stdlib: Import timingsafe_bcmp() from FreeBSD

Some side-channel attacks involve an attacker inferring something from the time taken for a memory compare operation to complete, for example when comparing hashes during image authentication. To mitigate this, timingsafe_bcmp() must be used for such operations instead of the standard memcmp(). This function executes in constant time and so doesn't leak any timing information to the caller. Change-Id: I470a723dc3626a0ee6d5e3f7fd48d0a57b8aa5fd Signed-off-by: dp-arm <dimitris.papastamos@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2017-01-16 13:25:38 +00:00 · 2017-01-16 13:25:38 +00:00 · aa050a7bdb
parent 34438669d4
commit aa050a7bdb
3 changed files with 39 additions and 1 deletions
--- a/include/lib/stdlib/string.h
+++ b/include/lib/stdlib/string.h
@ -61,6 +61,7 @@ size_t	 strlen(const char *) __pure;
 int	 strncmp(const char *, const char *, size_t) __pure;
 size_t	 strnlen(const char *, size_t) __pure;
 int	 strcasecmp(const char *, const char *);
+int	 timingsafe_bcmp(const void *, const void *, size_t);

 __END_DECLS

--- a/lib/stdlib/stdlib.mk
+++ b/lib/stdlib/stdlib.mk
@ -42,7 +42,8 @@ STDLIB_SRCS	:=	$(addprefix lib/stdlib/,	\
 			strlen.c			\
 			strncmp.c			\
 			strnlen.c			\
-			subr_prf.c)
+			subr_prf.c			\
+			timingsafe_bcmp.c)

 INCLUDES	+=	-Iinclude/lib/stdlib		\
 			-Iinclude/lib/stdlib/sys
--- a/lib/stdlib/timingsafe_bcmp.c
+++ b/lib/stdlib/timingsafe_bcmp.c
@ -0,0 +1,36 @@
+/*	$OpenBSD: timingsafe_bcmp.c,v 1.3 2015/08/31 02:53:57 guenther Exp $	*/
+/*
+ * Copyright (c) 2010 Damien Miller.  All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <string.h>
+
+int __timingsafe_bcmp(const void *, const void *, size_t);
+
+int
+__timingsafe_bcmp(const void *b1, const void *b2, size_t n)
+{
+	const unsigned char *p1 = b1, *p2 = b2;
+	int ret = 0;
+
+	for (; n > 0; n--)
+		ret |= *p1++ ^ *p2++;
+	return (ret != 0);
+}
+
+__weak_reference(__timingsafe_bcmp, timingsafe_bcmp);