remove memcmp

arun-babu · Mar 30, 2022 · d1d9a6f · d1d9a6f
1 parent ee38ee3
commit d1d9a6f
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 8 deletions.
diff --git a/freestyle.c b/freestyle.c
@@ -109,11 +109,11 @@ static void freestyle_ivsetup (
  const u8* const iv,
  const u32 counter)
 {
- x->input[COUNTER] = counter;
+ x->input[COUNTER] = counter;
 
- x->input[IV0] = U8TO32_LITTLE(iv + 0);
- x->input[IV1] = U8TO32_LITTLE(iv + 4);
- x->input[IV2] = U8TO32_LITTLE(iv + 8);
+ x->input[IV0] = U8TO32_LITTLE(iv + 0);
+ x->input[IV1] = U8TO32_LITTLE(iv + 4);
+ x->input[IV2] = U8TO32_LITTLE(iv + 8);
 }
 
 static void freestyle_roundsetup (
@@ -889,6 +889,16 @@ void freestyle_hash_password_with_pepper (
  );
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+ u8 diff = 0;
+
+ for (size_t i = 0; i < length; ++i)
+ diff |= (a[i] ^ b[i]);
+
+ return diff;
+}
+
 bool freestyle_verify_password_hash (
  const char* const password,
  const u8* const salt,
@@ -961,5 +971,5 @@ bool freestyle_verify_password_hash (
  &expected_hash
  );
 
- return (0 == memcmp(plaintext,salt,hash_len));
+ return (0 == safe_bcmp(plaintext,salt,hash_len));
 }
diff --git a/optimized/8-32/freestyle.c b/optimized/8-32/freestyle.c
@@ -1142,6 +1142,16 @@ void freestyle_hash_password_with_pepper (
  );
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+ u8 diff = 0;
+
+ for (size_t i = 0; i < length; ++i)
+ diff |= (a[i] ^ b[i]);
+
+ return diff;
+}
+
 bool freestyle_verify_password_hash (
  const char* const password,
  const u8* const salt,
@@ -1216,5 +1226,5 @@ bool freestyle_verify_password_hash (
  &expected_hash
  );
 
- return (0 == memcmp(plaintext,salt,hash_len));
+ return (0 == safe_bcmp(plaintext,salt,hash_len));
 }
diff --git a/optimized/merged/freestyle.c b/optimized/merged/freestyle.c
@@ -1127,6 +1127,16 @@ void freestyle_hash_password_with_pepper (
  );
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+ u8 diff = 0;
+
+ for (size_t i = 0; i < length; ++i)
+ diff |= (a[i] ^ b[i]);
+
+ return diff;
+}
+
 bool freestyle_verify_password_hash (
  const char* const password,
  const u8* const salt,
@@ -1201,5 +1211,5 @@ bool freestyle_verify_password_hash (
  &expected_hash
  );
 
- return (0 == memcmp(plaintext,salt,hash_len));
+ return (0 == safe_bcmp(plaintext,salt,hash_len));
 }
diff --git a/side-channel-attack-resistance/freestyle.c b/side-channel-attack-resistance/freestyle.c
@@ -925,6 +925,16 @@ void freestyle_hash_password_with_pepper (
  );
 }
 
+static bool safe_bcmp (const u8 *a, const u8 *b, const size_t length)
+{
+ u8 diff = 0;
+
+ for (size_t i = 0; i < length; ++i)
+ diff |= (a[i] ^ b[i]);
+
+ return diff;
+}
+
 bool freestyle_verify_password_hash (
  const char* const password,
  const u8* const salt,
@@ -997,5 +1007,5 @@ bool freestyle_verify_password_hash (
  &expected_hash
  );
 
- return (0 == memcmp(plaintext,salt,hash_len));
+ return (0 == safe_bcmp(plaintext,salt,hash_len));
 }