From 6ddb4753c62fd08f4da71a5d1bd4222de492a331 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Fri, 22 Sep 2017 04:04:00 +0200 Subject: tools: use key_is_zero for comparing to zeros Maybe an attacker on the system could use the infoleak in /proc to gauge how long a wg(8) process takes to complete and determine the number of leading zeros. This is somewhat ridiculous, but it's possible somebody somewhere might at somepoint care in the future, so alright. --- src/tools/encoding.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'src/tools/encoding.c') diff --git a/src/tools/encoding.c b/src/tools/encoding.c index 389bbf7..3d5e94b 100644 --- a/src/tools/encoding.c +++ b/src/tools/encoding.c @@ -77,12 +77,12 @@ void key_to_hex(char hex[static WG_KEY_LEN_HEX], const uint8_t key[static WG_KEY bool key_from_hex(uint8_t key[static WG_KEY_LEN], const char *hex) { - uint8_t i, c, c_acc = 0, c_alpha0, c_alpha, c_num0, c_num, c_val, state = 0; + uint8_t c, c_acc = 0, c_alpha0, c_alpha, c_num0, c_num, c_val, state = 0; if (strlen(hex) != WG_KEY_LEN_HEX - 1) return false; - for (i = 0; i < WG_KEY_LEN_HEX - 1; ++i) { + for (unsigned int i = 0; i < WG_KEY_LEN_HEX - 1; ++i) { c = (uint8_t)hex[i]; c_num = c ^ 48U; c_num0 = (c_num - 10U) >> 8; @@ -99,3 +99,13 @@ bool key_from_hex(uint8_t key[static WG_KEY_LEN], const char *hex) } return true; } + +bool key_is_zero(const uint8_t key[static WG_KEY_LEN]) +{ + uint8_t acc = 0; + for (unsigned int i = 0; i < WG_KEY_LEN; ++i) { + acc |= key[i]; + __asm__ ("" : "=r" (acc) : "0" (acc)); + } + return acc == 0; +} -- cgit v1.2.3-59-g8ed1b