diff options
-rw-r--r-- | auto_tests/encryptsave_test.c | 1 | ||||
-rw-r--r-- | configure.ac | 1 | ||||
-rw-r--r-- | toxcore/crypto_core.c | 12 | ||||
-rw-r--r-- | toxcore/crypto_core.h | 3 | ||||
-rw-r--r-- | toxcore/net_crypto.c | 3 | ||||
-rw-r--r-- | toxcore/onion_announce.c | 3 | ||||
-rw-r--r-- | toxencryptsave/Makefile.inc | 13 | ||||
-rw-r--r-- | toxencryptsave/toxencryptsave.c | 1 |
8 files changed, 23 insertions, 14 deletions
diff --git a/auto_tests/encryptsave_test.c b/auto_tests/encryptsave_test.c index d187e352..266dfe96 100644 --- a/auto_tests/encryptsave_test.c +++ b/auto_tests/encryptsave_test.c | |||
@@ -17,7 +17,6 @@ | |||
17 | #include "../toxcore/crypto_core.h" | 17 | #include "../toxcore/crypto_core.h" |
18 | #ifdef VANILLA_NACL | 18 | #ifdef VANILLA_NACL |
19 | #include "../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" | 19 | #include "../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" |
20 | #include "../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/utils.h" /* sodium_memzero */ | ||
21 | #endif | 20 | #endif |
22 | 21 | ||
23 | unsigned char salt[32] = {0xB1, 0xC2, 0x09, 0xEE, 0x50, 0x6C, 0xF0, 0x20, 0xC4, 0xD6, 0xEB, 0xC0, 0x44, 0x51, 0x3B, 0x60, 0x4B, 0x39, 0x4A, 0xCF, 0x09, 0x53, 0x4F, 0xEA, 0x08, 0x41, 0xFA, 0xCA, 0x66, 0xD2, 0x68, 0x7F}; | 22 | unsigned char salt[32] = {0xB1, 0xC2, 0x09, 0xEE, 0x50, 0x6C, 0xF0, 0x20, 0xC4, 0xD6, 0xEB, 0xC0, 0x44, 0x51, 0x3B, 0x60, 0x4B, 0x39, 0x4A, 0xCF, 0x09, 0x53, 0x4F, 0xEA, 0x08, 0x41, 0xFA, 0xCA, 0x66, 0xD2, 0x68, 0x7F}; |
diff --git a/configure.ac b/configure.ac index ecbb5e46..46162b44 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -688,6 +688,7 @@ AM_CONDITIONAL(BUILD_TESTS, test "x$BUILD_TESTS" = "xyes") | |||
688 | AM_CONDITIONAL(BUILD_NTOX, test "x$BUILD_NTOX" = "xyes") | 688 | AM_CONDITIONAL(BUILD_NTOX, test "x$BUILD_NTOX" = "xyes") |
689 | AM_CONDITIONAL(BUILD_AV, test "x$BUILD_AV" = "xyes") | 689 | AM_CONDITIONAL(BUILD_AV, test "x$BUILD_AV" = "xyes") |
690 | AM_CONDITIONAL(BUILD_TESTING, test "x$BUILD_TESTING" = "xyes") | 690 | AM_CONDITIONAL(BUILD_TESTING, test "x$BUILD_TESTING" = "xyes") |
691 | AM_CONDITIONAL(WITH_NACL, test "x$WANT_NACL" = "xyes") | ||
691 | AM_CONDITIONAL(WIN32, test "x$WIN32" = "xyes") | 692 | AM_CONDITIONAL(WIN32, test "x$WIN32" = "xyes") |
692 | 693 | ||
693 | AC_CONFIG_FILES([Makefile | 694 | AC_CONFIG_FILES([Makefile |
diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index 679ba669..a733c38e 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c | |||
@@ -158,6 +158,7 @@ void increment_nonce(uint8_t *nonce) | |||
158 | */ | 158 | */ |
159 | uint32_t i = crypto_box_NONCEBYTES; | 159 | uint32_t i = crypto_box_NONCEBYTES; |
160 | uint_fast16_t carry = 1U; | 160 | uint_fast16_t carry = 1U; |
161 | |||
161 | for (; i != 0; --i) { | 162 | for (; i != 0; --i) { |
162 | carry += (uint_fast16_t) nonce[i - 1]; | 163 | carry += (uint_fast16_t) nonce[i - 1]; |
163 | nonce[i - 1] = (uint8_t) carry; | 164 | nonce[i - 1] = (uint8_t) carry; |
@@ -173,7 +174,7 @@ void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num) | |||
173 | * are independent of user-controlled input (you may have heard of the Heartbleed bug). | 174 | * are independent of user-controlled input (you may have heard of the Heartbleed bug). |
174 | */ | 175 | */ |
175 | const uint32_t big_endian_num = htonl(host_order_num); | 176 | const uint32_t big_endian_num = htonl(host_order_num); |
176 | const uint8_t* const num_vec = (const uint8_t*) &big_endian_num; | 177 | const uint8_t *const num_vec = (const uint8_t *) &big_endian_num; |
177 | uint8_t num_as_nonce[crypto_box_NONCEBYTES] = {0}; | 178 | uint8_t num_as_nonce[crypto_box_NONCEBYTES] = {0}; |
178 | num_as_nonce[crypto_box_NONCEBYTES - 4] = num_vec[0]; | 179 | num_as_nonce[crypto_box_NONCEBYTES - 4] = num_vec[0]; |
