1;
2353 2354
2354 if (memcmp(packet + 1, dht->self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { // Check if request is for us. 2355 if (public_key_cmp(packet + 1, dht->self_public_key) == 0) { // Check if request is for us.
2355 uint8_t public_key[crypto_box_PUBLICKEYBYTES]; 2356 uint8_t public_key[crypto_box_PUBLICKEYBYTES];
2356 uint8_t data[MAX_CRYPTO_REQUEST_SIZE]; 2357 uint8_t data[MAX_CRYPTO_REQUEST_SIZE];
2357 uint8_t number; 2358 uint8_t number;
diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c
index 6d45077a..34296c24 100644
--- a/toxcore/Messenger.c
+++ b/toxcore/Messenger.c
@@ -2660,7 +2660,7 @@ static int messenger_load_state_callback(void *outer, const uint8_t *data, uint3
2660 set_nospam(&(m->fr), *(uint32_t *)data); 2660 set_nospam(&(m->fr), *(uint32_t *)data);
2661 load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + crypto_box_PUBLICKEYBYTES); 2661 load_secret_key(m->net_crypto, (&data[sizeof(uint32_t)]) + crypto_box_PUBLICKEYBYTES);
2662 2662
2663 if (memcmp((&data[sizeof(uint32_t)]), m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES) != 0) { 2663 if (public_key_cmp((&data[sizeof(uint32_t)]), m->net_crypto->self_public_key) != 0) {
2664 return -1; 2664 return -1;
2665 } 2665 }
2666 } else 2666 } else
diff --git a/toxcore/TCP_client.c b/toxcore/TCP_client.c
index 1bd11a1d..752deecf 100644
--- a/toxcore/TCP_client.c
+++ b/toxcore/TCP_client.c
@@ -151,7 +151,7 @@ static int socks5_read_handshake_response(TCP_Client_Connection *TCP_conn)
151 if (ret == -1) 151 if (ret == -1)
152 return 0; 152 return 0;
153 153
154 if (data[0] == 5 && data[1] == 0) 154 if (data[0] == 5 && data[1] == 0) // FIXME magic numbers
155 return 1; 155 return 1;
156 156
157 return -1; 157 return -1;
@@ -251,7 +251,7 @@ static int handle_handshake(TCP_Client_Connection *TCP_conn, const uint8_t *data
251 251
252 memcpy(TCP_conn->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES); 252 memcpy(TCP_conn->recv_nonce, plain + crypto_box_PUBLICKEYBYTES, crypto_box_NONCEBYTES);
253 encrypt_precompute(plain, TCP_conn->temp_secret_key, TCP_conn->shared_key); 253 encrypt_precompute(plain, TCP_conn->temp_secret_key, TCP_conn->shared_key);
254 memset(TCP_conn->temp_secret_key, 0, crypto_box_SECRETKEYBYTES); 254 sodium_memzero(TCP_conn->temp_secret_key, crypto_box_SECRETKEYBYTES);
255 return 0; 255 return 0;
256} 256}
257 257
@@ -962,6 +962,6 @@ void kill_TCP_connection(TCP_Client_Connection *TCP_connection)
962 962
963 wipe_priority_list(TCP_connection); 963 wipe_priority_list(TCP_connection);
964 kill_sock(TCP_connection->sock); 964 kill_sock(TCP_connection->sock);
965 memset(TCP_connection, 0, sizeof(TCP_Client_Connection)); 965 sodium_memzero(TCP_connection, sizeof(TCP_Client_Connection));
966 free(TCP_connection); 966 free(TCP_connection);
967} 967}
diff --git a/toxcore/TCP_connection.c b/toxcore/TCP_connection.c
index 5f38b5dd..027779dd 100644
--- a/toxcore/TCP_connection.c
+++ b/toxcore/TCP_connection.c
@@ -384,7 +384,7 @@ static int find_tcp_connection_to(TCP_Connections *tcp_c, const uint8_t *public_
384 TCP_Connection_to *con_to = get_connection(tcp_c, i); 384 TCP_Connection_to *con_to = get_connection(tcp_c, i);
385 385
386 if (con_to) { 386 if (con_to) {
387 if (memcmp(con_to->public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { 387 if (public_key_cmp(con_to->public_key, public_key) == 0) {
388 return i; 388 return i;
389 } 389 }
390 } 390 }
@@ -407,11 +407,11 @@ static int find_tcp_connection_relay(TCP_Connections *tcp_c, const uint8_t *rela
407 407
408 if (tcp_con) { 408 if (tcp_con) {
409 if (tcp_con->status == TCP_CONN_SLEEPING) { 409 if (tcp_con->status == TCP_CONN_SLEEPING) {
410 if (memcmp(tcp_con->relay_pk, relay_pk, crypto_box_PUBLICKEYBYTES) == 0) { 410 if (public_key_cmp(tcp_con->relay_pk, relay_pk) == 0) {
411 return i; 411 return i;
412 } 412 }
413 } else { 413 } else {
414 if (memcmp(tcp_con->connection->public_key, relay_pk, crypto_box_PUBLICKEYBYTES) == 0) { 414 if (public_key_cmp(tcp_con->connection->public_key, relay_pk) == 0) {
415 return i; 415 return i;
416 } 416 }
417 } 417 }
diff --git a/toxcore/TCP_server.c b/toxcore/TCP_server.c
index cf997d34..d4944aed 100644
--- a/toxcore/TCP_server.c
+++ b/toxcore/TCP_server.c
@@ -169,7 +169,7 @@ static int del_accepted(TCP_Server *TCP_server, int index)
169 if (!bs_list_remove(&TCP_server->accepted_key_list, TCP_server->accepted_connection_array[index].public_key, index)) 169 if (!bs_list_remove(&TCP_server->accepted_key_list, TCP_server->accepted_connection_array[index].public_key, index))
170 return -1; 170 return -1;
171 171
172 memset(&TCP_server->accepted_connection_array[index], 0, sizeof(TCP_Secure_Connection)); 172 sodium_memzero(&TCP_server->accepted_connection_array[index], sizeof(TCP_Secure_Connection));
173 --TCP_server->num_accepted_connections; 173 --TCP_server->num_accepted_connections;
174 174
175 if (TCP_server->num_accepted_connections == 0) 175 if (TCP_server->num_accepted_connections == 0)
@@ -447,7 +447,7 @@ static int write_packet_TCP_secure_connection(TCP_Secure_Connection *con, const
447static void kill_TCP_connection(TCP_Secure_Connection *con) 447static void kill_TCP_connection(TCP_Secure_Connection *con)
448{ 448{
449 kill_sock(con->sock); 449 kill_sock(con->sock);
450 memset(con, 0, sizeof(TCP_Secure_Connection)); 450 sodium_memzero(con, sizeof(TCP_Secure_Connection));
451} 451}
452 452
453static int rm_connection_index(TCP_Server *TCP_server, TCP_Secure_Connection *con, uint8_t con_number); 453static int rm_connection_index(TCP_Server *TCP_server, TCP_Secure_Connection *con, uint8_t con_number);
@@ -583,7 +583,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const
583 TCP_Secure_Connection *con = &TCP_server->accepted_connection_array[con_id]; 583 TCP_Secure_Connection *con = &TCP_server->accepted_connection_array[con_id];
584 584
585 /* If person tries to cennect to himself we deny the request*/ 585 /* If person tries to cennect to himself we deny the request*/
