diff options
author | jmg <jmg@FreeBSD.org> | 2015-07-31 00:31:52 +0000 |
---|---|---|
committer | jmg <jmg@FreeBSD.org> | 2015-07-31 00:31:52 +0000 |
commit | 685318f335be91988efd5573d69047da1a3398ac (patch) | |
tree | 5b92b5caef8ebe1760f81cf0f64125873fac9b1a /sys/netipsec | |
parent | c00fae0f3e4fd221e33f4655c2b03af537e8efce (diff) | |
download | FreeBSD-src-685318f335be91988efd5573d69047da1a3398ac.zip FreeBSD-src-685318f335be91988efd5573d69047da1a3398ac.tar.gz |
these are comparing authenticators and need to be constant time...
This could be a side channel attack... Now that we have a function
for this, use it...
jmgurney/ipsecgcm: 24d704cc and 7f37a14
Diffstat (limited to 'sys/netipsec')
-rw-r--r-- | sys/netipsec/xform_ah.c | 2 | ||||
-rw-r--r-- | sys/netipsec/xform_esp.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index ae0feb9..350a735 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -777,7 +777,7 @@ ah_input_cb(struct cryptop *crp) /* Verify authenticator. */ ptr = (caddr_t) (tc + 1); - if (bcmp(ptr + skip + rplen, calc, authsize)) { + if (timingsafe_bcmp(ptr + skip + rplen, calc, authsize)) { DPRINTF(("%s: authentication hash mismatch for packet " "in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst, buf, sizeof(buf)), diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index 67551ca..d8182df 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -534,7 +534,7 @@ esp_input_cb(struct cryptop *crp) ptr = (caddr_t) (tc + 1); /* Verify authenticator */ - if (bcmp(ptr, aalg, alen) != 0) { + if (timingsafe_bcmp(ptr, aalg, alen) != 0) { DPRINTF(("%s: authentication hash mismatch for " "packet in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst, buf, sizeof(buf)), |