Add constant time memory comparison function os_memcmp_const
This function is meant for comparing passwords or hash values where difference in execution time could provide external observer information about the location of the difference in the memory buffers. The return value does not behave like os_memcmp(), i.e., os_memcmp_const() cannot be used to sort items into a defined order. Unlike os_memcmp(), execution time of os_memcmp_const() does not depend on the contents of the compared memory buffers, but only on the total compared length. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
ee352f1e5a
commit
afc3c8b07f
5 changed files with 64 additions and 0 deletions
|
@ -584,6 +584,23 @@ static inline void os_remove_in_array(void *ptr, size_t nmemb, size_t size,
|
|||
*/
|
||||
size_t os_strlcpy(char *dest, const char *src, size_t siz);
|
||||
|
||||
/**
|
||||
* os_memcmp_const - Constant time memory comparison
|
||||
* @a: First buffer to compare
|
||||
* @b: Second buffer to compare
|
||||
* @len: Number of octets to compare
|
||||
* Returns: 0 if buffers are equal, non-zero if not
|
||||
*
|
||||
* This function is meant for comparing passwords or hash values where
|
||||
* difference in execution time could provide external observer information
|
||||
* about the location of the difference in the memory buffers. The return value
|
||||
* does not behave like os_memcmp(), i.e., os_memcmp_const() cannot be used to
|
||||
* sort items into a defined order. Unlike os_memcmp(), execution time of
|
||||
* os_memcmp_const() does not depend on the contents of the compared memory
|
||||
* buffers, but only on the total compared length.
|
||||
*/
|
||||
int os_memcmp_const(const void *a, const void *b, size_t len);
|
||||
|
||||
|
||||
#ifdef OS_REJECT_C_LIB_FUNCTIONS
|
||||
#define malloc OS_DO_NOT_USE_malloc
|
||||
|
|
|
@ -463,6 +463,20 @@ size_t os_strlcpy(char *dest, const char *src, size_t siz)
|
|||
}
|
||||
|
||||
|
||||
int os_memcmp_const(const void *a, const void *b, size_t len)
|
||||
{
|
||||
const u8 *aa = a;
|
||||
const u8 *bb = b;
|
||||
size_t i;
|
||||
u8 res;
|
||||
|
||||
for (res = 0, i = 0; i < len; i++)
|
||||
res |= aa[i] ^ bb[i];
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
|
||||
char * os_strstr(const char *haystack, const char *needle)
|
||||
{
|
||||
size_t len = os_strlen(needle);
|
||||
|
|
|
@ -218,6 +218,11 @@ size_t os_strlcpy(char *dest, const char *src, size_t size)
|
|||
}
|
||||
|
||||
|
||||
int os_memcmp_const(const void *a, const void *b, size_t len)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
char * os_strstr(const char *haystack, const char *needle)
|
||||
{
|
||||
return NULL;
|
||||
|
|
|
@ -450,6 +450,20 @@ size_t os_strlcpy(char *dest, const char *src, size_t siz)
|
|||
}
|
||||
|
||||
|
||||
int os_memcmp_const(const void *a, const void *b, size_t len)
|
||||
{
|
||||
const u8 *aa = a;
|
||||
const u8 *bb = b;
|
||||
size_t i;
|
||||
u8 res;
|
||||
|
||||
for (res = 0, i = 0; i < len; i++)
|
||||
res |= aa[i] ^ bb[i];
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
|
||||
#ifdef WPA_TRACE
|
||||
|
||||
void * os_malloc(size_t size)
|
||||
|
|
|
@ -244,3 +244,17 @@ size_t os_strlcpy(char *dest, const char *src, size_t siz)
|
|||
|
||||
return s - src - 1;
|
||||
}
|
||||
|
||||
|
||||
int os_memcmp_const(const void *a, const void *b, size_t len)
|
||||
{
|
||||
const u8 *aa = a;
|
||||
const u8 *bb = b;
|
||||
size_t i;
|
||||
u8 res;
|
||||
|
||||
for (res = 0, i = 0; i < len; i++)
|
||||
res |= aa[i] ^ bb[i];
|
||||
|
||||
return res;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue