Skip to content

Commit

Permalink
Introduce constant-time memcmp and use it for snmpv3_get_engine_boots
Browse files Browse the repository at this point in the history
See #65118
  • Loading branch information
goldsimon committed Jan 9, 2024
1 parent 09d929f commit 25de99d
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 1 deletion.
2 changes: 1 addition & 1 deletion src/apps/snmp/snmp_msg.c
Original file line number Diff line number Diff line change
Expand Up @@ -1058,7 +1058,7 @@ snmp_parse_inbound_frame(struct snmp_request *request)
IF_PARSE_EXEC(snmpv3_get_user((char *)request->msg_user_name, &auth, key, NULL, NULL));
IF_PARSE_EXEC(snmpv3_auth(&auth_stream, request->inbound_pbuf->tot_len, key, auth, hmac));

if (memcmp(request->msg_authentication_parameters, hmac, SNMP_V3_MAX_AUTH_PARAM_LENGTH)) {
if (lwip_memcmp_consttime(request->msg_authentication_parameters, hmac, SNMP_V3_MAX_AUTH_PARAM_LENGTH)) {
snmp_stats.wrongdigests++;
request->msg_flags = SNMP_V3_NOAUTHNOPRIV;
request->error_status = SNMP_ERR_AUTHORIZATIONERROR;
Expand Down
23 changes: 23 additions & 0 deletions src/core/def.c
Original file line number Diff line number Diff line change
Expand Up @@ -261,3 +261,26 @@ lwip_itoa(char *result, size_t bufsize, int number)
memmove(res, tmp, (size_t)((result + bufsize) - tmp));
}
#endif

#ifndef lwip_memcmp_consttime
/**
* @ingroup sys_nonstandard
* The goal of this function is to compare memory with constant runtime in order to prevent
* timing attacks to various parts in the stack.
* To do that, in contrast to memcmp(), it only returns:
* 0: equal
* != 0: not equal
*/
int lwip_memcmp_consttime(const void* s1, const void* s2, size_t len)
{
size_t i;
const unsigned char* a1 = s1;
const unsigned char* a2 = s2;
unsigned char ret = 0;

for (i = 0; i < len; i++) {
ret |= a1[i] ^ a2[i];
}
return ret;
}
#endif
10 changes: 10 additions & 0 deletions src/include/lwip/def.h
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,16 @@ char* lwip_strnstr(const char* buffer, const char* token, size_t n);
/* This can be #defined to strnistr() depending on your platform */
char* lwip_strnistr(const char* buffer, const char* token, size_t n);
#endif
#ifndef lwip_memcmp_consttime
/* This could be #defined to something existing on your platform
* The goal of this function is to compare memory with constant runtime in order to prevent
* timing attacks to various parts in the stack.
* To do that, in contrast to memcmp(), it only returns:
* 0: equal
* != 0: not equal
*/
int lwip_memcmp_consttime(const void* s1, const void* s2, size_t len);
#endif

#ifdef __cplusplus
}
Expand Down

0 comments on commit 25de99d

Please sign in to comment.