179 | num_as_nonce[crypto_box_NONCEBYTES - 3] = num_vec[1]; | 180 | num_as_nonce[crypto_box_NONCEBYTES - 3] = num_vec[1]; |
@@ -182,9 +183,10 @@ void increment_nonce_number(uint8_t *nonce, uint32_t host_order_num) | |||
182 | 183 | ||
183 | uint32_t i = crypto_box_NONCEBYTES; | 184 | uint32_t i = crypto_box_NONCEBYTES; |
184 | uint_fast16_t carry = 0U; | 185 | uint_fast16_t carry = 0U; |
186 | |||
185 | for (; i != 0; --i) { | 187 | for (; i != 0; --i) { |
186 | carry += (uint_fast16_t) nonce[i] + (uint_fast16_t) num_as_nonce[i]; | 188 | carry += (uint_fast16_t) nonce[i - 1] + (uint_fast16_t) num_as_nonce[i - 1]; |
187 | nonce[i] = (unsigned char) carry; | 189 | nonce[i - 1] = (unsigned char) carry; |
188 | carry >>= 8; | 190 | carry >>= 8; |
189 | } | 191 | } |
190 | } | 192 | } |
@@ -227,7 +229,7 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke | |||
227 | crypto_box_MACBYTES) | 229 | crypto_box_MACBYTES) |
228 | return -1; | 230 | return -1; |
229 | 231 | ||
230 | uint8_t* nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; | 232 | uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; |
231 | new_nonce(nonce); | 233 | new_nonce(nonce); |
232 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function | 234 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function |
233 | memcpy(temp + 1, data, length); | 235 | memcpy(temp + 1, data, length); |
@@ -265,7 +267,7 @@ int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_ke | |||
265 | return -1; | 267 | return -1; |
266 | 268 | ||
267 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); | 269 | memcpy(public_key, packet + 1 + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); |
268 | const uint8_t* nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; | 270 | const uint8_t *nonce = packet + 1 + crypto_box_PUBLICKEYBYTES * 2; |
269 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function | 271 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // FIXME sodium_memzero before exit function |
270 | int len1 = decrypt_data(public_key, self_secret_key, nonce, | 272 | int len1 = decrypt_data(public_key, self_secret_key, nonce, |
271 | packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, | 273 | packet + 1 + crypto_box_PUBLICKEYBYTES * 2 + crypto_box_NONCEBYTES, |
diff --git a/toxcore/crypto_core.h b/toxcore/crypto_core.h index 41a5a045..ab509f09 100644 --- a/toxcore/crypto_core.h +++ b/toxcore/crypto_core.h | |||
@@ -37,6 +37,9 @@ | |||
37 | #include <crypto_verify_32.h> | 37 | #include <crypto_verify_32.h> |
38 | #include <crypto_scalarmult_curve25519.h> | 38 | #include <crypto_scalarmult_curve25519.h> |
39 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) | 39 | #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) |
40 | /* I know */ | ||
41 | #define sodium_memcmp(a, b, c) memcmp(a, b, c) | ||
42 | #define sodium_memzero(a, c) memset(a, 0, c) | ||
40 | #endif | 43 | #endif |
41 | 44 | ||
42 | #define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) | 45 | #define crypto_box_KEYBYTES (crypto_box_BEFORENMBYTES) |
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index c6729722..f8a85adf 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -363,7 +363,8 @@ static int handle_crypto_handshake(const Net_Crypto *c, uint8_t *nonce, uint8_t | |||
363 | if (len != sizeof(plain)) | 363 | if (len != sizeof(plain)) |
364 | return -1; | 364 | return -1; |
365 | 365 | ||
366 | if (sodium_memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, crypto_hash_sha512_BYTES) != 0) | 366 | if (sodium_memcmp(cookie_hash, plain + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES, |
367 | crypto_hash_sha512_BYTES) != 0) | ||
367 | return -1; | 368 | return -1; |
368 | 369 | ||
369 | memcpy(nonce, plain, crypto_box_NONCEBYTES); | 370 | memcpy(nonce, plain, crypto_box_NONCEBYTES); |
