grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Imminent bugfix release (1.97.1)


From: Vladimir 'phcoder' Serbinenko
Subject: Re: Imminent bugfix release (1.97.1)
Date: Tue, 10 Nov 2009 20:04:31 +0100
User-agent: Mozilla-Thunderbird 2.0.0.22 (X11/20091109)

Bean wrote:
> On Tue, Nov 10, 2009 at 10:25 PM, Duboucher Thomas <address@hidden> wrote:
>   
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Bean a écrit :
>>     
>>> Hi,
>>>
>>> Oh, I just come up with a better way to do this:
>>>
>>> typedef char grub_password_t[1024];
>>>
>>> int
>>> grub_auth_strcmp (const grub_password_t s1, const grub_password_t s2)
>>> {
>>>  char r1 = 0;
>>>  char r2 = 0;
>>>  char *p;
>>>  int i, c;
>>>
>>>  p = &r1;
>>>  c = 0;
>>>  for (i = 0; i < sizeof (grub_password_t); i++, s1++, s2++)
>>>    {
>>>      *p | = (*s1 ^ *s2);
>>>      if ((int) *s1 == c)
>>>        {
>>>        p = &r2;
>>>        c = 0x100;
>>>        }
>>>    }
>>>
>>>  return (r1 != 0);
>>> }
>>>
>>> The condition (int) *s1 == c would be true exactly once.
>>>
>>>       
>>        Well, it seems I lost something somewhere. I don't understand the need
>> of doing it exactly sizeof (grub_password_t) times, except from having a
>> perfectly symetric function. IMHO, stopping the comparison when the
>> input buffer is done reading, or when the maximum size of a passphrase
>> is reached does not leak any information to the attacker. So I would
>> stick to
>>
>> typedef char grub_password_t[1024];
>>
>>     
With this change grub_auth_strcmp becomes a misnomer. I would prefer to
call it grub_auth_memcmp then. I'll also look into which other free
secure strcmp are available
>> int
>> auth_strcmp (const grub_password_t input, grub_password_t key)
>> {
>>  int retval, it;
>>
>>  for (it = retval = 0; it < PASSPHRASE_MAXSIZE; it++, input++, key++)
>>  {
>>    retval |= (*input != *key);
>>
>>    if (*input == '\0')
>>      break;
>>  }
>>
>>  return !retval;
>> }
>>
>>        Also, take care that it requires to check how the function is
>> optimized; sometimes you have surprises ... ;)
>>     
>
> Hi,
>
> My previous function ensures that execution time is the same
> regardless of the input. Although it's not necessary, I guess it's a
> nice feature to have. BTW, the simpler function does leak one
> information, the size of buffer as the execution time would increase
> until the buffer size is reached.
>
>
>   


-- 
Regards
Vladimir 'phcoder' Serbinenko


Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]