586 if (memcmp(con->public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { 586 if (public_key_cmp(con->public_key, public_key) == 0) {
587 if (send_routing_response(con, 0, public_key) == -1) 587 if (send_routing_response(con, 0, public_key) == -1)
588 return -1; 588 return -1;
589 589
@@ -592,7 +592,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const
592 592
593 for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) { 593 for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) {
594 if (con->connections[i].status != 0) { 594 if (con->connections[i].status != 0) {
595 if (memcmp(public_key, con->connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { 595 if (public_key_cmp(public_key, con->connections[i].public_key) == 0) {
596 if (send_routing_response(con, i + NUM_RESERVED_PORTS, public_key) == -1) { 596 if (send_routing_response(con, i + NUM_RESERVED_PORTS, public_key) == -1) {
597 return -1; 597 return -1;
598 } else { 598 } else {
@@ -629,7 +629,7 @@ static int handle_TCP_routing_req(TCP_Server *TCP_server, uint32_t con_id, const
629 629
630 for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) { 630 for (i = 0; i < NUM_CLIENT_CONNECTIONS; ++i) {
631 if (other_conn->connections[i].status == 1 631 if (other_conn->connections[i].status == 1
632 && memcmp(other_conn->connections[i].public_key, con->public_key, crypto_box_PUBLICKEYBYTES) == 0) { 632 && public_key_cmp(other_conn->connections[i].public_key, con->public_key) == 0) {
633 other_id = i; 633 other_id = i;
634 break; 634 break;
635 } 635 }
@@ -868,7 +868,7 @@ static int confirm_TCP_connection(TCP_Server *TCP_server, TCP_Secure_Connection
868 return -1; 868 return -1;
869 } 869 }
870 870
871 memset(con, 0, sizeof(TCP_Secure_Connection)); 871 sodium_memzero(con, sizeof(TCP_Secure_Connection));
872 872
873 if (handle_TCP_packet(TCP_server, index, data, length) == -1) { 873 if (handle_TCP_packet(TCP_server, index, data, length) == -1) {
874 kill_accepted(TCP_server, index); 874 kill_accepted(TCP_server, index);
@@ -1056,7 +1056,7 @@ static int do_incoming(TCP_Server *TCP_server, uint32_t i)
1056 kill_TCP_connection(conn_new); 1056 kill_TCP_connection(conn_new);
1057 1057
1058 memcpy(conn_new, conn_old, sizeof(TCP_Secure_Connection)); 1058 memcpy(conn_new, conn_old, sizeof(TCP_Secure_Connection));
1059 memset(conn_old, 0, sizeof(TCP_Secure_Connection)); 1059 sodium_memzero(conn_old, sizeof(TCP_Secure_Connection));
1060 ++TCP_server->unconfirmed_connection_queue_index; 1060 ++TCP_server->unconfirmed_connection_queue_index;
1061 1061
1062 return index_new; 1062 return index_new;
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c
index d1549b2a..679ba669 100644
--- a/toxcore/crypto_core.c
+++ b/toxcore/crypto_core.c
@@ -84,7 +84,7 @@ void encrypt_precompute(const uint8_t *public_key, const uint8_t *secret_key, ui
84int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length, 84int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *plain, uint32_t length,
85 uint8_t *encrypted) 85 uint8_t *encrypted)
86{ 86{
87 if (length == 0) 87 if (length == 0 || !secret_key || !nonce || !plain || !encrypted)
88 return -1; 88 return -1;
89 89
90 uint8_t temp_plain[length + crypto_box_ZEROBYTES]; 90 uint8_t temp_plain[length + crypto_box_ZEROBYTES];
@@ -104,7 +104,7 @@ int encrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons
104int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length, 104int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, const uint8_t *encrypted, uint32_t length,
105 uint8_t *plain) 105 uint8_t *plain)
106{ 106{
107 if (length <= crypto_box_BOXZEROBYTES) 107 if (length <= crypto_box_BOXZEROBYTES || !secret_key || !nonce || !encrypted || !plain)
108 return -1; 108 return -1;
109 109
110 uint8_t temp_plain[length + crypto_box_ZEROBYTES]; 110 uint8_t temp_plain[length + crypto_box_ZEROBYTES];
@@ -123,53 +123,70 @@ int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons
123int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, 123int encrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
124 const uint8_t *plain, uint32_t length, uint8_t *encrypted) 124 const uint8_t *plain, uint32_t length, uint8_t *encrypted)
125{ 125{
126 if (!public_key || !secret_key)
127 return -1;
128
126 uint8_t k[crypto_box_BEFORENMBYTES]; 129 uint8_t k[crypto_box_BEFORENMBYTES];
127 encrypt_precompute(public_key, secret_key, k); 130 encrypt_precompute(public_key, secret_key, k);
128 return encrypt_data_symmetric(k, nonce, plain, length, encrypted); 131 int ret = encrypt_data_symmetric(k, nonce, plain, length, encrypted);
132 sodium_memzero(k, sizeof k);
133 return ret;
129} 134}
130 135
131int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce, 136int decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
132 const uint8_t *encrypted, uint32_t length, uint8_t *plain) 137 const uint8_t *encrypted, uint32_t length, uint8_t *plain)
133{ 138{
139 if (!public_key || !secret_key)
140 return -1;
141
134 uint8_t k[crypto_box_BEFORENMBYTES]; 142 uint8_t k[crypto_box_BEFORENMBYTES];
135 encrypt_precompute(public_key, secret_key, k); 143 encrypt_precompute(public_key, secret_key, k);
136 return decrypt_data_symmetric(k, nonce, encrypted, length, plain); 144 int ret = decrypt_data_symmetric(k, nonce, encrypted, length, plain);
145 sodium_memzero(k, sizeof k);
146 return ret;
137} 147}
138 148
139 149
140/* Increment the given nonce by 1. */ 150/* Increment the given nonce by 1. */
141void increment_nonce(uint8_t *nonce) 151void increment_nonce(uint8_t *nonce)
142{ 152{
143 uint32_t i; 153 /* FIXME use increment_nonce_number(nonce, 1) or sodium_increment (change to little endian)
144 154 * NOTE don't use breaks inside this loop
145 for (i = crypto_box_NONCEBYTES; i != 0; --i) { 155 * In particular, make sure, as far as possible,
146 ++nonce[i - 1]; 156 * that loop bounds and their potential underflow or overflow
147 157 * are independent of user-controlled input (you may have heard of the Heartbleed bug).
