Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/external/bsd/wpa/dist/src/common SAE: Use const_time_memcmp(...



details:   https://anonhg.NetBSD.org/src/rev/55fc95b241b8
branches:  trunk
changeset: 964590:55fc95b241b8
user:      christos <christos%NetBSD.org@localhost>
date:      Thu Aug 08 08:55:48 2019 +0000

description:
SAE: Use const_time_memcmp() for pwd_value >= prime comparison

This reduces timing and memory access pattern differences for an
operation that could depend on the used password.

diffstat:

 external/bsd/wpa/dist/src/common/sae.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r a016a53c4493 -r 55fc95b241b8 external/bsd/wpa/dist/src/common/sae.c
--- a/external/bsd/wpa/dist/src/common/sae.c    Thu Aug 08 06:16:39 2019 +0000
+++ b/external/bsd/wpa/dist/src/common/sae.c    Thu Aug 08 08:55:48 2019 +0000
@@ -294,7 +294,7 @@
        wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value",
                        pwd_value, sae->tmp->prime_len);
 
-       if (os_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
+       if (const_time_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
                return 0;
 
        x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len);



Home | Main Index | Thread Index | Old Index