challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

commit 3b2ba8d5037b6c75065deb8cccaa0a9165731319
parent 6e4f2b8aab871ccb5ceb21228f959164d38fa4eb
Author: Christian Grothoff <grothoff@gnunet.org>
Date:   Sat, 18 Jul 2026 00:59:36 +0200

use TALER_strcmp_ct()

Diffstat:
Msrc/challenger/challenger-httpd_token.c | 41+++++++++--------------------------------
1 file changed, 9 insertions(+), 32 deletions(-)

diff --git a/src/challenger/challenger-httpd_token.c b/src/challenger/challenger-httpd_token.c @@ -33,32 +33,6 @@ #define MAX_RETRIES 3 -/** - * Compare two NUL-terminated strings @a a and @a b in constant time - * with respect to their contents. Used for comparing secret/MAC - * material (authorization codes, PKCE challenges) to avoid leaking - * information via a timing oracle, as plain strcmp() short-circuits - * at the first differing byte. Note that the string lengths may - * still leak, which is acceptable here as the token length is not - * a secret at all. - * - * @param a first string - * @param b second string - * @return 0 if the strings are equal, non-zero otherwise - */ -static int -ct_strcmp (const char *a, - const char *b) -{ - size_t alen = strlen (a); - - if (strlen (b) != alen) - return 1; - return GNUNET_memcmp_ct_ (a, - b, - alen); -} - /** * Context for a /token operation. @@ -639,8 +613,9 @@ CH_handler_token (struct CH_HandlerContext *hc, "Failed to encode hash to Base64 URL"); } - if (0 != ct_strcmp (encoded_hash, - code_challenge)) + if (0 != + TALER_strcmp_ct (encoded_hash, + code_challenge)) { GNUNET_break_op (0); json_decref (address); @@ -661,8 +636,9 @@ CH_handler_token (struct CH_HandlerContext *hc, } break; case CHALLENGER_CM_PLAIN: - if (0 != ct_strcmp (bc->code_verifier, - code_challenge)) + if (0 != + TALER_strcmp_ct (bc->code_verifier, + code_challenge)) { GNUNET_break_op (0); json_decref (address); @@ -723,8 +699,9 @@ CH_handler_token (struct CH_HandlerContext *hc, GNUNET_free (client_redirect_uri); GNUNET_free (client_state); GNUNET_free (code_challenge); - if (0 != ct_strcmp (code, - bc->code)) + if (0 != + TALER_strcmp_ct (code, + bc->code)) { GNUNET_break_op (0); GNUNET_free (code);