Robert Millan wrote: > On Mon, Nov 09, 2009 at 06:46:16PM +0100, Duboucher Thomas wrote: > >> Ok, I typed this in a few minutes and I'm not confident either with >> what I wrote; I would check that it works first. ;) >> But the point here is that whatever the user gives as an input, it is >> executed exactly n-th times, n being the length of the user input; and >> that whatever the result of the 'if' statement is, the CPU realizes the >> same amount of operations. By doing so, the attacker will only find out >> how long it takes to make the comparison with a n caracters long input. >> > > Actually, modern CPUs are very complex and the number of operations (or > time taken by them) isn't easy to predict. > > It's generally a good practice to do exactly same operations independently of result just store the result in a separate variable it's how RSA is correctly implemented
for (n = grub_strlen (s1); n >= 0; n--)
{
if (*s1 != *s2)
ret |= 1;
else
ret |= 0;
s1++; s2++;
}
It's pproximately how my first attempt worked and it had this bug. If
you can propose a good and tested code of this kind I would be ok with it
--
Regards
Vladimir 'phcoder' Serbinenko
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
