-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Code review #1506
Code review #1506
Conversation
This breaks compatibility with vanilla NaCl https://nacl.cr.yp.to/ |
@towlie , do you have any idea how to make |
@kpp toxcore has never been shy to write it's own wrappers for functions. Why not create a |
@GrayHatter I did not find a similar function in NaCl. Maybe you can do that? Or do you propose me to write something like:
I will not do that, because that will be unsafe. |
@kpp less safe than it is right now? |
I was thinking about libbsd and their explicit_bzero. |
@irungentoo any comments? |
fix: make increment_nonce & increment_nonce_number independent of user-controlled input fix: make crypto_core more stable agains null ptr dereference
A bit paranoid but that's fine. I just need to check if using public_key_cmp everywhere doesn't slow down the code too much. |
@irungentoo Well, asymptotic complexity of comparing public keys using memcmp is O(N), using public_key_cmp is ~N, so there are such public keys that in the worst case compares with memcmp as "slow" as they are compared with public_key_cmp. There must be no slow down. |
uint_fast16_t carry = 0U; | ||
for (; i != 0; --i) { | ||
carry += (uint_fast16_t) nonce[i] + (uint_fast16_t) num_as_nonce[i]; | ||
nonce[i] = (unsigned char) carry; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I fixed it already but here the array indexes should have been i - 1.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, I will fix it in 1-2 days
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@irungentoo thank you. That was a bad bug. I wrote unit tests for that case. See PR.
fix: compare sensitive data with sodium_memcmp
fix: replace memset with sodium_memzero for sensitive data
fix: make increment_nonce & increment_nonce_number independent of user-controlled input
fix: make crypto_core more stable agains null ptr dereference
fix: update apt before installing anything
add: comments about hairy code