From d983bbe860461b599f124bc3b178b42a38866d9d Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 25 Jun 2014 21:29:55 -0700 Subject: [PATCH] zerocopy crypto_box_easy() and crypto_box_open_easy() --- src/libsodium/crypto_box/crypto_box_easy.c | 88 ++++------------------ 1 file changed, 15 insertions(+), 73 deletions(-) diff --git a/src/libsodium/crypto_box/crypto_box_easy.c b/src/libsodium/crypto_box/crypto_box_easy.c index ecc33b66..a01b4961 100644 --- a/src/libsodium/crypto_box/crypto_box_easy.c +++ b/src/libsodium/crypto_box/crypto_box_easy.c @@ -1,11 +1,6 @@ -#include -#include -#include -#include -#include - #include "crypto_box.h" +#include "crypto_secretbox.h" #include "utils.h" int @@ -13,42 +8,16 @@ crypto_box_easy(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *pk, const unsigned char *sk) { - unsigned char *c_boxed; - unsigned char *m_boxed; - size_t c_boxed_len; - size_t m_boxed_len; - int rc; + unsigned char k[crypto_box_BEFORENMBYTES]; + int ret; - if (mlen > SIZE_MAX - crypto_box_ZEROBYTES) { - return -1; - } - (void) sizeof(char[crypto_box_ZEROBYTES >= - crypto_box_BOXZEROBYTES ? 1 : -1]); - m_boxed_len = (size_t) mlen + crypto_box_ZEROBYTES; - if ((m_boxed = (unsigned char *) malloc((size_t) m_boxed_len)) == NULL) { - return -1; - } - c_boxed_len = (size_t) mlen + crypto_box_ZEROBYTES; - if ((c_boxed = (unsigned char *) malloc(c_boxed_len)) == NULL) { - free(m_boxed); - return -1; - } - memset(m_boxed, 0, crypto_box_ZEROBYTES); - sodium_mlock(m_boxed, m_boxed_len); - memcpy(m_boxed + crypto_box_ZEROBYTES, m, mlen); - rc = crypto_box(c_boxed, m_boxed, m_boxed_len, n, pk, sk); - sodium_munlock(m_boxed, m_boxed_len); - free(m_boxed); - if (rc != 0) { - free(c_boxed); - return -1; - } - assert(m_boxed_len - crypto_box_BOXZEROBYTES == - mlen + crypto_box_MACBYTES); - memcpy(c, c_boxed + crypto_box_BOXZEROBYTES, mlen + crypto_box_MACBYTES); - free(c_boxed); + (void) sizeof(int[crypto_box_BEFORENMBYTES >= + crypto_secretbox_KEYBYTES ? 1 : -1]); + crypto_box_beforenm(k, pk, sk); + ret = crypto_secretbox_easy(c, m, mlen, n, k); + sodium_memzero(k, sizeof k); - return 0; + return ret; } int @@ -56,39 +25,12 @@ crypto_box_open_easy(unsigned char *m, const unsigned char *c, unsigned long long clen, const unsigned char *n, const unsigned char *pk, const unsigned char *sk) { - unsigned char *c_boxed; - unsigned char *m_boxed; - size_t c_boxed_len; - size_t m_boxed_len; - int rc; + unsigned char k[crypto_box_BEFORENMBYTES]; + int ret; - if (clen < crypto_box_MACBYTES || - clen > SIZE_MAX - crypto_box_BOXZEROBYTES) { - return -1; - } - c_boxed_len = clen + crypto_box_BOXZEROBYTES; - if ((c_boxed = (unsigned char *) malloc(c_boxed_len)) == NULL) { - return -1; - } - memset(c_boxed, 0, crypto_box_BOXZEROBYTES); - memcpy(c_boxed + crypto_box_BOXZEROBYTES, c, clen); - m_boxed_len = crypto_box_ZEROBYTES + (clen - crypto_box_MACBYTES); - if ((m_boxed = (unsigned char *) malloc(m_boxed_len)) == NULL) { - free(c_boxed); - return -1; - } - sodium_mlock(m_boxed, m_boxed_len); - rc = crypto_box_open(m_boxed, c_boxed, - (unsigned long long) c_boxed_len, n, pk, sk); - free(c_boxed); - if (rc != 0) { - sodium_munlock(m_boxed, m_boxed_len); - free(m_boxed); - return -1; - } - memcpy(m, m_boxed + crypto_box_ZEROBYTES, clen - crypto_box_MACBYTES); - sodium_munlock(m_boxed, m_boxed_len); - free(m_boxed); + crypto_box_beforenm(k, pk, sk); + ret = crypto_secretbox_open_easy(m, c, clen, n, k); + sodium_memzero(k, sizeof k); - return 0; + return ret; }