Switch some obvious network stack MAC comparisons from bcmp() to

timingsafe_bcmp().

ok deraadt@; committed over WPA.

10 files changed, 21 insertions, 21 deletions

diff --git a/sys/crypto/key_wrap.c b/sys/crypto/key_wrap.c
index e99e74b9df2..b9009ad54b3 100644
--- a/sys/crypto/key_wrap.c
+++ b/sys/crypto/key_wrap.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: key_wrap.c,v 1.1 2008/08/12 15:43:00 damien Exp $	*/
+/*	$OpenBSD: key_wrap.c,v 1.2 2010/07/20 15:36:03 matthew Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -108,5 +108,5 @@ aes_key_unwrap(aes_key_wrap_ctx *ctx, const u_int8_t *C, u_int8_t *P, size_t n)
 	memset(B, 0, sizeof B);
 
 	/* check that A is an appropriate initial value */
-	return memcmp(A, IV, 8) != 0;
+	return timingsafe_bcmp(A, IV, 8) != 0;
 }
diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c
index f2af5381f69..69ee2eeeec2 100644
--- a/sys/net/if_spppsubr.c
+++ b/sys/net/if_spppsubr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_spppsubr.c,v 1.80 2010/05/01 08:14:26 mk Exp $	*/
+/*	$OpenBSD: if_spppsubr.c,v 1.81 2010/07/20 15:36:03 matthew Exp $	*/
 /*
  * Synchronous PPP/Cisco link level subroutines.
  * Keepalive protocol implemented in both Cisco and PPP modes.
@@ -3903,7 +3903,7 @@ sppp_chap_input(struct sppp *sp, struct mbuf *m)
 #define SUCCMSG "Welcome!"
 
 		if (value_len != sizeof digest ||
-		    bcmp(digest, value, value_len) != 0) {
+		    timingsafe_bcmp(digest, value, value_len) != 0) {
 			/* action scn, tld */
 			sppp_auth_send(&chap, sp, CHAP_FAILURE, h->ident,
 				       sizeof(FAILMSG) - 1, (u_char *)FAILMSG,
diff --git a/sys/net80211/ieee80211_crypto.c b/sys/net80211/ieee80211_crypto.c
index 64ab098eae5..28afffa824c 100644
--- a/sys/net80211/ieee80211_crypto.c
+++ b/sys/net80211/ieee80211_crypto.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ieee80211_crypto.c,v 1.58 2009/02/13 17:24:54 damien Exp $	*/
+/*	$OpenBSD: ieee80211_crypto.c,v 1.59 2010/07/20 15:36:03 matthew Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -485,7 +485,7 @@ ieee80211_eapol_key_check_mic(struct ieee80211_eapol_key *key,
 	memset(key->mic, 0, EAPOL_KEY_MIC_LEN);
 	ieee80211_eapol_key_mic(key, kck);
 
-	return memcmp(key->mic, mic, EAPOL_KEY_MIC_LEN) != 0;
+	return timingsafe_bcmp(key->mic, mic, EAPOL_KEY_MIC_LEN) != 0;
 }
 
 #ifndef IEEE80211_STA_ONLY
diff --git a/sys/net80211/ieee80211_crypto_bip.c b/sys/net80211/ieee80211_crypto_bip.c
index efa96835521..b69fac41d73 100644
--- a/sys/net80211/ieee80211_crypto_bip.c
+++ b/sys/net80211/ieee80211_crypto_bip.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ieee80211_crypto_bip.c,v 1.2 2009/01/26 19:09:41 damien Exp $	*/
+/*	$OpenBSD: ieee80211_crypto_bip.c,v 1.3 2010/07/20 15:36:03 matthew Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -201,7 +201,7 @@ ieee80211_bip_decap(struct ieee80211com *ic, struct mbuf *m0,
 	AES_CMAC_Final(mic, &ctx->cmac);
 
 	/* check that MIC matches the one in MMIE */
-	if (memcmp(mic, mic0, 8) != 0) {
+	if (timingsafe_bcmp(mic, mic0, 8) != 0) {
 		ic->ic_stats.is_cmac_icv_errs++;
 		m_freem(m0);
 		return NULL;
diff --git a/sys/net80211/ieee80211_crypto_ccmp.c b/sys/net80211/ieee80211_crypto_ccmp.c
index d491c20168f..4b246d088aa 100644
--- a/sys/net80211/ieee80211_crypto_ccmp.c
+++ b/sys/net80211/ieee80211_crypto_ccmp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ieee80211_crypto_ccmp.c,v 1.10 2009/09/24 16:03:10 damien Exp $	*/
+/*	$OpenBSD: ieee80211_crypto_ccmp.c,v 1.11 2010/07/20 15:36:03 matthew Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -445,7 +445,7 @@ ieee80211_ccmp_decrypt(struct ieee80211com *ic, struct mbuf *m0,
 
