DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

EAP-PEAP: Use os_memcmp_const() for hash/password comparisons

Browse source 
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-06-29 20:22:44 +03:00
parent 7b1e745870
commit cba0f8698b
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/eap_peer/eap_peap.c
View file

@ -423,7 +423,7 @@ static int eap_tlv_validate_cryptobinding(struct eap_sm *sm,
buf, sizeof(buf)); buf, sizeof(buf));
hmac_sha1(data->cmk, 20, buf, sizeof(buf), mac); hmac_sha1(data->cmk, 20, buf, sizeof(buf), mac);
if (os_memcmp(mac, pos, SHA1_MAC_LEN) != 0) { if (os_memcmp_const(mac, pos, SHA1_MAC_LEN) != 0) {
wpa_printf(MSG_DEBUG, "EAP-PEAP: Invalid Compound_MAC in " wpa_printf(MSG_DEBUG, "EAP-PEAP: Invalid Compound_MAC in "
"cryptobinding TLV"); "cryptobinding TLV");
wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Received MAC", wpa_hexdump(MSG_DEBUG, "EAP-PEAP: Received MAC",

2
src/eap_server/eap_server_peap.c
View file

@ -593,7 +593,7 @@ static int eap_tlv_validate_cryptobinding(struct eap_sm *sm,
buf[60] = EAP_TYPE_PEAP; buf[60] = EAP_TYPE_PEAP;
hmac_sha1(data->cmk, 20, buf, sizeof(buf), mac); hmac_sha1(data->cmk, 20, buf, sizeof(buf), mac);
if (os_memcmp(mac, pos, SHA1_MAC_LEN) != 0) { if (os_memcmp_const(mac, pos, SHA1_MAC_LEN) != 0) {
wpa_printf(MSG_DEBUG, "EAP-PEAP: Invalid Compound_MAC in " wpa_printf(MSG_DEBUG, "EAP-PEAP: Invalid Compound_MAC in "
"cryptobinding TLV"); "cryptobinding TLV");
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CMK", data->cmk, 20); wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CMK", data->cmk, 20);