From f61e179d8e683178885c9ebb074265e59643bd94 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sat, 31 Jan 2015 12:18:51 +0100
Subject: [PATCH] (p1 - p2 == 0) => (p1 == p2) No binary changes on supported
 platforms except on gcc/armv7l where the control flow remains identical but
 permutative statements get switched.

---
 src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c     | 2 +-
 src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c     | 2 +-
 .../crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c         | 2 +-
 src/libsodium/crypto_sign/ed25519/ref10/open.c                  | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c b/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c
index be9d34fd..b30e5fc3 100644
--- a/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c
+++ b/src/libsodium/crypto_auth/hmacsha256/cp/verify_hmacsha256.c
@@ -6,6 +6,6 @@ int crypto_auth_verify(const unsigned char *h,const unsigned char *in,unsigned l
 {
   unsigned char correct[32];
   crypto_auth(correct,in,inlen,k);
-  return crypto_verify_32(h,correct) | (-(h - correct == 0)) |
+  return crypto_verify_32(h,correct) | (-(h == correct)) |
          sodium_memcmp(correct,h,32);
 }
diff --git a/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c b/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c
index 28e0dfbe..342cd913 100644
--- a/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c
+++ b/src/libsodium/crypto_auth/hmacsha512/cp/verify_hmacsha512.c
@@ -7,6 +7,6 @@ int crypto_auth_verify(const unsigned char *h, const unsigned char *in,
 {
   unsigned char correct[64];
   crypto_auth(correct,in,inlen,k);
-  return crypto_verify_64(h,correct) | (-(h - correct == 0)) |
+  return crypto_verify_64(h,correct) | (-(h == correct)) |
          sodium_memcmp(correct,h,64);
 }
diff --git a/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c b/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c
index 6c263f34..e707591b 100644
--- a/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c
+++ b/src/libsodium/crypto_auth/hmacsha512256/cp/verify_hmacsha512256.c
@@ -7,6 +7,6 @@ int crypto_auth_verify(const unsigned char *h, const unsigned char *in,
 {
   unsigned char correct[32];
   crypto_auth(correct,in,inlen,k);
-  return crypto_verify_32(h,correct) | (-(h - correct == 0)) |
+  return crypto_verify_32(h,correct) | (-(h == correct)) |
          sodium_memcmp(correct,h,32);
 }
diff --git a/src/libsodium/crypto_sign/ed25519/ref10/open.c b/src/libsodium/crypto_sign/ed25519/ref10/open.c
index 1e2b7add..71e9d1bb 100644
--- a/src/libsodium/crypto_sign/ed25519/ref10/open.c
+++ b/src/libsodium/crypto_sign/ed25519/ref10/open.c
@@ -43,7 +43,7 @@ crypto_sign_verify_detached(const unsigned char *sig, const unsigned char *m,
     ge_double_scalarmult_vartime(&R, h, &A, sig + 32);
     ge_tobytes(rcheck, &R);
 
-    return crypto_verify_32(rcheck, sig) | (-(rcheck - sig == 0)) |
+    return crypto_verify_32(rcheck, sig) | (-(rcheck == sig)) |
            sodium_memcmp(sig, rcheck, 32);
 }