mirror of /home/gitosis/repositories/libowfat.git
add byte_equal_notimingattack
This commit is contained in:
parent
9b249f6fa7
commit
c5a5c2d6bf
1
CHANGES
1
CHANGES
|
@ -9,6 +9,7 @@
|
|||
add io_fd_canwrite (like io_fd but assume the fd is writable)
|
||||
save a few syscalls here and there
|
||||
add awesome hack in isset.h (comex, Linus Torvalds)
|
||||
add byte_equal_notimingattack
|
||||
|
||||
0.28:
|
||||
add uint64 pack and unpack routines
|
||||
|
|
2
byte.h
2
byte.h
|
@ -41,6 +41,8 @@ void byte_zero(void* out, size_t len);
|
|||
|
||||
#define byte_equal(s,n,t) (!byte_diff((s),(n),(t)))
|
||||
|
||||
int byte_equal_notimingattack(const void* a, size_t len,const void* b) __pure__;
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
#include <byte.h>
|
||||
|
||||
/* If you need to compare a password or a hash value, the timing of the
|
||||
* comparison function can give valuable clues to the attacker. Let's
|
||||
* say the password is 123456 and the attacker tries abcdef. If the
|
||||
* comparision function fails at the first byte without looking at the
|
||||
* other bytes, then the attacker can measure the difference in runtime
|
||||
* and deduce which byte was wrong, reducing the attack space from
|
||||
* exponential to polynomial. */
|
||||
int byte_equal_notimingattack(const void* a, size_t len,const void* b) {
|
||||
size_t i;
|
||||
const unsigned char* x=(const unsigned char*)a;
|
||||
const unsigned char* y=(const unsigned char*)b;
|
||||
unsigned char res=0;
|
||||
for (i=0; i<len; ++i) {
|
||||
res |= (x[i]^y[i]);
|
||||
}
|
||||
return res==0;
|
||||
}
|
Loading…
Reference in New Issue