EAP-SIM/AKA: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing information to potential attackers from comparisons of information received from a remote device and private material known only by the authorized devices. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
675ddad1c2
commit
05c79d6acd
3 changed files with 6 additions and 6 deletions
|
|
@ -198,7 +198,7 @@ int eap_sim_verify_mac(const u8 *k_aut, const struct wpabuf *req,
|
|||
hmac, EAP_SIM_MAC_LEN);
|
||||
os_free(tmp);
|
||||
|
||||
return (os_memcmp(hmac, mac, EAP_SIM_MAC_LEN) == 0) ? 0 : 1;
|
||||
return (os_memcmp_const(hmac, mac, EAP_SIM_MAC_LEN) == 0) ? 0 : 1;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -393,7 +393,7 @@ int eap_sim_verify_mac_sha256(const u8 *k_aut, const struct wpabuf *req,
|
|||
hmac, EAP_SIM_MAC_LEN);
|
||||
os_free(tmp);
|
||||
|
||||
return (os_memcmp(hmac, mac, EAP_SIM_MAC_LEN) == 0) ? 0 : 1;
|
||||
return (os_memcmp_const(hmac, mac, EAP_SIM_MAC_LEN) == 0) ? 0 : 1;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -294,7 +294,7 @@ static int eap_aka_umts_auth(struct eap_sm *sm, struct eap_aka_data *data)
|
|||
{
|
||||
u8 autn[EAP_AKA_AUTN_LEN];
|
||||
os_memset(autn, '1', EAP_AKA_AUTN_LEN);
|
||||
if (os_memcmp(autn, data->autn, EAP_AKA_AUTN_LEN) != 0) {
|
||||
if (os_memcmp_const(autn, data->autn, EAP_AKA_AUTN_LEN) != 0) {
|
||||
wpa_printf(MSG_WARNING, "EAP-AKA: AUTN did not match "
|
||||
"with expected value");
|
||||
return -1;
|
||||
|
|
@ -509,7 +509,7 @@ static int eap_aka_verify_checkcode(struct eap_aka_data *data,
|
|||
#endif /* EAP_AKA_PRIME */
|
||||
sha1_vector(1, &addr, &len, hash);
|
||||
|
||||
if (os_memcmp(hash, checkcode, hash_len) != 0) {
|
||||
if (os_memcmp_const(hash, checkcode, hash_len) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "EAP-AKA: Mismatch in AT_CHECKCODE");
|
||||
return -1;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -336,7 +336,7 @@ static int eap_aka_verify_checkcode(struct eap_aka_data *data,
|
|||
else
|
||||
sha1_vector(1, &addr, &len, hash);
|
||||
|
||||
if (os_memcmp(hash, checkcode, hash_len) != 0) {
|
||||
if (os_memcmp_const(hash, checkcode, hash_len) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "EAP-AKA: Mismatch in AT_CHECKCODE");
|
||||
return -1;
|
||||
}
|
||||
|
|
@ -963,7 +963,7 @@ static void eap_aka_process_challenge(struct eap_sm *sm,
|
|||
*/
|
||||
if (attr->res == NULL || attr->res_len < data->res_len ||
|
||||
attr->res_len_bits != data->res_len * 8 ||
|
||||
os_memcmp(attr->res, data->res, data->res_len) != 0) {
|
||||
os_memcmp_const(attr->res, data->res, data->res_len) != 0) {
|
||||
wpa_printf(MSG_WARNING, "EAP-AKA: Challenge message did not "
|
||||
"include valid AT_RES (attr len=%lu, res len=%lu "
|
||||
"bits, expected %lu bits)",
|
||||
|
|
|
|||
Loading…
Reference in a new issue