Use constant-time memcmp when comparing sensitive buffers
This helps to avoid timing attacks. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Joseph Sutton
committed by
Jeffrey Altman
Jeffrey Altman
parent
20f038f4f0
commit
b19633f9b9
@@ -179,7 +179,7 @@ ntlm_service(void *ctx, const heim_idata *req,
|
||||
goto failed;
|
||||
|
||||
if (ntq.ntChallengeResponce.length != answer.length ||
|
||||
memcmp(ntq.ntChallengeResponce.data, answer.data, answer.length) != 0) {
|
||||
ct_memcmp(ntq.ntChallengeResponce.data, answer.data, answer.length) != 0) {
|
||||
free(answer.data);
|
||||
ret = EINVAL;
|
||||
goto failed;
|
||||
|
||||
@@ -1314,7 +1314,7 @@ _kdc_do_digest(krb5_context context,
|
||||
}
|
||||
|
||||
if (ireq.u.ntlmRequest.ntlm.length != answer.length ||
|
||||
memcmp(ireq.u.ntlmRequest.ntlm.data, answer.data, answer.length) != 0)
|
||||
ct_memcmp(ireq.u.ntlmRequest.ntlm.data, answer.data, answer.length) != 0)
|
||||
{
|
||||
free(answer.data);
|
||||
ret = EINVAL;
|
||||
|
||||
@@ -259,7 +259,7 @@ _gsskrb5_verify_8003_checksum(
|
||||
}
|
||||
|
||||
if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS
|
||||
&& (memcmp(p, zeros, sizeof(zeros)) != 0 || client_asserted_cb)) {
|
||||
&& (ct_memcmp(p, zeros, sizeof(zeros)) != 0 || client_asserted_cb)) {
|
||||
if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) {
|
||||
*minor_status = 0;
|
||||
return GSS_S_BAD_BINDINGS;
|
||||
|
||||
@@ -1359,7 +1359,7 @@ _gssapi_unwrap_iov_arcfour(OM_uint32 *minor_status,
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
cmp = (memcmp(cksum_data, p0 + 16, 8) != 0); /* SGN_CKSUM */
|
||||
cmp = (ct_memcmp(cksum_data, p0 + 16, 8) != 0); /* SGN_CKSUM */
|
||||
if (cmp) {
|
||||
*minor_status = 0;
|
||||
return GSS_S_BAD_MIC;
|
||||
|
||||
@@ -588,7 +588,7 @@ _netlogon_unwrap_iov(OM_uint32 *minor_status,
|
||||
|
||||
/* [MS-NRPC] 3.3.4.2.2.10: verify signature */
|
||||
_netlogon_digest(ctx, sig, iov, iov_count, checksum);
|
||||
if (memcmp(sig->Checksum, checksum, _netlogon_checksum_length(sig)) != 0)
|
||||
if (ct_memcmp(sig->Checksum, checksum, _netlogon_checksum_length(sig)) != 0)
|
||||
return GSS_S_BAD_SIG;
|
||||
|
||||
HEIMDAL_MUTEX_lock(&ctx->Mutex);
|
||||
|
||||
@@ -230,7 +230,7 @@ v2_verify_message(gss_buffer_t in,
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
if (memcmp(checksum, out, 16) != 0)
|
||||
if (ct_memcmp(checksum, out, 16) != 0)
|
||||
return GSS_S_BAD_MIC;
|
||||
|
||||
return GSS_S_COMPLETE;
|
||||
|
||||
@@ -426,7 +426,7 @@ RSA_verify(int type, const unsigned char *from, unsigned int flen,
|
||||
return -4;
|
||||
}
|
||||
|
||||
if (flen != di.digest.length || memcmp(di.digest.data, from, flen) != 0) {
|
||||
if (flen != di.digest.length || ct_memcmp(di.digest.data, from, flen) != 0) {
|
||||
free_DigestInfo(&di);
|
||||
return -5;
|
||||
}
|
||||
|
||||
@@ -682,7 +682,7 @@ heim_ntlm_decode_type1(const struct ntlm_buf *buf, struct ntlm_type1 *data)
|
||||
krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
|
||||
|
||||
CHECK_SIZE(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
|
||||
CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
|
||||
CHECK(ct_memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
|
||||
CHECK(krb5_ret_uint32(in, &type), 0);
|
||||
CHECK(type, 1);
|
||||
CHECK(krb5_ret_uint32(in, &data->flags), 0);
|
||||
@@ -844,7 +844,7 @@ heim_ntlm_decode_type2(const struct ntlm_buf *buf, struct ntlm_type2 *type2)
|
||||
krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
|
||||
|
||||
CHECK_SIZE(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
|
||||
CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
|
||||
CHECK(ct_memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
|
||||
CHECK(krb5_ret_uint32(in, &type), 0);
|
||||
CHECK(type, 2);
|
||||
|
||||
@@ -1001,7 +1001,7 @@ heim_ntlm_decode_type3(const struct ntlm_buf *buf,
|
||||
krb5_storage_set_byteorder(in, KRB5_STORAGE_BYTEORDER_LE);
|
||||
|
||||
CHECK_SIZE(krb5_storage_read(in, sig, sizeof(sig)), sizeof(sig));
|
||||
CHECK(memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
|
||||
CHECK(ct_memcmp(ntlmsigature, sig, sizeof(ntlmsigature)), 0);
|
||||
CHECK(krb5_ret_uint32(in, &type), 0);
|
||||
CHECK(type, 3);
|
||||
CHECK(ret_sec_buffer(in, &lm), 0);
|
||||
@@ -1825,7 +1825,7 @@ verify_ntlm2(const void *key, size_t len,
|
||||
if (ret)
|
||||
goto out;
|
||||
|
||||
if (memcmp(serveranswer, clientanswer, 16) != 0) {
|
||||
if (ct_memcmp(serveranswer, clientanswer, 16) != 0) {
|
||||
heim_ntlm_free_buf(infotarget);
|
||||
return HNTLM_ERR_AUTH;
|
||||
}
|
||||
|
||||
@@ -49,7 +49,7 @@ otp_verify_user_1 (OtpContext *ctx, const char *passwd)
|
||||
}
|
||||
memcpy (key2, key1, sizeof(key1));
|
||||
ctx->alg->next (key2);
|
||||
if (memcmp (ctx->key, key2, sizeof(key2)) == 0) {
|
||||
if (ct_memcmp (ctx->key, key2, sizeof(key2)) == 0) {
|
||||
--ctx->n;
|
||||
memcpy (ctx->key, key1, sizeof(key1));
|
||||
return 0;
|
||||
|
||||
Reference in New Issue
Block a user