Kernel
/
iwd
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git
3
0
Fork 0
Code Releases Activity

eapol: Use constant-time comparison 

This closes the possibility of a timing attack against PMKIDs.
This commit is contained in:
Joseph Benden 2021-06-13 13:23:44 -07:00 committed by Denis Kenzior
parent 2a37dba4bf
commit 7436cef012
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/eapol.c
View File

@ -1142,7 +1142,8 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
goto error_unspecified;
for (i = 0; i < rsn_info.num_pmkids; i++)
if (!memcmp(rsn_info.pmkids + i * 16, pmkid, 16)) {
if (!l_secure_memcmp(rsn_info.pmkids + i * 16,
pmkid, 16)) {
found = true;
break;
}
@ -1155,7 +1156,7 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
if (!handshake_state_get_pmkid(sm->handshake, own_pmkid))
goto error_unspecified;
if (memcmp(pmkid, own_pmkid, 16)) {
if (l_secure_memcmp(pmkid, own_pmkid, 16)) {
l_debug("Authenticator sent a PMKID that didn't match");
/*