Make TsigVerify's MAC comparison take constant time

2014-01-24 03:28:08 +00:00 · 2014-01-24 03:28:08 +00:00 · 857a1c66cb
parent fd12a9cea4
commit 857a1c66cb
1 changed files with 11 additions and 6 deletions
--- a/tsig.go
+++ b/tsig.go
@ -217,12 +217,17 @@ func TsigVerify(msg []byte, secret, requestMAC string, timersOnly bool) error {
 	if err != nil {
 		return err
 	}
-	// Srtip the TSIG from the incoming msg
+	// Strip the TSIG from the incoming msg
 	stripped, tsig, err := stripTsig(msg)
 	if err != nil {
 		return err
 	}

+	msgMAC, err := hex.DecodeString(tsig.MAC)
+	if err != nil {
+		return err
+	}
+
 	buf := tsigBuffer(stripped, tsig, requestMAC, timersOnly)
 	ti := uint64(time.Now().Unix()) - tsig.TimeSigned
 	if uint64(tsig.Fudge) < ti {
@ -232,16 +237,16 @@ func TsigVerify(msg []byte, secret, requestMAC string, timersOnly bool) error {
 	var h hash.Hash
 	switch tsig.Algorithm {
 	case HmacMD5:
-		h = hmac.New(md5.New, []byte(rawsecret))
+		h = hmac.New(md5.New, rawsecret)
 	case HmacSHA1:
-		h = hmac.New(sha1.New, []byte(rawsecret))
+		h = hmac.New(sha1.New, rawsecret)
 	case HmacSHA256:
-		h = hmac.New(sha256.New, []byte(rawsecret))
+		h = hmac.New(sha256.New, rawsecret)
 	default:
 		return ErrKeyAlg
 	}
-	io.WriteString(h, string(buf))
-	if strings.ToUpper(hex.EncodeToString(h.Sum(nil))) != strings.ToUpper(tsig.MAC) {
+	h.Write(buf)
+	if !hmac.Equal(h.Sum(nil), msgMAC) {
 		return ErrSig
 	}
 	return nil