diff options
author | Dirkjan Bussink <d.bussink@gmail.com> | 2014-04-23 17:27:10 -0700 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2019-02-22 15:30:29 +0100 |
commit | 46d15b316103587e5c185d2af69e906477c35a8b (patch) | |
tree | c98efe1df92477a96ee2ce4859ca25187dccf0dc /src/packet_crypt.c | |
parent | 1af10fcdb300e86de8a9930e1f9fd68443a94a52 (diff) | |
download | libssh-46d15b316103587e5c185d2af69e906477c35a8b.tar.gz libssh-46d15b316103587e5c185d2af69e906477c35a8b.tar.xz libssh-46d15b316103587e5c185d2af69e906477c35a8b.zip |
Use constant time comparison function for HMAC comparison
Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com>
Reviewed-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'src/packet_crypt.c')
-rw-r--r-- | src/packet_crypt.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/packet_crypt.c b/src/packet_crypt.c index c30264e5..a387152b 100644 --- a/src/packet_crypt.c +++ b/src/packet_crypt.c @@ -188,6 +188,17 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) return crypto->hmacbuf; } +static int secure_memcmp(const void *s1, const void *s2, size_t n) +{ + int rc = 0; + const unsigned char *p1 = s1; + const unsigned char *p2 = s2; + for (; n > 0; --n) { + rc |= *p1++ ^ *p2++; + } + return (rc != 0); +} + /** * @internal * @@ -234,7 +245,7 @@ int ssh_packet_hmac_verify(ssh_session session, ssh_print_hexa("Computed mac",hmacbuf,len); ssh_print_hexa("seq",(unsigned char *)&seq,sizeof(uint32_t)); #endif - if (memcmp(mac, hmacbuf, len) == 0) { + if (secure_memcmp(mac, hmacbuf, len) == 0) { return 0; } |