Re: Imminent bugfix release (1.97.1)

[Duboucher Thomas]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bean a écrit :
> Hi,
> 
> Oh, I just come up with a better way to do this:
> 
> typedef char grub_password_t[1024];
> 
> int
> grub_auth_strcmp (const grub_password_t s1, const grub_password_t s2)
> {
>  char r1 = 0;
>  char r2 = 0;
>  char *p;
>  int i, c;
> 
>  p = &r1;
>  c = 0;
>  for (i = 0; i < sizeof (grub_password_t); i++, s1++, s2++)
>    {
>      *p | = (*s1 ^ *s2);
>      if ((int) *s1 == c)
>        {
>        p = &r2;
>        c = 0x100;
>        }
>    }
> 
>  return (r1 != 0);
> }
> 
> The condition (int) *s1 == c would be true exactly once.
> 

        Well, it seems I lost something somewhere. I don't understand the need
of doing it exactly sizeof (grub_password_t) times, except from having a
perfectly symetric function. IMHO, stopping the comparison when the
input buffer is done reading, or when the maximum size of a passphrase
is reached does not leak any information to the attacker. So I would
stick to

typedef char grub_password_t[1024];

int
auth_strcmp (const grub_password_t input, grub_password_t key)
{
  int retval, it;

  for (it = retval = 0; it < PASSPHRASE_MAXSIZE; it++, input++, key++)
  {
    retval |= (*input != *key);

    if (*input == '\0')
      break;
  }

  return !retval;
}

        Also, take care that it requires to check how the function is
optimized; sometimes you have surprises ... ;)

        Thomas.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkr5d90ACgkQBV7eXqefhqio+QCfba54+l45DiQNyI3IzfnwgvVe
tbUAnRTPI+yYSZoVZLfM9fze7c7cvRQN
=EjYS
-----END PGP SIGNATURE-----