mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
EAP-GPSK: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing information to potential attackers from comparisons of information received from a remote device and private material known only by the authorized devices. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
e1550d4be8
commit
8f92826b15
@ -565,7 +565,7 @@ static const u8 * eap_gpsk_validate_gpsk_3_mic(struct eap_gpsk_data *data,
|
|||||||
wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to compute MIC");
|
wpa_printf(MSG_DEBUG, "EAP-GPSK: Failed to compute MIC");
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (os_memcmp(mic, pos, miclen) != 0) {
|
if (os_memcmp_const(mic, pos, miclen) != 0) {
|
||||||
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-3");
|
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-3");
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
|
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
|
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
|
||||||
|
@ -433,7 +433,7 @@ static void eap_gpsk_process_gpsk_2(struct eap_sm *sm,
|
|||||||
eap_gpsk_state(data, FAILURE);
|
eap_gpsk_state(data, FAILURE);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (os_memcmp(mic, pos, miclen) != 0) {
|
if (os_memcmp_const(mic, pos, miclen) != 0) {
|
||||||
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-2");
|
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-2");
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
|
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
|
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
|
||||||
@ -502,7 +502,7 @@ static void eap_gpsk_process_gpsk_4(struct eap_sm *sm,
|
|||||||
eap_gpsk_state(data, FAILURE);
|
eap_gpsk_state(data, FAILURE);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (os_memcmp(mic, pos, miclen) != 0) {
|
if (os_memcmp_const(mic, pos, miclen) != 0) {
|
||||||
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-4");
|
wpa_printf(MSG_INFO, "EAP-GPSK: Incorrect MIC in GPSK-4");
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
|
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Received MIC", pos, miclen);
|
||||||
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
|
wpa_hexdump(MSG_DEBUG, "EAP-GPSK: Computed MIC", mic, miclen);
|
||||||
|
Loading…
Reference in New Issue
Block a user