SAE: Use os_memcmp_const() for hash/password comparisons

This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-06-29 20:28:25 +03:00
parent 34ef46ce54
commit 0233dcac5b
2 changed files with 2 additions and 2 deletions

View file

@ -403,7 +403,7 @@ static int check_sae_token(struct hostapd_data *hapd, const u8 *addr,
return -1;
if (hmac_sha256(hapd->sae_token_key, sizeof(hapd->sae_token_key),
addr, ETH_ALEN, mac) < 0 ||
os_memcmp(token, mac, SHA256_MAC_LEN) != 0)
os_memcmp_const(token, mac, SHA256_MAC_LEN) != 0)
return -1;
return 0;