148 if (nonce[i - 1] != 0) 158 */
149 break; 159 uint32_t i = crypto_box_NONCEBYTES;
160 uint_fast16_t carry = 1U;
161 for (; i != 0; --i) {
162 carry += (uint_fast16_t) nonce[i - 1];
163 nonce[i - 1] = (uint8_t) carry;
164 carry >>= 8;
150 } 165 }
151} 166}
152/* increment the given nonce by num */ 167/* increment the given nonce by num */
153void increment_nonce_number(uint8_t *nonce, uint32_t num) 168void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num)
154{ 169{
155 uint32_t num1, num2; 170 /* NOTE don't use breaks inside this loop
156 memcpy(&num1, nonce + (crypto_box_NONCEBYTES - sizeof(num1)), sizeof(num1)); 171 * In particular, make sure, as far as possible,
157 num1 = ntohl(num1); 172 * that loop bounds and their potential underflow or overflow
158 num2 = num + num1; 173 * are independent of user-controlled input (you may have heard of the Heartbleed bug).
159 174 */
160 if (num2 < num1) { 175 const uint32_t big_endian_num = htonl(host_order_num);
161 uint32_t i; 176 const uint8_t* const num_vec = (const uint8_t*) &big_endian_num;
162 177 uint8_t num_as_nonce[crypto_box_NONCEBYTES] = {0};
163 for (i = crypto_box_NONCEBYTES - sizeof(num1); i != 0; --i) { 178 num_as_nonce[crypto_box_NONCEBYTES - 4] = num_vec[0];
164 ++nonce[i - 1]; 179 num_as_nonce[crypto_box_NONCEBYTES - 3] = num_vec[1];
165 180 num_as_nonce[crypto_box_NONCEBYTES - 2] = num_vec[2];
166 if (nonce[i - 1] != 0) 181 num_as_nonce[crypto_box_NONCEBYTES - 1] = num_vec[3];
167 break; 182
168 } 183 uint32_t i = crypto_box_NONCEBYTES;
184 uint_fast16_t carry = 0U;
185 for (; i != 0; --i) {
186 carry += (uint_fast16_t) nonce[i] + (uint_fast16_t) num_as_nonce[i];
187 nonce[i] = (unsigned char) carry;
188 carry >>= 8;
169 } 189 }
170
171 num2 = htonl(num2);
172 memcpy(nonce + (crypto_box_NONCEBYTES - sizeof(num2)), &num2, sizeof(num2));
173} 190}
174 191
175/* Fill the given nonce with random bytes. */ 192/* Fill the given nonce with random bytes. */
@@ -203,15 +220,18 @@ void new_nonce(uint8_t *nonce)
203int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet, 220int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_key, uint8_t *packet,
204 const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id) 221 const uint8_t *recv_public_key, const uint8_t *data, uint32_t length, uint8_t request_id)
205{ 222{
223 if (!send_public_key || !packet || !recv_public_key || !data)
224 return -1;
225
206 if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + 226 if (MAX_CRYPTO_REQUEST_SIZE < length + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 +
207 crypto_box_MACBYTES) 227 crypto_box_MACBYTES)
208 return -1; 228 return -1;
209 229
210 uint8_t nonce[crypto_box_NONCEBYTES]; 230 uint8_t* nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2;
211 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; 231 new_nonce(nonce);
232 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function
212 memcpy(temp + 1, data, length); 233 memcpy(temp + 1, data, length);
213 temp[0] = request_id; 234 temp[0] = request_id;
214 new_nonce(nonce);
215 int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, 235 int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1,
216 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet); 236 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + packet);
217 237
@@ -221,7 +241,6 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke
221 packet[0] = NET_PACKET_CRYPTO; 241 packet[0] = NET_PACKET_CRYPTO;
222 memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES); 242 memcpy(packet + 1, recv_public_key, crypto_box_PUBLICKEYBYTES);
223 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES); 243 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES, send_public_key, crypto_box_PUBLICKEYBYTES);
224 memcpy(packet + 1 + crypto_box_PUBLICKEYBYTES * 2, nonce, crypto_box_NONCEBYTES);
225 244
226 return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES; 245 return len + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES;
227} 246}
@@ -235,17 +254,19 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke
235int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data, 254int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_key, uint8_t *public_key, uint8_t *data,
236 uint8_t *request_id, const uint8_t *packet, uint16_t length) 255 uint8_t *request_id, const uint8_t *packet, uint16_t length)
237{ 256{
257 if (!self_public_key || !public_key || !data || !request_id || !packet)
258 return -1;
259
238 if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES || 260 if (length <= crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1 + crypto_box_MACBYTES ||
239 length > MAX_CRYPTO_REQUEST_SIZE) 261 length > MAX_CRYPTO_REQUEST_SIZE)
240 return -1; 262 return -1;
241 263
242 if (memcmp(packet + 1, self_public_key, crypto_box_PUBLICKEYBYTES) != 0) 264 if (public_key_cmp(packet + 1, self_public_key) != 0)
243 return -1; 265 return -1;
244 266
245 memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); 267 memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES);
246 uint8_t nonce[crypto_box_NONCEBYTES]; 268 const uint8_t* nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2;
247 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; 269 uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function
248 memcpy(nonce, packet + 1 + crypto_box_PUBLICKEYBYTES * 2, crypto_box_NONCEBYTES);
249 int len1 = decrypt_data(public_key, self_secret_key, nonce, 270 int len1 = decrypt_data(public_key, self_secret_key, nonce,
