From: "Christian Göttsche" <cgoettsche@seltendoof.de>
To: selinux@vger.kernel.org
Cc: "Christian Göttsche" <cgzones@googlemail.com>
Subject: [RFC PATCH 1/3] newrole: constant time password comparison
Date: Mon, 8 Apr 2024 17:30:04 +0200 [thread overview]
Message-ID: <20240408153006.69840-1-cgoettsche@seltendoof.de> (raw)
From: Christian Göttsche <cgzones@googlemail.com>
Perform the password hash comparison in a time constant way to avoid
leaking the length of the identical prefix via a side-channel.
Since only hashes are compared leaking the total length is non critical.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
policycoreutils/newrole/newrole.c | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/policycoreutils/newrole/newrole.c b/policycoreutils/newrole/newrole.c
index 5a1a1129..1e01d2ef 100644
--- a/policycoreutils/newrole/newrole.c
+++ b/policycoreutils/newrole/newrole.c
@@ -338,6 +338,24 @@ static void memzero(void *ptr, size_t size)
}
}
+static int streq_constant(const char *userinput, const char *secret)
+{
+ const volatile char *x = userinput, *y = secret;
+ size_t i, u_len, s_len;
+ int ret = 0;
+
+ u_len = strlen(userinput);
+ s_len = strlen(secret);
+
+ if (u_len != s_len)
+ return 0;
+
+ for (i = 0; i < u_len; i++)
+ ret |= x[i] ^ y[i];
+
+ return ret == 0;
+}
+
/* authenticate_via_shadow_passwd()
*
* in: uname - the calling user's user name
@@ -383,7 +401,7 @@ static int authenticate_via_shadow_passwd(const char *uname)
return 0;
}
- ret = !strcmp(encrypted_password_s, p_shadow_line->sp_pwdp);
+ ret = streq_constant(encrypted_password_s, p_shadow_line->sp_pwdp);
memzero(encrypted_password_s, strlen(encrypted_password_s));
return ret;
}
--
2.43.0
next reply other threads:[~2024-04-08 15:30 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-08 15:30 Christian Göttsche [this message]
2024-04-08 15:30 ` [RFC PATCH 2/3] newrole: cleanse shadow data hold by libc Christian Göttsche
2024-04-08 15:30 ` [RFC PATCH 3/3] newrole: use ROWHAMMER resistant values Christian Göttsche
2024-04-09 17:56 ` [RFC PATCH 1/3] newrole: constant time password comparison Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240408153006.69840-1-cgoettsche@seltendoof.de \
--to=cgoettsche@seltendoof.de \
--cc=cgzones@googlemail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.