Browse Source

add byte_equal_notimingattack

master
Felix von Leitner 8 years ago
parent
commit
c5a5c2d6bf
3 changed files with 22 additions and 0 deletions
  1. +1
    -0
      CHANGES
  2. +2
    -0
      byte.h
  3. +19
    -0
      byte/byte_equal_notimingattack.c

+ 1
- 0
CHANGES View File

@@ -9,6 +9,7 @@
add io_fd_canwrite (like io_fd but assume the fd is writable)
save a few syscalls here and there
add awesome hack in isset.h (comex, Linus Torvalds)
add byte_equal_notimingattack

0.28:
add uint64 pack and unpack routines


+ 2
- 0
byte.h View File

@@ -41,6 +41,8 @@ void byte_zero(void* out, size_t len);

#define byte_equal(s,n,t) (!byte_diff((s),(n),(t)))

int byte_equal_notimingattack(const void* a, size_t len,const void* b) __pure__;

#ifdef __cplusplus
}
#endif


+ 19
- 0
byte/byte_equal_notimingattack.c View File

@@ -0,0 +1,19 @@
#include <byte.h>

/* If you need to compare a password or a hash value, the timing of the
* comparison function can give valuable clues to the attacker. Let's
* say the password is 123456 and the attacker tries abcdef. If the
* comparision function fails at the first byte without looking at the
* other bytes, then the attacker can measure the difference in runtime
* and deduce which byte was wrong, reducing the attack space from
* exponential to polynomial. */
int byte_equal_notimingattack(const void* a, size_t len,const void* b) {
size_t i;
const unsigned char* x=(const unsigned char*)a;
const unsigned char* y=(const unsigned char*)b;
unsigned char res=0;
for (i=0; i<len; ++i) {
res |= (x[i]^y[i]);
}
return res==0;
}

Loading…
Cancel
Save