Commit Graph

5 Commits

Author SHA1 Message Date
Christian Bundy
94f270857d Fix verification using bitwise OR on booleans
Problem: Using bitwise operations on booleans doesn't make any sense,
and I didn't even catch that this was a problem until I ran `tsc` on the
codebase and saw the complaint. Static analysis rocks. In the libsodium
code these methods return `0` or `-1`, so the bitwise OR acts like a
boolean AND (`(0 | -1) === -1` like `(true && false === false)`.

Solution: Convert bitwise OR to boolean AND and then confirm that this
is the reason that the faulty truncated comparison fixed in fa39bc5 is
now captured by the tests in my pull request into sodium-test.

See-Also: https://github.com/sodium-friends/sodium-test/pull/14
2020-09-21 11:59:33 +02:00
Christian Bundy
083e83161c Fix truncated comparison
Problem: The comparison was happening on the last 32 bytes instead of
the first 32.

Solution: Change the offset from 32 to 0, and set the end at 32 bytes.
2020-09-21 11:59:33 +02:00
Christian Bundy
6c688b77c1 Use underlying constants instead of redeclaring
Problem: The crypto_auth constants are the exact same as some other
constants because they refer to the same thing. These shouldn't be
re-declared as their own integers.

Solution: Refer to the previously declared constants instead of
redeclaring.
2020-09-21 11:59:33 +02:00
Christian Bundy
e1087aa973 Finish adding crypto_auth and crypto_auth_verify
This builds on heaps of work by @chm-diederichs and is basically just
the cherry on top that exposes all of the underlying work that they've
done. The changes from this commit:

- Expose crypto_auth() and crypto_auth_verify().
- Fix 'crypto_auth_hmacsha512_BYTES' typo.
- Change output in crypto_auth_hmacsha512256().
- Change crypto_verify_n() to return booleans.
2020-09-21 11:24:39 +02:00
Christophe Diederichs
bffbca8368 add crypto_auth_hmac methods 2020-09-21 11:23:15 +02:00