250 packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, 271 packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES,
251 length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp); 272 length - (crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES + 1), temp);
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h
index eefb1d90..41a5a045 100644
--- a/toxcore/crypto_core.h
+++ b/toxcore/crypto_core.h
@@ -108,7 +108,7 @@ int decrypt_data_symmetric(const uint8_t *secret_key, const uint8_t *nonce, cons
108void increment_nonce(uint8_t *nonce); 108void increment_nonce(uint8_t *nonce);
109 109
110/* increment the given nonce by num */ 110/* increment the given nonce by num */
111void increment_nonce_number(uint8_t *nonce, uint32_t num); 111void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num);
112 112
113/* Fill the given nonce with random bytes. */ 113/* Fill the given nonce with random bytes. */
114void random_nonce(uint8_t *nonce); 114void random_nonce(uint8_t *nonce);
diff --git a/toxcore/friend_connection.c b/toxcore/friend_connection.c
index 04deaf81..e7c8432b 100644
--- a/toxcore/friend_connection.c
+++ b/toxcore/friend_connection.c
@@ -138,7 +138,7 @@ int getfriend_conn_id_pk(Friend_Connections *fr_c, const uint8_t *real_pk)
138 Friend_Conn *friend_con = get_conn(fr_c, i); 138 Friend_Conn *friend_con = get_conn(fr_c, i);
139 139
140 if (friend_con) { 140 if (friend_con) {
141 if (memcmp(friend_con->real_public_key, real_pk, crypto_box_PUBLICKEYBYTES) == 0) 141 if (public_key_cmp(friend_con->real_public_key, real_pk) == 0)
142 return i; 142 return i;
143 } 143 }
144 } 144 }
@@ -159,7 +159,7 @@ int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_
159 return -1; 159 return -1;
160 160
161 /* Local ip and same pk means that they are hosting a TCP relay. */ 161 /* Local ip and same pk means that they are hosting a TCP relay. */
162 if (Local_ip(ip_port.ip) && memcmp(friend_con->dht_temp_pk, public_key, crypto_box_PUBLICKEYBYTES) == 0) { 162 if (Local_ip(ip_port.ip) && public_key_cmp(friend_con->dht_temp_pk, public_key) == 0) {
163 if (friend_con->dht_ip_port.ip.family != 0) { 163 if (friend_con->dht_ip_port.ip.family != 0) {
164 ip_port.ip = friend_con->dht_ip_port.ip; 164 ip_port.ip = friend_con->dht_ip_port.ip;
165 } else { 165 } else {
@@ -173,7 +173,7 @@ int friend_add_tcp_relay(Friend_Connections *fr_c, int friendcon_id, IP_Port ip_
173 173
174 for (i = 0; i < FRIEND_MAX_STORED_TCP_RELAYS; ++i) { 174 for (i = 0; i < FRIEND_MAX_STORED_TCP_RELAYS; ++i) {
175 if (friend_con->tcp_relays[i].ip_port.ip.family != 0 175 if (friend_con->tcp_relays[i].ip_port.ip.family != 0
176 && memcmp(friend_con->tcp_relays[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { 176 && public_key_cmp(friend_con->tcp_relays[i].public_key, public_key) == 0) {
177 memset(&friend_con->tcp_relays[i], 0, sizeof(Node_format)); 177 memset(&friend_con->tcp_relays[i], 0, sizeof(Node_format));
178 } 178 }
179 } 179 }
@@ -356,7 +356,7 @@ static void dht_pk_callback(void *object, int32_t number, const uint8_t *dht_pub
356 if (!friend_con) 356 if (!friend_con)
357 return; 357 return;
358 358
359 if (memcmp(friend_con->dht_temp_pk, dht_public_key, crypto_box_PUBLICKEYBYTES) == 0) 359 if (public_key_cmp(friend_con->dht_temp_pk, dht_public_key) == 0)
360 return; 360 return;
361 361
362 change_dht_pk(fr_c, number, dht_public_key); 362 change_dht_pk(fr_c, number, dht_public_key);
@@ -479,7 +479,7 @@ static int handle_new_connections(void *object, New_Connection *n_c)
479 friend_con->dht_ip_port_lastrecv = unix_time(); 479 friend_con->dht_ip_port_lastrecv = unix_time();
480 } 480 }
481 481
482 if (memcmp(friend_con->dht_temp_pk, n_c->dht_public_key, crypto_box_PUBLICKEYBYTES) != 0) { 482 if (public_key_cmp(friend_con->dht_temp_pk, n_c->dht_public_key) != 0) {
483 change_dht_pk(fr_c, friendcon_id, n_c->dht_public_key); 483 change_dht_pk(fr_c, friendcon_id, n_c->dht_public_key);
484 } 484 }
485 485
diff --git a/toxcore/friend_requests.c b/toxcore/friend_requests.c
index dae1694a..7d4fecd1 100644
--- a/toxcore/friend_requests.c
+++ b/toxcore/friend_requests.c
@@ -94,7 +94,7 @@ int remove_request_received(Friend_Requests *fr, const uint8_t *real_pk)
94 94
95 for (i = 0; i < MAX_RECEIVED_STORED; ++i) { 95 for (i = 0; i < MAX_RECEIVED_STORED; ++i) {
96 if (id_equal(fr->received_requests[i], real_pk)) { 96 if (id_equal(fr->received_requests[i], real_pk)) {
97 memset(fr->received_requests[i], 0, crypto_box_PUBLICKEYBYTES); 97 sodium_memzero(fr->received_requests[i], crypto_box_PUBLICKEYBYTES);
98 return 0; 98 return 0;
99 } 99 }
100 } 100 }
diff --git a/toxcore/group.c b/toxcore/group.c
index 2eadaf74..9313a24b 100644
--- a/toxcore/group.c
+++ b/toxcore/group.c
@@ -106,7 +106,7 @@ static int wipe_group_chat(Group_Chats *g_c, int groupnumber)
106 return -1; 106 return -1;
107 107
108 uint32_t i; 108 uint32_t i;
109 memset(&(g_c->chats[groupnumber]), 0 , sizeof(Group_c)); 109 sodium_memzero(&(g_c->chats[groupnumber]), sizeof(Group_c));
110 110
111 for (i = g_c->num_chats; i != 0; --i) { 111 for (i = g_c->num_chats; i != 0; --i) {
112 if (g_c->chats[i - 1].status != GROUPCHAT_STATUS_NONE) 112 if (g_c->chats[i - 1].status != GROUPCHAT_STATUS_NONE)
@@ -162,7 +162,7 @@ static int get_group_num(const Group_Chats *g_c, const uint8_t *identifier)
162 uint32_t i; 162 uint32_t i;
163 163
164 for (i = 0; i < g_c->num_chats; ++i) 164 for (i = 0; i < g_c->num_chats; ++i)
