# HG changeset patch # User Robin Green # Date 1309635266 -3600 # Node ID 00c8f43be8b7e4cc7f3da3160ffe2947d9ddc584 # Parent 1068de1623a53b02b732a28b8bccf047da86ce9e Secure HMAC comparison Fixes bug 67 diff -r 1068de1623a5 -r 00c8f43be8b7 include/openid.h --- a/include/openid.h Sun Jun 12 18:12:47 2011 -0400 +++ b/include/openid.h Sat Jul 02 20:34:26 2011 +0100 @@ -40,5 +40,6 @@ uw_OpenidFfi_dh uw_OpenidFfi_generate(uw_context); uw_Basis_string uw_OpenidFfi_compute(uw_context, uw_OpenidFfi_dh, uw_Basis_string server_pub); uw_Basis_string uw_OpenidFfi_xor(uw_context, uw_Basis_string, uw_Basis_string); +uw_Basis_bool uw_OpenidFfi_secCmp(uw_context, uw_Basis_string, uw_Basis_string); uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context, uw_OpenidFfi_outputs, uw_Basis_string mode); diff -r 1068de1623a5 -r 00c8f43be8b7 src/c/openid.c --- a/src/c/openid.c Sun Jun 12 18:12:47 2011 -0400 +++ b/src/c/openid.c Sat Jul 02 20:34:26 2011 +0100 @@ -569,6 +569,14 @@ return base64(ctx, bufO, len1); } +uw_Basis_bool __attribute__((optimize(0))) uw_OpenidFfi_secCmp(uw_context ctx, uw_Basis_string s1, uw_Basis_string s2) { + int i, x = 0, len1 = strlen(s1); + if (len1 != strlen(s2)) return 0; + for (i = 0; i < len1; ++i) + x |= s1[i] ^ s2[i]; + return x == 0; +} + uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context ctx, uw_OpenidFfi_outputs out, uw_Basis_string mode) { uw_OpenidFfi_inputs in = uw_OpenidFfi_createInputs(ctx); char *s; diff -r 1068de1623a5 -r 00c8f43be8b7 src/ur/openid.ur --- a/src/ur/openid.ur Sun Jun 12 18:12:47 2011 -0400 +++ b/src/ur/openid.ur Sat Jul 02 20:34:26 2011 +0100 @@ -323,7 +323,7 @@ HMAC_SHA256 => OpenidFfi.hmac_sha256 key nvps | HMAC_SHA1 => OpenidFfi.hmac_sha1 key nvps in - if sign' = sign then + if secCmp sign' sign then return None else return (Some "Signatures don't match") diff -r 1068de1623a5 -r 00c8f43be8b7 src/ur/openidFfi.urs --- a/src/ur/openidFfi.urs Sun Jun 12 18:12:47 2011 -0400 +++ b/src/ur/openidFfi.urs Sat Jul 02 20:34:26 2011 +0100 @@ -30,5 +30,6 @@ val generate : transaction dh val compute : dh -> string -> transaction string val xor : string -> string -> string +val secCmp : string -> string -> bool val remode : outputs -> string -> inputs