mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
EAP-PAX: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing information to potential attackers from comparisons of information received from a remote device and private material known only by the authorized devices. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
c434503f5e
commit
e1550d4be8
@ -278,7 +278,7 @@ static struct wpabuf * eap_pax_process_std_3(struct eap_pax_data *data,
|
||||
eap_pax_mac(data->mac_id, data->ck, EAP_PAX_CK_LEN,
|
||||
data->rand.r.y, EAP_PAX_RAND_LEN,
|
||||
(u8 *) data->cid, data->cid_len, NULL, 0, mac);
|
||||
if (os_memcmp(pos, mac, EAP_PAX_MAC_LEN) != 0) {
|
||||
if (os_memcmp_const(pos, mac, EAP_PAX_MAC_LEN) != 0) {
|
||||
wpa_printf(MSG_INFO, "EAP-PAX: Invalid MAC_CK(B, CID) "
|
||||
"received");
|
||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: expected MAC_CK(B, CID)",
|
||||
@ -415,7 +415,7 @@ static struct wpabuf * eap_pax_process(struct eap_sm *sm, void *priv,
|
||||
wpabuf_head(reqData), mlen, NULL, 0, NULL, 0,
|
||||
icvbuf);
|
||||
}
|
||||
if (os_memcmp(icv, icvbuf, EAP_PAX_ICV_LEN) != 0) {
|
||||
if (os_memcmp_const(icv, icvbuf, EAP_PAX_ICV_LEN) != 0) {
|
||||
wpa_printf(MSG_DEBUG, "EAP-PAX: invalid ICV - ignoring the "
|
||||
"message");
|
||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: expected ICV",
|
||||
|
@ -268,7 +268,7 @@ static Boolean eap_pax_check(struct eap_sm *sm, void *priv,
|
||||
wpabuf_mhead(respData),
|
||||
wpabuf_len(respData) - EAP_PAX_ICV_LEN,
|
||||
NULL, 0, NULL, 0, icvbuf);
|
||||
if (os_memcmp(icvbuf, icv, EAP_PAX_ICV_LEN) != 0) {
|
||||
if (os_memcmp_const(icvbuf, icv, EAP_PAX_ICV_LEN) != 0) {
|
||||
wpa_printf(MSG_INFO, "EAP-PAX: Invalid ICV");
|
||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Expected ICV",
|
||||
icvbuf, EAP_PAX_ICV_LEN);
|
||||
@ -395,7 +395,7 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
|
||||
data->rand.r.x, EAP_PAX_RAND_LEN,
|
||||
data->rand.r.y, EAP_PAX_RAND_LEN,
|
||||
(u8 *) data->cid, data->cid_len, mac);
|
||||
if (os_memcmp(mac, pos, EAP_PAX_MAC_LEN) != 0) {
|
||||
if (os_memcmp_const(mac, pos, EAP_PAX_MAC_LEN) != 0) {
|
||||
wpa_printf(MSG_INFO, "EAP-PAX: Invalid MAC_CK(A, B, CID) in "
|
||||
"PAX_STD-2");
|
||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Expected MAC_CK(A, B, CID)",
|
||||
@ -417,7 +417,7 @@ static void eap_pax_process_std_2(struct eap_sm *sm,
|
||||
wpabuf_head(respData),
|
||||
wpabuf_len(respData) - EAP_PAX_ICV_LEN, NULL, 0, NULL, 0,
|
||||
icvbuf);
|
||||
if (os_memcmp(icvbuf, pos, EAP_PAX_ICV_LEN) != 0) {
|
||||
if (os_memcmp_const(icvbuf, pos, EAP_PAX_ICV_LEN) != 0) {
|
||||
wpa_printf(MSG_INFO, "EAP-PAX: Invalid ICV in PAX_STD-2");
|
||||
wpa_hexdump(MSG_MSGDUMP, "EAP-PAX: Expected ICV",
|
||||
icvbuf, EAP_PAX_ICV_LEN);
|
||||
|
Loading…
Reference in New Issue
Block a user