summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLuiz Otavio O Souza <luiz@netgate.com>2015-09-16 08:16:45 -0500
committerLuiz Otavio O Souza <luiz@netgate.com>2015-10-20 12:10:19 -0500
commit7cb0430572e4dc864b7b0cd7876d037a0757cbdb (patch)
treeb6ff1bfa85a4b16b7d63e34a6c5ab287e1b6027c
parent87917f89b81d1289daae2e25ff274fa49de2e533 (diff)
downloadFreeBSD-src-7cb0430572e4dc864b7b0cd7876d037a0757cbdb.zip
FreeBSD-src-7cb0430572e4dc864b7b0cd7876d037a0757cbdb.tar.gz
MFC r286101:
these are comparing authenticators and need to be constant time... This could be a side channel attack... Now that we have a function for this, use it... jmgurney/ipsecgcm: 24d704cc and 7f37a14 TAG: IPSEC-HEAD Issue: #4841
Diffstat
-rw-r--r--sys/netipsec/xform_ah.c2
-rw-r--r--sys/netipsec/xform_esp.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c
index d45889a..6829d59 100644
--- a/sys/netipsec/xform_ah.c
+++ b/sys/netipsec/xform_ah.c
@@ -775,7 +775,7 @@ ah_input_cb(struct cryptop *crp)
/* Verify authenticator. */
ptr = (caddr_t) (tc + 1);
- if (bcmp(ptr + skip + rplen, calc, authsize)) {
+ if (timingsafe_bcmp(ptr + skip + rplen, calc, authsize)) {
DPRINTF(("%s: authentication hash mismatch for packet "
"in SA %s/%08lx\n", __func__,
ipsec_address(&saidx->dst, buf, sizeof(buf)),
diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c
index 2814193..18953f9 100644
--- a/sys/netipsec/xform_esp.c
+++ b/sys/netipsec/xform_esp.c
@@ -532,7 +532,7 @@ esp_input_cb(struct cryptop *crp)
ptr = (caddr_t) (tc + 1);
/* Verify authenticator */
- if (bcmp(ptr, aalg, alen) != 0) {
+ if (timingsafe_bcmp(ptr, aalg, alen) != 0) {
DPRINTF(("%s: authentication hash mismatch for "
"packet in SA %s/%08lx\n", __func__,
ipsec_address(&saidx->dst, buf, sizeof(buf)),
OpenPOWER on IntegriCloud