Code review #1506
Code review #1506
Conversation
|
This breaks compatibility with vanilla NaCl https://nacl.cr.yp.to/ |
|
@towlie , do you have any idea how to make |
|
@kpp toxcore has never been shy to write it's own wrappers for functions. Why not create a |
|
@GrayHatter I did not find a similar function in NaCl. Maybe you can do that? Or do you propose me to write something like: I will not do that, because that will be unsafe. |
|
@kpp less safe than it is right now? |
|
I was thinking about libbsd and their explicit_bzero. |
|
@irungentoo any comments? |
fix: make increment_nonce & increment_nonce_number independent of user-controlled input fix: make crypto_core more stable agains null ptr dereference
|
A bit paranoid but that's fine. I just need to check if using public_key_cmp everywhere doesn't slow down the code too much. |
@irungentoo Well, asymptotic complexity of comparing public keys using memcmp is O(N), using public_key_cmp is ~N, so there are such public keys that in the worst case compares with memcmp as "slow" as they are compared with public_key_cmp. There must be no slow down. |
| uint_fast16_t carry = 0U; | ||
| for (; i != 0; --i) { | ||
| carry += (uint_fast16_t) nonce[i] + (uint_fast16_t) num_as_nonce[i]; | ||
| nonce[i] = (unsigned char) carry; |
There was a problem hiding this comment.
I fixed it already but here the array indexes should have been i - 1.
There was a problem hiding this comment.
Nice, I will fix it in 1-2 days
There was a problem hiding this comment.
@irungentoo thank you. That was a bad bug. I wrote unit tests for that case. See PR.
fix: compare sensitive data with sodium_memcmp
fix: replace memset with sodium_memzero for sensitive data
fix: make increment_nonce & increment_nonce_number independent of user-controlled input
fix: make crypto_core more stable agains null ptr dereference
fix: update apt before installing anything
add: comments about hairy code