SAE: Use const_time_memcmp() for pwd_value >= prime comparison
This reduces timing and memory access pattern differences for an operation that could depend on the used password. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
2ec71488b5
commit
8e14b030e5
1 changed files with 1 additions and 1 deletions
|
@ -317,7 +317,7 @@ static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed,
|
||||||
wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value",
|
wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value",
|
||||||
pwd_value, sae->tmp->prime_len);
|
pwd_value, sae->tmp->prime_len);
|
||||||
|
|
||||||
if (os_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
|
if (const_time_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len);
|
x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len);
|
||||||
|
|
Loading…
Reference in a new issue