RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 04:57:45 +00:00
Code Issues Activity Actions

LibCore: Use timing_safe_compare to compare password hash values

Browse source 
This is not strictly required, as we are comparing hashes, not the
password it self. However given this is generic code that could be
used anywhere in the system, it seems prudent to be cautious and
make sure we don't inadvertently leak any information about the hash
via timing attacks in future usages of `LibCore::Account`.

Reported-by: Jessica Hamilton <jessica.l.hamilton@gmail.com>
This commit is contained in:
Brian Gianforcaro 2022-03-12 21:50:31 -08:00 committed by Brian Gianforcaro
parent 390666b9fa
commit 3ab2b90744
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Userland/Libraries/LibCore/Account.cpp
View file

@ -1,10 +1,12 @@
/* /*
* Copyright (c) 2020, Peter Elliott <pelliott@serenityos.org> * Copyright (c) 2020, Peter Elliott <pelliott@serenityos.org>
* Copyright (c) 2021-2022, Brian Gianforcaro <bgianf@serenityos.org>
* *
* SPDX-License-Identifier: BSD-2-Clause * SPDX-License-Identifier: BSD-2-Clause
*/ */
#include <AK/Base64.h> #include <AK/Base64.h>
#include <AK/Memory.h>
#include <AK/Random.h> #include <AK/Random.h>
#include <AK/ScopeGuard.h> #include <AK/ScopeGuard.h>
#include <LibCore/Account.h> #include <LibCore/Account.h>
@ -134,7 +136,7 @@ bool Account::authenticate(SecretString const& password) const
// FIXME: Use crypt_r if it can be built in lagom. // FIXME: Use crypt_r if it can be built in lagom.
char* hash = crypt(password.characters(), m_password_hash.characters()); char* hash = crypt(password.characters(), m_password_hash.characters());
return hash != nullptr && strcmp(hash, m_password_hash.characters()) == 0; return hash != nullptr && AK::timing_safe_compare(hash, m_password_hash.characters(), m_password_hash.length());
} }
bool Account::login() const bool Account::login() const