From 633edcf45264203c1c0a2b00aed503e480ab7af4 Mon Sep 17 00:00:00 2001
From: irungentoo <irungentoo@gmail.com>
Date: Thu, 1 Aug 2013 14:44:51 -0400
Subject: Fixed possible timing problem.

---
 core/net_crypto.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'core')

diff --git a/core/net_crypto.c b/core/net_crypto.c
index 2cc6f06e..83cb20a2 100644
--- a/core/net_crypto.c
+++ b/core/net_crypto.c
@@ -73,10 +73,13 @@ int encrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
     /* if encryption is successful the first crypto_box_BOXZEROBYTES of the message will be zero
        apparently memcmp should not be used so we do this instead:*/
     uint32_t i;
+    uint32_t check = 0;
     for(i = 0; i < crypto_box_BOXZEROBYTES; ++i) {
         if (temp_encrypted[i] != 0)
-            return -1;
+            check = 1;
     }
+    if(check == 1)
+        return -1;
 
     /* unpad the encrypted message */
     memcpy(encrypted, temp_encrypted + crypto_box_BOXZEROBYTES, length - crypto_box_BOXZEROBYTES + crypto_box_ZEROBYTES);
@@ -105,10 +108,13 @@ int decrypt_data(uint8_t *public_key, uint8_t *secret_key, uint8_t *nonce,
     /* if decryption is successful the first crypto_box_ZEROBYTES of the message will be zero 
        apparently memcmp should not be used so we do this instead:*/
     uint32_t i;
+    uint32_t check = 0;
     for(i = 0; i < crypto_box_ZEROBYTES; ++i) {
         if (temp_plain[i] != 0)
-            return -1;
+            check = 1;
     }
+    if(check == 1)
+        return -1;
 
     /* unpad the plain message */
     memcpy(plain, temp_plain + crypto_box_ZEROBYTES, length - crypto_box_ZEROBYTES + crypto_box_BOXZEROBYTES);
-- 
cgit v1.2.3