changeset 43:00c8f43be8b7

Secure HMAC comparison Fixes bug 67
author Robin Green <greenrd@greenrd.org>
date Sat, 02 Jul 2011 20:34:26 +0100
parents 1068de1623a5
children f8c9e1e4d337 71097b74400e
files include/openid.h src/c/openid.c src/ur/openid.ur src/ur/openidFfi.urs
diffstat 4 files changed, 11 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/include/openid.h	Sun Jun 12 18:12:47 2011 -0400
+++ b/include/openid.h	Sat Jul 02 20:34:26 2011 +0100
@@ -40,5 +40,6 @@
 uw_OpenidFfi_dh uw_OpenidFfi_generate(uw_context);
 uw_Basis_string uw_OpenidFfi_compute(uw_context, uw_OpenidFfi_dh, uw_Basis_string server_pub);
 uw_Basis_string uw_OpenidFfi_xor(uw_context, uw_Basis_string, uw_Basis_string);
+uw_Basis_bool uw_OpenidFfi_secCmp(uw_context, uw_Basis_string, uw_Basis_string);
 
 uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context, uw_OpenidFfi_outputs, uw_Basis_string mode);
--- a/src/c/openid.c	Sun Jun 12 18:12:47 2011 -0400
+++ b/src/c/openid.c	Sat Jul 02 20:34:26 2011 +0100
@@ -569,6 +569,14 @@
   return base64(ctx, bufO, len1);
 }
 
+uw_Basis_bool __attribute__((optimize(0))) uw_OpenidFfi_secCmp(uw_context ctx, uw_Basis_string s1, uw_Basis_string s2) {
+  int i, x = 0, len1 = strlen(s1);
+  if (len1 != strlen(s2)) return 0;
+  for (i = 0; i < len1; ++i)
+	  x |= s1[i] ^ s2[i];
+  return x == 0;
+}
+
 uw_OpenidFfi_inputs uw_OpenidFfi_remode(uw_context ctx, uw_OpenidFfi_outputs out, uw_Basis_string mode) {
   uw_OpenidFfi_inputs in = uw_OpenidFfi_createInputs(ctx);
   char *s;
--- a/src/ur/openid.ur	Sun Jun 12 18:12:47 2011 -0400
+++ b/src/ur/openid.ur	Sat Jul 02 20:34:26 2011 +0100
@@ -323,7 +323,7 @@
                                         HMAC_SHA256 => OpenidFfi.hmac_sha256 key nvps
                                       | HMAC_SHA1 => OpenidFfi.hmac_sha1 key nvps
                     in
-                        if sign' = sign then
+                        if secCmp sign' sign then
                             return None
                         else
                             return (Some "Signatures don't match")
--- a/src/ur/openidFfi.urs	Sun Jun 12 18:12:47 2011 -0400
+++ b/src/ur/openidFfi.urs	Sat Jul 02 20:34:26 2011 +0100
@@ -30,5 +30,6 @@
 val generate : transaction dh
 val compute : dh -> string -> transaction string
 val xor : string -> string -> string
+val secCmp : string -> string -> bool
 
 val remode : outputs -> string -> inputs