lndc: use constant time comparison to verify DH proof

This commit is contained in:
Olaoluwa Osuntokun 2016-04-24 12:37:27 -07:00
parent ea49b15e70
commit fc06c7bffb

@ -3,6 +3,7 @@ package lndc
import ( import (
"bytes" "bytes"
"crypto/cipher" "crypto/cipher"
"crypto/hmac"
"encoding/binary" "encoding/binary"
"fmt" "fmt"
"net" "net"
@ -181,7 +182,7 @@ func (c *LNDConn) authPubKey(
// Verify that their proof matches our locally computed version. // Verify that their proof matches our locally computed version.
theirDHproof := btcutil.Hash160(append(localEphPubBytes, idDH[:]...)) theirDHproof := btcutil.Hash160(append(localEphPubBytes, idDH[:]...))
if bytes.Equal(resp, theirDHproof) == false { if !hmac.Equal(resp, theirDHproof) {
return fmt.Errorf("invalid DH proof %x", theirDHproof) return fmt.Errorf("invalid DH proof %x", theirDHproof)
} }
@ -232,7 +233,7 @@ func (c *LNDConn) authPKH(
theirDHproof := btcutil.Hash160(append(localEphPubBytes, idDH[:]...)) theirDHproof := btcutil.Hash160(append(localEphPubBytes, idDH[:]...))
// Verify that their DH proof matches the one we just generated. // Verify that their DH proof matches the one we just generated.
if bytes.Equal(resp[33:], theirDHproof) == false { if !hmac.Equal(resp[33:], theirDHproof) {
return fmt.Errorf("Invalid DH proof %x", theirDHproof) return fmt.Errorf("Invalid DH proof %x", theirDHproof)
} }