Constant time comparison for mac

8123ce62 · Mark Haines · 2f2e0340 · 8123ce62 · 8123ce62 · 8123ce62
Commit 8123ce62 authored 10 years ago by Mark Haines
--- a/include/axolotl/memory.hh
+++ b/include/axolotl/memory.hh
 #include <cstddef>
+#include <cstdint>

 namespace axolotl {

 /** Clear the memory held in the buffer */
 void unset(
-    volatile void * buffer, std::size_t buffer_length
+    void volatile * buffer, std::size_t buffer_length
 );

 /** Clear the memory backing an object */
 template<typename T>
 void unset(T & value) {
-    unset(reinterpret_cast<volatile void *>(&value), sizeof(T));
+    unset(reinterpret_cast<void volatile *>(&value), sizeof(T));
 }

+/** Check if two buffers are equal in constant time. */
+bool is_equal(
+    std::uint8_t const * buffer_a,
+    std::uint8_t const * buffer_b,
+    std::size_t length
+);

 } // namespace axolotl
--- a/src/memory.cpp
+++ b/src/memory.cpp
 #include "axolotl/memory.hh"

+
 void axolotl::unset(
-    volatile void * buffer, std::size_t buffer_length
+    void volatile * buffer, std::size_t buffer_length
 ) {
-    volatile char * pos = reinterpret_cast<volatile char *>(buffer);
-    volatile char * end = pos + buffer_length;
+    char volatile * pos = reinterpret_cast<char volatile *>(buffer);
+    char volatile * end = pos + buffer_length;
    while (pos != end) {
        *(pos++) = 0;
    }
 }
+
+
+bool axolotl::is_equal(
+    std::uint8_t const * buffer_a,
+    std::uint8_t const * buffer_b,
+    std::size_t length
+) {
+    std::uint8_t volatile result = 0;
+    while (length--) {
+        result |= (*(buffer_a++)) ^ (*(buffer_b++));
+    }
+    return result == 0;
+}
--- a/src/ratchet.cpp
+++ b/src/ratchet.cpp
@@ -104,7 +104,7 @@ bool verify_mac(
        mac
    );

-    bool result = std::memcmp(mac, reader.mac, MAC_LENGTH) == 0;
+    bool result = axolotl::is_equal(mac, reader.mac, MAC_LENGTH);
    axolotl::unset(mac);
    return result;
 }