From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1N7Yn0-0005FY-KM for mharc-grub-devel@gnu.org; Mon, 09 Nov 2009 13:16:30 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1N7Ymy-0005F7-Dq for grub-devel@gnu.org; Mon, 09 Nov 2009 13:16:28 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1N7Ymt-0005CS-Q0 for grub-devel@gnu.org; Mon, 09 Nov 2009 13:16:28 -0500 Received: from [199.232.76.173] (port=40308 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1N7Ymt-0005CJ-Km for grub-devel@gnu.org; Mon, 09 Nov 2009 13:16:23 -0500 Received: from mail-ew0-f228.google.com ([209.85.219.228]:44889) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1N7Ymt-0007vF-8O for grub-devel@gnu.org; Mon, 09 Nov 2009 13:16:23 -0500 Received: by ewy28 with SMTP id 28so4297019ewy.42 for ; Mon, 09 Nov 2009 10:16:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type; bh=XQEfaHlBEt5X0bMROXejN10GaH5ecwu7m1OW3nEzSPA=; b=ge6/xw0QvbsMESYkF4pTXsvj2lT4qeesDfnvuiuK2h4P3eDKIlvmwKSipKoB4o5LaZ 1RTDRxChL6QkNqPEJB6DkJWUCpcWM91GgElcWTpH7O7IBCq3Ud1v/69YxocsxNYkhLnc +Ez7FNqCyDdXKEkyVXjjflpjvPkcFy94OXyOI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type; b=ezGf/IvbIBT83u8V82LX0KVuhecLL58e+U+ze4Njo41iyFjjfS8O4zreZKKGzb6YFQ aH6zt7846U4vSW7HX5qdEp3vy3ROZI1UqGlZbq2weqdDf3dSVlK+91McYkslXRVcg+Y1 P7BJhepOJwHpYhHcd+UfrxfaGXH/wLkLRmXsc= Received: by 10.213.23.207 with SMTP id s15mr9609272ebb.57.1257790581741; Mon, 09 Nov 2009 10:16:21 -0800 (PST) Received: from debian.bg45.phnet (gprs01.swisscom-mobile.ch [193.247.250.1]) by mx.google.com with ESMTPS id 24sm7184828eyx.21.2009.11.09.10.16.20 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 09 Nov 2009 10:16:21 -0800 (PST) Message-ID: <4AF85C54.3080302@gmail.com> Date: Mon, 09 Nov 2009 19:15:48 +0100 From: Vladimir 'phcoder' Serbinenko User-Agent: Mozilla-Thunderbird 2.0.0.22 (X11/20090701) MIME-Version: 1.0 To: The development of GNU GRUB References: <20091109010422.GA23417@thorin> <4AF81E2C.2090700@gmail.com> <4AF82868.6090803@gmail.com> <4AF85568.7080105@duboucher.eu> <20091109181010.GA7372@thorin> In-Reply-To: <20091109181010.GA7372@thorin> X-Enigmail-Version: 0.95.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig12506EB04F4B1B87FD242AD5" X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2) Subject: Re: Imminent bugfix release (1.97.1) X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Nov 2009 18:16:29 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig12506EB04F4B1B87FD242AD5 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Robert Millan wrote: > On Mon, Nov 09, 2009 at 06:46:16PM +0100, Duboucher Thomas wrote: > =20 >> Ok, I typed this in a few minutes and I'm not confident either with >> what I wrote; I would check that it works first. ;) >> But the point here is that whatever the user gives as an input, it is= >> executed exactly n-th times, n being the length of the user input; and= >> that whatever the result of the 'if' statement is, the CPU realizes th= e >> same amount of operations. By doing so, the attacker will only find ou= t >> how long it takes to make the comparison with a n caracters long input= =2E >> =20 > > Actually, modern CPUs are very complex and the number of operations (or= > time taken by them) isn't easy to predict. > > =20 It's generally a good practice to do exactly same operations independently of result just store the result in a separate variable it's how RSA is correctly implemented for (n =3D grub_strlen (s1); n >=3D 0; n--) { if (*s1 !=3D *s2) ret |=3D 1; else ret |=3D 0; s1++; s2++; } It's pproximately how my first attempt worked and it had this bug. If you can propose a good and tested code of this kind I would be ok with it= --=20 Regards Vladimir 'phcoder' Serbinenko --------------enig12506EB04F4B1B87FD242AD5 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iF4EAREKAAYFAkr4XHMACgkQNak7dOguQgkgxQD9FM4RKXRa77exPSok/D5Jj0Ft IDIR5ghGBt+2i4RviGEBAIsqYv0+HrbDGc1HDgfz8dbDBd3gsNPVqApmY359FpdW =JVw1 -----END PGP SIGNATURE----- --------------enig12506EB04F4B1B87FD242AD5--