Software /
code /
prosody
Changeset
11541:13b84682518e 0.11
util.hashes: Add constant-time string comparison (binding to CRYPTO_memcmp)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Mon, 10 May 2021 16:24:54 +0100 |
parents | 11540:1937b3c3efb5 |
children | 11542:c358537c0878 |
files | util-src/hashes.c |
diffstat | 1 files changed, 14 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/util-src/hashes.c Fri May 07 17:03:49 2021 +0100 +++ b/util-src/hashes.c Mon May 10 16:24:54 2021 +0100 @@ -23,6 +23,7 @@ #include "lua.h" #include "lauxlib.h" +#include <openssl/crypto.h> #include <openssl/sha.h> #include <openssl/md5.h> #include <openssl/hmac.h> @@ -189,6 +190,18 @@ return 1; } +static int Lhash_equals(lua_State *L) { + size_t len1, len2; + const char *s1 = luaL_checklstring(L, 1, &len1); + const char *s2 = luaL_checklstring(L, 2, &len2); + if(len1 == len2) { + lua_pushboolean(L, CRYPTO_memcmp(s1, s2, len1) == 0); + } else { + lua_pushboolean(L, 0); + } + return 1; +} + static const luaL_Reg Reg[] = { { "sha1", Lsha1 }, { "sha224", Lsha224 }, @@ -201,6 +214,7 @@ { "hmac_sha512", Lhmac_sha512 }, { "hmac_md5", Lhmac_md5 }, { "scram_Hi_sha1", LscramHi }, + { "equals", Lhash_equals }, { NULL, NULL } };