165 if (memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0) 165 if (sodium_memcmp(g_c->chats[i].identifier, identifier, GROUP_IDENTIFIER_LENGTH) == 0)
166 return i; 166 return i;
167 167
168 return -1; 168 return -1;
@@ -218,14 +218,14 @@ static int add_to_closest(Group_Chats *g_c, int groupnumber, const uint8_t *real
218 if (!g) 218 if (!g)
219 return -1; 219 return -1;
220 220
221 if (memcmp(g->real_pk, real_pk, crypto_box_PUBLICKEYBYTES) == 0) 221 if (public_key_cmp(g->real_pk, real_pk) == 0)
222 return -1; 222 return -1;
223 223
224 unsigned int i; 224 unsigned int i;
225 unsigned int index = DESIRED_CLOSE_CONNECTIONS; 225 unsigned int index = DESIRED_CLOSE_CONNECTIONS;
226 226
227 for (i = 0; i < DESIRED_CLOSE_CONNECTIONS; ++i) { 227 for (i = 0; i < DESIRED_CLOSE_CONNECTIONS; ++i) {
228 if (g->closest_peers[i].entry && memcmp(real_pk, g->closest_peers[i].real_pk, crypto_box_PUBLICKEYBYTES) == 0) { 228 if (g->closest_peers[i].entry && public_key_cmp(real_pk, g->closest_peers[i].real_pk) == 0) {
229 return 0; 229 return 0;
230 } 230 }
231 } 231 }
@@ -299,7 +299,7 @@ static unsigned int pk_in_closest_peers(Group_c *g, uint8_t *real_pk)
299 if (!g->closest_peers[i].entry) 299 if (!g->closest_peers[i].entry)
300 continue; 300 continue;
301 301
302 if (memcmp(g->closest_peers[i].real_pk, real_pk, crypto_box_PUBLICKEYBYTES) == 0) 302 if (public_key_cmp(g->closest_peers[i].real_pk, real_pk) == 0)
303 return 1; 303 return 1;
304 304
305 } 305 }
@@ -1277,7 +1277,7 @@ static void handle_friend_invite_packet(Messenger *m, uint32_t friendnumber, con
1277 if (!g) 1277 if (!g)
1278 return; 1278 return;
1279 1279
1280 if (memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0) 1280 if (sodium_memcmp(data + 1 + sizeof(uint16_t) * 2, g->identifier, GROUP_IDENTIFIER_LENGTH) != 0)
1281 return; 1281 return;
1282 1282
1283 uint16_t peer_number = rand(); /* TODO: what if two people enter the group at the same time and 1283 uint16_t peer_number = rand(); /* TODO: what if two people enter the group at the same time and
@@ -1525,7 +1525,7 @@ static int handle_send_peers(Group_Chats *g_c, int groupnumber, const uint8_t *d
1525 return -1; 1525 return -1;
1526 1526
1527 if (g->status == GROUPCHAT_STATUS_VALID 1527 if (g->status == GROUPCHAT_STATUS_VALID
1528 && memcmp(d, g_c->m->net_crypto->self_public_key, crypto_box_PUBLICKEYBYTES) == 0) { 1528 && public_key_cmp(d, g_c->m->net_crypto->self_public_key) == 0) {
1529 g->peer_number = peer_num; 1529 g->peer_number = peer_num;
1530 g->status = GROUPCHAT_STATUS_CONNECTED; 1530 g->status = GROUPCHAT_STATUS_CONNECTED;
1531 group_name_send(g_c, groupnumber, g_c->m->name, g_c->m->name_length); 1531 group_name_send(g_c, groupnumber, g_c->m->name, g_c->m->name_length);
@@ -2011,7 +2011,7 @@ static unsigned int lossy_packet_not_received(Group_c *g, int peer_index, uint16
2011 uint16_t top_distance = message_number - g->group[peer_index].top_lossy_number; 2011 uint16_t top_distance = message_number - g->group[peer_index].top_lossy_number;
2012 2012
2013 if (top_distance >= MAX_LOSSY_COUNT) { 2013 if (top_distance >= MAX_LOSSY_COUNT) {
2014 memset(g->group[peer_index].recv_lossy, 0, sizeof(g->group[peer_index].recv_lossy)); 2014 sodium_memzero(g->group[peer_index].recv_lossy, sizeof(g->group[peer_index].recv_lossy));
2015 g->group[peer_index].top_lossy_number = message_number; 2015 g->group[peer_index].top_lossy_number = message_number;
2016 g->group[peer_index].bottom_lossy_number = (message_number - MAX_LOSSY_COUNT) + 1; 2016 g->group[peer_index].bottom_lossy_number = (message_number - MAX_LOSSY_COUNT) + 1;
2017 g->group[peer_index].recv_lossy[message_number % MAX_LOSSY_COUNT] = 1; 2017 g->group[peer_index].recv_lossy[message_number % MAX_LOSSY_COUNT] = 1;
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c
index 8e53143f..c6729722 100644
--- a/toxcore/net_crypto.c
+++ b/toxcore/net_crypto.c
@@ -244,7 +244,7 @@ static int tcp_oob_handle_cookie_request(const Net_Crypto *c, unsigned int tcp_c
244 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0) 244 if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0)
245 return -1; 245 return -1;
246 246
247 if (memcmp(dht_public_key, dht_public_key_temp, crypto_box_PUBLICKEYBYTES) != 0) 247 if (public_key_cmp(dht_public_key, dht_public_key_temp) != 0)
248 return -1; 248 return -1;
249 249
250 uint8_t data[COOKIE_RESPONSE_LENGTH]; 250 uint8_t data[COOKIE_RESPONSE_LENGTH];
@@ -363,7 +363,7 @@ static int handle_crypto_handshake(const Net_Crypto *c, uint8_t *nonce, uint8_t
363 if (len != sizeof(plain)) 363 if (len != sizeof(plain))
364 return -1; 364 return -1;
365 365
366 if (memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, crypto_hash_sha512_BYTES) != 0) 366 if (sodium_memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, crypto_hash_sha512_BYTES) != 0)
367 return -1; 367 return -1;
368 368
369 memcpy(nonce, plain, crypto_box_NONCEBYTES); 369 memcpy(nonce, plain, crypto_box_NONCEBYTES);
@@ -1518,7 +1518,7 @@ static int wipe_crypto_connection(Net_Crypto *c, int crypt_connection_id)
1518 1518
1519 /* Keep mutex, only destroy it when connection is realloced out. */ 1519 /* Keep mutex, only destroy it when connection is realloced out. */
1520 pthread_mutex_t mutex = c->crypto_connections[crypt_connection_id].mutex; 1520 pthread_mutex_t mutex = c->crypto_connections[crypt_connection_id].mutex;