 	/* check that it matches the MIC in received frame */
 	m_copydata(m, moff, IEEE80211_CCMP_MICLEN, mic0);
-	if (memcmp(mic0, b, IEEE80211_CCMP_MICLEN) != 0) {
+	if (timingsafe_bcmp(mic0, b, IEEE80211_CCMP_MICLEN) != 0) {
 		ic->ic_stats.is_ccmp_dec_errs++;
 		m_freem(m0);
 		m_freem(n0);
diff --git a/sys/net80211/ieee80211_crypto_tkip.c b/sys/net80211/ieee80211_crypto_tkip.c
index ffd04f79e87..08375f263ad 100644
--- a/sys/net80211/ieee80211_crypto_tkip.c
+++ b/sys/net80211/ieee80211_crypto_tkip.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ieee80211_crypto_tkip.c,v 1.17 2009/10/30 20:32:25 damien Exp $	*/
+/*	$OpenBSD: ieee80211_crypto_tkip.c,v 1.18 2010/07/20 15:36:03 matthew Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -454,7 +454,7 @@ ieee80211_tkip_decrypt(struct ieee80211com *ic, struct mbuf *m0,
 	/* compute TKIP MIC over decrypted message */
 	ieee80211_tkip_mic(n0, hdrlen, ctx->rxmic, mic);
 	/* check that it matches the MIC in received frame */
-	if (memcmp(mic0, mic, IEEE80211_TKIP_MICLEN) != 0) {
+	if (timingsafe_bcmp(mic0, mic, IEEE80211_TKIP_MICLEN) != 0) {
 		m_freem(m0);
 		m_freem(n0);
 		ic->ic_stats.is_rx_locmicfail++;
diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c
index eae796f36af..013c0fdb9ad 100644
--- a/sys/netinet/ip_ah.c
+++ b/sys/netinet/ip_ah.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ah.c,v 1.97 2010/07/09 16:58:06 reyk Exp $ */
+/*	$OpenBSD: ip_ah.c,v 1.98 2010/07/20 15:36:03 matthew Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -815,7 +815,7 @@ ah_input_cb(void *op)
 		ptr = (caddr_t) (tc + 1);
 
 		/* Verify authenticator. */
-		if (bcmp(ptr + skip + rplen, calc, ahx->authsize)) {
+		if (timingsafe_bcmp(ptr + skip + rplen, calc, ahx->authsize)) {
 			free(tc, M_XDATA);
 
 			DPRINTF(("ah_input(): authentication failed for "
diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c
index af64fd19e40..0ba78e71bf3 100644
--- a/sys/netinet/ip_carp.c
+++ b/sys/netinet/ip_carp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_carp.c,v 1.175 2010/04/25 17:38:53 mpf Exp $	*/
+/*	$OpenBSD: ip_carp.c,v 1.176 2010/07/20 15:36:03 matthew Exp $	*/
 
 /*
  * Copyright (c) 2002 Michael Shalayeff. All rights reserved.
@@ -392,7 +392,7 @@ carp_hmac_verify(struct carp_vhost_entry *vhe, u_int32_t counter[2],
 
 	for (i = 0; i < HMAC_MAX; i++) { 
 		carp_hmac_generate(vhe, counter, md2, i);
-		if (!bcmp(md, md2, sizeof(md2)))
+		if (!timingsafe_bcmp(md, md2, sizeof(md2)))
 			return (0);
 	}
 	return (1);
diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c
index 66f50499e50..a843c0eb18e 100644
--- a/sys/netinet/ip_esp.c
+++ b/sys/netinet/ip_esp.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_esp.c,v 1.110 2010/07/09 16:58:06 reyk Exp $ */
+/*	$OpenBSD: ip_esp.c,v 1.111 2010/07/20 15:36:03 matthew Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -559,7 +559,7 @@ esp_input_cb(void *op)
 			ptr = (caddr_t) (tc + 1);
 
 			/* Verify authenticator */
-			if (bcmp(ptr, aalg, esph->authsize)) {
+			if (timingsafe_bcmp(ptr, aalg, esph->authsize)) {
 				free(tc, M_XDATA);
 				DPRINTF(("esp_input_cb(): authentication failed for packet in SA %s/%08x\n", ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
 				espstat.esps_badauth++;
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 3516af7deb8..d923a3c6713 100644
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tcp_input.c,v 1.234 2010/07/09 16:58:06 reyk Exp $	*/
+/*	$OpenBSD: tcp_input.c,v 1.235 2010/07/20 15:36:03 matthew Exp $	*/
 /*	$NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $	*/
 
 /*
@@ -2351,7 +2351,7 @@ tcp_dooptions(struct tcpcb *tp, u_char *cp, int cnt, struct tcphdr *th,
 			if (optlen != TCPOLEN_SIGNATURE)
 				continue;
 
-			if (sigp && bcmp(sigp, cp + 2, 16))
+			if (sigp && timingsafe_bcmp(sigp, cp + 2, 16))
 				return (-1);
 
 			sigp = cp + 2;
@@ -2419,7 +2419,7 @@ tcp_dooptions(struct tcpcb *tp, u_char *cp, int cnt, struct tcphdr *th,
 		if (tcp_signature(tdb, tp->pf, m, th, iphlen, 1, sig) < 0)
 			return (-1);
 
-		if (bcmp(sig, sigp, 16)) {
+		if (timingsafe_bcmp(sig, sigp, 16)) {
 			tcpstat.tcps_rcvbadsig++;
 			return (-1);
 		}