factotum: replace custom hex parsing code with dec16() avoding timing side channels
This commit is contained in:
cinap_lenrek
parent
5cf5f6e9ac
commit
f7b0cc7a64
2 changed files with 5 additions and 54 deletions
|
|
@ -506,33 +506,6 @@ p9skclose(Fsstate *fss)
|
||||||
free(s);
|
free(s);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
|
||||||
unhex(char c)
|
|
||||||
{
|
|
||||||
if('0' <= c && c <= '9')
|
|
||||||
return c-'0';
|
|
||||||
if('a' <= c && c <= 'f')
|
|
||||||
return c-'a'+10;
|
|
||||||
if('A' <= c && c <= 'F')
|
|
||||||
return c-'A'+10;
|
|
||||||
abort();
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int
|
|
||||||
hexparse(char *hex, uchar *dat, int ndat)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
|
|
||||||
if(strlen(hex) != 2*ndat)
|
|
||||||
return -1;
|
|
||||||
if(hex[strspn(hex, "0123456789abcdefABCDEF")] != '\0')
|
|
||||||
return -1;
|
|
||||||
for(i=0; i<ndat; i++)
|
|
||||||
dat[i] = (unhex(hex[2*i])<<4)|unhex(hex[2*i+1]);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
p9skaddkey(Key *k, int before)
|
p9skaddkey(Key *k, int before)
|
||||||
{
|
{
|
||||||
|
|
@ -547,13 +520,13 @@ p9skaddkey(Key *k, int before)
|
||||||
akey = emalloc(sizeof(Authkey));
|
akey = emalloc(sizeof(Authkey));
|
||||||
if(s = _strfindattr(k->privattr, "!hex")){
|
if(s = _strfindattr(k->privattr, "!hex")){
|
||||||
if(k->proto == &dp9ik){
|
if(k->proto == &dp9ik){
|
||||||
if(hexparse(s, akey->aes, AESKEYLEN) < 0){
|
if(dec16(akey->aes, AESKEYLEN, s, strlen(s)) != AESKEYLEN){
|
||||||
free(akey);
|
free(akey);
|
||||||
werrstr("malformed key data");
|
werrstr("malformed key data");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if(hexparse(s, (uchar*)akey->des, DESKEYLEN) < 0){
|
if(dec16((uchar*)akey->des, DESKEYLEN, s, strlen(s)) != DESKEYLEN){
|
||||||
free(akey);
|
free(akey);
|
||||||
werrstr("malformed key data");
|
werrstr("malformed key data");
|
||||||
return -1;
|
return -1;
|
||||||
|
|
|
||||||
|
|
@ -35,35 +35,13 @@ struct State
|
||||||
uchar resp[PTKlen];
|
uchar resp[PTKlen];
|
||||||
};
|
};
|
||||||
|
|
||||||
static int
|
|
||||||
hextob(char *s, char **sp, uchar *b, int n)
|
|
||||||
{
|
|
||||||
int r;
|
|
||||||
|
|
||||||
n <<= 1;
|
|
||||||
for(r = 0; r < n && *s; s++){
|
|
||||||
*b <<= 4;
|
|
||||||
if(*s >= '0' && *s <= '9')
|
|
||||||
*b |= (*s - '0');
|
|
||||||
else if(*s >= 'a' && *s <= 'f')
|
|
||||||
*b |= 10+(*s - 'a');
|
|
||||||
else if(*s >= 'A' && *s <= 'F')
|
|
||||||
*b |= 10+(*s - 'A');
|
|
||||||
else break;
|
|
||||||
if((++r & 1) == 0)
|
|
||||||
b++;
|
|
||||||
}
|
|
||||||
if(sp != nil)
|
|
||||||
*sp = s;
|
|
||||||
return r >> 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static void
|
static void
|
||||||
pass2pmk(char *pass, char *ssid, uchar pmk[PMKlen])
|
pass2pmk(char *pass, char *ssid, uchar pmk[PMKlen])
|
||||||
{
|
{
|
||||||
if(hextob(pass, nil, pmk, PMKlen) == PMKlen)
|
int npass = strlen(pass);
|
||||||
|
if(npass == 2*PMKlen && dec16(pmk, PMKlen, pass, npass) == PMKlen)
|
||||||
return;
|
return;
|
||||||
pbkdf2_x((uchar*)pass, strlen(pass), (uchar*)ssid, strlen(ssid), 4096, pmk, PMKlen, hmac_sha1, SHA1dlen);
|
pbkdf2_x((uchar*)pass, npass, (uchar*)ssid, strlen(ssid), 4096, pmk, PMKlen, hmac_sha1, SHA1dlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue