KEYS: trusted_tpm1: Compare HMAC values in constant time
commit eed0e3d3 upstream. To prevent timing attacks, HMAC value comparison needs to be constant time. Replace the memcmp() with the correct function, crypto_memneq(). [For the Fixes commit I used the commit that introduced the memcmp(). It predates the introduction of crypto_memneq(), but it was still a bug at the time even though a helper function didn't exist yet.] Fixes: d00a1c72 ("keys: add new trusted key-type") Cc: stable@vger.kernel.org Signed-off-by:Eric Biggers <ebiggers@kernel.org> Reviewed-by:
Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Loading
Please sign in to comment