Commit d1dec41f authored by Matt Johnston's avatar Matt Johnston
Browse files

Constant time memcmp for the hmac and password crypt

parent 69a165db
......@@ -884,3 +884,16 @@ int m_str_to_uint(const char* str, unsigned int *val) {
return DROPBEAR_SUCCESS;
}
}
int constant_time_memcmp(const void* a, const void *b, size_t n)
{
const char *xa = a, *xb = b;
uint8_t c = 0;
size_t i;
for (i = 0; i < n; i++)
{
c |= (xa[i] ^ xb[i]);
}
return c;
}
......@@ -94,4 +94,7 @@ int m_str_to_uint(const char* str, unsigned int *val);
/* Dropbear assertion */
#define dropbear_assert(X) do { if (!(X)) { fail_assert(#X, __FILE__, __LINE__); } } while (0)
/* Returns 0 if a and b have the same contents */
int constant_time_memcmp(const void* a, const void *b, size_t n);
#endif /* _DBUTIL_H_ */
......@@ -376,7 +376,7 @@ static int checkmac() {
/* compare the hash */
buf_setpos(ses.readbuf, contents_len);
if (memcmp(mac_bytes, buf_getptr(ses.readbuf, mac_size), mac_size) != 0) {
if (constant_time_memcmp(mac_bytes, buf_getptr(ses.readbuf, mac_size), mac_size) != 0) {
return DROPBEAR_FAILURE;
} else {
return DROPBEAR_SUCCESS;
......
......@@ -33,6 +33,17 @@
#ifdef ENABLE_SVR_PASSWORD_AUTH
static int constant_time_strcmp(const char* a, const char* b) {
size_t la = strlen(a);
size_t lb = strlen(b);
if (la != lb) {
return 1;
}
return constant_time_memcmp(a, b, la);
}
/* Process a password auth request, sending success or failure messages as
* appropriate */
void svr_auth_password() {
......@@ -82,7 +93,7 @@ void svr_auth_password() {
return;
}
if (strcmp(testcrypt, passwdcrypt) == 0) {
if (constant_time_strcmp(testcrypt, passwdcrypt) == 0) {
/* successful authentication */
dropbear_log(LOG_NOTICE,
"Password auth succeeded for '%s' from %s",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment