diff options
Diffstat (limited to 'main/wpa_supplicant/0016-SAE-Use-const_time_memcmp-for-pwd_value-prime-compar.patch')
-rw-r--r-- | main/wpa_supplicant/0016-SAE-Use-const_time_memcmp-for-pwd_value-prime-compar.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/main/wpa_supplicant/0016-SAE-Use-const_time_memcmp-for-pwd_value-prime-compar.patch b/main/wpa_supplicant/0016-SAE-Use-const_time_memcmp-for-pwd_value-prime-compar.patch new file mode 100644 index 00000000000..073f1e3ce10 --- /dev/null +++ b/main/wpa_supplicant/0016-SAE-Use-const_time_memcmp-for-pwd_value-prime-compar.patch @@ -0,0 +1,31 @@ +From e43f08991f00820c1f711ca254021d5f83b5cd7d Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <jouni@codeaurora.org> +Date: Thu, 25 Apr 2019 18:52:34 +0300 +Subject: [PATCH 1/6] SAE: Use const_time_memcmp() for pwd_value >= prime + comparison + +This reduces timing and memory access pattern differences for an +operation that could depend on the used password. + +Signed-off-by: Jouni Malinen <jouni@codeaurora.org> +(cherry picked from commit 8e14b030e558d23f65d761895c07089404e61cf1) +--- + src/common/sae.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/common/sae.c b/src/common/sae.c +index 5a50294a6..0d56e5505 100644 +--- a/src/common/sae.c ++++ b/src/common/sae.c +@@ -317,7 +317,7 @@ static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, + wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", + pwd_value, sae->tmp->prime_len); + +- if (os_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0) ++ if (const_time_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0) + return 0; + + x_cand = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len); +-- +2.20.1 + |