[PATCH 1/1] eapol: Use constant-time comparison

[PATCH 1/1] eapol: Use constant-time comparison

[Joseph Benden]

[-- Attachment #1: Type: text/plain, Size: 925 bytes --]

This closes the possibility of a timing attack against PMKIDs.
---
 src/eapol.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/eapol.c b/src/eapol.c
index f587e708..51fb3c92 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -1142,7 +1142,7 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
 			goto error_unspecified;
 
 		for (i = 0; i < rsn_info.num_pmkids; i++)
-			if (!memcmp(rsn_info.pmkids + i * 16, pmkid, 16)) {
+			if (!l_secure_memcmp(rsn_info.pmkids + i * 16, pmkid, 16)) {
 				found = true;
 				break;
 			}
@@ -1155,7 +1155,7 @@ static void eapol_handle_ptk_1_of_4(struct eapol_sm *sm,
 		if (!handshake_state_get_pmkid(sm->handshake, own_pmkid))
 			goto error_unspecified;
 
-		if (memcmp(pmkid, own_pmkid, 16)) {
+		if (l_secure_memcmp(pmkid, own_pmkid, 16)) {
 			l_debug("Authenticator sent a PMKID that didn't match");
 
 			/*
-- 
2.32.0

Re: [PATCH 1/1] eapol: Use constant-time comparison

[Denis Kenzior]

[-- Attachment #1: Type: text/plain, Size: 309 bytes --]

Hi Joseph,

On 6/13/21 3:23 PM, Joseph Benden wrote:
> This closes the possibility of a timing attack against PMKIDs.
> ---
>   src/eapol.c | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)
> 

Applied with a minor formatting tweak to the first chunk (>80 chars / line)

Regards,
-Denis