Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/net Use consttime_memequal, not memcmp, to compare secre...
details: https://anonhg.NetBSD.org/src/rev/ddf83a136d7b
branches: trunk
changeset: 1013083:ddf83a136d7b
user: riastradh <riastradh%NetBSD.org@localhost>
date: Thu Aug 20 21:34:42 2020 +0000
description:
Use consttime_memequal, not memcmp, to compare secrets for equality.
diffstat:
sys/net/if_wg.c | 22 ++++++++++++----------
1 files changed, 12 insertions(+), 10 deletions(-)
diffs (92 lines):
diff -r 5730f44d3ad8 -r ddf83a136d7b sys/net/if_wg.c
--- a/sys/net/if_wg.c Thu Aug 20 21:34:32 2020 +0000
+++ b/sys/net/if_wg.c Thu Aug 20 21:34:42 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_wg.c,v 1.12 2020/08/20 21:34:32 riastradh Exp $ */
+/* $NetBSD: if_wg.c,v 1.13 2020/08/20 21:34:42 riastradh Exp $ */
/*
* Copyright (C) Ryota Ozaki <ozaki.ryota%gmail.com@localhost>
@@ -43,7 +43,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.12 2020/08/20 21:34:32 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_wg.c,v 1.13 2020/08/20 21:34:42 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1357,7 +1357,7 @@
* "the responder, ..., must always reject messages with an invalid
* msg.mac1"
*/
- if (memcmp(mac1, wgmi->wgmi_mac1, sizeof(mac1)) != 0) {
+ if (!consttime_memequal(mac1, wgmi->wgmi_mac1, sizeof(mac1))) {
WG_DLOG("mac1 is invalid\n");
goto out;
}
@@ -1373,7 +1373,7 @@
* message"
*/
uint8_t zero[WG_MAC_LEN] = {0};
- if (memcmp(wgmi->wgmi_mac2, zero, sizeof(zero)) == 0) {
+ if (consttime_memequal(wgmi->wgmi_mac2, zero, sizeof(zero))) {
WG_TRACE("sending a cookie message: no cookie included");
(void)wg_send_cookie_msg(wg, wgp, wgmi->wgmi_sender,
wgmi->wgmi_mac1, src);
@@ -1389,7 +1389,7 @@
wg_algo_mac(mac2, sizeof(mac2), wgp->wgp_last_sent_cookie,
WG_COOKIE_LEN, (const uint8_t *)wgmi,
offsetof(struct wg_msg_init, wgmi_mac2), NULL, 0);
- if (memcmp(mac2, wgmi->wgmi_mac2, sizeof(mac2)) != 0) {
+ if (!consttime_memequal(mac2, wgmi->wgmi_mac2, sizeof(mac2))) {
WG_DLOG("mac2 is invalid\n");
goto out;
}
@@ -1715,7 +1715,7 @@
* "the responder, ..., must always reject messages with an invalid
* msg.mac1"
*/
- if (memcmp(mac1, wgmr->wgmr_mac1, sizeof(mac1)) != 0) {
+ if (!consttime_memequal(mac1, wgmr->wgmr_mac1, sizeof(mac1))) {
WG_DLOG("mac1 is invalid\n");
goto out;
}
@@ -1731,7 +1731,7 @@
* message"
*/
uint8_t zero[WG_MAC_LEN] = {0};
- if (memcmp(wgmr->wgmr_mac2, zero, sizeof(zero)) == 0) {
+ if (consttime_memequal(wgmr->wgmr_mac2, zero, sizeof(zero))) {
WG_TRACE("sending a cookie message: no cookie included");
(void)wg_send_cookie_msg(wg, wgp, wgmr->wgmr_sender,
wgmr->wgmr_mac1, src);
@@ -1747,7 +1747,7 @@
wg_algo_mac(mac2, sizeof(mac2), wgp->wgp_last_sent_cookie,
WG_COOKIE_LEN, (const uint8_t *)wgmr,
offsetof(struct wg_msg_resp, wgmr_mac2), NULL, 0);
- if (memcmp(mac2, wgmr->wgmr_mac2, sizeof(mac2)) != 0) {
+ if (!consttime_memequal(mac2, wgmr->wgmr_mac2, sizeof(mac2))) {
WG_DLOG("mac2 is invalid\n");
goto out;
}
@@ -1892,7 +1892,8 @@
int s = pserialize_read_enter();
/* XXX O(n) */
WG_PEER_READER_FOREACH(wgp, wg) {
- if (memcmp(wgp->wgp_pubkey, pubkey, sizeof(wgp->wgp_pubkey)) == 0)
+ if (consttime_memequal(wgp->wgp_pubkey, pubkey,
+ sizeof(wgp->wgp_pubkey)))
break;
}
if (wgp != NULL)
@@ -4058,7 +4059,8 @@
goto next;
uint8_t psk_zero[WG_PRESHARED_KEY_LEN] = {0};
- if (memcmp(wgp->wgp_psk, psk_zero, sizeof(wgp->wgp_psk) != 0)) {
+ if (!consttime_memequal(wgp->wgp_psk, psk_zero,
+ sizeof(wgp->wgp_psk))) {
if (!prop_dictionary_set_data(prop_peer,
"preshared_key",
wgp->wgp_psk, sizeof(wgp->wgp_psk)))
Home |
Main Index |
Thread Index |
Old Index