svn commit: r286101 - head/sys/netipsec
John-Mark Gurney
jmg at FreeBSD.org
Fri Jul 31 00:31:54 UTC 2015
Author: jmg
Date: Fri Jul 31 00:31:52 2015
New Revision: 286101
URL: https://svnweb.freebsd.org/changeset/base/286101
Log:
these are comparing authenticators and need to be constant time...
This could be a side channel attack... Now that we have a function
for this, use it...
jmgurney/ipsecgcm: 24d704cc and 7f37a14
Modified:
head/sys/netipsec/xform_ah.c
head/sys/netipsec/xform_esp.c
Modified: head/sys/netipsec/xform_ah.c
==============================================================================
--- head/sys/netipsec/xform_ah.c Fri Jul 31 00:23:21 2015 (r286100)
+++ head/sys/netipsec/xform_ah.c Fri Jul 31 00:31:52 2015 (r286101)
@@ -777,7 +777,7 @@ ah_input_cb(struct cryptop *crp)
/* Verify authenticator. */
ptr = (caddr_t) (tc + 1);
- if (bcmp(ptr + skip + rplen, calc, authsize)) {
+ if (timingsafe_bcmp(ptr + skip + rplen, calc, authsize)) {
DPRINTF(("%s: authentication hash mismatch for packet "
"in SA %s/%08lx\n", __func__,
ipsec_address(&saidx->dst, buf, sizeof(buf)),
Modified: head/sys/netipsec/xform_esp.c
==============================================================================
--- head/sys/netipsec/xform_esp.c Fri Jul 31 00:23:21 2015 (r286100)
+++ head/sys/netipsec/xform_esp.c Fri Jul 31 00:31:52 2015 (r286101)
@@ -534,7 +534,7 @@ esp_input_cb(struct cryptop *crp)
ptr = (caddr_t) (tc + 1);
/* Verify authenticator */
- if (bcmp(ptr, aalg, alen) != 0) {
+ if (timingsafe_bcmp(ptr, aalg, alen) != 0) {
DPRINTF(("%s: authentication hash mismatch for "
"packet in SA %s/%08lx\n", __func__,
ipsec_address(&saidx->dst, buf, sizeof(buf)),
More information about the svn-src-head
mailing list