diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-09-22 04:04:00 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-09-24 23:10:15 +0200 |
commit | 6ddb4753c62fd08f4da71a5d1bd4222de492a331 (patch) | |
tree | dcba7d7df5c810a4476fabdfb83e73a0205aba12 /src/config.c | |
parent | config: do not reset device port (diff) | |
download | wireguard-monolithic-historical-6ddb4753c62fd08f4da71a5d1bd4222de492a331.tar.xz wireguard-monolithic-historical-6ddb4753c62fd08f4da71a5d1bd4222de492a331.zip |
tools: use key_is_zero for comparing to zeros
Maybe an attacker on the system could use the infoleak in /proc to gauge
how long a wg(8) process takes to complete and determine the number of
leading zeros. This is somewhat ridiculous, but it's possible somebody
somewhere might at somepoint care in the future, so alright.
Diffstat (limited to 'src/config.c')
-rw-r--r-- | src/config.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/config.c b/src/config.c index af7d049..a4a6782 100644 --- a/src/config.c +++ b/src/config.c @@ -8,6 +8,7 @@ #include "hashtables.h" #include "peer.h" #include "uapi.h" +#include <crypto/algapi.h> static int set_device_port(struct wireguard_device *wg, u16 port) { @@ -86,7 +87,7 @@ static int set_peer(struct wireguard_device *wg, void __user *user_peer, size_t down_write(&peer->handshake.lock); memset(&peer->handshake.preshared_key, 0, NOISE_SYMMETRIC_KEY_LEN); up_write(&peer->handshake.lock); - } else if (memcmp(zeros, in_peer.preshared_key, WG_KEY_LEN)) { + } else if (crypto_memneq(zeros, in_peer.preshared_key, WG_KEY_LEN)) { down_write(&peer->handshake.lock); memcpy(&peer->handshake.preshared_key, in_peer.preshared_key, NOISE_SYMMETRIC_KEY_LEN); up_write(&peer->handshake.lock); @@ -165,7 +166,7 @@ int config_set_device(struct wireguard_device *wg, void __user *user_device) if (in_device.flags & WGDEVICE_REMOVE_PRIVATE_KEY) { noise_set_static_identity_private_key(&wg->static_identity, NULL); modified_static_identity = true; - } else if (memcmp(zeros, in_device.private_key, WG_KEY_LEN)) { + } else if (crypto_memneq(zeros, in_device.private_key, WG_KEY_LEN)) { u8 public_key[NOISE_PUBLIC_KEY_LEN] = { 0 }; struct wireguard_peer *peer; /* We remove before setting, to prevent race, which means doing two 25519-genpub ops. */ |