# HG changeset patch
# User Robin Green <greenrd@greenrd.org>
# Date 1309635266 -3600
# Node ID 00c8f43be8b7e4cc7f3da3160ffe2947d9ddc584
# Parent  1068de1623a53b02b732a28b8bccf047da86ce9e
Secure HMAC comparison
Fixes bug 67

diff -r 1068de1623a5 -r 00c8f43be8b7 include/openid.h
--- a/include/openid.h	Sun Jun 12 18:12:47 2011 -0400
+++ b/include/openid.h	Sat Jul 02 20:34:26 2011 +0100
@@ -40,5 +40,6 @@
 uw_OpenidFfi_dh uw_OpenidFfi_generate(uw_context);
 uw_Basis_string uw_OpenidFfi_compute(uw_context, uw_OpenidFfi_dh, uw_Basis_string server_pub);
 uw_Basis_string uw_OpenidFfi_xor(uw_context, uw_Basis_string, uw_Basis_string);
+uw_Basis_bool uw_OpenidFfi_secCmp(uw_context, uw_Basis_string, uw_Basis_string);
 
 uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context, uw_OpenidFfi_outputs, uw_Basis_string mode);
diff -r 1068de1623a5 -r 00c8f43be8b7 src/c/openid.c
--- a/src/c/openid.c	Sun Jun 12 18:12:47 2011 -0400
+++ b/src/c/openid.c	Sat Jul 02 20:34:26 2011 +0100
@@ -569,6 +569,14 @@
   return base64(ctx, bufO, len1);
 }
 
+uw_Basis_bool __attribute__((optimize(0))) uw_OpenidFfi_secCmp(uw_context ctx, uw_Basis_string s1, uw_Basis_string s2) {
+  int i, x = 0, len1 = strlen(s1);
+  if (len1 != strlen(s2)) return 0;
+  for (i = 0; i < len1; ++i)
+	  x |= s1[i] ^ s2[i];
+  return x == 0;
+}
+
 uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context ctx, uw_OpenidFfi_outputs out, uw_Basis_string mode) {
   uw_OpenidFfi_inputs in = uw_OpenidFfi_createInputs(ctx);
   char *s;
diff -r 1068de1623a5 -r 00c8f43be8b7 src/ur/openid.ur
--- a/src/ur/openid.ur	Sun Jun 12 18:12:47 2011 -0400
+++ b/src/ur/openid.ur	Sat Jul 02 20:34:26 2011 +0100
@@ -323,7 +323,7 @@
                                         HMAC_SHA256 => OpenidFfi.hmac_sha256 key nvps
                                       | HMAC_SHA1 => OpenidFfi.hmac_sha1 key nvps
                     in
-                        if sign' = sign then
+                        if secCmp sign' sign then
                             return None
                         else
                             return (Some "Signatures don't match")
diff -r 1068de1623a5 -r 00c8f43be8b7 src/ur/openidFfi.urs
--- a/src/ur/openidFfi.urs	Sun Jun 12 18:12:47 2011 -0400
+++ b/src/ur/openidFfi.urs	Sat Jul 02 20:34:26 2011 +0100
@@ -30,5 +30,6 @@
 val generate : transaction dh
 val compute : dh -> string -> transaction string
 val xor : string -> string -> string
+val secCmp : string -> string -> bool
 
 val remode : outputs -> string -> inputs