diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-09-22 04:04:00 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-09-24 23:10:15 +0200 |
commit | 9ef84af8c0bc31d1e56d0a66a9ed909c1edfdd5d (patch) | |
tree | 3dd4bd5755c51637e5852cd7f5addce5fd1f94dc /src/encoding.h | |
parent | contrib: add sticky sockets example code (diff) | |
download | wireguard-tools-9ef84af8c0bc31d1e56d0a66a9ed909c1edfdd5d.tar.xz wireguard-tools-9ef84af8c0bc31d1e56d0a66a9ed909c1edfdd5d.zip |
wg: use key_is_zero for comparing to zeros
Maybe an attacker on the system could use the infoleak in /proc to gauge
how long a wg(8) process takes to complete and determine the number of
leading zeros. This is somewhat ridiculous, but it's possible somebody
somewhere might at somepoint care in the future, so alright.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src/encoding.h')
-rw-r--r-- | src/encoding.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/encoding.h b/src/encoding.h index f4fe51e..9db4c6e 100644 --- a/src/encoding.h +++ b/src/encoding.h @@ -16,4 +16,6 @@ bool key_from_base64(uint8_t key[static WG_KEY_LEN], const char *base64); void key_to_hex(char hex[static WG_KEY_LEN_HEX], const uint8_t key[static WG_KEY_LEN]); bool key_from_hex(uint8_t key[static WG_KEY_LEN], const char *hex); +bool key_is_zero(const uint8_t key[static WG_KEY_LEN]); + #endif |