diff options
| author | Sascha Hauer <s.hauer@pengutronix.de> | 2021-03-05 10:08:04 +0100 |
|---|---|---|
| committer | Sascha Hauer <s.hauer@pengutronix.de> | 2021-07-30 19:50:36 +0200 |
| commit | a3337563c705bc8e0cf32f910b3e9e3c43d962ff (patch) | |
| tree | 25ebe5505b0f2f861418b561c132fd24ed911451 /common | |
| parent | 0a9f9a7410681e55362f8311537ebc7be9ad0fbe (diff) | |
| download | barebox-a3337563c705bc8e0cf32f910b3e9e3c43d962ff.tar.gz barebox-a3337563c705bc8e0cf32f910b3e9e3c43d962ff.tar.xz | |
password: Use crypto_memneq() to compare hashes
Cryptographic verifications should be time-constant so that an attacker
cannot get information about the secrets used by observing the system,
so use crypto_memneq() rather than memcmp() to compare password hashes.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'common')
| -rw-r--r-- | common/password.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/common/password.c b/common/password.c index 3f05b81c0c..aea7c7ff5d 100644 --- a/common/password.c +++ b/common/password.c @@ -18,6 +18,7 @@ #include <init.h> #include <stdlib.h> #include <globalvar.h> +#include <crypto.h> #include <generated/passwd.h> #include <crypto/pbkdf2.h> @@ -311,7 +312,7 @@ static int check_passwd(unsigned char *passwd, size_t length) if (ret) goto err; - if (strncmp(passwd1_sum, key, keylen) == 0) + if (!crypto_memneq(passwd1_sum, key, keylen)) ret = 1; } else { ret = digest_digest(d, passwd, length, passwd1_sum); @@ -319,7 +320,7 @@ static int check_passwd(unsigned char *passwd, size_t length) if (ret) goto err; - if (strncmp(passwd1_sum, passwd2_sum, hash_len) == 0) + if (!crypto_memneq(passwd1_sum, passwd2_sum, hash_len)) ret = 1; } |