1521 memset(&(c->crypto_connections[crypt_connection_id]), 0 , sizeof(Crypto_Connection)); 1521 sodium_memzero(&(c->crypto_connections[crypt_connection_id]), sizeof(Crypto_Connection));
1522 c->crypto_connections[crypt_connection_id].mutex = mutex; 1522 c->crypto_connections[crypt_connection_id].mutex = mutex;
1523 1523
1524 for (i = c->crypto_connections_length; i != 0; --i) { 1524 for (i = c->crypto_connections_length; i != 0; --i) {
@@ -1548,7 +1548,7 @@ static int getcryptconnection_id(const Net_Crypto *c, const uint8_t *public_key)
1548 1548
1549 for (i = 0; i < c->crypto_connections_length; ++i) { 1549 for (i = 0; i < c->crypto_connections_length; ++i) {
1550 if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION) 1550 if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION)
1551 if (memcmp(public_key, c->crypto_connections[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) 1551 if (public_key_cmp(public_key, c->crypto_connections[i].public_key) == 0)
1552 return i; 1552 return i;
1553 } 1553 }
1554 1554
@@ -2709,6 +2709,6 @@ void kill_net_crypto(Net_Crypto *c)
2709 networking_registerhandler(c->dht->net, NET_PACKET_COOKIE_RESPONSE, NULL, NULL); 2709 networking_registerhandler(c->dht->net, NET_PACKET_COOKIE_RESPONSE, NULL, NULL);
2710 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_HS, NULL, NULL); 2710 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_HS, NULL, NULL);
2711 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_DATA, NULL, NULL); 2711 networking_registerhandler(c->dht->net, NET_PACKET_CRYPTO_DATA, NULL, NULL);
2712 memset(c, 0, sizeof(Net_Crypto)); 2712 sodium_memzero(c, sizeof(Net_Crypto));
2713 free(c); 2713 free(c);
2714} 2714}
diff --git a/toxcore/network.c b/toxcore/network.c
index 965e65f9..04efd03b 100644
--- a/toxcore/network.c
+++ b/toxcore/network.c
@@ -699,6 +699,9 @@ Networking_Core *new_networking_ex(IP ip, uint16_t port_from, uint16_t port_to,
699/* Function to cleanup networking stuff. */ 699/* Function to cleanup networking stuff. */
700void kill_networking(Networking_Core *net) 700void kill_networking(Networking_Core *net)
701{ 701{
702 if (!net)
703 return;
704
702 if (net->family != 0) /* Socket not initialized */ 705 if (net->family != 0) /* Socket not initialized */
703 kill_sock(net->sock); 706 kill_sock(net->sock);
704 707
@@ -823,7 +826,7 @@ void ipport_copy(IP_Port *target, const IP_Port *source)
823 * writes error message into the buffer on error 826 * writes error message into the buffer on error
824 */ 827 */
825/* there would be INET6_ADDRSTRLEN, but it might be too short for the error message */ 828/* there would be INET6_ADDRSTRLEN, but it might be too short for the error message */
826static char addresstext[96]; 829static char addresstext[96]; // FIXME magic number. Why not INET6_ADDRSTRLEN ?
827const char *ip_ntoa(const IP *ip) 830const char *ip_ntoa(const IP *ip)
828{ 831{
829 if (ip) { 832 if (ip) {
@@ -964,10 +967,10 @@ int addr_resolve(const char *address, IP *to, IP *extra)
964 return 0; 967 return 0;
965 } 968 }
966 969
967 IP4 ip4; 970 IP ip4;
968 memset(&ip4, 0, sizeof(ip4)); 971 ip_init(&ip4, /* ipv6? */ false);
969 IP6 ip6; 972 IP ip6;
970 memset(&ip6, 0, sizeof(ip6)); 973 ip_init(&ip6, /* ipv6? */ true);
971 974
972 for (walker = server; (walker != NULL) && (rc != 3); walker = walker->ai_next) { 975 for (walker = server; (walker != NULL) && (rc != 3); walker = walker->ai_next) {
973 switch (walker->ai_family) { 976 switch (walker->ai_family) {
@@ -975,11 +978,11 @@ int addr_resolve(const char *address, IP *to, IP *extra)
975 if (walker->ai_family == family) { /* AF_INET requested, done */ 978 if (walker->ai_family == family) { /* AF_INET requested, done */
976 struct sockaddr_in *addr = (struct sockaddr_in *)walker->ai_addr; 979 struct sockaddr_in *addr = (struct sockaddr_in *)walker->ai_addr;
977 to->ip4.in_addr = addr->sin_addr; 980 to->ip4.in_addr = addr->sin_addr;
978 rc = 3; 981 rc = 3; // TODO do we really have to reuse variable instead of creating a new one?
979 } else if (!(rc & 1)) { /* AF_UNSPEC requested, store away */ 982 } else if (!(rc & 1)) { /* AF_UNSPEC requested, store away */
980 struct sockaddr_in *addr = (struct sockaddr_in *)walker->ai_addr; 983 struct sockaddr_in *addr = (struct sockaddr_in *)walker->ai_addr;
981 ip4.in_addr = addr->sin_addr; 984 ip4.ip4.in_addr = addr->sin_addr;
982 rc |= 1; 985 rc |= 1; // FIXME magic number
983 } 986 }
984 987
985 break; /* switch */ 988 break; /* switch */
@@ -994,7 +997,7 @@ int addr_resolve(const char *address, IP *to, IP *extra)
994 } else if (!(rc & 2)) { /* AF_UNSPEC requested, store away */ 997 } else if (!(rc & 2)) { /* AF_UNSPEC requested, store away */
995 if (walker->ai_addrlen == sizeof(struct sockaddr_in6)) { 998 if (walker->ai_addrlen == sizeof(struct sockaddr_in6)) {
996 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)walker->ai_addr; 999 struct sockaddr_in6 *addr = (struct sockaddr_in6 *)walker->ai_addr;
997 ip6.in6_addr = addr->sin6_addr; 1000 ip6.ip6.in6_addr = addr->sin6_addr;
998 rc |= 2; 1001 rc |= 2;
999 } 1002 }
1000 } 1003 }
@@ -1004,17 +1007,14 @@ int addr_resolve(const char *address, IP *to, IP *extra)
1004 } 1007 }
1005 1008
1006 if (to->family == AF_UNSPEC) { 1009 if (to->family == AF_UNSPEC) {
1007 if (rc & 2) { 1010 if (rc & 2) { // FIXME magic number
1008 to->family = AF_INET6; 1011 ip_copy(to, &ip6);
1009 to->ip6 = ip6;
1010 1012
1011 if ((rc & 1) && (extra != NULL)) { 1013 if ((rc & 1) && (extra != NULL)) {
1012 extra->family = AF_INET; 1014 ip_copy(extra, &ip4);
1013 extra->ip4 = ip4;
1014 } 1015 }
1015 } else if (rc & 1) { 1016 } else if (rc & 1) {
1016 to->family = AF_INET; 1017 ip_copy(to, &ip4);
1017 to->ip4 = ip4;
1018 } else 1018 } else
1019 rc = 0; 1019 rc = 0;
1020 } 1020 }
diff --git a/toxcore/onion_announce.c b/toxcore/onion_announce.c
index 25f3e0f8..82c3dc96 100644
--- a/toxcore/onion_announce.c
+++ b/toxcore/onion_announce.c
@@ -211,7 +211,7 @@ static int in_entries(const Onion_Announce *onion_a, const uint8_t *public_key)
211 211
212 for (i = 0; i < ONION_ANNOUNCE_MAX_ENTRIES; ++i) { 212 for (i = 0; i < ONION_ANNOUNCE_MAX_ENTRIES; ++i) {
213 if (!is_timeout(onion_a->entries[i].time, ONION_ANNOUNCE_TIMEOUT) 213 if (!is_timeout(onion_a->entries[i].time, ONION_ANNOUNCE_TIMEOUT)
214 && memcmp(onion_a->entries[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) 214 && public_key_cmp(onion_a->entries[i].public_key, public_key) == 0)
215 return i; 215 return i;
216 } 216 }
217 217
@@ -316,7 +316,7 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t *
316 316
317 uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES; 317 uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES;
318 318
319 if (memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 || memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { 319 if (sodium_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 || sodium_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) {
320 index = add_to_entries(onion_a, source, packet_public_key, data_public_key, 320 index = add_to_entries(onion_a, source, packet_public_key, data_public_key,
321 packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)); 321 packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3));
322 } else { 322 } else {
@@ -336,8 +336,8 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t *
336 pl[0] = 0; 336 pl[0] = 0;
337 memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE); 337 memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
338 } else { 338 } else {
339 if (memcmp(onion_a->entries[index].public_key, packet_public_key, crypto_box_PUBLICKEYBYTES) == 0) { 339 if (public_key_cmp(onion_a->entries[index].public_key, packet_public_key) == 0) {
340 if (memcmp(onion_a->entries[index].data_public_key, data_public_key, crypto_box_PUBLICKEYBYTES) != 0) { 340 if (public_key_cmp(onion_a->entries[index].data_public_key, data_public_key) != 0) {
341 pl[0] = 0; 341 pl[0] = 0;
342 memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE); 342 memcpy(pl + 1, ping_id2, ONION_PING_ID_SIZE);
343 } else { 343 } else {
diff --git a/toxcore/onion_client.c b/toxcore/onion_client.c
index d6d078e1..b879f393 100644
--- a/toxcore/onion_client.c
+++ b/toxcore/onion_client.c
@@ -46,7 +46,7 @@ int onion_add_bs_path_node(Onion_Client *onion_c, IP_Port ip_port, const uint8_t
46 unsigned int i; 46 unsigned int i;
47 47
48 for (i = 0; i < MAX_PATH_NODES; ++i) { 48 for (i = 0; i < MAX_PATH_NODES; ++i) {
49 if (memcmp(public_key, onion_c->path_nodes_bs[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) 49 if (public_key_cmp(public_key, onion_c->path_nodes_bs[i].public_key) == 0)
50 return -1; 50 return -1;
51 } 51 }
52 52
@@ -76,7 +76,7 @@ static int onion_add_path_node(Onion_Client *onion_c, IP_Port ip_port, const uin
76 unsigned int i; 76 unsigned int i;
77 77
78 for (i = 0; i < MAX_PATH_NODES; ++i) { 78 for (i = 0; i < MAX_PATH_NODES; ++i) {
79 if (memcmp(public_key, onion_c->path_nodes[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) 79 if (public_key_cmp(public_key, onion_c->path_nodes[i].public_key) == 0)
80 return -1; 80 return -1;
81 } 81 }
82 82
@@ -190,6 +190,7 @@ static int is_path_used(const Onion_Client_Paths *onion_paths, const Node_format
190 continue; 190 continue;
191 } 191 }
192 192
193 // TODO: do we really have to check it with the last node?
193 if (ipport_equal(&onion_paths->paths[i].ip_port1, &nodes[ONION_PATH_LENGTH - 1].ip_port)) { 194 if (ipport_equal(&onion_paths->paths[i].ip_port1, &nodes[ONION_PATH_LENGTH - 1].ip_port)) {
194 return i; 195 return i;
195 } 196 }
@@ -484,7 +485,7 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t
484 reference_id = onion_c->c->self_public_key; 485 reference_id = onion_c->c->self_public_key;
485 list_length = MAX_ONION_CLIENTS_ANNOUNCE; 486 list_length = MAX_ONION_CLIENTS_ANNOUNCE;
486 487
487 if (is_stored == 1 && memcmp(pingid_or_key, onion_c->temp_public_key, crypto_box_PUBLICKEYBYTES) != 0) { 488 if (is_stored == 1 && public_key_cmp(pingid_or_key, onion_c->temp_public_key) != 0) {
488 is_stored = 0; 489 is_stored = 0;
489 } 490 }
490 491
@@ -509,7 +510,7 @@ static int client_add_to_list(Onion_Client *onion_c, uint32_t num, const uint8_t
509 } 510 }
510 511
511 for (i = 0; i < list_length; ++i) { 512 for (i = 0; i < list_length; ++i) {
512 if (memcmp(list_nodes[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { 513 if (public_key_cmp(list_nodes[i].public_key, public_key) == 0) {
513 index = i; 514 index = i;
514 stored = 1; 515 stored = 1;
515 break; 516 break;
@@ -547,7 +548,7 @@ static int good_to_ping(Last_Pinged *last_pinged, uint8_t *last_pinged_index, co
547 548
548 for (i = 0; i < MAX_STORED_PINGED_NODES; ++i) { 549 for (i = 0; i < MAX_STORED_PINGED_NODES; ++i) {
549 if (!is_timeout(last_pinged[i].timestamp, MIN_NODE_PING_TIME)) 550 if (!is_timeout(last_pinged[i].timestamp, MIN_NODE_PING_TIME))
550 if (memcmp(last_pinged[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) 551 if (public_key_cmp(last_pinged[i].public_key, public_key) == 0)
