mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Use safe_mem_is_zero in a few more places.
I don't believe any of these represent a real timing vulnerability (remote timing against memcmp() on a modern CPU is not easy), but these are the ones where I believe we should be more careful.
This commit is contained in:
parent
309467c64e
commit
0034f10956
@ -226,7 +226,7 @@ load_ed_keys(const or_options_t *options, time_t now)
|
||||
tor_free(fname);
|
||||
}
|
||||
}
|
||||
if (tor_mem_is_zero((char*)id->seckey.seckey, sizeof(id->seckey)))
|
||||
if (safe_mem_is_zero((char*)id->seckey.seckey, sizeof(id->seckey)))
|
||||
sign_signing_key_with_id = NULL;
|
||||
else
|
||||
sign_signing_key_with_id = id;
|
||||
|
@ -19,6 +19,8 @@
|
||||
#include "feature/rend/rend_intro_point_st.h"
|
||||
#include "feature/rend/rend_service_descriptor_st.h"
|
||||
|
||||
#include "lib/ctime/di_ops.h"
|
||||
|
||||
/** Map from service id (as generated by rend_get_service_id) to
|
||||
* rend_cache_entry_t. */
|
||||
STATIC strmap_t *rend_cache = NULL;
|
||||
@ -889,7 +891,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
|
||||
if (intro_content && intro_size > 0) {
|
||||
int n_intro_points;
|
||||
if (rend_data->auth_type != REND_NO_AUTH &&
|
||||
!tor_mem_is_zero(rend_data->descriptor_cookie,
|
||||
!safe_mem_is_zero(rend_data->descriptor_cookie,
|
||||
sizeof(rend_data->descriptor_cookie))) {
|
||||
char *ipos_decrypted = NULL;
|
||||
size_t ipos_decrypted_size;
|
||||
|
@ -226,7 +226,7 @@ ed25519_keypair_generate(ed25519_keypair_t *keypair_out, int extra_strong)
|
||||
int
|
||||
ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
|
||||
{
|
||||
return tor_mem_is_zero((char*)pubkey->pubkey, ED25519_PUBKEY_LEN);
|
||||
return safe_mem_is_zero((char*)pubkey->pubkey, ED25519_PUBKEY_LEN);
|
||||
}
|
||||
|
||||
/* Return a heap-allocated array that contains <b>msg</b> prefixed by the
|
||||
|
@ -36,6 +36,7 @@
|
||||
|
||||
#include "lib/defs/digest_sizes.h"
|
||||
#include "lib/crypt_ops/crypto_digest.h"
|
||||
#include "lib/ctime/di_ops.h"
|
||||
|
||||
#ifdef ENABLE_NSS
|
||||
#include "lib/crypt_ops/crypto_nss_mgt.h"
|
||||
@ -314,7 +315,7 @@ crypto_strongest_rand_raw(uint8_t *out, size_t out_len)
|
||||
}
|
||||
}
|
||||
|
||||
if ((out_len < sanity_min_size) || !tor_mem_is_zero((char*)out, out_len))
|
||||
if ((out_len < sanity_min_size) || !safe_mem_is_zero((char*)out, out_len))
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user