utils: delete handrolled constant time comparison function in favor of sodium_memcmp

Author: 1ma

CMakeLists.txt

@@ -33,7 +33,6 @@ add_executable(datum_gateway
 	src/datum_stratum_tests.c
 	src/datum_submitblock.c
 	src/datum_utils.c
-	src/datum_utils_tests.c
 	src/thirdparty_base58.c
 	src/thirdparty_segwit_addr.c
 	${CMAKE_CURRENT_BINARY_DIR}/web_resources.h

src/datum_api.c

@@ -37,6 +37,7 @@
 
 #include <assert.h>
 #include <limits.h>
+#include <sodium.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -431,7 +432,7 @@ int datum_api_do_error(struct MHD_Connection * const connection, const unsigned
 }
 
 bool datum_api_check_admin_password_only(struct MHD_Connection * const connection, const char * const password, const create_response_func_t auth_failure_response_creator) {
-	if (datum_secure_strequals(datum_config.api_admin_password, datum_config.api_admin_password_len, password) && datum_config.api_admin_password_len) {
+	if (sodium_memcmp(datum_config.api_admin_password, password, datum_config.api_admin_password_len) && datum_config.api_admin_password_len) {
 		return true;
 	}
 	DLOG_DEBUG("Wrong password in request");
@@ -491,7 +492,7 @@ bool datum_api_check_admin_password(struct MHD_Connection * const connection, co
 		datum_api_submit_uncached_response(connection, MHD_HTTP_FORBIDDEN, auth_failure_response_creator());
 		return false;
 	}
-	if (!datum_secure_strequals(datum_config.api_csrf_token, sizeof(datum_config.api_csrf_token)-1, json_string_value(j_csrf))) {
+	if (!sodium_memcmp(datum_config.api_csrf_token, json_string_value(j_csrf), sizeof(datum_config.api_csrf_token)-1)) {
 		DLOG_DEBUG("Wrong CSRF token in request");
 		datum_api_submit_uncached_response(connection, MHD_HTTP_FORBIDDEN, auth_failure_response_creator());
 		return false;

src/datum_gateway.c

@@ -83,7 +83,6 @@ struct arguments {
 
 void datum_stratum_tests(void);
 void datum_conf_tests(void);
-void datum_utils_tests(void);
 
 static error_t parse_opt(int key, char *arg, struct argp_state *state) {
 	struct arguments *arguments = state->input;
@@ -103,7 +102,6 @@ static error_t parse_opt(int key, char *arg, struct argp_state *state) {
 			exit(0);
 			break;
 		case 0x101:  // test
-			datum_utils_tests();
 			datum_conf_tests();
 			datum_stratum_tests();
 			exit(datum_test_failed);

src/datum_utils.c

@@ -825,19 +825,6 @@ void datum_reexec() {
 	abort();
 }
 
-bool datum_secure_strequals(const char *secret, size_t secret_len, const char *guess) {
-	const size_t guess_len = strlen(guess);
-	size_t acc = secret_len ^ guess_len;
-	if (!secret_len) {
-		secret = "";  // null byte avoids dereferencing out of bounds
-		secret_len = 1;
-	}
-	for (size_t i = 0; i < guess_len; ++i) {
-		acc |= ((size_t)guess[i]) ^ ((size_t)secret[i % secret_len]);
-	}
-	return !acc;
-}
-
 const char *dynamic_hash_unit(double * const inout_hashrate){
 	if (*inout_hashrate >= 1000000.0) {
 		*inout_hashrate /= 1000000.0;

src/datum_utils.h

@@ -86,7 +86,6 @@ int datum_atoi_strict(const char *s, size_t size);
 bool datum_str_to_bool_strict(const char *s, bool *out);
 char **datum_deepcopy_charpp(const char * const *p);
 void datum_reexec();
-bool datum_secure_strequals(const char *secret, const size_t secret_len, const char *guess);
 const char *dynamic_hash_unit(double *inout_hashrate);