loader: constant time key comparison

GCC seems to generate something that strongly resembles a constant time comparison, so I guess this should be good enough.
author: bptato <nincsnevem662@gmail.com> 2024-04-02 17:09:15 +0200
committer: bptato <nincsnevem662@gmail.com> 2024-04-02 17:19:47 +0200
commit: 481894279a86064ddfb1afddeae944f2e4bffb77 (patch)
tree: 6d5145e9819411c79bb9c8a4b7f196f8f5e855b3 /src
parent: dacba5fde35f07c86175db2e5ca22b6992681037 (diff)
download: chawan-481894279a86064ddfb1afddeae944f2e4bffb77.tar.gz
1 files changed, 13 insertions, 1 deletions
diff --git a/src/loader/loader.nim b/src/loader/loader.nim
index 9f64b440..37da64cb 100644
--- a/src/loader/loader.nim
+++ b/src/loader/loader.nim
@@ -613,6 +613,18 @@ proc resume(ctx: LoaderContext; stream: SocketStream; client: ClientData;
       output.registered = true
       ctx.selector.registerHandle(output.ostream.fd, {Write}, 0)
 
+proc equalsConstantTime(a, b: ClientKey): bool =
+  static:
+    doAssert a.len == b.len
+  {.push boundChecks:off, overflowChecks:off.}
+  var i {.volatile.} = 0
+  var res {.volatile.} = 0u8
+  while i < a.len:
+    res = res or (a[i] xor b[i])
+    inc i
+  {.pop.}
+  return res == 0
+
 proc acceptConnection(ctx: LoaderContext) =
   let stream = ctx.ssock.acceptSocketStream()
   try:
@@ -626,7 +638,7 @@ proc acceptConnection(ctx: LoaderContext) =
         stream.sclose()
         return
       let client = ctx.clientData[myPid]
-      if client.key != key:
+      if not client.key.equalsConstantTime(key):
         # ditto
         stream.sclose()
         return
author	bptato <nincsnevem662@gmail.com>	2024-04-02 17:09:15 +0200
committer	bptato <nincsnevem662@gmail.com>	2024-04-02 17:19:47 +0200
commit	481894279a86064ddfb1afddeae944f2e4bffb77 (patch)
tree	6d5145e9819411c79bb9c8a4b7f196f8f5e855b3 /src
parent	dacba5fde35f07c86175db2e5ca22b6992681037 (diff)
download	chawan-481894279a86064ddfb1afddeae944f2e4bffb77.tar.gz