551 return 0; 552 return 0;
552 } 553 }
553 554
@@ -602,7 +603,7 @@ static int client_ping_nodes(Onion_Client *onion_c, uint32_t num, const Node_for
602 || id_closest(reference_id, list_nodes[1].public_key, nodes[i].public_key) == 2 ) { 603 || id_closest(reference_id, list_nodes[1].public_key, nodes[i].public_key) == 2 ) {
603 /* check if node is already in list. */ 604 /* check if node is already in list. */
604 for (j = 0; j < list_length; ++j) { 605 for (j = 0; j < list_length; ++j) {
605 if (memcmp(list_nodes[j].public_key, nodes[i].public_key, crypto_box_PUBLICKEYBYTES) == 0) { 606 if (public_key_cmp(list_nodes[j].public_key, nodes[i].public_key) == 0) {
606 break; 607 break;
607 } 608 }
608 } 609 }
@@ -912,7 +913,7 @@ static int handle_dht_dhtpk(void *object, IP_Port source, const uint8_t *source_
912 if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES)) 913 if (len != length - (DATA_IN_RESPONSE_MIN_SIZE + crypto_box_NONCEBYTES))
913 return 1; 914 return 1;
914 915
915 if (memcmp(source_pubkey, plain + 1 + sizeof(uint64_t), crypto_box_PUBLICKEYBYTES) != 0) 916 if (public_key_cmp(source_pubkey, plain + 1 + sizeof(uint64_t)) != 0)
916 return 1; 917 return 1;
917 918
918 return handle_dhtpk_announce(onion_c, packet, plain, len); 919 return handle_dhtpk_announce(onion_c, packet, plain, len);
@@ -981,7 +982,7 @@ int onion_friend_num(const Onion_Client *onion_c, const uint8_t *public_key)
981 if (onion_c->friends_list[i].status == 0) 982 if (onion_c->friends_list[i].status == 0)
982 continue; 983 continue;
983 984
984 if (memcmp(public_key, onion_c->friends_list[i].real_public_key, crypto_box_PUBLICKEYBYTES) == 0) 985 if (public_key_cmp(public_key, onion_c->friends_list[i].real_public_key) == 0)
985 return i; 986 return i;
986 } 987 }
987 988
@@ -1059,7 +1060,7 @@ int onion_delfriend(Onion_Client *onion_c, int friend_num)
1059 //if (onion_c->friends_list[friend_num].know_dht_public_key) 1060 //if (onion_c->friends_list[friend_num].know_dht_public_key)
1060 // DHT_delfriend(onion_c->dht, onion_c->friends_list[friend_num].dht_public_key, 0); 1061 // DHT_delfriend(onion_c->dht, onion_c->friends_list[friend_num].dht_public_key, 0);
1061 1062
1062 memset(&(onion_c->friends_list[friend_num]), 0, sizeof(Onion_Friend)); 1063 sodium_memzero(&(onion_c->friends_list[friend_num]), sizeof(Onion_Friend));
1063 unsigned int i; 1064 unsigned int i;
1064 1065
1065 for (i = onion_c->num_friends; i != 0; --i) { 1066 for (i = onion_c->num_friends; i != 0; --i) {
@@ -1129,7 +1130,7 @@ int onion_set_friend_DHT_pubkey(Onion_Client *onion_c, int friend_num, const uin
1129 return -1; 1130 return -1;
1130 1131
1131 if (onion_c->friends_list[friend_num].know_dht_public_key) { 1132 if (onion_c->friends_list[friend_num].know_dht_public_key) {
1132 if (memcmp(dht_key, onion_c->friends_list[friend_num].dht_public_key, crypto_box_PUBLICKEYBYTES) == 0) { 1133 if (public_key_cmp(dht_key, onion_c->friends_list[friend_num].dht_public_key) == 0) {
1133 return -1; 1134 return -1;
1134 } 1135 }
1135 1136
@@ -1522,7 +1523,7 @@ void kill_onion_client(Onion_Client *onion_c)
1522 oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, NULL, NULL); 1523 oniondata_registerhandler(onion_c, ONION_DATA_DHTPK, NULL, NULL);
1523 cryptopacket_registerhandler(onion_c->dht, CRYPTO_PACKET_DHTPK, NULL, NULL); 1524 cryptopacket_registerhandler(onion_c->dht, CRYPTO_PACKET_DHTPK, NULL, NULL);
1524 set_onion_packet_tcp_connection_callback(onion_c->c->tcp_c, NULL, NULL); 1525 set_onion_packet_tcp_connection_callback(onion_c->c->tcp_c, NULL, NULL);
1525 memset(onion_c, 0, sizeof(Onion_Client)); 1526 sodium_memzero(onion_c, sizeof(Onion_Client));
1526 free(onion_c); 1527 free(onion_c);
1527} 1528}
1528 1529
diff --git a/toxcore/ping.c b/toxcore/ping.c
index 2c6125e8..f81766cb 100644
--- a/toxcore/ping.c
+++ b/toxcore/ping.c
@@ -284,7 +284,7 @@ int add_to_ping(PING *ping, const uint8_t *public_key, IP_Port ip_port)
284 return 0; 284 return 0;
285 } 285 }
286 286
287 if (memcmp(ping->to_ping[i].public_key, public_key, crypto_box_PUBLICKEYBYTES) == 0) { 287 if (public_key_cmp(ping->to_ping[i].public_key, public_key) == 0) {
288 return -1; 288 return -1;
289 } 289 }
290 } 290 }
diff --git a/toxcore/tox.c b/toxcore/tox.c
index 3e9db766..c28c5178 100644
--- a/toxcore/tox.c
+++ b/toxcore/tox.c
@@ -153,7 +153,7 @@ Tox *tox_new(const struct Tox_Options *options, TOX_ERR_NEW *error)
153 return NULL; 153 return NULL;
154 } 154 }
155 155
156 if (memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) { 156 if (sodium_memcmp(options->savedata_data, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH) == 0) {
157 SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_ENCRYPTED); 157 SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_ENCRYPTED);
158 return NULL; 158 return NULL;
159 } 159 }
diff --git a/toxcore/util.c b/toxcore/util.c
index 28d8721c..ea1988e4 100644
--- a/toxcore/util.c
+++ b/toxcore/util.c
@@ -60,7 +60,7 @@ int is_timeout(uint64_t timestamp, uint64_t timeout)
60/* id functions */ 60/* id functions */
61bool id_equal(const uint8_t *dest, const uint8_t *src) 61bool id_equal(const uint8_t *dest, const uint8_t *src)
62{ 62{
63 return memcmp(dest, src, crypto_box_PUBLICKEYBYTES) == 0; 63 return public_key_cmp(dest, src) == 0;
64} 64}
65 65
66uint32_t id_copy(uint8_t *dest, const uint8_t *src) 66uint32_t id_copy(uint8_t *dest, const uint8_t *src)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-09 13:10:16 +0000