diff --git a/toxcore/onion_announce.c b/toxcore/onion_announce.c index 82c3dc96..676b38da 100644 --- a/toxcore/onion_announce.c +++ b/toxcore/onion_announce.c | |||
@@ -316,7 +316,8 @@ static int handle_announce_request(void *object, IP_Port source, const uint8_t * | |||
316 | 316 | ||
317 | uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES; | 317 | uint8_t *data_public_key = plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES; |
318 | 318 | ||
319 | if (sodium_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 || sodium_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { | 319 | if (sodium_memcmp(ping_id1, plain, ONION_PING_ID_SIZE) == 0 |
320 | || sodium_memcmp(ping_id2, plain, ONION_PING_ID_SIZE) == 0) { | ||
320 | index = add_to_entries(onion_a, source, packet_public_key, data_public_key, | 321 | index = add_to_entries(onion_a, source, packet_public_key, data_public_key, |
321 | packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)); | 322 | packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)); |
322 | } else { | 323 | } else { |
diff --git a/toxencryptsave/Makefile.inc b/toxencryptsave/Makefile.inc index 1155e954..20c8b1b3 100644 --- a/toxencryptsave/Makefile.inc +++ b/toxencryptsave/Makefile.inc | |||
@@ -5,7 +5,12 @@ libtoxencryptsave_la_include_HEADERS = \ | |||
5 | 5 | ||
6 | libtoxencryptsave_la_includedir = $(includedir)/tox | 6 | libtoxencryptsave_la_includedir = $(includedir)/tox |
7 | 7 | ||
8 | libtoxencryptsave_la_SOURCES = ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h \ | 8 | libtoxencryptsave_la_SOURCES = ../toxencryptsave/toxencryptsave.h \ |
9 | ../toxencryptsave/toxencryptsave.c | ||
10 | |||
11 | |||
12 | if WITH_NACL | ||
13 | libtoxencryptsave_la_SOURCES += ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h \ | ||
9 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_scrypt.h \ | 14 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/crypto_scrypt.h \ |
10 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pbkdf2-sha256.c \ | 15 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pbkdf2-sha256.c \ |
11 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c \ | 16 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c \ |
@@ -19,10 +24,8 @@ libtoxencryptsave_la_SOURCES = ../toxencryptsave/crypto_pwhash_scryptsalsa208sha | |||
19 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/sysendian.h \ | 24 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/sysendian.h \ |
20 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/utils.h \ | 25 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/utils.h \ |
21 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c \ | 26 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/nosse/pwhash_scryptsalsa208sha256_nosse.c \ |
22 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c \ | 27 | ../toxencryptsave/crypto_pwhash_scryptsalsa208sha256/sse/pwhash_scryptsalsa208sha256_sse.c |
23 | ../toxencryptsave/toxencryptsave.h \ | 28 | endif |
24 | ../toxencryptsave/toxencryptsave.c | ||
25 | |||
26 | 29 | ||
27 | libtoxencryptsave_la_CFLAGS = -I$(top_srcdir) \ | 30 | libtoxencryptsave_la_CFLAGS = -I$(top_srcdir) \ |
28 | -I$(top_srcdir)/toxcore \ | 31 | -I$(top_srcdir)/toxcore \ |
diff --git a/toxencryptsave/toxencryptsave.c b/toxencryptsave/toxencryptsave.c index e6150ce2..5c40f639 100644 --- a/toxencryptsave/toxencryptsave.c +++ b/toxencryptsave/toxencryptsave.c | |||
@@ -32,7 +32,6 @@ | |||
32 | 32 | ||
33 | #ifdef VANILLA_NACL | 33 | #ifdef VANILLA_NACL |
34 | #include "crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" | 34 | #include "crypto_pwhash_scryptsalsa208sha256/crypto_pwhash_scryptsalsa208sha256.h" |
35 | #include "crypto_pwhash_scryptsalsa208sha256/utils.h" /* sodium_memzero */ | ||
36 | #include <crypto_hash_sha256.h> | 35 | #include <crypto_hash_sha256.h> |
37 | #endif | 36 | #endif |
38 | 37 | ||