wifi: check tkip/ccmp mac and crc in constant time avoiding timing side channels

2016-01-14 23:39:29 +01:00 · 2016-01-14 23:39:29 +01:00 · 4a47b264ac
parent a57a6e511f
commit 4a47b264ac
1 changed files with 3 additions and 4 deletions
--- a/sys/src/9/pc/wifi.c
+++ b/sys/src/9/pc/wifi.c
@ -1429,8 +1429,7 @@ tkipdecrypt(Wkey *k, Wifipkt *w, Block *b, uvlong tsc)
 		(ulong)b->wp[2]<<16 |
 		(ulong)b->wp[3]<<24;
 	crc = ~crc;
-	if(ethercrc(b->rp, BLEN(b)) != crc)
-		return -1;
+	crc ^= ethercrc(b->rp, BLEN(b));

 	b->wp -= 8;
 	micsetup(&ms, k->key+16);
@ -1440,7 +1439,7 @@ tkipdecrypt(Wkey *k, Wifipkt *w, Block *b, uvlong tsc)
 	micupdate(&ms, b->rp, BLEN(b));
 	micfinish(&ms, mic);

-	return memcmp(b->wp, mic, 8) != 0;
+	return tsmemcmp(b->wp, mic, 8) | crc;
 }

 static uchar*
@ -1561,7 +1560,7 @@ aesCCMdecrypt(int L, int M, uchar *N /* N[15-L] */,
 	for(p = sblock(L, N, 0, b, s), x = t; p < &b[M]; x++, p++)
 		*x ^= *p;

-	return memcmp(m, t, M) != 0;
+	return tsmemcmp(m, t, M);
 }

 static int