Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-11-22 14:49:24 +01:00
Code Releases Activity

eapol: Use constant-time comparison

Browse Source 
This closes the possibility of a timing attack against PMKIDs.
This commit is contained in:
Joseph Benden 2021-06-13 13:23:44 -07:00 committed by Denis Kenzior
parent 2a37dba4bf
commit 7436cef012
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/eapol.c
View File

@ -1142,7 +1142,8 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
goto error_unspecified; goto error_unspecified;
for (i = 0; i < rsn_info.num_pmkids; i++) for (i = 0; i < rsn_info.num_pmkids; i++)
if (!memcmp(rsn_info.pmkids + i * 16, pmkid, 16)) { if (!l_secure_memcmp(rsn_info.pmkids + i * 16,
pmkid, 16)) {
found = true; found = true;
break; break;
} }
@ -1155,7 +1156,7 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
if (!handshake_state_get_pmkid(sm->handshake, own_pmkid)) if (!handshake_state_get_pmkid(sm->handshake, own_pmkid))
goto error_unspecified; goto error_unspecified;
if (memcmp(pmkid, own_pmkid, 16)) { if (l_secure_memcmp(pmkid, own_pmkid, 16)) {
l_debug("Authenticator sent a PMKID that didn't match"); l_debug("Authenticator sent a PMKID that didn't match");
/* /*