diff options
| author | Matthew Wild <mwild1@gmail.com> | 2021-05-10 16:24:54 +0100 |
|---|---|---|
| committer | Matthew Wild <mwild1@gmail.com> | 2021-05-10 16:24:54 +0100 |
| commit | f5460a5037f0dda1b02873ee189bf38685933529 (patch) | |
| tree | ce151036b0bc07c52e7c823c6cd585544afbc42a | |
| parent | 4c4e764e23cd7d103868a73a0cdb5a7bdcaa4bea (diff) | |
| download | prosody-f5460a5037f0dda1b02873ee189bf38685933529.tar.gz prosody-f5460a5037f0dda1b02873ee189bf38685933529.zip | |
util.hashes: Add constant-time string comparison (binding to CRYPTO_memcmp)
| -rw-r--r-- | util-src/hashes.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/util-src/hashes.c b/util-src/hashes.c index 903ecb6e..b16eb03f 100644 --- a/util-src/hashes.c +++ b/util-src/hashes.c @@ -23,6 +23,7 @@ typedef unsigned __int32 uint32_t; #include "lua.h" #include "lauxlib.h" +#include <openssl/crypto.h> #include <openssl/sha.h> #include <openssl/md5.h> #include <openssl/hmac.h> @@ -189,6 +190,18 @@ static int LscramHi(lua_State *L) { return 1; } +static int Lhash_equals(lua_State *L) { + size_t len1, len2; + const char *s1 = luaL_checklstring(L, 1, &len1); + const char *s2 = luaL_checklstring(L, 2, &len2); + if(len1 == len2) { + lua_pushboolean(L, CRYPTO_memcmp(s1, s2, len1) == 0); + } else { + lua_pushboolean(L, 0); + } + return 1; +} + static const luaL_Reg Reg[] = { { "sha1", Lsha1 }, { "sha224", Lsha224 }, @@ -201,6 +214,7 @@ static const luaL_Reg Reg[] = { { "hmac_sha512", Lhmac_sha512 }, { "hmac_md5", Lhmac_md5 }, { "scram_Hi_sha1", LscramHi }, + { "equals", Lhash_equals }, { NULL, NULL } }; |