EAP-SAKE: Use os_memcmp_const() for hash/password comparisons

This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/eap_peer/eap_sake.c b/src/eap_peer/eap_sake.c
index 431519cae628e7263357b744ec55ea40ddba8b4b..85fe860c4f2729504137170498e7620c0ebd72f4 100644 (file)
--- a/src/eap_peer/eap_sake.c
+++ b/src/eap_peer/eap_sake.c
@@ -315,7 +315,7 @@ static struct wpabuf * eap_sake_process_confirm(struct eap_sm *sm,
                             data->peerid, data->peerid_len, 0,
                             wpabuf_head(reqData), wpabuf_len(reqData),
                             attr.mic_s, mic_s);
-       if (os_memcmp(attr.mic_s, mic_s, EAP_SAKE_MIC_LEN) != 0) {
+       if (os_memcmp_const(attr.mic_s, mic_s, EAP_SAKE_MIC_LEN) != 0) {
                wpa_printf(MSG_INFO, "EAP-SAKE: Incorrect AT_MIC_S");
                eap_sake_state(data, FAILURE);
                ret->methodState = METHOD_DONE;

diff --git a/src/eap_server/eap_server_sake.c b/src/eap_server/eap_server_sake.c
index 68dd76b18e9a95b62d63c64f474502ce4972f6e0..b363ccf41dbd9a8bef5db360586f3bb1aa4f9cd1 100644 (file)
--- a/src/eap_server/eap_server_sake.c
+++ b/src/eap_server/eap_server_sake.c
@@ -351,7 +351,7 @@ static void eap_sake_process_challenge(struct eap_sm *sm,
                             data->peerid, data->peerid_len, 1,
                             wpabuf_head(respData), wpabuf_len(respData),
                             attr.mic_p, mic_p);
-       if (os_memcmp(attr.mic_p, mic_p, EAP_SAKE_MIC_LEN) != 0) {
+       if (os_memcmp_const(attr.mic_p, mic_p, EAP_SAKE_MIC_LEN) != 0) {
                wpa_printf(MSG_INFO, "EAP-SAKE: Incorrect AT_MIC_P");
                eap_sake_state(data, FAILURE);
                return;
@@ -388,7 +388,7 @@ static void eap_sake_process_confirm(struct eap_sm *sm,
                             data->peerid, data->peerid_len, 1,
                             wpabuf_head(respData), wpabuf_len(respData),
                             attr.mic_p, mic_p);
-       if (os_memcmp(attr.mic_p, mic_p, EAP_SAKE_MIC_LEN) != 0) {
+       if (os_memcmp_const(attr.mic_p, mic_p, EAP_SAKE_MIC_LEN) != 0) {
                wpa_printf(MSG_INFO, "EAP-SAKE: Incorrect AT_MIC_P");
                eap_sake_state(data, FAILURE);
        } else